- 23 Jan, 2020 21 commits
-
-
Ng Zhi An authored
The two cases we are fixing here are Construct and LoadCallerFrameSlot, which are closely related. Construct is called during PrepareCall, where we build up LiftoffStackSlots when we need to move an arg from caller's stack frame into callee's stack frame. LoadCallerFrameSlot is the parallel to this, called in ProcessParameter during decoding of the callee's function body. In most cases, Construct needs a new case to handle kWasmS128, and calls the relevant assembler to push a s128 onto the stack. ARM64 requires 16-byte alignment of sp, so we need to Claim the right number of kXRegSize slots first, which requires us traversing the list of slots to figure out how many s128 values there are. This is a straightforward way to fix this, if efficiency is a problem, we can change LiftOffStackSlots::Add to sum up the slot sizes. On IA32, pushing s128 values will require 4 calls to push. Instead, we use a sub and two movdqu, which will generate less code in most cases. On x64, there is no 128-bit push, so we call push twice. Bug: v8:9909 Change-Id: I3af35b8462ea9c3b9b2d90800c37d11b5e95be59 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2015945 Commit-Queue: Zhi An Ng <zhin@chromium.org> Reviewed-by:
Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#65956}
-
Clemens Backes authored
The new name "IsWasmModuleObject" was introduced in https://crrev.com/c/2013109 and chrome switched to the new name in https://crrev.com/c/2016622. Thus, the old name can be deprecated for the 8.1 branch. R=adamk@chromium.org Bug: v8:10021 Change-Id: Ic09d4f8c9ae65ee855e3968f1c0814df0c97bb25 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2016584Reviewed-by:
Adam Klein <adamk@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#65955}
-
Ng Zhi An authored
Implement f32x4.splat and enable handling this in Liftoff. We add a new macro for defining test cases to run on TurboFan, Liftoff, interpreter, and scalar lowering. Also add an assertion that the execution tier used is what we expected it to be. This is useful for Liftoff, because by default it falls back to TurboFan when it encounters an unimplemented opcode. Bug: v8:9909 Change-Id: I594955fce778173191fc44c38c4f956a05e77839 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2014753 Commit-Queue: Zhi An Ng <zhin@chromium.org> Reviewed-by:
-
Milad Farazmand authored
Port 7b79a02d Original Commit Message: This CL adds a --debug-in-liftoff flag, which takes another path in {WasmScript::SetBreakPointForFunction}, and sets the breakpoint via {wasm::DebugInfo} (Liftoff-related) instead of {WasmDebugInfo} (C++ interpreter related). Actual breakpoint support is not there yet, so the new test which sets this flag does not currently break anywhere. This will change with a future CL. R=clemensb@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com BUG= LOG=N Change-Id: I632e4c945c88f58d8caba8688356f66406bc04aa Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2016915Reviewed-by:
-
Santiago Aboy Solanes authored
Change-Id: Ieabacfd183370ee09bcb6126e16fbf3135d48134 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2011836Reviewed-by:
Tobias Tebbi <tebbi@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#65952}
-
Milad Farazmand authored
Change-Id: Id9f40ac278c5a25739b11d3af06de1f7052d1c67 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2015943Reviewed-by:
Junliang Yan <jyan@ca.ibm.com> Commit-Queue: Milad Farazmand <miladfar@ca.ibm.com> Cr-Commit-Position: refs/heads/master@{#65951}
-
Dan Elphick authored
Load and store external references using the root register rather than generating a constant and dereferencing it. This typically uses 1 instruction rather than up to 4. Also adds external reference store optimisation for arm64. Bug: v8:7844 Change-Id: I5f73728e7a72e366a31bfb694581e2e7d8250947 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2007270 Commit-Queue: Dan Elphick <delphick@chromium.org> Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#65950}
-
Jakob Gruber authored
