in js/src/vm/Interpreter.cpp [1766:4543]
bool MOZ_NEVER_INLINE JS_HAZ_JSNATIVE_CALLER js::Interpret(JSContext* cx,
RunState& state) {
/*
* Define macros for an interpreter loop. Opcode dispatch is done by
* indirect goto (aka a threaded interpreter), which is technically
* non-standard but is supported by all of our supported compilers.
*/
#define INTERPRETER_LOOP()
#define CASE(OP) label_##OP:
#define DEFAULT() \
label_default:
#define DISPATCH_TO(OP) goto* addresses[(OP)]
#define LABEL(X) (&&label_##X)
// Use addresses instead of offsets to optimize for runtime speed over
// load-time relocation overhead.
static const void* const addresses[EnableInterruptsPseudoOpcode + 1] = {
#define OPCODE_LABEL(op, ...) LABEL(op),
FOR_EACH_OPCODE(OPCODE_LABEL)
#undef OPCODE_LABEL
#define TRAILING_LABEL(v) \
((v) == EnableInterruptsPseudoOpcode ? LABEL(EnableInterruptsPseudoOpcode) \
: LABEL(default)),
FOR_EACH_TRAILING_UNUSED_OPCODE(TRAILING_LABEL)
#undef TRAILING_LABEL
};
/*
* Increment REGS.pc by N, load the opcode at that position,
* and jump to the code to execute it.
*
* When Debugger puts a script in single-step mode, all js::Interpret
* invocations that might be presently running that script must have
* interrupts enabled. It's not practical to simply check
* script->stepModeEnabled() at each point some callee could have changed
* it, because there are so many places js::Interpret could possibly cause
* JavaScript to run: each place an object might be coerced to a primitive
* or a number, for example. So instead, we expose a simple mechanism to
* let Debugger tweak the affected js::Interpret frames when an onStep
* handler is added: calling activation.enableInterruptsUnconditionally()
* will enable interrupts, and activation.opMask() is or'd with the opcode
* to implement a simple alternate dispatch.
*/
#define ADVANCE_AND_DISPATCH(N) \
JS_BEGIN_MACRO \
REGS.pc += (N); \
SANITY_CHECKS(); \
DISPATCH_TO(*REGS.pc | activation.opMask()); \
JS_END_MACRO
/*
* Shorthand for the common sequence at the end of a fixed-size opcode.
*/
#define END_CASE(OP) ADVANCE_AND_DISPATCH(JSOpLength_##OP);
/*
* Prepare to call a user-supplied branch handler, and abort the script
* if it returns false.
*/
#define CHECK_BRANCH() \
JS_BEGIN_MACRO \
if (!CheckForInterrupt(cx)) goto error; \
JS_END_MACRO
/*
* This is a simple wrapper around ADVANCE_AND_DISPATCH which also does
* a CHECK_BRANCH() if n is not positive, which possibly indicates that it
* is the backedge of a loop.
*/
#define BRANCH(n) \
JS_BEGIN_MACRO \
int32_t nlen = (n); \
if (nlen <= 0) CHECK_BRANCH(); \
ADVANCE_AND_DISPATCH(nlen); \
JS_END_MACRO
/*
* Initialize code coverage vectors.
*/
#define INIT_COVERAGE() \
JS_BEGIN_MACRO \
if (!script->hasScriptCounts()) { \
if (cx->realm()->collectCoverageForDebug()) { \
if (!script->initScriptCounts(cx)) goto error; \
} \
} \
JS_END_MACRO
/*
* Increment the code coverage counter associated with the given pc.
*/
#define COUNT_COVERAGE_PC(PC) \
JS_BEGIN_MACRO \
if (script->hasScriptCounts()) { \
PCCounts* counts = script->maybeGetPCCounts(PC); \
MOZ_ASSERT(counts); \
counts->numExec()++; \
} \
JS_END_MACRO
#define COUNT_COVERAGE_MAIN() \
JS_BEGIN_MACRO \
jsbytecode* main = script->main(); \
if (!BytecodeIsJumpTarget(JSOp(*main))) COUNT_COVERAGE_PC(main); \
JS_END_MACRO
#define COUNT_COVERAGE() \
JS_BEGIN_MACRO \
MOZ_ASSERT(BytecodeIsJumpTarget(JSOp(*REGS.pc))); \
COUNT_COVERAGE_PC(REGS.pc); \
JS_END_MACRO
#define SET_SCRIPT(s) \
JS_BEGIN_MACRO \
script = (s); \
MOZ_ASSERT(cx->realm() == script->realm()); \
if (DebugAPI::hasAnyBreakpointsOrStepMode(script) || \
script->hasScriptCounts()) \
activation.enableInterruptsUnconditionally(); \
JS_END_MACRO
#define SANITY_CHECKS() \
JS_BEGIN_MACRO \
js::gc::MaybeVerifyBarriers(cx); \
JS_END_MACRO
// Verify that an uninitialized lexical is followed by a correct check op.
#ifdef DEBUG
# define ASSERT_UNINITIALIZED_ALIASED_LEXICAL(val) \
JS_BEGIN_MACRO \
if (IsUninitializedLexical(val)) { \
JSOp next = JSOp(*GetNextPc(REGS.pc)); \
MOZ_ASSERT(next == JSOp::CheckThis || next == JSOp::CheckReturn || \
next == JSOp::CheckThisReinit || \
next == JSOp::CheckAliasedLexical); \
} \
JS_END_MACRO
#else
# define ASSERT_UNINITIALIZED_ALIASED_LEXICAL(val) \
JS_BEGIN_MACRO \
/* nothing */ \
JS_END_MACRO
#endif
gc::MaybeVerifyBarriers(cx, true);
InterpreterFrame* entryFrame = state.pushInterpreterFrame(cx);
if (!entryFrame) {
return false;
}
InterpreterActivation activation(state, cx, entryFrame);
/* The script is used frequently, so keep a local copy. */
RootedScript script(cx);
SET_SCRIPT(REGS.fp()->script());
/*
* Pool of rooters for use in this interpreter frame. References to these
* are used for local variables within interpreter cases. This avoids
* creating new rooters each time an interpreter case is entered, and also
* correctness pitfalls due to incorrect compilation of destructor calls
* around computed gotos.
*/
RootedTuple<Value, Value, JSObject*, JSObject*, JSFunction*, JSAtom*,
PropertyName*, PropertyKey, JSScript*, Scope*>
roots(cx);
RootedField<Value, 0> rootValue0(roots);
RootedField<Value, 1> rootValue1(roots);
RootedField<JSObject*, 2> rootObject0(roots);
RootedField<JSObject*, 3> rootObject1(roots);
RootedField<JSFunction*> rootFunction0(roots);
RootedField<JSAtom*> rootAtom0(roots);
RootedField<PropertyName*> rootName0(roots);
RootedField<PropertyKey> rootId0(roots);
RootedField<JSScript*> rootScript0(roots);
RootedField<Scope*> rootScope0(roots);
DebugOnly<uint32_t> blockDepth;
/* State communicated between non-local jumps: */
bool interpReturnOK;
bool frameHalfInitialized;
if (!activation.entryFrame()->prologue(cx)) {
goto prologue_error;
}
if (!DebugAPI::onEnterFrame(cx, activation.entryFrame())) {
goto error;
}
// Increment the coverage for the main entry point.
INIT_COVERAGE();
COUNT_COVERAGE_MAIN();
// Enter the interpreter loop starting at the current pc.
ADVANCE_AND_DISPATCH(0);
INTERPRETER_LOOP() {
CASE(EnableInterruptsPseudoOpcode) {
bool moreInterrupts = false;
jsbytecode op = *REGS.pc;
if (!script->hasScriptCounts() &&
cx->realm()->collectCoverageForDebug()) {
if (!script->initScriptCounts(cx)) {
goto error;
}
}
if (script->isDebuggee()) {
if (DebugAPI::stepModeEnabled(script)) {
if (!DebugAPI::onSingleStep(cx)) {
goto error;
}
moreInterrupts = true;
}
if (DebugAPI::hasAnyBreakpointsOrStepMode(script)) {
moreInterrupts = true;
}
if (DebugAPI::hasBreakpointsAt(script, REGS.pc)) {
if (!DebugAPI::onTrap(cx)) {
goto error;
}
}
}
MOZ_ASSERT(activation.opMask() == EnableInterruptsPseudoOpcode);
if (!moreInterrupts) {
activation.clearInterruptsMask();
}
/* Commence executing the actual opcode. */
SANITY_CHECKS();
DISPATCH_TO(op);
}
/* Various 1-byte no-ops. */
CASE(Nop)
CASE(Try)
CASE(NopDestructuring)
CASE(NopIsAssignOp)
CASE(TryDestructuring) {
MOZ_ASSERT(GetBytecodeLength(REGS.pc) == 1);
ADVANCE_AND_DISPATCH(1);
}
CASE(JumpTarget)
COUNT_COVERAGE();
END_CASE(JumpTarget)
CASE(LoopHead) {
COUNT_COVERAGE();
// Attempt on-stack replacement into the Baseline Interpreter.
if (jit::IsBaselineInterpreterEnabled()) {
script->incWarmUpCounter();
jit::MethodStatus status =
jit::CanEnterBaselineInterpreterAtBranch(cx, REGS.fp());
if (status == jit::Method_Error) {
goto error;
}
if (status == jit::Method_Compiled) {
bool wasProfiler = REGS.fp()->hasPushedGeckoProfilerFrame();
jit::JitExecStatus maybeOsr;
{
GeckoProfilerBaselineOSRMarker osr(cx, wasProfiler);
maybeOsr =
jit::EnterBaselineInterpreterAtBranch(cx, REGS.fp(), REGS.pc);
}
// We failed to call into baseline at all, so treat as an error.
if (maybeOsr == jit::JitExec_Aborted) {
goto error;
}
interpReturnOK = (maybeOsr == jit::JitExec_Ok);
// Pop the profiler frame pushed by the interpreter. (The compiled
// version of the function popped a copy of the frame pushed by the
// OSR trampoline.)
if (wasProfiler) {
cx->geckoProfiler().exit(cx, script);
}
if (activation.entryFrame() != REGS.fp()) {
goto jit_return_pop_frame;
}
goto leave_on_safe_point;
}
}
}
END_CASE(LoopHead)
CASE(Lineno)
END_CASE(Lineno)
CASE(ForceInterpreter) {
// Ensure pattern matching still works.
