Blame - Source/JavaScriptCore/dfg/DFGOperations.cpp - WebKit

blob: 3aed72ccab60c43ec1c44f5970943678a55ddc7b [file] [log] [blame]

barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	1	/*
keith_miller@apple.com	3793b13	2016-01-11 21:31:04 +0000	[diff] [blame]	2	* Copyright (C) 2011, 2013-2016 Apple Inc. All rights reserved.
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	3	*
				4	* Redistribution and use in source and binary forms, with or without
				5	* modification, are permitted provided that the following conditions
				6	* are met:
				7	* 1. Redistributions of source code must retain the above copyright
				8	* notice, this list of conditions and the following disclaimer.
				9	* 2. Redistributions in binary form must reproduce the above copyright
				10	* notice, this list of conditions and the following disclaimer in the
				11	* documentation and/or other materials provided with the distribution.
				12	*
				13	* THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
				14	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
				15	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
				16	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
				17	* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
				18	* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
				19	* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
				20	* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
				21	* OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
				22	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
				23	* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
				24	*/
				25
				26	#include "config.h"
				27	#include "DFGOperations.h"
				28
keith_miller@apple.com	5bed6f6	2016-06-16 06:01:47 +0000	[diff] [blame]	29	#include "ArrayConstructor.h"
mark.lam@apple.com	a4fe7ab	2012-11-09 03:03:44 +0000	[diff] [blame]	30	#include "ButterflyInlines.h"
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	31	#include "ClonedArguments.h"
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	32	#include "CodeBlock.h"
oliver@apple.com	b3e5acb	2013-07-25 04:02:53 +0000	[diff] [blame]	33	#include "CommonSlowPaths.h"
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	34	#include "DFGDriver.h"
fpizlo@apple.com	b426f86	2014-02-10 02:51:13 +0000	[diff] [blame]	35	#include "DFGJITCode.h"
fpizlo@apple.com	0bef2a1	2014-02-10 19:26:29 +0000	[diff] [blame]	36	#include "DFGOSRExit.h"
fpizlo@apple.com	5e13577	2012-07-12 00:12:03 +0000	[diff] [blame]	37	#include "DFGThunks.h"
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	38	#include "DFGToFTLDeferredCompilationCallback.h"
				39	#include "DFGToFTLForOSREntryDeferredCompilationCallback.h"
				40	#include "DFGWorklist.h"
utatane.tea@gmail.com	f7db559	2016-10-04 19:31:24 +0000	[diff] [blame^]	41	#include "DefinePropertyAttributes.h"
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	42	#include "DirectArguments.h"
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	43	#include "FTLForOSREntryJITCode.h"
				44	#include "FTLOSREntry.h"
sbarati@apple.com	a3db465	2016-09-20 01:05:50 +0000	[diff] [blame]	45	#include "HasOwnPropertyCache.h"
utatane.tea@gmail.com	c258519	2016-08-25 22:55:10 +0000	[diff] [blame]	46	#include "HostCallReturnValue.h"
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	47	#include "Interpreter.h"
fpizlo@apple.com	16e2cbf	2012-06-22 23:32:59 +0000	[diff] [blame]	48	#include "JIT.h"
oliver@apple.com	c55314a	2012-05-30 19:45:20 +0000	[diff] [blame]	49	#include "JITExceptions.h"
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	50	#include "JSCInlines.h"
keith_miller@apple.com	1ec869c	2016-06-21 17:54:33 +0000	[diff] [blame]	51	#include "JSGenericTypedArrayViewConstructorInlines.h"
oliver@apple.com	a7dfb4d	2014-09-11 18:18:14 +0000	[diff] [blame]	52	#include "JSLexicalEnvironment.h"
sbarati@apple.com	21fc86e	2016-09-06 23:22:01 +0000	[diff] [blame]	53	#include "JSMap.h"
				54	#include "JSSet.h"
ggaren@apple.com	c862eac	2013-01-29 05:48:01 +0000	[diff] [blame]	55	#include "ObjectConstructor.h"
mark.lam@apple.com	581437a	2016-09-22 23:41:56 +0000	[diff] [blame]	56	#include "Operations.h"
joepeck@webkit.org	7e07f39	2016-09-22 18:59:47 +0000	[diff] [blame]	57	#include "RegExpObject.h"
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	58	#include "Repatch.h"
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	59	#include "ScopedArguments.h"
commit-queue@webkit.org	aa31a5e	2013-04-09 06:45:16 +0000	[diff] [blame]	60	#include "StringConstructor.h"
fpizlo@apple.com	5e29b76	2016-03-18 00:53:24 +0000	[diff] [blame]	61	#include "SuperSampler.h"
utatane.tea@gmail.com	947fa4e	2015-01-31 01:23:56 +0000	[diff] [blame]	62	#include "Symbol.h"
saambarati1@gmail.com	daf1020	2014-10-01 20:47:51 +0000	[diff] [blame]	63	#include "TypeProfilerLog.h"
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	64	#include "TypedArrayInlines.h"
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	65	#include "VMInlines.h"
fpizlo@apple.com	16e2cbf	2012-06-22 23:32:59 +0000	[diff] [blame]	66	#include <wtf/InlineASM.h>
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	67
commit-queue@webkit.org	b841948	2012-08-30 22:21:48 +0000	[diff] [blame]	68	#if ENABLE(JIT)
fpizlo@apple.com	7bbcaab	2012-02-22 05:23:19 +0000	[diff] [blame]	69	#if ENABLE(DFG_JIT)
				70
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	71	namespace JSC { namespace DFG {
				72
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	73	template<bool strict, bool direct>
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	74	static inline void putByVal(ExecState* exec, JSValue baseValue, uint32_t index, JSValue value)
barraclough@apple.com	c7af2d3	2011-05-26 21:37:05 +0000	[diff] [blame]	75	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	76	VM& vm = exec->vm();
				77	NativeCallFrameTracer tracer(&vm, exec);
utatane.tea@gmail.com	20b6e30	2015-04-07 07:26:08 +0000	[diff] [blame]	78	ASSERT(isIndex(index));
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	79	if (direct) {
				80	RELEASE_ASSERT(baseValue.isObject());
				81	asObject(baseValue)->putDirectIndex(exec, index, value, 0, strict ? PutDirectIndexShouldThrow : PutDirectIndexShouldNotThrow);
				82	return;
				83	}
fpizlo@apple.com	d8dd053	2012-09-13 04:18:52 +0000	[diff] [blame]	84	if (baseValue.isObject()) {
				85	JSObject* object = asObject(baseValue);
				86	if (object->canSetIndexQuickly(index)) {
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	87	object->setIndexQuickly(vm, index, value);
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	88	return;
				89	}
				90
mhahnenberg@apple.com	b6f8519	2014-02-27 01:27:18 +0000	[diff] [blame]	91	object->methodTable(vm)->putByIndex(object, exec, index, value, strict);
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	92	return;
				93	}
				94
barraclough@apple.com	a4d51f2	2012-03-06 01:18:42 +0000	[diff] [blame]	95	baseValue.putByIndex(exec, index, value, strict);
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	96	}
				97
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	98	template<bool strict, bool direct>
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	99	ALWAYS_INLINE static void JIT_OPERATION operationPutByValInternal(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedProperty, EncodedJSValue encodedValue)
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	100	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	101	VM* vm = &exec->vm();
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	102	auto scope = DECLARE_THROW_SCOPE(*vm);
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	103	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	104
barraclough@apple.com	c7af2d3	2011-05-26 21:37:05 +0000	[diff] [blame]	105	JSValue baseValue = JSValue::decode(encodedBase);
				106	JSValue property = JSValue::decode(encodedProperty);
				107	JSValue value = JSValue::decode(encodedValue);
				108
				109	if (LIKELY(property.isUInt32())) {
utatane.tea@gmail.com	20b6e30	2015-04-07 07:26:08 +0000	[diff] [blame]	110	// Despite its name, JSValue::isUInt32 will return true only for positive boxed int32_t; all those values are valid array indices.
