c_entry_fp is normally cleared in `LeaveExitFrame`, but we adjust
the frame without it in the exception path.
This can cause the SafeStackFrameIterator to assume we have an exit
frame and iterate over frames incorrectly, which for arm64 can
cause pointer authentication failures with CFI enabled. Even without
the pointer authentication failure, we iterate over frames incorrectly,
so make this change for other architectures too.
Also clear c_entry_fp in the beginning of JSEntry, after pushing it
on the stack. Not doing this doesn't cause pointer authentication
failures, but it will make the SafeStackFrameIterator assume we
are executing C++ and miss the JS frames on top.
Bug: v8:10026
Change-Id: Ie94834920f51e9f1cc5c1c775596726b61fc0507
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2642256
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Georgia Kouveli <georgia.kouveli@arm.com>
Cr-Commit-Position: refs/heads/master@{#72458}
The flags are enabled by default and have stable coverage.
This also removes the corresponding bots.
Bug: v8:10315
Change-Id: Icce01383050dff758b6554db8e0c3589d6e5459c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2658324
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72457}
Changes:
- Remove an obsolete TODO from wasm-module-builder.
- Replace CHECK with gTest's EXPECT in unittests.
- Remove setting of --experimental-wasm-liftoff-extern-ref in wasm-gc.
- Test test-gc/JSAccess with Liftoff.
- Remove useless #undef's from module-decoder-unittest.
Change-Id: I11b4a3dde9683cc9c7d1eb89b1a63e1859505aad
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2659063
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72455}
RegExpParser::ParseRegExpSyntax was added to allow the SpiderMonkey
embedding of irregexp to report early errors. It was removed in
https://chromium-review.googlesource.com/c/v8/v8/+/2509596 because it
was unused. This patch restores it, with a comment to prevent future
deletion.
Bug: v8:11368
Change-Id: Iebec7e14b92e9a0fccc08f2f1c85d8ff4d6173f1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2658037
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72453}
br_on_* instructions need a precisely typed branch target, as opposed
to being treated like regular br instructions.
Bug: v8:7748
Change-Id: Iedace79faf59d61cf2ce5ac88e633e07b5a2a43f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2655507
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72450}
Rolling v8/build: c083992..568bd76
Rolling v8/third_party/aemu-linux-x64: 2AjFHxe4t1iSrrSx8ayS9uaUpVgbf4uevQoAj-Pt5_0C..Y_rckHsnBv6dqNUbG4QoVkl3njqEx7ewCNGmqOE_h1MC
Rolling v8/third_party/catapult: https://chromium.googlesource.com/catapult/+log/9d5ec46..91735e2
Rolling v8/third_party/depot_tools: 558a304..cb07c52
Rolling v8/third_party/icu: f097906..f4147b2
Rolling v8/third_party/zlib: 2c183c9..c876c8f
Rolling v8/tools/clang: cc8d00a..9290907TBR=machenbach@chromium.org,tmrts@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com
Change-Id: I9be1ce5e4cd16c80304d60694429ad74cff0ddc2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2660942
Reviewed-by: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/heads/master@{#72448}
This reverts commit 352b9ecbdb.
Reason for revert: fuzzers turned up more problems:
https://bugs.chromium.org/p/chromium/issues/detail?id=1171759https://bugs.chromium.org/p/chromium/issues/detail?id=1171846tbr=ahaas@chromium.org,neis@chromium.org
Original change's description:
> Reland "Reland "[compiler][wasm] Align Frame slots to value size""
>
> This is a reland of 1694925c72
>
> Minor fix to linkage for constexpr.
>
> TBR=ahaas@chromium.org,neis@chromium.org
>
> Original change's description:
> > Reland "[compiler][wasm] Align Frame slots to value size"
> >
> > This is a reland of cddaf66c37
> >
> > Original change's description:
> > > [compiler][wasm] Align Frame slots to value size
> > >
> > > - Adds an AlignedSlotAllocator class and tests, to unify slot
> > > allocation. This attempts to use alignment holes for smaller
> > > values.
> > > - Reworks Frame to use the new allocator for stack slots.
> > > - Reworks LinkageAllocator to use the new allocator for stack
> > > slots and for ARMv7 FP register aliasing.
> > > - Fixes the RegisterAllocator to align spill slots.
> > > - Fixes InstructionSelector to align spill slots.