MOZ_ASSERT(script->hasForceInterpreterOp());
}
END_CASE(ForceInterpreter)
CASE(Undefined) { PUSH_UNDEFINED(); }
END_CASE(Undefined)
CASE(Pop) { REGS.sp--; }
END_CASE(Pop)
CASE(PopN) {
MOZ_ASSERT(GET_UINT16(REGS.pc) <= REGS.stackDepth());
REGS.sp -= GET_UINT16(REGS.pc);
}
END_CASE(PopN)
CASE(DupAt) {
MOZ_ASSERT(GET_UINT24(REGS.pc) < REGS.stackDepth());
unsigned i = GET_UINT24(REGS.pc);
const Value& rref = REGS.sp[-int(i + 1)];
PUSH_COPY(rref);
}
END_CASE(DupAt)
CASE(SetRval) { POP_RETURN_VALUE(); }
END_CASE(SetRval)
CASE(GetRval) { PUSH_COPY(REGS.fp()->returnValue()); }
END_CASE(GetRval)
CASE(EnterWith) {
ReservedRooted<Value> val(&rootValue0, REGS.sp[-1]);
REGS.sp--;
ReservedRooted<Scope*> scope(&rootScope0, script->getScope(REGS.pc));
if (!EnterWithOperation(cx, REGS.fp(), val, scope.as<WithScope>())) {
goto error;
}
}
END_CASE(EnterWith)
CASE(LeaveWith) {
REGS.fp()->popOffEnvironmentChain<WithEnvironmentObject>();
}
END_CASE(LeaveWith)
#ifdef ENABLE_EXPLICIT_RESOURCE_MANAGEMENT
CASE(AddDisposable) {
ReservedRooted<JSObject*> env(&rootObject0,
REGS.fp()->environmentChain());
ReservedRooted<JS::Value> needsClosure(&rootValue0);
POP_COPY_TO(needsClosure);
ReservedRooted<JS::Value> method(&rootValue1);
POP_COPY_TO(method);
JS::Rooted<JS::Value> val(cx);
POP_COPY_TO(val);
UsingHint hint = UsingHint(GET_UINT8(REGS.pc));
if (!AddDisposableResourceToCapability(cx, env, val, method,
needsClosure.toBoolean(), hint)) {
goto error;
}
}
END_CASE(AddDisposable)
CASE(TakeDisposeCapability) {
ReservedRooted<JSObject*> env(&rootObject0,
REGS.fp()->environmentChain());
JS::Value maybeDisposables =
env->as<DisposableEnvironmentObject>().getDisposables();
MOZ_ASSERT(maybeDisposables.isObject() || maybeDisposables.isUndefined());
if (maybeDisposables.isUndefined()) {
PUSH_UNDEFINED();
} else {
PUSH_OBJECT(maybeDisposables.toObject());
env->as<DisposableEnvironmentObject>().clearDisposables();
}
}
END_CASE(TakeDisposeCapability)
CASE(CreateSuppressedError) {
ReservedRooted<JS::Value> error(&rootValue0);
ReservedRooted<JS::Value> suppressed(&rootValue1);
POP_COPY_TO(suppressed);
POP_COPY_TO(error);
ErrorObject* errorObj = CreateSuppressedError(cx, error, suppressed);
if (!errorObj) {
goto error;
}
PUSH_OBJECT(*errorObj);
}
END_CASE(CreateSuppressedError)
#endif
CASE(Return) {
POP_RETURN_VALUE();
/* FALL THROUGH */
}
CASE(RetRval) {
/*
* When the inlined frame exits with an exception or an error, ok will be
* false after the inline_return label.
*/
CHECK_BRANCH();
successful_return_continuation:
interpReturnOK = true;
return_continuation:
frameHalfInitialized = false;
prologue_return_continuation:
if (activation.entryFrame() != REGS.fp()) {
// Stop the engine. (No details about which engine exactly, could be
// interpreter, Baseline or IonMonkey.)
if (MOZ_LIKELY(!frameHalfInitialized)) {
interpReturnOK =
DebugAPI::onLeaveFrame(cx, REGS.fp(), REGS.pc, interpReturnOK);
REGS.fp()->epilogue(cx, REGS.pc);
}
jit_return_pop_frame:
activation.popInlineFrame(REGS.fp());
{
JSScript* callerScript = REGS.fp()->script();
if (cx->realm() != callerScript->realm()) {
cx->leaveRealm(callerScript->realm());
}
SET_SCRIPT(callerScript);
}
jit_return:
MOZ_ASSERT(IsInvokePC(REGS.pc));
MOZ_ASSERT(cx->realm() == script->realm());
/* Resume execution in the calling frame. */
if (MOZ_LIKELY(interpReturnOK)) {
if (JSOp(*REGS.pc) == JSOp::Resume) {
ADVANCE_AND_DISPATCH(JSOpLength_Resume);
}
MOZ_ASSERT(GetBytecodeLength(REGS.pc) == JSOpLength_Call);
ADVANCE_AND_DISPATCH(JSOpLength_Call);
}
goto error;
} else {
// Stack should be empty for the outer frame, unless we executed the
// first |await| expression in an async function.
MOZ_ASSERT(REGS.stackDepth() == 0 ||
(JSOp(*REGS.pc) == JSOp::Await &&
!REGS.fp()->isResumedGenerator()));
}
goto exit;
}
CASE(Default) {
REGS.sp--;
/* FALL THROUGH */
}
CASE(Goto) { BRANCH(GET_JUMP_OFFSET(REGS.pc)); }
CASE(JumpIfFalse) {
bool cond = ToBoolean(REGS.stackHandleAt(-1));
REGS.sp--;
if (!cond) {
BRANCH(GET_JUMP_OFFSET(REGS.pc));
}
}
END_CASE(JumpIfFalse)
CASE(JumpIfTrue) {
bool cond = ToBoolean(REGS.stackHandleAt(-1));
REGS.sp--;
if (cond) {
BRANCH(GET_JUMP_OFFSET(REGS.pc));
}
}
END_CASE(JumpIfTrue)
CASE(Or) {
bool cond = ToBoolean(REGS.stackHandleAt(-1));
if (cond) {
ADVANCE_AND_DISPATCH(GET_JUMP_OFFSET(REGS.pc));
}
}
END_CASE(Or)
CASE(Coalesce) {
MutableHandleValue res = REGS.stackHandleAt(-1);
bool cond = !res.isNullOrUndefined();
if (cond) {
ADVANCE_AND_DISPATCH(GET_JUMP_OFFSET(REGS.pc));
}
}
END_CASE(Coalesce)
CASE(And) {
bool cond = ToBoolean(REGS.stackHandleAt(-1));
if (!cond) {
ADVANCE_AND_DISPATCH(GET_JUMP_OFFSET(REGS.pc));
}
}
END_CASE(And)
#define FETCH_ELEMENT_ID(n, id) \
JS_BEGIN_MACRO \
if (!ToPropertyKey(cx, REGS.stackHandleAt(n), &(id))) goto error; \
JS_END_MACRO
#define TRY_BRANCH_AFTER_COND(cond, spdec) \
JS_BEGIN_MACRO \
MOZ_ASSERT(GetBytecodeLength(REGS.pc) == 1); \
unsigned diff_ = \
(unsigned)GET_UINT8(REGS.pc) - (unsigned)JSOp::JumpIfFalse; \
if (diff_ <= 1) { \
REGS.sp -= (spdec); \
if ((cond) == (diff_ != 0)) { \
++REGS.pc; \
BRANCH(GET_JUMP_OFFSET(REGS.pc)); \
} \
ADVANCE_AND_DISPATCH(1 + JSOpLength_JumpIfFalse); \
} \
JS_END_MACRO
CASE(In) {
HandleValue rref = REGS.stackHandleAt(-1);
if (!rref.isObject()) {
HandleValue lref = REGS.stackHandleAt(-2);
ReportInNotObjectError(cx, lref, rref);
goto error;
}
bool found;
{
ReservedRooted<JSObject*> obj(&rootObject0, &rref.toObject());
ReservedRooted<jsid> id(&rootId0);
FETCH_ELEMENT_ID(-2, id);
if (!HasProperty(cx, obj, id, &found)) {
goto error;
}
}
TRY_BRANCH_AFTER_COND(found, 2);
REGS.sp--;
REGS.sp[-1].setBoolean(found);
}
END_CASE(In)
CASE(HasOwn) {
HandleValue val = REGS.stackHandleAt(-1);
HandleValue idval = REGS.stackHandleAt(-2);
bool found;
if (!HasOwnProperty(cx, val, idval, &found)) {
goto error;
}
REGS.sp--;
REGS.sp[-1].setBoolean(found);
}
END_CASE(HasOwn)
CASE(CheckPrivateField) {
/* Load the object being initialized into lval/val. */
HandleValue val = REGS.stackHandleAt(-2);
HandleValue idval = REGS.stackHandleAt(-1);
bool result = false;
if (!CheckPrivateFieldOperation(cx, REGS.pc, val, idval, &result)) {
goto error;
}
PUSH_BOOLEAN(result);
}
END_CASE(CheckPrivateField)
CASE(NewPrivateName) {
ReservedRooted<JSAtom*> name(&rootAtom0, script->getAtom(REGS.pc));
auto* symbol = NewPrivateName(cx, name);
if (!symbol) {
goto error;
}
PUSH_SYMBOL(symbol);
}
END_CASE(NewPrivateName)
CASE(IsNullOrUndefined) {
bool b = REGS.sp[-1].isNullOrUndefined();
PUSH_BOOLEAN(b);
}
END_CASE(IsNullOrUndefined)
CASE(Iter) {
MOZ_ASSERT(REGS.stackDepth() >= 1);
HandleValue val = REGS.stackHandleAt(-1);
JSObject* iter = ValueToIterator(cx, val);
if (!iter) {
goto error;
}
REGS.sp[-1].setObject(*iter);
}
END_CASE(Iter)
CASE(MoreIter) {
MOZ_ASSERT(REGS.stackDepth() >= 1);
MOZ_ASSERT(REGS.sp[-1].isObject());
Value v = IteratorMore(®S.sp[-1].toObject());
PUSH_COPY(v);
}
END_CASE(MoreIter)
CASE(IsNoIter) {
bool b = REGS.sp[-1].isMagic(JS_NO_ITER_VALUE);
PUSH_BOOLEAN(b);
}
END_CASE(IsNoIter)
CASE(EndIter) {
MOZ_ASSERT(REGS.stackDepth() >= 2);
CloseIterator(®S.sp[-2].toObject());
REGS.sp -= 2;
}
END_CASE(EndIter)
CASE(CloseIter) {
ReservedRooted<JSObject*> iter(&rootObject0, ®S.sp[-1].toObject());
CompletionKind kind = CompletionKind(GET_UINT8(REGS.pc));
if (!CloseIterOperation(cx, iter, kind)) {
goto error;
}
REGS.sp--;
}
END_CASE(CloseIter)
CASE(OptimizeGetIterator) {
bool result = OptimizeGetIterator(REGS.sp[-1], cx);
REGS.sp[-1].setBoolean(result);
}
END_CASE(OptimizeGetIterator)
CASE(IsGenClosing) {
bool b = REGS.sp[-1].isMagic(JS_GENERATOR_CLOSING);
PUSH_BOOLEAN(b);
}
END_CASE(IsGenClosing)
CASE(Dup) {
MOZ_ASSERT(REGS.stackDepth() >= 1);
const Value& rref = REGS.sp[-1];
PUSH_COPY(rref);
}
END_CASE(Dup)
CASE(Dup2) {
MOZ_ASSERT(REGS.stackDepth() >= 2);
const Value& lref = REGS.sp[-2];
const Value& rref = REGS.sp[-1];
PUSH_COPY(lref);
PUSH_COPY(rref);
}
END_CASE(Dup2)
CASE(Swap) {
MOZ_ASSERT(REGS.stackDepth() >= 2);
Value& lref = REGS.sp[-2];
Value& rref = REGS.sp[-1];
lref.swap(rref);
}
END_CASE(Swap)
CASE(Pick) {
unsigned i = GET_UINT8(REGS.pc);
MOZ_ASSERT(REGS.stackDepth() >= i + 1);
Value lval = REGS.sp[-int(i + 1)];
memmove(REGS.sp - (i + 1), REGS.sp - i, sizeof(Value) * i);
REGS.sp[-1] = lval;
}
END_CASE(Pick)
CASE(Unpick) {
int i = GET_UINT8(REGS.pc);
MOZ_ASSERT(REGS.stackDepth() >= unsigned(i) + 1);
Value lval = REGS.sp[-1];
memmove(REGS.sp - i, REGS.sp - (i + 1), sizeof(Value) * i);
REGS.sp[-(i + 1)] = lval;
}
END_CASE(Unpick)
CASE(BindUnqualifiedGName)
CASE(BindUnqualifiedName) {
JSOp op = JSOp(*REGS.pc);
ReservedRooted<JSObject*> envChain(&rootObject0);
if (op == JSOp::BindUnqualifiedName) {
envChain.set(REGS.fp()->environmentChain());
} else {
MOZ_ASSERT(!script->hasNonSyntacticScope());
envChain.set(®S.fp()->global().lexicalEnvironment());
}
ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS.pc));
// Assigning to an undeclared name adds a property to the global object.
