Diff
Modified: trunk/Source/_javascript_Core/CMakeLists.txt (222135 => 222136)
--- trunk/Source/_javascript_Core/CMakeLists.txt 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/CMakeLists.txt 2017-09-17 17:28:15 UTC (rev 222136)
@@ -793,7 +793,6 @@
runtime/JSDataViewPrototype.cpp
runtime/JSDateMath.cpp
runtime/JSDestructibleObjectSubspace.cpp
- runtime/JSEnvironmentRecord.cpp
runtime/JSFixedArray.cpp
runtime/JSFunction.cpp
runtime/JSGeneratorFunction.cpp
Modified: trunk/Source/_javascript_Core/ChangeLog (222135 => 222136)
--- trunk/Source/_javascript_Core/ChangeLog 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/ChangeLog 2017-09-17 17:28:15 UTC (rev 222136)
@@ -1,3 +1,65 @@
+2017-09-17 Yusuke Suzuki <[email protected]>
+
+ Merge JSLexicalEnvironment and JSEnvironmentRecord
+ https://bugs.webkit.org/show_bug.cgi?id=175492
+
+ Reviewed by Saam Barati.
+
+ JSEnvironmentRecord is only inherited by JSLexicalEnvironment.
+ We can merge JSEnvironmentRecord and JSLexicalEnvironment.
+
+ * CMakeLists.txt:
+ * _javascript_Core.xcodeproj/project.pbxproj:
+ * dfg/DFGSpeculativeJIT.cpp:
+ (JSC::DFG::SpeculativeJIT::compileGetByValOnScopedArguments):
+ * dfg/DFGSpeculativeJIT32_64.cpp:
+ (JSC::DFG::SpeculativeJIT::compile):
+ * dfg/DFGSpeculativeJIT64.cpp:
+ (JSC::DFG::SpeculativeJIT::compile):
+ * ftl/FTLAbstractHeapRepository.h:
+ * ftl/FTLLowerDFGToB3.cpp:
+ (JSC::FTL::DFG::LowerDFGToB3::compileGetByVal):
+ (JSC::FTL::DFG::LowerDFGToB3::compileCreateActivation):
+ (JSC::FTL::DFG::LowerDFGToB3::compileGetClosureVar):
+ (JSC::FTL::DFG::LowerDFGToB3::compilePutClosureVar):
+ (JSC::FTL::DFG::LowerDFGToB3::compileMaterializeCreateActivation):
+ * jit/JITPropertyAccess.cpp:
+ (JSC::JIT::emitGetClosureVar):
+ (JSC::JIT::emitPutClosureVar):
+ (JSC::JIT::emitScopedArgumentsGetByVal):
+ * jit/JITPropertyAccess32_64.cpp:
+ (JSC::JIT::emitGetClosureVar):
+ (JSC::JIT::emitPutClosureVar):
+ * llint/LLIntOffsetsExtractor.cpp:
+ * llint/LowLevelInterpreter.asm:
+ * llint/LowLevelInterpreter32_64.asm:
+ * llint/LowLevelInterpreter64.asm:
+ * runtime/JSEnvironmentRecord.cpp: Removed.
+ * runtime/JSEnvironmentRecord.h: Removed.
+ * runtime/JSLexicalEnvironment.cpp:
+ (JSC::JSLexicalEnvironment::visitChildren):
+ (JSC::JSLexicalEnvironment::heapSnapshot):
+ (JSC::JSLexicalEnvironment::getOwnNonIndexPropertyNames):
+ * runtime/JSLexicalEnvironment.h:
+ (JSC::JSLexicalEnvironment::subspaceFor):
+ (JSC::JSLexicalEnvironment::variables):
+ (JSC::JSLexicalEnvironment::isValidScopeOffset):
+ (JSC::JSLexicalEnvironment::variableAt):
+ (JSC::JSLexicalEnvironment::offsetOfVariables):
+ (JSC::JSLexicalEnvironment::offsetOfVariable):
+ (JSC::JSLexicalEnvironment::allocationSizeForScopeSize):
+ (JSC::JSLexicalEnvironment::allocationSize):
+ (JSC::JSLexicalEnvironment::finishCreationUninitialized):
+ (JSC::JSLexicalEnvironment::finishCreation):
+ * runtime/JSModuleEnvironment.cpp:
+ (JSC::JSModuleEnvironment::create):
+ * runtime/JSObject.h:
+ (JSC::JSObject::isEnvironment const):
+ (JSC::JSObject::isEnvironmentRecord const): Deleted.