> > >
> > > Bug: v8:9198
> > >
> > > Change-Id: Ida148db428be89ef95de748ec5fc0e7b0358f523
> > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2512840
> > > Commit-Queue: Bill Budge <bbudge@chromium.org>
> > > Reviewed-by: Georg Neis <neis@chromium.org>
> > > Reviewed-by: Andreas Haas <ahaas@chromium.org>
> > > Cr-Commit-Position: refs/heads/master@{#71644}
> >
> > Bug: v8:9198
> > Change-Id: Ib91fa6746370c38496706341e12d05c7bf999389
> > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2633390
> > Commit-Queue: Bill Budge <bbudge@chromium.org>
> > Reviewed-by: Andreas Haas <ahaas@chromium.org>
> > Reviewed-by: Georg Neis <neis@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#72195}
>
> Bug: v8:9198
> Change-Id: I91e02b823af8ec925dacf075388fb22e3eeb3384
> Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2640890
> Reviewed-by: Bill Budge <bbudge@chromium.org>
> Commit-Queue: Bill Budge <bbudge@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#72209}
TBR=bbudge@chromium.org,neis@chromium.org,ahaas@chromium.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: v8:9198
Change-Id: Ifee566e3e82f2e774525996b038ce135190d0be1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2660378
Commit-Queue: Bill Budge <bbudge@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72447}
kNumberOfSavedGpParamRegs is based on the number of registers
defined under Generate_WasmCompileLazy within the builtins and not
the list under wasm-linkage.h.
More information can be found within the comments of this CL:
https://crrev.com/c/2656857
Change-Id: I9d2122545120c95b7686c98eb838ab25ea376bf1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2659756
Commit-Queue: Milad Fa <mfarazma@redhat.com>
Reviewed-by: Junliang Yan <junyan@redhat.com>
Cr-Commit-Position: refs/heads/master@{#72446}
Hosts are not supposed to rely on the ordering of import assertions list
received from V8. Thus, as a simplification, remove the sorting of the
import assertions passed to the HostImportModuleDynamically callback.
Update the corresponding test so that it doesn't require any particular
ordering of assertions.
Import asssertions for static imports will continue to be sorted. These
need to have a consistent ordering for purposes of deduplication in
SourceTextModuleDescriptor::module_requests_, so removing sorting of
these wouldn't simplify much.
Bug: v8:10958
Change-Id: I2cb07c4e68f24fa45152bf3f4321938bf94d84ba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2653170
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Commit-Queue: Dan Clark <daniec@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#72445}
We have macro lists defined for these SSE instructions, use them for
disassembly.
Bug: v8:11074
Change-Id: Ide714ba488913a95078573db70d34a4f5d61ef9c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2648186
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72444}
We don't need separate Load32Zero and Load64Zero instructions, since the
implementation is LdrS and LdrD, which we already have.
Bug: v8:11038
Change-Id: I784ec8dc419c0d59de97eb2bb0b464c176dacae1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2501969
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72443}
Bug: v8:11353
Change-Id: Iba5b6a2740a5fca55c5f4cee53367fb6413ba3d5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2659635
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72441}
In https://crrev.com/c/2645694 we push the full q registers before lazy
compile, but we did not change the fixed frame size to account for the
wider registers being pushed.
This manifested in the frame having data like:
(gdb) x/10xg start.ptr_
0x7f5576ff3eb0: 0x0000000000000000 0x0000336b08202759
0x7f5576ff3ec0: 0x7ff000007f801000 0x0000000000000000
0x7f5576ff3ed0: 0x7ff000007f801001 0x0000000000000000
0x7f5576ff3ee0: 0x7ff000007f801002 0x0000000000000000
0x7f5576ff3ef0: 0x7ff000007f801003 0x0000000000000000
The GC then walks part of this frame, thinking that 0x7ff000007f801003
is a heap object, and then crashes.
Add some static_asserts (similar to builtins-x64) to remind ourselves
that the pushed registers have to match the size in frame constants.
Bug: chromium:1161555,v8:11358
Change-Id: Ic5138cc17ad44ccab9121ca226f9f812afef72c7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2656857
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72439}
Even though we sped up the test since the first landing of the CL, it
still sometimes times out on TSan. Since TSan coverage is not needed for
this test, just skip it.
