Blame - Source/JavaScriptCore/dfg/DFGOperations.cpp - WebKit

blob: 07807809894f7dd70bac420284f43e945ecfbd49 [file] [log] [blame]

barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	1	/*
keith_miller@apple.com	3793b13	2016-01-11 21:31:04 +0000	[diff] [blame]	2	* Copyright (C) 2011, 2013-2016 Apple Inc. All rights reserved.
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	3	*
				4	* Redistribution and use in source and binary forms, with or without
				5	* modification, are permitted provided that the following conditions
				6	* are met:
				7	* 1. Redistributions of source code must retain the above copyright
				8	* notice, this list of conditions and the following disclaimer.
				9	* 2. Redistributions in binary form must reproduce the above copyright
				10	* notice, this list of conditions and the following disclaimer in the
				11	* documentation and/or other materials provided with the distribution.
				12	*
				13	* THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
				14	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
				15	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
				16	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
				17	* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
				18	* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
				19	* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
				20	* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
				21	* OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
				22	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
				23	* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
				24	*/
				25
				26	#include "config.h"
				27	#include "DFGOperations.h"
				28
keith_miller@apple.com	5bed6f6	2016-06-16 06:01:47 +0000	[diff] [blame]	29	#include "ArrayConstructor.h"
mark.lam@apple.com	a4fe7ab	2012-11-09 03:03:44 +0000	[diff] [blame]	30	#include "ButterflyInlines.h"
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	31	#include "ClonedArguments.h"
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	32	#include "CodeBlock.h"
oliver@apple.com	b3e5acb	2013-07-25 04:02:53 +0000	[diff] [blame]	33	#include "CommonSlowPaths.h"
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	34	#include "DFGDriver.h"
fpizlo@apple.com	b426f86	2014-02-10 02:51:13 +0000	[diff] [blame]	35	#include "DFGJITCode.h"
fpizlo@apple.com	0bef2a1	2014-02-10 19:26:29 +0000	[diff] [blame]	36	#include "DFGOSRExit.h"
fpizlo@apple.com	5e13577	2012-07-12 00:12:03 +0000	[diff] [blame]	37	#include "DFGThunks.h"
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	38	#include "DFGToFTLDeferredCompilationCallback.h"
				39	#include "DFGToFTLForOSREntryDeferredCompilationCallback.h"
				40	#include "DFGWorklist.h"
utatane.tea@gmail.com	f7db559	2016-10-04 19:31:24 +0000	[diff] [blame]	41	#include "DefinePropertyAttributes.h"
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	42	#include "DirectArguments.h"
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	43	#include "FTLForOSREntryJITCode.h"
				44	#include "FTLOSREntry.h"
sbarati@apple.com	a3db465	2016-09-20 01:05:50 +0000	[diff] [blame]	45	#include "HasOwnPropertyCache.h"
utatane.tea@gmail.com	c258519	2016-08-25 22:55:10 +0000	[diff] [blame]	46	#include "HostCallReturnValue.h"
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	47	#include "Interpreter.h"
fpizlo@apple.com	16e2cbf	2012-06-22 23:32:59 +0000	[diff] [blame]	48	#include "JIT.h"
oliver@apple.com	c55314a	2012-05-30 19:45:20 +0000	[diff] [blame]	49	#include "JITExceptions.h"
sbarati@apple.com	5b8aea1	2017-01-24 00:15:21 +0000	[diff] [blame]	50	#include "JSArrayInlines.h"
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	51	#include "JSCInlines.h"
sbarati@apple.com	99ed479	2016-11-12 02:58:11 +0000	[diff] [blame]	52	#include "JSFixedArray.h"
keith_miller@apple.com	1ec869c	2016-06-21 17:54:33 +0000	[diff] [blame]	53	#include "JSGenericTypedArrayViewConstructorInlines.h"
oliver@apple.com	a7dfb4d	2014-09-11 18:18:14 +0000	[diff] [blame]	54	#include "JSLexicalEnvironment.h"
sbarati@apple.com	21fc86e	2016-09-06 23:22:01 +0000	[diff] [blame]	55	#include "JSMap.h"
				56	#include "JSSet.h"
ggaren@apple.com	c862eac	2013-01-29 05:48:01 +0000	[diff] [blame]	57	#include "ObjectConstructor.h"
mark.lam@apple.com	581437a	2016-09-22 23:41:56 +0000	[diff] [blame]	58	#include "Operations.h"
joepeck@webkit.org	7e07f39	2016-09-22 18:59:47 +0000	[diff] [blame]	59	#include "RegExpObject.h"
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	60	#include "Repatch.h"
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	61	#include "ScopedArguments.h"
commit-queue@webkit.org	aa31a5e	2013-04-09 06:45:16 +0000	[diff] [blame]	62	#include "StringConstructor.h"
fpizlo@apple.com	5e29b76	2016-03-18 00:53:24 +0000	[diff] [blame]	63	#include "SuperSampler.h"
utatane.tea@gmail.com	947fa4e	2015-01-31 01:23:56 +0000	[diff] [blame]	64	#include "Symbol.h"
saambarati1@gmail.com	daf1020	2014-10-01 20:47:51 +0000	[diff] [blame]	65	#include "TypeProfilerLog.h"
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	66	#include "TypedArrayInlines.h"
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	67	#include "VMInlines.h"
fpizlo@apple.com	16e2cbf	2012-06-22 23:32:59 +0000	[diff] [blame]	68	#include <wtf/InlineASM.h>
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	69
commit-queue@webkit.org	b841948	2012-08-30 22:21:48 +0000	[diff] [blame]	70	#if ENABLE(JIT)
fpizlo@apple.com	7bbcaab	2012-02-22 05:23:19 +0000	[diff] [blame]	71	#if ENABLE(DFG_JIT)
				72
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	73	namespace JSC { namespace DFG {
				74
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	75	template<bool strict, bool direct>
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	76	static inline void putByVal(ExecState* exec, JSValue baseValue, uint32_t index, JSValue value)
barraclough@apple.com	c7af2d3	2011-05-26 21:37:05 +0000	[diff] [blame]	77	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	78	VM& vm = exec->vm();
				79	NativeCallFrameTracer tracer(&vm, exec);
utatane.tea@gmail.com	20b6e30	2015-04-07 07:26:08 +0000	[diff] [blame]	80	ASSERT(isIndex(index));
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	81	if (direct) {
				82	RELEASE_ASSERT(baseValue.isObject());
				83	asObject(baseValue)->putDirectIndex(exec, index, value, 0, strict ? PutDirectIndexShouldThrow : PutDirectIndexShouldNotThrow);
				84	return;
				85	}
fpizlo@apple.com	d8dd053	2012-09-13 04:18:52 +0000	[diff] [blame]	86	if (baseValue.isObject()) {
				87	JSObject* object = asObject(baseValue);
				88	if (object->canSetIndexQuickly(index)) {
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	89	object->setIndexQuickly(vm, index, value);
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	90	return;
				91	}
				92
mhahnenberg@apple.com	b6f8519	2014-02-27 01:27:18 +0000	[diff] [blame]	93	object->methodTable(vm)->putByIndex(object, exec, index, value, strict);
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	94	return;
				95	}
				96
barraclough@apple.com	a4d51f2	2012-03-06 01:18:42 +0000	[diff] [blame]	97	baseValue.putByIndex(exec, index, value, strict);
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	98	}
				99
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	100	template<bool strict, bool direct>
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	101	ALWAYS_INLINE static void JIT_OPERATION operationPutByValInternal(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedProperty, EncodedJSValue encodedValue)
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	102	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	103	VM* vm = &exec->vm();
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	104	auto scope = DECLARE_THROW_SCOPE(*vm);
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	105	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	106
barraclough@apple.com	c7af2d3	2011-05-26 21:37:05 +0000	[diff] [blame]	107	JSValue baseValue = JSValue::decode(encodedBase);
				108	JSValue property = JSValue::decode(encodedProperty);
				109	JSValue value = JSValue::decode(encodedValue);
				110
				111	if (LIKELY(property.isUInt32())) {
utatane.tea@gmail.com	20b6e30	2015-04-07 07:26:08 +0000	[diff] [blame]	112	// Despite its name, JSValue::isUInt32 will return true only for positive boxed int32_t; all those values are valid array indices.
				113	ASSERT(isIndex(property.asUInt32()));
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	114	scope.release();
commit-queue@webkit.org	e3549c6	2015-01-22 19:34:34 +0000	[diff] [blame]	115	putByVal<strict, direct>(exec, baseValue, property.asUInt32(), value);
barraclough@apple.com	c7af2d3	2011-05-26 21:37:05 +0000	[diff] [blame]	116	return;
				117	}
				118
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	119	if (property.isDouble()) {
				120	double propertyAsDouble = property.asDouble();
				121	uint32_t propertyAsUInt32 = static_cast<uint32_t>(propertyAsDouble);
utatane.tea@gmail.com	20b6e30	2015-04-07 07:26:08 +0000	[diff] [blame]	122	if (propertyAsDouble == propertyAsUInt32 && isIndex(propertyAsUInt32)) {
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	123	scope.release();
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	124	putByVal<strict, direct>(exec, baseValue, propertyAsUInt32, value);
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	125	return;
				126	}
				127	}
				128
barraclough@apple.com	c7af2d3	2011-05-26 21:37:05 +0000	[diff] [blame]	129	// Don't put to an object if toString throws an exception.
utatane.tea@gmail.com	e16e15d	2015-03-20 21:35:17 +0000	[diff] [blame]	130	auto propertyName = property.toPropertyKey(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	131	RETURN_IF_EXCEPTION(scope, void());
utatane.tea@gmail.com	20b6e30	2015-04-07 07:26:08 +0000	[diff] [blame]	132
				133	PutPropertySlot slot(baseValue, strict);
				134	if (direct) {
				135	RELEASE_ASSERT(baseValue.isObject());
utatane.tea@gmail.com	4392696	2016-11-27 06:08:16 +0000	[diff] [blame]	136	if (std::optional<uint32_t> index = parseIndex(propertyName)) {
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	137	scope.release();
utatane.tea@gmail.com	20b6e30	2015-04-07 07:26:08 +0000	[diff] [blame]	138	asObject(baseValue)->putDirectIndex(exec, index.value(), value, 0, strict ? PutDirectIndexShouldThrow : PutDirectIndexShouldNotThrow);
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	139	return;
				140	}
				141	asObject(baseValue)->putDirect(*vm, propertyName, value, slot);
				142	return;
				143	}
				144	scope.release();
				145	baseValue.put(exec, propertyName, value, slot);
barraclough@apple.com	c7af2d3	2011-05-26 21:37:05 +0000	[diff] [blame]	146	}
				147
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	148	template<typename ViewClass>
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	149	char* newTypedArrayWithSize(ExecState* exec, Structure* structure, int32_t size, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	150	{
				151	VM& vm = exec->vm();
				152	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	153	auto scope = DECLARE_THROW_SCOPE(vm);
				154
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	155	if (size < 0) {
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	156	throwException(exec, scope, createRangeError(exec, ASCIILiteral("Requested length is negative")));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	157	return 0;
				158	}
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	159
				160	if (vector)
				161	return bitwise_cast<char*>(ViewClass::createWithFastVector(exec, structure, size, vector));
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	162
				163	scope.release();
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	164	return bitwise_cast<char*>(ViewClass::create(exec, structure, size));
				165	}
				166
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	167	template <bool strict>
				168	static ALWAYS_INLINE void putWithThis(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedThis, EncodedJSValue encodedValue, const Identifier& ident)
				169	{
				170	JSValue baseValue = JSValue::decode(encodedBase);
				171	JSValue thisVal = JSValue::decode(encodedThis);
				172	JSValue putValue = JSValue::decode(encodedValue);
				173	PutPropertySlot slot(thisVal, strict);
				174	baseValue.putInline(exec, ident, putValue, slot);
				175	}
				176
barraclough@apple.com	c7af2d3	2011-05-26 21:37:05 +0000	[diff] [blame]	177	extern "C" {
				178
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	179	EncodedJSValue JIT_OPERATION operationToThis(ExecState* exec, EncodedJSValue encodedOp)
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	180	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	181	VM* vm = &exec->vm();
				182	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	183
fpizlo@apple.com	018818d	2013-09-13 23:18:19 +0000	[diff] [blame]	184	return JSValue::encode(JSValue::decode(encodedOp).toThis(exec, NotStrictMode));
				185	}
				186
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	187	EncodedJSValue JIT_OPERATION operationToThisStrict(ExecState* exec, EncodedJSValue encodedOp)
fpizlo@apple.com	018818d	2013-09-13 23:18:19 +0000	[diff] [blame]	188	{
				189	VM* vm = &exec->vm();
				190	NativeCallFrameTracer tracer(vm, exec);
				191
				192	return JSValue::encode(JSValue::decode(encodedOp).toThis(exec, StrictMode));
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	193	}
				194
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	195	JSCell* JIT_OPERATION operationCreateThis(ExecState* exec, JSObject* constructor, int32_t inlineCapacity)
fpizlo@apple.com	bb159ec	2011-09-21 22:17:06 +0000	[diff] [blame]	196	{
mhahnenberg@apple.com	b6f8519	2014-02-27 01:27:18 +0000	[diff] [blame]	197	VM& vm = exec->vm();
				198	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	199	auto scope = DECLARE_THROW_SCOPE(vm);
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	200	if (constructor->type() == JSFunctionType) {
				201	auto rareData = jsCast<JSFunction*>(constructor)->rareData(exec, inlineCapacity);
				202	RETURN_IF_EXCEPTION(scope, nullptr);
				203	return constructEmptyObject(exec, rareData->objectAllocationProfile()->structure());
				204	}
barraclough@apple.com	cef11dc	2012-05-10 18:40:29 +0000	[diff] [blame]	205
utatane.tea@gmail.com	f76f1b4	2016-03-05 17:01:04 +0000	[diff] [blame]	206	JSValue proto = constructor->get(exec, exec->propertyNames().prototype);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	207	RETURN_IF_EXCEPTION(scope, nullptr);
utatane.tea@gmail.com	f76f1b4	2016-03-05 17:01:04 +0000	[diff] [blame]	208	if (proto.isObject())
				209	return constructEmptyObject(exec, asObject(proto));
sbarati@apple.com	e5315aa	2016-02-20 23:51:33 +0000	[diff] [blame]	210	return constructEmptyObject(exec);
fpizlo@apple.com	133c9ac	2011-11-08 00:37:33 +0000	[diff] [blame]	211	}
				212
keith_miller@apple.com	5bed6f6	2016-06-16 06:01:47 +0000	[diff] [blame]	213	JSCell* JIT_OPERATION operationObjectConstructor(ExecState* exec, JSGlobalObject* globalObject, EncodedJSValue encodedTarget)
				214	{
				215	VM* vm = &exec->vm();
				216	NativeCallFrameTracer tracer(vm, exec);
				217
				218	JSValue value = JSValue::decode(encodedTarget);
				219	ASSERT(!value.isObject());
				220
				221	if (value.isUndefinedOrNull())
				222	return constructEmptyObject(exec, globalObject->objectPrototype());
				223	return value.toObject(exec, globalObject);
				224	}
				225
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	226	EncodedJSValue JIT_OPERATION operationValueBitAnd(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
				227	{
				228	VM* vm = &exec->vm();
				229	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	230	auto scope = DECLARE_THROW_SCOPE(*vm);
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	231
				232	JSValue op1 = JSValue::decode(encodedOp1);
				233	JSValue op2 = JSValue::decode(encodedOp2);
				234
				235	int32_t a = op1.toInt32(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	236	RETURN_IF_EXCEPTION(scope, encodedJSValue());
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	237	scope.release();
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	238	int32_t b = op2.toInt32(exec);
				239	return JSValue::encode(jsNumber(a & b));
				240	}
				241
				242	EncodedJSValue JIT_OPERATION operationValueBitOr(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
				243	{
				244	VM* vm = &exec->vm();
				245	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	246	auto scope = DECLARE_THROW_SCOPE(*vm);
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	247
				248	JSValue op1 = JSValue::decode(encodedOp1);
				249	JSValue op2 = JSValue::decode(encodedOp2);
				250
				251	int32_t a = op1.toInt32(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	252	RETURN_IF_EXCEPTION(scope, encodedJSValue());
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	253	scope.release();
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	254	int32_t b = op2.toInt32(exec);
				255	return JSValue::encode(jsNumber(a \| b));
				256	}
				257
				258	EncodedJSValue JIT_OPERATION operationValueBitXor(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
				259	{
				260	VM* vm = &exec->vm();
				261	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	262	auto scope = DECLARE_THROW_SCOPE(*vm);
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	263
				264	JSValue op1 = JSValue::decode(encodedOp1);
				265	JSValue op2 = JSValue::decode(encodedOp2);
				266
				267	int32_t a = op1.toInt32(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	268	RETURN_IF_EXCEPTION(scope, encodedJSValue());
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	269	scope.release();
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	270	int32_t b = op2.toInt32(exec);
				271	return JSValue::encode(jsNumber(a ^ b));
				272	}
				273
				274	EncodedJSValue JIT_OPERATION operationValueBitLShift(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
				275	{
				276	VM* vm = &exec->vm();
				277	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	278	auto scope = DECLARE_THROW_SCOPE(*vm);
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	279
				280	JSValue op1 = JSValue::decode(encodedOp1);
				281	JSValue op2 = JSValue::decode(encodedOp2);
				282
				283	int32_t a = op1.toInt32(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	284	RETURN_IF_EXCEPTION(scope, encodedJSValue());
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	285	scope.release();
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	286	uint32_t b = op2.toUInt32(exec);
				287	return JSValue::encode(jsNumber(a << (b & 0x1f)));
				288	}
				289