				111	ASSERT(isIndex(property.asUInt32()));
commit-queue@webkit.org	e3549c6	2015-01-22 19:34:34 +0000	[diff] [blame]	112	putByVal<strict, direct>(exec, baseValue, property.asUInt32(), value);
barraclough@apple.com	c7af2d3	2011-05-26 21:37:05 +0000	[diff] [blame]	113	return;
				114	}
				115
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	116	if (property.isDouble()) {
				117	double propertyAsDouble = property.asDouble();
				118	uint32_t propertyAsUInt32 = static_cast<uint32_t>(propertyAsDouble);
utatane.tea@gmail.com	20b6e30	2015-04-07 07:26:08 +0000	[diff] [blame]	119	if (propertyAsDouble == propertyAsUInt32 && isIndex(propertyAsUInt32)) {
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	120	putByVal<strict, direct>(exec, baseValue, propertyAsUInt32, value);
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	121	return;
				122	}
				123	}
				124
barraclough@apple.com	c7af2d3	2011-05-26 21:37:05 +0000	[diff] [blame]	125	// Don't put to an object if toString throws an exception.
utatane.tea@gmail.com	e16e15d	2015-03-20 21:35:17 +0000	[diff] [blame]	126	auto propertyName = property.toPropertyKey(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	127	RETURN_IF_EXCEPTION(scope, void());
utatane.tea@gmail.com	20b6e30	2015-04-07 07:26:08 +0000	[diff] [blame]	128
				129	PutPropertySlot slot(baseValue, strict);
				130	if (direct) {
				131	RELEASE_ASSERT(baseValue.isObject());
				132	if (Optional<uint32_t> index = parseIndex(propertyName))
				133	asObject(baseValue)->putDirectIndex(exec, index.value(), value, 0, strict ? PutDirectIndexShouldThrow : PutDirectIndexShouldNotThrow);
				134	else
utatane.tea@gmail.com	947fa4e	2015-01-31 01:23:56 +0000	[diff] [blame]	135	asObject(baseValue)->putDirect(*vm, propertyName, value, slot);
utatane.tea@gmail.com	20b6e30	2015-04-07 07:26:08 +0000	[diff] [blame]	136	} else
				137	baseValue.put(exec, propertyName, value, slot);
barraclough@apple.com	c7af2d3	2011-05-26 21:37:05 +0000	[diff] [blame]	138	}
				139
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	140	template<typename ViewClass>
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	141	char* newTypedArrayWithSize(ExecState* exec, Structure* structure, int32_t size, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	142	{
				143	VM& vm = exec->vm();
				144	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	145	auto scope = DECLARE_THROW_SCOPE(vm);
				146
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	147	if (size < 0) {
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	148	throwException(exec, scope, createRangeError(exec, ASCIILiteral("Requested length is negative")));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	149	return 0;
				150	}
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	151
				152	if (vector)
				153	return bitwise_cast<char*>(ViewClass::createWithFastVector(exec, structure, size, vector));
				154
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	155	return bitwise_cast<char*>(ViewClass::create(exec, structure, size));
				156	}
				157
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	158	template <bool strict>
				159	static ALWAYS_INLINE void putWithThis(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedThis, EncodedJSValue encodedValue, const Identifier& ident)
				160	{
				161	JSValue baseValue = JSValue::decode(encodedBase);
				162	JSValue thisVal = JSValue::decode(encodedThis);
				163	JSValue putValue = JSValue::decode(encodedValue);
				164	PutPropertySlot slot(thisVal, strict);
				165	baseValue.putInline(exec, ident, putValue, slot);
				166	}
				167
barraclough@apple.com	c7af2d3	2011-05-26 21:37:05 +0000	[diff] [blame]	168	extern "C" {
				169
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	170	EncodedJSValue JIT_OPERATION operationToThis(ExecState* exec, EncodedJSValue encodedOp)
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	171	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	172	VM* vm = &exec->vm();
				173	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	174
fpizlo@apple.com	018818d	2013-09-13 23:18:19 +0000	[diff] [blame]	175	return JSValue::encode(JSValue::decode(encodedOp).toThis(exec, NotStrictMode));
				176	}
				177
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	178	EncodedJSValue JIT_OPERATION operationToThisStrict(ExecState* exec, EncodedJSValue encodedOp)
fpizlo@apple.com	018818d	2013-09-13 23:18:19 +0000	[diff] [blame]	179	{
				180	VM* vm = &exec->vm();
				181	NativeCallFrameTracer tracer(vm, exec);
				182
				183	return JSValue::encode(JSValue::decode(encodedOp).toThis(exec, StrictMode));
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	184	}
				185
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	186	JSCell* JIT_OPERATION operationCreateThis(ExecState* exec, JSObject* constructor, int32_t inlineCapacity)
fpizlo@apple.com	bb159ec	2011-09-21 22:17:06 +0000	[diff] [blame]	187	{
mhahnenberg@apple.com	b6f8519	2014-02-27 01:27:18 +0000	[diff] [blame]	188	VM& vm = exec->vm();
				189	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	190	auto scope = DECLARE_THROW_SCOPE(vm);
sbarati@apple.com	e5315aa	2016-02-20 23:51:33 +0000	[diff] [blame]	191	if (constructor->type() == JSFunctionType)
				192	return constructEmptyObject(exec, jsCast<JSFunction*>(constructor)->rareData(exec, inlineCapacity)->objectAllocationProfile()->structure());
barraclough@apple.com	cef11dc	2012-05-10 18:40:29 +0000	[diff] [blame]	193
utatane.tea@gmail.com	f76f1b4	2016-03-05 17:01:04 +0000	[diff] [blame]	194	JSValue proto = constructor->get(exec, exec->propertyNames().prototype);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	195	RETURN_IF_EXCEPTION(scope, nullptr);
utatane.tea@gmail.com	f76f1b4	2016-03-05 17:01:04 +0000	[diff] [blame]	196	if (proto.isObject())
				197	return constructEmptyObject(exec, asObject(proto));
sbarati@apple.com	e5315aa	2016-02-20 23:51:33 +0000	[diff] [blame]	198	return constructEmptyObject(exec);
fpizlo@apple.com	133c9ac	2011-11-08 00:37:33 +0000	[diff] [blame]	199	}
				200
keith_miller@apple.com	5bed6f6	2016-06-16 06:01:47 +0000	[diff] [blame]	201	JSCell* JIT_OPERATION operationObjectConstructor(ExecState* exec, JSGlobalObject* globalObject, EncodedJSValue encodedTarget)
				202	{
				203	VM* vm = &exec->vm();
				204	NativeCallFrameTracer tracer(vm, exec);
				205
				206	JSValue value = JSValue::decode(encodedTarget);
				207	ASSERT(!value.isObject());
				208
				209	if (value.isUndefinedOrNull())
				210	return constructEmptyObject(exec, globalObject->objectPrototype());
				211	return value.toObject(exec, globalObject);
				212	}
				213
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	214	EncodedJSValue JIT_OPERATION operationValueBitAnd(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
				215	{
				216	VM* vm = &exec->vm();
				217	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	218	auto scope = DECLARE_THROW_SCOPE(*vm);
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	219
				220	JSValue op1 = JSValue::decode(encodedOp1);
				221	JSValue op2 = JSValue::decode(encodedOp2);
				222
				223	int32_t a = op1.toInt32(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	224	RETURN_IF_EXCEPTION(scope, encodedJSValue());
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	225	int32_t b = op2.toInt32(exec);
				226	return JSValue::encode(jsNumber(a & b));
				227	}
				228
				229	EncodedJSValue JIT_OPERATION operationValueBitOr(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
				230	{
				231	VM* vm = &exec->vm();
				232	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	233	auto scope = DECLARE_THROW_SCOPE(*vm);
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	234
				235	JSValue op1 = JSValue::decode(encodedOp1);
				236	JSValue op2 = JSValue::decode(encodedOp2);
				237
				238	int32_t a = op1.toInt32(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	239	RETURN_IF_EXCEPTION(scope, encodedJSValue());
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	240	int32_t b = op2.toInt32(exec);
				241	return JSValue::encode(jsNumber(a \| b));
				242	}
				243
				244	EncodedJSValue JIT_OPERATION operationValueBitXor(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
				245	{
				246	VM* vm = &exec->vm();
				247	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	248	auto scope = DECLARE_THROW_SCOPE(*vm);
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	249
				250	JSValue op1 = JSValue::decode(encodedOp1);
				251	JSValue op2 = JSValue::decode(encodedOp2);
				252
				253	int32_t a = op1.toInt32(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	254	RETURN_IF_EXCEPTION(scope, encodedJSValue());
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	255	int32_t b = op2.toInt32(exec);
				256	return JSValue::encode(jsNumber(a ^ b));
				257	}
				258
				259	EncodedJSValue JIT_OPERATION operationValueBitLShift(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
				260	{
				261	VM* vm = &exec->vm();
				262	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	263	auto scope = DECLARE_THROW_SCOPE(*vm);
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	264
				265	JSValue op1 = JSValue::decode(encodedOp1);
				266	JSValue op2 = JSValue::decode(encodedOp2);
				267
