- 08 Feb, 2018 1 commit
-
-
Adam Klein authored
This reverts commit 14108f4c. Reason for revert: Not the culprit for Canary microtask crashes Original change's description: > [builtins] Mega-revert to address the Dev blocker in crbug.com/808911. > > - Revert "[builtins] Save one word in contexts for Promise.all." > This reverts commit 7632da06. > - Revert "[builtins] Also use the Promise#then protector for Promise#finally()." > This reverts commit d4f072ce. > - Revert "[builtins] Don't mess with entered context for MicrotaskCallbacks." > This reverts commit 6703dacd. > - Revert "[debugger] Properly deal with settled promises in catch prediction." > This reverts commit 40dd0658. > - Revert "[builtins] Widen the fast-path for Promise builtins." > This reverts commit db0556b7. > - Revert "[builtins] Unify PerformPromiseThen and optimize it with TurboFan." > This reverts commit a582199c. > - Revert "[builtins] Remove obsolete PromiseBuiltinsAssembler::AppendPromiseCallback." > This reverts commit 6bf88852. > - Revert "[builtins] Turn NewPromiseCapability into a proper builtin." > This reverts commit 313b490d. > - Revert "[builtins] Inline InternalPromiseThen into it's only caller" > This reverts commit f7bd6a2f. > - Revert "[builtins] Implement Promise#catch by really calling into Promise#then." > This reverts commit b23b098f. > - Revert "[promise] Remove incorrect fast path" > This reverts commit 0f6eafe8. > - Revert "[builtins] Squeeze JSPromise::result and JSPromise::reactions into a single field." > This reverts commit 8a677a28. > - Revert "[builtins] Refactor promises to reduce GC overhead." > This reverts commit 8e7737cb. > > Tbr: hpayer@chromium.org > Bug: chromium:800651, chromium:808911, v8:5691, v8:7253 > Change-Id: I8c8ea5ed32ed62f6cd8b0d027a3707ddd891e5f1 > Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng > Reviewed-on: https://chromium-review.googlesource.com/906991 > Commit-Queue: Yang Guo <yangguo@chromium.org> > Commit-Queue: Adam Klein <adamk@chromium.org> > Reviewed-by: Adam Klein <adamk@chromium.org> > Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> > Cr-Commit-Position: refs/heads/master@{#51158} Change-Id: I09d958cbebd635a325809072a290f2f53df8c5d4 Tbr: adamk@chromium.org,yangguo@chromium.org,bmeurer@chromium.org Bug: chromium:800651, chromium:808911, v8:5691, v8:7253 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Reviewed-on: https://chromium-review.googlesource.com/908988Reviewed-by:
Adam Klein <adamk@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Cr-Commit-Position: refs/heads/master@{#51181}
-
- 07 Feb, 2018 1 commit
-
-
Benedikt Meurer authored
- Revert "[builtins] Save one word in contexts for Promise.all." This reverts commit 7632da06. - Revert "[builtins] Also use the Promise#then protector for Promise#finally()." This reverts commit d4f072ce. - Revert "[builtins] Don't mess with entered context for MicrotaskCallbacks." This reverts commit 6703dacd. - Revert "[debugger] Properly deal with settled promises in catch prediction." This reverts commit 40dd0658. - Revert "[builtins] Widen the fast-path for Promise builtins." This reverts commit db0556b7. - Revert "[builtins] Unify PerformPromiseThen and optimize it with TurboFan." This reverts commit a582199c. - Revert "[builtins] Remove obsolete PromiseBuiltinsAssembler::AppendPromiseCallback." This reverts commit 6bf88852. - Revert "[builtins] Turn NewPromiseCapability into a proper builtin." This reverts commit 313b490d. - Revert "[builtins] Inline InternalPromiseThen into it's only caller" This reverts commit f7bd6a2f. - Revert "[builtins] Implement Promise#catch by really calling into Promise#then." This reverts commit b23b098f. - Revert "[promise] Remove incorrect fast path" This reverts commit 0f6eafe8. - Revert "[builtins] Squeeze JSPromise::result and JSPromise::reactions into a single field." This reverts commit 8a677a28. - Revert "[builtins] Refactor promises to reduce GC overhead." This reverts commit 8e7737cb. Tbr: hpayer@chromium.org Bug: chromium:800651, chromium:808911, v8:5691, v8:7253 Change-Id: I8c8ea5ed32ed62f6cd8b0d027a3707ddd891e5f1 Cq-Include-Trybots: master.tryserver.chromium.linux:linux_chromium_rel_ng Reviewed-on: https://chromium-review.googlesource.com/906991 Commit-Queue: Yang Guo <yangguo@chromium.org> Commit-Queue: Adam Klein <adamk@chromium.org> Reviewed-by:
Adam Klein <adamk@chromium.org> Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#51158}
-
- 06 Feb, 2018 1 commit
-
-
Benedikt Meurer authored
The catch prediction logic got confused when we merged the reactions and result fields of JSPromise, because for settled promises it would start to treat the result as reactions list, leading to a crash most likely or memory corruption in the worst case (only if break on uncaught exception is enabled). We can only inspect reactions when the promise is still in "pending" state. Bug: chromium:808973, v8:7253 Change-Id: I15162c96fce959a052fbc628addd9418da39327c Reviewed-on: https://chromium-review.googlesource.com/903163Reviewed-by:
Jakob Gruber <jgruber@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#51106}
-