JSObject* env = LookupNameUnqualified(cx, name, envChain);
if (!env) {
goto error;
}
PUSH_OBJECT(*env);
static_assert(
JSOpLength_BindUnqualifiedName == JSOpLength_BindUnqualifiedGName,
"We're sharing the END_CASE so the lengths better match");
}
END_CASE(BindUnqualifiedName)
CASE(BindName) {
auto envChain = REGS.fp()->environmentChain();
ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS.pc));
JSObject* env = LookupNameWithGlobalDefault(cx, name, envChain);
if (!env) {
goto error;
}
PUSH_OBJECT(*env);
}
END_CASE(BindName)
CASE(BindVar) {
JSObject* varObj = BindVarOperation(cx, REGS.fp()->environmentChain());
PUSH_OBJECT(*varObj);
}
END_CASE(BindVar)
CASE(BitOr) {
MutableHandleValue lhs = REGS.stackHandleAt(-2);
MutableHandleValue rhs = REGS.stackHandleAt(-1);
MutableHandleValue res = REGS.stackHandleAt(-2);
if (!BitOrOperation(cx, lhs, rhs, res)) {
goto error;
}
REGS.sp--;
}
END_CASE(BitOr)
CASE(BitXor) {
MutableHandleValue lhs = REGS.stackHandleAt(-2);
MutableHandleValue rhs = REGS.stackHandleAt(-1);
MutableHandleValue res = REGS.stackHandleAt(-2);
if (!BitXorOperation(cx, lhs, rhs, res)) {
goto error;
}
REGS.sp--;
}
END_CASE(BitXor)
CASE(BitAnd) {
MutableHandleValue lhs = REGS.stackHandleAt(-2);
MutableHandleValue rhs = REGS.stackHandleAt(-1);
MutableHandleValue res = REGS.stackHandleAt(-2);
if (!BitAndOperation(cx, lhs, rhs, res)) {
goto error;
}
REGS.sp--;
}
END_CASE(BitAnd)
CASE(Eq) {
if (!LooseEqualityOp<true>(cx, REGS)) {
goto error;
}
}
END_CASE(Eq)
CASE(Ne) {
if (!LooseEqualityOp<false>(cx, REGS)) {
goto error;
}
}
END_CASE(Ne)
#define STRICT_EQUALITY_OP(OP, COND) \
JS_BEGIN_MACRO \
HandleValue lval = REGS.stackHandleAt(-2); \
HandleValue rval = REGS.stackHandleAt(-1); \
bool equal; \
if (!js::StrictlyEqual(cx, lval, rval, &equal)) { \
goto error; \
} \
(COND) = equal OP true; \
REGS.sp--; \
JS_END_MACRO
CASE(StrictEq) {
bool cond;
STRICT_EQUALITY_OP(==, cond);
REGS.sp[-1].setBoolean(cond);
}
END_CASE(StrictEq)
CASE(StrictNe) {
bool cond;
STRICT_EQUALITY_OP(!=, cond);
REGS.sp[-1].setBoolean(cond);
}
END_CASE(StrictNe)
#undef STRICT_EQUALITY_OP
CASE(StrictConstantEq) {
JS::Handle<JS::Value> value = REGS.stackHandleAt(-1);
bool equal;
if (!js::ConstantStrictEqual(cx, value, GET_UINT16(REGS.pc), &equal)) {
goto error;
}
REGS.sp[-1].setBoolean(equal);
}
END_CASE(StrictConstantEq)
CASE(StrictConstantNe) {
JS::Handle<JS::Value> value = REGS.stackHandleAt(-1);
bool equal;
if (!js::ConstantStrictEqual(cx, value, GET_UINT16(REGS.pc), &equal)) {
goto error;
}
REGS.sp[-1].setBoolean(!equal);
}
END_CASE(StrictConstantNe)
CASE(Case) {
bool cond = REGS.sp[-1].toBoolean();
REGS.sp--;
if (cond) {
REGS.sp--;
BRANCH(GET_JUMP_OFFSET(REGS.pc));
}
}
END_CASE(Case)
CASE(Lt) {
bool cond;
MutableHandleValue lval = REGS.stackHandleAt(-2);
MutableHandleValue rval = REGS.stackHandleAt(-1);
if (!LessThanOperation(cx, lval, rval, &cond)) {
goto error;
}
TRY_BRANCH_AFTER_COND(cond, 2);
REGS.sp[-2].setBoolean(cond);
REGS.sp--;
}
END_CASE(Lt)
CASE(Le) {
bool cond;
MutableHandleValue lval = REGS.stackHandleAt(-2);
MutableHandleValue rval = REGS.stackHandleAt(-1);
if (!LessThanOrEqualOperation(cx, lval, rval, &cond)) {
goto error;
}
TRY_BRANCH_AFTER_COND(cond, 2);
REGS.sp[-2].setBoolean(cond);
REGS.sp--;
}
END_CASE(Le)
CASE(Gt) {
bool cond;
MutableHandleValue lval = REGS.stackHandleAt(-2);
MutableHandleValue rval = REGS.stackHandleAt(-1);
if (!GreaterThanOperation(cx, lval, rval, &cond)) {
goto error;
}
TRY_BRANCH_AFTER_COND(cond, 2);
REGS.sp[-2].setBoolean(cond);
REGS.sp--;
}
END_CASE(Gt)
CASE(Ge) {
bool cond;
MutableHandleValue lval = REGS.stackHandleAt(-2);
MutableHandleValue rval = REGS.stackHandleAt(-1);
if (!GreaterThanOrEqualOperation(cx, lval, rval, &cond)) {
goto error;
}
TRY_BRANCH_AFTER_COND(cond, 2);
REGS.sp[-2].setBoolean(cond);
REGS.sp--;
}
END_CASE(Ge)
CASE(Lsh) {
MutableHandleValue lhs = REGS.stackHandleAt(-2);
MutableHandleValue rhs = REGS.stackHandleAt(-1);
MutableHandleValue res = REGS.stackHandleAt(-2);
if (!BitLshOperation(cx, lhs, rhs, res)) {
goto error;
}
REGS.sp--;
}
END_CASE(Lsh)
CASE(Rsh) {
MutableHandleValue lhs = REGS.stackHandleAt(-2);
MutableHandleValue rhs = REGS.stackHandleAt(-1);
MutableHandleValue res = REGS.stackHandleAt(-2);
if (!BitRshOperation(cx, lhs, rhs, res)) {
goto error;
}
REGS.sp--;
}
END_CASE(Rsh)
CASE(Ursh) {
MutableHandleValue lhs = REGS.stackHandleAt(-2);
MutableHandleValue rhs = REGS.stackHandleAt(-1);
MutableHandleValue res = REGS.stackHandleAt(-2);
if (!UrshOperation(cx, lhs, rhs, res)) {
goto error;
}
REGS.sp--;
}
END_CASE(Ursh)
CASE(Add) {
MutableHandleValue lval = REGS.stackHandleAt(-2);
MutableHandleValue rval = REGS.stackHandleAt(-1);
MutableHandleValue res = REGS.stackHandleAt(-2);
if (!AddOperation(cx, lval, rval, res)) {
goto error;
}
REGS.sp--;
}
END_CASE(Add)
CASE(Sub) {
ReservedRooted<Value> lval(&rootValue0, REGS.sp[-2]);
ReservedRooted<Value> rval(&rootValue1, REGS.sp[-1]);
MutableHandleValue res = REGS.stackHandleAt(-2);
if (!SubOperation(cx, &lval, &rval, res)) {
goto error;
}
REGS.sp--;
}
END_CASE(Sub)
CASE(Mul) {
ReservedRooted<Value> lval(&rootValue0, REGS.sp[-2]);
ReservedRooted<Value> rval(&rootValue1, REGS.sp[-1]);
MutableHandleValue res = REGS.stackHandleAt(-2);
if (!MulOperation(cx, &lval, &rval, res)) {
goto error;
}
REGS.sp--;
}
END_CASE(Mul)
CASE(Div) {
ReservedRooted<Value> lval(&rootValue0, REGS.sp[-2]);
ReservedRooted<Value> rval(&rootValue1, REGS.sp[-1]);
MutableHandleValue res = REGS.stackHandleAt(-2);
if (!DivOperation(cx, &lval, &rval, res)) {
goto error;
}
REGS.sp--;
}
END_CASE(Div)
CASE(Mod) {
ReservedRooted<Value> lval(&rootValue0, REGS.sp[-2]);
ReservedRooted<Value> rval(&rootValue1, REGS.sp[-1]);
MutableHandleValue res = REGS.stackHandleAt(-2);
if (!ModOperation(cx, &lval, &rval, res)) {
goto error;
}
REGS.sp--;
}
END_CASE(Mod)
CASE(Pow) {
ReservedRooted<Value> lval(&rootValue0, REGS.sp[-2]);
ReservedRooted<Value> rval(&rootValue1, REGS.sp[-1]);
MutableHandleValue res = REGS.stackHandleAt(-2);
if (!PowOperation(cx, &lval, &rval, res)) {
goto error;
}
REGS.sp--;
}
END_CASE(Pow)
CASE(Not) {
bool cond = ToBoolean(REGS.stackHandleAt(-1));
REGS.sp--;
PUSH_BOOLEAN(!cond);
}
END_CASE(Not)
CASE(BitNot) {
MutableHandleValue val = REGS.stackHandleAt(-1);
if (!BitNotOperation(cx, val, val)) {
goto error;
}
}
END_CASE(BitNot)
CASE(Neg) {
MutableHandleValue val = REGS.stackHandleAt(-1);
if (!NegOperation(cx, val, val)) {
goto error;
}
}
END_CASE(Neg)
CASE(Pos) {
if (!ToNumber(cx, REGS.stackHandleAt(-1))) {
goto error;
}
}
END_CASE(Pos)
CASE(DelName) {
ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS.pc));
HandleObject envChain = REGS.fp()->environmentChain();
PUSH_BOOLEAN(true);
MutableHandleValue res = REGS.stackHandleAt(-1);
if (!DeleteNameOperation(cx, name, envChain, res)) {
goto error;
}
}
END_CASE(DelName)
CASE(DelProp)
CASE(StrictDelProp) {
static_assert(JSOpLength_DelProp == JSOpLength_StrictDelProp,
"delprop and strictdelprop must be the same size");
HandleValue val = REGS.stackHandleAt(-1);
ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS.pc));
bool res = false;
if (JSOp(*REGS.pc) == JSOp::StrictDelProp) {
if (!DelPropOperation<true>(cx, val, name, &res)) {
goto error;
}
} else {
if (!DelPropOperation<false>(cx, val, name, &res)) {
goto error;
}
}
REGS.sp[-1].setBoolean(res);
}
END_CASE(DelProp)
CASE(DelElem)
CASE(StrictDelElem) {
static_assert(JSOpLength_DelElem == JSOpLength_StrictDelElem,
"delelem and strictdelelem must be the same size");
HandleValue val = REGS.stackHandleAt(-2);
HandleValue propval = REGS.stackHandleAt(-1);
bool res = false;
if (JSOp(*REGS.pc) == JSOp::StrictDelElem) {
if (!DelElemOperation<true>(cx, val, propval, &res)) {
goto error;
}
} else {
if (!DelElemOperation<false>(cx, val, propval, &res)) {
goto error;
}
}
REGS.sp[-2].setBoolean(res);
REGS.sp--;
}
END_CASE(DelElem)
CASE(ToPropertyKey) {
ReservedRooted<Value> idval(&rootValue1, REGS.sp[-1]);
MutableHandleValue res = REGS.stackHandleAt(-1);
if (!ToPropertyKeyOperation(cx, idval, res)) {
goto error;
}
}
END_CASE(ToPropertyKey)
CASE(TypeofExpr)
CASE(Typeof) {
REGS.sp[-1].setString(TypeOfOperation(REGS.sp[-1], cx->runtime()));
}
END_CASE(Typeof)
CASE(TypeofEq) {
auto operand = TypeofEqOperand::fromRawValue(GET_UINT8(REGS.pc));
bool result = js::TypeOfValue(REGS.sp[-1]) == operand.type();
if (operand.compareOp() == JSOp::Ne) {
result = !result;
}
REGS.sp[-1].setBoolean(result);
}
END_CASE(TypeofEq)
CASE(Void) { REGS.sp[-1].setUndefined(); }
END_CASE(Void)
CASE(FunctionThis) {
PUSH_NULL();
if (!GetFunctionThis(cx, REGS.fp(), REGS.stackHandleAt(-1))) {
goto error;
}
}
END_CASE(FunctionThis)
CASE(GlobalThis) {
MOZ_ASSERT(!script->hasNonSyntacticScope());
PUSH_OBJECT(*cx->global()->lexicalEnvironment().thisObject());
}
END_CASE(GlobalThis)
CASE(NonSyntacticGlobalThis) {
PUSH_NULL();
GetNonSyntacticGlobalThis(cx, REGS.fp()->environmentChain(),
REGS.stackHandleAt(-1));
}
END_CASE(NonSyntacticGlobalThis)
CASE(CheckIsObj) {
if (!REGS.sp[-1].isObject()) {
MOZ_ALWAYS_FALSE(
ThrowCheckIsObject(cx, CheckIsObjectKind(GET_UINT8(REGS.pc))));
goto error;
}
}
END_CASE(CheckIsObj)
CASE(CheckThis) {
