202082 – Move JSLexicalEnvironment, DirectArguments, and ScopedArguments cells out of the Gigacage.

RESOLVED FIXED Bug 202082

Move JSLexicalEnvironment, DirectArguments, and ScopedArguments cells out of the Gigacage.

https://bugs.webkit.org/show_bug.cgi?id=202082

Summary Move JSLexicalEnvironment, DirectArguments, and ScopedArguments cells out of ...

Mark Lam

Reported 2019-09-21 18:26:52 PDT

They aren't being caged.

Attachments
proposed patch. (5.27 KB, patch) 2019-09-21 18:47 PDT, Mark Lam	tzagallo: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Mark Lam

Comment 1 2019-09-21 18:47:00 PDT

Created attachment 379330 [details] proposed patch.

Mark Lam

Comment 2 2019-09-21 19:53:14 PDT

Comment on attachment 379330 [details] proposed patch. View in context: https://bugs.webkit.org/attachment.cgi?id=379330&action=review > Source/JavaScriptCore/runtime/VM.cpp:272 > + , variableSizedCellSpace("Variable Sized JSCell", heap, cellHeapCellType.get(), fastMallocAllocator.get()) // Hash:0x2f5b102b I will also update the hash value in the comment before landing because it is computed based on the subspace name. It is now 0xbcd769cc.

Mark Lam

Comment 3 2019-09-21 21:01:56 PDT

Thanks for the review. Landed in r250189: <http://trac.webkit.org/r250189>.

Radar WebKit Bug Importer

Comment 4 2019-09-21 21:02:18 PDT

<rdar://problem/55596065>

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component JavaScriptCore

Assignee

Mark Lam

Reported

2019-09-21 18:26 PDT

Modified

2019-09-21 21:02 PDT History

CC List

6 users Show

URL

Keywords InRadar

Depends on

Blocks

202085

Dependancies

tree graph