+ * runtime/JSSegmentedVariableObject.h:
+ * runtime/StringPrototype.cpp:
+ (JSC::checkObjectCoercible):
+
2017-09-15 Saam Barati <[email protected]>
Arity fixup during inlining should do a 2 phase commit so it properly recovers the frame in case of exit
Modified: trunk/Source/_javascript_Core/_javascript_Core.xcodeproj/project.pbxproj (222135 => 222136)
--- trunk/Source/_javascript_Core/_javascript_Core.xcodeproj/project.pbxproj 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/_javascript_Core.xcodeproj/project.pbxproj 2017-09-17 17:28:15 UTC (rev 222136)
@@ -1224,7 +1224,6 @@
147F39D4107EC37600427A48 /* JSObject.cpp in Sources */ = {isa = PBXBuildFile; fileRef = BC22A3980E16E14800AF21C8 /* JSObject.cpp */; };
147F39D5107EC37600427A48 /* JSString.cpp in Sources */ = {isa = PBXBuildFile; fileRef = BC02E9B60E1842FA000F9297 /* JSString.cpp */; };
147F39D6107EC37600427A48 /* JSCJSValue.cpp in Sources */ = {isa = PBXBuildFile; fileRef = F692A8870255597D01FF60F7 /* JSCJSValue.cpp */; };
- 147F39D7107EC37600427A48 /* JSEnvironmentRecord.cpp in Sources */ = {isa = PBXBuildFile; fileRef = BC22A39A0E16E14800AF21C8 /* JSEnvironmentRecord.cpp */; };
14815F5F991C46BEB98D0016 /* JSScriptFetcher.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 11C197C2624848EDA84CED7F /* JSScriptFetcher.cpp */; };
1482B74E0A43032800517CFC /* JSStringRef.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 1482B74C0A43032800517CFC /* JSStringRef.cpp */; };
1482B7E40A43076000517CFC /* JSObjectRef.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 1482B7E20A43076000517CFC /* JSObjectRef.cpp */; };
@@ -2232,7 +2231,6 @@
BC18C42A0E16F5CD00B34460 /* JSType.h in Headers */ = {isa = PBXBuildFile; fileRef = 14ABB454099C2A0F00E2A24F /* JSType.h */; settings = {ATTRIBUTES = (Private, ); }; };
BC18C42B0E16F5CD00B34460 /* JSCJSValue.h in Headers */ = {isa = PBXBuildFile; fileRef = 14ABB36E099C076400E2A24F /* JSCJSValue.h */; settings = {ATTRIBUTES = (Private, ); }; };
BC18C42C0E16F5CD00B34460 /* JSValueRef.h in Headers */ = {isa = PBXBuildFile; fileRef = 1482B6EA0A4300B300517CFC /* JSValueRef.h */; settings = {ATTRIBUTES = (Public, ); }; };
- BC18C42D0E16F5CD00B34460 /* JSEnvironmentRecord.h in Headers */ = {isa = PBXBuildFile; fileRef = 14F252560D08DD8D004ECFFF /* JSEnvironmentRecord.h */; settings = {ATTRIBUTES = (Private, ); }; };
BC18C42E0E16F5CD00B34460 /* JSWrapperObject.h in Headers */ = {isa = PBXBuildFile; fileRef = 65C7A1720A8EAACB00FA37EA /* JSWrapperObject.h */; settings = {ATTRIBUTES = (Private, ); }; };
BC18C4310E16F5CD00B34460 /* Lexer.h in Headers */ = {isa = PBXBuildFile; fileRef = F692A8660255597D01FF60F7 /* Lexer.h */; settings = {ATTRIBUTES = (Private, ); }; };
BC18C4370E16F5CD00B34460 /* Lookup.h in Headers */ = {isa = PBXBuildFile; fileRef = F692A8690255597D01FF60F7 /* Lookup.h */; settings = {ATTRIBUTES = (Private, ); }; };
@@ -3847,7 +3845,6 @@
14E84F9B14EE1ACC00D6D5D4 /* WeakSet.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WeakSet.cpp; sourceTree = "<group>"; };
14E84F9C14EE1ACC00D6D5D4 /* WeakSet.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WeakSet.h; sourceTree = "<group>"; };
14E84F9D14EE1ACC00D6D5D4 /* WeakImpl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WeakImpl.h; sourceTree = "<group>"; };
- 14F252560D08DD8D004ECFFF /* JSEnvironmentRecord.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSEnvironmentRecord.h; sourceTree = "<group>"; };
14F7256314EE265E00B1652B /* WeakHandleOwner.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WeakHandleOwner.cpp; sourceTree = "<group>"; };
14F7256414EE265E00B1652B /* WeakHandleOwner.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WeakHandleOwner.h; sourceTree = "<group>"; };
169948EDE68D4054B01EF797 /* DefinePropertyAttributes.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DefinePropertyAttributes.h; sourceTree = "<group>"; };
@@ -4879,7 +4876,6 @@
BC18C52D0E16FCE100B34460 /* Lexer.lut.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = Lexer.lut.h; sourceTree = "<group>"; };
BC22A3980E16E14800AF21C8 /* JSObject.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSObject.cpp; sourceTree = "<group>"; };
BC22A3990E16E14800AF21C8 /* JSObject.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSObject.h; sourceTree = "<group>"; };
- BC22A39A0E16E14800AF21C8 /* JSEnvironmentRecord.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSEnvironmentRecord.cpp; sourceTree = "<group>"; };
BC2680C00E16D4E900A06E92 /* FunctionConstructor.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = FunctionConstructor.cpp; sourceTree = "<group>"; };
BC2680C10E16D4E900A06E92 /* FunctionConstructor.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = FunctionConstructor.h; sourceTree = "<group>"; };
BC2680C20E16D4E900A06E92 /* NumberConstructor.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = NumberConstructor.cpp; sourceTree = "<group>"; };
@@ -6883,8 +6879,6 @@
