Caging strings only protects us from string-based read gadgets. It's also a slow-down on some benchmarks and a memory use regression. The benefit/cost isn't big enough to keep this around so we should go back to allocating strings the normal way.
Created attachment 339347 [details] possible patch
Created attachment 339437 [details] the patch
Created attachment 339465 [details] the patch
Comment on attachment 339465 [details] the patch View in context: https://bugs.webkit.org/attachment.cgi?id=339465&action=review > Source/bmalloc/bmalloc/Gigacage.h:38 > #define PRIMITIVE_GIGACAGE_SIZE 0x80000000llu > #define JSVALUE_GIGACAGE_SIZE 0x40000000llu Might be worth expanding one (or both) of these
Created attachment 339470 [details] patch for landing
(In reply to Saam Barati from comment #4) > Comment on attachment 339465 [details] > the patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=339465&action=review > > > Source/bmalloc/bmalloc/Gigacage.h:38 > > #define PRIMITIVE_GIGACAGE_SIZE 0x80000000llu > > #define JSVALUE_GIGACAGE_SIZE 0x40000000llu > > Might be worth expanding one (or both) of these Yeah. Or give them separate runways.
Landed in https://trac.webkit.org/changeset/231337/webkit
Committed r231344: <https://trac.webkit.org/changeset/231344>
<rdar://problem/39963637>