if (REGS.sp[-1].isMagic(JS_UNINITIALIZED_LEXICAL)) {
MOZ_ALWAYS_FALSE(ThrowUninitializedThis(cx));
goto error;
}
}
END_CASE(CheckThis)
CASE(CheckThisReinit) {
if (!REGS.sp[-1].isMagic(JS_UNINITIALIZED_LEXICAL)) {
MOZ_ALWAYS_FALSE(ThrowInitializedThis(cx));
goto error;
}
}
END_CASE(CheckThisReinit)
CASE(CheckReturn) {
ReservedRooted<Value> thisv(&rootValue0, REGS.sp[-1]);
MutableHandleValue rval = REGS.stackHandleAt(-1);
if (!REGS.fp()->checkReturn(cx, thisv, rval)) {
goto error;
}
}
END_CASE(CheckReturn)
CASE(GetProp) {
ReservedRooted<Value> lval(&rootValue0, REGS.sp[-1]);
MutableHandleValue res = REGS.stackHandleAt(-1);
ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS.pc));
if (!GetPropertyOperation(cx, name, lval, res)) {
goto error;
}
cx->debugOnlyCheck(res);
}
END_CASE(GetProp)
CASE(GetPropSuper) {
ReservedRooted<Value> receiver(&rootValue0, REGS.sp[-2]);
HandleValue lval = REGS.stackHandleAt(-1);
MOZ_ASSERT(lval.isObjectOrNull());
MutableHandleValue rref = REGS.stackHandleAt(-2);
ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS.pc));
ReservedRooted<JSObject*> obj(&rootObject0);
obj = ToObjectFromStackForPropertyAccess(cx, lval, -1, name);
if (!obj) {
goto error;
}
if (!GetProperty(cx, obj, receiver, name, rref)) {
goto error;
}
cx->debugOnlyCheck(rref);
REGS.sp--;
}
END_CASE(GetPropSuper)
CASE(GetBoundName) {
ReservedRooted<JSObject*> env(&rootObject0, ®S.sp[-1].toObject());
ReservedRooted<jsid> id(&rootId0, NameToId(script->getName(REGS.pc)));
MutableHandleValue rval = REGS.stackHandleAt(-1);
if (!GetNameBoundInEnvironment(cx, env, id, rval)) {
goto error;
}
cx->debugOnlyCheck(rval);
}
END_CASE(GetBoundName)
CASE(SetIntrinsic) {
HandleValue value = REGS.stackHandleAt(-1);
if (!SetIntrinsicOperation(cx, script, REGS.pc, value)) {
goto error;
}
}
END_CASE(SetIntrinsic)
CASE(SetGName)
CASE(StrictSetGName)
CASE(SetName)
CASE(StrictSetName) {
static_assert(JSOpLength_SetName == JSOpLength_StrictSetName,
"setname and strictsetname must be the same size");
static_assert(JSOpLength_SetGName == JSOpLength_StrictSetGName,
"setgname and strictsetgname must be the same size");
static_assert(JSOpLength_SetName == JSOpLength_SetGName,
"We're sharing the END_CASE so the lengths better match");
ReservedRooted<JSObject*> env(&rootObject0, ®S.sp[-2].toObject());
HandleValue value = REGS.stackHandleAt(-1);
if (!SetNameOperation(cx, script, REGS.pc, env, value)) {
goto error;
}
REGS.sp[-2] = REGS.sp[-1];
REGS.sp--;
}
END_CASE(SetName)
CASE(SetProp)
CASE(StrictSetProp) {
static_assert(JSOpLength_SetProp == JSOpLength_StrictSetProp,
"setprop and strictsetprop must be the same size");
int lvalIndex = -2;
HandleValue lval = REGS.stackHandleAt(lvalIndex);
HandleValue rval = REGS.stackHandleAt(-1);
ReservedRooted<jsid> id(&rootId0, NameToId(script->getName(REGS.pc)));
bool strict = JSOp(*REGS.pc) == JSOp::StrictSetProp;
ReservedRooted<JSObject*> obj(&rootObject0);
obj = ToObjectFromStackForPropertyAccess(cx, lval, lvalIndex, id);
if (!obj) {
goto error;
}
if (!SetObjectElementOperation(cx, obj, id, rval, lval, strict)) {
goto error;
}
REGS.sp[-2] = REGS.sp[-1];
REGS.sp--;
}
END_CASE(SetProp)
CASE(SetPropSuper)
CASE(StrictSetPropSuper) {
static_assert(
JSOpLength_SetPropSuper == JSOpLength_StrictSetPropSuper,
"setprop-super and strictsetprop-super must be the same size");
HandleValue receiver = REGS.stackHandleAt(-3);
HandleValue lval = REGS.stackHandleAt(-2);
MOZ_ASSERT(lval.isObjectOrNull());
HandleValue rval = REGS.stackHandleAt(-1);
ReservedRooted<jsid> id(&rootId0, NameToId(script->getName(REGS.pc)));
bool strict = JSOp(*REGS.pc) == JSOp::StrictSetPropSuper;
ReservedRooted<JSObject*> obj(&rootObject0);
obj = ToObjectFromStackForPropertyAccess(cx, lval, -2, id);
if (!obj) {
goto error;
}
if (!SetObjectElementOperation(cx, obj, id, rval, receiver, strict)) {
goto error;
}
REGS.sp[-3] = REGS.sp[-1];
REGS.sp -= 2;
}
END_CASE(SetPropSuper)
CASE(GetElem) {
int lvalIndex = -2;
ReservedRooted<Value> lval(&rootValue0, REGS.sp[lvalIndex]);
HandleValue rval = REGS.stackHandleAt(-1);
MutableHandleValue res = REGS.stackHandleAt(-2);
if (!GetElementOperationWithStackIndex(cx, lval, lvalIndex, rval, res)) {
goto error;
}
REGS.sp--;
}
END_CASE(GetElem)
CASE(GetElemSuper) {
ReservedRooted<Value> receiver(&rootValue0, REGS.sp[-3]);
HandleValue index = REGS.stackHandleAt(-2);
HandleValue lval = REGS.stackHandleAt(-1);
MOZ_ASSERT(lval.isObjectOrNull());
MutableHandleValue res = REGS.stackHandleAt(-3);
ReservedRooted<JSObject*> obj(&rootObject0);
obj = ToObjectFromStackForPropertyAccess(cx, lval, -1, index);
if (!obj) {
goto error;
}
if (!GetObjectElementOperation(cx, JSOp(*REGS.pc), obj, receiver, index,
res)) {
goto error;
}
REGS.sp -= 2;
}
END_CASE(GetElemSuper)
CASE(SetElem)
CASE(StrictSetElem) {
static_assert(JSOpLength_SetElem == JSOpLength_StrictSetElem,
"setelem and strictsetelem must be the same size");
int receiverIndex = -3;
HandleValue receiver = REGS.stackHandleAt(receiverIndex);
HandleValue value = REGS.stackHandleAt(-1);
ReservedRooted<JSObject*> obj(&rootObject0);
obj = ToObjectFromStackForPropertyAccess(cx, receiver, receiverIndex,
REGS.stackHandleAt(-2));
if (!obj) {
goto error;
}
ReservedRooted<jsid> id(&rootId0);
FETCH_ELEMENT_ID(-2, id);
if (!SetObjectElementOperation(cx, obj, id, value, receiver,
JSOp(*REGS.pc) == JSOp::StrictSetElem)) {
goto error;
}
REGS.sp[-3] = value;
REGS.sp -= 2;
}
END_CASE(SetElem)
CASE(SetElemSuper)
CASE(StrictSetElemSuper) {
static_assert(
JSOpLength_SetElemSuper == JSOpLength_StrictSetElemSuper,
"setelem-super and strictsetelem-super must be the same size");
HandleValue receiver = REGS.stackHandleAt(-4);
HandleValue lval = REGS.stackHandleAt(-2);
MOZ_ASSERT(lval.isObjectOrNull());
HandleValue value = REGS.stackHandleAt(-1);
ReservedRooted<JSObject*> obj(&rootObject0);
obj = ToObjectFromStackForPropertyAccess(cx, lval, -2,
REGS.stackHandleAt(-3));
if (!obj) {
goto error;
}
ReservedRooted<jsid> id(&rootId0);
FETCH_ELEMENT_ID(-3, id);
bool strict = JSOp(*REGS.pc) == JSOp::StrictSetElemSuper;
if (!SetObjectElementOperation(cx, obj, id, value, receiver, strict)) {
goto error;
}
REGS.sp[-4] = value;
REGS.sp -= 3;
}
END_CASE(SetElemSuper)
CASE(Eval)
CASE(StrictEval) {
static_assert(JSOpLength_Eval == JSOpLength_StrictEval,
"eval and stricteval must be the same size");
CallArgs args = CallArgsFromSp(GET_ARGC(REGS.pc), REGS.sp);
if (cx->global()->valueIsEval(args.calleev())) {
if (!DirectEval(cx, args.get(0), args.rval())) {
goto error;
}
} else {
if (!CallFromStack(cx, args, CallReason::Call)) {
goto error;
}
}
REGS.sp = args.spAfterCall();
}
END_CASE(Eval)
CASE(SpreadNew)
CASE(SpreadCall)
CASE(SpreadSuperCall) {
if (REGS.fp()->hasPushedGeckoProfilerFrame()) {
cx->geckoProfiler().updatePC(cx, script, REGS.pc);
}
/* FALL THROUGH */
}
CASE(SpreadEval)
CASE(StrictSpreadEval) {
static_assert(JSOpLength_SpreadEval == JSOpLength_StrictSpreadEval,
"spreadeval and strictspreadeval must be the same size");
bool construct = JSOp(*REGS.pc) == JSOp::SpreadNew ||
JSOp(*REGS.pc) == JSOp::SpreadSuperCall;
MOZ_ASSERT(REGS.stackDepth() >= 3u + construct);
HandleValue callee = REGS.stackHandleAt(-3 - construct);
HandleValue thisv = REGS.stackHandleAt(-2 - construct);
HandleValue arr = REGS.stackHandleAt(-1 - construct);
MutableHandleValue ret = REGS.stackHandleAt(-3 - construct);
ReservedRooted<Value> newTarget(&rootValue0);
if (construct) {
newTarget = REGS.sp[-1];
} else {
newTarget = NullValue();
}
if (!SpreadCallOperation(cx, script, REGS.pc, thisv, callee, arr,
newTarget, ret)) {
goto error;
}
REGS.sp -= 2 + construct;
}
END_CASE(SpreadCall)
CASE(New)
CASE(NewContent)
CASE(Call)
CASE(CallContent)
CASE(CallIgnoresRv)
CASE(CallIter)
CASE(CallContentIter)
CASE(SuperCall) {
static_assert(JSOpLength_Call == JSOpLength_New,
"call and new must be the same size");
static_assert(JSOpLength_Call == JSOpLength_CallContent,
"call and call-content must be the same size");
static_assert(JSOpLength_Call == JSOpLength_CallIgnoresRv,
"call and call-ignores-rv must be the same size");
static_assert(JSOpLength_Call == JSOpLength_CallIter,
"call and calliter must be the same size");
static_assert(JSOpLength_Call == JSOpLength_CallContentIter,
"call and call-content-iter must be the same size");
static_assert(JSOpLength_Call == JSOpLength_SuperCall,
"call and supercall must be the same size");
if (REGS.fp()->hasPushedGeckoProfilerFrame()) {
cx->geckoProfiler().updatePC(cx, script, REGS.pc);
}
JSOp op = JSOp(*REGS.pc);
MaybeConstruct construct = MaybeConstruct(
op == JSOp::New || op == JSOp::NewContent || op == JSOp::SuperCall);
bool ignoresReturnValue = op == JSOp::CallIgnoresRv;
unsigned argStackSlots = GET_ARGC(REGS.pc) + construct;
MOZ_ASSERT(REGS.stackDepth() >= 2u + GET_ARGC(REGS.pc));
CallArgs args =
CallArgsFromSp(argStackSlots, REGS.sp, construct, ignoresReturnValue);
JSFunction* maybeFun;
bool isFunction = IsFunctionObject(args.calleev(), &maybeFun);
// Use the slow path if the callee is not an interpreted function, if we
// have to throw an exception, or if we might have to invoke the
// OnNativeCall hook for a self-hosted builtin.
