The LinkageLocation currently consists of two fields, a bit_field and a
machine_type. The existing equality check only checked the equality of
the bit_field, which meant that a FP register location and a GP register
location could alias. I added a static {IsSameLocation} function which
checks that not just the bit_field but also if one of the two locations
at least has a subtype of the other. Note that we do not check for
type-equality because {CanTailCall} checks, which are the main user of
the LinkageLocation equality check, should pass even if the result types
are in a sub-typing relationship.
R=mstarzinger@chromium.org
Bug: v8:9396
Change-Id: Iaa2d11311d0c18e8ffc1dd934e369106ab2456a6
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1763533
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63319}
This CL implements the nullish operator in bytecode as defined by:
https://github.com/tc39/proposal-nullish-coalescing. It can be
enabled by passing '--harmony-nullish'.
Nullish is similar to logical operators, but instead of truthy/falsey
values, it short circuits when it evaluates a null or undefined value.
Bug: v8:9547
Change-Id: Ia0f55877fc2714482b5547942baef9733537d1b9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1738568
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63317}
This CL consists of several preparatory steps for slices in Torque. Above all, it introduces a user-defined struct, torque_internal::Slice<T>, that performs bounds checking and returns references to elements in arrays. To enable this, several smaller changes were also made:
- Constructors of internal classes such as torque_internal::Reference<T> now require a special 'Unsafe' argument, making it clear that there be dragons.
- Struct methods are now declared during finalization. This allows instances of generic structs to have methods referring to the same struct. Previously, methods would be declared before the instance had been fully registered, leading to errors during type resolution. Furthermore, such methods were declared in a temporary namespace, that would then erroneously escape and lead to use-after-free issues.
- Instances of TypeArgumentInference were not running in the correct (Torque) scopes, leading to type resolution errors.
- The chain of ContextualVariable::Scope for any given ContextualVariable (such as CurrentScope) can now be walked, simplifying debugging.
R=jgruber@chromium.org, tebbi@chromium.org
Bug: v8:7793
Change-Id: I36f808f63cc3ce441062dfc56f511f24f1e3121e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1758322
Commit-Queue: Georg Schmid <gsps@google.com>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63314}
The linkage should not have any knowledge about the existance of nodes.
R=mstarzinger@chromium.org
Bug: v8:9396
Change-Id: If10bf113c6ec19c434573a8d9bb7b736caef5dee
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1763532
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63313}
This adds type reflection support to the {WebAssembly.Module.exports} as
well as {WebAssembly.Module.imports} method. It also refactors existing
reflective code to use the internal instead of the public embedder API,
which is slightly more efficient anyways.
R=ahaas@chromium.org
TEST=mjsunit/wasm/type-reflection
BUG=v8:7742
Change-Id: I88a6c7e9236a549808707c72e40a63302b7747a9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1763527
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63312}
This just adds a test case checking against the current behavior, but
expectations might change once the proposal is clarified. For details
see: https://github.com/WebAssembly/js-types/issues/11R=ahaas@chromium.org
TEST=mjsunit/wasm/type-reflection
BUG=v8:7742
Change-Id: I2fc502460c0a8094a414d138703b75497b2d1c6f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762517
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63311}
With the added parenthesis from a previous CL, clang-format does a
decent job of formatting the nested ternary operator statement.
R=leszeks@chromium.org
Change-Id: If2f5db766b6234a44f771c167f9831adda5dbd43
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762301
Auto-Submit: Simon Zünd <szuend@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63308}
This CL fixes a bug where function proxies were reported as functions
instead as proxies to devtools, which caused dev-tools to call methods
on the function, possibly triggering side-effects.
Change-Id: I1d5d234b784601bd4b7ec91107e4b0cf0d877d07
Bug: chromium:995753
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762303
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63307}
The tests were assuming that the destructor leaves behind memory in a
defined state when the object was allocated with placement new. Turns
out gcc with no component builds optimizes away the resetting of the
memory.
