- 17 Jul, 2020 9 commits
-
-
Michael Achenbach authored
TBR=tmrts@chromium.org No-Try: true Bug: chromium:1106435 Change-Id: I52657b4ee924e5e0133b0784bc12a0d75f94ec9d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2304586Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#68915}
-
Michael Achenbach authored
This reverts commit 0ba1c23c. Reason for revert: Doesn't work yet Original change's description: > [release] Replace raw DEPS processing with gclient getdep > > No-Try: true > Bug: chromium:1106435 > Change-Id: I120d3930e4e8be7010d8d1f1928829ca0882638d > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2304578 > Reviewed-by: Tamer Tas <tmrts@chromium.org> > Commit-Queue: Michael Achenbach <machenbach@chromium.org> > Cr-Commit-Position: refs/heads/master@{#68913} TBR=machenbach@chromium.org,tmrts@chromium.org,liviurau@chromium.org Change-Id: I76e02bfa50fdc5967ab72784cd71114bb82b7261 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:1106435 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2304585Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#68914}
-
Michael Achenbach authored
No-Try: true Bug: chromium:1106435 Change-Id: I120d3930e4e8be7010d8d1f1928829ca0882638d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2304578Reviewed-by: Tamer Tas <tmrts@chromium.org> Commit-Queue: Michael Achenbach <machenbach@chromium.org> Cr-Commit-Position: refs/heads/master@{#68913}
-
Daniel Bevenius authored
This commit moves the d8 Synopsis/Usage string from flags.cc into d8.cc. The motivation for this is that Commit c8679386 ("[snapshot] enable mksnapshot usage to be displayed") enabled a usage string to be passed into means mksnapshot --help will first print it's own usage string followed by d8's. FlagList: :SetFlagsFromCommandLine and be printed, but FlagList: :PrintHelp currently still prints the Synopsis for d8 which Change-Id: I9c79b2cdc5570106e12096c0c53e640cf80742e9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2299365Reviewed-by: Dan Elphick <delphick@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#68912}
-
Zeynep Cankara authored
This CL changes colors of map panel and layout of IC panel legend for organize UI better. Bug: v8:10673, v8:10644 Change-Id: Iead0a82fcdae09a9368d30b493565615e24dcc2e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2301932Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Zeynep Cankara <zcankara@google.com> Cr-Commit-Position: refs/heads/master@{#68911}
-
Clemens Backes authored
This reverts commit 1ec8f1da. Reason for revert: Fails presubmit: https://ci.chromium.org/p/v8/builders/ci/V8%20Presubmit/11696 Original change's description: > [presubmit] Add JS formatting for tools/system-analyzer > > Bug: v8:10670 > Change-Id: Ifb653ada003719faff261b6e5b2169db37cffdaf > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2282522 > Reviewed-by: Tamer Tas <tmrts@chromium.org> > Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> > Cr-Commit-Position: refs/heads/master@{#68909} TBR=gsathya@chromium.org,tmrts@chromium.org Change-Id: I0824ede745b5fe054b8e9984440f6013de271b83 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:10670 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2304577Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#68910}
-
Sathya Gunasekaran authored
Bug: v8:10670 Change-Id: Ifb653ada003719faff261b6e5b2169db37cffdaf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2282522Reviewed-by: Tamer Tas <tmrts@chromium.org> Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#68909}
-
Zeynep Cankara authored
This CL moves the timeline related methods of the map model into timeline panel to encapsulate timeline web component. Bug: v8:10673, v8:10644 Change-Id: Ie82ca8dc920cb64bd5ba81ead1a346492bd2b738 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2302893Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Zeynep Cankara <zcankara@google.com> Cr-Commit-Position: refs/heads/master@{#68908}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/a96f200..a101f69 Rolling v8/third_party/aemu-linux-x64: 7UW9Qc56aQ1K23_T0oZ9qoVs9Hbuka0eN2NRy-z2UV0C..DGIj4lLT8ky5-X2nCeWM01poovHhDF8f2Lyu7xDeEjoC Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/0ea0cd5..19856e6 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/ed9e5ac..233589f TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com Change-Id: I087560a179e85f664e7bb9a499b6bbf7d8b85324 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2302797Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#68907}
-
- 16 Jul, 2020 27 commits
-
-
Ng Zhi An authored
SSE requires operand0 to be a register, since we don't have memory alignment yet. AVX can have performance issues for unaligned access. Bug: v8:9198,chromium:1106285 Change-Id: Ic587d9e0d601664cf6010061d74b22740ba47702 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2303590Reviewed-by: Bill Budge <bbudge@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#68906}
-
Igor Sheludko authored
... by migrating old-style code MyObject* obj = new (zone) MyObject(...) to the new style MyObject* obj = zone->New<MyObject>(...) ... and prohibiting accidental use of the old-style. Bug: v8:10689 Change-Id: Id75774ac12e3d0f95cb3a538066dffbf7815e438 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2300490 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#68905}
-
Igor Sheludko authored
1) turn static methods to instance ones. 2) change New/Delete to NewArray/DeleteArray getting array length as argument instead of raw size. 3) propagate type tags through allocate/delete methods of existing AllocationPolicy classes. This will allow implementing accounting of deallocated zone memory. Bug: v8:10572 Change-Id: Ib41c646044814ac6d75d50b2847bbb8964ce25d3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2300489Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#68904}