				290	EncodedJSValue JIT_OPERATION operationValueBitRShift(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
				291	{
				292	VM* vm = &exec->vm();
				293	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	294	auto scope = DECLARE_THROW_SCOPE(*vm);
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	295
				296	JSValue op1 = JSValue::decode(encodedOp1);
				297	JSValue op2 = JSValue::decode(encodedOp2);
				298
				299	int32_t a = op1.toInt32(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	300	RETURN_IF_EXCEPTION(scope, encodedJSValue());
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	301	scope.release();
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	302	uint32_t b = op2.toUInt32(exec);
				303	return JSValue::encode(jsNumber(a >> (b & 0x1f)));
				304	}
				305
				306	EncodedJSValue JIT_OPERATION operationValueBitURShift(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
				307	{
				308	VM* vm = &exec->vm();
				309	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	310	auto scope = DECLARE_THROW_SCOPE(*vm);
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	311
				312	JSValue op1 = JSValue::decode(encodedOp1);
				313	JSValue op2 = JSValue::decode(encodedOp2);
				314
				315	uint32_t a = op1.toUInt32(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	316	RETURN_IF_EXCEPTION(scope, encodedJSValue());
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	317	scope.release();
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	318	uint32_t b = op2.toUInt32(exec);
				319	return JSValue::encode(jsNumber(static_cast<int32_t>(a >> (b & 0x1f))));
				320	}
				321
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	322	EncodedJSValue JIT_OPERATION operationValueAddNotNumber(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
fpizlo@apple.com	5c90704	2011-09-15 01:24:39 +0000	[diff] [blame]	323	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	324	VM* vm = &exec->vm();
				325	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	326
fpizlo@apple.com	5c90704	2011-09-15 01:24:39 +0000	[diff] [blame]	327	JSValue op1 = JSValue::decode(encodedOp1);
				328	JSValue op2 = JSValue::decode(encodedOp2);
				329
fpizlo@apple.com	5df0cd8	2011-08-19 00:18:49 +0000	[diff] [blame]	330	ASSERT(!op1.isNumber() \|\| !op2.isNumber());
fpizlo@apple.com	5c90704	2011-09-15 01:24:39 +0000	[diff] [blame]	331
ggaren@apple.com	64be5e9	2012-01-24 07:34:10 +0000	[diff] [blame]	332	if (op1.isString() && !op2.isObject())
				333	return JSValue::encode(jsString(exec, asString(op1), op2.toString(exec)));
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	334
				335	return JSValue::encode(jsAddSlowCase(exec, op1, op2));
				336	}
				337
mark.lam@apple.com	224ce4d	2015-12-08 21:44:12 +0000	[diff] [blame]	338	EncodedJSValue JIT_OPERATION operationValueDiv(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
				339	{
				340	VM* vm = &exec->vm();
				341	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	342	auto scope = DECLARE_THROW_SCOPE(*vm);
mark.lam@apple.com	224ce4d	2015-12-08 21:44:12 +0000	[diff] [blame]	343
				344	JSValue op1 = JSValue::decode(encodedOp1);
				345	JSValue op2 = JSValue::decode(encodedOp2);
				346
				347	double a = op1.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	348	RETURN_IF_EXCEPTION(scope, encodedJSValue());
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	349	scope.release();
mark.lam@apple.com	224ce4d	2015-12-08 21:44:12 +0000	[diff] [blame]	350	double b = op2.toNumber(exec);
				351	return JSValue::encode(jsNumber(a / b));
				352	}
				353
commit-queue@webkit.org	0ec7107	2016-08-29 07:21:04 +0000	[diff] [blame]	354	double JIT_OPERATION operationArithAbs(ExecState* exec, EncodedJSValue encodedOp1)
				355	{
				356	VM* vm = &exec->vm();
				357	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	358	auto scope = DECLARE_THROW_SCOPE(*vm);
commit-queue@webkit.org	0ec7107	2016-08-29 07:21:04 +0000	[diff] [blame]	359
				360	JSValue op1 = JSValue::decode(encodedOp1);
				361	double a = op1.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	362	RETURN_IF_EXCEPTION(scope, PNaN);
commit-queue@webkit.org	0ec7107	2016-08-29 07:21:04 +0000	[diff] [blame]	363	return fabs(a);
				364	}
				365
commit-queue@webkit.org	95f28be	2016-09-06 21:54:11 +0000	[diff] [blame]	366	int32_t JIT_OPERATION operationArithClz32(ExecState* exec, EncodedJSValue encodedOp1)
				367	{
				368	VM* vm = &exec->vm();
				369	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	370	auto scope = DECLARE_THROW_SCOPE(*vm);
commit-queue@webkit.org	95f28be	2016-09-06 21:54:11 +0000	[diff] [blame]	371
				372	JSValue op1 = JSValue::decode(encodedOp1);
				373	uint32_t value = op1.toUInt32(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	374	RETURN_IF_EXCEPTION(scope, 0);
commit-queue@webkit.org	95f28be	2016-09-06 21:54:11 +0000	[diff] [blame]	375	return clz32(value);
				376	}
				377
commit-queue@webkit.org	ee8d548	2016-08-23 19:09:50 +0000	[diff] [blame]	378	double JIT_OPERATION operationArithCos(ExecState* exec, EncodedJSValue encodedOp1)
				379	{
				380	VM* vm = &exec->vm();
				381	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	382	auto scope = DECLARE_THROW_SCOPE(*vm);
commit-queue@webkit.org	ee8d548	2016-08-23 19:09:50 +0000	[diff] [blame]	383
				384	JSValue op1 = JSValue::decode(encodedOp1);
				385	double a = op1.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	386	RETURN_IF_EXCEPTION(scope, encodedJSValue());
commit-queue@webkit.org	ee8d548	2016-08-23 19:09:50 +0000	[diff] [blame]	387	return cos(a);
				388	}
				389
benjamin@webkit.org	87238e9	2016-08-25 01:21:43 +0000	[diff] [blame]	390	double JIT_OPERATION operationArithFRound(ExecState* exec, EncodedJSValue encodedOp1)
				391	{
				392	VM* vm = &exec->vm();
				393	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	394	auto scope = DECLARE_THROW_SCOPE(*vm);
benjamin@webkit.org	87238e9	2016-08-25 01:21:43 +0000	[diff] [blame]	395
				396	JSValue op1 = JSValue::decode(encodedOp1);
				397	double a = op1.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	398	RETURN_IF_EXCEPTION(scope, PNaN);
benjamin@webkit.org	87238e9	2016-08-25 01:21:43 +0000	[diff] [blame]	399	return static_cast<float>(a);
				400	}
				401
benjamin@webkit.org	770c27f	2016-08-24 02:36:40 +0000	[diff] [blame]	402	double JIT_OPERATION operationArithLog(ExecState* exec, EncodedJSValue encodedOp1)
				403	{
				404	VM* vm = &exec->vm();
				405	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	406	auto scope = DECLARE_THROW_SCOPE(*vm);
benjamin@webkit.org	770c27f	2016-08-24 02:36:40 +0000	[diff] [blame]	407
				408	JSValue op1 = JSValue::decode(encodedOp1);
				409	double a = op1.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	410	RETURN_IF_EXCEPTION(scope, PNaN);
benjamin@webkit.org	770c27f	2016-08-24 02:36:40 +0000	[diff] [blame]	411	return log(a);
				412	}
				413
commit-queue@webkit.org	ee8d548	2016-08-23 19:09:50 +0000	[diff] [blame]	414	double JIT_OPERATION operationArithSin(ExecState* exec, EncodedJSValue encodedOp1)
				415	{
				416	VM* vm = &exec->vm();
				417	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	418	auto scope = DECLARE_THROW_SCOPE(*vm);
commit-queue@webkit.org	ee8d548	2016-08-23 19:09:50 +0000	[diff] [blame]	419
				420	JSValue op1 = JSValue::decode(encodedOp1);
				421	double a = op1.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	422	RETURN_IF_EXCEPTION(scope, PNaN);
commit-queue@webkit.org	ee8d548	2016-08-23 19:09:50 +0000	[diff] [blame]	423	return sin(a);
				424	}
				425
commit-queue@webkit.org	91b902c	2016-08-20 02:00:44 +0000	[diff] [blame]	426	double JIT_OPERATION operationArithSqrt(ExecState* exec, EncodedJSValue encodedOp1)
				427	{
				428	VM* vm = &exec->vm();
				429	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	430	auto scope = DECLARE_THROW_SCOPE(*vm);
commit-queue@webkit.org	91b902c	2016-08-20 02:00:44 +0000	[diff] [blame]	431
				432	JSValue op1 = JSValue::decode(encodedOp1);
				433	double a = op1.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	434	RETURN_IF_EXCEPTION(scope, PNaN);
commit-queue@webkit.org	91b902c	2016-08-20 02:00:44 +0000	[diff] [blame]	435	return sqrt(a);
				436	}
				437
utatane.tea@gmail.com	9917d6a	2016-09-12 22:01:13 +0000	[diff] [blame]	438	double JIT_OPERATION operationArithTan(ExecState* exec, EncodedJSValue encodedOp1)
				439	{
				440	VM* vm = &exec->vm();
				441	NativeCallFrameTracer tracer(vm, exec);
				442	auto scope = DECLARE_THROW_SCOPE(*vm);
				443
				444	JSValue op1 = JSValue::decode(encodedOp1);
				445	double a = op1.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	446	RETURN_IF_EXCEPTION(scope, encodedJSValue());
utatane.tea@gmail.com	9917d6a	2016-09-12 22:01:13 +0000	[diff] [blame]	447	return tan(a);
				448	}
				449
commit-queue@webkit.org	2e9df64	2016-09-20 00:48:39 +0000	[diff] [blame]	450	EncodedJSValue JIT_OPERATION operationArithRound(ExecState* exec, EncodedJSValue encodedArgument)
				451	{
				452	VM* vm = &exec->vm();
				453	NativeCallFrameTracer tracer(vm, exec);
				454	auto scope = DECLARE_THROW_SCOPE(*vm);
				455
				456	JSValue argument = JSValue::decode(encodedArgument);
				457	double valueOfArgument = argument.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	458	RETURN_IF_EXCEPTION(scope, encodedJSValue());
commit-queue@webkit.org	2e9df64	2016-09-20 00:48:39 +0000	[diff] [blame]	459	return JSValue::encode(jsNumber(jsRound(valueOfArgument)));
				460	}
				461
				462	EncodedJSValue JIT_OPERATION operationArithFloor(ExecState* exec, EncodedJSValue encodedArgument)
				463	{
				464	VM* vm = &exec->vm();
				465	NativeCallFrameTracer tracer(vm, exec);
				466	auto scope = DECLARE_THROW_SCOPE(*vm);
				467
				468	JSValue argument = JSValue::decode(encodedArgument);
				469	double valueOfArgument = argument.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	470	RETURN_IF_EXCEPTION(scope, encodedJSValue());
commit-queue@webkit.org	2e9df64	2016-09-20 00:48:39 +0000	[diff] [blame]	471	return JSValue::encode(jsNumber(floor(valueOfArgument)));
				472	}
				473
				474	EncodedJSValue JIT_OPERATION operationArithCeil(ExecState* exec, EncodedJSValue encodedArgument)
				475	{
				476	VM* vm = &exec->vm();
				477	NativeCallFrameTracer tracer(vm, exec);
				478	auto scope = DECLARE_THROW_SCOPE(*vm);
				479
				480	JSValue argument = JSValue::decode(encodedArgument);
				481	double valueOfArgument = argument.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	482	RETURN_IF_EXCEPTION(scope, encodedJSValue());
commit-queue@webkit.org	2e9df64	2016-09-20 00:48:39 +0000	[diff] [blame]	483	return JSValue::encode(jsNumber(ceil(valueOfArgument)));
				484	}
				485
				486	EncodedJSValue JIT_OPERATION operationArithTrunc(ExecState* exec, EncodedJSValue encodedArgument)
				487	{
				488	VM* vm = &exec->vm();
				489	NativeCallFrameTracer tracer(vm, exec);
				490	auto scope = DECLARE_THROW_SCOPE(*vm);
				491
				492	JSValue argument = JSValue::decode(encodedArgument);
				493	double truncatedValueOfArgument = argument.toIntegerPreserveNaN(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	494	RETURN_IF_EXCEPTION(scope, encodedJSValue());
commit-queue@webkit.org	2e9df64	2016-09-20 00:48:39 +0000	[diff] [blame]	495	return JSValue::encode(jsNumber(truncatedValueOfArgument));
				496	}
				497
akling@apple.com	6d3d181	2014-04-26 06:00:43 +0000	[diff] [blame]	498	static ALWAYS_INLINE EncodedJSValue getByVal(ExecState* exec, JSCell* base, uint32_t index)
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	499	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	500	VM& vm = exec->vm();
				501	NativeCallFrameTracer tracer(&vm, exec);
oliver@apple.com	034a5e1	2012-05-01 21:34:53 +0000	[diff] [blame]	502
fpizlo@apple.com	d8dd053	2012-09-13 04:18:52 +0000	[diff] [blame]	503	if (base->isObject()) {
				504	JSObject* object = asObject(base);
				505	if (object->canGetIndexQuickly(index))
				506	return JSValue::encode(object->getIndexQuickly(index));
				507	}
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	508
mhahnenberg@apple.com	c58d54d	2011-12-16 19:06:44 +0000	[diff] [blame]	509	if (isJSString(base) && asString(base)->canGetIndex(index))
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	510	return JSValue::encode(asString(base)->getIndex(exec, index));
				511
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	512	return JSValue::encode(JSValue(base).get(exec, index));
				513	}
				514
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	515	EncodedJSValue JIT_OPERATION operationGetByVal(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedProperty)
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	516	{
akling@apple.com	b6d91ab	2014-02-09 21:33:17 +0000	[diff] [blame]	517	VM& vm = exec->vm();
				518	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	519	auto scope = DECLARE_THROW_SCOPE(vm);
				520
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	521	JSValue baseValue = JSValue::decode(encodedBase);
				522	JSValue property = JSValue::decode(encodedProperty);
				523
				524	if (LIKELY(baseValue.isCell())) {
				525	JSCell* base = baseValue.asCell();
				526
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	527	if (property.isUInt32()) {
				528	scope.release();
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	529	return getByVal(exec, base, property.asUInt32());
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	530	}
				531	if (property.isDouble()) {
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	532	double propertyAsDouble = property.asDouble();
				533	uint32_t propertyAsUInt32 = static_cast<uint32_t>(propertyAsDouble);
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	534	if (propertyAsUInt32 == propertyAsDouble && isIndex(propertyAsUInt32)) {
				535	scope.release();
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	536	return getByVal(exec, base, propertyAsUInt32);
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	537	}
mhahnenberg@apple.com	871ffe6	2013-03-15 21:52:35 +0000	[diff] [blame]	538	} else if (property.isString()) {
akling@apple.com	baca5e8	2014-05-06 00:53:29 +0000	[diff] [blame]	539	Structure& structure = *base->structure(vm);
				540	if (JSCell::canUseFastGetOwnProperty(structure)) {
utatane.tea@gmail.com	e0741fb	2015-06-02 17:36:16 +0000	[diff] [blame]	541	if (RefPtr<AtomicStringImpl> existingAtomicString = asString(property)->toExistingAtomicString(exec)) {
				542	if (JSValue result = base->fastGetOwnProperty(vm, structure, existingAtomicString.get()))
akling@apple.com	cad8904	2014-09-02 22:29:59 +0000	[diff] [blame]	543	return JSValue::encode(result);
				544	}
akling@apple.com	baca5e8	2014-05-06 00:53:29 +0000	[diff] [blame]	545	}
mhahnenberg@apple.com	871ffe6	2013-03-15 21:52:35 +0000	[diff] [blame]	546	}
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	547	}
mhahnenberg@apple.com	871ffe6	2013-03-15 21:52:35 +0000	[diff] [blame]	548
utatane.tea@gmail.com	9f61d13	2015-03-27 11:08:49 +0000	[diff] [blame]	549	baseValue.requireObjectCoercible(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	550	RETURN_IF_EXCEPTION(scope, encodedJSValue());
utatane.tea@gmail.com	e16e15d	2015-03-20 21:35:17 +0000	[diff] [blame]	551	auto propertyName = property.toPropertyKey(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	552	RETURN_IF_EXCEPTION(scope, encodedJSValue());
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	553	scope.release();
utatane.tea@gmail.com	947fa4e	2015-01-31 01:23:56 +0000	[diff] [blame]	554	return JSValue::encode(baseValue.get(exec, propertyName));
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	555	}
				556
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	557	EncodedJSValue JIT_OPERATION operationGetByValCell(ExecState* exec, JSCell* base, EncodedJSValue encodedProperty)
fpizlo@apple.com	dc41f7f	2011-10-09 20:07:36 +0000	[diff] [blame]	558	{
akling@apple.com	b6d91ab	2014-02-09 21:33:17 +0000	[diff] [blame]	559	VM& vm = exec->vm();
				560	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	561	auto scope = DECLARE_THROW_SCOPE(vm);
				562
fpizlo@apple.com	dc41f7f	2011-10-09 20:07:36 +0000	[diff] [blame]	563	JSValue property = JSValue::decode(encodedProperty);
				564
				565	if (property.isUInt32())
				566	return getByVal(exec, base, property.asUInt32());
mhahnenberg@apple.com	871ffe6	2013-03-15 21:52:35 +0000	[diff] [blame]	567	if (property.isDouble()) {
fpizlo@apple.com	dc41f7f	2011-10-09 20:07:36 +0000	[diff] [blame]	568	double propertyAsDouble = property.asDouble();
				569	uint32_t propertyAsUInt32 = static_cast<uint32_t>(propertyAsDouble);
				570	if (propertyAsUInt32 == propertyAsDouble)
				571	return getByVal(exec, base, propertyAsUInt32);
mhahnenberg@apple.com	871ffe6	2013-03-15 21:52:35 +0000	[diff] [blame]	572	} else if (property.isString()) {
akling@apple.com	baca5e8	2014-05-06 00:53:29 +0000	[diff] [blame]	573	Structure& structure = *base->structure(vm);
				574	if (JSCell::canUseFastGetOwnProperty(structure)) {
utatane.tea@gmail.com	e0741fb	2015-06-02 17:36:16 +0000	[diff] [blame]	575	if (RefPtr<AtomicStringImpl> existingAtomicString = asString(property)->toExistingAtomicString(exec)) {
				576	if (JSValue result = base->fastGetOwnProperty(vm, structure, existingAtomicString.get()))
akling@apple.com	cad8904	2014-09-02 22:29:59 +0000	[diff] [blame]	577	return JSValue::encode(result);
				578	}
akling@apple.com	baca5e8	2014-05-06 00:53:29 +0000	[diff] [blame]	579	}
mhahnenberg@apple.com	871ffe6	2013-03-15 21:52:35 +0000	[diff] [blame]	580	}
fpizlo@apple.com	dc41f7f	2011-10-09 20:07:36 +0000	[diff] [blame]	581
utatane.tea@gmail.com	e16e15d	2015-03-20 21:35:17 +0000	[diff] [blame]	582	auto propertyName = property.toPropertyKey(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	583	RETURN_IF_EXCEPTION(scope, encodedJSValue());
utatane.tea@gmail.com	947fa4e	2015-01-31 01:23:56 +0000	[diff] [blame]	584	return JSValue::encode(JSValue(base).get(exec, propertyName));
fpizlo@apple.com	dc41f7f	2011-10-09 20:07:36 +0000	[diff] [blame]	585	}
				586
oliver@apple.com	211b3be	2013-07-25 04:03:39 +0000	[diff] [blame]	587	ALWAYS_INLINE EncodedJSValue getByValCellInt(ExecState* exec, JSCell* base, int32_t index)
fpizlo@apple.com	fa34ff8	2012-09-05 01:27:50 +0000	[diff] [blame]	588	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	589	VM* vm = &exec->vm();
				590	NativeCallFrameTracer tracer(vm, exec);
fpizlo@apple.com	fa34ff8	2012-09-05 01:27:50 +0000	[diff] [blame]	591
				592	if (index < 0) {
				593	// Go the slowest way possible becase negative indices don't use indexed storage.
				594	return JSValue::encode(JSValue(base).get(exec, Identifier::from(exec, index)));
				595	}
				596
				597	// Use this since we know that the value is out of bounds.