There's a simpler way to test the functionality by inspecting global
handle counts.
Bug: v8:9639, chromium:995684
Change-Id: I253d84910414c62ca314507b20d2c819f925ea6e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762512
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63303}
When regexp match indices are enabled, we stash required data in the JSRegExpResult object,
and then build a JSRegExpResultIndices object lazily when the 'indices' property is
accessed.
This cl simply checks that fast and slow paths produce the same values for
result.indices and result.indices.groups.
Change-Id: I6322d8eaef4c6e5a0ed3a5aef8b2ff05ac2b2c7a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1763249
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63301}
This set of macros was only used for one test, while another versions
exists in the header file that's used in the rest of the tests. Clean up
the duplication.
R=ahaas@chromium.org, titzer@chromium.org
Change-Id: I851c47a0748b5c78d9a966dfb59b95a3381e7cf7
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1747179
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63300}
This adds type reflection support to the {WebAssembly.Module.exports} as
well as {WebAssembly.Module.imports} method. It also refactors existing
reflective code to use the internal instead of the public embedder API,
which is slightly more efficient anyways.
R=ahaas@chromium.org
TEST=mjsunit/wasm/type-reflection
BUG=v8:7742
Change-Id: Ic51b7b4744f7b3ad056a778aecfc4614ca8d6e75
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762019
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63299}
Some scopes that were subtracted were not part of the outer scopes and
thus can result in negative values.
Change-Id: I2264b27c4b7a48075fed4e3afaa6b6dd27d8daa4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762299
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63298}
Before this cl, we always added slack to JSRegExpResult's initial_map.
However, this is incorrect. Now we only add slack to JSRegExpResult's initial map
if we intend to actually append the indices descriptor.
Bug: chromium:996099
Change-Id: Iac23e92415a9b60409915ff1de9634326ed109c5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1763064
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63297}
private name was not found in the current scope. Outer private names
were sometimes coincidentally correctly resolved if the innermost
ClassScope does not need to allocate a context and does not have a
ScopeInfo.
ClassScope: :LookupPrivateName was not walking the scope chain when a
Change-Id: I18937e6cdf2ad4ae15825b11762fbec7a1358145
Bug: v8:9635
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1761547
Reviewed-by: Sathya Gunasekaran <gsathya@chromium.org>
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63295}
Since the mutability of HeapNumbers is determined by their owning
object's descriptor array, we can remove the MutableHeapNumber type
entirely, at the cost of a few fewer DCHECKs and a couple of TODOs
to use the descriptor array information.
This is a necessary step towards a follow-up which allows in-place
Double -> Tagged transitions
Design doc: https://docs.google.com/document/d/1VeKIskAakxQFnUBNkhBmVswgR7Vk6T1kAyKRLhqerb4/
Bug: v8:9606
Change-Id: I13209f9c86f1f204088f6fd80089e17d956b4a50
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1743972
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63294}
Previously, without support for converting strings to numbers we'd
switch to megamorphic state and go to the runtime always to do the
conversion causing a performance cliff.
This patch improves the following js-perf-test scores:
Object-Lookup-String-Constant-BytecodeHandler: 4.25%
Object-Lookup-Index-String-BytecodeHandler: 5.41%
Bug: v8:9449
Change-Id: I63787fa84373fc946f1304b0141e48a52a1b4bcb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1690953
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Sathya Gunasekaran <gsathya@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63293}
Bug: v8:9528
Change-Id: I7df27c3ee949a4c44fa0f78cfded6d8c34575e6b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1754445
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63292}
ReduceTypedArrayPrototypeToStringTag, ReduceObjectGetPrototype and
ReduceObjectGetPrototype are now heap-access free.
Bug: v8:7790
Change-Id: If7f7ae4c7712326240aa50e02189fee94a57afa9
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762022
Commit-Queue: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63291}
5th attempt to reland now that crash with cpu profiler combined with
code caching is fixed.