if (!isFunction || !maybeFun->isInterpreted() ||
(construct && !maybeFun->isConstructor()) ||
(!construct && maybeFun->isClassConstructor()) ||
cx->realm()->debuggerObservesNativeCall()) {
if (construct) {
CallReason reason = op == JSOp::NewContent ? CallReason::CallContent
: CallReason::Call;
if (!ConstructFromStack(cx, args, reason)) {
goto error;
}
} else {
if ((op == JSOp::CallIter || op == JSOp::CallContentIter) &&
args.calleev().isPrimitive()) {
MOZ_ASSERT(args.length() == 0, "thisv must be on top of the stack");
ReportValueError(cx, JSMSG_NOT_ITERABLE, -1, args.thisv(), nullptr);
goto error;
}
CallReason reason =
(op == JSOp::CallContent || op == JSOp::CallContentIter)
? CallReason::CallContent
: CallReason::Call;
if (!CallFromStack(cx, args, reason)) {
goto error;
}
}
Value* newsp = args.spAfterCall();
REGS.sp = newsp;
ADVANCE_AND_DISPATCH(JSOpLength_Call);
}
{
MOZ_ASSERT(maybeFun);
ReservedRooted<JSFunction*> fun(&rootFunction0, maybeFun);
ReservedRooted<JSScript*> funScript(
&rootScript0, JSFunction::getOrCreateScript(cx, fun));
if (!funScript) {
goto error;
}
// Enter the callee's realm if this is a cross-realm call. Use
// MakeScopeExit to leave this realm on all error/JIT-return paths
// below.
const bool isCrossRealm = cx->realm() != funScript->realm();
if (isCrossRealm) {
cx->enterRealmOf(funScript);
}
auto leaveRealmGuard =
mozilla::MakeScopeExit([isCrossRealm, cx, &script] {
if (isCrossRealm) {
cx->leaveRealm(script->realm());
}
});
if (construct && !MaybeCreateThisForConstructor(cx, args)) {
goto error;
}
{
InvokeState state(cx, args, construct);
jit::EnterJitStatus status = jit::MaybeEnterJit(cx, state);
switch (status) {
case jit::EnterJitStatus::Error:
goto error;
case jit::EnterJitStatus::Ok:
interpReturnOK = true;
CHECK_BRANCH();
REGS.sp = args.spAfterCall();
goto jit_return;
case jit::EnterJitStatus::NotEntered:
break;
}
#ifdef NIGHTLY_BUILD
// If entry trampolines are enabled, call back into
// MaybeEnterInterpreterTrampoline so we can generate an
// entry trampoline for the new frame.
if (jit::JitOptions.emitInterpreterEntryTrampoline) {
if (MaybeEnterInterpreterTrampoline(cx, state)) {
interpReturnOK = true;
CHECK_BRANCH();
REGS.sp = args.spAfterCall();
goto jit_return;
}
goto error;
}
#endif
}
funScript = fun->nonLazyScript();
if (!activation.pushInlineFrame(args, funScript, construct)) {
goto error;
}
leaveRealmGuard.release(); // We leave the callee's realm when we
// call popInlineFrame.
}
SET_SCRIPT(REGS.fp()->script());
if (!REGS.fp()->prologue(cx)) {
goto prologue_error;
}
if (!DebugAPI::onEnterFrame(cx, REGS.fp())) {
goto error;
}
// Increment the coverage for the main entry point.
INIT_COVERAGE();
COUNT_COVERAGE_MAIN();
/* Load first op and dispatch it (safe since JSOp::RetRval). */
ADVANCE_AND_DISPATCH(0);
}
CASE(OptimizeSpreadCall) {
ReservedRooted<Value> val(&rootValue0, REGS.sp[-1]);
MutableHandleValue rval = REGS.stackHandleAt(-1);
if (!OptimizeSpreadCall(cx, val, rval)) {
goto error;
}
}
END_CASE(OptimizeSpreadCall)
CASE(ThrowMsg) {
MOZ_ALWAYS_FALSE(ThrowMsgOperation(cx, GET_UINT8(REGS.pc)));
goto error;
}
END_CASE(ThrowMsg)
CASE(ImplicitThis) {
Value thisv = ComputeImplicitThis(®S.sp[-1].toObject());
REGS.sp[-1] = thisv;
}
END_CASE(ImplicitThis)
CASE(GetGName) {
ReservedRooted<Value> rval(&rootValue0);
ReservedRooted<JSObject*> env(&rootObject0,
&cx->global()->lexicalEnvironment());
ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS.pc));
MOZ_ASSERT(!script->hasNonSyntacticScope());
if (!GetNameOperation(cx, env, name, JSOp(REGS.pc[JSOpLength_GetGName]),
&rval)) {
goto error;
}
PUSH_COPY(rval);
}
END_CASE(GetGName)
CASE(GetName) {
ReservedRooted<Value> rval(&rootValue0);
ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS.pc));
if (!GetNameOperation(cx, REGS.fp()->environmentChain(), name,
JSOp(REGS.pc[JSOpLength_GetName]), &rval)) {
goto error;
}
PUSH_COPY(rval);
}
END_CASE(GetName)
CASE(GetImport) {
PUSH_NULL();
MutableHandleValue rval = REGS.stackHandleAt(-1);
HandleObject envChain = REGS.fp()->environmentChain();
if (!GetImportOperation(cx, envChain, script, REGS.pc, rval)) {
goto error;
}
}
END_CASE(GetImport)
CASE(GetIntrinsic) {
ReservedRooted<Value> rval(&rootValue0);
if (!GetIntrinsicOperation(cx, script, REGS.pc, &rval)) {
goto error;
}
PUSH_COPY(rval);
}
END_CASE(GetIntrinsic)
CASE(Uint16) { PUSH_INT32((int32_t)GET_UINT16(REGS.pc)); }
END_CASE(Uint16)
CASE(Uint24) { PUSH_INT32((int32_t)GET_UINT24(REGS.pc)); }
END_CASE(Uint24)
CASE(Int8) { PUSH_INT32(GET_INT8(REGS.pc)); }
END_CASE(Int8)
CASE(Int32) { PUSH_INT32(GET_INT32(REGS.pc)); }
END_CASE(Int32)
CASE(Double) { PUSH_COPY(GET_INLINE_VALUE(REGS.pc)); }
END_CASE(Double)
CASE(String) { PUSH_STRING(script->getString(REGS.pc)); }
END_CASE(String)
CASE(ToString) {
MutableHandleValue oper = REGS.stackHandleAt(-1);
if (!oper.isString()) {
JSString* operString = ToString<CanGC>(cx, oper);
if (!operString) {
goto error;
}
oper.setString(operString);
}
}
END_CASE(ToString)
CASE(Symbol) {
PUSH_SYMBOL(cx->wellKnownSymbols().get(GET_UINT8(REGS.pc)));
}
END_CASE(Symbol)
CASE(Object) {
MOZ_ASSERT(script->treatAsRunOnce());
PUSH_OBJECT(*script->getObject(REGS.pc));
}
END_CASE(Object)
CASE(CallSiteObj) {
JSObject* cso = script->getObject(REGS.pc);
MOZ_ASSERT(!cso->as<ArrayObject>().isExtensible());
MOZ_ASSERT(cso->as<ArrayObject>().containsPure(cx->names().raw));
PUSH_OBJECT(*cso);
}
END_CASE(CallSiteObj)
CASE(RegExp) {
/*
* Push a regexp object cloned from the regexp literal object mapped by
* the bytecode at pc.
*/
ReservedRooted<JSObject*> re(&rootObject0, script->getRegExp(REGS.pc));
JSObject* obj = CloneRegExpObject(cx, re.as<RegExpObject>());
if (!obj) {
goto error;
}
PUSH_OBJECT(*obj);
}
END_CASE(RegExp)
CASE(Zero) { PUSH_INT32(0); }
END_CASE(Zero)
CASE(One) { PUSH_INT32(1); }
END_CASE(One)
CASE(Null) { PUSH_NULL(); }
END_CASE(Null)
CASE(False) { PUSH_BOOLEAN(false); }
END_CASE(False)
CASE(True) { PUSH_BOOLEAN(true); }
END_CASE(True)
CASE(TableSwitch) {
jsbytecode* pc2 = REGS.pc;
int32_t len = GET_JUMP_OFFSET(pc2);
/*
* ECMAv2+ forbids conversion of discriminant, so we will skip to the
* default case if the discriminant isn't already an int jsval. (This
* opcode is emitted only for dense int-domain switches.)