sbarati@apple.com	575aa2b	2016-03-04 02:25:30 +0000	[diff] [blame]	598	return JSValue::encode(JSValue(base).get(exec, static_cast<unsigned>(index)));
fpizlo@apple.com	fa34ff8	2012-09-05 01:27:50 +0000	[diff] [blame]	599	}
				600
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	601	EncodedJSValue JIT_OPERATION operationGetByValArrayInt(ExecState* exec, JSArray* base, int32_t index)
oliver@apple.com	211b3be	2013-07-25 04:03:39 +0000	[diff] [blame]	602	{
				603	return getByValCellInt(exec, base, index);
				604	}
				605
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	606	EncodedJSValue JIT_OPERATION operationGetByValStringInt(ExecState* exec, JSString* base, int32_t index)
oliver@apple.com	211b3be	2013-07-25 04:03:39 +0000	[diff] [blame]	607	{
				608	return getByValCellInt(exec, base, index);
				609	}
				610
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	611	void JIT_OPERATION operationPutByValStrict(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedProperty, EncodedJSValue encodedValue)
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	612	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	613	VM* vm = &exec->vm();
				614	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	615
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	616	operationPutByValInternal<true, false>(exec, encodedBase, encodedProperty, encodedValue);
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	617	}
				618
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	619	void JIT_OPERATION operationPutByValNonStrict(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedProperty, EncodedJSValue encodedValue)
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	620	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	621	VM* vm = &exec->vm();
				622	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	623
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	624	operationPutByValInternal<false, false>(exec, encodedBase, encodedProperty, encodedValue);
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	625	}
				626
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	627	void JIT_OPERATION operationPutByValCellStrict(ExecState* exec, JSCell* cell, EncodedJSValue encodedProperty, EncodedJSValue encodedValue)
fpizlo@apple.com	dc41f7f	2011-10-09 20:07:36 +0000	[diff] [blame]	628	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	629	VM* vm = &exec->vm();
				630	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	631
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	632	operationPutByValInternal<true, false>(exec, JSValue::encode(cell), encodedProperty, encodedValue);
fpizlo@apple.com	dc41f7f	2011-10-09 20:07:36 +0000	[diff] [blame]	633	}
				634
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	635	void JIT_OPERATION operationPutByValCellNonStrict(ExecState* exec, JSCell* cell, EncodedJSValue encodedProperty, EncodedJSValue encodedValue)
fpizlo@apple.com	dc41f7f	2011-10-09 20:07:36 +0000	[diff] [blame]	636	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	637	VM* vm = &exec->vm();
				638	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	639
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	640	operationPutByValInternal<false, false>(exec, JSValue::encode(cell), encodedProperty, encodedValue);
fpizlo@apple.com	dc41f7f	2011-10-09 20:07:36 +0000	[diff] [blame]	641	}
				642
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	643	void JIT_OPERATION operationPutByValBeyondArrayBoundsStrict(ExecState* exec, JSObject* array, int32_t index, EncodedJSValue encodedValue)
barraclough@apple.com	e2130ff	2011-06-07 23:03:32 +0000	[diff] [blame]	644	{
mhahnenberg@apple.com	b6f8519	2014-02-27 01:27:18 +0000	[diff] [blame]	645	VM& vm = exec->vm();
				646	NativeCallFrameTracer tracer(&vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	647
fpizlo@apple.com	73fbdf6	2012-05-18 01:34:01 +0000	[diff] [blame]	648	if (index >= 0) {
fpizlo@apple.com	0e9910a	2012-10-09 23:39:53 +0000	[diff] [blame]	649	array->putByIndexInline(exec, index, JSValue::decode(encodedValue), true);
fpizlo@apple.com	73fbdf6	2012-05-18 01:34:01 +0000	[diff] [blame]	650	return;
				651	}
				652
oliver@apple.com	6884841	2014-01-02 20:56:20 +0000	[diff] [blame]	653	PutPropertySlot slot(array, true);
fpizlo@apple.com	73fbdf6	2012-05-18 01:34:01 +0000	[diff] [blame]	654	array->methodTable()->put(
				655	array, exec, Identifier::from(exec, index), JSValue::decode(encodedValue), slot);
barraclough@apple.com	b1db28d8	2012-03-06 07:23:21 +0000	[diff] [blame]	656	}
				657
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	658	void JIT_OPERATION operationPutByValBeyondArrayBoundsNonStrict(ExecState* exec, JSObject* array, int32_t index, EncodedJSValue encodedValue)
barraclough@apple.com	b1db28d8	2012-03-06 07:23:21 +0000	[diff] [blame]	659	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	660	VM* vm = &exec->vm();
				661	NativeCallFrameTracer tracer(vm, exec);
barraclough@apple.com	b1db28d8	2012-03-06 07:23:21 +0000	[diff] [blame]	662
fpizlo@apple.com	73fbdf6	2012-05-18 01:34:01 +0000	[diff] [blame]	663	if (index >= 0) {
fpizlo@apple.com	0e9910a	2012-10-09 23:39:53 +0000	[diff] [blame]	664	array->putByIndexInline(exec, index, JSValue::decode(encodedValue), false);
fpizlo@apple.com	73fbdf6	2012-05-18 01:34:01 +0000	[diff] [blame]	665	return;
				666	}
				667
oliver@apple.com	6884841	2014-01-02 20:56:20 +0000	[diff] [blame]	668	PutPropertySlot slot(array, false);
fpizlo@apple.com	73fbdf6	2012-05-18 01:34:01 +0000	[diff] [blame]	669	array->methodTable()->put(
				670	array, exec, Identifier::from(exec, index), JSValue::decode(encodedValue), slot);
barraclough@apple.com	e2130ff	2011-06-07 23:03:32 +0000	[diff] [blame]	671	}
				672
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	673	void JIT_OPERATION operationPutDoubleByValBeyondArrayBoundsStrict(ExecState* exec, JSObject* array, int32_t index, double value)
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	674	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	675	VM* vm = &exec->vm();
				676	NativeCallFrameTracer tracer(vm, exec);
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	677
				678	JSValue jsValue = JSValue(JSValue::EncodeAsDouble, value);
				679
				680	if (index >= 0) {
				681	array->putByIndexInline(exec, index, jsValue, true);
				682	return;
				683	}
				684
oliver@apple.com	6884841	2014-01-02 20:56:20 +0000	[diff] [blame]	685	PutPropertySlot slot(array, true);
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	686	array->methodTable()->put(
				687	array, exec, Identifier::from(exec, index), jsValue, slot);
				688	}
				689
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	690	void JIT_OPERATION operationPutDoubleByValBeyondArrayBoundsNonStrict(ExecState* exec, JSObject* array, int32_t index, double value)
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	691	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	692	VM* vm = &exec->vm();
				693	NativeCallFrameTracer tracer(vm, exec);
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	694
				695	JSValue jsValue = JSValue(JSValue::EncodeAsDouble, value);
				696
				697	if (index >= 0) {
				698	array->putByIndexInline(exec, index, jsValue, false);
				699	return;
				700	}
				701
oliver@apple.com	6884841	2014-01-02 20:56:20 +0000	[diff] [blame]	702	PutPropertySlot slot(array, false);
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	703	array->methodTable()->put(
				704	array, exec, Identifier::from(exec, index), jsValue, slot);
				705	}
				706
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	707	void JIT_OPERATION operationPutByValDirectStrict(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedProperty, EncodedJSValue encodedValue)
				708	{
				709	VM* vm = &exec->vm();
				710	NativeCallFrameTracer tracer(vm, exec);
				711
				712	operationPutByValInternal<true, true>(exec, encodedBase, encodedProperty, encodedValue);
				713	}
				714
				715	void JIT_OPERATION operationPutByValDirectNonStrict(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedProperty, EncodedJSValue encodedValue)
				716	{
				717	VM* vm = &exec->vm();
				718	NativeCallFrameTracer tracer(vm, exec);
				719
				720	operationPutByValInternal<false, true>(exec, encodedBase, encodedProperty, encodedValue);
				721	}
				722
				723	void JIT_OPERATION operationPutByValDirectCellStrict(ExecState* exec, JSCell* cell, EncodedJSValue encodedProperty, EncodedJSValue encodedValue)
				724	{
				725	VM* vm = &exec->vm();
				726	NativeCallFrameTracer tracer(vm, exec);
				727
				728	operationPutByValInternal<true, true>(exec, JSValue::encode(cell), encodedProperty, encodedValue);
				729	}
				730
				731	void JIT_OPERATION operationPutByValDirectCellNonStrict(ExecState* exec, JSCell* cell, EncodedJSValue encodedProperty, EncodedJSValue encodedValue)
				732	{
				733	VM* vm = &exec->vm();
				734	NativeCallFrameTracer tracer(vm, exec);
				735
				736	operationPutByValInternal<false, true>(exec, JSValue::encode(cell), encodedProperty, encodedValue);
				737	}
				738
				739	void JIT_OPERATION operationPutByValDirectBeyondArrayBoundsStrict(ExecState* exec, JSObject* array, int32_t index, EncodedJSValue encodedValue)
				740	{
				741	VM* vm = &exec->vm();
				742	NativeCallFrameTracer tracer(vm, exec);
				743	if (index >= 0) {
				744	array->putDirectIndex(exec, index, JSValue::decode(encodedValue), 0, PutDirectIndexShouldThrow);
				745	return;
				746	}
				747
oliver@apple.com	6884841	2014-01-02 20:56:20 +0000	[diff] [blame]	748	PutPropertySlot slot(array, true);
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	749	array->putDirect(exec->vm(), Identifier::from(exec, index), JSValue::decode(encodedValue), slot);
				750	}
				751
				752	void JIT_OPERATION operationPutByValDirectBeyondArrayBoundsNonStrict(ExecState* exec, JSObject* array, int32_t index, EncodedJSValue encodedValue)
				753	{
				754	VM* vm = &exec->vm();
				755	NativeCallFrameTracer tracer(vm, exec);
				756
				757	if (index >= 0) {
				758	array->putDirectIndex(exec, index, JSValue::decode(encodedValue));
				759	return;
				760	}
				761
oliver@apple.com	6884841	2014-01-02 20:56:20 +0000	[diff] [blame]	762	PutPropertySlot slot(array, false);
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	763	array->putDirect(exec->vm(), Identifier::from(exec, index), JSValue::decode(encodedValue), slot);
				764	}
				765
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	766	EncodedJSValue JIT_OPERATION operationArrayPush(ExecState* exec, EncodedJSValue encodedValue, JSArray* array)
fpizlo@apple.com	24d24e5	2011-10-04 02:55:54 +0000	[diff] [blame]	767	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	768	VM* vm = &exec->vm();
				769	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	770
fpizlo@apple.com	24d24e5	2011-10-04 02:55:54 +0000	[diff] [blame]	771	array->push(exec, JSValue::decode(encodedValue));
				772	return JSValue::encode(jsNumber(array->length()));
				773	}
barraclough@apple.com	077fdd4	2012-03-18 01:08:16 +0000	[diff] [blame]	774
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	775	EncodedJSValue JIT_OPERATION operationArrayPushDouble(ExecState* exec, double value, JSArray* array)
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	776	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	777	VM* vm = &exec->vm();
				778	NativeCallFrameTracer tracer(vm, exec);
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	779
				780	array->push(exec, JSValue(JSValue::EncodeAsDouble, value));
				781	return JSValue::encode(jsNumber(array->length()));
				782	}
				783
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	784	EncodedJSValue JIT_OPERATION operationArrayPop(ExecState* exec, JSArray* array)
fpizlo@apple.com	04c1974	2012-08-26 22:35:26 +0000	[diff] [blame]	785	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	786	VM* vm = &exec->vm();
				787	NativeCallFrameTracer tracer(vm, exec);
fpizlo@apple.com	04c1974	2012-08-26 22:35:26 +0000	[diff] [blame]	788
				789	return JSValue::encode(array->pop(exec));
				790	}
				791
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	792	EncodedJSValue JIT_OPERATION operationArrayPopAndRecoverLength(ExecState* exec, JSArray* array)
fpizlo@apple.com	0e9910a	2012-10-09 23:39:53 +0000	[diff] [blame]	793	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	794	VM* vm = &exec->vm();
				795	NativeCallFrameTracer tracer(vm, exec);
fpizlo@apple.com	0e9910a	2012-10-09 23:39:53 +0000	[diff] [blame]	796
				797	array->butterfly()->setPublicLength(array->butterfly()->publicLength() + 1);
				798
				799	return JSValue::encode(array->pop(exec));
				800	}
				801
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	802	EncodedJSValue JIT_OPERATION operationRegExpExecString(ExecState* exec, JSGlobalObject* globalObject, RegExpObject* regExpObject, JSString* argument)
barraclough@apple.com	077fdd4	2012-03-18 01:08:16 +0000	[diff] [blame]	803	{
fpizlo@apple.com	5e29b76	2016-03-18 00:53:24 +0000	[diff] [blame]	804	SuperSamplerScope superSamplerScope(false);
				805
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	806	VM& vm = globalObject->vm();
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	807	NativeCallFrameTracer tracer(&vm, exec);
oliver@apple.com	034a5e1	2012-05-01 21:34:53 +0000	[diff] [blame]	808
fpizlo@apple.com	6ea42db	2016-03-08 21:15:07 +0000	[diff] [blame]	809	return JSValue::encode(regExpObject->execInline(exec, globalObject, argument));
fpizlo@apple.com	7fdfeed	2016-03-06 00:48:11 +0000	[diff] [blame]	810	}
				811
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	812	EncodedJSValue JIT_OPERATION operationRegExpExec(ExecState* exec, JSGlobalObject* globalObject, RegExpObject* regExpObject, EncodedJSValue encodedArgument)
fpizlo@apple.com	7fdfeed	2016-03-06 00:48:11 +0000	[diff] [blame]	813	{
fpizlo@apple.com	5e29b76	2016-03-18 00:53:24 +0000	[diff] [blame]	814	SuperSamplerScope superSamplerScope(false);
				815
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	816	VM& vm = globalObject->vm();
fpizlo@apple.com	7fdfeed	2016-03-06 00:48:11 +0000	[diff] [blame]	817	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	80bd9ec	2016-11-14 19:26:20 +0000	[diff] [blame]	818	auto scope = DECLARE_THROW_SCOPE(vm);
fpizlo@apple.com	7fdfeed	2016-03-06 00:48:11 +0000	[diff] [blame]	819
				820	JSValue argument = JSValue::decode(encodedArgument);
barraclough@apple.com	077fdd4	2012-03-18 01:08:16 +0000	[diff] [blame]	821
fpizlo@apple.com	7fdfeed	2016-03-06 00:48:11 +0000	[diff] [blame]	822	JSString* input = argument.toStringOrNull(exec);
mark.lam@apple.com	80bd9ec	2016-11-14 19:26:20 +0000	[diff] [blame]	823	ASSERT(!!scope.exception() == !input);
fpizlo@apple.com	7fdfeed	2016-03-06 00:48:11 +0000	[diff] [blame]	824	if (!input)
mark.lam@apple.com	80bd9ec	2016-11-14 19:26:20 +0000	[diff] [blame]	825	return encodedJSValue();
				826	scope.release();
fpizlo@apple.com	6ea42db	2016-03-08 21:15:07 +0000	[diff] [blame]	827	return JSValue::encode(regExpObject->execInline(exec, globalObject, input));
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	828	}
				829
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	830	EncodedJSValue JIT_OPERATION operationRegExpExecGeneric(ExecState* exec, JSGlobalObject* globalObject, EncodedJSValue encodedBase, EncodedJSValue encodedArgument)
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	831	{
fpizlo@apple.com	5e29b76	2016-03-18 00:53:24 +0000	[diff] [blame]	832	SuperSamplerScope superSamplerScope(false);
				833
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	834	VM& vm = globalObject->vm();
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	835	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	836	auto scope = DECLARE_THROW_SCOPE(vm);
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	837
				838	JSValue base = JSValue::decode(encodedBase);
				839	JSValue argument = JSValue::decode(encodedArgument);
				840
				841	if (!base.inherits(RegExpObject::info()))
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	842	return throwVMTypeError(exec, scope);
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	843
				844	JSString* input = argument.toStringOrNull(exec);
mark.lam@apple.com	80bd9ec	2016-11-14 19:26:20 +0000	[diff] [blame]	845	ASSERT(!!scope.exception() == !input);
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	846	if (!input)
				847	return JSValue::encode(jsUndefined());
mark.lam@apple.com	80bd9ec	2016-11-14 19:26:20 +0000	[diff] [blame]	848	scope.release();
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	849	return JSValue::encode(asRegExpObject(base)->exec(exec, globalObject, input));
barraclough@apple.com	077fdd4	2012-03-18 01:08:16 +0000	[diff] [blame]	850	}
				851
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	852	size_t JIT_OPERATION operationRegExpTestString(ExecState* exec, JSGlobalObject* globalObject, RegExpObject* regExpObject, JSString* input)
barraclough@apple.com	077fdd4	2012-03-18 01:08:16 +0000	[diff] [blame]	853	{
fpizlo@apple.com	5e29b76	2016-03-18 00:53:24 +0000	[diff] [blame]	854	SuperSamplerScope superSamplerScope(false);
				855
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	856	VM& vm = globalObject->vm();
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	857	NativeCallFrameTracer tracer(&vm, exec);
oliver@apple.com	034a5e1	2012-05-01 21:34:53 +0000	[diff] [blame]	858
fpizlo@apple.com	6ea42db	2016-03-08 21:15:07 +0000	[diff] [blame]	859	return regExpObject->testInline(exec, globalObject, input);
fpizlo@apple.com	7fdfeed	2016-03-06 00:48:11 +0000	[diff] [blame]	860	}
barraclough@apple.com	077fdd4	2012-03-18 01:08:16 +0000	[diff] [blame]	861
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	862	size_t JIT_OPERATION operationRegExpTest(ExecState* exec, JSGlobalObject* globalObject, RegExpObject* regExpObject, EncodedJSValue encodedArgument)
fpizlo@apple.com	7fdfeed	2016-03-06 00:48:11 +0000	[diff] [blame]	863	{
fpizlo@apple.com	5e29b76	2016-03-18 00:53:24 +0000	[diff] [blame]	864	SuperSamplerScope superSamplerScope(false);
				865
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	866	VM& vm = globalObject->vm();
fpizlo@apple.com	7fdfeed	2016-03-06 00:48:11 +0000	[diff] [blame]	867	NativeCallFrameTracer tracer(&vm, exec);
				868
				869	JSValue argument = JSValue::decode(encodedArgument);
				870
				871	JSString* input = argument.toStringOrNull(exec);
				872	if (!input)
				873	return false;
fpizlo@apple.com	6ea42db	2016-03-08 21:15:07 +0000	[diff] [blame]	874	return regExpObject->testInline(exec, globalObject, input);
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	875	}
				876
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	877	size_t JIT_OPERATION operationRegExpTestGeneric(ExecState* exec, JSGlobalObject* globalObject, EncodedJSValue encodedBase, EncodedJSValue encodedArgument)
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	878	{
fpizlo@apple.com	57aea1c	2016-04-11 18:20:59 +0000	[diff] [blame]	879	SuperSamplerScope superSamplerScope(false);
fpizlo@apple.com	5e29b76	2016-03-18 00:53:24 +0000	[diff] [blame]	880
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	881	VM& vm = globalObject->vm();
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	882	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	883	auto scope = DECLARE_THROW_SCOPE(vm);
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	884
				885	JSValue base = JSValue::decode(encodedBase);
				886	JSValue argument = JSValue::decode(encodedArgument);
				887
				888	if (!base.inherits(RegExpObject::info())) {
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	889	throwTypeError(exec, scope);
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	890	return false;
				891	}
				892
				893	JSString* input = argument.toStringOrNull(exec);
mark.lam@apple.com	80bd9ec	2016-11-14 19:26:20 +0000	[diff] [blame]	894	ASSERT(!!scope.exception() == !input);
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	895	if (!input)
				896	return false;
mark.lam@apple.com	80bd9ec	2016-11-14 19:26:20 +0000	[diff] [blame]	897	scope.release();
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	898	return asRegExpObject(base)->test(exec, globalObject, input);
barraclough@apple.com	077fdd4	2012-03-18 01:08:16 +0000	[diff] [blame]	899	}
fpizlo@apple.com	ee10e45	2013-04-09 00:10:16 +0000	[diff] [blame]	900
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	901	size_t JIT_OPERATION operationCompareStrictEqCell(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
commit-queue@webkit.org	6efa2ca	2011-07-19 00:36:37 +0000	[diff] [blame]	902	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	903	VM* vm = &exec->vm();
				904	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	905
commit-queue@webkit.org	6efa2ca	2011-07-19 00:36:37 +0000	[diff] [blame]	906	JSValue op1 = JSValue::decode(encodedOp1);
				907	JSValue op2 = JSValue::decode(encodedOp2);
				908
				909	ASSERT(op1.isCell());
				910	ASSERT(op2.isCell());
				911
				912	return JSValue::strictEqualSlowCaseInline(exec, op1, op2);
				913	}
				914
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	915	size_t JIT_OPERATION operationCompareStrictEq(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
barraclough@apple.com	848a0cc	2011-04-08 20:33:24 +0000	[diff] [blame]	916	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	917	VM* vm = &exec->vm();
				918	NativeCallFrameTracer tracer(vm, exec);
fpizlo@apple.com	82acbbf	2012-02-28 00:37:58 +0000	[diff] [blame]	919
				920	JSValue src1 = JSValue::decode(encodedOp1);
				921	JSValue src2 = JSValue::decode(encodedOp2);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	922
fpizlo@apple.com	82acbbf	2012-02-28 00:37:58 +0000	[diff] [blame]	923	return JSValue::strictEqual(exec, src1, src2);
barraclough@apple.com	848a0cc	2011-04-08 20:33:24 +0000	[diff] [blame]	924	}
				925
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	926	EncodedJSValue JIT_OPERATION operationToPrimitive(ExecState* exec, EncodedJSValue value)
fpizlo@apple.com	90e5f0e	2011-09-22 22:42:54 +0000	[diff] [blame]	927	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	928	VM* vm = &exec->vm();
				929	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	930
fpizlo@apple.com	90e5f0e	2011-09-22 22:42:54 +0000	[diff] [blame]	931	return JSValue::encode(JSValue::decode(value).toPrimitive(exec));
				932	}
				933
utatane.tea@gmail.com	db32c54	2016-06-30 15:26:47 +0000	[diff] [blame]	934	EncodedJSValue JIT_OPERATION operationToNumber(ExecState* exec, EncodedJSValue value)
				935	{
				936	VM* vm = &exec->vm();
				937	NativeCallFrameTracer tracer(vm, exec);
				938
				939	return JSValue::encode(jsNumber(JSValue::decode(value).toNumber(exec)));
				940	}
				941
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	942	EncodedJSValue JIT_OPERATION operationGetByIdWithThis(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedThis, UniquedStringImpl* impl)
				943	{
				944	VM& vm = exec->vm();
				945	NativeCallFrameTracer tracer(&vm, exec);
				946
				947	JSValue baseValue = JSValue::decode(encodedBase);
				948	JSValue thisVal = JSValue::decode(encodedThis);
				949	PropertySlot slot(thisVal, PropertySlot::PropertySlot::InternalMethodType::Get);
				950	JSValue result = baseValue.get(exec, Identifier::fromUid(exec, impl), slot);
				951	return JSValue::encode(result);
				952	}
				953
				954	EncodedJSValue JIT_OPERATION operationGetByValWithThis(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedThis, EncodedJSValue encodedSubscript)
				955	{
				956	VM& vm = exec->vm();
				957	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	958	auto scope = DECLARE_THROW_SCOPE(vm);
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	959
				960	JSValue baseValue = JSValue::decode(encodedBase);
				961	JSValue thisVal = JSValue::decode(encodedThis);
				962	JSValue subscript = JSValue::decode(encodedSubscript);
				963
				964	if (LIKELY(baseValue.isCell() && subscript.isString())) {
				965	Structure& structure = *baseValue.asCell()->structure(vm);
				966	if (JSCell::canUseFastGetOwnProperty(structure)) {
				967	if (RefPtr<AtomicStringImpl> existingAtomicString = asString(subscript)->toExistingAtomicString(exec)) {
				968	if (JSValue result = baseValue.asCell()->fastGetOwnProperty(vm, structure, existingAtomicString.get()))
				969	return JSValue::encode(result);
				970	}
				971	}
				972	}
				973
				974	PropertySlot slot(thisVal, PropertySlot::PropertySlot::InternalMethodType::Get);
				975	if (subscript.isUInt32()) {
				976	uint32_t i = subscript.asUInt32();
				977	if (isJSString(baseValue) && asString(baseValue)->canGetIndex(i))
				978	return JSValue::encode(asString(baseValue)->getIndex(exec, i));
				979
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	980	scope.release();
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	981	return JSValue::encode(baseValue.get(exec, i, slot));
				982	}
				983
