mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions
electron/patches/v8/cherry-pick-70d2fe6b7c47.patch
Keeley Hammond 1ec867c8a1
chore: cherry-pick 11 changes from 3-M126 (#43141) 
* chore: [30-x-y] cherry-pick 11 changes from 3-M126

* d54105311590 from chromium
* 43b8b682d05c from chromium
* c5dd8839bfaf from chromium
* cdbc1d9684a3 from v8
* 38e4483e47f9 from chromium
* 70d2fe6b7c47 from v8
* 901377bb2f3b from v8
* 1b9040817119 from chromium
* bb28367eed73 from v8
* 99cafbf4b4b9 from chromium
* bc545b15a0ee from v8

* chore: update patches

* 5639725: [wasm] Fix scanning of wasm-to-js params | https://chromium-review.googlesource.com/c/v8/v8/+/5639725

* 5672472: [M120-LTS] Prevent script injection on reload when racing with a navigation | https://chromium-review.googlesource.com/c/chromium/src/+/5672472
2024-08-02 10:11:51 +02:00

32 lines
1.5 KiB
Diff
Raw Blame History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Leszek Swirski <leszeks@chromium.org>
Date: Fri, 21 Jun 2024 15:11:40 +0200
Subject: Allow reduced hasInstance to abort
Fixed: 343507800
Change-Id: I579041fe82e975d83a72e4744013cb04c4d3dc70
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/5644891
Commit-Queue: Toon Verwaest <verwaest@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/main@{#94585}
diff --git a/src/maglev/maglev-graph-builder.cc b/src/maglev/maglev-graph-builder.cc
index efcdd6d2028a5e0f0ec1149925ab2e1fe5f90412..78f4dd57d339eaad8b265721ef37137291da7940 100644
--- a/src/maglev/maglev-graph-builder.cc
+++ b/src/maglev/maglev-graph-builder.cc
@@ -8639,10 +8639,9 @@ ReduceResult MaglevGraphBuilder::TryBuildFastInstanceOf(
if (has_instance_field->IsJSFunction()) {
SaveCallSpeculationScope saved(this);
- ReduceResult result =
- ReduceCallForConstant(has_instance_field->AsJSFunction(), args);
- DCHECK(!result.IsDoneWithAbort());
- call_result = result.value();
+ GET_VALUE_OR_ABORT(
+ call_result,
+ ReduceCallForConstant(has_instance_field->AsJSFunction(), args));
} else {
call_result = BuildGenericCall(GetConstant(*has_instance_field),
Call::TargetType::kAny, args);
Reference in a new issue View git blame Copy permalink