R=adamk@chromium.org
Bug: v8:11369
Change-Id: I7825d1824ad34fccc313459a115b38eae1d5b553
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2659262
Commit-Queue: Adam Klein <adamk@chromium.org>
Auto-Submit: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72437}
Advance v8::Isolate::CreateParams::supported_import_assertions from
V8_DEPRECATE_SOON to V8_DEPRECATED now that Blink has stopped
setting it.
Bug: v8:10958
Change-Id: I502f08c0c2e424f3afae3a6cb11835376a847bcb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2656936
Reviewed-by: Marja Hölttä <marja@chromium.org>
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Dan Clark <daniec@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#72436}
This adds a regression test for https://crrev.com/c/2652488. The test
reduces the available code space such that it would trigger an OOM
condition if code is not garbage-collected.
In order to guarantee garbage-collection in all configurations, an
explicit interrupt check is added to the WasmDebugBreak runtime
function.
R=thibaudm@chromium.org
Bug: chromium:1168564
Change-Id: I8fce7aa5128c9e3c9a7e2d2e7397c394fec7de85
Cq-Include-Trybots: luci.v8.try:v8_linux64_asan_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_isolates_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel_ng
Cq-Include-Trybots: luci.v8.try:v8_mac64_asan_rel_ng
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2652490
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72435}
Actual FeedbackVector IC slots don't participate in the Ref class, since
they are read during serialization as we process bytecode. So
FeedbackVectorRef really only deals with the FeedbackCell array and
the SharedFunctionInfo. These two types are already in the no serialized
list, so it's pretty easy to move this class over there too.
Bug: v8:7790
Change-Id: I51b7bf4c3404ae5bcfb16d29b5e719787ddd6b17
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2656317
Commit-Queue: Michael Stanton <mvstanton@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72432}
We were doing the cache lookup using the original {wire_bytes_vec}, but
then inserting the module with another copy stored in the
{NativeModule}. This causes {NativeModuleCache::Key::operator<} to do a
full {memcmp} on the two wire bytes copies.
By using the same pointer consistently, we can avoid that costly
{memcmp}.
R=thibaudm@chromium.org
Bug: v8:11164
Change-Id: I19ba1022f700d8da40671818ee2e2ebdbbddd5c0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2658329
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72431}
Adds getters for GC phases to be used by advanced embedders to ensure
and check consistency conditions as needed.
Bug: chromium:1056170
Change-Id: Ia0b219f838bf31f0edbfe40585b95bb5eafa734d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2658328
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72430}
The delegate instruction is invalid in the following cases:
- When the target is not a try block or the function block,
- When the instruction is inside a catch handler of the target.
R=clemensb@chromium.org
Bug: v8:8091
Change-Id: Ic59e8314982166863ba2078e2b3b39e3ba488a74
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2656318
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72428}
Avoid constructing the frame summary (and a std::vector) just for
getting the function index. Just get it from the code instead (where
also the frame summary would get it from).
R=jkummerow@chromium.org
Bug: v8:11074
Change-Id: Ie9957e145d6b641fb211b03ef593d57afd310c91
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2653230
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72427}
Tolerance was set to 50 microseconds. This is not enough and causes
flaky failures. Tolerance is needed because we record milliseconds and
an empty scope can still take a few milliseconds to create and destroy.
Increasing the tolerance to 500 microseconds should suffice and makes
sense for the test. All expected values are in 10s of milliseconds, so
half a millisecond tolerance should be reasonable.
Bug: v8:11367
Change-Id: I2d284efe5176ec9938b6a378f4b5f1bda0e58781
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2659058
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Auto-Submit: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72426}
We use a heuristic that tiers up small functions at the first tick to
optimize the small functions early. When tiering up from Turboprop it
isn't important to tier up these functions quite early since they are
already executing optimized code.
Bug: v8:9684
Change-Id: Iaa647e0e03f0b4bf9cd0da7feb1e2d0e36004bc1
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2656258
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72425}
MiscField was still used in places where it should be replaced with the
new AccessModeField, to avoid conflicts with the LaneSizeField.
LaneSizeField is only used on arm64, but update other architectures too
for consistency.
Bug: v8:11098
Change-Id: Ib012ab7b1243f3bd586a8d824ca686d914f482bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2658322
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72424}
Insertion into the map is expensive, hence avoid inserting every single
code object. Instead, collect them in a {std::vector}, and only insert
them when the {owned_code_} map is being used. By sorting the vector
before inserting into the map, we can make most insertions constant time
instead of logarithmic in the size of the map, by using the previous
insert position as a hint for the next one.