				984	baseValue.requireObjectCoercible(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	985	RETURN_IF_EXCEPTION(scope, encodedJSValue());
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	986
				987	auto property = subscript.toPropertyKey(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	988	RETURN_IF_EXCEPTION(scope, encodedJSValue());
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	989	scope.release();
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	990	return JSValue::encode(baseValue.get(exec, property, slot));
				991	}
				992
				993	void JIT_OPERATION operationPutByIdWithThisStrict(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedThis, EncodedJSValue encodedValue, UniquedStringImpl* impl)
				994	{
				995	VM& vm = exec->vm();
				996	NativeCallFrameTracer tracer(&vm, exec);
				997
				998	putWithThis<true>(exec, encodedBase, encodedThis, encodedValue, Identifier::fromUid(exec, impl));
				999	}
				1000
				1001	void JIT_OPERATION operationPutByIdWithThis(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedThis, EncodedJSValue encodedValue, UniquedStringImpl* impl)
				1002	{
				1003	VM& vm = exec->vm();
				1004	NativeCallFrameTracer tracer(&vm, exec);
				1005
				1006	putWithThis<false>(exec, encodedBase, encodedThis, encodedValue, Identifier::fromUid(exec, impl));
				1007	}
				1008
				1009	void JIT_OPERATION operationPutByValWithThisStrict(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedThis, EncodedJSValue encodedSubscript, EncodedJSValue encodedValue)
				1010	{
				1011	VM& vm = exec->vm();
				1012	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	1013	auto scope = DECLARE_THROW_SCOPE(vm);
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	1014
				1015	Identifier property = JSValue::decode(encodedSubscript).toPropertyKey(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	1016	RETURN_IF_EXCEPTION(scope, void());
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	1017	scope.release();
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	1018	putWithThis<true>(exec, encodedBase, encodedThis, encodedValue, property);
				1019	}
				1020
				1021	void JIT_OPERATION operationPutByValWithThis(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedThis, EncodedJSValue encodedSubscript, EncodedJSValue encodedValue)
				1022	{
				1023	VM& vm = exec->vm();
				1024	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	1025	auto scope = DECLARE_THROW_SCOPE(vm);
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	1026
				1027	Identifier property = JSValue::decode(encodedSubscript).toPropertyKey(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	1028	RETURN_IF_EXCEPTION(scope, void());
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	1029	scope.release();
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	1030	putWithThis<false>(exec, encodedBase, encodedThis, encodedValue, property);
				1031	}
				1032
utatane.tea@gmail.com	f7db559	2016-10-04 19:31:24 +0000	[diff] [blame]	1033	ALWAYS_INLINE static void defineDataProperty(ExecState* exec, VM& vm, JSObject* base, const Identifier& propertyName, JSValue value, int32_t attributes)
				1034	{
				1035	PropertyDescriptor descriptor = toPropertyDescriptor(value, jsUndefined(), jsUndefined(), DefinePropertyAttributes(attributes));
				1036	ASSERT((descriptor.attributes() & Accessor) \|\| (!descriptor.isAccessorDescriptor()));
				1037	if (base->methodTable(vm)->defineOwnProperty == JSObject::defineOwnProperty)
				1038	JSObject::defineOwnProperty(base, exec, propertyName, descriptor, true);
				1039	else
				1040	base->methodTable(vm)->defineOwnProperty(base, exec, propertyName, descriptor, true);
				1041	}
				1042
				1043	void JIT_OPERATION operationDefineDataProperty(ExecState* exec, JSObject* base, EncodedJSValue encodedProperty, EncodedJSValue encodedValue, int32_t attributes)
				1044	{
				1045	VM& vm = exec->vm();
				1046	NativeCallFrameTracer tracer(&vm, exec);
				1047	auto scope = DECLARE_THROW_SCOPE(vm);
				1048
				1049	Identifier propertyName = JSValue::decode(encodedProperty).toPropertyKey(exec);
				1050	RETURN_IF_EXCEPTION(scope, void());
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	1051	scope.release();
utatane.tea@gmail.com	f7db559	2016-10-04 19:31:24 +0000	[diff] [blame]	1052	defineDataProperty(exec, vm, base, propertyName, JSValue::decode(encodedValue), attributes);
				1053	}
				1054
				1055	void JIT_OPERATION operationDefineDataPropertyString(ExecState* exec, JSObject* base, JSString* property, EncodedJSValue encodedValue, int32_t attributes)
				1056	{
				1057	VM& vm = exec->vm();
				1058	NativeCallFrameTracer tracer(&vm, exec);
				1059	auto scope = DECLARE_THROW_SCOPE(vm);
				1060
				1061	Identifier propertyName = property->toIdentifier(exec);
				1062	RETURN_IF_EXCEPTION(scope, void());
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	1063	scope.release();
utatane.tea@gmail.com	f7db559	2016-10-04 19:31:24 +0000	[diff] [blame]	1064	defineDataProperty(exec, vm, base, propertyName, JSValue::decode(encodedValue), attributes);
				1065	}
				1066
				1067	void JIT_OPERATION operationDefineDataPropertyStringIdent(ExecState* exec, JSObject* base, UniquedStringImpl* property, EncodedJSValue encodedValue, int32_t attributes)
				1068	{
				1069	VM& vm = exec->vm();
				1070	NativeCallFrameTracer tracer(&vm, exec);
				1071	defineDataProperty(exec, vm, base, Identifier::fromUid(&vm, property), JSValue::decode(encodedValue), attributes);
				1072	}
				1073
				1074	void JIT_OPERATION operationDefineDataPropertySymbol(ExecState* exec, JSObject* base, Symbol* property, EncodedJSValue encodedValue, int32_t attributes)
				1075	{
				1076	VM& vm = exec->vm();
				1077	NativeCallFrameTracer tracer(&vm, exec);
				1078	defineDataProperty(exec, vm, base, Identifier::fromUid(property->privateName()), JSValue::decode(encodedValue), attributes);
				1079	}
				1080
				1081	ALWAYS_INLINE static void defineAccessorProperty(ExecState* exec, VM& vm, JSObject* base, const Identifier& propertyName, JSObject* getter, JSObject* setter, int32_t attributes)
				1082	{
				1083	PropertyDescriptor descriptor = toPropertyDescriptor(jsUndefined(), getter, setter, DefinePropertyAttributes(attributes));
				1084	ASSERT((descriptor.attributes() & Accessor) \|\| (!descriptor.isAccessorDescriptor()));
				1085	if (base->methodTable(vm)->defineOwnProperty == JSObject::defineOwnProperty)
				1086	JSObject::defineOwnProperty(base, exec, propertyName, descriptor, true);
				1087	else
				1088	base->methodTable(vm)->defineOwnProperty(base, exec, propertyName, descriptor, true);
				1089	}
				1090
				1091	void JIT_OPERATION operationDefineAccessorProperty(ExecState* exec, JSObject* base, EncodedJSValue encodedProperty, JSObject* getter, JSObject* setter, int32_t attributes)
				1092	{
				1093	VM& vm = exec->vm();
				1094	NativeCallFrameTracer tracer(&vm, exec);
				1095	auto scope = DECLARE_THROW_SCOPE(vm);
				1096
				1097	Identifier propertyName = JSValue::decode(encodedProperty).toPropertyKey(exec);
				1098	RETURN_IF_EXCEPTION(scope, void());
				1099	defineAccessorProperty(exec, vm, base, propertyName, getter, setter, attributes);
				1100	}
				1101
				1102	void JIT_OPERATION operationDefineAccessorPropertyString(ExecState* exec, JSObject* base, JSString* property, JSObject* getter, JSObject* setter, int32_t attributes)
				1103	{
				1104	VM& vm = exec->vm();
				1105	NativeCallFrameTracer tracer(&vm, exec);
				1106	auto scope = DECLARE_THROW_SCOPE(vm);
				1107
				1108	Identifier propertyName = property->toIdentifier(exec);
				1109	RETURN_IF_EXCEPTION(scope, void());
				1110	defineAccessorProperty(exec, vm, base, propertyName, getter, setter, attributes);
				1111	}
				1112
				1113	void JIT_OPERATION operationDefineAccessorPropertyStringIdent(ExecState* exec, JSObject* base, UniquedStringImpl* property, JSObject* getter, JSObject* setter, int32_t attributes)
				1114	{
				1115	VM& vm = exec->vm();
				1116	NativeCallFrameTracer tracer(&vm, exec);
				1117	defineAccessorProperty(exec, vm, base, Identifier::fromUid(&vm, property), getter, setter, attributes);
				1118	}
				1119
				1120	void JIT_OPERATION operationDefineAccessorPropertySymbol(ExecState* exec, JSObject* base, Symbol* property, JSObject* getter, JSObject* setter, int32_t attributes)
				1121	{
				1122	VM& vm = exec->vm();
				1123	NativeCallFrameTracer tracer(&vm, exec);
				1124	defineAccessorProperty(exec, vm, base, Identifier::fromUid(property->privateName()), getter, setter, attributes);
				1125	}
				1126
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1127	char* JIT_OPERATION operationNewArray(ExecState* exec, Structure* arrayStructure, void* buffer, size_t size)
fpizlo@apple.com	98a693c	2011-09-28 05:33:21 +0000	[diff] [blame]	1128	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1129	VM* vm = &exec->vm();
				1130	NativeCallFrameTracer tracer(vm, exec);
fpizlo@apple.com	1bc6848	2012-10-13 03:56:09 +0000	[diff] [blame]	1131
fpizlo@apple.com	59d1ddb	2013-11-05 00:05:02 +0000	[diff] [blame]	1132	return bitwise_cast<char>(constructArray(exec, arrayStructure, static_cast<JSValue>(buffer), size));
fpizlo@apple.com	6c89cd3	2012-06-26 19:42:05 +0000	[diff] [blame]	1133	}
				1134
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1135	char* JIT_OPERATION operationNewEmptyArray(ExecState* exec, Structure* arrayStructure)
fpizlo@apple.com	6c89cd3	2012-06-26 19:42:05 +0000	[diff] [blame]	1136	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1137	VM* vm = &exec->vm();
				1138	NativeCallFrameTracer tracer(vm, exec);
fpizlo@apple.com	1bc6848	2012-10-13 03:56:09 +0000	[diff] [blame]	1139
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1140	return bitwise_cast<char>(JSArray::create(vm, arrayStructure));
fpizlo@apple.com	6c89cd3	2012-06-26 19:42:05 +0000	[diff] [blame]	1141	}
				1142
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1143	char* JIT_OPERATION operationNewArrayWithSize(ExecState* exec, Structure* arrayStructure, int32_t size, Butterfly* butterfly)
fpizlo@apple.com	6c89cd3	2012-06-26 19:42:05 +0000	[diff] [blame]	1144	{
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1145	VM& vm = exec->vm();
				1146	NativeCallFrameTracer tracer(&vm, exec);
				1147	auto scope = DECLARE_THROW_SCOPE(vm);
msaboff@apple.com	51d65f2	2013-04-10 20:01:14 +0000	[diff] [blame]	1148
msaboff@apple.com	6ebf3b8	2013-04-11 16:19:35 +0000	[diff] [blame]	1149	if (UNLIKELY(size < 0))
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	1150	return bitwise_cast<char*>(throwException(exec, scope, createRangeError(exec, ASCIILiteral("Array size is not a small enough positive integer."))));
msaboff@apple.com	51d65f2	2013-04-10 20:01:14 +0000	[diff] [blame]	1151
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1152	JSArray* result;
				1153	if (butterfly)
fpizlo@apple.com	9a17595	2016-09-28 21:55:53 +0000	[diff] [blame]	1154	result = JSArray::createWithButterfly(vm, nullptr, arrayStructure, butterfly);
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1155	else
				1156	result = JSArray::create(vm, arrayStructure, size);
fpizlo@apple.com	8dde06b	2015-10-12 22:41:01 +0000	[diff] [blame]	1157	return bitwise_cast<char*>(result);
fpizlo@apple.com	98a693c	2011-09-28 05:33:21 +0000	[diff] [blame]	1158	}
				1159
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1160	char* JIT_OPERATION operationNewArrayBuffer(ExecState* exec, Structure* arrayStructure, size_t start, size_t size)
fpizlo@apple.com	98a693c	2011-09-28 05:33:21 +0000	[diff] [blame]	1161	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1162	VM& vm = exec->vm();
				1163	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	59d1ddb	2013-11-05 00:05:02 +0000	[diff] [blame]	1164	return bitwise_cast<char*>(constructArray(exec, arrayStructure, exec->codeBlock()->constantBuffer(start), size));
fpizlo@apple.com	98a693c	2011-09-28 05:33:21 +0000	[diff] [blame]	1165	}
				1166
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1167	char* JIT_OPERATION operationNewInt8ArrayWithSize(
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1168	ExecState* exec, Structure* structure, int32_t length, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1169	{
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1170	return newTypedArrayWithSize<JSInt8Array>(exec, structure, length, vector);
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1171	}
				1172
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1173	char* JIT_OPERATION operationNewInt8ArrayWithOneArgument(
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1174	ExecState* exec, Structure* structure, EncodedJSValue encodedValue)
				1175	{
fpizlo@apple.com	39303e0	2016-04-05 22:17:35 +0000	[diff] [blame]	1176	VM& vm = exec->vm();
				1177	NativeCallFrameTracer tracer(&vm, exec);
utatane.tea@gmail.com	4392696	2016-11-27 06:08:16 +0000	[diff] [blame]	1178	return reinterpret_cast<char*>(constructGenericTypedArrayViewWithArguments<JSInt8Array>(exec, structure, encodedValue, 0, std::nullopt));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1179	}
				1180
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1181	char* JIT_OPERATION operationNewInt16ArrayWithSize(
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1182	ExecState* exec, Structure* structure, int32_t length, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1183	{
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1184	return newTypedArrayWithSize<JSInt16Array>(exec, structure, length, vector);
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1185	}
				1186
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1187	char* JIT_OPERATION operationNewInt16ArrayWithOneArgument(
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1188	ExecState* exec, Structure* structure, EncodedJSValue encodedValue)
				1189	{
fpizlo@apple.com	39303e0	2016-04-05 22:17:35 +0000	[diff] [blame]	1190	VM& vm = exec->vm();
				1191	NativeCallFrameTracer tracer(&vm, exec);
utatane.tea@gmail.com	4392696	2016-11-27 06:08:16 +0000	[diff] [blame]	1192	return reinterpret_cast<char*>(constructGenericTypedArrayViewWithArguments<JSInt16Array>(exec, structure, encodedValue, 0, std::nullopt));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1193	}
				1194
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1195	char* JIT_OPERATION operationNewInt32ArrayWithSize(
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1196	ExecState* exec, Structure* structure, int32_t length, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1197	{
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1198	return newTypedArrayWithSize<JSInt32Array>(exec, structure, length, vector);
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1199	}
				1200
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1201	char* JIT_OPERATION operationNewInt32ArrayWithOneArgument(
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1202	ExecState* exec, Structure* structure, EncodedJSValue encodedValue)
				1203	{
fpizlo@apple.com	39303e0	2016-04-05 22:17:35 +0000	[diff] [blame]	1204	VM& vm = exec->vm();
				1205	NativeCallFrameTracer tracer(&vm, exec);
utatane.tea@gmail.com	4392696	2016-11-27 06:08:16 +0000	[diff] [blame]	1206	return reinterpret_cast<char*>(constructGenericTypedArrayViewWithArguments<JSInt32Array>(exec, structure, encodedValue, 0, std::nullopt));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1207	}
				1208
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1209	char* JIT_OPERATION operationNewUint8ArrayWithSize(
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1210	ExecState* exec, Structure* structure, int32_t length, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1211	{
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1212	return newTypedArrayWithSize<JSUint8Array>(exec, structure, length, vector);
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1213	}
				1214
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1215	char* JIT_OPERATION operationNewUint8ArrayWithOneArgument(
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1216	ExecState* exec, Structure* structure, EncodedJSValue encodedValue)
				1217	{
fpizlo@apple.com	39303e0	2016-04-05 22:17:35 +0000	[diff] [blame]	1218	VM& vm = exec->vm();
				1219	NativeCallFrameTracer tracer(&vm, exec);
utatane.tea@gmail.com	4392696	2016-11-27 06:08:16 +0000	[diff] [blame]	1220	return reinterpret_cast<char*>(constructGenericTypedArrayViewWithArguments<JSUint8Array>(exec, structure, encodedValue, 0, std::nullopt));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1221	}
				1222
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1223	char* JIT_OPERATION operationNewUint8ClampedArrayWithSize(
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1224	ExecState* exec, Structure* structure, int32_t length, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1225	{
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1226	return newTypedArrayWithSize<JSUint8ClampedArray>(exec, structure, length, vector);
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1227	}
				1228
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1229	char* JIT_OPERATION operationNewUint8ClampedArrayWithOneArgument(
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1230	ExecState* exec, Structure* structure, EncodedJSValue encodedValue)
				1231	{
fpizlo@apple.com	39303e0	2016-04-05 22:17:35 +0000	[diff] [blame]	1232	VM& vm = exec->vm();
				1233	NativeCallFrameTracer tracer(&vm, exec);
utatane.tea@gmail.com	4392696	2016-11-27 06:08:16 +0000	[diff] [blame]	1234	return reinterpret_cast<char*>(constructGenericTypedArrayViewWithArguments<JSUint8ClampedArray>(exec, structure, encodedValue, 0, std::nullopt));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1235	}
				1236
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1237	char* JIT_OPERATION operationNewUint16ArrayWithSize(
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1238	ExecState* exec, Structure* structure, int32_t length, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1239	{
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1240	return newTypedArrayWithSize<JSUint16Array>(exec, structure, length, vector);
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1241	}
				1242
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1243	char* JIT_OPERATION operationNewUint16ArrayWithOneArgument(
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1244	ExecState* exec, Structure* structure, EncodedJSValue encodedValue)
				1245	{
fpizlo@apple.com	39303e0	2016-04-05 22:17:35 +0000	[diff] [blame]	1246	VM& vm = exec->vm();
				1247	NativeCallFrameTracer tracer(&vm, exec);
utatane.tea@gmail.com	4392696	2016-11-27 06:08:16 +0000	[diff] [blame]	1248	return reinterpret_cast<char*>(constructGenericTypedArrayViewWithArguments<JSUint16Array>(exec, structure, encodedValue, 0, std::nullopt));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1249	}
				1250
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1251	char* JIT_OPERATION operationNewUint32ArrayWithSize(
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1252	ExecState* exec, Structure* structure, int32_t length, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1253	{
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1254	return newTypedArrayWithSize<JSUint32Array>(exec, structure, length, vector);
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1255	}
				1256
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1257	char* JIT_OPERATION operationNewUint32ArrayWithOneArgument(
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1258	ExecState* exec, Structure* structure, EncodedJSValue encodedValue)
				1259	{
fpizlo@apple.com	39303e0	2016-04-05 22:17:35 +0000	[diff] [blame]	1260	VM& vm = exec->vm();
				1261	NativeCallFrameTracer tracer(&vm, exec);
utatane.tea@gmail.com	4392696	2016-11-27 06:08:16 +0000	[diff] [blame]	1262	return reinterpret_cast<char*>(constructGenericTypedArrayViewWithArguments<JSUint32Array>(exec, structure, encodedValue, 0, std::nullopt));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1263	}
				1264
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1265	char* JIT_OPERATION operationNewFloat32ArrayWithSize(
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1266	ExecState* exec, Structure* structure, int32_t length, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1267	{
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1268	return newTypedArrayWithSize<JSFloat32Array>(exec, structure, length, vector);
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1269	}
				1270
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1271	char* JIT_OPERATION operationNewFloat32ArrayWithOneArgument(
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1272	ExecState* exec, Structure* structure, EncodedJSValue encodedValue)
				1273	{
fpizlo@apple.com	39303e0	2016-04-05 22:17:35 +0000	[diff] [blame]	1274	VM& vm = exec->vm();
				1275	NativeCallFrameTracer tracer(&vm, exec);
utatane.tea@gmail.com	4392696	2016-11-27 06:08:16 +0000	[diff] [blame]	1276	return reinterpret_cast<char*>(constructGenericTypedArrayViewWithArguments<JSFloat32Array>(exec, structure, encodedValue, 0, std::nullopt));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1277	}
				1278
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1279	char* JIT_OPERATION operationNewFloat64ArrayWithSize(
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1280	ExecState* exec, Structure* structure, int32_t length, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1281	{
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1282	return newTypedArrayWithSize<JSFloat64Array>(exec, structure, length, vector);
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1283	}
				1284
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1285	char* JIT_OPERATION operationNewFloat64ArrayWithOneArgument(
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1286	ExecState* exec, Structure* structure, EncodedJSValue encodedValue)
				1287	{
fpizlo@apple.com	39303e0	2016-04-05 22:17:35 +0000	[diff] [blame]	1288	VM& vm = exec->vm();
				1289	NativeCallFrameTracer tracer(&vm, exec);
utatane.tea@gmail.com	4392696	2016-11-27 06:08:16 +0000	[diff] [blame]	1290	return reinterpret_cast<char*>(constructGenericTypedArrayViewWithArguments<JSFloat64Array>(exec, structure, encodedValue, 0, std::nullopt));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1291	}
				1292
saambarati1@gmail.com	144f17c	2015-07-15 21:41:08 +0000	[diff] [blame]	1293	JSCell* JIT_OPERATION operationCreateActivationDirect(ExecState* exec, Structure* structure, JSScope* scope, SymbolTable* table, EncodedJSValue initialValueEncoded)
fpizlo@apple.com	c644611	2012-05-23 20:52:42 +0000	[diff] [blame]	1294	{
saambarati1@gmail.com	144f17c	2015-07-15 21:41:08 +0000	[diff] [blame]	1295	JSValue initialValue = JSValue::decode(initialValueEncoded);
				1296	ASSERT(initialValue == jsUndefined() \|\| initialValue == jsTDZValue());
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1297	VM& vm = exec->vm();
				1298	NativeCallFrameTracer tracer(&vm, exec);
saambarati1@gmail.com	144f17c	2015-07-15 21:41:08 +0000	[diff] [blame]	1299	return JSLexicalEnvironment::create(vm, structure, scope, table, initialValue);
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1300	}
				1301
				1302	JSCell* JIT_OPERATION operationCreateDirectArguments(ExecState* exec, Structure* structure, int32_t length, int32_t minCapacity)
				1303	{
				1304	VM& vm = exec->vm();
				1305	NativeCallFrameTracer target(&vm, exec);
				1306	DirectArguments* result = DirectArguments::create(
				1307	vm, structure, length, std::max(length, minCapacity));
				1308	// The caller will store to this object without barriers. Most likely, at this point, this is
				1309	// still a young object and so no barriers are needed. But it's good to be careful anyway,
				1310	// since the GC should be allowed to do crazy (like pretenuring, for example).
				1311	vm.heap.writeBarrier(result);
fpizlo@apple.com	9a548f1	2012-05-24 05:33:09 +0000	[diff] [blame]	1312	return result;
fpizlo@apple.com	c644611	2012-05-23 20:52:42 +0000	[diff] [blame]	1313	}
				1314
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1315	JSCell* JIT_OPERATION operationCreateScopedArguments(ExecState* exec, Structure* structure, Register* argumentStart, int32_t length, JSFunction* callee, JSLexicalEnvironment* scope)
fpizlo@apple.com	6d4456e	2012-05-23 03:48:52 +0000	[diff] [blame]	1316	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1317	VM& vm = exec->vm();
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1318	NativeCallFrameTracer target(&vm, exec);
fpizlo@apple.com	d554749	2012-06-07 00:23:36 +0000	[diff] [blame]	1319
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1320	// We could pass the ScopedArgumentsTable* as an argument. We currently don't because I
				1321	// didn't feel like changing the max number of arguments for a slow path call from 6 to 7.
