- 19 Jul, 2018 8 commits
-
-
Andreas Haas authored
The WebAssembly spec is not fully deterministic: the sign bit of NaN can be arbitrary. This sign bit can be observed by several WebAssembly opcodes. In the testcase the sign bit of NaN makes the difference between terminating code and an infinite loop. In the libfuzzer fuzzer we have to prevent infinite loops ourselves. At the moment we do this by only execute generated code of WebAssembly modules for which the interpretation of the code ends in a limited number of steps. With the non-determinism described above we cannot guarantee the absence of infinite loops with this method. Therefore we stop now to execute generated code of WebAssembly modules for which we observe possible non-determinism in the interpreter. R=clemensh@chromium.org Bug: chromium:863829 Change-Id: I461d67df87d672bed25d6c915ba7ea5134cb5890 Reviewed-on: https://chromium-review.googlesource.com/1141945Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#54541}
-
Georg Neis authored
R=mslekova@chromium.org Change-Id: I1f60108effa15585a7cf5af150fc4c1d4dd9570f Reviewed-on: https://chromium-review.googlesource.com/1142160Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#54540}
-
Simon Zünd authored
This CL fixes a bug where a fast-path was used on non-extensible objects. R=jgruber@chromium.org Bug: chromium:865264,chromium:865285 Change-Id: Ie14c95b383a65576799c71576a5c0f9f8e1c29ca Reviewed-on: https://chromium-review.googlesource.com/1142766Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Simon Zünd <szuend@google.com> Cr-Commit-Position: refs/heads/master@{#54539}
-
Jaroslav Sevcik authored
This is a reland of 7f67cbd4 Original change's description: > [turbofan] More brokerization in JSCreateLowering. > > Brokerized ReduceJSCreateEmptyLiteralObject and added the scope > for ReduceJSCreateLiteralArrayOrObject. > > Bug: v8:7790 > Change-Id: Ife34a6b610678a3fe24152151cf343400ee515bd > Reviewed-on: https://chromium-review.googlesource.com/1140306 > Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Cr-Commit-Position: refs/heads/master@{#54507} Bug: v8:7790 Change-Id: Ia79ff9ef49c727155a9c476268234e56d2cc9fcb Reviewed-on: https://chromium-review.googlesource.com/1142984 Commit-Queue: Georg Neis <neis@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#54538}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/e4fb293..abdb548 Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/f5342c4..26d6aff Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/302bb84..f9afc77 Rolling v8/third_party/fuchsia-sdk: https://chromium.googlesource.com/chromium/src/third_party/fuchsia-sdk/+log/976ce5e..6215064 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: Ib6d7529ad818b0737ce780a70e5e38e6226a457c Reviewed-on: https://chromium-review.googlesource.com/1142901 Commit-Queue: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Reviewed-by: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#54537}
-
Ben Smith authored
The previous change to futex.js will spawn too many workers in d8 in some test configurations, which will throw an error. This CL works around that by spawning fewer workers for the Atomics.notify tests. TBR=adamk@chromium.org Bug: v8:7338 Change-Id: I0f3583781e5352b4d6672d43a087dc56d920122d Reviewed-on: https://chromium-review.googlesource.com/1142895Reviewed-by: Ben Smith <binji@chromium.org> Commit-Queue: Ben Smith <binji@chromium.org> Cr-Commit-Position: refs/heads/master@{#54536}
-
Jakob Kummerow authored
Turbofan support for property loads from module namespace objects has been tested by the test/js-perf-tests/Modules/basic-namespace benchmark, but so far not by the mjsunit suite. This CL adds such a test. This is a follow-up to 8d7379c0. Change-Id: I3c4183d761693199e6bc8740b812279efcd791a0 Reviewed-on: https://chromium-review.googlesource.com/1142594Reviewed-by: Adam Klein <adamk@chromium.org> Commit-Queue: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#54535}
-
Ben Smith authored