Bug: v8:8510
Change-Id: I3489150a5067c41c36a4b468e412f9398a55135d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762293
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63290}
TracedGlobal is already cleared by V8 during garbage collections. It's
the embedders responsibility to clear the reference if it destroys the
underlying reference through other means.
Allow embedders to specify whether they want TracedGlobal to execute
clear on destruction via TracedGlobalTrait.
Bug: chromium:995684
Change-Id: Ieb10cf21f95eb97e01eff15d4fbd83538f17cf7c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762007
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63289}
When deserializing from a code snapshot with logging enabled (e.g. when
profiling) then this ensures source positions are collected before
creating code events that need them.
Bug: chromium:994673, v8:9504
Change-Id: Iad7644e983d3004c4889615cf2104dc4ef40da46
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762023
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Dan Elphick <delphick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63286}
Extend the order-independent annotation parsing logic to include the
following forms:
@foo // bare annotation (already supported)
@foo(0x70) // decimal literal
@foo(HI) // identifier
@foo("hello there") // quoted string
This is obviously still pretty far from annotations in other languages,
which usually support arbitrary expressions and multiple parameters, but
I think it's sufficient to cover a pretty good variety of usages. The
existing class-field annotations @if and @ifnot are reimplemented in the
new style, meaning they could now appear in any order relative to other
annotations on the same field (and can be repeated, though I doubt it
would be of much use to anybody).
Change-Id: I97b7c0c9a541ca3126b5ae3a2484688b04dda9f4
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1754947
Commit-Queue: Seth Brenith <seth.brenith@microsoft.com>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63285}
This patch implements the declaration of private accessors.
When iterating over the class properties, we track private
accessors associated with the same name in a ZoneHashMap.
Once we get to all the necessary components for a private name
(we know statically whether we should expect only a setter,
only a getter, or both), we emit a call to a runtime function
`CreatePrivateAccessors` that creates an AccessorPair, and
store the components in it. The AccessorPair is then associated
with the private name variable and stored in the context
for later retrieval when the private accessors are accessed.
Design doc: https://docs.google.com/document/d/10W4begYfs7lmldSqBoQBBt_BKamgT8igqxF9u50RGrI/edit
Bug: v8:8330
Change-Id: Ie6d3882507d143b1f645d7ae82b21b7358656e89
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1725670
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63284}
Fixes bytecode mismatch between lazy and non-lazy where "this" was
marked as maybe assigned in constructors that called the super
constructor. Since this will return the hole in cases where it was not
yet initialized by super (and the hole is explicitly handled by
JSContextSpecialization::ReduceJSLoadContext), it's safe to treat it as
a constant in all cases. In the case of lazy compilation case, "this"
is never added to the ScopeInfo so is never seen as mutable.
Bug: chromium:994719
Change-Id: I43478fbc626b19eb1533aa9dec61b7f276ae140b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762025
Commit-Queue: Dan Elphick <delphick@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63283}
Do not pass it as argument to CreateObjectFillerAt and remove the enum.
Bug: v8:9454
Change-Id: Iafa37acbfea73d3cabb1732dbec0944db859fac2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762017
Reviewed-by: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63282}
Before dd6f4d4f4c, this function was reading a single u8 and verifying
that it was 0x00. The referenced commit dropped this check as part of
implementing decoding for table.get, but neglected to change the read type
to u32v, which is the specified type of this immediate. Fix that.
R=ahaas@chromium.org, titzer@chromium.org
Change-Id: Ic2ce795023ec57be2c95aa79e62d3ccd1aa9c43c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1747178
Commit-Queue: Andreas Haas <ahaas@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63281}
This just adds the upstream tests; our implementation already had support.
Change-Id: If8d340ebe79eae65d12164a01883482d521b8451
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762287
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63280}
The deoptimizer calculates frame layout based on the translation's
`height` field, together with additional data (e.g.: are we looking at
the topmost frame? what kind of deopt are we in?). The result is the
final deoptimized frame size in bytes, together with a bunch of
intermediate results such as the variable frame size (= without the
fixed-size portion).
