diff options
Diffstat (limited to 'Source/JavaScriptCore/llint/LLIntSlowPaths.cpp')
| -rw-r--r-- | Source/JavaScriptCore/llint/LLIntSlowPaths.cpp | 538 |
1 files changed, 255 insertions, 283 deletions
diff --git a/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp b/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp index 56db62f38..26264171d 100644 --- a/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp +++ b/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011-2015 Apple Inc. All rights reserved. + * Copyright (C) 2011, 2012, 2013 Apple Inc. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -26,34 +26,32 @@ #include "config.h" #include "LLIntSlowPaths.h" +#if ENABLE(LLINT) + +#include "Arguments.h" #include "ArrayConstructor.h" #include "CallFrame.h" #include "CommonSlowPaths.h" #include "CommonSlowPathsExceptions.h" -#include "Error.h" -#include "ErrorHandlingScope.h" -#include "Exception.h" -#include "ExceptionFuzz.h" #include "GetterSetter.h" #include "HostCallReturnValue.h" #include "Interpreter.h" #include "JIT.h" #include "JITExceptions.h" -#include "JSLexicalEnvironment.h" -#include "JSCInlines.h" +#include "JSActivation.h" #include "JSCJSValue.h" #include "JSGlobalObjectFunctions.h" +#include "JSNameScope.h" +#include "JSPropertyNameIterator.h" #include "JSStackInlines.h" #include "JSString.h" #include "JSWithScope.h" #include "LLIntCommon.h" #include "LLIntExceptions.h" -#include "LegacyProfiler.h" #include "LowLevelInterpreter.h" #include "ObjectConstructor.h" -#include "ProtoCallFrame.h" +#include "Operations.h" #include "StructureRareDataInlines.h" -#include "VMInlines.h" #include <wtf/StringPrintStream.h> namespace JSC { namespace LLInt { @@ -84,7 +82,7 @@ namespace JSC { namespace LLInt { return encodeResult(first, second); \ } while (false) -#define LLINT_END_IMPL() LLINT_RETURN_TWO(pc, 0) +#define LLINT_END_IMPL() LLINT_RETURN_TWO(pc, exec) #define LLINT_THROW(exceptionToThrow) do { \ vm.throwException(exec, exceptionToThrow); \ @@ -93,7 +91,6 @@ namespace JSC { namespace LLInt { } while (false) #define LLINT_CHECK_EXCEPTION() do { \ - doExceptionFuzzingIfEnabled(exec, "LLIntSlowPaths", pc); \ if (UNLIKELY(vm.exception())) { \ pc = returnToThrow(exec); \ LLINT_END_IMPL(); \ @@ -122,14 +119,6 @@ namespace JSC { namespace LLInt { LLINT_END_IMPL(); \ } while (false) -#define LLINT_RETURN_WITH_PC_ADJUSTMENT(value, pcAdjustment) do { \ - JSValue __r_returnValue = (value); \ - LLINT_CHECK_EXCEPTION(); \ - LLINT_OP(1) = __r_returnValue; \ - pc += (pcAdjustment); \ - LLINT_END_IMPL(); \ - } while (false) - #define LLINT_RETURN_PROFILED(opcode, value) do { \ JSValue __rp_returnValue = (value); \ LLINT_CHECK_EXCEPTION(); \ @@ -148,28 +137,20 @@ namespace JSC { namespace LLInt { #define LLINT_CALL_THROW(exec, exceptionToThrow) do { \ ExecState* __ct_exec = (exec); \ vm.throwException(__ct_exec, exceptionToThrow); \ - LLINT_CALL_END_IMPL(0, callToThrow(__ct_exec)); \ + LLINT_CALL_END_IMPL(__ct_exec, callToThrow(__ct_exec)); \ } while (false) -#define LLINT_CALL_CHECK_EXCEPTION(exec, execCallee) do { \ +#define LLINT_CALL_CHECK_EXCEPTION(exec) do { \ ExecState* __cce_exec = (exec); \ - ExecState* __cce_execCallee = (execCallee); \ - doExceptionFuzzingIfEnabled(__cce_exec, "LLIntSlowPaths/call", nullptr); \ if (UNLIKELY(vm.exception())) \ - LLINT_CALL_END_IMPL(0, callToThrow(__cce_execCallee)); \ + LLINT_CALL_END_IMPL(__cce_exec, callToThrow(__cce_exec)); \ } while (false) -#define LLINT_CALL_RETURN(exec, execCallee, callTarget) do { \ +#define LLINT_CALL_RETURN(exec, callTarget) do { \ ExecState* __cr_exec = (exec); \ - ExecState* __cr_execCallee = (execCallee); \ void* __cr_callTarget = (callTarget); \ - LLINT_CALL_CHECK_EXCEPTION(__cr_exec, __cr_execCallee); \ - LLINT_CALL_END_IMPL(__cr_execCallee, __cr_callTarget); \ - } while (false) - -#define LLINT_RETURN_CALLEE_FRAME(execCallee) do { \ - ExecState* __rcf_exec = (execCallee); \ - LLINT_RETURN_TWO(pc, __rcf_exec); \ + LLINT_CALL_CHECK_EXCEPTION(__cr_exec->callerFrame()); \ + LLINT_CALL_END_IMPL(__cr_exec, __cr_callTarget); \ } while (false) extern "C" SlowPathReturnType llint_trace_operand(ExecState* exec, Instruction* pc, int fromWhere, int operand) @@ -255,15 +236,12 @@ LLINT_SLOW_PATH_DECL(trace_arityCheck_for_construct) LLINT_SLOW_PATH_DECL(trace) { - dataLogF("%p / %p: executing bc#%zu, %s, pc = %p\n", + dataLogF("%p / %p: executing bc#%zu, %s, scope %p, pc = %p\n", exec->codeBlock(), exec, static_cast<intptr_t>(pc - exec->codeBlock()->instructions().begin()), - opcodeNames[exec->vm().interpreter->getOpcodeID(pc[0].u.opcode)], pc); - if (exec->vm().interpreter->getOpcodeID(pc[0].u.opcode) == op_enter) { - dataLogF("Frame