*/
const Value& rref = *--REGS.sp;
int32_t i;
if (rref.isInt32()) {
i = rref.toInt32();
} else {
/* Use mozilla::NumberEqualsInt32 to treat -0 (double) as 0. */
if (!rref.isDouble() || !NumberEqualsInt32(rref.toDouble(), &i)) {
ADVANCE_AND_DISPATCH(len);
}
}
pc2 += JUMP_OFFSET_LEN;
int32_t low = GET_JUMP_OFFSET(pc2);
pc2 += JUMP_OFFSET_LEN;
int32_t high = GET_JUMP_OFFSET(pc2);
i = uint32_t(i) - uint32_t(low);
if (uint32_t(i) < uint32_t(high - low + 1)) {
len = script->tableSwitchCaseOffset(REGS.pc, uint32_t(i)) -
script->pcToOffset(REGS.pc);
}
ADVANCE_AND_DISPATCH(len);
}
CASE(Arguments) {
MOZ_ASSERT(script->needsArgsObj());
ArgumentsObject* obj = ArgumentsObject::createExpected(cx, REGS.fp());
if (!obj) {
goto error;
}
PUSH_COPY(ObjectValue(*obj));
}
END_CASE(Arguments)
CASE(Rest) {
ReservedRooted<JSObject*> rest(&rootObject0,
REGS.fp()->createRestParameter(cx));
if (!rest) {
goto error;
}
PUSH_COPY(ObjectValue(*rest));
}
END_CASE(Rest)
CASE(GetAliasedVar) {
EnvironmentCoordinate ec = EnvironmentCoordinate(REGS.pc);
ReservedRooted<Value> val(
&rootValue0, REGS.fp()->aliasedEnvironment(ec).aliasedBinding(ec));
ASSERT_UNINITIALIZED_ALIASED_LEXICAL(val);
PUSH_COPY(val);
}
END_CASE(GetAliasedVar)
CASE(GetAliasedDebugVar) {
EnvironmentCoordinate ec = EnvironmentCoordinate(REGS.pc);
ReservedRooted<Value> val(
&rootValue0,
REGS.fp()->aliasedEnvironmentMaybeDebug(ec).aliasedBinding(ec));
ASSERT_UNINITIALIZED_ALIASED_LEXICAL(val);
PUSH_COPY(val);
}
END_CASE(GetAliasedVar)
CASE(SetAliasedVar) {
EnvironmentCoordinate ec = EnvironmentCoordinate(REGS.pc);
EnvironmentObject& obj = REGS.fp()->aliasedEnvironment(ec);
MOZ_ASSERT(!IsUninitializedLexical(obj.aliasedBinding(ec)));
obj.setAliasedBinding(ec, REGS.sp[-1]);
}
END_CASE(SetAliasedVar)
CASE(ThrowSetConst) {
ReportRuntimeLexicalError(cx, JSMSG_BAD_CONST_ASSIGN, script, REGS.pc);
goto error;
}
END_CASE(ThrowSetConst)
CASE(CheckLexical) {
if (REGS.sp[-1].isMagic(JS_UNINITIALIZED_LEXICAL)) {
ReportRuntimeLexicalError(cx, JSMSG_UNINITIALIZED_LEXICAL, script,
REGS.pc);
goto error;
}
}
END_CASE(CheckLexical)
CASE(CheckAliasedLexical) {
if (REGS.sp[-1].isMagic(JS_UNINITIALIZED_LEXICAL)) {
ReportRuntimeLexicalError(cx, JSMSG_UNINITIALIZED_LEXICAL, script,
REGS.pc);
goto error;
}
}
END_CASE(CheckAliasedLexical)
CASE(InitLexical) {
uint32_t i = GET_LOCALNO(REGS.pc);
REGS.fp()->unaliasedLocal(i) = REGS.sp[-1];
}
END_CASE(InitLexical)
CASE(InitAliasedLexical) {
EnvironmentCoordinate ec = EnvironmentCoordinate(REGS.pc);
EnvironmentObject& obj = REGS.fp()->aliasedEnvironment(ec);
obj.setAliasedBinding(ec, REGS.sp[-1]);
}
END_CASE(InitAliasedLexical)
CASE(InitGLexical) {
ExtensibleLexicalEnvironmentObject* lexicalEnv;
if (script->hasNonSyntacticScope()) {
lexicalEnv = ®S.fp()->extensibleLexicalEnvironment();
} else {
lexicalEnv = &cx->global()->lexicalEnvironment();
}
HandleValue value = REGS.stackHandleAt(-1);
InitGlobalLexicalOperation(cx, lexicalEnv, script, REGS.pc, value);
}
END_CASE(InitGLexical)
CASE(Uninitialized) { PUSH_MAGIC(JS_UNINITIALIZED_LEXICAL); }
END_CASE(Uninitialized)
CASE(GetArg) {
unsigned i = GET_ARGNO(REGS.pc);
if (script->argsObjAliasesFormals()) {
PUSH_COPY(REGS.fp()->argsObj().arg(i));
} else {
PUSH_COPY(REGS.fp()->unaliasedFormal(i));
}
}
END_CASE(GetArg)
CASE(GetFrameArg) {
uint32_t i = GET_ARGNO(REGS.pc);
PUSH_COPY(REGS.fp()->unaliasedFormal(i, DONT_CHECK_ALIASING));
}
END_CASE(GetFrameArg)
CASE(SetArg) {
unsigned i = GET_ARGNO(REGS.pc);
if (script->argsObjAliasesFormals()) {
REGS.fp()->argsObj().setArg(i, REGS.sp[-1]);
} else {
REGS.fp()->unaliasedFormal(i) = REGS.sp[-1];
}
}
END_CASE(SetArg)
CASE(GetLocal) {
uint32_t i = GET_LOCALNO(REGS.pc);
PUSH_COPY_SKIP_CHECK(REGS.fp()->unaliasedLocal(i));
#ifdef DEBUG
if (IsUninitializedLexical(REGS.sp[-1])) {
JSOp next = JSOp(*GetNextPc(REGS.pc));
MOZ_ASSERT(next == JSOp::CheckThis || next == JSOp::CheckReturn ||
next == JSOp::CheckThisReinit || next == JSOp::CheckLexical);
}
/*
* Skip the same-compartment assertion if the local will be immediately
* popped. We do not guarantee sync for dead locals when coming in from
* the method JIT, and a GetLocal followed by Pop is not considered to
* be a use of the variable.
*/
if (JSOp(REGS.pc[JSOpLength_GetLocal]) != JSOp::Pop) {
cx->debugOnlyCheck(REGS.sp[-1]);
}
#endif
}
END_CASE(GetLocal)
CASE(SetLocal) {
uint32_t i = GET_LOCALNO(REGS.pc);
MOZ_ASSERT(!IsUninitializedLexical(REGS.fp()->unaliasedLocal(i)));
REGS.fp()->unaliasedLocal(i) = REGS.sp[-1];
}
END_CASE(SetLocal)
CASE(ArgumentsLength) {
MOZ_ASSERT(!script->needsArgsObj());
PUSH_INT32(REGS.fp()->numActualArgs());
}
END_CASE(ArgumentsLength)
CASE(GetActualArg) {
MOZ_ASSERT(!script->needsArgsObj());
uint32_t index = REGS.sp[-1].toInt32();
REGS.sp[-1] = REGS.fp()->unaliasedActual(index);
}
END_CASE(GetActualArg)
CASE(GlobalOrEvalDeclInstantiation) {
GCThingIndex lastFun = GET_GCTHING_INDEX(REGS.pc);
HandleObject env = REGS.fp()->environmentChain();
if (!GlobalOrEvalDeclInstantiation(cx, env, script, lastFun)) {
goto error;
}
}
END_CASE(GlobalOrEvalDeclInstantiation)
CASE(Lambda) {
/* Load the specified function object literal. */
ReservedRooted<JSFunction*> fun(&rootFunction0,
script->getFunction(REGS.pc));
JSObject* obj = Lambda(cx, fun, REGS.fp()->environmentChain());
if (!obj) {
goto error;
}
MOZ_ASSERT(obj->staticPrototype());
PUSH_OBJECT(*obj);
}
END_CASE(Lambda)
CASE(ToAsyncIter) {
ReservedRooted<Value> nextMethod(&rootValue0, REGS.sp[-1]);
ReservedRooted<JSObject*> iter(&rootObject1, ®S.sp[-2].toObject());
JSObject* asyncIter = CreateAsyncFromSyncIterator(cx, iter, nextMethod);
if (!asyncIter) {
goto error;
}
REGS.sp--;
REGS.sp[-1].setObject(*asyncIter);
}
END_CASE(ToAsyncIter)
CASE(CanSkipAwait) {
ReservedRooted<Value> val(&rootValue0, REGS.sp[-1]);
bool canSkip;
if (!CanSkipAwait(cx, val, &canSkip)) {
goto error;
}
PUSH_BOOLEAN(canSkip);
}
END_CASE(CanSkipAwait)
CASE(MaybeExtractAwaitValue) {
MutableHandleValue val = REGS.stackHandleAt(-2);
ReservedRooted<Value> canSkip(&rootValue0, REGS.sp[-1]);
if (canSkip.toBoolean()) {
if (!ExtractAwaitValue(cx, val, val)) {
goto error;
}
}
}
END_CASE(MaybeExtractAwaitValue)
CASE(AsyncAwait) {
MOZ_ASSERT(REGS.stackDepth() >= 2);
ReservedRooted<JSObject*> gen(&rootObject1, ®S.sp[-1].toObject());
ReservedRooted<Value> value(&rootValue0, REGS.sp[-2]);
JSObject* promise =
AsyncFunctionAwait(cx, gen.as<AsyncFunctionGeneratorObject>(), value);
if (!promise) {
goto error;
}
REGS.sp--;
REGS.sp[-1].setObject(*promise);
}
END_CASE(AsyncAwait)
CASE(AsyncResolve) {
MOZ_ASSERT(REGS.stackDepth() >= 2);
ReservedRooted<JSObject*> gen(&rootObject1, ®S.sp[-1].toObject());
ReservedRooted<Value> value(&rootValue0, REGS.sp[-2]);
JSObject* promise = AsyncFunctionResolve(
cx, gen.as<AsyncFunctionGeneratorObject>(), value);
if (!promise) {
goto error;
}
REGS.sp--;
REGS.sp[-1].setObject(*promise);
}
END_CASE(AsyncResolve)
CASE(AsyncReject) {
MOZ_ASSERT(REGS.stackDepth() >= 3);
ReservedRooted<JSObject*> gen(&rootObject1, ®S.sp[-1].toObject());
ReservedRooted<Value> stack(&rootValue0, REGS.sp[-2]);
