- 07 Sep, 2017 1 commit
-
-
Marja Hölttä authored
When the bailout triggered, we assumed we're generating data (i.e., we're inside a non-arrow function). This is not true; it's possible that we're already inside an arrow function and not generating data anyway. BUG=v8:5516,chromium:761980 Change-Id: Iad9c8dde283031630953ef9a46c1e68bc0cee048 Reviewed-on: https://chromium-review.googlesource.com/655081Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#47905}
-
- 16 Aug, 2017 1 commit
-
-
Marja Hölttä authored
Makes ClusterFuzz start fuzzing with the flag on. BUG=v8:5516 Change-Id: Ia80f7d22f12fe25efb226102a896e8b0e3537947 Reviewed-on: https://chromium-review.googlesource.com/610000 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#47366}
-
- 04 Aug, 2017 1 commit
-
-
Marja Hölttä authored
In some cases, PreParser cannot replicate the Scope structure created by Parser. It happens esp. with arrow function parameters, since the relevant information is already lost by the time we figure out it's an arrow function. In these cases, PreParser should bail out of trying to create data for skipping inner functions. Implementation notes: - The arrow function case is more fundamental; the non-arrow case could be hacked together somehow if we implemented tracking is_simple for each param separately; but now that it's possible to bail out consistently from both cases, I don't think the is_simple complication is worth it. - The added mjsunit test cases are based on the test262 test cases which exposed the problem. - cctest/preparser/PreParserScopeAnalysis was exercising similar cases, but the problem didn't show up because the function parameters didn't contain skippable functions. Those test cases have been repurposed for testing the bailout. - Extra precaution: the bailout tests are in a separate file, to guard from the bug that a bailout case results in bailing out of *all* data creation, which would make all skipping tests in the same file useless. BUG=v8:5516 Change-Id: I4324749a5ec602fa5d7dc27647ade0284a6842fe Reviewed-on: https://chromium-review.googlesource.com/599849Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#47170}
-