				268	int32_t a = op1.toInt32(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	269	RETURN_IF_EXCEPTION(scope, encodedJSValue());
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	270	uint32_t b = op2.toUInt32(exec);
				271	return JSValue::encode(jsNumber(a << (b & 0x1f)));
				272	}
				273
				274	EncodedJSValue JIT_OPERATION operationValueBitRShift(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
				275	{
				276	VM* vm = &exec->vm();
				277	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	278	auto scope = DECLARE_THROW_SCOPE(*vm);
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	279
				280	JSValue op1 = JSValue::decode(encodedOp1);
				281	JSValue op2 = JSValue::decode(encodedOp2);
				282
				283	int32_t a = op1.toInt32(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	284	RETURN_IF_EXCEPTION(scope, encodedJSValue());
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	285	uint32_t b = op2.toUInt32(exec);
				286	return JSValue::encode(jsNumber(a >> (b & 0x1f)));
				287	}
				288
				289	EncodedJSValue JIT_OPERATION operationValueBitURShift(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
				290	{
				291	VM* vm = &exec->vm();
				292	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	293	auto scope = DECLARE_THROW_SCOPE(*vm);
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	294
				295	JSValue op1 = JSValue::decode(encodedOp1);
				296	JSValue op2 = JSValue::decode(encodedOp2);
				297
				298	uint32_t a = op1.toUInt32(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	299	RETURN_IF_EXCEPTION(scope, encodedJSValue());
mark.lam@apple.com	c000865	2015-12-15 21:19:31 +0000	[diff] [blame]	300	uint32_t b = op2.toUInt32(exec);
				301	return JSValue::encode(jsNumber(static_cast<int32_t>(a >> (b & 0x1f))));
				302	}
				303
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	304	EncodedJSValue JIT_OPERATION operationValueAddNotNumber(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
fpizlo@apple.com	5c90704	2011-09-15 01:24:39 +0000	[diff] [blame]	305	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	306	VM* vm = &exec->vm();
				307	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	308
fpizlo@apple.com	5c90704	2011-09-15 01:24:39 +0000	[diff] [blame]	309	JSValue op1 = JSValue::decode(encodedOp1);
				310	JSValue op2 = JSValue::decode(encodedOp2);
				311
fpizlo@apple.com	5df0cd8	2011-08-19 00:18:49 +0000	[diff] [blame]	312	ASSERT(!op1.isNumber() \|\| !op2.isNumber());
fpizlo@apple.com	5c90704	2011-09-15 01:24:39 +0000	[diff] [blame]	313
ggaren@apple.com	64be5e9	2012-01-24 07:34:10 +0000	[diff] [blame]	314	if (op1.isString() && !op2.isObject())
				315	return JSValue::encode(jsString(exec, asString(op1), op2.toString(exec)));
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	316
				317	return JSValue::encode(jsAddSlowCase(exec, op1, op2));
				318	}
				319
mark.lam@apple.com	224ce4d	2015-12-08 21:44:12 +0000	[diff] [blame]	320	EncodedJSValue JIT_OPERATION operationValueDiv(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
				321	{
				322	VM* vm = &exec->vm();
				323	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	324	auto scope = DECLARE_THROW_SCOPE(*vm);
mark.lam@apple.com	224ce4d	2015-12-08 21:44:12 +0000	[diff] [blame]	325
				326	JSValue op1 = JSValue::decode(encodedOp1);
				327	JSValue op2 = JSValue::decode(encodedOp2);
				328
				329	double a = op1.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	330	RETURN_IF_EXCEPTION(scope, encodedJSValue());
mark.lam@apple.com	224ce4d	2015-12-08 21:44:12 +0000	[diff] [blame]	331	double b = op2.toNumber(exec);
				332	return JSValue::encode(jsNumber(a / b));
				333	}
				334
commit-queue@webkit.org	0ec7107	2016-08-29 07:21:04 +0000	[diff] [blame]	335	double JIT_OPERATION operationArithAbs(ExecState* exec, EncodedJSValue encodedOp1)
				336	{
				337	VM* vm = &exec->vm();
				338	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	339	auto scope = DECLARE_THROW_SCOPE(*vm);
commit-queue@webkit.org	0ec7107	2016-08-29 07:21:04 +0000	[diff] [blame]	340
				341	JSValue op1 = JSValue::decode(encodedOp1);
				342	double a = op1.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	343	RETURN_IF_EXCEPTION(scope, PNaN);
commit-queue@webkit.org	0ec7107	2016-08-29 07:21:04 +0000	[diff] [blame]	344	return fabs(a);
				345	}
				346
commit-queue@webkit.org	95f28be	2016-09-06 21:54:11 +0000	[diff] [blame]	347	int32_t JIT_OPERATION operationArithClz32(ExecState* exec, EncodedJSValue encodedOp1)
				348	{
				349	VM* vm = &exec->vm();
				350	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	351	auto scope = DECLARE_THROW_SCOPE(*vm);
commit-queue@webkit.org	95f28be	2016-09-06 21:54:11 +0000	[diff] [blame]	352
				353	JSValue op1 = JSValue::decode(encodedOp1);
				354	uint32_t value = op1.toUInt32(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	355	RETURN_IF_EXCEPTION(scope, 0);
commit-queue@webkit.org	95f28be	2016-09-06 21:54:11 +0000	[diff] [blame]	356	return clz32(value);
				357	}
				358
commit-queue@webkit.org	ee8d548	2016-08-23 19:09:50 +0000	[diff] [blame]	359	double JIT_OPERATION operationArithCos(ExecState* exec, EncodedJSValue encodedOp1)
				360	{
				361	VM* vm = &exec->vm();
				362	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	363	auto scope = DECLARE_THROW_SCOPE(*vm);
commit-queue@webkit.org	ee8d548	2016-08-23 19:09:50 +0000	[diff] [blame]	364
				365	JSValue op1 = JSValue::decode(encodedOp1);
				366	double a = op1.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	367	RETURN_IF_EXCEPTION(scope, encodedJSValue());
commit-queue@webkit.org	ee8d548	2016-08-23 19:09:50 +0000	[diff] [blame]	368	return cos(a);
				369	}
				370
benjamin@webkit.org	87238e9	2016-08-25 01:21:43 +0000	[diff] [blame]	371	double JIT_OPERATION operationArithFRound(ExecState* exec, EncodedJSValue encodedOp1)
				372	{
				373	VM* vm = &exec->vm();
				374	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	375	auto scope = DECLARE_THROW_SCOPE(*vm);
benjamin@webkit.org	87238e9	2016-08-25 01:21:43 +0000	[diff] [blame]	376
				377	JSValue op1 = JSValue::decode(encodedOp1);
				378	double a = op1.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	379	RETURN_IF_EXCEPTION(scope, PNaN);
benjamin@webkit.org	87238e9	2016-08-25 01:21:43 +0000	[diff] [blame]	380	return static_cast<float>(a);
				381	}
				382
benjamin@webkit.org	770c27f	2016-08-24 02:36:40 +0000	[diff] [blame]	383	double JIT_OPERATION operationArithLog(ExecState* exec, EncodedJSValue encodedOp1)
				384	{
				385	VM* vm = &exec->vm();
				386	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	387	auto scope = DECLARE_THROW_SCOPE(*vm);
benjamin@webkit.org	770c27f	2016-08-24 02:36:40 +0000	[diff] [blame]	388
				389	JSValue op1 = JSValue::decode(encodedOp1);
				390	double a = op1.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	391	RETURN_IF_EXCEPTION(scope, PNaN);
benjamin@webkit.org	770c27f	2016-08-24 02:36:40 +0000	[diff] [blame]	392	return log(a);
				393	}
				394
commit-queue@webkit.org	ee8d548	2016-08-23 19:09:50 +0000	[diff] [blame]	395	double JIT_OPERATION operationArithSin(ExecState* exec, EncodedJSValue encodedOp1)
				396	{
				397	VM* vm = &exec->vm();
				398	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	399	auto scope = DECLARE_THROW_SCOPE(*vm);
commit-queue@webkit.org	ee8d548	2016-08-23 19:09:50 +0000	[diff] [blame]	400
				401	JSValue op1 = JSValue::decode(encodedOp1);
				402	double a = op1.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	403	RETURN_IF_EXCEPTION(scope, PNaN);
commit-queue@webkit.org	ee8d548	2016-08-23 19:09:50 +0000	[diff] [blame]	404	return sin(a);
				405	}
				406
commit-queue@webkit.org	91b902c	2016-08-20 02:00:44 +0000	[diff] [blame]	407	double JIT_OPERATION operationArithSqrt(ExecState* exec, EncodedJSValue encodedOp1)
				408	{
				409	VM* vm = &exec->vm();
				410	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	411	auto scope = DECLARE_THROW_SCOPE(*vm);
commit-queue@webkit.org	91b902c	2016-08-20 02:00:44 +0000	[diff] [blame]	412
				413	JSValue op1 = JSValue::decode(encodedOp1);
				414	double a = op1.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	415	RETURN_IF_EXCEPTION(scope, PNaN);
commit-queue@webkit.org	91b902c	2016-08-20 02:00:44 +0000	[diff] [blame]	416	return sqrt(a);
				417	}
				418
utatane.tea@gmail.com	9917d6a	2016-09-12 22:01:13 +0000	[diff] [blame]	419	double JIT_OPERATION operationArithTan(ExecState* exec, EncodedJSValue encodedOp1)
				420	{
				421	VM* vm = &exec->vm();
				422	NativeCallFrameTracer tracer(vm, exec);
				423	auto scope = DECLARE_THROW_SCOPE(*vm);
				424
				425	JSValue op1 = JSValue::decode(encodedOp1);
				426	double a = op1.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	427	RETURN_IF_EXCEPTION(scope, encodedJSValue());
utatane.tea@gmail.com	9917d6a	2016-09-12 22:01:13 +0000	[diff] [blame]	428	return tan(a);
				429	}
				430
commit-queue@webkit.org	2e9df64	2016-09-20 00:48:39 +0000	[diff] [blame]	431	EncodedJSValue JIT_OPERATION operationArithRound(ExecState* exec, EncodedJSValue encodedArgument)
				432	{
				433	VM* vm = &exec->vm();
				434	NativeCallFrameTracer tracer(vm, exec);
				435	auto scope = DECLARE_THROW_SCOPE(*vm);
				436
				437	JSValue argument = JSValue::decode(encodedArgument);
