Bug 202082 - Move JSLexicalEnvironment, DirectArguments, and ScopedArguments cells out of the Gigacage.
Summary: Move JSLexicalEnvironment, DirectArguments, and ScopedArguments cells out of ...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Mark Lam
URL:
Keywords: InRadar
Depends on:
Blocks: 202085
  Show dependency treegraph
 
Reported: 2019-09-21 18:26 PDT by Mark Lam
Modified: 2019-09-21 21:02 PDT (History)
6 users (show)

See Also:

Attachments
proposed patch. (5.27 KB, patch)
2019-09-21 18:47 PDT, Mark Lam 		tzagallo: review+
Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mark Lam 2019-09-21 18:26:52 PDT 
They aren't being caged.
Comment 1 Mark Lam 2019-09-21 18:47:00 PDT 
Created attachment 379330 [details]
proposed patch.
Comment 2 Mark Lam 2019-09-21 19:53:14 PDT 
Comment on attachment 379330 [details]
proposed patch.

View in context: https://bugs.webkit.org/attachment.cgi?id=379330&action=review

> Source/JavaScriptCore/runtime/VM.cpp:272
> +    , variableSizedCellSpace("Variable Sized JSCell", heap, cellHeapCellType.get(), fastMallocAllocator.get()) // Hash:0x2f5b102b

I will also update the hash value in the comment before landing because it is computed based on the subspace name.  It is now 0xbcd769cc.
Comment 3 Mark Lam 2019-09-21 21:01:56 PDT 
Thanks for the review.  Landed in r250189: <http://trac.webkit.org/r250189>.
Comment 4 Radar WebKit Bug Importer 2019-09-21 21:02:18 PDT 
<rdar://problem/55596065>