[crankshaft] Protect against deopt loops from string length overflows.
Crankshaft just unconditionally deoptimizes the code when the length of a string addition result would overflow. In order to protect against deopt loops we insert a global protector cell. We will use the same mechanism for inlining certain string additions into TurboFan as well, and protecting against overflow (we will also extend this to deal with String.prototype.concat and friends once we get there). BUG=v8:5404 R=jarin@chromium.org,hpayer@chromium.org CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux64_msan_rel Committed: https://crrev.com/cb19257a926a55209a6d6858ce26d51a0447ba71 Review-Url: https://codereview.chromium.org/2348293002 Cr-Original-Commit-Position: refs/heads/master@{#39511} Cr-Commit-Position: refs/heads/master@{#39525}
Showing
Please
register
or
sign in
to comment