C2A7F687160432D400F76B98 /* JSDestructibleObject.h */,
0F7DF1391E29710E0095951B /* JSDestructibleObjectSubspace.cpp */,
0F7DF13A1E29710E0095951B /* JSDestructibleObjectSubspace.h */,
- BC22A39A0E16E14800AF21C8 /* JSEnvironmentRecord.cpp */,
- 14F252560D08DD8D004ECFFF /* JSEnvironmentRecord.h */,
A7B4ACAE1484C9CE00B38A36 /* JSExportMacros.h */,
798937761DCAB57300F8D4FB /* JSFixedArray.cpp */,
798937771DCAB57300F8D4FB /* JSFixedArray.h */,
@@ -9134,7 +9128,6 @@
0F7DF13C1E2971130095951B /* JSDestructibleObjectSubspace.h in Headers */,
FE384EE61ADDB7AD0055DE2C /* JSDollarVM.h in Headers */,
FE384EE81ADDB7AD0055DE2C /* JSDollarVMPrototype.h in Headers */,
- BC18C42D0E16F5CD00B34460 /* JSEnvironmentRecord.h in Headers */,
86E3C614167BABD7006D760A /* JSExport.h in Headers */,
A7B4ACAF1484C9CE00B38A36 /* JSExportMacros.h in Headers */,
798937791DCAB57300F8D4FB /* JSFixedArray.h in Headers */,
@@ -10802,7 +10795,6 @@
0F7DF13B1E2971110095951B /* JSDestructibleObjectSubspace.cpp in Sources */,
FE384EE51ADDB7AD0055DE2C /* JSDollarVM.cpp in Sources */,
FE384EE71ADDB7AD0055DE2C /* JSDollarVMPrototype.cpp in Sources */,
- 147F39D7107EC37600427A48 /* JSEnvironmentRecord.cpp in Sources */,
798937781DCAB57300F8D4FB /* JSFixedArray.cpp in Sources */,
140566D6107EC271005DBC8D /* JSFunction.cpp in Sources */,
70B7919B1C024A46002481E2 /* JSGeneratorFunction.cpp in Sources */,
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.cpp (222135 => 222136)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.cpp 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.cpp 2017-09-17 17:28:15 UTC (rev 222136)
@@ -52,7 +52,6 @@
#include "JSAsyncFunction.h"
#include "JSAsyncGeneratorFunction.h"
#include "JSCInlines.h"
-#include "JSEnvironmentRecord.h"
#include "JSFixedArray.h"
#include "JSGeneratorFunction.h"
#include "JSLexicalEnvironment.h"
@@ -6471,7 +6470,7 @@
m_jit.loadValue(
MacroAssembler::BaseIndex(
scratch2Reg, propertyReg, MacroAssembler::TimesEight,
- JSEnvironmentRecord::offsetOfVariables()),
+ JSLexicalEnvironment::offsetOfVariables()),
resultRegs);
MacroAssembler::Jump done = m_jit.jump();
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp (222135 => 222136)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp 2017-09-17 17:28:15 UTC (rev 222136)
@@ -39,7 +39,7 @@
#include "GetterSetter.h"
#include "HasOwnPropertyCache.h"
#include "HashMapImpl.h"
-#include "JSEnvironmentRecord.h"
+#include "JSLexicalEnvironment.h"
#include "JSPropertyNameEnumerator.h"
#include "ObjectPrototype.h"
#include "JSCInlines.h"
@@ -4267,8 +4267,8 @@
GPRReg baseGPR = base.gpr();
GPRReg resultTagGPR = resultTag.gpr();
GPRReg resultPayloadGPR = resultPayload.gpr();
- m_jit.load32(JITCompiler::Address(baseGPR, JSEnvironmentRecord::offsetOfVariable(node->scopeOffset()) + TagOffset), resultTagGPR);
- m_jit.load32(JITCompiler::Address(baseGPR, JSEnvironmentRecord::offsetOfVariable(node->scopeOffset()) + PayloadOffset), resultPayloadGPR);
+ m_jit.load32(JITCompiler::Address(baseGPR, JSLexicalEnvironment::offsetOfVariable(node->scopeOffset()) + TagOffset), resultTagGPR);
+ m_jit.load32(JITCompiler::Address(baseGPR, JSLexicalEnvironment::offsetOfVariable(node->scopeOffset()) + PayloadOffset), resultPayloadGPR);
jsValueResult(resultTagGPR, resultPayloadGPR, node);
break;
}
@@ -4281,8 +4281,8 @@
GPRReg valueTagGPR = value.tagGPR();
GPRReg valuePayloadGPR = value.payloadGPR();
- m_jit.store32(valueTagGPR, JITCompiler::Address(baseGPR, JSEnvironmentRecord::offsetOfVariable(node->scopeOffset()) + TagOffset));
- m_jit.store32(valuePayloadGPR, JITCompiler::Address(baseGPR, JSEnvironmentRecord::offsetOfVariable(node->scopeOffset()) + PayloadOffset));
+ m_jit.store32(valueTagGPR, JITCompiler::Address(baseGPR, JSLexicalEnvironment::offsetOfVariable(node->scopeOffset()) + TagOffset));
+ m_jit.store32(valuePayloadGPR, JITCompiler::Address(baseGPR, JSLexicalEnvironment::offsetOfVariable(node->scopeOffset()) + PayloadOffset));
noResult(node);
break;
}
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp (222135 => 222136)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp 2017-09-17 17:28:15 UTC (rev 222136)
@@ -39,7 +39,6 @@
#include "GetterSetter.h"
#include "HasOwnPropertyCache.h"
#include "JSCInlines.h"
-#include "JSEnvironmentRecord.h"
#include "JSLexicalEnvironment.h"
#include "JSMap.h"
#include "JSPropertyNameEnumerator.h"
@@ -4462,7 +4461,7 @@
GPRReg baseGPR = base.gpr();
GPRReg resultGPR = result.gpr();
- m_jit.load64(JITCompiler::Address(baseGPR, JSEnvironmentRecord::offsetOfVariable(node->scopeOffset())), resultGPR);
+ m_jit.load64(JITCompiler::Address(baseGPR, JSLexicalEnvironment::offsetOfVariable(node->scopeOffset())), resultGPR);
jsValueResult(resultGPR, node);
break;
}
@@ -4473,7 +4472,7 @@
GPRReg baseGPR = base.gpr();
GPRReg valueGPR = value.gpr();
- m_jit.store64(valueGPR, JITCompiler::Address(baseGPR, JSEnvironmentRecord::offsetOfVariable(node->scopeOffset())));