-
Shu-yu Guo authored
Bug: chromium:1105318 Change-Id: I7b1c57b7ff7beaaa53c19a270d5a8c36b11baf17 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2301082Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/master@{#68903}
-
Zeynep Cankara authored
This CL depreciates the TransitionView Class of the app model to handle map transition only within map model. It isolates the Map Panel to comply web component standards. Bug: v8:10667, v8:10644 Change-Id: Idf8ca58744aacd0159ee4af6e71886374385377e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2300541 Commit-Queue: Zeynep Cankara <zcankara@google.com> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/master@{#68902}
-
Victor Gomes authored
Change-Id: I46efe24dc9d2513fc8d099ef4af9e25ddf3ea697 Bug: v8:10201 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2302049 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/master@{#68901}
-
Dominik Inführ authored
Replacing EnsureSweepingCompleted() with DrainSweepingWorklistForSpace() caused sweeping to be completed later. This resulted in longer scavenger pauses, since the scavenger had to stop & resume sweeping more often. To avoid this, the scavenger now completes sweeping when all pages are swept. Bug: chromium:1106295, v8:10315 Change-Id: Ia46efdfb1f2492e9228f0349936be32a467f502b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2301935Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#68900}
-
Zeynep Cankara authored
This CL adds a helper class for commonly used helper methods inside web components, decreasing the amount of duplicated code across the app. Bug: v8:10667, v8:10644 Change-Id: I754396a9b3598d0930a82fc487857e946bfd3805 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2299359Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Zeynep Cankara <zcankara@google.com> Cr-Commit-Position: refs/heads/master@{#68899}
-
Yuki Shiino authored
Property descriptor interceptor may and may not throw an exception. If it's thrown, V8 has to propagate the exception appropriately. Especially HTML ([1][2]) requires that the cross origin case of getOwnPropertyDescriptor throws a SecurityError. Hence, Blink is going to throw a SecurityError in the cross origin descriptor interceptor. Then, this fix is necessary. [1] https://html.spec.whatwg.org/C#windowproxy-getownproperty [2] https://html.spec.whatwg.org/C#location-getownproperty Change-Id: I7e3a92f1a16f1a2cda3818fd585a89fd83989003 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2297076Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Yuki Shiino <yukishiino@chromium.org> Cr-Commit-Position: refs/heads/master@{#68898}
-
Victor Gomes authored
This is exactly the same issue as in https://crrev.com/c/2299364 for test-torque.cc Change-Id: I066d93918c94d0c68278c72d9b60ec92a1c5f68b Bug: v8:10201 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2300546 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/master@{#68897}
-
Igor Sheludko authored
... this reduces the size of VariableMap object by one word which in turn reduces zone memory pressure. The Scope class which contains VariableMap as a field is usually in top 5 of all allocated objects in zone memory. Bug: v8:9923 Change-Id: I79c6bd9ae97db72f24b831fd5e3733d8d7e4c0fd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2300486 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#68896}
-
Zeynep Cankara authored
This CL deletes the duplicated getters and setters for timeline in Stats panel. Change-Id: I3a08cfc84e6d099084cb5eeb0e25526a76a891a0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2301930Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Zeynep Cankara <zcankara@google.com> Cr-Commit-Position: refs/heads/master@{#68895}
-
Igor Sheludko authored
... which might use an outdated result of a lookup. Currently it's not an issue, since we don't reuse container's backing stores allocated in zone memory. Bug: v8:7790 Change-Id: I30cc0ba747fd704403422711d1f1a5952fe6d68c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2301931 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#68894}
-
Jakob Kummerow authored
We must perform "smi-checks" before loading an object's map whenever the object might be an i31ref. Bug: v8:7748 Change-Id: I2d9839ddcb0c2e8c35b9bea38afe50d55dd084cb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2299370Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#68893}
-
Jakob Kummerow authored
Bug: v8:7748 Change-Id: I30eb7b08b40159e399730eef5866e1f0fbf706e1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2299368 Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#68892}
-
Omer Katz authored
This CL ports MarkingVerifier from blink. The existing verifier checks only references on heap. This new verifier checks references both on heap and on stack. Bug: chromium:1056170 Change-Id: I083dcb0087125312cca34a2201015a9aecfe6ea4 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2300484 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#68891}
-
Kim-Anh Tran authored
This prevents v8 to send too many breakpoints and thus exceed the maximum length for a message in mojo. Bug: chromium:1105172 Change-Id: I2af21f117d24c52d2f0df6294f15f091b84b1a75 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2300542Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Kim-Anh Tran <kimanh@chromium.org> Cr-Commit-Position: refs/heads/master@{#68890}
-
Mythri A authored
