With bytecode flushing and lazy feedback allocation, we need to call
%PrepareForOptimization before we call %OptimizeFunctionOnNextCall,
ideally after declaring the function.
Bug: v8:8801, v8:8394, v8:9183
Change-Id: I3fb257282a30f6526a376a3afdedb44786320d34
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1648255
Commit-Queue: Mathias Bynens <mathias@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Reviewed-by: Mythri Alle <mythria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#62119}
This fixes the representation type for values in JSArray::length fields
when JSNativeContextSpecialization lowers loads. Only arrays with fast
elements kind are guaranteed to have a Smi represented length.
R=bmeurer@chromium.org
TEST=mjsunit/regress/regress-4515
BUG=v8:4515, v8:4493, v8:4470
LOG=n
Review URL: https://codereview.chromium.org/1410393006
Cr-Commit-Position: refs/heads/master@{#31558}