+ m_jit.store64(valueGPR, JITCompiler::Address(baseGPR, JSLexicalEnvironment::offsetOfVariable(node->scopeOffset())));
noResult(node);
break;
}
Modified: trunk/Source/_javascript_Core/ftl/FTLAbstractHeapRepository.h (222135 => 222136)
--- trunk/Source/_javascript_Core/ftl/FTLAbstractHeapRepository.h 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/ftl/FTLAbstractHeapRepository.h 2017-09-17 17:28:15 UTC (rev 222136)
@@ -124,7 +124,7 @@
#define FOR_EACH_INDEXED_ABSTRACT_HEAP(macro) \
macro(ArrayStorage_vector, ArrayStorage::vectorOffset(), sizeof(WriteBarrier<Unknown>)) \
macro(DirectArguments_storage, DirectArguments::storageOffset(), sizeof(EncodedJSValue)) \
- macro(JSEnvironmentRecord_variables, JSEnvironmentRecord::offsetOfVariables(), sizeof(EncodedJSValue)) \
+ macro(JSLexicalEnvironment_variables, JSLexicalEnvironment::offsetOfVariables(), sizeof(EncodedJSValue)) \
macro(JSPropertyNameEnumerator_cachedPropertyNamesVectorContents, 0, sizeof(WriteBarrier<JSString>)) \
macro(JSRopeString_fibers, JSRopeString::offsetOfFibers(), sizeof(WriteBarrier<JSString>)) \
macro(ScopedArguments_overflowStorage, ScopedArguments::overflowStorageOffset(), sizeof(EncodedJSValue)) \
Modified: trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp (222135 => 222136)
--- trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp 2017-09-17 17:28:15 UTC (rev 222136)
@@ -3655,7 +3655,7 @@
m_out.equal(scopeOffset, m_out.constInt32(ScopeOffset::invalidOffset)));
address = m_out.baseIndex(
- m_heaps.JSEnvironmentRecord_variables, caged(Gigacage::JSValue, scope),
+ m_heaps.JSLexicalEnvironment_variables, caged(Gigacage::JSValue, scope),
m_out.zeroExtPtr(scopeOffset));
ValueFromBlock namedResult = m_out.anchor(m_out.load64(address));
m_out.jump(continuation);
@@ -4456,7 +4456,7 @@
for (unsigned i = 0; i < table->scopeSize(); ++i) {
m_out.store64(
m_out.constInt64(JSValue::encode(initializationValue)),
- fastObject, m_heaps.JSEnvironmentRecord_variables[i]);
+ fastObject, m_heaps.JSLexicalEnvironment_variables[i]);
}
mutatorFence();
@@ -5966,7 +5966,7 @@
setJSValue(
m_out.load64(
lowCell(m_node->child1()),
- m_heaps.JSEnvironmentRecord_variables[m_node->scopeOffset().offset()]));
+ m_heaps.JSLexicalEnvironment_variables[m_node->scopeOffset().offset()]));
}
void compilePutClosureVar()
@@ -5974,7 +5974,7 @@
m_out.store64(
lowJSValue(m_node->child2()),
lowCell(m_node->child1()),
- m_heaps.JSEnvironmentRecord_variables[m_node->scopeOffset().offset()]);
+ m_heaps.JSLexicalEnvironment_variables[m_node->scopeOffset().offset()]);
}
void compileGetFromArguments()
@@ -9546,7 +9546,7 @@
ASSERT(descriptor.kind() == ClosureVarPLoc);
m_out.store64(
values[i], activation,
- m_heaps.JSEnvironmentRecord_variables[descriptor.info()]);
+ m_heaps.JSLexicalEnvironment_variables[descriptor.info()]);
}
if (validationEnabled()) {
Modified: trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp (222135 => 222136)
--- trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp 2017-09-17 17:28:15 UTC (rev 222136)
@@ -35,8 +35,8 @@
#include "InterpreterInlines.h"
#include "JITInlines.h"
#include "JSArray.h"
-#include "JSEnvironmentRecord.h"
#include "JSFunction.h"
+#include "JSLexicalEnvironment.h"
#include "LinkBuffer.h"
#include "ResultType.h"
#include "ScopedArguments.h"
@@ -891,7 +891,7 @@
void JIT::emitGetClosureVar(int scope, uintptr_t operand)
{
emitGetVirtualRegister(scope, regT0);
- loadPtr(Address(regT0, JSEnvironmentRecord::offsetOfVariables() + operand * sizeof(Register)), regT0);
+ loadPtr(Address(regT0, JSLexicalEnvironment::offsetOfVariables() + operand * sizeof(Register)), regT0);
}
void JIT::emit_op_get_from_scope(Instruction* currentInstruction)
@@ -1041,7 +1041,7 @@
emitGetVirtualRegister(value, regT1);
emitGetVirtualRegister(scope, regT0);
emitNotifyWrite(set);
- storePtr(regT1, Address(regT0, JSEnvironmentRecord::offsetOfVariables() + operand * sizeof(Register)));
+ storePtr(regT1, Address(regT0, JSLexicalEnvironment::offsetOfVariables() + operand * sizeof(Register)));
}
void JIT::emit_op_put_to_scope(Instruction* currentInstruction)
@@ -1547,7 +1547,7 @@
cage(ScopedArgumentsTable::ArgumentsPtr::kind, scratch);
load32(BaseIndex(scratch, property, TimesFour), scratch);
slowCases.append(branch32(Equal, scratch, TrustedImm32(ScopeOffset::invalidOffset)));
- loadValue(BaseIndex(scratch2, scratch, TimesEight, JSEnvironmentRecord::offsetOfVariables()), result);
+ loadValue(BaseIndex(scratch2, scratch, TimesEight, JSLexicalEnvironment::offsetOfVariables()), result);
Jump done = jump();
overflowCase.link(this);
sub32(property, scratch2);
Modified: trunk/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp (222135 => 222136)
--- trunk/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp 2017-09-17 17:28:15 UTC (rev 222136)
@@ -35,8 +35,8 @@
#include "InterpreterInlines.h"
#include "JITInlines.h"
#include "JSArray.h"
-#include "JSEnvironmentRecord.h"
#include "JSFunction.h"
+#include "JSLexicalEnvironment.h"
#include "LinkBuffer.h"