At the May 2018 TC39 meeting, they decided to rename Atomics.wake to Atomics.notify. This change adds Atomics.notify as an alias, but does not remove Atomics.wake, which will be removed later. This allows for embedders to use either name to prevent breaking tests. When the tests are switched over, we can remove Atomics.wake. Bug: v8:7883 Change-Id: If057ebff162bde975c6e1b60d83a4662f144e81f Reviewed-on: https://chromium-review.googlesource.com/1142290 Commit-Queue: Ben Smith <binji@chromium.org> Reviewed-by: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#54534}
-
- 18 Jul, 2018 28 commits
-
-
Bill Budge authored
- Modifies LinkageAllocator to understand aliasing on ARM. - Adds ability to allocate SIMD registers too. Before, these would default to stack allocated. - Modifies WasmCompiler to be platform-independent. Bug: v8:7754 Change-Id: I0c4355a44a4f409053b51ff675521a465e38aeb8 Reviewed-on: https://chromium-review.googlesource.com/1141114Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Bill Budge <bbudge@chromium.org> Cr-Commit-Position: refs/heads/master@{#54533}
-
Yang Guo authored
This is a reland of 8d4572a2 Original change's description: > [builtins] Add %IsTraceCategoryEnabled and %Trace builtins > > Adds the builtin Trace and IsTraceCategoryEnabled functions > exposed via extra bindings. These are intended to use by > embedders to allow basic trace event support from JavaScript. > > ```js > isTraceCategoryEnabled('v8.some-category') > > trace('e'.charCodeAt(0), 'v8.some-category', > 'Foo', 0, { abc: 'xyz'}) > ``` > > Bug: v8:7851 > Change-Id: I7bfb9bb059efdf87d92a56a0aae326650730c250 > Reviewed-on: https://chromium-review.googlesource.com/1103294 > Commit-Queue: Yang Guo <yangguo@chromium.org> > Reviewed-by: Yang Guo <yangguo@chromium.org> > Reviewed-by: Fadi Meawad <fmeawad@chromium.org> > Reviewed-by: Camillo Bruni <cbruni@chromium.org> > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Cr-Commit-Position: refs/heads/master@{#54121} TBR=cbruni@chromium.org Bug: v8:7851 Change-Id: Id063754b2834b3b6a2b2654e76e8637bcd6aa5f8 Reviewed-on: https://chromium-review.googlesource.com/1137071 Commit-Queue: Yang Guo <yangguo@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#54532}
-
Clemens Hammacher authored
Avoid the C-call to switch the flag, just store to the address directly. Since js-to-wasm wrappers are still isolate dependent, we just store the address of the thread-local flag in the isolate (in ThreadLocalTop) and update it if threads are switched. R=ahaas@chromium.org, mstarzinger@chromium.org Bug: chromium:862123, v8:5277 Change-Id: I9e8a40094f11a8b3ba6701dfa7fa026a2d052cb1 Reviewed-on: https://chromium-review.googlesource.com/1136299 Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#54531}
-
Brian Stell authored
Bug: v8:5751 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: I5e149a5d7aff486a31415ae9935461e275c867bd Reviewed-on: https://chromium-review.googlesource.com/1112202 Commit-Queue: Brian Stell <bstell@chromium.org> Reviewed-by: Jungshik Shin <jshin@chromium.org> Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Cr-Commit-Position: refs/heads/master@{#54530}
-
Frank Tang authored
Bug: v8:7869 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: I91bb1948a46249157e143733862c0eeefd15cb0d Reviewed-on: https://chromium-review.googlesource.com/1137365 Commit-Queue: Frank Tang <ftang@chromium.org> Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Cr-Commit-Position: refs/heads/master@{#54529}
-
Clemens Hammacher authored
TBR=sigurds@chromium.org No-Try: true Bug: v8:7953 Change-Id: I188c5b0501c2f0cbf8dacdec21f3e86ebec88cd7 Reviewed-on: https://chromium-review.googlesource.com/1142404Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#54528}
-
Dan Elphick authored
Move brackets enclosing declarator in a couple of V8_DEPRECATE_SOON cases so that the attribute is correctly placed. I.e. should come after the class keyword and after a function signature but before the body. Also adds suppressions for a case where a replacement method calls the deprecated method it replaces. Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I490ff07a13552cf335186d64ca061f21ac4e8afc Reviewed-on: https://chromium-review.googlesource.com/1140593Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#54527}
-
Leszek Swirski authored