will eventually return to %p\n", exec->returnPC().value()); - *bitwise_cast<volatile char*>(exec->returnPC().value()); - } + opcodeNames[exec->vm().interpreter->getOpcodeID(pc[0].u.opcode)], + exec->scope(), pc); if (exec->vm().interpreter->getOpcodeID(pc[0].u.opcode) == op_ret) { dataLogF("Will be returning to %p\n", exec->returnPC().value()); dataLogF("The new cfr will be %p\n", exec->callerFrame()); @@ -332,7 +310,6 @@ inline bool jitCompileAndSetHeuristics(CodeBlock* codeBlock, ExecState* exec) } } default: - dataLog("Unexpected code block in LLInt: ", *codeBlock, "\n"); RELEASE_ASSERT_NOT_REACHED(); return false; } @@ -348,17 +325,15 @@ static SlowPathReturnType entryOSR(ExecState* exec, Instruction*, CodeBlock* cod if (!shouldJIT(exec)) { codeBlock->dontJITAnytimeSoon(); - LLINT_RETURN_TWO(0, 0); + LLINT_RETURN_TWO(0, exec); } if (!jitCompileAndSetHeuristics(codeBlock, exec)) - LLINT_RETURN_TWO(0, 0); + LLINT_RETURN_TWO(0, exec); if (kind == Prologue) - LLINT_RETURN_TWO(codeBlock->jitCode()->executableAddress(), 0); + LLINT_RETURN_TWO(codeBlock->jitCode()->executableAddress(), exec); ASSERT(kind == ArityCheck); - LLINT_RETURN_TWO(codeBlock->jitCode()->addressForCall( - *codeBlock->vm(), codeBlock->ownerExecutable(), MustCheckArity, - RegisterPreservationNotRequired).executableAddress(), 0); + LLINT_RETURN_TWO(codeBlock->jitCodeWithArityCheck().executableAddress(), exec); } #else // ENABLE(JIT) static SlowPathReturnType entryOSR(ExecState* exec, Instruction*, CodeBlock* codeBlock, const char*, EntryKind) @@ -406,11 +381,11 @@ LLINT_SLOW_PATH_DECL(loop_osr) if (!shouldJIT(exec)) { codeBlock->dontJITAnytimeSoon(); - LLINT_RETURN_TWO(0, 0); + LLINT_RETURN_TWO(0, exec); } if (!jitCompileAndSetHeuristics(codeBlock, exec)) - LLINT_RETURN_TWO(0, 0); + LLINT_RETURN_TWO(0, exec); ASSERT(codeBlock->jitType() == JITCode::BaselineJIT); @@ -423,11 +398,10 @@ LLINT_SLOW_PATH_DECL(loop_osr) void* jumpTarget = codeBlock->jitCode()->executableAddressAtOffset(mapping->m_machineCodeOffset); ASSERT(jumpTarget); - LLINT_RETURN_TWO(jumpTarget, exec->topOfFrame()); + LLINT_RETURN_TWO(jumpTarget, exec); #else // ENABLE(JIT) - UNUSED_PARAM(pc); codeBlock->dontJITAnytimeSoon(); - LLINT_RETURN_TWO(0, 0); + LLINT_RETURN_TWO(0, exec); #endif // ENABLE(JIT) } @@ -461,32 +435,26 @@ LLINT_SLOW_PATH_DECL(stack_check) dataLogF("CodeBlock = %p.\n", exec->codeBlock()); dataLogF("Num callee registers = %u.\n", exec->codeBlock()->m_numCalleeRegisters); dataLogF("Num vars = %u.\n", exec->codeBlock()->m_numVars); - -#if ENABLE(JIT) - dataLogF("Current end is at %p.\n", exec->vm().stackLimit()); -#else - dataLogF("Current end is at %p.\n", exec->vm().jsStackLimit()); + dataLogF("Current end is at %p.\n", exec->vm().interpreter->stack().end()); #endif + ASSERT(!exec->vm().interpreter->stack().containsAddress(&exec->registers()[virtualRegisterForLocal(exec->codeBlock()->m_numCalleeRegisters).offset()])); + if (UNLIKELY(!vm.interpreter->stack().grow(&exec->registers()[virtualRegisterForLocal(exec->codeBlock()->m_numCalleeRegisters).offset()]))) { + exec = exec->callerFrame(); + CommonSlowPaths::interpreterThrowInCaller(exec, createStackOverflowError(exec)); + pc = returnToThrowForThrownException(exec); + } + LLINT_END_IMPL(); +} +LLINT_SLOW_PATH_DECL(slow_path_create_activation) +{ + LLINT_BEGIN(); +#if LLINT_SLOW_PATH_TRACING + dataLogF("Creating an activation, exec = %p!\n", exec); #endif - // If the stack check succeeds and we don't need to throw the error, then - // we'll return 0 instead. The prologue will check for a non-zero value - // when determining whether to set the callFrame or not. - - // For JIT enabled builds which uses the C stack, the stack is not growable. - // Hence, if we get here, then we know a stack overflow is imminent. So, just - // throw the StackOverflowError unconditionally. -#if !ENABLE(JIT) - ASSERT(!vm.interpreter->stack().containsAddress(exec->topOfFrame())); - if (LIKELY(vm.interpreter->stack().ensureCapacityFor(exec->topOfFrame()))) - LLINT_RETURN_TWO(pc, 0); -#endif - - vm.topCallFrame = exec; - ErrorHandlingScope errorScope(vm); - CommonSlowPaths::interpreterThrowInCaller(exec, createStackOverflowError(exec)); - pc = returnToThrowForThrownException(exec); - LLINT_RETURN_TWO(pc, exec); + JSActivation* activation = JSActivation::create(vm, exec, exec->codeBlock()); + exec->setScope(activation); + LLINT_RETURN(JSValue(activation)); } LLINT_SLOW_PATH_DECL(slow_path_new_object) @@ -532,11 +500,11 @@ LLINT_SLOW_PATH_DECL(slow_path_check_has_instance) JSObject* baseObject = asObject(baseVal); ASSERT(!baseObject->structure()->typeInfo().implementsDefaultHasInstance()); if (baseObject->structure()->typeInfo().implementsHasInstance()) { - JSValue result = jsBoolean(baseObject->methodTable()->customHasInstance(baseObject, exec, value)); - LLINT_RETURN_WITH_PC_ADJUSTMENT(result, pc[4].u.operand); + pc += pc[4].u.operand; + LLINT_RETURN(jsBoolean(baseObject->methodTable()->customHasInstance(baseObject, exec, value))); } } - LLINT_THROW(createInvalidInstanceofParameterError(exec, baseVal)); + LLINT_THROW(createInvalidParameterError(exec, "instanceof", baseVal)); } LLINT_SLOW_PATH_DECL(slow_path_instanceof) @@ -570,17 +538,16 @@ LLINT_SLOW_PATH_DECL(slow_path_get_by_id) Structure* structure = baseCell->structure(); if (!structure->isUncacheableDictionary() - && !structure->typeInfo().prohibitsPropertyCaching() - && !structure->typeInfo().newImpurePropertyFiresWatchpoints()) { + && !structure->typeInfo().prohibitsPropertyCaching()) { ConcurrentJITLocker locker(codeBlock->m_lock); - + pc[4].u.structure.set( vm, codeBlock->ownerExecutable(), structure); if (isInlineOffset(slot.cachedOffset())) { - pc[0].u.opcode = LLInt::getOpcode(op_get_by_id); + pc[0].u.opcode = LLInt::getOpcode(llint_op_get_by_id); pc[5].u.operand = offsetInInlineStorage(slot.cachedOffset()) * sizeof(JSValue) + JSObject::offsetOfInlineStorage(); } else { - pc[0].u.opcode = LLInt::getOpcode(op_get_by_id_out_of_line); + pc[0].u.opcode = LLInt::getOpcode(llint_op_get_by_id_out_of_line); pc[5].u.operand = offsetInButterfly(slot.cachedOffset()) * sizeof(JSValue); } } @@ -589,7 +556,7 @@ LLINT_SLOW_PATH_DECL(slow_path_get_by_id) if (!LLINT_ALWAYS_ACCESS_SLOW && isJSArray(baseValue) && ident == exec->propertyNames().length) { - pc[0].u.opcode = LLInt::getOpcode(op_get_array_length); + pc[0].u.opcode = LLInt::getOpcode(llint_op_get_array_length); ArrayProfile* arrayProfile = codeBlock->getOrAddArrayProfile(pc - codeBlock->instructions().begin()); arrayProfile->observeStructure(baseValue.asCell()->structure()); pc[4].u.arrayProfile = arrayProfile; @@ -625,7 +592,7 @@ LLINT_SLOW_PATH_DECL(slow_path_put_by_id) if (!LLINT_ALWAYS_ACCESS_SLOW && baseValue.isCell() - && slot.isCacheablePut()) { + && slot.isCacheable()) { JSCell* baseCell = baseValue.asCell(); Structure* structure = baseCell->structure(); @@ -642,9 +609,9 @@ LLINT_SLOW_PATH_DECL(slow_path_put_by_id) // This is needed because some of the methods we call // below may GC. - pc[0].u.opcode = LLInt::getOpcode(op_put_by_id); + pc[0].u.opcode = LLInt::getOpcode(llint_op_put_by_id); - if (normalizePrototypeChain(exec, structure) != InvalidPrototypeChain) { + if (normalizePrototypeChain(exec, baseCell) != InvalidPrototypeChain) { ASSERT(structure->previousID()->isObject()); pc[4].u.structure.set( vm, codeBlock->ownerExecutable(), structure->previousID()); @@ -661,26 +628,25 @@ LLINT_SLOW_PATH_DECL(slow_path_put_by_id) if (pc[8].u.operand) { if (isInlineOffset(slot.cachedOffset())) - pc[0].u.opcode = LLInt::getOpcode(op_put_by_id_transition_direct); + pc[0].u.opcode = LLInt::getOpcode(llint_op_put_by_id_transition_direct); else - pc[0].u.opcode = LLInt::getOpcode(op_put_by_id_transition_direct_out_of_line); + pc[0].u.opcode = LLInt::getOpcode(llint_op_put_by_id_transition_direct_out_of_line); } else { if (isInlineOffset(slot.cachedOffset())) - pc[0].u.opcode = LLInt::getOpcode(op_put_by_id_transition_normal); + pc[0].u.opcode = LLInt::getOpcode(llint_op_put_by_id_transition_normal); else - pc[0].u.opcode = LLInt::getOpcode(op_put_by_id_transition_normal_out_of_line); + pc[0].u.opcode = LLInt::getOpcode(llint_op_put_by_id_transition_normal_out_of_line); } } } } else { - structure->didCachePropertyReplacement(vm, slot.cachedOffset()); pc[4].u.structure.set( vm, codeBlock->ownerExecutable(), structure); if (isInlineOffset(slot.cachedOffset())) { - pc[0].u.opcode = LLInt::getOpcode(op_put_by_id); + pc[0].u.opcode = LLInt::getOpcode(llint_op_put_by_id); pc[5].u.operand = offsetInInlineStorage(slot.cachedOffset()) * sizeof(JSValue) + JSObject::offsetOfInlineStorage(); } else { - pc[0].u.opcode = LLInt::getOpcode(op_put_by_id_out_of_line); + pc[0].u.opcode = LLInt::getOpcode(llint_op_put_by_id_out_of_line); pc[5].u.operand = offsetInButterfly(slot.cachedOffset()) * sizeof(JSValue); } } @@ -705,14 +671,8 @@ LLINT_SLOW_PATH_DECL(slow_path_del_by_id) inline JSValue getByVal(ExecState* exec, JSValue baseValue, JSValue subscript) { if (LIKELY(baseValue.isCell() && subscript.isString())) { - VM& vm = exec->vm(); - Structure& structure = *baseValue.asCell()->structure(vm); - if (JSCell::canUseFastGetOwnProperty(structure)) { - if (RefPtr<AtomicStringImpl> existingAtomicString = asString(subscript)->toExistingAtomicString(exec)) { - if (JSValue result = baseValue.asCell()->fastGetOwnProperty(vm, structure, existingAtomicString.get())) - return result; - } - } + if (JSValue result = baseValue.asCell()->fastGetOwnProperty(exec, asString(subscript)->value(exec))) + return result; } if (subscript.isUInt32()) { @@ -723,12 +683,10 @@ inline JSValue getByVal(ExecState* exec, JSValue baseValue, JSValue subscript) return baseValue.get(exec, i); } - baseValue.requireObjectCoercible(exec); - if (exec->hadException()) - return jsUndefined(); - auto property = subscript.toPropertyKey(exec); - if (exec->hadException()) - return jsUndefined(); + if (isName(subscript)) + return baseValue.get(exec, jsCast<NameInstance*>(subscript.asCell())->privateName()); + + Identifier property(exec, subscript.toString(exec)->value(exec)); return baseValue.get(exec, property); } @@ -738,6 +696,26 @@ LLINT_SLOW_PATH_DECL(slow_path_get_by_val) LLINT_RETURN_PROFILED(op_get_by_val, getByVal(exec, LLINT_OP_C(2).jsValue(), LLINT_OP_C(3).jsValue())); } +LLINT_SLOW_PATH_DECL(slow_path_get_argument_by_val) +{ + LLINT_BEGIN(); + JSValue arguments = LLINT_OP(2).jsValue(); + if (!arguments) { + arguments = Arguments::create(vm, exec); + LLINT_CHECK_EXCEPTION(); + LLINT_OP(2) = arguments; + exec->uncheckedR(unmodifiedArgumentsRegister(VirtualRegister(pc[2].u.operand)).offset()) = arguments; + } + + LLINT_RETURN_PROFILED(op_get_argument_by_val, getByVal(exec, arguments, LLINT_OP_C(3).jsValue())); +} + +LLINT_SLOW_PATH_DECL(slow_path_get_by_pname) +{ + LLINT_BEGIN(); + LLINT_RETURN(getByVal(exec, LLINT_OP_C(2).jsValue(), LLINT_OP_C(3).jsValue())); +} + LLINT_SLOW_PATH_DECL(slow_path_put_by_val) { LLINT_BEGIN(); @@ -760,7 +738,13 @@ LLINT_SLOW_PATH_DECL(slow_path_put_by_val) LLINT_END(); } - auto property = subscript.toPropertyKey(exec); + if (isName(subscript)) { + PutPropertySlot slot(baseValue, exec->codeBlock()->isStrictMode()); + baseValue.put(exec, jsCast<NameInstance*>(subscript.asCell())->privateName(), value, slot); + LLINT_END(); + } + + Identifier property(exec, subscript.toString(exec)->value(exec)); LLINT_CHECK_EXCEPTION(); PutPropertySlot slot(baseValue, exec->codeBlock()->isStrictMode()); baseValue.put(exec, property, value, slot); @@ -776,34 +760,19 @@ LLINT_SLOW_PATH_DECL(slow_path_put_by_val_direct) JSValue value = LLINT_OP_C(3).jsValue(); RELEASE_ASSERT(baseValue.isObject()); JSObject* baseObject = asObject(baseValue); - bool isStrictMode = exec->codeBlock()->isStrictMode(); if (LIKELY(subscript.isUInt32())) { - // Despite its name, JSValue::isUInt32 will return true only for positive boxed int32_t; all those values are valid array indices. - ASSERT(isIndex(subscript.asUInt32())); - baseObject->putDirectIndex(exec, subscript.asUInt32(), value, 0, isStrictMode ? PutDirectIndexShouldThrow : PutDirectIndexShouldNotThrow); - LLINT_END(); - } - - if (subscript.isDouble()) { - double subscriptAsDouble = subscript.asDouble(); - uint32_t subscriptAsUInt32 = static_cast<uint32_t>(subscriptAsDouble); - if (subscriptAsDouble == subscriptAsUInt32 && isIndex(subscriptAsUInt32)) { - baseObject->putDirectIndex(exec, subscriptAsUInt32, value, 0, isStrictMode ? PutDirectIndexShouldThrow : PutDirectIndexShouldNotThrow); - LLINT_END(); + uint32_t i = subscript.asUInt32(); + baseObject->putDirectIndex(exec, i, value); + } else if (isName(subscript)) { + PutPropertySlot slot(baseObject, exec->codeBlock()->isStrictMode()); + baseObject->putDirect(exec->vm(), jsCast<NameInstance*>(subscript.asCell())->privateName(), value, slot); + } else { + Identifier property(exec, subscript.toString(exec)->value(exec)); + if (!exec->vm().exception()) { // Don't put to an object if toString threw an exception. + PutPropertySlot slot(baseObject, exec->codeBlock()->isStrictMode()); + baseObject->putDirect(exec->vm(), property, value, slot); } } - - // Don't put to an object if toString threw an exception. - auto property = subscript.toPropertyKey(exec); - if (exec->vm().exception()) - LLINT_END(); - - if (Optional<uint32_t> index = parseIndex(property)) - baseObject->putDirectIndex(exec, index.value(), value, 0, isStrictMode ? PutDirectIndexShouldThrow : PutDirectIndexShouldNotThrow); - else { - PutPropertySlot slot(baseObject, isStrictMode); - baseObject->putDirect(exec->vm(), property, value, slot); - } LLINT_END(); } @@ -820,9 +789,11 @@ LLINT_SLOW_PATH_DECL(slow_path_del_by_val) uint32_t i; if (subscript.getUInt32(i)) couldDelete = baseObject->methodTable()->deletePropertyByIndex(baseObject, exec, i); + else if (isName(subscript)) + couldDelete = baseObject->methodTable()->deleteProperty(baseObject, exec, jsCast<NameInstance*>(subscript.asCell())->privateName()); else { LLINT_CHECK_EXCEPTION(); - auto property = subscript.toPropertyKey(exec); + Identifier property(exec, subscript.toString(exec)->value(exec)); LLINT_CHECK_EXCEPTION(); couldDelete = baseObject->methodTable()->deleteProperty(baseObject, exec, property); } @@ -842,39 +813,13 @@ LLINT_SLOW_PATH_DECL(slow_path_put_by_index) LLINT_END(); } -LLINT_SLOW_PATH_DECL(slow_path_put_getter_by_id) -{ - LLINT_BEGIN(); - ASSERT(LLINT_OP(1).jsValue().isObject()); - JSObject* baseObj = asObject(LLINT_OP(1).jsValue()); - - JSValue getter = LLINT_OP(3).jsValue(); - ASSERT(getter.isObject()); - - baseObj->putGetter(exec, exec->codeBlock()->identifier(pc[2].u.operand), asObject(getter)); - LLINT_END(); -} - -LLINT_SLOW_PATH_DECL(slow_path_put_setter_by_id) -{ - LLINT_BEGIN(); - ASSERT(LLINT_OP(1).jsValue().isObject()); - JSObject* baseObj = asObject(LLINT_OP(1).jsValue()); - - JSValue setter = LLINT_OP(3).jsValue(); - ASSERT(setter.isObject()); - - baseObj->putSetter(exec, exec->codeBlock()->identifier(pc[2].u.operand), asObject(setter)); - LLINT_END(); -} - LLINT_SLOW_PATH_DECL(slow_path_put_getter_setter) { LLINT_BEGIN(); ASSERT(LLINT_OP(1).jsValue().isObject()); JSObject* baseObj = asObject(LLINT_OP(1).jsValue()); - GetterSetter* accessor = GetterSetter::create(vm, exec->lexicalGlobalObject()); + GetterSetter* accessor = GetterSetter::create(vm); LLINT_CHECK_EXCEPTION(); JSValue getter = LLINT_OP(3).jsValue(); @@ -884,9 +829,9 @@ LLINT_SLOW_PATH_DECL(slow_path_put_getter_setter) ASSERT(getter.isObject() || setter.isObject()); if (!getter.isUndefined()) - accessor->setGetter(vm, exec->lexicalGlobalObject(), asObject(getter)); + accessor->setGetter(vm, asObject(getter)); if (!setter.isUndefined()) - accessor->setSetter(vm, exec->lexicalGlobalObject(), asObject(setter)); + accessor->setSetter(vm, asObject(setter)); baseObj->putDirectAccessor( exec, exec->codeBlock()->identifier(pc[2].u.operand), @@ -1002,21 +947,21 @@ LLINT_SLOW_PATH_DECL(slow_path_new_func) { LLINT_BEGIN(); CodeBlock* codeBlock = exec->codeBlock(); - ASSERT(codeBlock->codeType() != FunctionCode || !codeBlock->needsActivation() || exec->hasActivation()); - JSScope* scope = exec->uncheckedR(pc[2].u.operand).Register::scope(); + ASSERT(codeBlock->codeType() != FunctionCode + || !codeBlock->needsFullScopeChain() + || exec->uncheckedR(codeBlock->activationRegister().offset()).jsValue()); #if LLINT_SLOW_PATH_TRACING dataLogF("Creating function!\n"); #endif - LLINT_RETURN(JSFunction::create(vm, codeBlock->functionDecl(pc[3].u.operand), scope)); + LLINT_RETURN(JSFunction::create(vm, codeBlock->functionDecl(pc[2].u.operand), exec->scope())); } LLINT_SLOW_PATH_DECL(slow_path_new_func_exp) { LLINT_BEGIN(); CodeBlock* codeBlock = exec->codeBlock(); - JSScope* scope = exec->uncheckedR(pc[2].u.operand).Register::scope(); - FunctionExecutable* function = codeBlock->functionExpr(pc[3].u.operand); - JSFunction* func = JSFunction::create(vm, function, scope); + FunctionExecutable* function = codeBlock->functionExpr(pc[2].u.operand); + JSFunction* func = JSFunction::create(vm, function, exec->scope()); LLINT_RETURN(func); } @@ -1032,6 +977,7 @@ static SlowPathReturnType handleHostCall(ExecState* execCallee, Instruction* pc, ExecState* exec = execCallee->callerFrame(); VM& vm = exec->vm(); + execCallee->setScope(exec->scope()); execCallee->setCodeBlock(0); execCallee->clearReturnPC(); @@ -1046,7 +992,7 @@ static SlowPathReturnType handleHostCall(ExecState* execCallee, Instruction* pc, execCallee->setCallee(asObject(callee)); vm.hostCallReturnValue = JSValue::decode(callData.native.function(execCallee)); - LLINT_CALL_RETURN(execCallee, execCallee, LLInt::getCodePtr(getHostCallReturnValue)); + LLINT_CALL_RETURN(execCallee, LLInt::getCodePtr(getHostCallReturnValue)); } #if LLINT_SLOW_PATH_TRACING @@ -1069,7 +1015,7 @@ static SlowPathReturnType handleHostCall(ExecState* execCallee, Instruction* pc, execCallee->setCallee(asObject(callee)); vm.hostCallReturnValue = JSValue::decode(constructData.native.function(execCallee)); - LLINT_CALL_RETURN(execCallee, execCallee, LLInt::getCodePtr(getHostCallReturnValue)); + LLINT_CALL_RETURN(execCallee, LLInt::getCodePtr(getHostCallReturnValue)); } #if LLINT_SLOW_PATH_TRACING @@ -1082,12 +1028,10 @@ static SlowPathReturnType handleHostCall(ExecState* execCallee, Instruction* pc, inline SlowPathReturnType setUpCall(ExecState* execCallee, Instruction* pc, CodeSpecializationKind kind, JSValue calleeAsValue, LLIntCallLinkInfo* callLinkInfo = 0) { - ExecState* exec = execCallee->callerFrame(); - #if LLINT_SLOW_PATH_TRACING - dataLogF("Performing call with recorded PC = %p\n", exec->currentVPC()); + dataLogF("Performing call with recorded PC = %p\n", execCallee->callerFrame()->currentVPC()); #endif - + JSCell* calleeAsFunctionCell = getJSFunction(calleeAsValue); if (!calleeAsFunctionCell) return handleHostCall(execCallee, pc, calleeAsValue, kind); @@ -1095,35 +1039,30 @@ inline SlowPathReturnType setUpCall(ExecState* execCallee, Instruction* pc, Code JSFunction* callee = jsCast<JSFunction*>(calleeAsFunctionCell); JSScope* scope = callee->scopeUnchecked(); VM& vm = *scope->vm(); + execCallee->setScope(scope); ExecutableBase* executable = callee->executable(); MacroAssemblerCodePtr codePtr; CodeBlock* codeBlock = 0; if (executable->isHostFunction()) - codePtr = executable->entrypointFor(vm, kind, MustCheckArity, RegisterPreservationNotRequired); + codePtr = executable->hostCodeEntryFor(kind); else { FunctionExecutable* functionExecutable = static_cast<FunctionExecutable*>(executable); - - if (!isCall(kind) && functionExecutable->constructAbility() == ConstructAbility::CannotConstruct) - LLINT_CALL_THROW(exec, createNotAConstructorError(exec, callee)); - - JSObject* error = functionExecutable->prepareForExecution(execCallee, callee, scope, kind); + JSObject* error = functionExecutable->prepareForExecution(execCallee, callee->scope(), kind); if (error) - LLINT_CALL_THROW(exec, error); + LLINT_CALL_THROW(execCallee->callerFrame(), error); codeBlock = functionExecutable->codeBlockFor(kind); ASSERT(codeBlock); - ArityCheckMode arity; if (execCallee->argumentCountIncludingThis() < static_cast<size_t>(codeBlock->numParameters())) - arity = MustCheckArity; + codePtr = functionExecutable->jsCodeWithArityCheckEntryFor(kind); else - arity = ArityCheckNotRequired; - codePtr = functionExecutable->entrypointFor(vm, kind, arity, RegisterPreservationNotRequired); + codePtr = functionExecutable->jsCodeEntryFor(kind); } - ASSERT(!!codePtr); - if (!LLINT_ALWAYS_ACCESS_SLOW && callLinkInfo) { - CodeBlock* callerCodeBlock = exec->codeBlock(); + ExecState* execCaller = execCallee->callerFrame(); + + CodeBlock* callerCodeBlock = execCaller->codeBlock(); ConcurrentJITLocker locker(callerCodeBlock->m_lock); @@ -1133,10 +1072,10 @@ inline SlowPathReturnType setUpCall(ExecState* execCallee, Instruction* pc, Code callLinkInfo->lastSeenCallee.set(vm, callerCodeBlock->ownerExecutable(), callee); callLinkInfo->machineCodeTarget = codePtr; if (codeBlock) - codeBlock->linkIncomingCall(exec, callLinkInfo); + codeBlock->linkIncomingCall(execCaller, callLinkInfo); } - LLINT_CALL_RETURN(exec, execCallee, codePtr.executableAddress()); + LLINT_CALL_RETURN(execCallee, codePtr.executableAddress()); } inline SlowPathReturnType genericCall(ExecState* exec, Instruction* pc, CodeSpecializationKind kind) @@ -1171,22 +1110,19 @@ LLINT_SLOW_PATH_DECL(slow_path_construct) return genericCall(exec, pc, CodeForConstruct); } -LLINT_SLOW_PATH_DECL(slow_path_size_frame_for_varargs) +LLINT_SLOW_PATH_DECL(slow_path_size_and_alloc_frame_for_varargs) { LLINT_BEGIN(); // This needs to: // - Set up a call frame while respecting the variable arguments. - unsigned numUsedStackSlots = -pc[5].u.operand; - unsigned length = sizeFrameForVarargs(exec, &vm.interpreter->stack(), - LLINT_OP_C(4).jsValue(), numUsedStackSlots, pc[6].u.operand); - LLINT_CALL_CHECK_EXCEPTION(exec, exec); + ExecState* execCallee = sizeAndAllocFrameForVarargs(exec, &vm.interpreter->stack(), + LLINT_OP_C(4).jsValue(), pc[5].u.operand); + LLINT_CALL_CHECK_EXCEPTION(exec); - ExecState* execCallee = calleeFrameForVarargs(exec, numUsedStackSlots, length + 1); - vm.varargsLength = length; vm.newCallFrameReturnValue = execCallee; - LLINT_RETURN_CALLEE_FRAME(execCallee); + LLINT_END(); } LLINT_SLOW_PATH_DECL(slow_path_call_varargs) @@ -1200,8 +1136,8 @@ LLINT_SLOW_PATH_DECL(slow_path_call_varargs) ExecState* execCallee = vm.newCallFrameReturnValue; - setupVarargsFrameAndSetThis(exec, execCallee, LLINT_OP_C(3).jsValue(), LLINT_OP_C(4).jsValue(), pc[6].u.operand, vm.varargsLength); - LLINT_CALL_CHECK_EXCEPTION(exec, exec); + loadVarargs(exec, execCallee, LLINT_OP_C(3).jsValue(), LLINT_OP_C(4).jsValue()); + LLINT_CALL_CHECK_EXCEPTION(exec); execCallee->uncheckedR(JSStack::Callee) = calleeAsValue; execCallee->setCallerFrame(exec); @@ -1209,28 +1145,7 @@ LLINT_SLOW_PATH_DECL(slow_path_call_varargs) return setUpCall(execCallee, pc, CodeForCall, calleeAsValue); } - -LLINT_SLOW_PATH_DECL(slow_path_construct_varargs) -{ - LLINT_BEGIN_NO_SET_PC(); - // This needs to: - // - Figure out what to call and compile it if necessary. - // - Return a tuple of machine code address to call and the new call frame. - - JSValue calleeAsValue = LLINT_OP_C(2).jsValue(); - - ExecState* execCallee = vm.newCallFrameReturnValue; - - setupVarargsFrameAndSetThis(exec, execCallee, LLINT_OP_C(3).jsValue(), LLINT_OP_C(4).jsValue(), pc[6].u.operand, vm.varargsLength); - LLINT_CALL_CHECK_EXCEPTION(exec, exec); - - execCallee->uncheckedR(JSStack::Callee) = calleeAsValue; - execCallee->setCallerFrame(exec); - exec->setCurrentVPC(pc); - - return setUpCall(execCallee, pc, CodeForConstruct, calleeAsValue); -} - + LLINT_SLOW_PATH_DECL(slow_path_call_eval) { LLINT_BEGIN_NO_SET_PC(); @@ -1241,6 +1156,7 @@ LLINT_SLOW_PATH_DECL(slow_path_call_eval) execCallee->setArgumentCountIncludingThis(pc[3].u.operand); execCallee->setCallerFrame(exec); execCallee->uncheckedR(JSStack::Callee) = calleeAsValue; + execCallee->setScope(exec->scope()); execCallee->setReturnPC(LLInt::getCodePtr(llint_generic_return_point)); execCallee->setCodeBlock(0); exec->setCurrentVPC(pc); @@ -1249,7 +1165,27 @@ LLINT_SLOW_PATH_DECL(slow_path_call_eval) return setUpCall(execCallee, pc, CodeForCall, calleeAsValue); vm.hostCallReturnValue = eval(execCallee); - LLINT_CALL_RETURN(exec, execCallee, LLInt::getCodePtr(getHostCallReturnValue)); + LLINT_CALL_RETURN(execCallee, LLInt::getCodePtr(getHostCallReturnValue)); +} + +LLINT_SLOW_PATH_DECL(slow_path_tear_off_activation) +{ + LLINT_BEGIN(); + ASSERT(exec->codeBlock()->needsFullScopeChain()); + jsCast<JSActivation*>(LLINT_OP(1).jsValue())->tearOff(vm); + LLINT_END(); +} + +LLINT_SLOW_PATH_DECL(slow_path_tear_off_arguments) +{ + LLINT_BEGIN(); + ASSERT(exec->codeBlock()->usesArguments()); + Arguments* arguments = jsCast<Arguments*>(exec->uncheckedR(unmodifiedArgumentsRegister(VirtualRegister(pc[1].u.operand)).offset()).jsValue()); + if (JSValue activationValue = LLINT_OP_C(2).jsValue()) + arguments->didTearOffActivation(exec, jsCast<JSActivation*>(activationValue)); + else + arguments->tearOff(exec); + LLINT_END(); } LLINT_SLOW_PATH_DECL(slow_path_strcat) @@ -1264,6 +1200,70 @@ LLINT_SLOW_PATH_DECL(slow_path_to_primitive) LLINT_RETURN(LLINT_OP_C(2).jsValue().toPrimitive(exec)); } +LLINT_SLOW_PATH_DECL(slow_path_get_pnames) +{ + LLINT_BEGIN(); + JSValue v = LLINT_OP(2).jsValue(); + if (v.isUndefinedOrNull()) { + pc += pc[5].u.operand; + LLINT_END(); + } + + JSObject* o = v.toObject(exec); + Structure* structure = o->structure(); + JSPropertyNameIterator* jsPropertyNameIterator = structure->enumerationCache(); + if (!jsPropertyNameIterator || jsPropertyNameIterator->cachedPrototypeChain() != structure->prototypeChain(exec)) + jsPropertyNameIterator = JSPropertyNameIterator::create(exec, o); + + LLINT_OP(1) = JSValue(jsPropertyNameIterator); + LLINT_OP(2) = JSValue(o); + LLINT_OP(3) = Register::withInt(0); + LLINT_OP(4) = Register::withInt(jsPropertyNameIterator->size()); + + pc += OPCODE_LENGTH(op_get_pnames); + LLINT_END(); +} + +LLINT_SLOW_PATH_DECL(slow_path_next_pname) +{ + LLINT_BEGIN(); + JSObject* base = asObject(LLINT_OP(2).jsValue()); + JSString* property = asString(LLINT_OP(1).jsValue()); + if (base->hasProperty(exec, Identifier(exec, property->value(exec)))) { + // Go to target. + pc += pc[6].u.operand; + } // Else, don't change the PC, so the interpreter will reloop. + LLINT_END(); +} + +LLINT_SLOW_PATH_DECL(slow_path_push_with_scope) +{ + LLINT_BEGIN(); + JSValue v = LLINT_OP_C(1).jsValue(); + JSObject* o = v.toObject(exec); + LLINT_CHECK_EXCEPTION(); + + exec->setScope(JSWithScope::create(exec, o)); + + LLINT_END(); +} + +LLINT_SLOW_PATH_DECL(slow_path_pop_scope) +{ + LLINT_BEGIN(); + exec->setScope(exec->scope()->next()); + LLINT_END(); +} + +LLINT_SLOW_PATH_DECL(slow_path_push_name_scope) +{ + LLINT_BEGIN(); + CodeBlock* codeBlock = exec->codeBlock(); + JSNameScope* scope = JSNameScope::create(exec, codeBlock->identifier(pc[1].u.operand), LLINT_OP(2).jsValue(), pc[3].u.operand); + exec->setScope(scope); + LLINT_END(); +} + LLINT_SLOW_PATH_DECL(slow_path_throw) { LLINT_BEGIN(); @@ -1273,20 +1273,16 @@ LLINT_SLOW_PATH_DECL(slow_path_throw) LLINT_SLOW_PATH_DECL(slow_path_throw_static_error) { LLINT_BEGIN(); - JSValue errorMessageValue = LLINT_OP_C(1).jsValue(); - RELEASE_ASSERT(errorMessageValue.isString()); - String errorMessage = asString(errorMessageValue)->value(exec); if (pc[2].u.operand) - LLINT_THROW(createReferenceError(exec, errorMessage)); + LLINT_THROW(createReferenceError(exec, errorDescriptionForValue(exec, LLINT_OP_C(1).jsValue())->value(exec))); else - LLINT_THROW(createTypeError(exec, errorMessage)); + LLINT_THROW(createTypeError(exec, errorDescriptionForValue(exec, LLINT_OP_C(1).jsValue())->value(exec))); } LLINT_SLOW_PATH_DECL(slow_path_handle_watchdog_timer) { LLINT_BEGIN_NO_SET_PC(); - ASSERT(vm.watchdog); - if (UNLIKELY(vm.shouldTriggerTermination(exec))) + if (UNLIKELY(vm.watchdog.didFire(exec))) LLINT_THROW(createTerminatedExecutionException(&vm)); LLINT_RETURN_TWO(0, exec); } @@ -1316,25 +1312,31 @@ LLINT_SLOW_PATH_DECL(slow_path_profile_did_call) LLINT_END(); } +LLINT_SLOW_PATH_DECL(throw_from_native_call) +{ + LLINT_BEGIN(); + ASSERT(vm.exception()); + LLINT_END(); +} + LLINT_SLOW_PATH_DECL(slow_path_handle_exception) { LLINT_BEGIN_NO_SET_PC(); - genericUnwind(&vm, exec); + ASSERT(vm.exception()); + genericUnwind(&vm, exec, vm.exception()); LLINT_END_IMPL(); } LLINT_SLOW_PATH_DECL(slow_path_resolve_scope) { LLINT_BEGIN(); - const Identifier& ident = exec->codeBlock()->identifier(pc[3].u.operand); - JSScope* scope = LLINT_OP(2).Register::scope(); - LLINT_RETURN(JSScope::resolve(exec, scope, ident)); + const Identifier& ident = exec->codeBlock()->identifier(pc[2].u.operand); + LLINT_RETURN(JSScope::resolve(exec, exec->scope(), ident)); } LLINT_SLOW_PATH_DECL(slow_path_get_from_scope) { LLINT_BEGIN(); - const Identifier& ident = exec->codeBlock()->identifier(pc[3].u.operand); JSObject* scope = jsCast<JSObject*>(LLINT_OP(2).jsValue()); ResolveModeAndType modeAndType(pc[4].u.operand); @@ -1350,13 +1352,9 @@ LLINT_SLOW_PATH_DECL(slow_path_get_from_scope) if (slot.isCacheableValue() && slot.slotBase() == scope && scope->structure()->propertyAccessesAreCacheable()) { if (modeAndType.type() == GlobalProperty || modeAndType.type() == GlobalPropertyWithVarInjectionChecks) { CodeBlock* codeBlock = exec->codeBlock(); - Structure* structure = scope->structure(vm); - { - ConcurrentJITLocker locker(codeBlock->m_lock); - pc[5].u.structure.set(exec->vm(), codeBlock->ownerExecutable(), structure); - pc[6].u.operand = slot.cachedOffset(); - } - structure->startWatchingPropertyForReplacements(vm, slot.cachedOffset()); + ConcurrentJITLocker locker(codeBlock->m_lock); + pc[5].u.structure.set(exec->vm(), codeBlock->ownerExecutable(), scope->structure()); + pc[6].u.operand = slot.cachedOffset(); } } @@ -1366,61 +1364,35 @@ LLINT_SLOW_PATH_DECL(slow_path_get_from_scope) LLINT_SLOW_PATH_DECL(slow_path_put_to_scope) { LLINT_BEGIN(); - CodeBlock* codeBlock = exec->codeBlock(); const Identifier& ident = codeBlock->identifier(pc[2].u.operand); JSObject* scope = jsCast<JSObject*>(LLINT_OP(1).jsValue()); JSValue value = LLINT_OP_C(3).jsValue(); ResolveModeAndType modeAndType = ResolveModeAndType(pc[4].u.operand); - if (modeAndType.type() == LocalClosureVar) { - JSLexicalEnvironment* environment = jsCast<JSLexicalEnvironment*>(scope); - environment->variableAt(ScopeOffset(pc[6].u.operand)).set(vm, environment, value); - - // Have to do this *after* the write, because if this puts the set into IsWatched, then we need - // to have already changed the value of the variable. Otherwise we might watch and constant-fold - // to the Undefined value from before the assignment. - if (WatchpointSet* set = pc[5].u.watchpointSet) - set->touch("Executed op_put_scope<LocalClosureVar>"); - LLINT_END(); - } if (modeAndType.mode() == ThrowIfNotFound && !scope->hasProperty(exec, ident)) LLINT_THROW(createUndefinedVariableError(exec, ident)); PutPropertySlot slot(scope, codeBlock->isStrictMode()); scope->methodTable()->put(scope, exec, ident, value, slot); - - CommonSlowPaths::tryCachePutToScopeGlobal(exec, codeBlock, pc, scope, modeAndType, slot); - - LLINT_END(); -} - -extern "C" SlowPathReturnType llint_throw_stack_overflow_error(VM* vm, ProtoCallFrame* protoFrame) -{ - ExecState* exec = vm->topCallFrame; - if (!exec) - exec = protoFrame->callee()->globalObject()->globalExec(); - throwStackOverflowError(exec); - return encodeResult(0, 0); -} -#if !ENABLE(JIT) -extern "C" SlowPathReturnType llint_stack_check_at_vm_entry(VM* vm, Register* newTopOfStack) -{ - bool success = vm->interpreter->stack().ensureCapacityFor(newTopOfStack); - return encodeResult(reinterpret_cast<void*>(success), 0); -} -#endif + // Covers implicit globals. Since they don't exist until they first execute, we didn't know how to cache them at compile time. + if (modeAndType.type() == GlobalProperty || modeAndType.type() == GlobalPropertyWithVarInjectionChecks) { + if (slot.isCacheable() && slot.base() == scope && scope->structure()->propertyAccessesAreCacheable()) { + ConcurrentJITLocker locker(codeBlock->m_lock); + pc[5].u.structure.set(exec->vm(), codeBlock->ownerExecutable(), scope->structure()); + pc[6].u.operand = slot.cachedOffset(); + } + } -extern "C" void llint_write_barrier_slow(ExecState* exec, JSCell* cell) -{ - VM& vm = exec->vm(); - vm.heap.writeBarrier(cell); + LLINT_END(); } -extern "C" NO_RETURN_DUE_TO_CRASH void llint_crash() +extern "C" void llint_write_barrier_slow(ExecState*, JSCell* cell) { - CRASH(); + Heap::writeBarrier(cell); } } } // namespace JSC::LLInt + +#endif // ENABLE(LLINT) |