				438	double valueOfArgument = argument.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	439	RETURN_IF_EXCEPTION(scope, encodedJSValue());
commit-queue@webkit.org	2e9df64	2016-09-20 00:48:39 +0000	[diff] [blame]	440	return JSValue::encode(jsNumber(jsRound(valueOfArgument)));
				441	}
				442
				443	EncodedJSValue JIT_OPERATION operationArithFloor(ExecState* exec, EncodedJSValue encodedArgument)
				444	{
				445	VM* vm = &exec->vm();
				446	NativeCallFrameTracer tracer(vm, exec);
				447	auto scope = DECLARE_THROW_SCOPE(*vm);
				448
				449	JSValue argument = JSValue::decode(encodedArgument);
				450	double valueOfArgument = argument.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	451	RETURN_IF_EXCEPTION(scope, encodedJSValue());
commit-queue@webkit.org	2e9df64	2016-09-20 00:48:39 +0000	[diff] [blame]	452	return JSValue::encode(jsNumber(floor(valueOfArgument)));
				453	}
				454
				455	EncodedJSValue JIT_OPERATION operationArithCeil(ExecState* exec, EncodedJSValue encodedArgument)
				456	{
				457	VM* vm = &exec->vm();
				458	NativeCallFrameTracer tracer(vm, exec);
				459	auto scope = DECLARE_THROW_SCOPE(*vm);
				460
				461	JSValue argument = JSValue::decode(encodedArgument);
				462	double valueOfArgument = argument.toNumber(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	463	RETURN_IF_EXCEPTION(scope, encodedJSValue());
commit-queue@webkit.org	2e9df64	2016-09-20 00:48:39 +0000	[diff] [blame]	464	return JSValue::encode(jsNumber(ceil(valueOfArgument)));
				465	}
				466
				467	EncodedJSValue JIT_OPERATION operationArithTrunc(ExecState* exec, EncodedJSValue encodedArgument)
				468	{
				469	VM* vm = &exec->vm();
				470	NativeCallFrameTracer tracer(vm, exec);
				471	auto scope = DECLARE_THROW_SCOPE(*vm);
				472
				473	JSValue argument = JSValue::decode(encodedArgument);
				474	double truncatedValueOfArgument = argument.toIntegerPreserveNaN(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	475	RETURN_IF_EXCEPTION(scope, encodedJSValue());
commit-queue@webkit.org	2e9df64	2016-09-20 00:48:39 +0000	[diff] [blame]	476	return JSValue::encode(jsNumber(truncatedValueOfArgument));
				477	}
				478
akling@apple.com	6d3d181	2014-04-26 06:00:43 +0000	[diff] [blame]	479	static ALWAYS_INLINE EncodedJSValue getByVal(ExecState* exec, JSCell* base, uint32_t index)
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	480	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	481	VM& vm = exec->vm();
				482	NativeCallFrameTracer tracer(&vm, exec);
oliver@apple.com	034a5e1	2012-05-01 21:34:53 +0000	[diff] [blame]	483
fpizlo@apple.com	d8dd053	2012-09-13 04:18:52 +0000	[diff] [blame]	484	if (base->isObject()) {
				485	JSObject* object = asObject(base);
				486	if (object->canGetIndexQuickly(index))
				487	return JSValue::encode(object->getIndexQuickly(index));
				488	}
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	489
mhahnenberg@apple.com	c58d54d	2011-12-16 19:06:44 +0000	[diff] [blame]	490	if (isJSString(base) && asString(base)->canGetIndex(index))
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	491	return JSValue::encode(asString(base)->getIndex(exec, index));
				492
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	493	return JSValue::encode(JSValue(base).get(exec, index));
				494	}
				495
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	496	EncodedJSValue JIT_OPERATION operationGetByVal(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedProperty)
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	497	{
akling@apple.com	b6d91ab	2014-02-09 21:33:17 +0000	[diff] [blame]	498	VM& vm = exec->vm();
				499	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	500	auto scope = DECLARE_THROW_SCOPE(vm);
				501
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	502	JSValue baseValue = JSValue::decode(encodedBase);
				503	JSValue property = JSValue::decode(encodedProperty);
				504
				505	if (LIKELY(baseValue.isCell())) {
				506	JSCell* base = baseValue.asCell();
				507
mhahnenberg@apple.com	871ffe6	2013-03-15 21:52:35 +0000	[diff] [blame]	508	if (property.isUInt32()) {
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	509	return getByVal(exec, base, property.asUInt32());
mhahnenberg@apple.com	871ffe6	2013-03-15 21:52:35 +0000	[diff] [blame]	510	} else if (property.isDouble()) {
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	511	double propertyAsDouble = property.asDouble();
				512	uint32_t propertyAsUInt32 = static_cast<uint32_t>(propertyAsDouble);
utatane.tea@gmail.com	20b6e30	2015-04-07 07:26:08 +0000	[diff] [blame]	513	if (propertyAsUInt32 == propertyAsDouble && isIndex(propertyAsUInt32))
weinig@apple.com	a96509f	2011-06-15 21:57:17 +0000	[diff] [blame]	514	return getByVal(exec, base, propertyAsUInt32);
mhahnenberg@apple.com	871ffe6	2013-03-15 21:52:35 +0000	[diff] [blame]	515	} else if (property.isString()) {
akling@apple.com	baca5e8	2014-05-06 00:53:29 +0000	[diff] [blame]	516	Structure& structure = *base->structure(vm);
				517	if (JSCell::canUseFastGetOwnProperty(structure)) {
utatane.tea@gmail.com	e0741fb	2015-06-02 17:36:16 +0000	[diff] [blame]	518	if (RefPtr<AtomicStringImpl> existingAtomicString = asString(property)->toExistingAtomicString(exec)) {
				519	if (JSValue result = base->fastGetOwnProperty(vm, structure, existingAtomicString.get()))
akling@apple.com	cad8904	2014-09-02 22:29:59 +0000	[diff] [blame]	520	return JSValue::encode(result);
				521	}
akling@apple.com	baca5e8	2014-05-06 00:53:29 +0000	[diff] [blame]	522	}
mhahnenberg@apple.com	871ffe6	2013-03-15 21:52:35 +0000	[diff] [blame]	523	}
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	524	}
mhahnenberg@apple.com	871ffe6	2013-03-15 21:52:35 +0000	[diff] [blame]	525
utatane.tea@gmail.com	9f61d13	2015-03-27 11:08:49 +0000	[diff] [blame]	526	baseValue.requireObjectCoercible(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	527	RETURN_IF_EXCEPTION(scope, encodedJSValue());
utatane.tea@gmail.com	e16e15d	2015-03-20 21:35:17 +0000	[diff] [blame]	528	auto propertyName = property.toPropertyKey(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	529	RETURN_IF_EXCEPTION(scope, encodedJSValue());
utatane.tea@gmail.com	947fa4e	2015-01-31 01:23:56 +0000	[diff] [blame]	530	return JSValue::encode(baseValue.get(exec, propertyName));
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	531	}
				532
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	533	EncodedJSValue JIT_OPERATION operationGetByValCell(ExecState* exec, JSCell* base, EncodedJSValue encodedProperty)
fpizlo@apple.com	dc41f7f	2011-10-09 20:07:36 +0000	[diff] [blame]	534	{
akling@apple.com	b6d91ab	2014-02-09 21:33:17 +0000	[diff] [blame]	535	VM& vm = exec->vm();
				536	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	537	auto scope = DECLARE_THROW_SCOPE(vm);
				538
fpizlo@apple.com	dc41f7f	2011-10-09 20:07:36 +0000	[diff] [blame]	539	JSValue property = JSValue::decode(encodedProperty);
				540
				541	if (property.isUInt32())
				542	return getByVal(exec, base, property.asUInt32());
mhahnenberg@apple.com	871ffe6	2013-03-15 21:52:35 +0000	[diff] [blame]	543	if (property.isDouble()) {
fpizlo@apple.com	dc41f7f	2011-10-09 20:07:36 +0000	[diff] [blame]	544	double propertyAsDouble = property.asDouble();
				545	uint32_t propertyAsUInt32 = static_cast<uint32_t>(propertyAsDouble);
				546	if (propertyAsUInt32 == propertyAsDouble)
				547	return getByVal(exec, base, propertyAsUInt32);
mhahnenberg@apple.com	871ffe6	2013-03-15 21:52:35 +0000	[diff] [blame]	548	} else if (property.isString()) {
akling@apple.com	baca5e8	2014-05-06 00:53:29 +0000	[diff] [blame]	549	Structure& structure = *base->structure(vm);
				550	if (JSCell::canUseFastGetOwnProperty(structure)) {
utatane.tea@gmail.com	e0741fb	2015-06-02 17:36:16 +0000	[diff] [blame]	551	if (RefPtr<AtomicStringImpl> existingAtomicString = asString(property)->toExistingAtomicString(exec)) {
				552	if (JSValue result = base->fastGetOwnProperty(vm, structure, existingAtomicString.get()))
akling@apple.com	cad8904	2014-09-02 22:29:59 +0000	[diff] [blame]	553	return JSValue::encode(result);
				554	}
akling@apple.com	baca5e8	2014-05-06 00:53:29 +0000	[diff] [blame]	555	}
mhahnenberg@apple.com	871ffe6	2013-03-15 21:52:35 +0000	[diff] [blame]	556	}
fpizlo@apple.com	dc41f7f	2011-10-09 20:07:36 +0000	[diff] [blame]	557
utatane.tea@gmail.com	e16e15d	2015-03-20 21:35:17 +0000	[diff] [blame]	558	auto propertyName = property.toPropertyKey(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	559	RETURN_IF_EXCEPTION(scope, encodedJSValue());
utatane.tea@gmail.com	947fa4e	2015-01-31 01:23:56 +0000	[diff] [blame]	560	return JSValue::encode(JSValue(base).get(exec, propertyName));
fpizlo@apple.com	dc41f7f	2011-10-09 20:07:36 +0000	[diff] [blame]	561	}
				562
oliver@apple.com	211b3be	2013-07-25 04:03:39 +0000	[diff] [blame]	563	ALWAYS_INLINE EncodedJSValue getByValCellInt(ExecState* exec, JSCell* base, int32_t index)
fpizlo@apple.com	fa34ff8	2012-09-05 01:27:50 +0000	[diff] [blame]	564	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	565	VM* vm = &exec->vm();
				566	NativeCallFrameTracer tracer(vm, exec);
fpizlo@apple.com	fa34ff8	2012-09-05 01:27:50 +0000	[diff] [blame]	567
				568	if (index < 0) {
				569	// Go the slowest way possible becase negative indices don't use indexed storage.
