-
Teodor Dutu authored
In order to support a larger heap cage (8GB, 16GB), the cage offset will take up more than 32 bits. As a consequence, for 8GB cages, the least significant bit of the cage offset will overlap with the most significant bit of the tagged offset. To avoid this, allocations need to be aligned to 8 or 16 bytes to free up one or two bits from the offset. The allocation top is kept properly aligned without adding fillers in the newly created gaps, by aligning allocation sizes to 8 bytes. Bug: v8:13070 Change-Id: I169b51e583d7a4be61d2a6c6060fcf74b410703c Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3877147Reviewed-by: Dominik Inführ <dinfuehr@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Teo Dutu <teodutu@google.com> Reviewed-by: Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/main@{#83277}
17b903a2
Name |
Last commit
|
Last update |
---|---|---|
.. | ||
DIR_METADATA | ||
OWNERS | ||
roots-inl.h | ||
roots.cc | ||
roots.h |