174923 2017-07-27 19:46:22 -0700 ScopedArguments overflow storage needs to be in the JSValue gigacage 2017-08-12 12:07:13 -0700 1 1 1 Unclassified WebKit JavaScriptCore WebKit Nightly Build All All RESOLVED FIXED InRadar P2 Normal --- 174919 174917 1 fpizlo fpizlo ggaren jfbastien keith_miller mark.lam msaboff saam webkit-bug-importer ysuzuki oldest_to_newest 1332842 0 fpizlo 2017-07-27 19:46:22 -0700 ... 1338093 1 317982 fpizlo 2017-08-11 18:08:35 -0700 Created attachment 317982 the patch 1338158 2 317982 saam 2017-08-12 11:13:21 -0700 Comment on attachment 317982 the patch r=me Does polymorphic access also access scoped arguments for “length”? 1338160 3 fpizlo 2017-08-12 11:39:28 -0700 (In reply to Saam Barati from comment #2) > Comment on attachment 317982 [details] > the patch > > r=me > Does polymorphic access also access scoped arguments for “length”? Yeah. Since that's not an indexed access, we don't have to do caging there. We could do it, but then we'd be wagging the dog. The objective here is to make indexed accesses never go outside of a cage. Therefore, we but the object being accessed into a cage. This does not mean that all non-indexed accesses to that object need caging. I don't think that the upside of doing that would be worth the perf. 1338161 4 fpizlo 2017-08-12 11:40:24 -0700 Landed in https://trac.webkit.org/changeset/220624/webkit 1338162 5 webkit-bug-importer 2017-08-12 11:41:02 -0700 <rdar://problem/33864284> 1338167 6 saam 2017-08-12 12:07:13 -0700 (In reply to Filip Pizlo from comment #3) > (In reply to Saam Barati from comment #2) > > Comment on attachment 317982 [details] > > the patch > > > > r=me > > Does polymorphic access also access scoped arguments for “length”? > > Yeah. Since that's not an indexed access, we don't have to do caging there. > We could do it, but then we'd be wagging the dog. > > The objective here is to make indexed accesses never go outside of a cage. > > Therefore, we but the object being accessed into a cage. > > This does not mean that all non-indexed accesses to that object need caging. > I don't think that the upside of doing that would be worth the perf. Makes sense. We had this conversation before in a different context, I just forgot :) 317982 2017-08-11 18:08:35 -0700 2017-08-12 11:13:21 -0700 the patch blah.patch text/plain 4679 fpizlo SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMjIwNjIwKQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDIzIEBA CisyMDE3LTA4LTExICBGaWxpcCBQaXpsbyAgPGZwaXpsb0BhcHBsZS5jb20+CisKKyAgICAgICAg U2NvcGVkQXJndW1lbnRzIG92ZXJmbG93IHN0b3JhZ2UgbmVlZHMgdG8gYmUgaW4gdGhlIEpTVmFs dWUgZ2lnYWNhZ2UKKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dp P2lkPTE3NDkyMworCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorICAgICAg ICAKKyAgICAgICAgU2NvcGVkQXJndW1lbnRzIG92ZXJmbG93IHN0b3JhZ2Ugc2l0cyBhdCB0aGUg ZW5kIG9mIHRoZSBTY29wZWRBcmd1bWVudHMgb2JqZWN0LCBzbyB3ZSBwdXQgdGhhdAorICAgICAg ICBvYmplY3QgaW50byB0aGUgSlNWYWx1ZSBnaWdhY2FnZS4KKworICAgICAgICAqIGRmZy9ERkdT cGVjdWxhdGl2ZUpJVC5jcHA6CisgICAgICAgIChKU0M6OkRGRzo6U3BlY3VsYXRpdmVKSVQ6OmNv bXBpbGVHZXRCeVZhbE9uU2NvcGVkQXJndW1lbnRzKToKKyAgICAgICAgKiBmdGwvRlRMTG93ZXJE RkdUb0IzLmNwcDoKKyAgICAgICAgKEpTQzo6RlRMOjpERkc6Okxvd2VyREZHVG9CMzo6Y29tcGls ZUdldEJ5VmFsKToKKyAgICAgICAgKiBqaXQvSklUUHJvcGVydHlBY2Nlc3MuY3BwOgorICAgICAg ICAoSlNDOjpKSVQ6OmVtaXRTY29wZWRBcmd1bWVudHNHZXRCeVZhbCk6CisgICAgICAgICogcnVu dGltZS9TY29wZWRBcmd1bWVudHMuaDoKKyAgICAgICAgKEpTQzo6U2NvcGVkQXJndW1lbnRzOjpz dWJzcGFjZUZvcik6CisgICAgICAgIChKU0M6OlNjb3BlZEFyZ3VtZW50czo6b3ZlcmZsb3dTdG9y YWdlIGNvbnN0KToKKwogMjAxNy0wOC0xMSAgRmlsaXAgUGl6bG8gIDxmcGl6bG9AYXBwbGUuY29t PgogCiAgICAgICAgIEpTTGV4aWNhbEVudmlyb25tZW50IG5lZWRzIHRvIGJlIGluIHRoZSBKU1Zh bHVlIGdpZ2FjYWdlCkluZGV4OiBTb3VyY2UvSmF2YVNjcmlwdENvcmUvZGZnL0RGR1NwZWN1bGF0 aXZlSklULmNwcAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvSmF2YVNjcmlwdENvcmUvZGZnL0RGR1Nw ZWN1bGF0aXZlSklULmNwcAkocmV2aXNpb24gMjIwNjE4KQorKysgU291cmNlL0phdmFTY3JpcHRD b3JlL2RmZy9ERkdTcGVjdWxhdGl2ZUpJVC5jcHAJKHdvcmtpbmcgY29weSkKQEAgLTYzMjUsNiAr NjMyNSw4IEBAIHZvaWQgU3BlY3VsYXRpdmVKSVQ6OmNvbXBpbGVHZXRCeVZhbE9uU2MKICAgICBt X2ppdC5zdWIzMihwcm9wZXJ0eVJlZywgc2NyYXRjaDJSZWcpOwogICAgIG1faml0Lm5lZzMyKHNj cmF0Y2gyUmVnKTsKICAgICAKKyAgICBtX2ppdC5jYWdlKEdpZ2FjYWdlOjpKU1ZhbHVlLCBiYXNl UmVnKTsKKyAgICAKICAgICBtX2ppdC5sb2FkVmFsdWUoCiAgICAgICAgIE1hY3JvQXNzZW1ibGVy OjpCYXNlSW5kZXgoCiAgICAgICAgICAgICBiYXNlUmVnLCBzY3JhdGNoMlJlZywgTWFjcm9Bc3Nl bWJsZXI6OlRpbWVzRWlnaHQsCkluZGV4OiBTb3VyY2UvSmF2YVNjcmlwdENvcmUvZnRsL0ZUTExv d2VyREZHVG9CMy5jcHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291cmNlL0phdmFTY3JpcHRDb3JlL2Z0bC9G VExMb3dlckRGR1RvQjMuY3BwCShyZXZpc2lvbiAyMjA2MTgpCisrKyBTb3VyY2UvSmF2YVNjcmlw dENvcmUvZnRsL0ZUTExvd2VyREZHVG9CMy5jcHAJKHdvcmtpbmcgY29weSkKQEAgLTM1NjUsMTAg KzM1NjUsOCBAQCBwcml2YXRlOgogICAgICAgICAgICAgCiAgICAgICAgICAgICBtX291dC5hcHBl bmRUbyhvdmVyZmxvd0Nhc2UsIGNvbnRpbnVhdGlvbik7CiAgICAgICAgICAgICAKLSAgICAgICAg ICAgIC8vIEZJWE1FOiBJIGd1ZXNzIHdlIG5lZWQgdG8gY2FnZSBvdmVyZmxvdyBzdG9yYWdlPwot ICAgICAgICAgICAgLy8gaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTE3 NDkyMwogICAgICAgICAgICAgYWRkcmVzcyA9IG1fb3V0LmJhc2VJbmRleCgKLSAgICAgICAgICAg ICAgICBtX2hlYXBzLlNjb3BlZEFyZ3VtZW50c19vdmVyZmxvd1N0b3JhZ2UsIGJhc2UsCisgICAg ICAgICAgICAgICAgbV9oZWFwcy5TY29wZWRBcmd1bWVudHNfb3ZlcmZsb3dTdG9yYWdlLCBjYWdl ZChHaWdhY2FnZTo6SlNWYWx1ZSwgYmFzZSksCiAgICAgICAgICAgICAgICAgbV9vdXQuemVyb0V4 dFB0cihtX291dC5zdWIoaW5kZXgsIG5hbWVkTGVuZ3RoKSkpOwogICAgICAgICAgICAgTFZhbHVl IG92ZXJmbG93VmFsdWUgPSBtX291dC5sb2FkNjQoYWRkcmVzcyk7CiAgICAgICAgICAgICBzcGVj