#include "ResultType.h"
#include "SlowPathCall.h"
@@ -893,8 +893,8 @@
void JIT::emitGetClosureVar(int scope, uintptr_t operand)
{
emitLoad(scope, regT1, regT0);
- load32(Address(regT0, JSEnvironmentRecord::offsetOfVariables() + operand * sizeof(Register) + TagOffset), regT1);
- load32(Address(regT0, JSEnvironmentRecord::offsetOfVariables() + operand * sizeof(Register) + PayloadOffset), regT0);
+ load32(Address(regT0, JSLexicalEnvironment::offsetOfVariables() + operand * sizeof(Register) + TagOffset), regT1);
+ load32(Address(regT0, JSLexicalEnvironment::offsetOfVariables() + operand * sizeof(Register) + PayloadOffset), regT0);
}
void JIT::emit_op_get_from_scope(Instruction* currentInstruction)
@@ -1043,8 +1043,8 @@
emitLoad(value, regT3, regT2);
emitLoad(scope, regT1, regT0);
emitNotifyWrite(set);
- store32(regT3, Address(regT0, JSEnvironmentRecord::offsetOfVariables() + operand * sizeof(Register) + TagOffset));
- store32(regT2, Address(regT0, JSEnvironmentRecord::offsetOfVariables() + operand * sizeof(Register) + PayloadOffset));
+ store32(regT3, Address(regT0, JSLexicalEnvironment::offsetOfVariables() + operand * sizeof(Register) + TagOffset));
+ store32(regT2, Address(regT0, JSLexicalEnvironment::offsetOfVariables() + operand * sizeof(Register) + PayloadOffset));
}
void JIT::emit_op_put_to_scope(Instruction* currentInstruction)
Modified: trunk/Source/_javascript_Core/llint/LLIntOffsetsExtractor.cpp (222135 => 222136)
--- trunk/Source/_javascript_Core/llint/LLIntOffsetsExtractor.cpp 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/llint/LLIntOffsetsExtractor.cpp 2017-09-17 17:28:15 UTC (rev 222136)
@@ -39,9 +39,9 @@
#include "JSArray.h"
#include "JSArrayBufferView.h"
#include "JSCell.h"
-#include "JSEnvironmentRecord.h"
#include "JSFunction.h"
#include "JSGlobalObject.h"
+#include "JSLexicalEnvironment.h"
#include "JSModuleRecord.h"
#include "JSObject.h"
#include "JSString.h"
Modified: trunk/Source/_javascript_Core/llint/LowLevelInterpreter.asm (222135 => 222136)
--- trunk/Source/_javascript_Core/llint/LowLevelInterpreter.asm 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/llint/LowLevelInterpreter.asm 2017-09-17 17:28:15 UTC (rev 222136)
@@ -163,7 +163,7 @@
end
const SlotSize = 8
-const JSEnvironmentRecord_variables = (sizeof JSEnvironmentRecord + SlotSize - 1) & ~(SlotSize - 1)
+const JSLexicalEnvironment_variables = (sizeof JSLexicalEnvironment + SlotSize - 1) & ~(SlotSize - 1)
const DirectArguments_storage = (sizeof DirectArguments + SlotSize - 1) & ~(SlotSize - 1)
const StackAlignment = 16
Modified: trunk/Source/_javascript_Core/llint/LowLevelInterpreter32_64.asm (222135 => 222136)
--- trunk/Source/_javascript_Core/llint/LowLevelInterpreter32_64.asm 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/llint/LowLevelInterpreter32_64.asm 2017-09-17 17:28:15 UTC (rev 222136)
@@ -2206,8 +2206,8 @@
macro getClosureVar()
loadisFromInstruction(6, t3)
- loadp JSEnvironmentRecord_variables + TagOffset[t0, t3, 8], t1
- loadp JSEnvironmentRecord_variables + PayloadOffset[t0, t3, 8], t2
+ loadp JSLexicalEnvironment_variables + TagOffset[t0, t3, 8], t1
+ loadp JSLexicalEnvironment_variables + PayloadOffset[t0, t3, 8], t2
valueProfile(t1, t2, 28, t0)
loadisFromInstruction(1, t0)
storei t1, TagOffset[cfr, t0, 8]
@@ -2298,8 +2298,8 @@
loadisFromInstruction(3, t1)
loadConstantOrVariable(t1, t2, t3)
loadisFromInstruction(6, t1)
- storei t2, JSEnvironmentRecord_variables + TagOffset[t0, t1, 8]
- storei t3, JSEnvironmentRecord_variables + PayloadOffset[t0, t1, 8]
+ storei t2, JSLexicalEnvironment_variables + TagOffset[t0, t1, 8]
+ storei t3, JSLexicalEnvironment_variables + PayloadOffset[t0, t1, 8]
end
macro putLocalClosureVar()
@@ -2310,8 +2310,8 @@
notifyWrite(t5, .pDynamic)
.noVariableWatchpointSet:
loadisFromInstruction(6, t1)
- storei t2, JSEnvironmentRecord_variables + TagOffset[t0, t1, 8]
- storei t3, JSEnvironmentRecord_variables + PayloadOffset[t0, t1, 8]
+ storei t2, JSLexicalEnvironment_variables + TagOffset[t0, t1, 8]
+ storei t3, JSLexicalEnvironment_variables + PayloadOffset[t0, t1, 8]
end
Modified: trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm (222135 => 222136)
--- trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm 2017-09-17 17:28:15 UTC (rev 222136)
@@ -2167,7 +2167,7 @@
macro getClosureVar()
loadisFromInstruction(6, t1)
- loadq JSEnvironmentRecord_variables[t0, t1, 8], t0
+ loadq JSLexicalEnvironment_variables[t0, t1, 8], t0
valueProfile(t0, 7, t1)
loadisFromInstruction(1, t1)
storeq t0, [cfr, t1, 8]
@@ -2256,7 +2256,7 @@
loadisFromInstruction(3, t1)
loadConstantOrVariable(t1, t2)
loadisFromInstruction(6, t1)
- storeq t2, JSEnvironmentRecord_variables[t0, t1, 8]
+ storeq t2, JSLexicalEnvironment_variables[t0, t1, 8]
end
macro putLocalClosureVar()
@@ -2267,7 +2267,7 @@
notifyWrite(t3, .pDynamic)
.noVariableWatchpointSet:
loadisFromInstruction(6, t1)
- storeq t2, JSEnvironmentRecord_variables[t0, t1, 8]