				1322	ScopedArgumentsTable* table = scope->symbolTable()->arguments();
fpizlo@apple.com	d554749	2012-06-07 00:23:36 +0000	[diff] [blame]	1323
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1324	return ScopedArguments::createByCopyingFrom(
				1325	vm, structure, argumentStart, length, callee, table, scope);
fpizlo@apple.com	d554749	2012-06-07 00:23:36 +0000	[diff] [blame]	1326	}
				1327
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1328	JSCell* JIT_OPERATION operationCreateClonedArguments(ExecState* exec, Structure* structure, Register* argumentStart, int32_t length, JSFunction* callee)
fpizlo@apple.com	d554749	2012-06-07 00:23:36 +0000	[diff] [blame]	1329	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1330	VM& vm = exec->vm();
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1331	NativeCallFrameTracer target(&vm, exec);
				1332	return ClonedArguments::createByCopyingFrom(
				1333	exec, structure, argumentStart, length, callee);
fpizlo@apple.com	6d4456e	2012-05-23 03:48:52 +0000	[diff] [blame]	1334	}
				1335
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1336	JSCell* JIT_OPERATION operationCreateDirectArgumentsDuringExit(ExecState* exec, InlineCallFrame* inlineCallFrame, JSFunction* callee, int32_t argumentCount)
fpizlo@apple.com	17da7f3	2012-02-25 23:05:38 +0000	[diff] [blame]	1337	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1338	VM& vm = exec->vm();
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1339	NativeCallFrameTracer target(&vm, exec);
				1340
				1341	DeferGCForAWhile deferGC(vm.heap);
				1342
				1343	CodeBlock* codeBlock;
				1344	if (inlineCallFrame)
				1345	codeBlock = baselineCodeBlockForInlineCallFrame(inlineCallFrame);
				1346	else
				1347	codeBlock = exec->codeBlock();
				1348
				1349	unsigned length = argumentCount - 1;
				1350	unsigned capacity = std::max(length, static_cast<unsigned>(codeBlock->numParameters() - 1));
				1351	DirectArguments* result = DirectArguments::create(
				1352	vm, codeBlock->globalObject()->directArgumentsStructure(), length, capacity);
				1353
				1354	result->callee().set(vm, result, callee);
				1355
				1356	Register* arguments =
				1357	exec->registers() + (inlineCallFrame ? inlineCallFrame->stackOffset : 0) +
				1358	CallFrame::argumentOffset(0);
				1359	for (unsigned i = length; i--;)
				1360	result->setIndexQuickly(vm, i, arguments[i].jsValue());
				1361
				1362	return result;
				1363	}
				1364
				1365	JSCell* JIT_OPERATION operationCreateClonedArgumentsDuringExit(ExecState* exec, InlineCallFrame* inlineCallFrame, JSFunction* callee, int32_t argumentCount)
				1366	{
				1367	VM& vm = exec->vm();
				1368	NativeCallFrameTracer target(&vm, exec);
				1369
				1370	DeferGCForAWhile deferGC(vm.heap);
				1371
				1372	CodeBlock* codeBlock;
				1373	if (inlineCallFrame)
				1374	codeBlock = baselineCodeBlockForInlineCallFrame(inlineCallFrame);
				1375	else
				1376	codeBlock = exec->codeBlock();
				1377
				1378	unsigned length = argumentCount - 1;
				1379	ClonedArguments* result = ClonedArguments::createEmpty(
keith_miller@apple.com	2636739	2016-03-14 20:55:15 +0000	[diff] [blame]	1380	vm, codeBlock->globalObject()->clonedArgumentsStructure(), callee, length);
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1381
				1382	Register* arguments =
				1383	exec->registers() + (inlineCallFrame ? inlineCallFrame->stackOffset : 0) +
				1384	CallFrame::argumentOffset(0);
				1385	for (unsigned i = length; i--;)
keith_miller@apple.com	2636739	2016-03-14 20:55:15 +0000	[diff] [blame]	1386	result->initializeIndex(vm, i, arguments[i].jsValue());
				1387
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1388
				1389	return result;
fpizlo@apple.com	17da7f3	2012-02-25 23:05:38 +0000	[diff] [blame]	1390	}
				1391
sbarati@apple.com	6cfefd8	2016-08-13 02:14:42 +0000	[diff] [blame]	1392	JSCell* JIT_OPERATION operationCreateRest(ExecState* exec, Register* argumentStart, unsigned numberOfParamsToSkip, unsigned arraySize)
sbarati@apple.com	c0722da	2015-11-20 02:37:47 +0000	[diff] [blame]	1393	{
keith_miller@apple.com	1b8b006	2016-04-16 01:26:10 +0000	[diff] [blame]	1394	VM* vm = &exec->vm();
				1395	NativeCallFrameTracer tracer(vm, exec);
				1396
sbarati@apple.com	6cfefd8	2016-08-13 02:14:42 +0000	[diff] [blame]	1397	JSGlobalObject* globalObject = exec->lexicalGlobalObject();
sbarati@apple.com	7a74ce7	2016-11-01 20:03:03 +0000	[diff] [blame]	1398	Structure* structure = globalObject->restParameterStructure();
sbarati@apple.com	6cfefd8	2016-08-13 02:14:42 +0000	[diff] [blame]	1399	static_assert(sizeof(Register) == sizeof(JSValue), "This is a strong assumption here.");
				1400	JSValue* argumentsToCopyRegion = bitwise_cast<JSValue*>(argumentStart) + numberOfParamsToSkip;
				1401	return constructArray(exec, structure, argumentsToCopyRegion, arraySize);
sbarati@apple.com	c0722da	2015-11-20 02:37:47 +0000	[diff] [blame]	1402	}
				1403
fpizlo@apple.com	b8823d5	2015-05-03 00:15:27 +0000	[diff] [blame]	1404	size_t JIT_OPERATION operationObjectIsObject(ExecState* exec, JSGlobalObject* globalObject, JSCell* object)
oliver@apple.com	e722ad0	2013-01-09 02:37:29 +0000	[diff] [blame]	1405	{
mark.lam@apple.com	87a5b6f	2014-02-05 04:22:43 +0000	[diff] [blame]	1406	VM& vm = exec->vm();
				1407	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	b8823d5	2015-05-03 00:15:27 +0000	[diff] [blame]	1408
				1409	ASSERT(jsDynamicCast<JSObject*>(object));
				1410
				1411	if (object->structure(vm)->masqueradesAsUndefined(globalObject))
				1412	return false;
				1413	if (object->type() == JSFunctionType)
				1414	return false;
				1415	if (object->inlineTypeFlags() & TypeOfShouldCallGetCallData) {
				1416	CallData callData;
utatane.tea@gmail.com	f76f1b4	2016-03-05 17:01:04 +0000	[diff] [blame]	1417	if (object->methodTable(vm)->getCallData(object, callData) != CallType::None)
fpizlo@apple.com	b8823d5	2015-05-03 00:15:27 +0000	[diff] [blame]	1418	return false;
				1419	}
				1420
				1421	return true;
				1422	}
				1423
				1424	size_t JIT_OPERATION operationObjectIsFunction(ExecState* exec, JSGlobalObject* globalObject, JSCell* object)
				1425	{
				1426	VM& vm = exec->vm();
				1427	NativeCallFrameTracer tracer(&vm, exec);
				1428
				1429	ASSERT(jsDynamicCast<JSObject*>(object));
				1430
				1431	if (object->structure(vm)->masqueradesAsUndefined(globalObject))
				1432	return false;
				1433	if (object->type() == JSFunctionType)
				1434	return true;
				1435	if (object->inlineTypeFlags() & TypeOfShouldCallGetCallData) {
				1436	CallData callData;
utatane.tea@gmail.com	f76f1b4	2016-03-05 17:01:04 +0000	[diff] [blame]	1437	if (object->methodTable(vm)->getCallData(object, callData) != CallType::None)
fpizlo@apple.com	b8823d5	2015-05-03 00:15:27 +0000	[diff] [blame]	1438	return true;
				1439	}
				1440
				1441	return false;
				1442	}
				1443
				1444	JSCell* JIT_OPERATION operationTypeOfObject(ExecState* exec, JSGlobalObject* globalObject, JSCell* object)
				1445	{
				1446	VM& vm = exec->vm();
				1447	NativeCallFrameTracer tracer(&vm, exec);
				1448
				1449	ASSERT(jsDynamicCast<JSObject*>(object));
				1450
				1451	if (object->structure(vm)->masqueradesAsUndefined(globalObject))
				1452	return vm.smallStrings.undefinedString();
				1453	if (object->type() == JSFunctionType)
				1454	return vm.smallStrings.functionString();
				1455	if (object->inlineTypeFlags() & TypeOfShouldCallGetCallData) {
				1456	CallData callData;
utatane.tea@gmail.com	f76f1b4	2016-03-05 17:01:04 +0000	[diff] [blame]	1457	if (object->methodTable(vm)->getCallData(object, callData) != CallType::None)
fpizlo@apple.com	b8823d5	2015-05-03 00:15:27 +0000	[diff] [blame]	1458	return vm.smallStrings.functionString();
				1459	}
				1460
				1461	return vm.smallStrings.objectString();
				1462	}
				1463
				1464	int32_t JIT_OPERATION operationTypeOfObjectAsTypeofType(ExecState* exec, JSGlobalObject* globalObject, JSCell* object)
				1465	{
				1466	VM& vm = exec->vm();
				1467	NativeCallFrameTracer tracer(&vm, exec);
				1468
				1469	ASSERT(jsDynamicCast<JSObject*>(object));
				1470
				1471	if (object->structure(vm)->masqueradesAsUndefined(globalObject))
				1472	return static_cast<int32_t>(TypeofType::Undefined);
				1473	if (object->type() == JSFunctionType)
				1474	return static_cast<int32_t>(TypeofType::Function);
				1475	if (object->inlineTypeFlags() & TypeOfShouldCallGetCallData) {
				1476	CallData callData;
utatane.tea@gmail.com	f76f1b4	2016-03-05 17:01:04 +0000	[diff] [blame]	1477	if (object->methodTable(vm)->getCallData(object, callData) != CallType::None)
fpizlo@apple.com	b8823d5	2015-05-03 00:15:27 +0000	[diff] [blame]	1478	return static_cast<int32_t>(TypeofType::Function);
				1479	}
				1480
				1481	return static_cast<int32_t>(TypeofType::Object);
oliver@apple.com	e722ad0	2013-01-09 02:37:29 +0000	[diff] [blame]	1482	}
				1483
fpizlo@apple.com	b0e7f3d	2016-12-10 01:22:15 +0000	[diff] [blame]	1484	char* JIT_OPERATION operationAllocateSimplePropertyStorageWithInitialCapacity(ExecState* exec)
fpizlo@apple.com	1ffdcff	2012-07-19 00:30:34 +0000	[diff] [blame]	1485	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1486	VM& vm = exec->vm();
				1487	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	c17054c	2012-09-18 15:22:29 +0000	[diff] [blame]	1488
fpizlo@apple.com	d8dd053	2012-09-13 04:18:52 +0000	[diff] [blame]	1489	return reinterpret_cast<char*>(
oliver@apple.com	a03796a	2013-07-25 04:01:20 +0000	[diff] [blame]	1490	Butterfly::createUninitialized(vm, 0, 0, initialOutOfLineCapacity, false, 0));
fpizlo@apple.com	1ffdcff	2012-07-19 00:30:34 +0000	[diff] [blame]	1491	}
				1492
fpizlo@apple.com	b0e7f3d	2016-12-10 01:22:15 +0000	[diff] [blame]	1493	char* JIT_OPERATION operationAllocateSimplePropertyStorage(ExecState* exec, size_t newSize)
fpizlo@apple.com	1ffdcff	2012-07-19 00:30:34 +0000	[diff] [blame]	1494	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1495	VM& vm = exec->vm();
				1496	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	c17054c	2012-09-18 15:22:29 +0000	[diff] [blame]	1497
fpizlo@apple.com	d8dd053	2012-09-13 04:18:52 +0000	[diff] [blame]	1498	return reinterpret_cast<char*>(
oliver@apple.com	a03796a	2013-07-25 04:01:20 +0000	[diff] [blame]	1499	Butterfly::createUninitialized(vm, 0, 0, newSize, false, 0));
fpizlo@apple.com	d8dd053	2012-09-13 04:18:52 +0000	[diff] [blame]	1500	}
				1501
fpizlo@apple.com	b0e7f3d	2016-12-10 01:22:15 +0000	[diff] [blame]	1502	char* JIT_OPERATION operationAllocateComplexPropertyStorageWithInitialCapacity(ExecState* exec, JSObject* object)
				1503	{
				1504	VM& vm = exec->vm();
				1505	NativeCallFrameTracer tracer(&vm, exec);
				1506
				1507	ASSERT(!object->structure()->outOfLineCapacity());
				1508	return reinterpret_cast<char*>(
				1509	object->allocateMoreOutOfLineStorage(vm, 0, initialOutOfLineCapacity));
				1510	}
				1511
				1512	char* JIT_OPERATION operationAllocateComplexPropertyStorage(ExecState* exec, JSObject* object, size_t newSize)
				1513	{
				1514	VM& vm = exec->vm();
				1515	NativeCallFrameTracer tracer(&vm, exec);
				1516
				1517	return reinterpret_cast<char*>(
				1518	object->allocateMoreOutOfLineStorage(vm, object->structure()->outOfLineCapacity(), newSize));
				1519	}
				1520
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1521	char* JIT_OPERATION operationEnsureInt32(ExecState* exec, JSCell* cell)
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	1522	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1523	VM& vm = exec->vm();
				1524	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	1525
fpizlo@apple.com	274b6f1	2012-12-20 00:19:03 +0000	[diff] [blame]	1526	if (!cell->isObject())
				1527	return 0;
				1528
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1529	return reinterpret_cast<char*>(asObject(cell)->ensureInt32(vm).data());
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	1530	}
				1531
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1532	char* JIT_OPERATION operationEnsureDouble(ExecState* exec, JSCell* cell)
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	1533	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1534	VM& vm = exec->vm();
				1535	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	1536
fpizlo@apple.com	274b6f1	2012-12-20 00:19:03 +0000	[diff] [blame]	1537	if (!cell->isObject())
				1538	return 0;
				1539
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1540	return reinterpret_cast<char*>(asObject(cell)->ensureDouble(vm).data());
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	1541	}
				1542
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1543	char* JIT_OPERATION operationEnsureContiguous(ExecState* exec, JSCell* cell)
fpizlo@apple.com	0e9910a	2012-10-09 23:39:53 +0000	[diff] [blame]	1544	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1545	VM& vm = exec->vm();
				1546	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	0e9910a	2012-10-09 23:39:53 +0000	[diff] [blame]	1547
fpizlo@apple.com	274b6f1	2012-12-20 00:19:03 +0000	[diff] [blame]	1548	if (!cell->isObject())
				1549	return 0;
				1550
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1551	return reinterpret_cast<char*>(asObject(cell)->ensureContiguous(vm).data());
fpizlo@apple.com	0e9910a	2012-10-09 23:39:53 +0000	[diff] [blame]	1552	}
				1553
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1554	char* JIT_OPERATION operationEnsureArrayStorage(ExecState* exec, JSCell* cell)
fpizlo@apple.com	497c751	2012-09-19 01:20:52 +0000	[diff] [blame]	1555	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1556	VM& vm = exec->vm();
				1557	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	274b6f1	2012-12-20 00:19:03 +0000	[diff] [blame]	1558
				1559	if (!cell->isObject())
				1560	return 0;
fpizlo@apple.com	497c751	2012-09-19 01:20:52 +0000	[diff] [blame]	1561
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1562	return reinterpret_cast<char*>(asObject(cell)->ensureArrayStorage(vm));
fpizlo@apple.com	497c751	2012-09-19 01:20:52 +0000	[diff] [blame]	1563	}
				1564
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1565	StringImpl* JIT_OPERATION operationResolveRope(ExecState* exec, JSString* string)
fpizlo@apple.com	70bb5c5	2012-12-11 05:22:49 +0000	[diff] [blame]	1566	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1567	VM& vm = exec->vm();
				1568	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	70bb5c5	2012-12-11 05:22:49 +0000	[diff] [blame]	1569
				1570	return string->value(exec).impl();
				1571	}
				1572
sbarati@apple.com	527ebc2	2016-10-05 06:16:15 +0000	[diff] [blame]	1573	JSString* JIT_OPERATION operationToLowerCase(ExecState* exec, JSString* string, uint32_t failingIndex)
				1574	{
				1575	VM& vm = exec->vm();
				1576	NativeCallFrameTracer tracer(&vm, exec);
				1577
				1578	auto scope = DECLARE_THROW_SCOPE(vm);
				1579
				1580	const String& inputString = string->value(exec);
				1581	RETURN_IF_EXCEPTION(scope, nullptr);
sbarati@apple.com	d5ee1a9	2016-10-15 20:56:24 +0000	[diff] [blame]	1582	if (!inputString.length())
				1583	return vm.smallStrings.emptyString();
				1584
sbarati@apple.com	527ebc2	2016-10-05 06:16:15 +0000	[diff] [blame]	1585	String lowercasedString = inputString.is8Bit() ? inputString.convertToLowercaseWithoutLocaleStartingAtFailingIndex8Bit(failingIndex) : inputString.convertToLowercaseWithoutLocale();
				1586	if (lowercasedString.impl() == inputString.impl())
				1587	return string;
				1588	scope.release();
				1589	return jsString(exec, lowercasedString);
				1590	}
				1591
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1592	JSString* JIT_OPERATION operationSingleCharacterString(ExecState* exec, int32_t character)
oliver@apple.com	63af2d4	2013-07-25 04:03:33 +0000	[diff] [blame]	1593	{
				1594	VM& vm = exec->vm();
				1595	NativeCallFrameTracer tracer(&vm, exec);
				1596
				1597	return jsSingleCharacterString(exec, static_cast<UChar>(character));
				1598	}
				1599
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1600	JSCell* JIT_OPERATION operationNewStringObject(ExecState* exec, JSString* string, Structure* structure)
fpizlo@apple.com	0e6e154	2013-03-18 18:09:22 +0000	[diff] [blame]	1601	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1602	VM& vm = exec->vm();
				1603	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	0e6e154	2013-03-18 18:09:22 +0000	[diff] [blame]	1604
akling@apple.com	019809c	2013-10-06 18:16:48 +0000	[diff] [blame]	1605	return StringObject::create(vm, structure, string);
fpizlo@apple.com	0e6e154	2013-03-18 18:09:22 +0000	[diff] [blame]	1606	}
				1607
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1608	JSCell* JIT_OPERATION operationToStringOnCell(ExecState* exec, JSCell* cell)
fpizlo@apple.com	0e6e154	2013-03-18 18:09:22 +0000	[diff] [blame]	1609	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1610	VM& vm = exec->vm();
				1611	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	0e6e154	2013-03-18 18:09:22 +0000	[diff] [blame]	1612
				1613	return JSValue(cell).toString(exec);
				1614	}
				1615
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1616	JSCell* JIT_OPERATION operationToString(ExecState* exec, EncodedJSValue value)
fpizlo@apple.com	0e6e154	2013-03-18 18:09:22 +0000	[diff] [blame]	1617	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1618	VM& vm = exec->vm();
				1619	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	0e6e154	2013-03-18 18:09:22 +0000	[diff] [blame]	1620
				1621	return JSValue::decode(value).toString(exec);
				1622	}
				1623
utatane.tea@gmail.com	153559e	2015-04-06 19:07:12 +0000	[diff] [blame]	1624	JSCell* JIT_OPERATION operationCallStringConstructorOnCell(ExecState* exec, JSCell* cell)
				1625	{
				1626	VM& vm = exec->vm();
				1627	NativeCallFrameTracer tracer(&vm, exec);
				1628
				1629	return stringConstructor(exec, cell);
				1630	}
				1631
				1632	JSCell* JIT_OPERATION operationCallStringConstructor(ExecState* exec, EncodedJSValue value)
				1633	{
				1634	VM& vm = exec->vm();
				1635	NativeCallFrameTracer tracer(&vm, exec);
				1636
				1637	return stringConstructor(exec, JSValue::decode(value));
				1638	}
				1639
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1640	JSCell* JIT_OPERATION operationMakeRope2(ExecState* exec, JSString* left, JSString* right)
fpizlo@apple.com	8d22591	2013-03-19 00:44:57 +0000	[diff] [blame]	1641	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1642	VM& vm = exec->vm();
				1643	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	24c4999	2014-04-19 21:13:46 +0000	[diff] [blame]	1644
mark.lam@apple.com	581437a	2016-09-22 23:41:56 +0000	[diff] [blame]	1645	return jsString(exec, left, right);
fpizlo@apple.com	8d22591	2013-03-19 00:44:57 +0000	[diff] [blame]	1646	}
				1647
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1648	JSCell* JIT_OPERATION operationMakeRope3(ExecState* exec, JSString* a, JSString* b, JSString* c)
fpizlo@apple.com	4463e44	2013-03-20 20:29:37 +0000	[diff] [blame]	1649	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1650	VM& vm = exec->vm();
				1651	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	4463e44	2013-03-20 20:29:37 +0000	[diff] [blame]	1652
mark.lam@apple.com	581437a	2016-09-22 23:41:56 +0000	[diff] [blame]	1653	return jsString(exec, a, b, c);
fpizlo@apple.com	4463e44	2013-03-20 20:29:37 +0000	[diff] [blame]	1654	}
				1655
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1656	JSCell* JIT_OPERATION operationStrCat2(ExecState* exec, EncodedJSValue a, EncodedJSValue b)
				1657	{
				1658	VM& vm = exec->vm();
				1659	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	1660	auto scope = DECLARE_THROW_SCOPE(vm);
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1661
				1662	JSString* str1 = JSValue::decode(a).toString(exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	1663	ASSERT(!scope.exception()); // Impossible, since we must have been given primitives.
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1664	JSString* str2 = JSValue::decode(b).toString(exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	1665	ASSERT(!scope.exception());
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1666
mark.lam@apple.com	581437a	2016-09-22 23:41:56 +0000	[diff] [blame]	1667	scope.release();
				1668	return jsString(exec, str1, str2);
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1669	}
				1670
				1671	JSCell* JIT_OPERATION operationStrCat3(ExecState* exec, EncodedJSValue a, EncodedJSValue b, EncodedJSValue c)
				1672	{
				1673	VM& vm = exec->vm();
				1674	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	1675	auto scope = DECLARE_THROW_SCOPE(vm);
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1676
				1677	JSString* str1 = JSValue::decode(a).toString(exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	1678	ASSERT(!scope.exception()); // Impossible, since we must have been given primitives.
