Title: [239536] trunk/Source/_javascript_Core
- Revision
- 239536
- Author
- yusukesuz...@slowstart.org
- Date
- 2018-12-21 22:39:23 -0800 (Fri, 21 Dec 2018)
Log Message
[JSC] Use appendUnbarriered for cached own keys
https://bugs.webkit.org/show_bug.cgi?id=192981
Reviewed by Saam Barati.
m_cachedOwnKeys would be changed to sentinel after checking `thisObject->m_cachedOwnKeys.unvalidatedGet() != cachedOwnKeysSentinel()`
and before executing `visitor.append(thisObject->m_cachedOwnKeys)`. We never do this now, but might in the future.
To make the code safe, we should use appendUnbarriered to mark non sentinel cell.
* runtime/StructureRareData.cpp:
(JSC::StructureRareData::visitChildren):
Modified Paths
Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (239535 => 239536)
--- trunk/Source/_javascript_Core/ChangeLog 2018-12-22 06:37:39 UTC (rev 239535)
+++ trunk/Source/_javascript_Core/ChangeLog 2018-12-22 06:39:23 UTC (rev 239536)
@@ -1,3 +1,17 @@
+2018-12-21 Yusuke Suzuki <yusukesuz...@slowstart.org>
+
+ [JSC] Use appendUnbarriered for cached own keys
+ https://bugs.webkit.org/show_bug.cgi?id=192981
+
+ Reviewed by Saam Barati.
+
+ m_cachedOwnKeys would be changed to sentinel after checking `thisObject->m_cachedOwnKeys.unvalidatedGet() != cachedOwnKeysSentinel()`
+ and before executing `visitor.append(thisObject->m_cachedOwnKeys)`. We never do this now, but might in the future.
+ To make the code safe, we should use appendUnbarriered to mark non sentinel cell.
+
+ * runtime/StructureRareData.cpp:
+ (JSC::StructureRareData::visitChildren):
+
2018-12-20 Yusuke Suzuki <yusukesuz...@slowstart.org>
Use Ref<> as much as possible
Modified: trunk/Source/_javascript_Core/runtime/StructureRareData.cpp (239535 => 239536)
--- trunk/Source/_javascript_Core/runtime/StructureRareData.cpp 2018-12-22 06:37:39 UTC (rev 239535)
+++ trunk/Source/_javascript_Core/runtime/StructureRareData.cpp 2018-12-22 06:39:23 UTC (rev 239536)
@@ -71,8 +71,9 @@
visitor.append(thisObject->m_previous);
visitor.append(thisObject->m_objectToStringValue);
visitor.append(thisObject->m_cachedPropertyNameEnumerator);
- if (thisObject->m_cachedOwnKeys.unvalidatedGet() != cachedOwnKeysSentinel())
- visitor.append(thisObject->m_cachedOwnKeys);
+ auto* cachedOwnKeys = thisObject->m_cachedOwnKeys.unvalidatedGet();
+ if (cachedOwnKeys != cachedOwnKeysSentinel())
+ visitor.appendUnbarriered(cachedOwnKeys);
}
// ----------- Object.prototype.toString() helper watchpoint classes -----------
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes