f7cc70de2b
Fixes the iteration after emitting an unconditional deopt to kill all Jumps along the way, not just ones preceeding a merge point. This fixes several issues: a) That Jump may be to a not yet created merge point, in which case we were getting a nullptr deref. b) Not-yet created merge points would not be detected as merge points, so we'd skip over them and miss killing the control node before them. c) We weren't reducing predecessor counts, so even after fixing the nullptr deref above, merge states created later would have the wrong predecessor count. Now, we check bytecode targets (including fallthrough for non-returning bytecodes) on for every bytecode, and skip over both not-yet created merges, and loop merges that have no predecessors other than the loop jump itself. As part of this, the dead predecessor merging is changed; instead of setting the predecessor to nullptr, we drop the predecessor count by one, and trim any Phis' input counts. Bug: v8:7700 Change-Id: I904c82df7c5dd44d7637e07f6750b35e7e219284 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3599470 Reviewed-by: Victor Gomes <victorgomes@chromium.org> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#80083} |
||
---|---|---|
.github | ||
bazel | ||
build_overrides | ||
custom_deps | ||
docs | ||
gni | ||
include | ||
infra | ||
samples | ||
src | ||
test | ||
testing | ||
third_party | ||
tools | ||
.bazelrc | ||
.clang-format | ||
.clang-tidy | ||
.editorconfig | ||
.flake8 | ||
.git-blame-ignore-revs | ||
.gitattributes | ||
.gitignore | ||
.gn | ||
.mailmap | ||
.style.yapf | ||
.vpython | ||
.vpython3 | ||
.ycm_extra_conf.py | ||
AUTHORS | ||
BUILD.bazel | ||
BUILD.gn | ||
CODE_OF_CONDUCT.md | ||
codereview.settings | ||
COMMON_OWNERS | ||
DEPS | ||
DIR_METADATA | ||
ENG_REVIEW_OWNERS | ||
INFRA_OWNERS | ||
INTL_OWNERS | ||
LICENSE | ||
LICENSE.fdlibm | ||
LICENSE.strongtalk | ||
LICENSE.v8 | ||
LOONG_OWNERS | ||
MIPS_OWNERS | ||
OWNERS | ||
PPC_OWNERS | ||
PRESUBMIT.py | ||
README.md | ||
RISCV_OWNERS | ||
S390_OWNERS | ||
WATCHLISTS | ||
WORKSPACE |
V8 JavaScript Engine
V8 is Google's open source JavaScript engine.
V8 implements ECMAScript as specified in ECMA-262.
V8 is written in C++ and is used in Google Chrome, the open source browser from Google.
V8 can run standalone, or can be embedded into any C++ application.
V8 Project page: https://v8.dev/docs
Getting the Code
Checkout depot tools, and run
fetch v8
This will checkout V8 into the directory v8
and fetch all of its dependencies.
To stay up to date, run
git pull origin
gclient sync
For fetching all branches, add the following into your remote
configuration in .git/config
:
fetch = +refs/branch-heads/*:refs/remotes/branch-heads/*
fetch = +refs/tags/*:refs/tags/*
Contributing
Please follow the instructions mentioned at v8.dev/docs/contribute.