ReservedRooted<Value> reason(&rootValue1, REGS.sp[-3]);
JSObject* promise = AsyncFunctionReject(
cx, gen.as<AsyncFunctionGeneratorObject>(), reason, stack);
if (!promise) {
goto error;
}
REGS.sp -= 2;
REGS.sp[-1].setObject(*promise);
}
END_CASE(AsyncReject)
CASE(SetFunName) {
MOZ_ASSERT(REGS.stackDepth() >= 2);
FunctionPrefixKind prefixKind = FunctionPrefixKind(GET_UINT8(REGS.pc));
ReservedRooted<Value> name(&rootValue0, REGS.sp[-1]);
ReservedRooted<JSFunction*> fun(&rootFunction0,
®S.sp[-2].toObject().as<JSFunction>());
if (!SetFunctionName(cx, fun, name, prefixKind)) {
goto error;
}
REGS.sp--;
}
END_CASE(SetFunName)
CASE(Callee) {
MOZ_ASSERT(REGS.fp()->isFunctionFrame());
PUSH_COPY(REGS.fp()->calleev());
}
END_CASE(Callee)
CASE(InitPropGetter)
CASE(InitHiddenPropGetter)
CASE(InitPropSetter)
CASE(InitHiddenPropSetter) {
MOZ_ASSERT(REGS.stackDepth() >= 2);
ReservedRooted<JSObject*> obj(&rootObject0, ®S.sp[-2].toObject());
ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS.pc));
ReservedRooted<JSObject*> val(&rootObject1, ®S.sp[-1].toObject());
if (!InitPropGetterSetterOperation(cx, REGS.pc, obj, name, val)) {
goto error;
}
REGS.sp--;
}
END_CASE(InitPropGetter)
CASE(InitElemGetter)
CASE(InitHiddenElemGetter)
CASE(InitElemSetter)
CASE(InitHiddenElemSetter) {
MOZ_ASSERT(REGS.stackDepth() >= 3);
ReservedRooted<JSObject*> obj(&rootObject0, ®S.sp[-3].toObject());
ReservedRooted<Value> idval(&rootValue0, REGS.sp[-2]);
ReservedRooted<JSObject*> val(&rootObject1, ®S.sp[-1].toObject());
if (!InitElemGetterSetterOperation(cx, REGS.pc, obj, idval, val)) {
goto error;
}
REGS.sp -= 2;
}
END_CASE(InitElemGetter)
CASE(Hole) { PUSH_MAGIC(JS_ELEMENTS_HOLE); }
END_CASE(Hole)
CASE(NewInit) {
JSObject* obj = NewObjectOperation(cx, script, REGS.pc);
if (!obj) {
goto error;
}
PUSH_OBJECT(*obj);
}
END_CASE(NewInit)
CASE(NewArray) {
uint32_t length = GET_UINT32(REGS.pc);
ArrayObject* obj = NewArrayOperation(cx, length);
if (!obj) {
goto error;
}
PUSH_OBJECT(*obj);
}
END_CASE(NewArray)
CASE(NewObject) {
JSObject* obj = NewObjectOperation(cx, script, REGS.pc);
if (!obj) {
goto error;
}
PUSH_OBJECT(*obj);
}
END_CASE(NewObject)
CASE(MutateProto) {
MOZ_ASSERT(REGS.stackDepth() >= 2);
if (REGS.sp[-1].isObjectOrNull()) {
ReservedRooted<JSObject*> newProto(&rootObject1,
REGS.sp[-1].toObjectOrNull());
ReservedRooted<JSObject*> obj(&rootObject0, ®S.sp[-2].toObject());
MOZ_ASSERT(obj->is<PlainObject>());
if (!SetPrototype(cx, obj, newProto)) {
goto error;
}
}
REGS.sp--;
}
END_CASE(MutateProto)
CASE(InitProp)
CASE(InitLockedProp)
CASE(InitHiddenProp) {
static_assert(JSOpLength_InitProp == JSOpLength_InitLockedProp,
"initprop and initlockedprop must be the same size");
static_assert(JSOpLength_InitProp == JSOpLength_InitHiddenProp,
"initprop and inithiddenprop must be the same size");
/* Load the property's initial value into rval. */
MOZ_ASSERT(REGS.stackDepth() >= 2);
ReservedRooted<Value> rval(&rootValue0, REGS.sp[-1]);
/* Load the object being initialized into lval/obj. */
ReservedRooted<JSObject*> obj(&rootObject0, ®S.sp[-2].toObject());
ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS.pc));
if (!InitPropertyOperation(cx, REGS.pc, obj, name, rval)) {
goto error;
}
REGS.sp--;
}
END_CASE(InitProp)
CASE(InitElem)
CASE(InitHiddenElem)
CASE(InitLockedElem) {
MOZ_ASSERT(REGS.stackDepth() >= 3);
HandleValue val = REGS.stackHandleAt(-1);
HandleValue id = REGS.stackHandleAt(-2);
ReservedRooted<JSObject*> obj(&rootObject0, ®S.sp[-3].toObject());
if (!InitElemOperation(cx, REGS.pc, obj, id, val)) {
goto error;
}
REGS.sp -= 2;
}
END_CASE(InitElem)
CASE(InitElemArray) {
MOZ_ASSERT(REGS.stackDepth() >= 2);
HandleValue val = REGS.stackHandleAt(-1);
ReservedRooted<JSObject*> obj(&rootObject0, ®S.sp[-2].toObject());
InitElemArrayOperation(cx, REGS.pc, obj.as<ArrayObject>(), val);
REGS.sp--;
}
END_CASE(InitElemArray)
CASE(InitElemInc) {
MOZ_ASSERT(REGS.stackDepth() >= 3);
HandleValue val = REGS.stackHandleAt(-1);
ReservedRooted<JSObject*> obj(&rootObject0, ®S.sp[-3].toObject());
uint32_t index = REGS.sp[-2].toInt32();
if (!InitElemIncOperation(cx, obj.as<ArrayObject>(), index, val)) {
goto error;
}
REGS.sp[-2].setInt32(index + 1);
REGS.sp--;
}
END_CASE(InitElemInc)
CASE(Exception) {
PUSH_NULL();
MutableHandleValue res = REGS.stackHandleAt(-1);
if (!GetAndClearException(cx, res)) {
goto error;
}
}
END_CASE(Exception)
CASE(ExceptionAndStack) {
ReservedRooted<Value> stack(&rootValue0);
if (!cx->getPendingExceptionStack(&stack)) {
goto error;
}
PUSH_NULL();
MutableHandleValue res = REGS.stackHandleAt(-1);
if (!GetAndClearException(cx, res)) {
goto error;
}
PUSH_COPY(stack);
}
END_CASE(ExceptionAndStack)
CASE(Finally) { CHECK_BRANCH(); }
END_CASE(Finally)
CASE(Throw) {
CHECK_BRANCH();
ReservedRooted<Value> v(&rootValue0);
POP_COPY_TO(v);
MOZ_ALWAYS_FALSE(ThrowOperation(cx, v));
/* let the code at error try to catch the exception. */
goto error;
}
CASE(ThrowWithStack) {
CHECK_BRANCH();
ReservedRooted<Value> v(&rootValue0);
ReservedRooted<Value> stack(&rootValue1);
POP_COPY_TO(stack);
POP_COPY_TO(v);
MOZ_ALWAYS_FALSE(ThrowWithStackOperation(cx, v, stack));
/* let the code at error try to catch the exception. */
goto error;
}
CASE(Instanceof) {
ReservedRooted<Value> rref(&rootValue0, REGS.sp[-1]);
if (HandleValue(rref).isPrimitive()) {
ReportValueError(cx, JSMSG_BAD_INSTANCEOF_RHS, -1, rref, nullptr);
goto error;
}
ReservedRooted<JSObject*> obj(&rootObject0, &rref.toObject());
bool cond = false;
if (!InstanceofOperator(cx, obj, REGS.stackHandleAt(-2), &cond)) {
goto error;
}
REGS.sp--;
REGS.sp[-1].setBoolean(cond);
}
END_CASE(Instanceof)
CASE(Debugger) {
if (!DebugAPI::onDebuggerStatement(cx, REGS.fp())) {
goto error;
}
}
END_CASE(Debugger)
CASE(PushLexicalEnv) {
ReservedRooted<Scope*> scope(&rootScope0, script->getScope(REGS.pc));
// Create block environment and push on scope chain.
if (!REGS.fp()->pushLexicalEnvironment(cx, scope.as<LexicalScope>())) {
goto error;
}
}
END_CASE(PushLexicalEnv)
CASE(PopLexicalEnv) {
#ifdef DEBUG
Scope* scope = script->lookupScope(REGS.pc);
MOZ_ASSERT(scope);
MOZ_ASSERT(scope->is<LexicalScope>() || scope->is<ClassBodyScope>());
MOZ_ASSERT_IF(scope->is<LexicalScope>(),
scope->as<LexicalScope>().hasEnvironment());
MOZ_ASSERT_IF(scope->is<ClassBodyScope>(),
scope->as<ClassBodyScope>().hasEnvironment());
#endif
if (MOZ_UNLIKELY(cx->realm()->isDebuggee())) {
DebugEnvironments::onPopLexical(cx, REGS.fp(), REGS.pc);
}
// Pop block from scope chain.
REGS.fp()->popOffEnvironmentChain<LexicalEnvironmentObject>();
}
END_CASE(PopLexicalEnv)
CASE(DebugLeaveLexicalEnv) {
#ifdef DEBUG
Scope* scope = script->lookupScope(REGS.pc);
MOZ_ASSERT(scope);
MOZ_ASSERT(scope->is<LexicalScope>() || scope->is<ClassBodyScope>());
MOZ_ASSERT_IF(scope->is<LexicalScope>(),
!scope->as<LexicalScope>().hasEnvironment());
MOZ_ASSERT_IF(scope->is<ClassBodyScope>(),
!scope->as<ClassBodyScope>().hasEnvironment());
#endif
// FIXME: This opcode should not be necessary. The debugger shouldn't
// need help from bytecode to do its job. See bug 927782.