Loop exits are marked automatically by the loop scope mechanism in combination with MergeState. Creating a LoopExitValue node explicitly created an invalid graph. Drive-by: Remove LoopExit{,Effect,Value} convenience methods. Bug: chromium:1044878,v8:9972 Change-Id: I6fb52a8463e5352b5a5b243f800a9eda47df9d5a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2016593 Auto-Submit: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Tobias Tebbi <tebbi@chromium.org> Reviewed-by: -
Steve Blackburn authored
The TPH needs to support the idea of 'code' objects, and the ability to query whether an object is of this type. Bug: v8:9533 Change-Id: Ic36b235bd9640aa675a3ef0d8c3f6c98dd8cd862 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2013116Reviewed-by:
Peter Marshall <petermarshall@chromium.org> Reviewed-by:
Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Steve Blackburn <steveblackburn@google.com> Cr-Commit-Position: refs/heads/master@{#65948}
-
Michael Achenbach authored
Bug: chromium:1044942 Change-Id: I7442d26c37b8f14886bfee0eb82c8c94a9aeeb85 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2016594Reviewed-by:
-
Sami Kyostila authored
Remove trace id mangling since it's been deprecated (and is also being removed) in Chromium [1] and the actual id mangling operation was never implemented in V8's version. This patch doesn't introduce the upstream replacement (TRACE_ID_{LOCAL,GLOBAL}), since nothing in V8 needs it and it'll be shortly brought in with the transition to the Perfetto client library[2]. Bug: chromium:639003 [1] crbug.com/639003 [2] https://docs.google.com/document/d/1f7tt4cb-JcA5bQFR1oXk60ncJPpkL02_Hi_Bc6MfTQk/ Change-Id: Ifabda63b9c56918fafcc24dfc589b8e513a3f29b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2016592 Commit-Queue: Sami Kyöstilä <skyostil@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Auto-Submit: Sami Kyöstilä <skyostil@chromium.org> Reviewed-by: -
Mythri A authored
For CompareOperations, we only care about Null or Undefined feedback for oddballs. Other oddballs like Booleans should be treated as "Any" feedback. There was a bug in the way we handled feedback when lhs is undefined or null and rhs is anything other than JSReceiver. This cl fixes it by removing an unnecessary check. This fixes a deopt loop in TurboProp on maps benchmark. Bug: v8:9684 Change-Id: I6a09c4b5637bacdcd7f7f96e1afe603b6653c7c6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2016591Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Commit-Queue: Mythri Alle <mythria@chromium.org> Cr-Commit-Position: refs/heads/master@{#65945}
-
Santiago Aboy Solanes authored
Did some drive-by cleanups, like removing the Sloppy-ness Change-Id: Ia11ddc6752168ad10cad578bb8d839ab9b7473c8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2015021Reviewed-by:
Mythri Alle <mythria@chromium.org> Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org> Cr-Commit-Position: refs/heads/master@{#65944}
-
Clemens Backes authored
I hit a case where the 'V8_Dcheck' was only the sixth stack frame. Thus increase the limit from 5 to 7. R=ahaas@chromium.org No-Try: true Change-Id: I1ea37f07ff08ab5acffdfcc89d01ff102750a1e0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2016589Reviewed-by:
Andreas Haas <ahaas@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#65943}
-
Clemens Backes authored
The NativeModule that was serialized in another isolate might be temporarily kept alive by background threads. By keeping a weak pointer to the module, we can wait for it to really die. This happens very rarely, and the module will die pretty quickly, so busy-waiting is fine in this case. R=thibaudm@chromium.org Bug: v8:10148 Change-Id: I8c4645acfccd04a820ef3f694cad3eb15e75acb6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2016585Reviewed-by:
Thibaud Michaud <thibaudm@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#65942}
-
Andreas Haas authored
The instruction selector assumed for Word32AtomicPairBinop nodes that if there exists a Projection(1) user, then there also exists a Projection(0) user. This, however, is not the case, because TurboFan eliminates unreachable nodes. The missing projection node lead to a failed DCHECK in the register allocator. With this CL we allocate the right registers for the existing projections, and allocate the other needed registers as temp registers. R=gdeepti@chromium.org Bug: v8:10140 Change-Id: I22331cae58f933e89dac6993fe3b21ff6502838a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2011829Reviewed-by:
Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#65941}
-
Johannes Henkel authored
Upstream Reviews: "Remove writeJSON / toJSONString from generated protocol types." https://chromium-review.googlesource.com/c/deps/inspector_protocol/+/2013082 Also, remove builderAppendQuotedString from string-util.h in v8 since it's unused now and it relies on the jinja template code I'm deleting. "Upon encountering a byte that's unexpectedly not ..." https://chromium-review.googlesource.com/c/deps/inspector_protocol/+/2013764 New Rev: a84e91f6696a0b76e1a73286c9c2765154de9889 Change-Id: I26805c47950d880b5be2cfb9bdcb41a3f51218b6 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2013561Reviewed-by:
Dmitry Gozman <dgozman@chromium.org> Commit-Queue: Johannes Henkel <johannes@chromium.org> Cr-Commit-Position: refs/heads/master@{#65940}
-
Ng Zhi An authored
Bug: v8:10082 Change-Id: I5ade4269e70e09d0f98b51faf819163e736ae76b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1990507 Commit-Queue: Zhi An Ng <zhin@chromium.org> Reviewed-by:
-
Zhao Jiazhong authored
Port 72b68dee https://crrev.com/c/1928150 Change-Id: Ic5d195046839bc83148d759225bc5330ce66a53b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2004139Reviewed-by:
Zhi An Ng <zhin@chromium.org> Reviewed-by:
-
Zhou, Zhiguo authored
This CL implements load_extend with 2 lanes and all load_splat operations on IA32. The necessary assemblers together with their corresponding disassemblers and tests are also added in this CL. The newly added opcodes include: S8x16LoadSplat, S16x8LoadSplat, S32x4LoadSplat, S64x2LoadSplat, I64x2Load32x2S, I64x2Load32x2U. Bug: v8:9886 Change-Id: I0a5dae0a683985c14c433ba9d85acbd1cee6705f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1982989Reviewed-by:
-
Zhao Jiazhong authored
Port 9ff2de44 https://crrev.com/c/1994382 Change-Id: I045fd862f6ae026fd0e5637a685589bee149ab74 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2008981 Auto-Submit: Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> Reviewed-by:
-
- 22 Jan, 2020 19 commits
-
-
Adam Klein authored
The feature has been on-by-default in Chrome for nearly a year now, and is an established part of the ECMAScript standard. Change-Id: Icf9d424e5fe9139c12fc26b41603b4e39f79ea54 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2015942Reviewed-by:
Ben Smith <binji@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#65935}
-
Ulan Degenbaev authored
Bug: chromium:973627 Change-Id: Ie9b07075604451636967b69b30f276fb45bc5372 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2011824 Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#65934}
-
Deepti Gandluri authored
Bug: v8:10021 Change-Id: I23a693064c44cd620a874787bcc00cb42bc5874f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1999158 Commit-Queue: Deepti Gandluri <gdeepti@chromium.org> Reviewed-by:
-
Steve Blackburn authored
Bug: v8:9533 Change-Id: Ia2239a591abf68f64efe4a993671b7184a5cf5cf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2013115 Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Reviewed-by:
-
Clemens Backes authored
This flag was used for IndexedDB support. Last uses in chrome were removed in https://crrev.com/c/2013046, hence the API method can be deprecated. Also remove deserializer tests that were disabled by default or just test that random bytes (from the deserializer's perspective) fail to decode. R=adamk@chromium.org Bug: v8:10146 Change-Id: I8596849c3b51ab1c60272a49ff3fdaa0946452bf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2013104 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by:
-
Clemens Backes authored
Both the API wrapper as well as the internal object are named "WasmModuleObject". This CL renames the object type check from "IsWebAssemblyCompiledModule" to "IsWasmModuleObject" to be consistent. R=adamk@chromium.org Bug: v8:10021 Change-Id: I6d5814421f38bc5f5bd73a492ff4a36f552ff763 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2013109Reviewed-by:
-
Z Nguyen-Huu authored