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1679	JSString* str2 = JSValue::decode(b).toString(exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	1680	ASSERT(!scope.exception());
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1681	JSString* str3 = JSValue::decode(c).toString(exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	1682	ASSERT(!scope.exception());
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1683
mark.lam@apple.com	581437a	2016-09-22 23:41:56 +0000	[diff] [blame]	1684	scope.release();
				1685	return jsString(exec, str1, str2, str3);
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1686	}
				1687
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1688	char* JIT_OPERATION operationFindSwitchImmTargetForDouble(
oliver@apple.com	9b7647b	2013-07-25 04:03:00 +0000	[diff] [blame]	1689	ExecState* exec, EncodedJSValue encodedValue, size_t tableIndex)
				1690	{
keith_miller@apple.com	1b8b006	2016-04-16 01:26:10 +0000	[diff] [blame]	1691	VM& vm = exec->vm();
				1692	NativeCallFrameTracer tracer(&vm, exec);
				1693
oliver@apple.com	9b7647b	2013-07-25 04:03:00 +0000	[diff] [blame]	1694	CodeBlock* codeBlock = exec->codeBlock();
oliver@apple.com	a14cea5	2013-07-25 04:03:23 +0000	[diff] [blame]	1695	SimpleJumpTable& table = codeBlock->switchJumpTable(tableIndex);
oliver@apple.com	9b7647b	2013-07-25 04:03:00 +0000	[diff] [blame]	1696	JSValue value = JSValue::decode(encodedValue);
				1697	ASSERT(value.isDouble());
				1698	double asDouble = value.asDouble();
				1699	int32_t asInt32 = static_cast<int32_t>(asDouble);
				1700	if (asDouble == asInt32)
				1701	return static_cast<char*>(table.ctiForValue(asInt32).executableAddress());
				1702	return static_cast<char*>(table.ctiDefault.executableAddress());
				1703	}
				1704
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1705	char* JIT_OPERATION operationSwitchString(ExecState* exec, size_t tableIndex, JSString* string)
oliver@apple.com	5c826c0	2013-07-25 04:03:51 +0000	[diff] [blame]	1706	{
				1707	VM& vm = exec->vm();
				1708	NativeCallFrameTracer tracer(&vm, exec);
				1709
				1710	return static_cast<char*>(exec->codeBlock()->stringSwitchJumpTable(tableIndex).ctiForValue(string->value(exec).impl()).executableAddress());
				1711	}
				1712
fpizlo@apple.com	5a3036b	2015-04-29 03:34:43 +0000	[diff] [blame]	1713	int32_t JIT_OPERATION operationSwitchStringAndGetBranchOffset(ExecState* exec, size_t tableIndex, JSString* string)
				1714	{
				1715	VM& vm = exec->vm();
				1716	NativeCallFrameTracer tracer(&vm, exec);
				1717
				1718	return exec->codeBlock()->stringSwitchJumpTable(tableIndex).offsetForValue(string->value(exec).impl(), std::numeric_limits<int32_t>::min());
				1719	}
				1720
commit-queue@webkit.org	36c5288	2016-04-22 05:08:28 +0000	[diff] [blame]	1721	uintptr_t JIT_OPERATION operationCompareStringImplLess(StringImpl* a, StringImpl* b)
				1722	{
				1723	return codePointCompare(a, b) < 0;
				1724	}
				1725
				1726	uintptr_t JIT_OPERATION operationCompareStringImplLessEq(StringImpl* a, StringImpl* b)
				1727	{
				1728	return codePointCompare(a, b) <= 0;
				1729	}
				1730
				1731	uintptr_t JIT_OPERATION operationCompareStringImplGreater(StringImpl* a, StringImpl* b)
				1732	{
				1733	return codePointCompare(a, b) > 0;
				1734	}
				1735
				1736	uintptr_t JIT_OPERATION operationCompareStringImplGreaterEq(StringImpl* a, StringImpl* b)
				1737	{
				1738	return codePointCompare(a, b) >= 0;
				1739	}
				1740
				1741	uintptr_t JIT_OPERATION operationCompareStringLess(ExecState* exec, JSString* a, JSString* b)
				1742	{
				1743	VM& vm = exec->vm();
				1744	NativeCallFrameTracer tracer(&vm, exec);
				1745
				1746	return codePointCompareLessThan(asString(a)->value(exec), asString(b)->value(exec));
				1747	}
				1748
				1749	uintptr_t JIT_OPERATION operationCompareStringLessEq(ExecState* exec, JSString* a, JSString* b)
				1750	{
				1751	VM& vm = exec->vm();
				1752	NativeCallFrameTracer tracer(&vm, exec);
				1753
				1754	return !codePointCompareLessThan(asString(b)->value(exec), asString(a)->value(exec));
				1755	}
				1756
				1757	uintptr_t JIT_OPERATION operationCompareStringGreater(ExecState* exec, JSString* a, JSString* b)
				1758	{
				1759	VM& vm = exec->vm();
				1760	NativeCallFrameTracer tracer(&vm, exec);
				1761
				1762	return codePointCompareLessThan(asString(b)->value(exec), asString(a)->value(exec));
				1763	}
				1764
				1765	uintptr_t JIT_OPERATION operationCompareStringGreaterEq(ExecState* exec, JSString* a, JSString* b)
				1766	{
				1767	VM& vm = exec->vm();
				1768	NativeCallFrameTracer tracer(&vm, exec);
				1769
				1770	return !codePointCompareLessThan(asString(a)->value(exec), asString(b)->value(exec));
				1771	}
				1772
fpizlo@apple.com	3a2fa4c	2015-04-13 22:13:12 +0000	[diff] [blame]	1773	void JIT_OPERATION operationNotifyWrite(ExecState* exec, WatchpointSet* set)
fpizlo@apple.com	3396171	2013-11-20 05:49:05 +0000	[diff] [blame]	1774	{
				1775	VM& vm = exec->vm();
				1776	NativeCallFrameTracer tracer(&vm, exec);
				1777
sbarati@apple.com	0c3609d	2016-06-28 21:30:20 +0000	[diff] [blame]	1778	set->touch(vm, "Executed NotifyWrite");
fpizlo@apple.com	3396171	2013-11-20 05:49:05 +0000	[diff] [blame]	1779	}
				1780
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1781	void JIT_OPERATION operationThrowStackOverflowForVarargs(ExecState* exec)
				1782	{
				1783	VM& vm = exec->vm();
				1784	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	1785	auto scope = DECLARE_THROW_SCOPE(vm);
				1786	throwStackOverflowError(exec, scope);
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1787	}
				1788
fpizlo@apple.com	8fefdd3	2015-02-18 19:55:47 +0000	[diff] [blame]	1789	int32_t JIT_OPERATION operationSizeOfVarargs(ExecState* exec, EncodedJSValue encodedArguments, int32_t firstVarArgOffset)
				1790	{
				1791	VM& vm = exec->vm();
				1792	NativeCallFrameTracer tracer(&vm, exec);
				1793	JSValue arguments = JSValue::decode(encodedArguments);
				1794
				1795	return sizeOfVarargs(exec, arguments, firstVarArgOffset);
				1796	}
				1797
sbarati@apple.com	a3db465	2016-09-20 01:05:50 +0000	[diff] [blame]	1798	int32_t JIT_OPERATION operationHasOwnProperty(ExecState* exec, JSObject* thisObject, EncodedJSValue encodedKey)
				1799	{
				1800	VM& vm = exec->vm();
				1801	NativeCallFrameTracer tracer(&vm, exec);
				1802	auto scope = DECLARE_THROW_SCOPE(vm);
				1803
				1804	JSValue key = JSValue::decode(encodedKey);
				1805	Identifier propertyName = key.toPropertyKey(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	1806	RETURN_IF_EXCEPTION(scope, false);
sbarati@apple.com	a3db465	2016-09-20 01:05:50 +0000	[diff] [blame]	1807
				1808	PropertySlot slot(thisObject, PropertySlot::InternalMethodType::GetOwnProperty);
				1809	bool result = thisObject->hasOwnProperty(exec, propertyName.impl(), slot);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	1810	RETURN_IF_EXCEPTION(scope, false);
sbarati@apple.com	a3db465	2016-09-20 01:05:50 +0000	[diff] [blame]	1811
				1812	HasOwnPropertyCache* hasOwnPropertyCache = vm.hasOwnPropertyCache();
				1813	ASSERT(hasOwnPropertyCache);
				1814	hasOwnPropertyCache->tryAdd(vm, slot, thisObject, propertyName.impl(), result);
				1815	return result;
				1816	}
				1817
fpizlo@apple.com	8fefdd3	2015-02-18 19:55:47 +0000	[diff] [blame]	1818	void JIT_OPERATION operationLoadVarargs(ExecState* exec, int32_t firstElementDest, EncodedJSValue encodedArguments, int32_t offset, int32_t length, int32_t mandatoryMinimum)
				1819	{
				1820	VM& vm = exec->vm();
				1821	NativeCallFrameTracer tracer(&vm, exec);
				1822	JSValue arguments = JSValue::decode(encodedArguments);
				1823
				1824	loadVarargs(exec, VirtualRegister(firstElementDest), arguments, offset, length);
				1825
				1826	for (int32_t i = length; i < mandatoryMinimum; ++i)
				1827	exec->r(firstElementDest + i) = jsUndefined();
				1828	}
				1829
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1830	double JIT_OPERATION operationFModOnInts(int32_t a, int32_t b)
fpizlo@apple.com	2c2536e	2012-03-21 01:29:28 +0000	[diff] [blame]	1831	{
				1832	return fmod(a, b);
				1833	}
				1834
utatane.tea@gmail.com	d2fca0a	2015-12-15 03:51:42 +0000	[diff] [blame]	1835	#if USE(JSVALUE32_64)
				1836	double JIT_OPERATION operationRandom(JSGlobalObject* globalObject)
				1837	{
				1838	return globalObject->weakRandomNumber();
				1839	}
				1840	#endif
				1841
mark.lam@apple.com	03a3e38	2016-01-08 18:44:36 +0000	[diff] [blame]	1842	JSCell* JIT_OPERATION operationStringFromCharCode(ExecState* exec, int32_t op1)
commit-queue@webkit.org	aa31a5e	2013-04-09 06:45:16 +0000	[diff] [blame]	1843	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1844	VM* vm = &exec->vm();
				1845	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	03a3e38	2016-01-08 18:44:36 +0000	[diff] [blame]	1846	return JSC::stringFromCharCode(exec, op1);
commit-queue@webkit.org	aa31a5e	2013-04-09 06:45:16 +0000	[diff] [blame]	1847	}
				1848
mark.lam@apple.com	151fe10	2016-01-13 23:28:38 +0000	[diff] [blame]	1849	EncodedJSValue JIT_OPERATION operationStringFromCharCodeUntyped(ExecState* exec, EncodedJSValue encodedValue)
				1850	{
				1851	VM* vm = &exec->vm();
				1852	NativeCallFrameTracer tracer(vm, exec);
				1853	JSValue charValue = JSValue::decode(encodedValue);
				1854	int32_t chInt = charValue.toUInt32(exec);
				1855	return JSValue::encode(JSC::stringFromCharCode(exec, chInt));
				1856	}
				1857
fpizlo@apple.com	f299993	2014-07-15 00:41:39 +0000	[diff] [blame]	1858	int64_t JIT_OPERATION operationConvertBoxedDoubleToInt52(EncodedJSValue encodedValue)
				1859	{
				1860	JSValue value = JSValue::decode(encodedValue);
				1861	if (!value.isDouble())
				1862	return JSValue::notInt52;
				1863	return tryConvertToInt52(value.asDouble());
				1864	}
				1865
				1866	int64_t JIT_OPERATION operationConvertDoubleToInt52(double value)
				1867	{
				1868	return tryConvertToInt52(value);
				1869	}
				1870
sbarati@apple.com	fa85752	2016-03-07 01:00:33 +0000	[diff] [blame]	1871	size_t JIT_OPERATION operationDefaultHasInstance(ExecState* exec, JSCell* value, JSCell* proto) // Returns jsBoolean(True\|False) on 64-bit.
				1872	{
				1873	VM* vm = &exec->vm();
				1874	NativeCallFrameTracer tracer(vm, exec);
				1875	if (JSObject::defaultHasInstance(exec, value, proto))
				1876	return 1;
				1877	return 0;
				1878	}
				1879
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1880	char* JIT_OPERATION operationNewRawObject(ExecState* exec, Structure* structure, int32_t length, Butterfly* butterfly)
fpizlo@apple.com	280ef00	2016-04-05 22:13:16 +0000	[diff] [blame]	1881	{
				1882	VM& vm = exec->vm();
				1883	NativeCallFrameTracer tracer(&vm, exec);
				1884
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1885	if (!butterfly
				1886	&& (structure->outOfLineCapacity() \|\| hasIndexedProperties(structure->indexingType()))) {
fpizlo@apple.com	280ef00	2016-04-05 22:13:16 +0000	[diff] [blame]	1887	IndexingHeader header;
				1888	header.setVectorLength(length);
				1889	header.setPublicLength(0);
				1890
				1891	butterfly = Butterfly::create(
				1892	vm, nullptr, 0, structure->outOfLineCapacity(),
				1893	hasIndexedProperties(structure->indexingType()), header,
				1894	length * sizeof(EncodedJSValue));
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1895	}
fpizlo@apple.com	280ef00	2016-04-05 22:13:16 +0000	[diff] [blame]	1896
				1897	JSObject* result = JSObject::createRawObject(exec, structure, butterfly);
				1898	result->butterfly(); // Ensure that the butterfly is in to-space.
				1899	return bitwise_cast<char*>(result);
				1900	}
				1901
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1902	JSCell* JIT_OPERATION operationNewObjectWithButterfly(ExecState* exec, Structure* structure, Butterfly* butterfly)
fpizlo@apple.com	280ef00	2016-04-05 22:13:16 +0000	[diff] [blame]	1903	{
				1904	VM& vm = exec->vm();
				1905	NativeCallFrameTracer tracer(&vm, exec);
				1906
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1907	if (!butterfly) {
				1908	butterfly = Butterfly::create(
				1909	vm, nullptr, 0, structure->outOfLineCapacity(), false, IndexingHeader(), 0);
				1910	}
fpizlo@apple.com	280ef00	2016-04-05 22:13:16 +0000	[diff] [blame]	1911
				1912	JSObject* result = JSObject::createRawObject(exec, structure, butterfly);
				1913	result->butterfly(); // Ensure that the butterfly is in to-space.
				1914	return result;
				1915	}
				1916
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1917	JSCell* JIT_OPERATION operationNewObjectWithButterflyWithIndexingHeaderAndVectorLength(ExecState* exec, Structure* structure, unsigned length, Butterfly* butterfly)
fpizlo@apple.com	280ef00	2016-04-05 22:13:16 +0000	[diff] [blame]	1918	{
				1919	VM& vm = exec->vm();
				1920	NativeCallFrameTracer tracer(&vm, exec);
				1921
				1922	IndexingHeader header;
				1923	header.setVectorLength(length);
				1924	header.setPublicLength(0);
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1925	if (butterfly)
				1926	*butterfly->indexingHeader() = header;
				1927	else {
				1928	butterfly = Butterfly::create(
				1929	vm, nullptr, 0, structure->outOfLineCapacity(), true, header,
				1930	sizeof(EncodedJSValue) * length);
				1931	}
				1932
fpizlo@apple.com	280ef00	2016-04-05 22:13:16 +0000	[diff] [blame]	1933	// Paradoxically this may allocate a JSArray. That's totally cool.
				1934	JSObject* result = JSObject::createRawObject(exec, structure, butterfly);
				1935	result->butterfly(); // Ensure that the butterfly is in to-space.
				1936	return result;
				1937	}
				1938
sbarati@apple.com	99ed479	2016-11-12 02:58:11 +0000	[diff] [blame]	1939	JSCell* JIT_OPERATION operationNewArrayWithSpreadSlow(ExecState* exec, void* buffer, uint32_t numItems)
				1940	{
				1941	VM& vm = exec->vm();
				1942	NativeCallFrameTracer tracer(&vm, exec);
				1943	auto scope = DECLARE_THROW_SCOPE(vm);
				1944
				1945	EncodedJSValue* values = static_cast<EncodedJSValue*>(buffer);
				1946	unsigned length = 0;
				1947	for (unsigned i = 0; i < numItems; i++) {
				1948	JSValue value = JSValue::decode(values[i]);
				1949	if (JSFixedArray* array = jsDynamicCast<JSFixedArray*>(value))
				1950	length += array->size();
				1951	else
				1952	++length;
				1953	}
				1954
				1955
				1956	JSGlobalObject* globalObject = exec->lexicalGlobalObject();
				1957	Structure* structure = globalObject->arrayStructureForIndexingTypeDuringAllocation(ArrayWithContiguous);
				1958
msaboff@apple.com	d561664	2017-01-24 21:54:59 +0000	[diff] [blame]	1959	JSArray* result = JSArray::tryCreateForInitializationPrivate(vm, structure, length);
sbarati@apple.com	99ed479	2016-11-12 02:58:11 +0000	[diff] [blame]	1960	RETURN_IF_EXCEPTION(scope, nullptr);
				1961
				1962	unsigned index = 0;
				1963	for (unsigned i = 0; i < numItems; i++) {
				1964	JSValue value = JSValue::decode(values[i]);
				1965	if (JSFixedArray* array = jsDynamicCast<JSFixedArray*>(value)) {
				1966	// We are spreading.
				1967	for (unsigned i = 0; i < array->size(); i++) {
				1968	result->initializeIndex(vm, index, array->get(i));
				1969	++index;
				1970	}
				1971	} else {
				1972	// We are not spreading.