+ storeq t2, JSLexicalEnvironment_variables[t0, t1, 8]
end
macro checkTDZInGlobalPutToScopeIfNecessary()
Deleted: trunk/Source/_javascript_Core/runtime/JSEnvironmentRecord.cpp (222135 => 222136)
--- trunk/Source/_javascript_Core/runtime/JSEnvironmentRecord.cpp 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/runtime/JSEnvironmentRecord.cpp 2017-09-17 17:28:15 UTC (rev 222136)
@@ -1,67 +0,0 @@
-/*
- * Copyright (C) 2007, 2008, 2012, 2015 Apple Inc. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of Apple Inc. ("Apple") nor the names of
- * its contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "config.h"
-#include "JSEnvironmentRecord.h"
-
-#include "HeapSnapshotBuilder.h"
-#include "JSCInlines.h"
-
-namespace JSC {
-
-const ClassInfo JSEnvironmentRecord::s_info = { "EnvironmentRecord", &Base::s_info, nullptr, nullptr, CREATE_METHOD_TABLE(JSEnvironmentRecord) };
-
-void JSEnvironmentRecord::visitChildren(JSCell* cell, SlotVisitor& visitor)
-{
- JSEnvironmentRecord* thisObject = jsCast<JSEnvironmentRecord*>(cell);
- ASSERT_GC_OBJECT_INHERITS(thisObject, info());
- Base::visitChildren(thisObject, visitor);
- visitor.appendValuesHidden(thisObject->variables(), thisObject->symbolTable()->scopeSize());
-}
-
-void JSEnvironmentRecord::heapSnapshot(JSCell* cell, HeapSnapshotBuilder& builder)
-{
- JSEnvironmentRecord* thisObject = jsCast<JSEnvironmentRecord*>(cell);
- Base::heapSnapshot(cell, builder);
-
- ConcurrentJSLocker locker(thisObject->symbolTable()->m_lock);
- SymbolTable::Map::iterator end = thisObject->symbolTable()->end(locker);
- for (SymbolTable::Map::iterator it = thisObject->symbolTable()->begin(locker); it != end; ++it) {
- SymbolTableEntry::Fast entry = it->value;
- ASSERT(!entry.isNull());
- ScopeOffset offset = entry.scopeOffset();
- if (!thisObject->isValidScopeOffset(offset))
- continue;
-
- JSValue toValue = thisObject->variableAt(offset).get();
- if (toValue && toValue.isCell())
- builder.appendVariableNameEdge(thisObject, toValue.asCell(), it->key.get());
- }
-}
-
-} // namespace JSC
Deleted: trunk/Source/_javascript_Core/runtime/JSEnvironmentRecord.h (222135 => 222136)
--- trunk/Source/_javascript_Core/runtime/JSEnvironmentRecord.h 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/runtime/JSEnvironmentRecord.h 2017-09-17 17:28:15 UTC (rev 222136)
@@ -1,124 +0,0 @@
-/*
- * Copyright (C) 2007-2017 Apple Inc. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. Neither the name of Apple Inc. ("Apple") nor the names of
- * its contributors may be used to endorse or promote products derived
- * from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#pragma once
-
-#include "JSObject.h"
-#include "JSSymbolTableObject.h"
-#include "SymbolTable.h"
-
-namespace JSC {
-
-class LLIntOffsetsExtractor;
-
-// FIXME: Merge this with JSLexicalEnvironment, since that's the only subclass.
-// https://bugs.webkit.org/show_bug.cgi?id=175492
-class JSEnvironmentRecord : public JSSymbolTableObject {
- friend class JIT;
- friend class LLIntOffsetsExtractor;
-
-public:
- template<typename CellType>
- static Subspace* subspaceFor(VM& vm)
- {
- RELEASE_ASSERT(!CellType::needsDestruction);
- return &vm.jsValueGigacageCellSpace;
- }
-
- typedef JSSymbolTableObject Base;
- static const unsigned StructureFlags = Base::StructureFlags;
-
- WriteBarrierBase<Unknown>* variables()
- {
- return bitwise_cast<WriteBarrierBase<Unknown>*>(bitwise_cast<char*>(Gigacage::caged(Gigacage::JSValue, this)) + offsetOfVariables());
- }
-
- bool isValidScopeOffset(ScopeOffset offset)
- {
- return !!offset && offset.offset() < symbolTable()->scopeSize();
- }
-
- WriteBarrierBase<Unknown>& variableAt(ScopeOffset offset)
- {
- ASSERT(isValidScopeOffset(offset));
- return variables()[offset.offset()];
- }
-
- static size_t offsetOfVariables()
- {
- return WTF::roundUpToMultipleOf<sizeof(WriteBarrier<Unknown>)>(sizeof(JSEnvironmentRecord));
- }
-
- static size_t offsetOfVariable(ScopeOffset offset)
- {
- Checked<size_t> scopeOffset = offset.offset();
- return (offsetOfVariables() + scopeOffset * sizeof(WriteBarrier<Unknown>)).unsafeGet();
- }
-
- DECLARE_INFO;
-
- static size_t allocationSizeForScopeSize(Checked<size_t> scopeSize)
- {
- return (offsetOfVariables() + scopeSize * sizeof(WriteBarrier<Unknown>)).unsafeGet();
- }
-
- static size_t allocationSize(SymbolTable* symbolTable)
- {
- return allocationSizeForScopeSize(symbolTable->scopeSize());
- }
-
-protected:
- JSEnvironmentRecord(
- VM& vm,
- Structure* structure,
- JSScope* scope,
- SymbolTable* symbolTable)
- : Base(vm, structure, scope, symbolTable)
- {
- }
-
- void finishCreationUninitialized(VM& vm)
- {
- Base::finishCreation(vm);
- }
-
- void finishCreation(VM& vm, JSValue value)
- {
- finishCreationUninitialized(vm);
- ASSERT(value == jsUndefined() || value == jsTDZValue());
- for (unsigned i = symbolTable()->scopeSize(); i--;) {
- // Filling this with undefined/TDZEmptyValue is useful because that's what variables start out as.