				570	return JSValue::encode(JSValue(base).get(exec, Identifier::from(exec, index)));
				571	}
				572
				573	// Use this since we know that the value is out of bounds.
sbarati@apple.com	575aa2b	2016-03-04 02:25:30 +0000	[diff] [blame]	574	return JSValue::encode(JSValue(base).get(exec, static_cast<unsigned>(index)));
fpizlo@apple.com	fa34ff8	2012-09-05 01:27:50 +0000	[diff] [blame]	575	}
				576
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	577	EncodedJSValue JIT_OPERATION operationGetByValArrayInt(ExecState* exec, JSArray* base, int32_t index)
oliver@apple.com	211b3be	2013-07-25 04:03:39 +0000	[diff] [blame]	578	{
				579	return getByValCellInt(exec, base, index);
				580	}
				581
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	582	EncodedJSValue JIT_OPERATION operationGetByValStringInt(ExecState* exec, JSString* base, int32_t index)
oliver@apple.com	211b3be	2013-07-25 04:03:39 +0000	[diff] [blame]	583	{
				584	return getByValCellInt(exec, base, index);
				585	}
				586
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	587	void JIT_OPERATION operationPutByValStrict(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedProperty, EncodedJSValue encodedValue)
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	588	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	589	VM* vm = &exec->vm();
				590	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	591
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	592	operationPutByValInternal<true, false>(exec, encodedBase, encodedProperty, encodedValue);
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	593	}
				594
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	595	void JIT_OPERATION operationPutByValNonStrict(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedProperty, EncodedJSValue encodedValue)
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	596	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	597	VM* vm = &exec->vm();
				598	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	599
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	600	operationPutByValInternal<false, false>(exec, encodedBase, encodedProperty, encodedValue);
barraclough@apple.com	2302c04	2011-03-14 23:31:00 +0000	[diff] [blame]	601	}
				602
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	603	void JIT_OPERATION operationPutByValCellStrict(ExecState* exec, JSCell* cell, EncodedJSValue encodedProperty, EncodedJSValue encodedValue)
fpizlo@apple.com	dc41f7f	2011-10-09 20:07:36 +0000	[diff] [blame]	604	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	605	VM* vm = &exec->vm();
				606	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	607
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	608	operationPutByValInternal<true, false>(exec, JSValue::encode(cell), encodedProperty, encodedValue);
fpizlo@apple.com	dc41f7f	2011-10-09 20:07:36 +0000	[diff] [blame]	609	}
				610
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	611	void JIT_OPERATION operationPutByValCellNonStrict(ExecState* exec, JSCell* cell, EncodedJSValue encodedProperty, EncodedJSValue encodedValue)
fpizlo@apple.com	dc41f7f	2011-10-09 20:07:36 +0000	[diff] [blame]	612	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	613	VM* vm = &exec->vm();
				614	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	615
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	616	operationPutByValInternal<false, false>(exec, JSValue::encode(cell), encodedProperty, encodedValue);
fpizlo@apple.com	dc41f7f	2011-10-09 20:07:36 +0000	[diff] [blame]	617	}
				618
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	619	void JIT_OPERATION operationPutByValBeyondArrayBoundsStrict(ExecState* exec, JSObject* array, int32_t index, EncodedJSValue encodedValue)
barraclough@apple.com	e2130ff	2011-06-07 23:03:32 +0000	[diff] [blame]	620	{
mhahnenberg@apple.com	b6f8519	2014-02-27 01:27:18 +0000	[diff] [blame]	621	VM& vm = exec->vm();
				622	NativeCallFrameTracer tracer(&vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	623
fpizlo@apple.com	73fbdf6	2012-05-18 01:34:01 +0000	[diff] [blame]	624	if (index >= 0) {
fpizlo@apple.com	0e9910a	2012-10-09 23:39:53 +0000	[diff] [blame]	625	array->putByIndexInline(exec, index, JSValue::decode(encodedValue), true);
fpizlo@apple.com	73fbdf6	2012-05-18 01:34:01 +0000	[diff] [blame]	626	return;
				627	}
				628
oliver@apple.com	6884841	2014-01-02 20:56:20 +0000	[diff] [blame]	629	PutPropertySlot slot(array, true);
fpizlo@apple.com	73fbdf6	2012-05-18 01:34:01 +0000	[diff] [blame]	630	array->methodTable()->put(
				631	array, exec, Identifier::from(exec, index), JSValue::decode(encodedValue), slot);
barraclough@apple.com	b1db28d8	2012-03-06 07:23:21 +0000	[diff] [blame]	632	}
				633
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	634	void JIT_OPERATION operationPutByValBeyondArrayBoundsNonStrict(ExecState* exec, JSObject* array, int32_t index, EncodedJSValue encodedValue)
barraclough@apple.com	b1db28d8	2012-03-06 07:23:21 +0000	[diff] [blame]	635	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	636	VM* vm = &exec->vm();
				637	NativeCallFrameTracer tracer(vm, exec);
barraclough@apple.com	b1db28d8	2012-03-06 07:23:21 +0000	[diff] [blame]	638
fpizlo@apple.com	73fbdf6	2012-05-18 01:34:01 +0000	[diff] [blame]	639	if (index >= 0) {
fpizlo@apple.com	0e9910a	2012-10-09 23:39:53 +0000	[diff] [blame]	640	array->putByIndexInline(exec, index, JSValue::decode(encodedValue), false);
fpizlo@apple.com	73fbdf6	2012-05-18 01:34:01 +0000	[diff] [blame]	641	return;
				642	}
				643
oliver@apple.com	6884841	2014-01-02 20:56:20 +0000	[diff] [blame]	644	PutPropertySlot slot(array, false);
fpizlo@apple.com	73fbdf6	2012-05-18 01:34:01 +0000	[diff] [blame]	645	array->methodTable()->put(
				646	array, exec, Identifier::from(exec, index), JSValue::decode(encodedValue), slot);
barraclough@apple.com	e2130ff	2011-06-07 23:03:32 +0000	[diff] [blame]	647	}
				648
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	649	void JIT_OPERATION operationPutDoubleByValBeyondArrayBoundsStrict(ExecState* exec, JSObject* array, int32_t index, double value)
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	650	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	651	VM* vm = &exec->vm();
				652	NativeCallFrameTracer tracer(vm, exec);
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	653
				654	JSValue jsValue = JSValue(JSValue::EncodeAsDouble, value);
				655
				656	if (index >= 0) {
				657	array->putByIndexInline(exec, index, jsValue, true);
				658	return;
				659	}
				660
oliver@apple.com	6884841	2014-01-02 20:56:20 +0000	[diff] [blame]	661	PutPropertySlot slot(array, true);
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	662	array->methodTable()->put(
				663	array, exec, Identifier::from(exec, index), jsValue, slot);
				664	}
				665
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	666	void JIT_OPERATION operationPutDoubleByValBeyondArrayBoundsNonStrict(ExecState* exec, JSObject* array, int32_t index, double value)
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	667	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	668	VM* vm = &exec->vm();
				669	NativeCallFrameTracer tracer(vm, exec);
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	670
				671	JSValue jsValue = JSValue(JSValue::EncodeAsDouble, value);
				672
				673	if (index >= 0) {
				674	array->putByIndexInline(exec, index, jsValue, false);
				675	return;
				676	}
				677
oliver@apple.com	6884841	2014-01-02 20:56:20 +0000	[diff] [blame]	678	PutPropertySlot slot(array, false);
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	679	array->methodTable()->put(
				680	array, exec, Identifier::from(exec, index), jsValue, slot);
				681	}
				682
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	683	void JIT_OPERATION operationPutByValDirectStrict(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedProperty, EncodedJSValue encodedValue)
				684	{
				685	VM* vm = &exec->vm();
				686	NativeCallFrameTracer tracer(vm, exec);
				687
				688	operationPutByValInternal<true, true>(exec, encodedBase, encodedProperty, encodedValue);
				689	}
				690
				691	void JIT_OPERATION operationPutByValDirectNonStrict(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedProperty, EncodedJSValue encodedValue)
				692	{
				693	VM* vm = &exec->vm();
				694	NativeCallFrameTracer tracer(vm, exec);
				695