				1973	result->initializeIndex(vm, index, value);
				1974	++index;
				1975	}
				1976	}
				1977
				1978	return result;
				1979	}
				1980
				1981	JSCell* JIT_OPERATION operationSpreadGeneric(ExecState* exec, JSCell* iterable)
				1982	{
				1983	VM& vm = exec->vm();
				1984	NativeCallFrameTracer tracer(&vm, exec);
				1985
				1986	auto throwScope = DECLARE_THROW_SCOPE(vm);
				1987
sbarati@apple.com	5b8aea1	2017-01-24 00:15:21 +0000	[diff] [blame]	1988	if (isJSArray(iterable)) {
sbarati@apple.com	99ed479	2016-11-12 02:58:11 +0000	[diff] [blame]	1989	JSArray* array = jsCast<JSArray*>(iterable);
sbarati@apple.com	5b8aea1	2017-01-24 00:15:21 +0000	[diff] [blame]	1990	if (array->isIteratorProtocolFastAndNonObservable()) {
				1991	throwScope.release();
				1992	return JSFixedArray::createFromArray(exec, vm, array);
				1993	}
sbarati@apple.com	99ed479	2016-11-12 02:58:11 +0000	[diff] [blame]	1994	}
				1995
				1996	// FIXME: we can probably make this path faster by having our caller JS code call directly into
				1997	// the iteration protocol builtin: https://bugs.webkit.org/show_bug.cgi?id=164520
				1998
sbarati@apple.com	5b8aea1	2017-01-24 00:15:21 +0000	[diff] [blame]	1999	JSGlobalObject* globalObject = exec->lexicalGlobalObject();
sbarati@apple.com	99ed479	2016-11-12 02:58:11 +0000	[diff] [blame]	2000	JSArray* array;
				2001	{
				2002	JSFunction* iterationFunction = globalObject->iteratorProtocolFunction();
				2003	CallData callData;
				2004	CallType callType = JSC::getCallData(iterationFunction, callData);
				2005	ASSERT(callType != CallType::None);
				2006
				2007	MarkedArgumentBuffer arguments;
				2008	arguments.append(iterable);
				2009	JSValue arrayResult = call(exec, iterationFunction, callType, callData, jsNull(), arguments);
				2010	RETURN_IF_EXCEPTION(throwScope, nullptr);
				2011	array = jsCast<JSArray*>(arrayResult);
				2012	}
				2013
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	2014	throwScope.release();
sbarati@apple.com	99ed479	2016-11-12 02:58:11 +0000	[diff] [blame]	2015	return JSFixedArray::createFromArray(exec, vm, array);
				2016	}
				2017
				2018	JSCell* JIT_OPERATION operationSpreadFastArray(ExecState* exec, JSCell* cell)
				2019	{
				2020	VM& vm = exec->vm();
				2021	NativeCallFrameTracer tracer(&vm, exec);
				2022
				2023	ASSERT(isJSArray(cell));
				2024	JSArray* array = jsCast<JSArray*>(cell);
sbarati@apple.com	5b8aea1	2017-01-24 00:15:21 +0000	[diff] [blame]	2025	ASSERT(array->isIteratorProtocolFastAndNonObservable());
sbarati@apple.com	99ed479	2016-11-12 02:58:11 +0000	[diff] [blame]	2026
				2027	return JSFixedArray::createFromArray(exec, vm, array);
				2028	}
				2029
saambarati1@gmail.com	daf1020	2014-10-01 20:47:51 +0000	[diff] [blame]	2030	void JIT_OPERATION operationProcessTypeProfilerLogDFG(ExecState* exec)
				2031	{
sbarati@apple.com	c6fb755	2016-06-07 20:07:56 +0000	[diff] [blame]	2032	VM& vm = exec->vm();
				2033	NativeCallFrameTracer tracer(&vm, exec);
				2034
				2035	vm.typeProfilerLog()->processLogEntries(ASCIILiteral("Log Full, called from inside DFG."));
saambarati1@gmail.com	daf1020	2014-10-01 20:47:51 +0000	[diff] [blame]	2036	}
				2037
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	2038	void JIT_OPERATION debugOperationPrintSpeculationFailure(ExecState* exec, void* debugInfoRaw, void* scratch)
fpizlo@apple.com	746c6d07	2011-09-07 02:47:51 +0000	[diff] [blame]	2039	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	2040	VM* vm = &exec->vm();
				2041	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	2042
fpizlo@apple.com	746c6d07	2011-09-07 02:47:51 +0000	[diff] [blame]	2043	SpeculationFailureDebugInfo* debugInfo = static_cast<SpeculationFailureDebugInfo*>(debugInfoRaw);
fpizlo@apple.com	f2bf0dd	2011-09-26 04:05:28 +0000	[diff] [blame]	2044	CodeBlock* codeBlock = debugInfo->codeBlock;
fpizlo@apple.com	47d3b64	2011-10-05 21:36:23 +0000	[diff] [blame]	2045	CodeBlock* alternative = codeBlock->alternative();
mark.lam@apple.com	e7ecf83	2014-04-02 20:49:27 +0000	[diff] [blame]	2046	dataLog("Speculation failure in ", *codeBlock);
				2047	dataLog(" @ exit #", vm->osrExitIndex, " (bc#", debugInfo->bytecodeOffset, ", ", exitKindToString(debugInfo->kind), ") with ");
fpizlo@apple.com	0bfcc38	2012-11-30 03:42:29 +0000	[diff] [blame]	2048	if (alternative) {
				2049	dataLog(
				2050	"executeCounter = ", alternative->jitExecuteCounter(),
				2051	", reoptimizationRetryCounter = ", alternative->reoptimizationRetryCounter(),
				2052	", optimizationDelayCounter = ", alternative->optimizationDelayCounter());
				2053	} else
				2054	dataLog("no alternative code block (i.e. we've been jettisoned)");
				2055	dataLog(", osrExitCounter = ", codeBlock->osrExitCounter(), "\n");
fpizlo@apple.com	03e446e	2013-01-11 22:18:27 +0000	[diff] [blame]	2056	dataLog(" GPRs at time of exit:");
				2057	char* scratchPointer = static_cast<char*>(scratch);
				2058	for (unsigned i = 0; i < GPRInfo::numberOfRegisters; ++i) {
				2059	GPRReg gpr = GPRInfo::toRegister(i);
commit-queue@webkit.org	94ea812	2013-02-25 13:13:43 +0000	[diff] [blame]	2060	dataLog(" ", GPRInfo::debugName(gpr), ":", RawPointer(reinterpret_cast_ptr<void*>(scratchPointer)));
fpizlo@apple.com	03e446e	2013-01-11 22:18:27 +0000	[diff] [blame]	2061	scratchPointer += sizeof(EncodedJSValue);
				2062	}
				2063	dataLog("\n");
				2064	dataLog(" FPRs at time of exit:");
				2065	for (unsigned i = 0; i < FPRInfo::numberOfRegisters; ++i) {
				2066	FPRReg fpr = FPRInfo::toRegister(i);
				2067	dataLog(" ", FPRInfo::debugName(fpr), ":");
commit-queue@webkit.org	94ea812	2013-02-25 13:13:43 +0000	[diff] [blame]	2068	uint64_t bits = reinterpret_cast_ptr<uint64_t>(scratchPointer);
				2069	double value = reinterpret_cast_ptr<double>(scratchPointer);
ossy@webkit.org	71aebd7	2013-01-12 09:33:01 +0000	[diff] [blame]	2070	dataLogF("%llx:%lf", static_cast<long long>(bits), value);
fpizlo@apple.com	03e446e	2013-01-11 22:18:27 +0000	[diff] [blame]	2071	scratchPointer += sizeof(EncodedJSValue);
				2072	}
				2073	dataLog("\n");
fpizlo@apple.com	746c6d07	2011-09-07 02:47:51 +0000	[diff] [blame]	2074	}
fpizlo@apple.com	746c6d07	2011-09-07 02:47:51 +0000	[diff] [blame]	2075
sbarati@apple.com	e67fd78	2016-04-19 01:38:30 +0000	[diff] [blame]	2076	JSCell* JIT_OPERATION operationResolveScope(ExecState* exec, JSScope* scope, UniquedStringImpl* impl)
				2077	{
				2078	VM& vm = exec->vm();
				2079	NativeCallFrameTracer tracer(&vm, exec);
				2080
				2081	JSObject* resolvedScope = JSScope::resolve(exec, scope, Identifier::fromUid(exec, impl));
				2082	return resolvedScope;
				2083	}
				2084
				2085	EncodedJSValue JIT_OPERATION operationGetDynamicVar(ExecState* exec, JSObject* scope, UniquedStringImpl* impl, unsigned getPutInfoBits)
				2086	{
				2087	VM& vm = exec->vm();
				2088	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	2089	auto throwScope = DECLARE_THROW_SCOPE(vm);
sbarati@apple.com	e67fd78	2016-04-19 01:38:30 +0000	[diff] [blame]	2090
utatane.tea@gmail.com	d80165c	2016-06-06 01:56:11 +0000	[diff] [blame]	2091	Identifier ident = Identifier::fromUid(exec, impl);
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	2092	throwScope.release();
utatane.tea@gmail.com	d80165c	2016-06-06 01:56:11 +0000	[diff] [blame]	2093	return JSValue::encode(scope->getPropertySlot(exec, ident, [&] (bool found, PropertySlot& slot) -> JSValue {
				2094	if (!found) {
				2095	GetPutInfo getPutInfo(getPutInfoBits);
				2096	if (getPutInfo.resolveMode() == ThrowIfNotFound)
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	2097	throwException(exec, throwScope, createUndefinedVariableError(exec, ident));
utatane.tea@gmail.com	d80165c	2016-06-06 01:56:11 +0000	[diff] [blame]	2098	return jsUndefined();
sbarati@apple.com	e67fd78	2016-04-19 01:38:30 +0000	[diff] [blame]	2099	}
sbarati@apple.com	e67fd78	2016-04-19 01:38:30 +0000	[diff] [blame]	2100
utatane.tea@gmail.com	d80165c	2016-06-06 01:56:11 +0000	[diff] [blame]	2101	if (scope->isGlobalLexicalEnvironment()) {
				2102	// When we can't statically prove we need a TDZ check, we must perform the check on the slow path.
				2103	JSValue result = slot.getValue(exec, ident);
				2104	if (result == jsTDZValue()) {
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	2105	throwException(exec, throwScope, createTDZError(exec));
utatane.tea@gmail.com	d80165c	2016-06-06 01:56:11 +0000	[diff] [blame]	2106	return jsUndefined();
				2107	}
				2108	return result;
				2109	}
				2110
				2111	return slot.getValue(exec, ident);
				2112	}));
sbarati@apple.com	e67fd78	2016-04-19 01:38:30 +0000	[diff] [blame]	2113	}
				2114
				2115	void JIT_OPERATION operationPutDynamicVar(ExecState* exec, JSObject* scope, EncodedJSValue value, UniquedStringImpl* impl, unsigned getPutInfoBits)
				2116	{
				2117	VM& vm = exec->vm();
				2118	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	2119	auto throwScope = DECLARE_THROW_SCOPE(vm);
sbarati@apple.com	e67fd78	2016-04-19 01:38:30 +0000	[diff] [blame]	2120
				2121	const Identifier& ident = Identifier::fromUid(exec, impl);
				2122	GetPutInfo getPutInfo(getPutInfoBits);
				2123	bool hasProperty = scope->hasProperty(exec, ident);
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	2124	RETURN_IF_EXCEPTION(throwScope, void());
sbarati@apple.com	e67fd78	2016-04-19 01:38:30 +0000	[diff] [blame]	2125	if (hasProperty
				2126	&& scope->isGlobalLexicalEnvironment()
				2127	&& !isInitialization(getPutInfo.initializationMode())) {
				2128	// When we can't statically prove we need a TDZ check, we must perform the check on the slow path.
				2129	PropertySlot slot(scope, PropertySlot::InternalMethodType::Get);
				2130	JSGlobalLexicalEnvironment::getOwnPropertySlot(scope, exec, ident, slot);
				2131	if (slot.getValue(exec, ident) == jsTDZValue()) {
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	2132	throwException(exec, throwScope, createTDZError(exec));
sbarati@apple.com	e67fd78	2016-04-19 01:38:30 +0000	[diff] [blame]	2133	return;
				2134	}
				2135	}
				2136
				2137	if (getPutInfo.resolveMode() == ThrowIfNotFound && !hasProperty) {
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	2138	throwException(exec, throwScope, createUndefinedVariableError(exec, ident));
sbarati@apple.com	e67fd78	2016-04-19 01:38:30 +0000	[diff] [blame]	2139	return;
				2140	}
				2141
				2142	CodeOrigin origin = exec->codeOrigin();
				2143	bool strictMode;
				2144	if (origin.inlineCallFrame)
				2145	strictMode = origin.inlineCallFrame->baselineCodeBlock->isStrictMode();
				2146	else
				2147	strictMode = exec->codeBlock()->isStrictMode();
				2148	PutPropertySlot slot(scope, strictMode, PutPropertySlot::UnknownContext, isInitialization(getPutInfo.initializationMode()));
mark.lam@apple.com	fc11d5c	2016-11-19 01:46:01 +0000	[diff] [blame]	2149	throwScope.release();
sbarati@apple.com	e67fd78	2016-04-19 01:38:30 +0000	[diff] [blame]	2150	scope->methodTable()->put(scope, exec, ident, JSValue::decode(value), slot);
				2151	}
				2152
sbarati@apple.com	21fc86e	2016-09-06 23:22:01 +0000	[diff] [blame]	2153	int32_t JIT_OPERATION operationMapHash(ExecState* exec, EncodedJSValue input)
				2154	{
				2155	VM& vm = exec->vm();
				2156	NativeCallFrameTracer tracer(&vm, exec);
				2157
				2158	return jsMapHash(exec, vm, normalizeMapKey(JSValue::decode(input)));
				2159	}
				2160
				2161	JSCell* JIT_OPERATION operationJSMapFindBucket(ExecState* exec, JSCell* map, EncodedJSValue key, int32_t hash)
				2162	{
				2163	VM& vm = exec->vm();
				2164	NativeCallFrameTracer tracer(&vm, exec);
				2165	JSMap::BucketType** bucket = jsCast<JSMap*>(map)->findBucket(exec, normalizeMapKey(JSValue::decode(key)), hash);
				2166	if (!bucket)
				2167	return nullptr;
				2168	return *bucket;
				2169	}
				2170
				2171	JSCell* JIT_OPERATION operationJSSetFindBucket(ExecState* exec, JSCell* map, EncodedJSValue key, int32_t hash)
				2172	{
				2173	VM& vm = exec->vm();
				2174	NativeCallFrameTracer tracer(&vm, exec);
				2175	JSSet::BucketType** bucket = jsCast<JSSet*>(map)->findBucket(exec, normalizeMapKey(JSValue::decode(key)), hash);
				2176	if (!bucket)
				2177	return nullptr;
				2178	return *bucket;
				2179	}
				2180
fpizlo@apple.com	2c4a7e9	2014-08-06 05:27:46 +0000	[diff] [blame]	2181	extern "C" void JIT_OPERATION triggerReoptimizationNow(CodeBlock* codeBlock, OSRExitBase* exit)
fpizlo@apple.com	16e2cbf	2012-06-22 23:32:59 +0000	[diff] [blame]	2182	{
fpizlo@apple.com	9822549	2013-09-10 18:29:45 +0000	[diff] [blame]	2183	// It's sort of preferable that we don't GC while in here. Anyways, doing so wouldn't
				2184	// really be profitable.
				2185	DeferGCForAWhile deferGC(codeBlock->vm()->heap);
				2186
oliver@apple.com	284cc3d	2013-07-25 04:00:33 +0000	[diff] [blame]	2187	if (Options::verboseOSR())
				2188	dataLog(*codeBlock, ": Entered reoptimize\n");
fpizlo@apple.com	16e2cbf	2012-06-22 23:32:59 +0000	[diff] [blame]	2189	// We must be called with the baseline code block.
oliver@apple.com	5a24fdd	2013-07-25 04:00:54 +0000	[diff] [blame]	2190	ASSERT(JITCode::isBaselineCode(codeBlock->jitType()));
fpizlo@apple.com	16e2cbf	2012-06-22 23:32:59 +0000	[diff] [blame]	2191
				2192	// If I am my own replacement, then reoptimization has already been triggered.
				2193	// This can happen in recursive functions.
oliver@apple.com	d2a1638	2013-07-25 04:04:18 +0000	[diff] [blame]	2194	if (codeBlock->replacement() == codeBlock) {
				2195	if (Options::verboseOSR())
				2196	dataLog(*codeBlock, ": Not reoptimizing because we've already been jettisoned.\n");
fpizlo@apple.com	16e2cbf	2012-06-22 23:32:59 +0000	[diff] [blame]	2197	return;
oliver@apple.com	d2a1638	2013-07-25 04:04:18 +0000	[diff] [blame]	2198	}
				2199
fpizlo@apple.com	16e2cbf	2012-06-22 23:32:59 +0000	[diff] [blame]	2200	// Otherwise, the replacement must be optimized code. Use this as an opportunity
				2201	// to check our logic.
				2202	ASSERT(codeBlock->hasOptimizedReplacement());
oliver@apple.com	d2a1638	2013-07-25 04:04:18 +0000	[diff] [blame]	2203	CodeBlock* optimizedCodeBlock = codeBlock->replacement();
				2204	ASSERT(JITCode::isOptimizingJIT(optimizedCodeBlock->jitType()));
fpizlo@apple.com	2c4a7e9	2014-08-06 05:27:46 +0000	[diff] [blame]	2205
				2206	bool didTryToEnterIntoInlinedLoops = false;
msaboff@apple.com	a3dc753	2015-09-24 21:42:59 +0000	[diff] [blame]	2207	for (InlineCallFrame* inlineCallFrame = exit->m_codeOrigin.inlineCallFrame; inlineCallFrame; inlineCallFrame = inlineCallFrame->directCaller.inlineCallFrame) {
ggaren@apple.com	81def5f	2015-10-09 23:10:16 +0000	[diff] [blame]	2208	if (inlineCallFrame->baselineCodeBlock->ownerScriptExecutable()->didTryToEnterInLoop()) {
fpizlo@apple.com	2c4a7e9	2014-08-06 05:27:46 +0000	[diff] [blame]	2209	didTryToEnterIntoInlinedLoops = true;
				2210	break;
				2211	}
				2212	}
oliver@apple.com	d2a1638	2013-07-25 04:04:18 +0000	[diff] [blame]	2213
				2214	// In order to trigger reoptimization, one of two things must have happened:
				2215	// 1) We exited more than some number of times.
				2216	// 2) We exited and got stuck in a loop, and now we're exiting again.
				2217	bool didExitABunch = optimizedCodeBlock->shouldReoptimizeNow();
				2218	bool didGetStuckInLoop =
fpizlo@apple.com	2c4a7e9	2014-08-06 05:27:46 +0000	[diff] [blame]	2219	(codeBlock->checkIfOptimizationThresholdReached() \|\| didTryToEnterIntoInlinedLoops)
oliver@apple.com	d2a1638	2013-07-25 04:04:18 +0000	[diff] [blame]	2220	&& optimizedCodeBlock->shouldReoptimizeFromLoopNow();
				2221
				2222	if (!didExitABunch && !didGetStuckInLoop) {
				2223	if (Options::verboseOSR())
				2224	dataLog(codeBlock, ": Not reoptimizing ", optimizedCodeBlock, " because it either didn't exit enough or didn't loop enough after exit.\n");
				2225	codeBlock->optimizeAfterLongWarmUp();
				2226	return;
				2227	}
fpizlo@apple.com	16e2cbf	2012-06-22 23:32:59 +0000	[diff] [blame]	2228
fpizlo@apple.com	0dda6d7	2014-02-02 02:25:13 +0000	[diff] [blame]	2229	optimizedCodeBlock->jettison(Profiler::JettisonDueToOSRExit, CountReoptimization);
fpizlo@apple.com	16e2cbf	2012-06-22 23:32:59 +0000	[diff] [blame]	2230	}
				2231
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2232	#if ENABLE(FTL_JIT)
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2233	static bool shouldTriggerFTLCompile(CodeBlock* codeBlock, JITCode* jitCode)
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2234	{
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2235	if (codeBlock->baselineVersion()->m_didFailFTLCompilation) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2236	CODEBLOCK_LOG_EVENT(codeBlock, "abortFTLCompile", ());
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2237	if (Options::verboseOSR())
				2238	dataLog("Deferring FTL-optimization of ", *codeBlock, " indefinitely because there was an FTL failure.\n");
				2239	jitCode->dontOptimizeAnytimeSoon(codeBlock);
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2240	return false;
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2241	}
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2242
				2243	if (!codeBlock->hasOptimizedReplacement()
				2244	&& !jitCode->checkIfOptimizationThresholdReached(codeBlock)) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2245	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("counter = ", jitCode->tierUpCounter));
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2246	if (Options::verboseOSR())
				2247	dataLog("Choosing not to FTL-optimize ", *codeBlock, " yet.\n");
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2248	return false;
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2249	}
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2250	return true;
				2251	}
				2252
				2253	static void triggerFTLReplacementCompile(VM* vm, CodeBlock* codeBlock, JITCode* jitCode)
				2254	{
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2255	Worklist::State worklistState;
msaboff@apple.com	9589433	2014-01-29 19:18:54 +0000	[diff] [blame]	2256	if (Worklist* worklist = existingGlobalFTLWorklistOrNull()) {
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2257	worklistState = worklist->completeAllReadyPlansForVM(
				2258	*vm, CompilationKey(codeBlock->baselineVersion(), FTLMode));
				2259	} else
				2260	worklistState = Worklist::NotKnown;
				2261
				2262	if (worklistState == Worklist::Compiling) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2263	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("still compiling"));
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2264	jitCode->setOptimizationThresholdBasedOnCompilationResult(
				2265	codeBlock, CompilationDeferred);
				2266	return;
				2267	}
				2268
				2269	if (codeBlock->hasOptimizedReplacement()) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2270	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("has replacement"));
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2271	// That's great, we've compiled the code - next time we call this function,
				2272	// we'll enter that replacement.
				2273	jitCode->optimizeSoon(codeBlock);
				2274	return;
				2275	}
				2276
				2277	if (worklistState == Worklist::Compiled) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2278	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("compiled and failed"));
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2279	// This means that we finished compiling, but failed somehow; in that case the
				2280	// thresholds will be set appropriately.
				2281	if (Options::verboseOSR())
				2282	dataLog("Code block ", *codeBlock, " was compiled but it doesn't have an optimized replacement.\n");
				2283	return;
				2284	}
				2285
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2286	CODEBLOCK_LOG_EVENT(codeBlock, "triggerFTLReplacement", ());
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2287	// We need to compile the code.
				2288	compile(
ggaren@apple.com	81def5f	2015-10-09 23:10:16 +0000	[diff] [blame]	2289	*vm, codeBlock->newReplacement(), codeBlock, FTLMode, UINT_MAX,
				2290	Operands<JSValue>(), ToFTLDeferredCompilationCallback::create());
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2291
				2292	// If we reached here, the counter has not be reset. Do that now.
				2293	jitCode->setOptimizationThresholdBasedOnCompilationResult(
				2294	codeBlock, CompilationDeferred);
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2295	}
				2296
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2297	void JIT_OPERATION triggerTierUpNow(ExecState* exec)
fpizlo@apple.com	0c60670	2014-02-06 07:11:48 +0000	[diff] [blame]	2298	{
				2299	VM* vm = &exec->vm();
				2300	NativeCallFrameTracer tracer(vm, exec);
sbarati@apple.com	efcb30a	2016-06-23 23:28:50 +0000	[diff] [blame]	2301	DeferGCForAWhile deferGC(vm->heap);
fpizlo@apple.com	0c60670	2014-02-06 07:11:48 +0000	[diff] [blame]	2302	CodeBlock* codeBlock = exec->codeBlock();
				2303
fpizlo@apple.com	8a5fd18	2015-02-02 18:38:08 +0000	[diff] [blame]	2304	if (codeBlock->jitType() != JITCode::DFGJIT) {
				2305	dataLog("Unexpected code block in DFG->FTL tier-up: ", *codeBlock, "\n");
				2306	RELEASE_ASSERT_NOT_REACHED();
				2307	}
				2308
fpizlo@apple.com	0c60670	2014-02-06 07:11:48 +0000	[diff] [blame]	2309	JITCode* jitCode = codeBlock->jitCode()->dfg();
				2310
				2311	if (Options::verboseOSR()) {
				2312	dataLog(
				2313	*codeBlock, ": Entered triggerTierUpNow with executeCounter = ",
				2314	jitCode->tierUpCounter, "\n");
				2315	}
benjamin@webkit.org	8f62599	2015-05-18 20:45:34 +0000	[diff] [blame]	2316
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2317	// This updates the execution counter.
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2318	if (shouldTriggerFTLCompile(codeBlock, jitCode))
				2319	triggerFTLReplacementCompile(vm, codeBlock, jitCode);
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2320
				2321	if (codeBlock->hasOptimizedReplacement()) {
				2322	if (jitCode->tierUpEntryTriggers.isEmpty()) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2323	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("replacement in place, delaying indefinitely"));
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2324	// There is nothing more we can do, the only way this will be entered
				2325	// is through the function entry point.
				2326	jitCode->dontOptimizeAnytimeSoon(codeBlock);
				2327	return;
				2328	}
				2329	if (jitCode->osrEntryBlock() && jitCode->tierUpEntryTriggers.size() == 1) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2330	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("trigger in place, delaying indefinitely"));
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2331	// There is only one outer loop and its trigger must have been set
				2332	// when the plan completed.
				2333	// Exiting the inner loop is useless, we can ignore the counter and leave
				2334	// the trigger do its job.