Drive-by: Remove an unneeded {WasmCodeRefScope}.
R=thibaudm@chromium.org
Bug: v8:11164
Change-Id: I3cc47f627eca40ea747d3e8388f93094650bbe19
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2656259
Reviewed-by: Thibaud Michaud <thibaudm@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72423}
Fix 1: Track Scope::needs_home_object and Scope::uses_super_property
accurately. When "eval" is seen, figure out whether it can access
"super" and if yes, set the corresponding home object as needed.
Fix 2: The object literal scope shouldn't be entered for things
inside spreads.
Original: https://chromium-review.googlesource.com/c/v8/v8/+/2563275
Previous reland: https://chromium-review.googlesource.com/c/v8/v8/+/2637220
This saves memory (the home object doesn't need to be stored for each
method, but only once per class) and hopefully makes the home object
a constant in the optimized code.
Detailed documentation of the changes:
https://docs.google.com/document/d/1ZVXcoQdf9IdMsnRI9iyUjyq9NDoEyx9nA3XqMgwflMs/edit?usp=sharing
Bug: v8:9237
Bug: chromium:1167918
Bug: chromium:1167981
Bug: chromium:1167988
Bug: chromium:1168055
Bug: chromium:1171195
Bug: chromium:1171600
Change-Id: I9686e0d90cd0c1128757eca440a88748897ee91e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2655509
Commit-Queue: Marja Hölttä <marja@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72422}
i8x16.popcnt uses PSHUFB instruction, which is slow on the old Atom
processors. Add an extra i8x16.popcnt implementation for those using
HACKMEM-inspired divide-and-conquer algorithm.
R=zhin@chromium.org, gdeepti@chromium.org
Change-Id: I4e130428fea8c3cf3be1bd6da7308fc752b2132a
Bug: v8:11002
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2656858
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Reviewed-by: Deepti Gandluri <gdeepti@chromium.org>
Commit-Queue: Marat Dukhan <maratek@google.com>
Cr-Commit-Position: refs/heads/master@{#72421}
Make sure there are space between day and hour in the pattern
when we alternate date pattern for the change of hour cycle.
Bug: chromium:1170305
Change-Id: I2714111dcdedeefafdb854d1684f301786273303
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2654002
Commit-Queue: Frank Tang <ftang@chromium.org>
Reviewed-by: Frank Tang <ftang@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72418}
Ensure that we don't concurrently modify the StringsStorage map when
getting a copy of a string.
Bug: v8:11054
Change-Id: I6ad61838d7c5e8a6e9ff21aac04da8d353e41ad5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2648821
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Commit-Queue: Andrew Comminos <acomminos@fb.com>
Cr-Commit-Position: refs/heads/master@{#72416}
PostMessage of an ArrayBuffer that is not detachable should result
in a DataCloneError.
Bug: chromium:1170176, chromium:961059
Change-Id: Ib89bbc10d2b58918067fd1a90365cad10a0db9ec
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2653810
Reviewed-by: Adam Klein <adamk@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Deepti Gandluri <gdeepti@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72415}
Allows for prohibiting GCs and will result in a crash in case a GC
finalization event is triggered.
Complements NoGarbageCollectionScope which ignores GC finalization
events.
Bug: chromium:1056170
Change-Id: Ie2a72a8675462b24692225af17c8f284318337ba
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2656260
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72413}
Embedders forward the Value in TraceEphemeron as Member reference (as
depicted in the API docs). Add TraceTrait<Member<T>> that forwards to
TraceTrait<T> accordingly, supporting the intended use case.
Bug: chromium:1056170
Change-Id: I3b247cb3553ae34d9ff5393aefeaec24068e78c2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2656255
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72412}
1) Wasm code is not associated with a Code object, hence
WasmFrame::unchecked_code will always return a null object. Hence we
can use the default implementation from TypedFrame and avoid the
lookup on the heap which will always fail.
2) InternalFrame inherits from TypedFrame, hence can also reuse the
unchecked_code implementation from TypedFrame.
3) Use "{}" instead of "Code()" to return "nothing".
R=jkummerow@chromium.org
Bug: v8:11074
Change-Id: I142d2f21c05bf87cafa5ba6e7f463510be6c70bb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2653229
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#72410}