dWxhdGUoRXhvdGljT2JqZWN0TW9kZSwgbm9WYWx1ZSgpLCBudWxscHRyLCBtX291dC5pc1plcm82 NChvdmVyZmxvd1ZhbHVlKSk7CkluZGV4OiBTb3VyY2UvSmF2YVNjcmlwdENvcmUvaml0L0pJVFBy b3BlcnR5QWNjZXNzLmNwcAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvSmF2YVNjcmlwdENvcmUvaml0 L0pJVFByb3BlcnR5QWNjZXNzLmNwcAkocmV2aXNpb24gMjIwNjE4KQorKysgU291cmNlL0phdmFT Y3JpcHRDb3JlL2ppdC9KSVRQcm9wZXJ0eUFjY2Vzcy5jcHAJKHdvcmtpbmcgY29weSkKQEAgLTE1 NTEsNiArMTU1MSw3IEBAIEpJVDo6SnVtcExpc3QgSklUOjplbWl0U2NvcGVkQXJndW1lbnRzR2UK ICAgICBvdmVyZmxvd0Nhc2UubGluayh0aGlzKTsKICAgICBzdWIzMihwcm9wZXJ0eSwgc2NyYXRj aDIpOwogICAgIG5lZzMyKHNjcmF0Y2gyKTsKKyAgICBjYWdlKEdpZ2FjYWdlOjpKU1ZhbHVlLCBi YXNlKTsKICAgICBsb2FkVmFsdWUoQmFzZUluZGV4KGJhc2UsIHNjcmF0Y2gyLCBUaW1lc0VpZ2h0 LCBTY29wZWRBcmd1bWVudHM6Om92ZXJmbG93U3RvcmFnZU9mZnNldCgpKSwgcmVzdWx0KTsKICAg ICBzbG93Q2FzZXMuYXBwZW5kKGJyYW5jaElmRW1wdHkocmVzdWx0KSk7CiAgICAgZG9uZS5saW5r KHRoaXMpOwpJbmRleDogU291cmNlL0phdmFTY3JpcHRDb3JlL3J1bnRpbWUvU2NvcGVkQXJndW1l bnRzLmgKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PQotLS0gU291cmNlL0phdmFTY3JpcHRDb3JlL3J1bnRpbWUvU2NvcGVk QXJndW1lbnRzLmgJKHJldmlzaW9uIDIyMDYxOCkKKysrIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9y dW50aW1lL1Njb3BlZEFyZ3VtZW50cy5oCSh3b3JraW5nIGNvcHkpCkBAIC00Miw2ICs0MiwxMyBA QCBwcml2YXRlOgogICAgIHZvaWQgZmluaXNoQ3JlYXRpb24oVk0mLCBKU0Z1bmN0aW9uKiBjYWxs ZWUsIFNjb3BlZEFyZ3VtZW50c1RhYmxlKiwgSlNMZXhpY2FsRW52aXJvbm1lbnQqKTsKIAogcHVi bGljOgorICAgIHRlbXBsYXRlPHR5cGVuYW1lIENlbGxUeXBlPgorICAgIHN0YXRpYyBTdWJzcGFj ZSogc3Vic3BhY2VGb3IoVk0mIHZtKQorICAgIHsKKyAgICAgICAgUkVMRUFTRV9BU1NFUlQoIUNl bGxUeXBlOjpuZWVkc0Rlc3RydWN0aW9uKTsKKyAgICAgICAgcmV0dXJuICZ2bS5qc1ZhbHVlR2ln YWNhZ2VDZWxsU3BhY2U7CisgICAgfQorCiAgICAgLy8gQ3JlYXRlcyBhbiBhcmd1bWVudHMgb2Jq ZWN0IGJ1dCBsZWF2ZXMgaXQgdW5pbml0aWFsaXplZC4gVGhpcyBpcyBkYW5nZXJvdXMgaWYgd2Ug R0MgcmlnaHQKICAgICAvLyBhZnRlciBhbGxvY2F0aW9uLgogICAgIHN0YXRpYyBTY29wZWRBcmd1 bWVudHMqIGNyZWF0ZVVuaW5pdGlhbGl6ZWQoVk0mLCBTdHJ1Y3R1cmUqLCBKU0Z1bmN0aW9uKiBj YWxsZWUsIFNjb3BlZEFyZ3VtZW50c1RhYmxlKiwgSlNMZXhpY2FsRW52aXJvbm1lbnQqLCB1bnNp Z25lZCB0b3RhbExlbmd0aCk7CkBAIC0xNTQsMTAgKzE2MSw5IEBAIHByaXZhdGU6CiAgICAgV3Jp dGVCYXJyaWVyPFVua25vd24+KiBvdmVyZmxvd1N0b3JhZ2UoKSBjb25zdAogICAgIHsKICAgICAg ICAgcmV0dXJuIGJpdHdpc2VfY2FzdDxXcml0ZUJhcnJpZXI8VW5rbm93bj4qPigKLSAgICAgICAg ICAgIGJpdHdpc2VfY2FzdDxjaGFyKj4odGhpcykgKyBvdmVyZmxvd1N0b3JhZ2VPZmZzZXQoKSk7 CisgICAgICAgICAgICBiaXR3aXNlX2Nhc3Q8Y2hhcio+KEdpZ2FjYWdlOjpjYWdlZChHaWdhY2Fn ZTo6SlNWYWx1ZSwgdGhpcykpICsgb3ZlcmZsb3dTdG9yYWdlT2Zmc2V0KCkpOwogICAgIH0KICAg ICAKLSAgICAKICAgICBib29sIG1fb3ZlcnJvZGVUaGluZ3M7IC8vIFRydWUgaWYgbGVuZ3RoLCBj YWxsZWUsIGFuZCBjYWxsZXIgYXJlIGZ1bGx5IG1hdGVyaWFsaXplZCBpbiB0aGUgb2JqZWN0Lgog ICAgIHVuc2lnbmVkIG1fdG90YWxMZW5ndGg7IC8vIFRoZSBsZW5ndGggb2YgZGVjbGFyZWQgcGx1 cyBvdmVyZmxvdyBhcmd1bWVudHMuCiAgICAgV3JpdGVCYXJyaWVyPEpTRnVuY3Rpb24+IG1fY2Fs bGVlOwo=