				696	operationPutByValInternal<false, true>(exec, encodedBase, encodedProperty, encodedValue);
				697	}
				698
				699	void JIT_OPERATION operationPutByValDirectCellStrict(ExecState* exec, JSCell* cell, EncodedJSValue encodedProperty, EncodedJSValue encodedValue)
				700	{
				701	VM* vm = &exec->vm();
				702	NativeCallFrameTracer tracer(vm, exec);
				703
				704	operationPutByValInternal<true, true>(exec, JSValue::encode(cell), encodedProperty, encodedValue);
				705	}
				706
				707	void JIT_OPERATION operationPutByValDirectCellNonStrict(ExecState* exec, JSCell* cell, EncodedJSValue encodedProperty, EncodedJSValue encodedValue)
				708	{
				709	VM* vm = &exec->vm();
				710	NativeCallFrameTracer tracer(vm, exec);
				711
				712	operationPutByValInternal<false, true>(exec, JSValue::encode(cell), encodedProperty, encodedValue);
				713	}
				714
				715	void JIT_OPERATION operationPutByValDirectBeyondArrayBoundsStrict(ExecState* exec, JSObject* array, int32_t index, EncodedJSValue encodedValue)
				716	{
				717	VM* vm = &exec->vm();
				718	NativeCallFrameTracer tracer(vm, exec);
				719	if (index >= 0) {
				720	array->putDirectIndex(exec, index, JSValue::decode(encodedValue), 0, PutDirectIndexShouldThrow);
				721	return;
				722	}
				723
oliver@apple.com	6884841	2014-01-02 20:56:20 +0000	[diff] [blame]	724	PutPropertySlot slot(array, true);
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	725	array->putDirect(exec->vm(), Identifier::from(exec, index), JSValue::decode(encodedValue), slot);
				726	}
				727
				728	void JIT_OPERATION operationPutByValDirectBeyondArrayBoundsNonStrict(ExecState* exec, JSObject* array, int32_t index, EncodedJSValue encodedValue)
				729	{
				730	VM* vm = &exec->vm();
				731	NativeCallFrameTracer tracer(vm, exec);
				732
				733	if (index >= 0) {
				734	array->putDirectIndex(exec, index, JSValue::decode(encodedValue));
				735	return;
				736	}
				737
oliver@apple.com	6884841	2014-01-02 20:56:20 +0000	[diff] [blame]	738	PutPropertySlot slot(array, false);
oliver@apple.com	e050d64	2013-10-19 00:09:28 +0000	[diff] [blame]	739	array->putDirect(exec->vm(), Identifier::from(exec, index), JSValue::decode(encodedValue), slot);
				740	}
				741
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	742	EncodedJSValue JIT_OPERATION operationArrayPush(ExecState* exec, EncodedJSValue encodedValue, JSArray* array)
fpizlo@apple.com	24d24e5	2011-10-04 02:55:54 +0000	[diff] [blame]	743	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	744	VM* vm = &exec->vm();
				745	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	746
fpizlo@apple.com	24d24e5	2011-10-04 02:55:54 +0000	[diff] [blame]	747	array->push(exec, JSValue::decode(encodedValue));
				748	return JSValue::encode(jsNumber(array->length()));
				749	}
barraclough@apple.com	077fdd4	2012-03-18 01:08:16 +0000	[diff] [blame]	750
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	751	EncodedJSValue JIT_OPERATION operationArrayPushDouble(ExecState* exec, double value, JSArray* array)
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	752	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	753	VM* vm = &exec->vm();
				754	NativeCallFrameTracer tracer(vm, exec);
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	755
				756	array->push(exec, JSValue(JSValue::EncodeAsDouble, value));
				757	return JSValue::encode(jsNumber(array->length()));
				758	}
				759
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	760	EncodedJSValue JIT_OPERATION operationArrayPop(ExecState* exec, JSArray* array)
fpizlo@apple.com	04c1974	2012-08-26 22:35:26 +0000	[diff] [blame]	761	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	762	VM* vm = &exec->vm();
				763	NativeCallFrameTracer tracer(vm, exec);
fpizlo@apple.com	04c1974	2012-08-26 22:35:26 +0000	[diff] [blame]	764
				765	return JSValue::encode(array->pop(exec));
				766	}
				767
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	768	EncodedJSValue JIT_OPERATION operationArrayPopAndRecoverLength(ExecState* exec, JSArray* array)
fpizlo@apple.com	0e9910a	2012-10-09 23:39:53 +0000	[diff] [blame]	769	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	770	VM* vm = &exec->vm();
				771	NativeCallFrameTracer tracer(vm, exec);
fpizlo@apple.com	0e9910a	2012-10-09 23:39:53 +0000	[diff] [blame]	772
				773	array->butterfly()->setPublicLength(array->butterfly()->publicLength() + 1);
				774
				775	return JSValue::encode(array->pop(exec));
				776	}
				777
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	778	EncodedJSValue JIT_OPERATION operationRegExpExecString(ExecState* exec, JSGlobalObject* globalObject, RegExpObject* regExpObject, JSString* argument)
barraclough@apple.com	077fdd4	2012-03-18 01:08:16 +0000	[diff] [blame]	779	{
fpizlo@apple.com	5e29b76	2016-03-18 00:53:24 +0000	[diff] [blame]	780	SuperSamplerScope superSamplerScope(false);
				781
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	782	VM& vm = globalObject->vm();
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	783	NativeCallFrameTracer tracer(&vm, exec);
oliver@apple.com	034a5e1	2012-05-01 21:34:53 +0000	[diff] [blame]	784
fpizlo@apple.com	6ea42db	2016-03-08 21:15:07 +0000	[diff] [blame]	785	return JSValue::encode(regExpObject->execInline(exec, globalObject, argument));
fpizlo@apple.com	7fdfeed	2016-03-06 00:48:11 +0000	[diff] [blame]	786	}
				787
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	788	EncodedJSValue JIT_OPERATION operationRegExpExec(ExecState* exec, JSGlobalObject* globalObject, RegExpObject* regExpObject, EncodedJSValue encodedArgument)
fpizlo@apple.com	7fdfeed	2016-03-06 00:48:11 +0000	[diff] [blame]	789	{
fpizlo@apple.com	5e29b76	2016-03-18 00:53:24 +0000	[diff] [blame]	790	SuperSamplerScope superSamplerScope(false);
				791
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	792	VM& vm = globalObject->vm();
fpizlo@apple.com	7fdfeed	2016-03-06 00:48:11 +0000	[diff] [blame]	793	NativeCallFrameTracer tracer(&vm, exec);
				794
				795	JSValue argument = JSValue::decode(encodedArgument);
barraclough@apple.com	077fdd4	2012-03-18 01:08:16 +0000	[diff] [blame]	796
fpizlo@apple.com	7fdfeed	2016-03-06 00:48:11 +0000	[diff] [blame]	797	JSString* input = argument.toStringOrNull(exec);
				798	if (!input)
				799	return JSValue::encode(jsUndefined());
fpizlo@apple.com	6ea42db	2016-03-08 21:15:07 +0000	[diff] [blame]	800	return JSValue::encode(regExpObject->execInline(exec, globalObject, input));
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	801	}
				802
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	803	EncodedJSValue JIT_OPERATION operationRegExpExecGeneric(ExecState* exec, JSGlobalObject* globalObject, EncodedJSValue encodedBase, EncodedJSValue encodedArgument)
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	804	{
fpizlo@apple.com	5e29b76	2016-03-18 00:53:24 +0000	[diff] [blame]	805	SuperSamplerScope superSamplerScope(false);
				806
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	807	VM& vm = globalObject->vm();
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	808	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	809	auto scope = DECLARE_THROW_SCOPE(vm);
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	810
				811	JSValue base = JSValue::decode(encodedBase);
				812	JSValue argument = JSValue::decode(encodedArgument);
				813
				814	if (!base.inherits(RegExpObject::info()))
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	815	return throwVMTypeError(exec, scope);
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	816
				817	JSString* input = argument.toStringOrNull(exec);
				818	if (!input)
				819	return JSValue::encode(jsUndefined());
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	820	return JSValue::encode(asRegExpObject(base)->exec(exec, globalObject, input));
barraclough@apple.com	077fdd4	2012-03-18 01:08:16 +0000	[diff] [blame]	821	}
				822
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	823	size_t JIT_OPERATION operationRegExpTestString(ExecState* exec, JSGlobalObject* globalObject, RegExpObject* regExpObject, JSString* input)
barraclough@apple.com	077fdd4	2012-03-18 01:08:16 +0000	[diff] [blame]	824	{
fpizlo@apple.com	5e29b76	2016-03-18 00:53:24 +0000	[diff] [blame]	825	SuperSamplerScope superSamplerScope(false);
				826
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	827	VM& vm = globalObject->vm();
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	828	NativeCallFrameTracer tracer(&vm, exec);