In order to consider the deoptimized frame size in optimized stack
checks, we will need to calculate the frame layout during compilation
in addition to what we currently do during deoptimization. This CL
moves in that direction by extracting relevant parts of frame layout
calculation into classes that can be reused by both compiler and
deoptimizer.
These helpers will support both precise and conservative modes; the
deoptimizer will use the precise mode (since it has full information),
while the instruction selector will use the conservative mode.
Bug: v8:9534
Change-Id: I93d6c39f10d251733f4625d3cc161b2010652d02
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1760825
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63279}
... at graph building time already, just like we do for other property
accesses.
Bug: v8:7790
Change-Id: I7ffc8ee4fb1df91fc59271edd7b70c14f531330a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762018
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63278}
... to prepare for merging this back to stable channel.
Bug: chromium:992914
Change-Id: Icbb257b5c02417d9222e60346575567360376264
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762021
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Leszek Swirski <leszeks@chromium.org>
Auto-Submit: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63277}
This adds type reflection support to the {WebAssembly.Module.exports} as
well as {WebAssembly.Module.imports} method. It also refactors existing
reflective code to use the internal instead of the public embedder API,
which is slightly more efficient anyways.
R=ahaas@chromium.org
TEST=mjsunit/wasm/type-reflection
BUG=v8:7742
Change-Id: I168741d382373ec47ebe0517ce7803732cbb3b24
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762011
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63276}
When TNodifying LoadMap, I went did a proper LoadObjectField<Map> and
removed UncheckedCast. However, TNodification makes some code objects
too big, as in Large code objects.
This makes the x64 no embed bot green again.
Bug: v8:9637
Change-Id: I5cb36834d7134c459ff2e2f11a852dd8c8ba5d94
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762015
Auto-Submit: Santiago Aboy Solanes <solanes@chromium.org>
Commit-Queue: Tobias Tebbi <tebbi@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63275}
This is a CL in a string of CLs that aims to TNodify CSA. In particular,
there were some loads that were done in AnyTagged instead of
TaggedPointer. TNode-ifying them brings improvement in pointer
compression since we are able to decompress using the Pointer
decompression.
Bug: v8:6949, v8:9396
Change-Id: I368d4f85348f3560a7f71bf66ebc7c4dd978a8dd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1752854
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63274}
This adds type reflection support to the {WebAssembly.Module.exports} as
well as {WebAssembly.Module.imports} method. It also refactors existing
reflective code to use the internal instead of the public embedder API,
which is slightly more efficient anyways.
R=ahaas@chromium.org
TEST=mjsunit/wasm/type-reflection
BUG=v8:7742
Change-Id: I5f20ea57261f6433b8d86f55054216bf96b41382
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1760826
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63273}
Implements match indices for regexp, as specified by
https://github.com/tc39/proposal-regexp-match-indices,
a stage 3 TC39 proposal. This implementation is hidden
behind the '--harmony-regexp-match-indices' flag.
Regexp match indices extends the JSRegExpResult object
with an array of indices of matches, as well as a
dictionary of capture names to match indices.
Bug: v8:9548
Change-Id: I9866a2d1f5af6a507de710357cb5e74c694e7558
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1734937
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Adam Klein <adamk@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63272}
Immediately remove recorded old-to-new slots when shrinking objects.
This operation needs to drain the store buffer, however the store buffer
is supposed to be removed anyway.
Also do not remove slots when left-trimming since this isn't needed for
correctness.
Bug: v8:9454
Change-Id: I751baf2dcd03c87aee9cb1ebd168e05bf373a738
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762012
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63271}
Bug: v8:7790
Change-Id: I2b9971b7944837a5a6943e401b8c9d91f25c515e
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1762016
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Auto-Submit: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63270}
