Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(26)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 196283004: Fix of argument materialization of captured heap numbers. (Closed)

Created:
6 years, 9 months ago by Jarin
Modified:
6 years, 9 months ago
Reviewers:
Michael Starzinger
CC:
v8-dev
Visibility:
Public.

Description

Fix of argument materialization of captured heap numbers. The escape analysis calculates the number of slots in an object as no-of-slots = object-size / pointer-size. This gives 3 slots for heap numbers on 32-bit architectures (one slot for the map, two for the double value); however, my argument materialization code assumed just two slots (map + value). Since Hydrogen allocates heap numbers quite rarely, it is hard to produce a more meaningful repro than the one provided by Clusterfuzz. Any suggestions are welcome. The fix is simple - we just read out all extra slots (beyond the map and the double) for heap numbers. R=mstarzinger@chromium.org BUG=351315 LOG=N Committed: https://code.google.com/p/v8/source/detail?r=19874

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+22 lines, -13 lines) Patch
M src/deoptimizer.cc View 2 chunks +8 lines, -1 line 0 comments Download
A + test/mjsunit/regress/regress-351315.js View 1 chunk +14 lines, -12 lines 0 comments Download

Messages

Total messages: 3 (0 generated)
Jarin
6 years, 9 months ago (2014-03-11 23:59:08 UTC) #1
Michael Starzinger
LGTM.
6 years, 9 months ago (2014-03-12 09:24:10 UTC) #2
Jarin
6 years, 9 months ago (2014-03-13 07:17:44 UTC) #3
Message was sent while issue was closed. 
Committed patchset #1 manually as r19874 (presubmit successful).

Powered by Google App Engine
This is Rietveld 408576698