[webkit-reviews] review granted: [Bug 200192] [JSC] Make StructureChain less-tricky by using Auxiliary Buffer : [Attachment 375024] Patch

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Jul 30 17:27:22 PDT 2019

Saam Barati <sbarati at apple.com> has granted Yusuke Suzuki <ysuzuki at apple.com>'s
request for review:
Bug 200192: [JSC] Make StructureChain less-tricky by using Auxiliary Buffer

Attachment 375024: Patch


--- Comment #6 from Saam Barati <sbarati at apple.com> ---
Comment on attachment 375024
  --> https://bugs.webkit.org/attachment.cgi?id=375024

View in context: https://bugs.webkit.org/attachment.cgi?id=375024&action=review


> Source/JavaScriptCore/runtime/StructureChain.cpp:48
> +    ++size; // Sentinel nullptr.

is it worth just having a size field? (Or we could also be terrible people and
encode the size in the auxiliary pointer itself, since the size of a prototype
chain is usually low. And if we exceed 16 bits we can OOM.)

> Source/JavaScriptCore/runtime/StructureChain.cpp:49
> +    WriteBarrier<Structure>* vector =
NonVirtual(vm, (Checked<size_t>(size) *
sizeof(WriteBarrier<Structure>)).unsafeGet(), nullptr,

What about OOM? Seems easy to just make this an allocation that can fail?

More information about the webkit-reviews mailing list