if (MOZ_UNLIKELY(cx->realm()->isDebuggee())) {
DebugEnvironments::onPopLexical(cx, REGS.fp(), REGS.pc);
}
}
END_CASE(DebugLeaveLexicalEnv)
CASE(FreshenLexicalEnv) {
#ifdef DEBUG
Scope* scope = script->getScope(REGS.pc);
auto envChain = REGS.fp()->environmentChain();
auto* envScope = &envChain->as<BlockLexicalEnvironmentObject>().scope();
MOZ_ASSERT(scope == envScope);
#endif
if (!REGS.fp()->freshenLexicalEnvironment(cx, REGS.pc)) {
goto error;
}
}
END_CASE(FreshenLexicalEnv)
CASE(RecreateLexicalEnv) {
#ifdef DEBUG
Scope* scope = script->getScope(REGS.pc);
auto envChain = REGS.fp()->environmentChain();
auto* envScope = &envChain->as<BlockLexicalEnvironmentObject>().scope();
MOZ_ASSERT(scope == envScope);
#endif
if (!REGS.fp()->recreateLexicalEnvironment(cx, REGS.pc)) {
goto error;
}
}
END_CASE(RecreateLexicalEnv)
CASE(PushClassBodyEnv) {
ReservedRooted<Scope*> scope(&rootScope0, script->getScope(REGS.pc));
if (!REGS.fp()->pushClassBodyEnvironment(cx,
scope.as<ClassBodyScope>())) {
goto error;
}
}
END_CASE(PushClassBodyEnv)
CASE(PushVarEnv) {
ReservedRooted<Scope*> scope(&rootScope0, script->getScope(REGS.pc));
if (!REGS.fp()->pushVarEnvironment(cx, scope)) {
goto error;
}
}
END_CASE(PushVarEnv)
CASE(Generator) {
MOZ_ASSERT(!cx->isExceptionPending());
MOZ_ASSERT(REGS.stackDepth() == 0);
JSObject* obj = AbstractGeneratorObject::createFromFrame(cx, REGS.fp());
if (!obj) {
goto error;
}
PUSH_OBJECT(*obj);
}
END_CASE(Generator)
CASE(InitialYield) {
MOZ_ASSERT(!cx->isExceptionPending());
MOZ_ASSERT_IF(script->isModule() && script->isAsync(),
REGS.fp()->isModuleFrame());
MOZ_ASSERT_IF(!script->isModule() && script->isAsync(),
REGS.fp()->isFunctionFrame());
ReservedRooted<JSObject*> obj(&rootObject0, ®S.sp[-1].toObject());
POP_RETURN_VALUE();
MOZ_ASSERT(REGS.stackDepth() == 0);
if (!AbstractGeneratorObject::suspend(cx, obj, REGS.fp(), REGS.pc,
script->nfixed())) {
goto error;
}
goto successful_return_continuation;
}
CASE(Yield)
CASE(Await) {
MOZ_ASSERT(!cx->isExceptionPending());
MOZ_ASSERT_IF(script->isModule() && script->isAsync(),
REGS.fp()->isModuleFrame());
MOZ_ASSERT_IF(!script->isModule() && script->isAsync(),
REGS.fp()->isFunctionFrame());
ReservedRooted<JSObject*> obj(&rootObject0, ®S.sp[-1].toObject());
if (!AbstractGeneratorObject::suspend(
cx, obj, REGS.fp(), REGS.pc,
script->nfixed() + REGS.stackDepth() - 2)) {
goto error;
}
REGS.sp--;
POP_RETURN_VALUE();
goto successful_return_continuation;
}
CASE(ResumeKind) {
GeneratorResumeKind resumeKind = ResumeKindFromPC(REGS.pc);
PUSH_INT32(int32_t(resumeKind));
}
END_CASE(ResumeKind)
CASE(CheckResumeKind) {
int32_t kindInt = REGS.sp[-1].toInt32();
GeneratorResumeKind resumeKind = IntToResumeKind(kindInt);
if (MOZ_UNLIKELY(resumeKind != GeneratorResumeKind::Next)) {
ReservedRooted<Value> val(&rootValue0, REGS.sp[-3]);
Rooted<AbstractGeneratorObject*> gen(
cx, ®S.sp[-2].toObject().as<AbstractGeneratorObject>());
MOZ_ALWAYS_FALSE(GeneratorThrowOrReturn(cx, activation.regs().fp(), gen,
val, resumeKind));
goto error;
}
REGS.sp -= 2;
}
END_CASE(CheckResumeKind)
CASE(Resume) {
{
Rooted<AbstractGeneratorObject*> gen(
cx, ®S.sp[-3].toObject().as<AbstractGeneratorObject>());
ReservedRooted<Value> val(&rootValue0, REGS.sp[-2]);
ReservedRooted<Value> resumeKindVal(&rootValue1, REGS.sp[-1]);
// popInlineFrame expects there to be an additional value on the stack
// to pop off, so leave "gen" on the stack.
REGS.sp -= 1;
if (!AbstractGeneratorObject::resume(cx, activation, gen, val,
resumeKindVal)) {
goto error;
}
JSScript* generatorScript = REGS.fp()->script();
if (cx->realm() != generatorScript->realm()) {
cx->enterRealmOf(generatorScript);
}
SET_SCRIPT(generatorScript);
if (!probes::EnterScript(cx, generatorScript,
generatorScript->function(), REGS.fp())) {
goto error;
}
if (!DebugAPI::onResumeFrame(cx, REGS.fp())) {
MOZ_ASSERT_IF(cx->isPropagatingForcedReturn(), gen->isClosed());
goto error;
}
}
ADVANCE_AND_DISPATCH(0);
}
CASE(AfterYield) {
// AbstractGeneratorObject::resume takes care of setting the frame's
// debuggee flag.
MOZ_ASSERT_IF(REGS.fp()->script()->isDebuggee(), REGS.fp()->isDebuggee());
COUNT_COVERAGE();
}
END_CASE(AfterYield)
CASE(FinalYieldRval) {
ReservedRooted<JSObject*> gen(&rootObject0, ®S.sp[-1].toObject());
REGS.sp--;
AbstractGeneratorObject::finalSuspend(cx, gen);
goto successful_return_continuation;
}
CASE(CheckClassHeritage) {
HandleValue heritage = REGS.stackHandleAt(-1);
if (!CheckClassHeritageOperation(cx, heritage)) {
goto error;
}
}
END_CASE(CheckClassHeritage)
CASE(BuiltinObject) {
auto kind = BuiltinObjectKind(GET_UINT8(REGS.pc));
JSObject* builtin = BuiltinObjectOperation(cx, kind);
if (!builtin) {
goto error;
}
PUSH_OBJECT(*builtin);
}
END_CASE(BuiltinObject)
CASE(FunWithProto) {
ReservedRooted<JSObject*> proto(&rootObject1, ®S.sp[-1].toObject());
/* Load the specified function object literal. */
ReservedRooted<JSFunction*> fun(&rootFunction0,
script->getFunction(REGS.pc));
JSObject* obj =
FunWithProtoOperation(cx, fun, REGS.fp()->environmentChain(), proto);
if (!obj) {
goto error;
}
REGS.sp[-1].setObject(*obj);
}
END_CASE(FunWithProto)
CASE(ObjWithProto) {
JSObject* obj = ObjectWithProtoOperation(cx, REGS.stackHandleAt(-1));
if (!obj) {
goto error;
}
REGS.sp[-1].setObject(*obj);
}
END_CASE(ObjWithProto)
CASE(InitHomeObject) {
MOZ_ASSERT(REGS.stackDepth() >= 2);
/* Load the function to be initialized */
JSFunction* func = ®S.sp[-2].toObject().as<JSFunction>();
MOZ_ASSERT(func->allowSuperProperty());
/* Load the home object */
JSObject* obj = ®S.sp[-1].toObject();
MOZ_ASSERT(obj->is<PlainObject>() || obj->is<JSFunction>());
func->setExtendedSlot(FunctionExtended::METHOD_HOMEOBJECT_SLOT,
ObjectValue(*obj));
REGS.sp--;
}
END_CASE(InitHomeObject)
CASE(SuperBase) {
JSFunction& superEnvFunc = REGS.sp[-1].toObject().as<JSFunction>();
MOZ_ASSERT(superEnvFunc.allowSuperProperty());
MOZ_ASSERT(superEnvFunc.baseScript()->needsHomeObject());
const Value& homeObjVal = superEnvFunc.getExtendedSlot(
FunctionExtended::METHOD_HOMEOBJECT_SLOT);
JSObject* homeObj = &homeObjVal.toObject();
JSObject* superBase = HomeObjectSuperBase(homeObj);
REGS.sp[-1].setObjectOrNull(superBase);
}
END_CASE(SuperBase)
CASE(NewTarget) {
PUSH_COPY(REGS.fp()->newTarget());
MOZ_ASSERT(REGS.sp[-1].isObject() || REGS.sp[-1].isUndefined());
}
END_CASE(NewTarget)
CASE(ImportMeta) {
JSObject* metaObject = ImportMetaOperation(cx, script);
if (!metaObject) {
goto error;
}
PUSH_OBJECT(*metaObject);
}
END_CASE(ImportMeta)
CASE(DynamicImport) {
ReservedRooted<Value> options(&rootValue0, REGS.sp[-1]);
REGS.sp--;
ReservedRooted<Value> specifier(&rootValue1);
POP_COPY_TO(specifier);
JSObject* promise =
StartDynamicModuleImport(cx, script, specifier, options);
if (!promise) goto error;
PUSH_OBJECT(*promise);
}
END_CASE(DynamicImport)
CASE(EnvCallee) {
uint8_t numHops = GET_UINT8(REGS.pc);
JSObject* env = ®S.fp()->environmentChain()->as<EnvironmentObject>();
for (unsigned i = 0; i < numHops; i++) {
env = &env->as<EnvironmentObject>().enclosingEnvironment();
}
PUSH_OBJECT(env->as<CallObject>().callee());
}
END_CASE(EnvCallee)
CASE(SuperFun) {
JSObject* superEnvFunc = ®S.sp[-1].toObject();
JSObject* superFun = SuperFunOperation(superEnvFunc);
REGS.sp[-1].setObjectOrNull(superFun);
}
END_CASE(SuperFun)
CASE(CheckObjCoercible) {
ReservedRooted<Value> checkVal(&rootValue0, REGS.sp[-1]);
if (checkVal.isNullOrUndefined()) {
MOZ_ALWAYS_FALSE(ThrowObjectCoercible(cx, checkVal));
goto error;
}
}
END_CASE(CheckObjCoercible)
CASE(DebugCheckSelfHosted) {
#ifdef DEBUG
ReservedRooted<Value> checkVal(&rootValue0, REGS.sp[-1]);
if (!Debug_CheckSelfHosted(cx, checkVal)) {
goto error;
}
#endif
}
END_CASE(DebugCheckSelfHosted)
CASE(IsConstructing) { PUSH_MAGIC(JS_IS_CONSTRUCTING); }
END_CASE(IsConstructing)
CASE(Inc) {
MutableHandleValue val = REGS.stackHandleAt(-1);
if (!IncOperation(cx, val, val)) {
goto error;
}
}
END_CASE(Inc)
CASE(Dec) {
MutableHandleValue val = REGS.stackHandleAt(-1);
if (!DecOperation(cx, val, val)) {
goto error;
}
}
END_CASE(Dec)
CASE(ToNumeric) {
if (!ToNumeric(cx, REGS.stackHandleAt(-1))) {
goto error;
}
}
END_CASE(ToNumeric)
CASE(BigInt) { PUSH_BIGINT(script->getBigInt(REGS.pc)); }
END_CASE(BigInt)
DEFAULT() {
char numBuf[12];
SprintfLiteral(numBuf, "%d", *REGS.pc);
JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
JSMSG_BAD_BYTECODE, numBuf);
goto error;
}
} /* interpreter loop */
MOZ_CRASH("Interpreter loop exited via fallthrough");
error:
switch (HandleError(cx, REGS)) {
case SuccessfulReturnContinuation:
goto successful_return_continuation;
case ErrorReturnContinuation:
interpReturnOK = false;
goto return_continuation;
case CatchContinuation:
ADVANCE_AND_DISPATCH(0);
case FinallyContinuation: {
/*
* Push (exception, stack, true) triple for finally to indicate that we
* should rethrow the exception.
*/
ReservedRooted<Value> exception(&rootValue0);
ReservedRooted<Value> exceptionStack(&rootValue1);
if (!cx->getPendingException(&exception) ||
!cx->getPendingExceptionStack(&exceptionStack)) {
interpReturnOK = false;
goto return_continuation;
}
PUSH_COPY(exception);
PUSH_COPY(exceptionStack);
PUSH_BOOLEAN(true);
cx->clearPendingException();
}
ADVANCE_AND_DISPATCH(0);
}
MOZ_CRASH("Invalid HandleError continuation");
exit:
if (MOZ_LIKELY(!frameHalfInitialized)) {
interpReturnOK =
DebugAPI::onLeaveFrame(cx, REGS.fp(), REGS.pc, interpReturnOK);
REGS.fp()->epilogue(cx, REGS.pc);
}
gc::MaybeVerifyBarriers(cx, true);
/*
* This path is used when it's guaranteed the method can be finished
* inside the JIT.
*/
leave_on_safe_point:
if (interpReturnOK) {
state.setReturnValue(activation.entryFrame()->returnValue());
}
return interpReturnOK;
prologue_error:
interpReturnOK = false;
frameHalfInitialized = true;
goto prologue_return_continuation;
}