- variableAt(ScopeOffset(i)).setStartingValue(value);
- }
- }
-
- static void visitChildren(JSCell*, SlotVisitor&);
- static void heapSnapshot(JSCell*, HeapSnapshotBuilder&);
-};
-
-} // namespace JSC
Modified: trunk/Source/_javascript_Core/runtime/JSLexicalEnvironment.cpp (222135 => 222136)
--- trunk/Source/_javascript_Core/runtime/JSLexicalEnvironment.cpp 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/runtime/JSLexicalEnvironment.cpp 2017-09-17 17:28:15 UTC (rev 222136)
@@ -29,6 +29,7 @@
#include "config.h"
#include "JSLexicalEnvironment.h"
+#include "HeapSnapshotBuilder.h"
#include "Interpreter.h"
#include "JSFunction.h"
#include "JSCInlines.h"
@@ -39,6 +40,34 @@
const ClassInfo JSLexicalEnvironment::s_info = { "JSLexicalEnvironment", &Base::s_info, nullptr, nullptr, CREATE_METHOD_TABLE(JSLexicalEnvironment) };
+void JSLexicalEnvironment::visitChildren(JSCell* cell, SlotVisitor& visitor)
+{
+ auto* thisObject = jsCast<JSLexicalEnvironment*>(cell);
+ ASSERT_GC_OBJECT_INHERITS(thisObject, info());
+ Base::visitChildren(thisObject, visitor);
+ visitor.appendValuesHidden(thisObject->variables(), thisObject->symbolTable()->scopeSize());
+}
+
+void JSLexicalEnvironment::heapSnapshot(JSCell* cell, HeapSnapshotBuilder& builder)
+{
+ auto* thisObject = jsCast<JSLexicalEnvironment*>(cell);
+ Base::heapSnapshot(cell, builder);
+
+ ConcurrentJSLocker locker(thisObject->symbolTable()->m_lock);
+ SymbolTable::Map::iterator end = thisObject->symbolTable()->end(locker);
+ for (SymbolTable::Map::iterator it = thisObject->symbolTable()->begin(locker); it != end; ++it) {
+ SymbolTableEntry::Fast entry = it->value;
+ ASSERT(!entry.isNull());
+ ScopeOffset offset = entry.scopeOffset();
+ if (!thisObject->isValidScopeOffset(offset))
+ continue;
+
+ JSValue toValue = thisObject->variableAt(offset).get();
+ if (toValue && toValue.isCell())
+ builder.appendVariableNameEdge(thisObject, toValue.asCell(), it->key.get());
+ }
+}
+
void JSLexicalEnvironment::getOwnNonIndexPropertyNames(JSObject* object, ExecState* exec, PropertyNameArray& propertyNames, EnumerationMode mode)
{
JSLexicalEnvironment* thisObject = jsCast<JSLexicalEnvironment*>(object);
@@ -56,7 +85,7 @@
propertyNames.add(Identifier::fromUid(exec, it->key.get()));
}
}
- // Skip the JSEnvironmentRecord implementation of getOwnNonIndexPropertyNames
+ // Skip the JSSymbolTableObject's implementation of getOwnNonIndexPropertyNames
JSObject::getOwnNonIndexPropertyNames(thisObject, exec, propertyNames, mode);
}
Modified: trunk/Source/_javascript_Core/runtime/JSLexicalEnvironment.h (222135 => 222136)
--- trunk/Source/_javascript_Core/runtime/JSLexicalEnvironment.h 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/runtime/JSLexicalEnvironment.h 2017-09-17 17:28:15 UTC (rev 222136)
@@ -29,19 +29,64 @@
#pragma once
#include "CodeBlock.h"
-#include "JSEnvironmentRecord.h"
+#include "JSSymbolTableObject.h"
#include "SymbolTable.h"
namespace JSC {
-class JSLexicalEnvironment : public JSEnvironmentRecord {
-protected:
- JSLexicalEnvironment(VM&, Structure*, JSScope*, SymbolTable*);
-
+class LLIntOffsetsExtractor;
+
+class JSLexicalEnvironment : public JSSymbolTableObject {
+ friend class JIT;
+ friend class LLIntOffsetsExtractor;
public:
- typedef JSEnvironmentRecord Base;
+ template<typename CellType>
+ static Subspace* subspaceFor(VM& vm)
+ {
+ RELEASE_ASSERT(!CellType::needsDestruction);
+ return &vm.jsValueGigacageCellSpace;
+ }
+
+ using Base = JSSymbolTableObject;
static const unsigned StructureFlags = Base::StructureFlags | OverridesGetOwnPropertySlot | OverridesGetPropertyNames | OverridesToThis;
+ WriteBarrierBase<Unknown>* variables()
+ {
+ return bitwise_cast<WriteBarrierBase<Unknown>*>(bitwise_cast<char*>(Gigacage::caged(Gigacage::JSValue, this)) + offsetOfVariables());
+ }
+
+ bool isValidScopeOffset(ScopeOffset offset)
+ {
+ return !!offset && offset.offset() < symbolTable()->scopeSize();
+ }
+
+ WriteBarrierBase<Unknown>& variableAt(ScopeOffset offset)
+ {
+ ASSERT(isValidScopeOffset(offset));
+ return variables()[offset.offset()];
+ }
+
+ static size_t offsetOfVariables()
+ {
+ return WTF::roundUpToMultipleOf<sizeof(WriteBarrier<Unknown>)>(sizeof(JSLexicalEnvironment));
+ }
+
+ static size_t offsetOfVariable(ScopeOffset offset)
+ {
+ Checked<size_t> scopeOffset = offset.offset();
+ return (offsetOfVariables() + scopeOffset * sizeof(WriteBarrier<Unknown>)).unsafeGet();
+ }
+
+ static size_t allocationSizeForScopeSize(Checked<size_t> scopeSize)
+ {
+ return (offsetOfVariables() + scopeSize * sizeof(WriteBarrier<Unknown>)).unsafeGet();
+ }
+
+ static size_t allocationSize(SymbolTable* symbolTable)
+ {
+ return allocationSizeForScopeSize(symbolTable->scopeSize());
+ }
+
static JSLexicalEnvironment* create(
VM& vm, Structure* structure, JSScope* currentScope, SymbolTable* symbolTable, JSValue initialValue)
{
@@ -72,6 +117,27 @@
DECLARE_INFO;
static Structure* createStructure(VM& vm, JSGlobalObject* globalObject) { return Structure::create(vm, globalObject, jsNull(), TypeInfo(LexicalEnvironmentType, StructureFlags), info()); }
+
+protected:
+ JSLexicalEnvironment(VM&, Structure*, JSScope*, SymbolTable*);
+
+ void finishCreationUninitialized(VM& vm)
+ {
+ Base::finishCreation(vm);
+ }
+
+ void finishCreation(VM& vm, JSValue value)
+ {
+ finishCreationUninitialized(vm);
+ ASSERT(value == jsUndefined() || value == jsTDZValue());
+ for (unsigned i = symbolTable()->scopeSize(); i--;) {
+ // Filling this with undefined/TDZEmptyValue is useful because that's what variables start out as.