This is a reland of faccc95b Since 1c9bb77d, async jobs use existing entry in native module cache and skip recompilation so we need to fix the test. Original change's description: > Reland "[wasm] Perform NativeModule tier down in parallel." > > This is a reland of 3352fcc9 > > Disable stress-opt for test and check recompilation before clearing > callbacks. > > Original change's description: > > [wasm] Perform NativeModule tier down in parallel. > > > > Reuse logic in {CompileNativeModule} function in module-compiler.cc: > > initialize parallel compile jobs, then wait for them to finish while > > taking part in this compilation. > > > > Bug: v8:9654 > > Change-Id: I9974d9f8b516e9faec716a592c7c0ee9c7077d8e > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1977041 > > Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com> > > Reviewed-by: Clemens Backes <clemensb@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#65763} > > Bug: v8:9654 > Change-Id: I8e8830f05e189596207365b7332a2cc25e493e47 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2002945 > Commit-Queue: Z Nguyen-Huu <duongn@microsoft.com> > Reviewed-by: Clemens Backes <clemensb@chromium.org> > Cr-Commit-Position: refs/heads/master@{#65901} Bug: v8:9654 Change-Id: Ia63b86d4275088d93202046bc9823e6202b7991a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2012986Reviewed-by:
-
Andreas Haas authored
R=clemensb@chromium.org Bug: v8:10108 Change-Id: I6c1cb975c38542ae3811963fe08d9155f7ecef13 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2011826Reviewed-by:
-
Ng Zhi An authored
Take care of the case when loading from stack slot into registers during PrepareCall. register_loads_ knows nothing of fp pair (it calls liftoff_code, which is nonsense for an fp pair), so we pass it dst.low(). Earlier on in LoadStackSlot, we call load_dst_regs_.set(dst). This is implement to set both dst.low() and dst.high(). Later when we iterate over load_dst_regs_ (in ExecuteLoads), we special case loads of kWasmS128, and reconstruct a LiftoffRegister that is a fp pair (only when required), since LiftoffAssembler::Fill knows how to handle loading of s128 values. However, since we also set dst.high(), we will iterate over it too, but end up getting a RegisterLoad of nonsense values. This is not handled in the switch cases at all, so it works. Instead of this, we could transform a s128 load into two f64 load, and PrepareCall will be the only place that does this, since other callers of Fill will use kWasmS128. And we would have to do 2 loads instead of 1 add and 1 load. Bug: v8:9909 Change-Id: I20f69de48a650b457a199fde02c8e58641b2c176 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2013920Reviewed-by:
-
Andreas Haas authored
R=clemensb@chromium.org Bug: v8:10108 Change-Id: Ia4fb73e1771971638ca646702838b5722dafe140 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2010112 Commit-Queue: Andreas Haas <ahaas@chromium.org> Reviewed-by:
-
Ng Zhi An authored
In both PrepareCall and ProcessParameter, we were incorrectly passing the reg code of a Q register into LiftoffRegister::ForFpPair, which takes a D register. Similar to the F32 case (the reg code was halved), the reg code needs to be doubled (q1 -> d2) before constructing the LiftoffRegister. Bug: v8:9909 Change-Id: Id4df9e99b92546f68be0d99d98f0a1ac25ee7e5c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2013492Reviewed-by:
-
Jakob Kummerow authored
The actual allocatable size still depends on the allocator; in particular Blink's ArrayBufferAllocator is currently limited to 2GB. WebAssembly memories are not affected by this change (i.e. still capped at 2GB as well). For 32-bit platforms, the limit remains at 2**30-1 (=max smi) elements. Bug: v8:4153 Change-Id: If0d6047dd4061028688d85a3dc0a2684dcca8693 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2007495Reviewed-by:
-
Ng Zhi An authored
Add a case for is_fp_pair in StackTransferRecipe, when moving registers. This is similar to the is_gp_pair case, but we only need to check the low fp register, and move both low and high if the low fp register is different. Bug: v8:9909 Change-Id: I02f72f6390a1b2802afce5e91ed227b749d838ae Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2013223 Commit-Queue: Zhi An Ng <zhin@chromium.org> Reviewed-by:
-
Clemens Backes authored