ReadOnlyRoots means that some added Isolate parameters are no longer needed. So, we can remove them. This patch was generated mostly automatically with a bespoke tool. Bug: v8:7786 Bug: v8:7754 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: Ia44fd2a66652253f780e3674bf7fb431caef0493 Reviewed-on: https://chromium-review.googlesource.com/1136305 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Dan Elphick <delphick@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#54526}
-
Leszek Swirski authored
For a script '()=>42', the anonymous arrow function has both start and end position the same as the script function itself. This causes issues when sorting the SourcePositionEvents of the function, in two ways: * If the start positions are the same, we should order by *furthest* end position to ensure the stack is in the right order * If both start and end are the same, we need to order by function literal id to make sure that start order and end order are inversed. Also, MapLiterals assumes that start+end position uniquely identifies a function, which is false in this case, so we process the top-level script function separately in MapLiterals. Change-Id: I2b2185dc2825018b7ea44c7d0918238e9b1dd972 Reviewed-on: https://chromium-review.googlesource.com/1141741 Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Cr-Commit-Position: refs/heads/master@{#54525}
-
Sigurd Schneider authored
This reverts commit 7f67cbd4. Reason for revert: Speculative revert because of https://ci.chromium.org/p/v8/builders/luci.v8.ci/Mac%20V8%20FYI%20Release%20(Intel)/1842 Original change's description: > [turbofan] More brokerization in JSCreateLowering. > > Brokerized ReduceJSCreateEmptyLiteralObject and added the scope > for ReduceJSCreateLiteralArrayOrObject. > > Bug: v8:7790 > Change-Id: Ife34a6b610678a3fe24152151cf343400ee515bd > Reviewed-on: https://chromium-review.googlesource.com/1140306 > Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Cr-Commit-Position: refs/heads/master@{#54507} TBR=jarin@chromium.org,neis@chromium.org,mslekova@chromium.org Change-Id: Ic4a89cd872b13e4b5f28636e0d91b3b013d6649a No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: v8:7790 Reviewed-on: https://chromium-review.googlesource.com/1141964Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Commit-Queue: Sigurd Schneider <sigurds@chromium.org> Cr-Commit-Position: refs/heads/master@{#54524}
-
Simon Zünd authored
R=jgruber@chromium.org Change-Id: If88adfb7cb9a30a50448a39c71bd899484d29510 Reviewed-on: https://chromium-review.googlesource.com/1139060 Commit-Queue: Simon Zünd <szuend@google.com> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#54523}
-
Simon Zünd authored
This CL moves Array.p.fill from JavaScript to a C++ builtin. It has a generic slow-path and fast-paths implemented via ElementsAccessor in elements.cc. R=cbruni@chromium.org Bug: v8:7624 Change-Id: I8820e1195d2cd9b41c254058923ad9875aab067c Reviewed-on: https://chromium-review.googlesource.com/1131130 Commit-Queue: Simon Zünd <szuend@google.com> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#54522}
-
Yang Guo authored
This is no longer necessary since we removed the debug context. R=jgruber@chromium.org Bug: v8:5530 Change-Id: Ibb9df3a1f139ee076296faedb80204e7fcc23197 Reviewed-on: https://chromium-review.googlesource.com/1134746Reviewed-by: Jakob Gruber <jgruber@chromium.org> Commit-Queue: Yang Guo <yangguo@chromium.org> Cr-Commit-Position: refs/heads/master@{#54521}
-
Frank Tang authored
Spec: http://tc39.github.io/proposal-intl-relative-time/ Design Doc: go/add-intl.relativetimeformat-to-v8 Test: test262/intl402/RelativeTimeFormat/*, intl/relative-time-format/* R=cira@chromium.org, gsathya@chromium.org Bug: v8:7869 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: Ied95d601cf707db5d555f9d963b9b1f206e37331 Reviewed-on: https://chromium-review.googlesource.com/1124728Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/master@{#54520}
-
Frank Tang authored
Bug: v8:7684 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: I8ee5aa4a2f481bbe4e47ab3889a9a6084b6b2943 Reviewed-on: https://chromium-review.googlesource.com/1137927Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/master@{#54519}
-
Andreas Haas authored
