-
Dan Elphick authored
Fixes bytecode mismatch between lazy and non-lazy where "this" was marked as maybe assigned in constructors that called the super constructor. Since this will return the hole in cases where it was not yet initialized by super (and the hole is explicitly handled by JSContextSpecialization::ReduceJSLoadContext), it's safe to treat it as a constant in all cases. In the case of lazy compilation case, "this" is never added to the ScopeInfo so is never seen as mutable. Bug: chromium:994719 Change-Id: I43478fbc626b19eb1533aa9dec61b7f276ae140b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762025 Commit-Queue: Dan Elphick <delphick@chromium.org> Reviewed-by:
Ross McIlroy <rmcilroy@chromium.org> Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#63283}
dd547367
| Name |
Last commit
|
Last update |
|---|---|---|
| .. | ||
| benchmarks | ||
| cctest | ||
| common | ||
| debugger | ||
| fuzzer | ||
| inspector | ||
| intl | ||
| js-perf-test | ||
| memory | ||
| message | ||
| mjsunit | ||
| mkgrokdump | ||
| mozilla | ||
| preparser | ||
| test262 | ||
| torque | ||
| unittests | ||
| wasm-api-tests | ||
| wasm-js | ||
| wasm-spec-tests | ||
| webkit | ||
| BUILD.gn | ||
| OWNERS |