oliver@apple.com	034a5e1	2012-05-01 21:34:53 +0000	[diff] [blame]	829
fpizlo@apple.com	6ea42db	2016-03-08 21:15:07 +0000	[diff] [blame]	830	return regExpObject->testInline(exec, globalObject, input);
fpizlo@apple.com	7fdfeed	2016-03-06 00:48:11 +0000	[diff] [blame]	831	}
barraclough@apple.com	077fdd4	2012-03-18 01:08:16 +0000	[diff] [blame]	832
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	833	size_t JIT_OPERATION operationRegExpTest(ExecState* exec, JSGlobalObject* globalObject, RegExpObject* regExpObject, EncodedJSValue encodedArgument)
fpizlo@apple.com	7fdfeed	2016-03-06 00:48:11 +0000	[diff] [blame]	834	{
fpizlo@apple.com	5e29b76	2016-03-18 00:53:24 +0000	[diff] [blame]	835	SuperSamplerScope superSamplerScope(false);
				836
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	837	VM& vm = globalObject->vm();
fpizlo@apple.com	7fdfeed	2016-03-06 00:48:11 +0000	[diff] [blame]	838	NativeCallFrameTracer tracer(&vm, exec);
				839
				840	JSValue argument = JSValue::decode(encodedArgument);
				841
				842	JSString* input = argument.toStringOrNull(exec);
				843	if (!input)
				844	return false;
fpizlo@apple.com	6ea42db	2016-03-08 21:15:07 +0000	[diff] [blame]	845	return regExpObject->testInline(exec, globalObject, input);
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	846	}
				847
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	848	size_t JIT_OPERATION operationRegExpTestGeneric(ExecState* exec, JSGlobalObject* globalObject, EncodedJSValue encodedBase, EncodedJSValue encodedArgument)
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	849	{
fpizlo@apple.com	57aea1c	2016-04-11 18:20:59 +0000	[diff] [blame]	850	SuperSamplerScope superSamplerScope(false);
fpizlo@apple.com	5e29b76	2016-03-18 00:53:24 +0000	[diff] [blame]	851
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	852	VM& vm = globalObject->vm();
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	853	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	854	auto scope = DECLARE_THROW_SCOPE(vm);
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	855
				856	JSValue base = JSValue::decode(encodedBase);
				857	JSValue argument = JSValue::decode(encodedArgument);
				858
				859	if (!base.inherits(RegExpObject::info())) {
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	860	throwTypeError(exec, scope);
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	861	return false;
				862	}
				863
				864	JSString* input = argument.toStringOrNull(exec);
				865	if (!input)
				866	return false;
fpizlo@apple.com	7518ba2	2016-03-06 20:11:09 +0000	[diff] [blame]	867	return asRegExpObject(base)->test(exec, globalObject, input);
barraclough@apple.com	077fdd4	2012-03-18 01:08:16 +0000	[diff] [blame]	868	}
fpizlo@apple.com	ee10e45	2013-04-09 00:10:16 +0000	[diff] [blame]	869
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	870	size_t JIT_OPERATION operationCompareStrictEqCell(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
commit-queue@webkit.org	6efa2ca	2011-07-19 00:36:37 +0000	[diff] [blame]	871	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	872	VM* vm = &exec->vm();
				873	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	874
commit-queue@webkit.org	6efa2ca	2011-07-19 00:36:37 +0000	[diff] [blame]	875	JSValue op1 = JSValue::decode(encodedOp1);
				876	JSValue op2 = JSValue::decode(encodedOp2);
				877
				878	ASSERT(op1.isCell());
				879	ASSERT(op2.isCell());
				880
				881	return JSValue::strictEqualSlowCaseInline(exec, op1, op2);
				882	}
				883
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	884	size_t JIT_OPERATION operationCompareStrictEq(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
barraclough@apple.com	848a0cc	2011-04-08 20:33:24 +0000	[diff] [blame]	885	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	886	VM* vm = &exec->vm();
				887	NativeCallFrameTracer tracer(vm, exec);
fpizlo@apple.com	82acbbf	2012-02-28 00:37:58 +0000	[diff] [blame]	888
				889	JSValue src1 = JSValue::decode(encodedOp1);
				890	JSValue src2 = JSValue::decode(encodedOp2);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	891
fpizlo@apple.com	82acbbf	2012-02-28 00:37:58 +0000	[diff] [blame]	892	return JSValue::strictEqual(exec, src1, src2);
barraclough@apple.com	848a0cc	2011-04-08 20:33:24 +0000	[diff] [blame]	893	}
				894
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	895	EncodedJSValue JIT_OPERATION operationToPrimitive(ExecState* exec, EncodedJSValue value)
fpizlo@apple.com	90e5f0e	2011-09-22 22:42:54 +0000	[diff] [blame]	896	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	897	VM* vm = &exec->vm();
				898	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	899
fpizlo@apple.com	90e5f0e	2011-09-22 22:42:54 +0000	[diff] [blame]	900	return JSValue::encode(JSValue::decode(value).toPrimitive(exec));
				901	}
				902
utatane.tea@gmail.com	db32c54	2016-06-30 15:26:47 +0000	[diff] [blame]	903	EncodedJSValue JIT_OPERATION operationToNumber(ExecState* exec, EncodedJSValue value)
				904	{
				905	VM* vm = &exec->vm();
				906	NativeCallFrameTracer tracer(vm, exec);
				907
				908	return JSValue::encode(jsNumber(JSValue::decode(value).toNumber(exec)));
				909	}
				910
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	911	EncodedJSValue JIT_OPERATION operationGetByIdWithThis(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedThis, UniquedStringImpl* impl)
				912	{
				913	VM& vm = exec->vm();
				914	NativeCallFrameTracer tracer(&vm, exec);
				915
				916	JSValue baseValue = JSValue::decode(encodedBase);
				917	JSValue thisVal = JSValue::decode(encodedThis);
				918	PropertySlot slot(thisVal, PropertySlot::PropertySlot::InternalMethodType::Get);
				919	JSValue result = baseValue.get(exec, Identifier::fromUid(exec, impl), slot);
				920	return JSValue::encode(result);
				921	}
				922
				923	EncodedJSValue JIT_OPERATION operationGetByValWithThis(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedThis, EncodedJSValue encodedSubscript)
				924	{
				925	VM& vm = exec->vm();
				926	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	927	auto scope = DECLARE_THROW_SCOPE(vm);
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	928
				929	JSValue baseValue = JSValue::decode(encodedBase);
				930	JSValue thisVal = JSValue::decode(encodedThis);
				931	JSValue subscript = JSValue::decode(encodedSubscript);
				932
				933	if (LIKELY(baseValue.isCell() && subscript.isString())) {
				934	Structure& structure = *baseValue.asCell()->structure(vm);
				935	if (JSCell::canUseFastGetOwnProperty(structure)) {
				936	if (RefPtr<AtomicStringImpl> existingAtomicString = asString(subscript)->toExistingAtomicString(exec)) {
				937	if (JSValue result = baseValue.asCell()->fastGetOwnProperty(vm, structure, existingAtomicString.get()))
				938	return JSValue::encode(result);
				939	}
				940	}
				941	}
				942
				943	PropertySlot slot(thisVal, PropertySlot::PropertySlot::InternalMethodType::Get);
				944	if (subscript.isUInt32()) {
				945	uint32_t i = subscript.asUInt32();
				946	if (isJSString(baseValue) && asString(baseValue)->canGetIndex(i))
				947	return JSValue::encode(asString(baseValue)->getIndex(exec, i));
				948
				949	return JSValue::encode(baseValue.get(exec, i, slot));
				950	}
				951
				952	baseValue.requireObjectCoercible(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	953	RETURN_IF_EXCEPTION(scope, encodedJSValue());
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	954
				955	auto property = subscript.toPropertyKey(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	956	RETURN_IF_EXCEPTION(scope, encodedJSValue());
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	957	return JSValue::encode(baseValue.get(exec, property, slot));
				958	}
				959
				960	void JIT_OPERATION operationPutByIdWithThisStrict(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedThis, EncodedJSValue encodedValue, UniquedStringImpl* impl)
				961	{
				962	VM& vm = exec->vm();
				963	NativeCallFrameTracer tracer(&vm, exec);
				964
				965	putWithThis<true>(exec, encodedBase, encodedThis, encodedValue, Identifier::fromUid(exec, impl));
				966	}
				967
				968	void JIT_OPERATION operationPutByIdWithThis(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedThis, EncodedJSValue encodedValue, UniquedStringImpl* impl)
				969	{
				970	VM& vm = exec->vm();
				971	NativeCallFrameTracer tracer(&vm, exec);
				972