R=clemensh@chromium.org Change-Id: I4f1bda6f0ad420776eb181563d5efbc0d06a911e Reviewed-on: https://chromium-review.googlesource.com/1141582Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#54518}
-
Sergiy Byelozyorov authored
This reverts commit 1e1cca61. Reason for revert: breaks builders Original change's description: > [tools] Keep raw data in the generated JSON for debugging purposes > > R=machenbach@chromium.org > > Bug: chromium:861668 > Change-Id: Ic3225ed5919c21a7f6a9f21cba4aa491e1d6606d > Reviewed-on: https://chromium-review.googlesource.com/1140331 > Reviewed-by: Michael Achenbach <machenbach@chromium.org> > Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> > Cr-Commit-Position: refs/heads/master@{#54508} TBR=machenbach@chromium.org,sergiyb@chromium.org Change-Id: I10dff94c9cfe08c4a6b6d4d225b429fe16b95d19 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:861668 Reviewed-on: https://chromium-review.googlesource.com/1141784Reviewed-by: Sergiy Byelozyorov <sergiyb@chromium.org> Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#54517}
-
Maya Lekova authored
Bug: v8:7790 Change-Id: I12c159ade57a0974c6adc5b277a0b5fd74fd4dfb Reviewed-on: https://chromium-review.googlesource.com/1140313 Commit-Queue: Maya Lekova <mslekova@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#54516}
-
Clemens Hammacher authored
This helps debugging unexpected traps, as you can figure out which instruction triggered the trap. R=mstarzinger@chromium.org Change-Id: I61735f14e2838ace195f6b84b555b9ddfc06aa0f Reviewed-on: https://chromium-review.googlesource.com/1140296Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#54515}
-
Dan Elphick authored
Convert all remaining uses (in api.cc) to use private local implementations. These local uses all appear inside deprecated functions. Bug: v8:7786 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I86bcafd4c8a737da32fcb8ab275ec708632f9e39 Reviewed-on: https://chromium-review.googlesource.com/1140319 Commit-Queue: Dan Elphick <delphick@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#54514}
-
Dan Elphick authored
Strictly speaking there are some left in api.cc, but they are in deprecated functions with non-deprecated alternatives. Apart from changes made using tooling, this also modifies FieldType::AsClass to return Map* rather than Handle<Map> and converts its call sites to create the Handle when they need it - currently several sites immediately dereference the Handle. Also marks WasmDebugInfo as NeverReadOnlySpaceObject so GetIsolate and GetHeap remain usable. Bug: v8:7786 Cq-Include-Trybots: luci.chromium.try:linux_chromium_rel_ng Change-Id: I7ea5048f97f140c757f651712b8c33a5c7e0ebc1 Reviewed-on: https://chromium-review.googlesource.com/1140302Reviewed-by: Adam Klein <adamk@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Dan Elphick <delphick@chromium.org> Cr-Commit-Position: refs/heads/master@{#54513}
-
Michael Starzinger authored
This removes two pointers to Histograms from the memory tracker. These histograms are stored as part of the Isolate and their lifetime is also coupled to the Isolate. We cannot bind the pointers but need to pass them (or the Isolate) as a parameter instead. R=clemensh@chromium.org BUG=v8:7424 Change-Id: I6b141b924bd858234641d6603a25fcb08cdf40e3 Reviewed-on: https://chromium-review.googlesource.com/1140312 Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Reviewed-by: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#54512}
-
Marja Hölttä authored
Now we can finally get rid of Map::weak_cell_cache! BUG=v8:7308 Change-Id: I87a06509bf638bf6833ea2ba1eca525fb4b15df1 Reviewed-on: https://chromium-review.googlesource.com/1128882 Commit-Queue: Marja Hölttä <marja@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#54511}
-
Leszek Swirski authored
The BodyDescriptor of an object should use its aligned size. Change-Id: If743ca130b3cb97c4f25054db6dc887d88fc5e32 Reviewed-on: https://chromium-review.googlesource.com/1140309Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#54510}
-
Marja Hölttä authored