+ variableAt(ScopeOffset(i)).setStartingValue(value);
+ }
+ }
+
+ static void visitChildren(JSCell*, SlotVisitor&);
+ static void heapSnapshot(JSCell*, HeapSnapshotBuilder&);
};
inline JSLexicalEnvironment::JSLexicalEnvironment(VM& vm, Structure* structure, JSScope* currentScope, SymbolTable* symbolTable)
Modified: trunk/Source/_javascript_Core/runtime/JSModuleEnvironment.cpp (222135 => 222136)
--- trunk/Source/_javascript_Core/runtime/JSModuleEnvironment.cpp 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/runtime/JSModuleEnvironment.cpp 2017-09-17 17:28:15 UTC (rev 222136)
@@ -43,8 +43,8 @@
JSModuleEnvironment* JSModuleEnvironment::create(
VM& vm, Structure* structure, JSScope* currentScope, SymbolTable* symbolTable, JSValue initialValue, AbstractModuleRecord* moduleRecord)
{
- // JSLexicalEnvironment (precisely, JSEnvironmentRecord) has the storage to store the variable slots after the its class storage.
- // Because the offset of the variable slots are fixed in the JSEnvironmentRecord, inheritting these class and adding new member field is not allowed,
+ // JSLexicalEnvironment has the storage to store the variable slots after the its class storage.
+ // Because the offset of the variable slots are fixed in the JSLexicalEnvironment, inheritting these class and adding new member field is not allowed,
// the new member will overlap the variable slots.
// To keep the JSModuleEnvironment compatible to the JSLexicalEnvironment but add the new member to store the AbstractModuleRecord, we additionally allocate
// the storage after the variable slots.
Modified: trunk/Source/_javascript_Core/runtime/JSObject.h (222135 => 222136)
--- trunk/Source/_javascript_Core/runtime/JSObject.h 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/runtime/JSObject.h 2017-09-17 17:28:15 UTC (rev 222136)
@@ -718,7 +718,7 @@
JS_EXPORT_PRIVATE static bool defineOwnProperty(JSObject*, ExecState*, PropertyName, const PropertyDescriptor&, bool shouldThrow);
- bool isEnvironmentRecord() const;
+ bool isEnvironment() const;
bool isGlobalObject() const;
bool isJSLexicalEnvironment() const;
bool isGlobalLexicalEnvironment() const;
@@ -1216,7 +1216,7 @@
return type() == StrictEvalActivationType;
}
-inline bool JSObject::isEnvironmentRecord() const
+inline bool JSObject::isEnvironment() const
{
bool result = GlobalObjectType <= type() && type() <= StrictEvalActivationType;
ASSERT((isGlobalObject() || isJSLexicalEnvironment() || isGlobalLexicalEnvironment() || isStrictEvalActivation()) == result);
Modified: trunk/Source/_javascript_Core/runtime/JSSegmentedVariableObject.h (222135 => 222136)
--- trunk/Source/_javascript_Core/runtime/JSSegmentedVariableObject.h 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/runtime/JSSegmentedVariableObject.h 2017-09-17 17:28:15 UTC (rev 222136)
@@ -38,11 +38,11 @@
class LLIntOffsetsExtractor;
-// This is a mostly drop-in replacement for JSEnvironmentRecord, except that it preserves
+// This is a mostly drop-in replacement for JSLexicalEnvironment, except that it preserves
// the invariant that after a variable is created, its address in memory will not change
// so long as the JSSegmentedVariableObject is alive. This allows optimizations based
// on getting the address of the variable and remembering it. As well, unlike a
-// JSEnvironmentRecord, this will manage the memory for the registers itself and neither
+// JSLexicalEnvironment, this will manage the memory for the registers itself and neither
// requires nor allows for the subclasses to manage that memory. Finally,
// JSSegmentedVariableObject has its own GC tracing functionality, since it knows the
// exact dimensions of the variables array at all times.
Modified: trunk/Source/_javascript_Core/runtime/StringPrototype.cpp (222135 => 222136)
--- trunk/Source/_javascript_Core/runtime/StringPrototype.cpp 2017-09-17 15:39:02 UTC (rev 222135)
+++ trunk/Source/_javascript_Core/runtime/StringPrototype.cpp 2017-09-17 17:28:15 UTC (rev 222136)
@@ -863,7 +863,7 @@
if (thisValue.isUndefinedOrNull())
return false;
- if (thisValue.isObject() && asObject(thisValue)->isEnvironmentRecord())
+ if (thisValue.isObject() && asObject(thisValue)->isEnvironment())
return false;
return true;
