JSLexicalEnvironment needs to be in the JSValue gigacage
authorfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 11 Aug 2017 23:18:18 +0000 (23:18 +0000)
committerfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 11 Aug 2017 23:18:18 +0000 (23:18 +0000)
commitbaff7a970464eb5d19d9c1a31ebb4c10cba7e958
treef822300adcbcac0c6932a535d89d1c5bff4e6fc4
parent6c64b031059478a3e62c4b1d133d09bce0dffb97
JSLexicalEnvironment needs to be in the JSValue gigacage
https://bugs.webkit.org/show_bug.cgi?id=174922

Reviewed by Michael Saboff.

We can sorta random access the JSLexicalEnvironment. So, we put it in the JSValue gigacage and make
the only random accesses use pointer caging.

We don't need to do anything to normal lexical environment accesses.

* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileGetByValOnScopedArguments):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileGetByVal):
* runtime/JSEnvironmentRecord.h:
(JSC::JSEnvironmentRecord::subspaceFor):
(JSC::JSEnvironmentRecord::variables):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@220618 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
Source/JavaScriptCore/runtime/JSEnvironmentRecord.h