BUG=v8:7754,v8:5402 Change-Id: Ib3f3a879e68d96cd5d82b1ee461b57dc7367ebe2 Reviewed-on: https://chromium-review.googlesource.com/1139059Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Michael Stanton <mvstanton@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Marja Hölttä <marja@chromium.org> Cr-Commit-Position: refs/heads/master@{#54509}
-
Sergiy Byelozyorov authored
R=machenbach@chromium.org Bug: chromium:861668 Change-Id: Ic3225ed5919c21a7f6a9f21cba4aa491e1d6606d Reviewed-on: https://chromium-review.googlesource.com/1140331Reviewed-by: Michael Achenbach <machenbach@chromium.org> Commit-Queue: Sergiy Byelozyorov <sergiyb@chromium.org> Cr-Commit-Position: refs/heads/master@{#54508}
-
Jaroslav Sevcik authored
Brokerized ReduceJSCreateEmptyLiteralObject and added the scope for ReduceJSCreateLiteralArrayOrObject. Bug: v8:7790 Change-Id: Ife34a6b610678a3fe24152151cf343400ee515bd Reviewed-on: https://chromium-review.googlesource.com/1140306 Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#54507}
-
v8-ci-autoroll-builder authored
Rolling v8/build: https://chromium.googlesource.com/chromium/src/build/+log/7315579..e4fb293 Rolling v8/third_party/depot_tools: https://chromium.googlesource.com/chromium/tools/depot_tools/+log/fb73403..302bb84 Rolling v8/third_party/fuchsia-sdk: https://chromium.googlesource.com/chromium/src/third_party/fuchsia-sdk/+log/8227701..976ce5e Rolling v8/tools/clang: https://chromium.googlesource.com/chromium/src/tools/clang/+log/c0b1d89..5d1ce93 TBR=machenbach@chromium.org,hablich@chromium.org,sergiyb@chromium.org Change-Id: I202ee90eb4c3ea68e2677227dd0ad05cac352be2 Reviewed-on: https://chromium-review.googlesource.com/1141428Reviewed-by: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: V8 Autoroller <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#54506}
-
- 17 Jul, 2018 4 commits
-
-
Alexey Kozyatinskiy authored
We try to prevent side effects by forbidding running any JavaScript when we get property from node object. In case of object node it is possible that by calling property we force internal object initialization which may force creation of new context, this initialization can not be made with forbided JavaScript and at the same time is side effect free. As workaround we can warmup dom objects first and then generate description. R=dgozman@chromium.org Bug: chromium:827585 Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel Change-Id: Ifd2c6317ffd5cb3822d2a2eedf3d0b0f36a201f1 Reviewed-on: https://chromium-review.googlesource.com/1041078Reviewed-by: Dmitry Gozman <dgozman@chromium.org> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Cr-Commit-Position: refs/heads/master@{#54505}
-
Frank Tang authored
Fixes intl402/Locale/constructor-options-{casefirst,hourcycle,numeric}-invalid Bug: v8:7684 Cq-Include-Trybots: luci.v8.try:v8_linux_noi18n_rel_ng Change-Id: I43317f4bb1bb8422940faab1e5afa4162ed9ea11 Reviewed-on: https://chromium-review.googlesource.com/1137476Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org> Commit-Queue: Frank Tang <ftang@chromium.org> Cr-Commit-Position: refs/heads/master@{#54504}
-
Johannes Henkel authored
https://chromium.googlesource.com/deps/inspector_protocol/+/0d4255502019144a5dec5669d7992165ae8924e7 Change-Id: I3711883a4cff11f71cca10054e4aac11293f5293 Reviewed-on: https://chromium-review.googlesource.com/1139095Reviewed-by: Dmitry Gozman <dgozman@chromium.org> Commit-Queue: Johannes Henkel <johannes@chromium.org> Cr-Commit-Position: refs/heads/master@{#54503}
-
Mathias Bynens authored
This patch makes `d8` recognize files with the `.mjs` extension as modules instead of classic scripts. This change can be tested by saving the following JavaScript program as both `module.mjs` and as `script.js`: console.log(this === undefined ? 'strict' : 'sloppy'); Then, run these files in `d8` without passing the `--module` flag: $ d8 module.mjs strict $ d8 script.js sloppy The use of `.mjs` matches not just Google’s recommendation [1] but also the current modules implementation in Node.js [2]. [1] https://developers.google.com/web/fundamentals/primers/modules [2] https://nodejs.org/api/esm.html Bug: v8:7950 Change-Id: I8f39420dc24a5eedd7e88d3b1aa48207ebfeff6e Reviewed-on: https://chromium-review.googlesource.com/1140314 Commit-Queue: Mathias Bynens <mathias@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#54502}
-