Serialization of WasmModuleObject was our first implementation for postMessage, and was used for IndexedDB. IndexedDB support is removed since a long time, and postMessage works by just messaging an identifier and reusing the underlying NativeModule when receiving this. Thus the logic to serialize the actual code is unused, and thus should be removed together with all tests. R=ahaas@chromium.org Bug: v8:10146 Change-Id: I599296736dabd486c45ced2b6e5996e490fa40c8 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2013110Reviewed-by:
-
Clemens Backes authored
This CL adds a --debug-in-liftoff flag, which takes another path in {WasmScript::SetBreakPointForFunction}, and sets the breakpoint via {wasm::DebugInfo} (Liftoff-related) instead of {WasmDebugInfo} (C++ interpreter related). Actual breakpoint support is not there yet, so the new test which sets this flag does not currently break anywhere. This will change with a future CL. R=thibaudm@chromium.org Bug: v8:10147 Change-Id: I95a905e666b8f502366d2c7273c8f25a267ee184 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2012920 Commit-Queue: Clemens Backes <clemensb@chromium.org> Reviewed-by: -
Toon Verwaest authored
Changing script context handling from bytecode based to metadata on the function. This fixes the debugger to explicitly check the code rather than implicitly relying on a NewScriptContext bytecode causing side effects. Bug: chromium:1043151 Tbr: ulan@chromium.org Change-Id: I38c5c04d7c76155e0a055ae6efd57f25986bdb7d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2013117Reviewed-by:
Toon Verwaest <verwaest@chromium.org> Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Commit-Queue: Toon Verwaest <verwaest@chromium.org> Cr-Commit-Position: refs/heads/master@{#65920}
-
Shiyu Zhang authored
This is a reland of 3b753563 Original change's description: > Reland "[runtime] Cache prototype chain enumerable keys in PrototypeInfo" > > This is a reland of 5253d7bf > > Original change's description: > > [runtime] Cache prototype chain enumerable keys in PrototypeInfo > > > > This CL adds a prototype_chain_enum_cache to cache the enumeration of a > > prototype and its entire chain on the PrototypeInfo. It can improve for-in > > performance via simply merging the receiver enumeration with this cache. > > > > It improves the score of JetStream2-tagcloud-SP case by ~9% on IA Chromebook. > > > > Contributed by tao.pan@intel.com > > > > Change-Id: Ib40bfe41e772672337155584672f06fa1ba1e70d > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1870844 > > Commit-Queue: Shiyu Zhang <shiyu.zhang@intel.com> > > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#65224} > > Change-Id: I93b74727c46abbaab163324c50fbd977fcc9bb36 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1955232 > Reviewed-by: Toon Verwaest <verwaest@chromium.org> > Commit-Queue: Shiyu Zhang <shiyu.zhang@intel.com> > Cr-Commit-Position: refs/heads/master@{#65377} Change-Id: If4b4631e1b8a3d2df748b6be8500f838836a3291 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2008253 Commit-Queue: Toon Verwaest <verwaest@chromium.org> Reviewed-by:
-
Georg Neis authored
... and consult it there from the various reducers. The flag makes no sense without the broker and the reducers already have access to the broker, so we can avoid an additional flag per reducer. Bug: v8:7790 Change-Id: I448050a55951b94d5313c1a79a502be906b98b25 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2013108 Auto-Submit: Georg Neis <neis@chromium.org> Reviewed-by:
Maya Lekova <mslekova@chromium.org> Commit-Queue: Maya Lekova <mslekova@chromium.org> Cr-Commit-Position: refs/heads/master@{#65918}
-
Peter Marshall authored
This flag enables the CPU profiler before running any scripts in D8. This is so that we can turn the flag on during fuzzing to help us find security and stability issues. Right now this flag has problems with a bunch of tests under mjsunit/asm which fail in the stack walker when the flag is on. I'll address these in a follow-up before we turn this on for fuzzing. Bug: v8:10150 Change-Id: Ief8134ab2e9da63851b9c235f47ba217d1dce348 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2013111Reviewed-by:
Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#65917}
-
