Upgrade V8 to version 4.9.385.28 https://chromium.googlesource.com/v8/v8/+/4.9.385.28 FPIIM-449 Change-Id: I4b2e74289d4bf3667f2f3dc8aa2e541f63e26eb4

commit: 4a90d5fbbb6802c59093b866f3478a814bf02b95 [log] [tgz]
author: Ben Murdoch <benm@google.com> Tue Mar 22 12:00:34 2016 +0000
committer: Dirk Vogt <dirk@fairphone.com> Fri Mar 17 16:05:42 2017 +0100
tree: 486867e3a04e7f17454c94a4c97891bb0e237f1f
parent: 3821a70061b1b2077ee51c70eda717bddac94f58 [diff] [blame]
diff --git a/test/mjsunit/regress/regress-3985.js b/test/mjsunit/regress/regress-3985.js
new file mode 100644
index 0000000..6dbc4bd
--- /dev/null
+++ b/test/mjsunit/regress/regress-3985.js

@@ -0,0 +1,45 @@
+// Copyright 2015 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Flags: --allow-natives-syntax
+
+var shouldThrow = false;
+
+function h() {
+  try {  // Prevent inlining in Crankshaft.
+  } catch(e) { }
+  var res = g.arguments[0].x;
+  if (shouldThrow) {
+    throw res;
+  }
+  return res;
+}
+
+function g(o) { h(); }
+
+function f1() {
+  var o = { x : 1 };
+  g(o);
+  return o.x;
+}
+
+function f2() {
+  var o = { x : 2 };
+  g(o);
+  return o.x;
+}
+
+f1();
+f2();
+f1();
+f2();
+%OptimizeFunctionOnNextCall(f1);
+%OptimizeFunctionOnNextCall(f2);
+shouldThrow = true;
+try { f1(); } catch(e) {
+  assertEquals(e, 1);
+}
+try { f2(); } catch(e) {
+  assertEquals(e, 2);
+}
commit	4a90d5fbbb6802c59093b866f3478a814bf02b95	[log] [tgz]
author	Ben Murdoch <benm@google.com>	Tue Mar 22 12:00:34 2016 +0000
committer	Dirk Vogt <dirk@fairphone.com>	Fri Mar 17 16:05:42 2017 +0100
tree	486867e3a04e7f17454c94a4c97891bb0e237f1f
parent	3821a70061b1b2077ee51c70eda717bddac94f58 [diff] [blame]