We cannot allocate large arrays exceeding the size of kMaxRegularHeapObjectSize in young space. Bailout of optimization in such cases. Bug: chromium:1105746 Change-Id: I4f7357c2dd7b3e70d747f9067660725ecf6ae768 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2300481Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#68889}
-
Victor Gomes authored
Rest arguments were using the builtin NewArgumentsElements to create its backing store. This does work when the rest elements are a suffix of the arguments in the stack, but this is not the case when V8_REVERSE_JSARGS is enabled. This CL ports the builtin to Torque and fix the previous issues with V8_REVERSE_JSARGS. Change-Id: I82db0dfd409d909336f34312f62c379ca5929e1e Bug: v8:10201 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2284988Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/master@{#68888}
-
Zeynep Cankara authored
This CL adds global state management methods into the App Class. Thus, make it easier to control global state of the web app. Bug: v8:10667, v8:10644 Change-Id: I9e37c3e851a3912ebc6c672eb4372f77d20a989c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2300482 Commit-Queue: Zeynep Cankara <zcankara@google.com> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#68887}
-
Dominik Inführ authored
Now that --concurrent-inlining is already using LocalHeaps and requires a global safepoint, let's measure how long it takes to stop-the-world. Bug: v8:10315 Change-Id: I90f451448199fd43b9991849f4343f77e4aa3813 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2300544Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#68886}
-
Tobias Tebbi authored
Bug: v8:7793 Change-Id: Ie573b3feef58329d524e51c942b67cf0525963ff Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2300545 Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#68885}
-
Anton Bikineev authored
This is an attempt to fix a build failure in MSVC14.26.28801. Bug: v8:10691 Change-Id: Ic4b994b14e1ac70ab95f3da53bd7be382e38a4b8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2300540Reviewed-by: Omer Katz <omerkatz@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/master@{#68884}
-
Anton Bikineev authored
Otherwice, accesses in subsequent allocations may fail. Bug: chromium:1101152 Change-Id: Ie8bd87e3ef68b532c8fa6ef85f757c930cbe35fd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2300485Reviewed-by: Omer Katz <omerkatz@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/master@{#68883}
-
Georg Neis authored
Bug: v8:7790, v8:10711, chromium:1105815, v8:10315 Change-Id: I94e7db3ce2247f6c59fa51a65f35591850bbd002 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2300543 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#68882}
-
Dominik Inführ authored
Fixes build on some configurations with GCC/libstdc++. Bug: v8:10708, v8:10315 Change-Id: I8f1c98e9143aa05b49b2a2d74f2024c093a5df29 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2299378 Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#68881}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/7a85719..a96f200 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/49d9f03..0ea0cd5 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/35dec5f..ed9e5ac Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/58914a5..6412135 TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com Change-Id: Ib59c4e7948961c356bc22e708ecb18213461ace6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2301068Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#68880}
-
- 15 Jul, 2020 4 commits
-
-
Igor Sheludko authored
... which gets the zone from its ZoneAllocationPolicy instance. This recovers memory regression caused by adding an AllocationPolicy instance into TemplateHashMapImpl and therefore to VariableMap. Bug: v8:10572 Change-Id: I7962b49e5f2669307e58b3ed7b1f29bab1c42cad Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2298002Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#68879}
-
Santiago Aboy Solanes authored
In this test we both search and insert a transition in the main thread, while the background thread searches. Bug: v8:7790 Change-Id: Ic899f6c36c9bf9f7f5364ea30eb1c875b7ef6535 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2243211 Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#68878}
-
Igor Sheludko authored
... this will avoid the need to pass AllocationPolicy to every method that can allocate/deallocate and allows to make deallocation method implementation stateful. The latter will also allow implementing accounting of deallocated zone memory. Adding one more field is generally fine because usually these hashmap objects are allocated on the stack or inside other rarely-allocated long-lived objects. The only exception is Scope class. The Scope objects are created very often during parsing and each of them has a VariableMap field. The Scope object size issue will be addressed in a follow-up CL. Bug: v8:10572 Change-Id: I63fbd41246cf2e568c8ba80c213d3e9caffc2c87 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2284992Reviewed-by: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/master@{#68877}
-
Victor Gomes authored
The cctests were wrong, since they access the first parameter using `Parameter(0)`. They should instead use `Parameter(1)`, since the index 0 is the receiver, and the receiver is set to be always the undefined object in `FunctionTester::Call`. The reason it used to work is that the tests would set up an access to the stack with the wrong number of parameters, accessing only a stack suffix. Change-Id: I02b7ee97c8759c7aecda0338863b7727762df1ba Bug: v8:10201 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2299364 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by: Toon Verwaest <verwaest@chromium.org> Auto-Submit: Victor Gomes <victorgomes@chromium.org> Cr-Commit-Position: refs/heads/master@{#68876}
-