				2335	jitCode->dontOptimizeAnytimeSoon(codeBlock);
				2336	return;
				2337	}
				2338	}
fpizlo@apple.com	0c60670	2014-02-06 07:11:48 +0000	[diff] [blame]	2339	}
				2340
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2341	enum class EntryReason {
				2342	Spurious,
				2343	CheckingUpOnHowCompilationIsGoing,
				2344	HaveOSREntryReady,
				2345	ShouldStartCompiling,
				2346	ShouldStartCompilingRightNow,
				2347	CompilationFailed,
				2348	};
				2349
				2350	static EntryReason whatHaveYouDoneAndWhyAmIHere(VM* vm, CodeBlock* codeBlock, JITCode* jitCode, unsigned bytecodeIndex, CodeBlock*& osrEntryBlock)
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2351	{
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2352	// Gather facts about why we could be here.
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2353
				2354	// Resolve any pending plan for OSR Enter on this function.
				2355	Worklist::State worklistState;
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2356	if (Worklist* worklist = existingGlobalFTLWorklistOrNull())
				2357	worklistState = worklist->completeAllReadyPlansForVM(*vm, CompilationKey(codeBlock->baselineVersion(), FTLForOSREntryMode));
				2358	else
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2359	worklistState = Worklist::NotKnown;
				2360
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2361	osrEntryBlock = jitCode->osrEntryBlock();
				2362
				2363	// Was the tier-up entry trigger set to slow-path?
				2364	bool triggeredSlowPath = false;
				2365	auto tierUpEntryTriggers = jitCode->tierUpEntryTriggers.find(bytecodeIndex);
				2366	if (tierUpEntryTriggers != jitCode->tierUpEntryTriggers.end()) {
				2367	if (tierUpEntryTriggers->value == TierUpEntryTrigger::TakeSlowPath) {
				2368	// We were asked to enter as soon as possible. Unset this trigger so we don't continually enter.
				2369	if (Options::verboseOSR())
				2370	dataLog("EntryTrigger for ", *codeBlock, " forced slow-path.\n");
				2371	triggeredSlowPath = true;
				2372	tierUpEntryTriggers->value = TierUpEntryTrigger::None;
				2373	}
				2374	}
				2375
				2376	// Put those facts together to make a final determination.
				2377
				2378	switch (worklistState) {
				2379	case Worklist::NotKnown:
				2380	if (osrEntryBlock)
				2381	return EntryReason::HaveOSREntryReady;
				2382	if (triggeredSlowPath) {
				2383	// Someone went through the trouble of forcing us into slow-path, they really wanted us to compile.
				2384	return EntryReason::ShouldStartCompilingRightNow;
				2385	}
				2386	return EntryReason::ShouldStartCompiling;
				2387
				2388	case Worklist::Compiling:
				2389	if (triggeredSlowPath) {
				2390	// We're already compiling, and can't OSR enter. We therefore must
				2391	// have set our slow-path trigger as well as another slow path
				2392	// trigger, hoping one of these would kick off a compilation. Sure
				2393	// enough another bytecode location did kick off a compilation
				2394	// before this one got a chance to do so. There's nothing for us to
				2395	// do but wait.
				2396	return EntryReason::Spurious;
				2397	}
				2398	return EntryReason::CheckingUpOnHowCompilationIsGoing;
				2399
				2400	case Worklist::Compiled:
				2401	return EntryReason::CompilationFailed;
				2402	}
				2403
				2404	RELEASE_ASSERT_NOT_REACHED();
				2405	return EntryReason::Spurious;
				2406	}
				2407
				2408	enum class CanOSREnterFromHere {
				2409	No,
				2410	Yes,
				2411	};
				2412
				2413	static char* tierUpCommon(VM* vm, ExecState* exec, CodeBlock* codeBlock, JITCode* jitCode, unsigned bytecodeIndex, CanOSREnterFromHere canOSREnterFromHere)
				2414	{
				2415	CodeBlock* osrEntryBlock;
				2416	EntryReason entryReason = whatHaveYouDoneAndWhyAmIHere(vm, codeBlock, jitCode, bytecodeIndex, osrEntryBlock);
				2417
				2418	switch (entryReason) {
				2419	case EntryReason::CheckingUpOnHowCompilationIsGoing:
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2420	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("still compiling"));
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2421	jitCode->setOptimizationThresholdBasedOnCompilationResult(
				2422	codeBlock, CompilationDeferred);
				2423	return nullptr;
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2424
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2425	case EntryReason::CompilationFailed:
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2426	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("compiled and failed"));
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2427	// We've already set the thresholds.
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2428	if (Options::verboseOSR())
				2429	dataLog("Code block ", *codeBlock, " was compiled but it doesn't have an optimized replacement.\n");
				2430	return nullptr;
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2431
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2432	case EntryReason::HaveOSREntryReady:
				2433	if (canOSREnterFromHere == CanOSREnterFromHere::No)
				2434	break; // OSR entry is for another location.
				2435
				2436	{
				2437	// If we can OSR Enter, do it right away.
				2438	unsigned streamIndex = jitCode->bytecodeIndexToStreamIndex.get(bytecodeIndex);
				2439	auto osrEntryPreparation = FTL::prepareOSREntry(exec, codeBlock, osrEntryBlock, bytecodeIndex, streamIndex);
				2440	if (osrEntryPreparation) {
				2441	CODEBLOCK_LOG_EVENT(osrEntryBlock, "osrEntry", ("at bc#", bytecodeIndex));
				2442	void* address = osrEntryPreparation.value();
				2443	ASSERT(address);
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2444	return static_cast<char*>(address);
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2445	}
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2446	switch (osrEntryPreparation.error()) {
				2447	case FTL::OSREntryFail::StackGrowthFailed:
				2448	break;
				2449	case FTL::OSREntryFail::WrongBytecode:
				2450	// Above we checked that an entry was possible from the current
				2451	// location, but we didn't know whether the compiled OSR entry
				2452	// was for this location. Now we know it's not.
				2453	break;
				2454	}
				2455
				2456	break;
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2457	}
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2458
				2459	case EntryReason::ShouldStartCompiling:
				2460	case EntryReason::ShouldStartCompilingRightNow:
				2461	// We'll take care of that below.
				2462	break;
				2463
				2464	case EntryReason::Spurious:
				2465	if (Options::verboseOSR())
				2466	dataLog("Code block ", *codeBlock, " was spuriously woken up, compilation is already under way.\n");
				2467	jitCode->checkIfOptimizationThresholdReached(codeBlock);
				2468	return nullptr;
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2469	}
				2470
fpizlo@apple.com	0c60670	2014-02-06 07:11:48 +0000	[diff] [blame]	2471	// - If we don't have an FTL code block, then try to compile one.
				2472	// - If we do have an FTL code block, then try to enter for a while.
				2473	// - If we couldn't enter for a while, then trigger OSR entry.
msaboff@apple.com	9589433	2014-01-29 19:18:54 +0000	[diff] [blame]	2474
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2475	// This updates the execution counter.
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2476	if (!shouldTriggerFTLCompile(codeBlock, jitCode))
				2477	return nullptr;
				2478
				2479	if (!jitCode->neverExecutedEntry) {
				2480	triggerFTLReplacementCompile(vm, codeBlock, jitCode);
				2481
				2482	if (!codeBlock->hasOptimizedReplacement())
				2483	return nullptr;
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	2484
				2485	if (jitCode->osrEntryRetry < Options::ftlOSREntryRetryThreshold()) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2486	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("avoiding OSR entry compile"));
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	2487	jitCode->osrEntryRetry++;
				2488	return nullptr;
				2489	}
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2490	} else
				2491	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("avoiding replacement compile"));
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2492
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2493	if (osrEntryBlock) {
				2494	// We have a compiled OSR entry for this function, but didn't enter.
				2495
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2496	if (jitCode->osrEntryRetry < Options::ftlOSREntryRetryThreshold()) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2497	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("OSR entry failed, OSR entry threshold not met"));
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2498	jitCode->osrEntryRetry++;
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2499	jitCode->setOptimizationThresholdBasedOnCompilationResult(
				2500	codeBlock, CompilationDeferred);
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2501	return nullptr;
				2502	}
				2503
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2504	FTL::ForOSREntryJITCode* entryCode = osrEntryBlock->jitCode()->ftlForOSREntry();
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2505	entryCode->countEntryFailure();
				2506	if (entryCode->entryFailureCount() <
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2507	Options::ftlOSREntryFailureCountForReoptimization()) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2508	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("OSR entry failed"));
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2509	jitCode->setOptimizationThresholdBasedOnCompilationResult(
				2510	codeBlock, CompilationDeferred);
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2511	return nullptr;
				2512	}
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2513
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2514	// OSR entry failed. Oh no! This implies that we need to retry. We retry
				2515	// without exponential backoff and we only do this for the entry code block.
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2516	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("OSR entry failed too many times"));
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2517	unsigned osrEntryBytecode = osrEntryBlock->jitCode()->ftlForOSREntry()->bytecodeIndex();
ggaren@apple.com	81def5f	2015-10-09 23:10:16 +0000	[diff] [blame]	2518	jitCode->clearOSREntryBlock();
fpizlo@apple.com	0c60670	2014-02-06 07:11:48 +0000	[diff] [blame]	2519	jitCode->osrEntryRetry = 0;
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2520	jitCode->tierUpEntryTriggers.set(osrEntryBytecode, TierUpEntryTrigger::None);
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2521	jitCode->setOptimizationThresholdBasedOnCompilationResult(
				2522	codeBlock, CompilationDeferred);
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2523	return nullptr;
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2524	}
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2525
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2526	// We aren't compiling and haven't compiled anything for OSR entry. So, try to compile something.
				2527
				2528	if (entryReason != EntryReason::ShouldStartCompilingRightNow) {
				2529	// We entered because our threshold was set, not because someone is forcing us to compile.
				2530	// Try to see if there would be a better place to compile from than where we currently are.
				2531
				2532	// Compiling an outer-loop for OSR entry often generates better code than an inner-loop because
				2533	// the entry is less disruptive. If we're at an inner-loop be smart and mark the outer-loop as
				2534	// needing compilation ASAP. Once execution reaches the outer-loop compilation will trigger.
				2535	auto tierUpHierarchyEntry = jitCode->tierUpInLoopHierarchy.find(bytecodeIndex);
				2536	if (tierUpHierarchyEntry != jitCode->tierUpInLoopHierarchy.end() && !tierUpHierarchyEntry->value.isEmpty()) {
				2537	// Traverse the loop hierarchy from the outer-most loop, to the inner-most one.
				2538	for (auto iterator = tierUpHierarchyEntry->value.rbegin(), end = tierUpHierarchyEntry->value.rend(); iterator != end; ++iterator) {
				2539	unsigned osrEntryCandidate = *iterator;
				2540	if (jitCode->tierUpEntrySeen.contains(osrEntryCandidate)) {
				2541	unsigned outerLoopOsrEntryBytecodeIndex = osrEntryCandidate;
				2542
				2543	// We found an outer-loop which would be a better OSR entry
				2544	// than the current location:
				2545	// - Set its trigger so it takes the slow-path ASAP;
				2546	// - Tell the codeblock to stop its counter slow-path for a
				2547	// while, because it should wait for the outer-loop to
				2548	// trigger.
				2549	//
				2550	// If we slow-path again then one of these is true:
				2551	// 1. We enter from the outer-loop because of its trigger,
				2552	// it un-sets its trigger, kicks off a compile,
				2553	// everything is good;
				2554	// 2. We enter from anywhere and a compile is under way,
				2555	// just chill as usual;
				2556	// 3. We never got to that outer-loop and the counter
				2557	// tripped again, bummer!
				2558	//
				2559	// We can detect 3. because the outer-loop's trigger is
				2560	// set. It's still a great place to enter, so leave its
				2561	// trigger set, but also:
				2562	// - Set the trigger for the next loop in, hope that one triggers;
				2563	// - Backoff the counter as before.
				2564	// That is, unless all the inner-loop's parent triggers are
				2565	// set. In that case just optimize the innermost-loop: it
				2566	// won't generate as good code, but the outer-loops aren't
				2567	// triggering so we may as we tier up where we can.
				2568	auto outerLoopTierUpEntryTriggers = jitCode->tierUpEntryTriggers.find(outerLoopOsrEntryBytecodeIndex);
				2569	ASSERT(outerLoopTierUpEntryTriggers != jitCode->tierUpEntryTriggers.end());
				2570
				2571	if (outerLoopTierUpEntryTriggers->value != TierUpEntryTrigger::TakeSlowPath) {
				2572	if (Options::verboseOSR())
				2573	dataLog("Forcibly FTL-optimize outer-loop bc#", outerLoopOsrEntryBytecodeIndex, " in ", *codeBlock, "by setting its trigger.\n");
				2574
				2575	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("OSR entry request from inner-loop for outer-loop"));
				2576	jitCode->tierUpEntryTriggers.set(outerLoopOsrEntryBytecodeIndex, TierUpEntryTrigger::TakeSlowPath);
				2577	jitCode->optimizeSoon(codeBlock);
				2578	return nullptr;
				2579	}
				2580
				2581	if (Options::verboseOSR())
				2582	dataLog("Trying to forcibly FTL-optimize outer-loop bc#", outerLoopOsrEntryBytecodeIndex, " in ", *codeBlock, ", but trigger is already set.\n");
				2583	}
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2584	}
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2585
				2586	// All the outer-loops have their trigger set, but none have been entered.
				2587
				2588	if (canOSREnterFromHere == CanOSREnterFromHere::No) {
				2589	// We just can't enter from here, we've asked everyone we know
				2590	// to please optimize ASAP, nobody has heeded our call. Keep
				2591	// hoping one of the outer loops triggers get to their slow
				2592	// path. Stop the counter, there's nothing we can do.
				2593	jitCode->dontOptimizeAnytimeSoon(codeBlock);
				2594	return nullptr;
				2595	}
				2596
				2597	if (Options::verboseOSR())
				2598	dataLog("Tried to forcibly-optimize outer-loop, but falling back to bc#", bytecodeIndex, " in ", *codeBlock, ", outer-loop triggers didn't work.\n");
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2599	}
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2600	}
				2601
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2602	RELEASE_ASSERT(canOSREnterFromHere == CanOSREnterFromHere::Yes);
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2603
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2604	unsigned streamIndex = jitCode->bytecodeIndexToStreamIndex.get(bytecodeIndex);
				2605
				2606	// We're not trying to kick off a compile of an outer-loop from within an
				2607	// inner-loop. We can compile right here, right now.
				2608	auto triggerIterator = jitCode->tierUpEntryTriggers.find(bytecodeIndex);
				2609	RELEASE_ASSERT(triggerIterator != jitCode->tierUpEntryTriggers.end());
				2610	TierUpEntryTrigger* triggerAddress = &(triggerIterator->value);
				2611
				2612	// Use OSR reconstruction to generate a snapshot of JSValues at the current
				2613	// location of execution. The optimizer is happy when it can look at real
				2614	// and live values, as opposed to mere type traces.
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2615	Operands<JSValue> mustHandleValues;
				2616	jitCode->reconstruct(
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2617	exec, codeBlock, CodeOrigin(bytecodeIndex), streamIndex, mustHandleValues);
ggaren@apple.com	81def5f	2015-10-09 23:10:16 +0000	[diff] [blame]	2618	CodeBlock* replacementCodeBlock = codeBlock->newReplacement();
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2619
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2620	CODEBLOCK_LOG_EVENT(codeBlock, "triggerFTLOSR", ());
msaboff@apple.com	9589433	2014-01-29 19:18:54 +0000	[diff] [blame]	2621	CompilationResult forEntryResult = compile(
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2622	*vm, replacementCodeBlock, codeBlock, FTLForOSREntryMode, bytecodeIndex,
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2623	mustHandleValues, ToFTLForOSREntryDeferredCompilationCallback::create(triggerAddress));
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2624
				2625	if (jitCode->neverExecutedEntry)
				2626	triggerFTLReplacementCompile(vm, codeBlock, jitCode);
				2627
				2628	if (forEntryResult != CompilationSuccessful) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2629	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("OSR ecompilation not successful"));
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2630	jitCode->setOptimizationThresholdBasedOnCompilationResult(
				2631	codeBlock, CompilationDeferred);
				2632	return nullptr;
				2633	}
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2634
				2635	// It's possible that the for-entry compile already succeeded. In that case
				2636	// OSR entry will succeed unless we ran out of stack.
				2637	auto osrEntryPreparation = FTL::prepareOSREntry(exec, codeBlock, jitCode->osrEntryBlock(), bytecodeIndex, streamIndex);
				2638	if (osrEntryPreparation) {
				2639	CODEBLOCK_LOG_EVENT(jitCode->osrEntryBlock(), "osrEntry", ("at bc#", bytecodeIndex));
				2640	void* address = osrEntryPreparation.value();
				2641	ASSERT(address);
				2642	return static_cast<char*>(address);
				2643	}
				2644	switch (osrEntryPreparation.error()) {
				2645	case FTL::OSREntryFail::StackGrowthFailed:
				2646	// It's not clear what we should do. We signal to try again after a
				2647	// while if that happens.
				2648	return nullptr;
				2649	case FTL::OSREntryFail::WrongBytecode:
				2650	RELEASE_ASSERT_NOT_REACHED();
				2651	}
				2652
				2653	RELEASE_ASSERT_NOT_REACHED();
				2654	return nullptr;
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2655	}
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2656
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2657	void JIT_OPERATION triggerTierUpNowInLoop(ExecState* exec, unsigned bytecodeIndex)
				2658	{
				2659	VM* vm = &exec->vm();
				2660	NativeCallFrameTracer tracer(vm, exec);
sbarati@apple.com	efcb30a	2016-06-23 23:28:50 +0000	[diff] [blame]	2661	DeferGCForAWhile deferGC(vm->heap);
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2662	CodeBlock* codeBlock = exec->codeBlock();
				2663
				2664	if (codeBlock->jitType() != JITCode::DFGJIT) {
				2665	dataLog("Unexpected code block in DFG->FTL tier-up: ", *codeBlock, "\n");
				2666	RELEASE_ASSERT_NOT_REACHED();
				2667	}
				2668
				2669	JITCode* jitCode = codeBlock->jitCode()->dfg();
				2670
				2671	if (Options::verboseOSR()) {
				2672	dataLog(
				2673	*codeBlock, ": Entered triggerTierUpNowInLoop with executeCounter = ",
				2674	jitCode->tierUpCounter, "\n");
				2675	}
				2676
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2677	// It's impossible to OSR enter from the current bytecode index: CheckTierUpInLoop is only even generated for non-OSR-entry bytecodes.
				2678	// It's nonetheless a good spot to request that a nearby loop get optimized the next time it's entered.
				2679
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2680	auto tierUpHierarchyEntry = jitCode->tierUpInLoopHierarchy.find(bytecodeIndex);
				2681	if (tierUpHierarchyEntry != jitCode->tierUpInLoopHierarchy.end()
				2682	&& !tierUpHierarchyEntry->value.isEmpty()) {
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2683	// There is a suitable loop to OSR enter from.
				2684	tierUpCommon(vm, exec, codeBlock, jitCode, bytecodeIndex, CanOSREnterFromHere::No);
				2685	} else if (shouldTriggerFTLCompile(codeBlock, jitCode)) // This updates the execution counter.
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2686	triggerFTLReplacementCompile(vm, codeBlock, jitCode);
				2687
				2688	// Since we cannot OSR Enter here, the default "optimizeSoon()" is not useful.
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2689	if (codeBlock->hasOptimizedReplacement()) {
				2690	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("OSR in loop failed, deferring"));
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2691	jitCode->setOptimizationThresholdBasedOnCompilationResult(codeBlock, CompilationDeferred);
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2692	}
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2693	}
				2694
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2695	char* JIT_OPERATION checkTierUpAndOSREnterNow(ExecState* exec, unsigned bytecodeIndex)
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2696	{
				2697	VM* vm = &exec->vm();
				2698	NativeCallFrameTracer tracer(vm, exec);
sbarati@apple.com	efcb30a	2016-06-23 23:28:50 +0000	[diff] [blame]	2699	DeferGCForAWhile deferGC(vm->heap);
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2700	CodeBlock* codeBlock = exec->codeBlock();
				2701
				2702	if (codeBlock->jitType() != JITCode::DFGJIT) {
				2703	dataLog("Unexpected code block in DFG->FTL tier-up: ", *codeBlock, "\n");
				2704	RELEASE_ASSERT_NOT_REACHED();
				2705	}
				2706
				2707	JITCode* jitCode = codeBlock->jitCode()->dfg();
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2708
				2709	if (Options::verboseOSR()) {
				2710	dataLog(
				2711	*codeBlock, ": Entered triggerOSREntryNow with executeCounter = ",
				2712	jitCode->tierUpCounter, "\n");
				2713	}
				2714
jfbastien@apple.com	f132a4a	2017-01-26 19:52:35 +0000	[diff] [blame^]	2715	jitCode->tierUpEntrySeen.add(bytecodeIndex);
				2716	return tierUpCommon(vm, exec, codeBlock, jitCode, bytecodeIndex, CanOSREnterFromHere::Yes);
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2717	}
				2718
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2719	#endif // ENABLE(FTL_JIT)
				2720
barraclough@apple.com	c7af2d3	2011-05-26 21:37:05 +0000	[diff] [blame]	2721	} // extern "C"
fpizlo@apple.com	04659ba	2012-02-21 09:49:22 +0000	[diff] [blame]	2722	} } // namespace JSC::DFG
				2723
commit-queue@webkit.org	b841948	2012-08-30 22:21:48 +0000	[diff] [blame]	2724	#endif // ENABLE(DFG_JIT)
fpizlo@apple.com	7bbcaab	2012-02-22 05:23:19 +0000	[diff] [blame]	2725
commit-queue@webkit.org	b841948	2012-08-30 22:21:48 +0000	[diff] [blame]	2726	#endif // ENABLE(JIT)