				973	putWithThis<false>(exec, encodedBase, encodedThis, encodedValue, Identifier::fromUid(exec, impl));
				974	}
				975
				976	void JIT_OPERATION operationPutByValWithThisStrict(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedThis, EncodedJSValue encodedSubscript, EncodedJSValue encodedValue)
				977	{
				978	VM& vm = exec->vm();
				979	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	980	auto scope = DECLARE_THROW_SCOPE(vm);
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	981
				982	Identifier property = JSValue::decode(encodedSubscript).toPropertyKey(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	983	RETURN_IF_EXCEPTION(scope, void());
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	984	putWithThis<true>(exec, encodedBase, encodedThis, encodedValue, property);
				985	}
				986
				987	void JIT_OPERATION operationPutByValWithThis(ExecState* exec, EncodedJSValue encodedBase, EncodedJSValue encodedThis, EncodedJSValue encodedSubscript, EncodedJSValue encodedValue)
				988	{
				989	VM& vm = exec->vm();
				990	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	991	auto scope = DECLARE_THROW_SCOPE(vm);
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	992
				993	Identifier property = JSValue::decode(encodedSubscript).toPropertyKey(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	994	RETURN_IF_EXCEPTION(scope, void());
sbarati@apple.com	23315d6	2016-05-09 20:17:23 +0000	[diff] [blame]	995	putWithThis<false>(exec, encodedBase, encodedThis, encodedValue, property);
				996	}
				997
utatane.tea@gmail.com	f7db559	2016-10-04 19:31:24 +0000	[diff] [blame^]	998	ALWAYS_INLINE static void defineDataProperty(ExecState* exec, VM& vm, JSObject* base, const Identifier& propertyName, JSValue value, int32_t attributes)
				999	{
				1000	PropertyDescriptor descriptor = toPropertyDescriptor(value, jsUndefined(), jsUndefined(), DefinePropertyAttributes(attributes));
				1001	ASSERT((descriptor.attributes() & Accessor) \|\| (!descriptor.isAccessorDescriptor()));
				1002	if (base->methodTable(vm)->defineOwnProperty == JSObject::defineOwnProperty)
				1003	JSObject::defineOwnProperty(base, exec, propertyName, descriptor, true);
				1004	else
				1005	base->methodTable(vm)->defineOwnProperty(base, exec, propertyName, descriptor, true);
				1006	}
				1007
				1008	void JIT_OPERATION operationDefineDataProperty(ExecState* exec, JSObject* base, EncodedJSValue encodedProperty, EncodedJSValue encodedValue, int32_t attributes)
				1009	{
				1010	VM& vm = exec->vm();
				1011	NativeCallFrameTracer tracer(&vm, exec);
				1012	auto scope = DECLARE_THROW_SCOPE(vm);
				1013
				1014	Identifier propertyName = JSValue::decode(encodedProperty).toPropertyKey(exec);
				1015	RETURN_IF_EXCEPTION(scope, void());
				1016	defineDataProperty(exec, vm, base, propertyName, JSValue::decode(encodedValue), attributes);
				1017	}
				1018
				1019	void JIT_OPERATION operationDefineDataPropertyString(ExecState* exec, JSObject* base, JSString* property, EncodedJSValue encodedValue, int32_t attributes)
				1020	{
				1021	VM& vm = exec->vm();
				1022	NativeCallFrameTracer tracer(&vm, exec);
				1023	auto scope = DECLARE_THROW_SCOPE(vm);
				1024
				1025	Identifier propertyName = property->toIdentifier(exec);
				1026	RETURN_IF_EXCEPTION(scope, void());
				1027	defineDataProperty(exec, vm, base, propertyName, JSValue::decode(encodedValue), attributes);
				1028	}
				1029
				1030	void JIT_OPERATION operationDefineDataPropertyStringIdent(ExecState* exec, JSObject* base, UniquedStringImpl* property, EncodedJSValue encodedValue, int32_t attributes)
				1031	{
				1032	VM& vm = exec->vm();
				1033	NativeCallFrameTracer tracer(&vm, exec);
				1034	defineDataProperty(exec, vm, base, Identifier::fromUid(&vm, property), JSValue::decode(encodedValue), attributes);
				1035	}
				1036
				1037	void JIT_OPERATION operationDefineDataPropertySymbol(ExecState* exec, JSObject* base, Symbol* property, EncodedJSValue encodedValue, int32_t attributes)
				1038	{
				1039	VM& vm = exec->vm();
				1040	NativeCallFrameTracer tracer(&vm, exec);
				1041	defineDataProperty(exec, vm, base, Identifier::fromUid(property->privateName()), JSValue::decode(encodedValue), attributes);
				1042	}
				1043
				1044	ALWAYS_INLINE static void defineAccessorProperty(ExecState* exec, VM& vm, JSObject* base, const Identifier& propertyName, JSObject* getter, JSObject* setter, int32_t attributes)
				1045	{
				1046	PropertyDescriptor descriptor = toPropertyDescriptor(jsUndefined(), getter, setter, DefinePropertyAttributes(attributes));
				1047	ASSERT((descriptor.attributes() & Accessor) \|\| (!descriptor.isAccessorDescriptor()));
				1048	if (base->methodTable(vm)->defineOwnProperty == JSObject::defineOwnProperty)
				1049	JSObject::defineOwnProperty(base, exec, propertyName, descriptor, true);
				1050	else
				1051	base->methodTable(vm)->defineOwnProperty(base, exec, propertyName, descriptor, true);
				1052	}
				1053
				1054	void JIT_OPERATION operationDefineAccessorProperty(ExecState* exec, JSObject* base, EncodedJSValue encodedProperty, JSObject* getter, JSObject* setter, int32_t attributes)
				1055	{
				1056	VM& vm = exec->vm();
				1057	NativeCallFrameTracer tracer(&vm, exec);
				1058	auto scope = DECLARE_THROW_SCOPE(vm);
				1059
				1060	Identifier propertyName = JSValue::decode(encodedProperty).toPropertyKey(exec);
				1061	RETURN_IF_EXCEPTION(scope, void());
				1062	defineAccessorProperty(exec, vm, base, propertyName, getter, setter, attributes);
				1063	}
				1064
				1065	void JIT_OPERATION operationDefineAccessorPropertyString(ExecState* exec, JSObject* base, JSString* property, JSObject* getter, JSObject* setter, int32_t attributes)
				1066	{
				1067	VM& vm = exec->vm();
				1068	NativeCallFrameTracer tracer(&vm, exec);
				1069	auto scope = DECLARE_THROW_SCOPE(vm);
				1070
				1071	Identifier propertyName = property->toIdentifier(exec);
				1072	RETURN_IF_EXCEPTION(scope, void());
				1073	defineAccessorProperty(exec, vm, base, propertyName, getter, setter, attributes);
				1074	}
				1075
				1076	void JIT_OPERATION operationDefineAccessorPropertyStringIdent(ExecState* exec, JSObject* base, UniquedStringImpl* property, JSObject* getter, JSObject* setter, int32_t attributes)
				1077	{
				1078	VM& vm = exec->vm();
				1079	NativeCallFrameTracer tracer(&vm, exec);
				1080	defineAccessorProperty(exec, vm, base, Identifier::fromUid(&vm, property), getter, setter, attributes);
				1081	}
				1082
				1083	void JIT_OPERATION operationDefineAccessorPropertySymbol(ExecState* exec, JSObject* base, Symbol* property, JSObject* getter, JSObject* setter, int32_t attributes)
				1084	{
				1085	VM& vm = exec->vm();
				1086	NativeCallFrameTracer tracer(&vm, exec);
				1087	defineAccessorProperty(exec, vm, base, Identifier::fromUid(property->privateName()), getter, setter, attributes);
				1088	}
				1089
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1090	char* JIT_OPERATION operationNewArray(ExecState* exec, Structure* arrayStructure, void* buffer, size_t size)
fpizlo@apple.com	98a693c	2011-09-28 05:33:21 +0000	[diff] [blame]	1091	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1092	VM* vm = &exec->vm();
				1093	NativeCallFrameTracer tracer(vm, exec);
fpizlo@apple.com	1bc6848	2012-10-13 03:56:09 +0000	[diff] [blame]	1094
fpizlo@apple.com	59d1ddb	2013-11-05 00:05:02 +0000	[diff] [blame]	1095	return bitwise_cast<char>(constructArray(exec, arrayStructure, static_cast<JSValue>(buffer), size));
fpizlo@apple.com	6c89cd3	2012-06-26 19:42:05 +0000	[diff] [blame]	1096	}
				1097
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1098	char* JIT_OPERATION operationNewEmptyArray(ExecState* exec, Structure* arrayStructure)
fpizlo@apple.com	6c89cd3	2012-06-26 19:42:05 +0000	[diff] [blame]	1099	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1100	VM* vm = &exec->vm();
				1101	NativeCallFrameTracer tracer(vm, exec);
fpizlo@apple.com	1bc6848	2012-10-13 03:56:09 +0000	[diff] [blame]	1102
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1103	return bitwise_cast<char>(JSArray::create(vm, arrayStructure));
fpizlo@apple.com	6c89cd3	2012-06-26 19:42:05 +0000	[diff] [blame]	1104	}
				1105
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1106	char* JIT_OPERATION operationNewArrayWithSize(ExecState* exec, Structure* arrayStructure, int32_t size, Butterfly* butterfly)
fpizlo@apple.com	6c89cd3	2012-06-26 19:42:05 +0000	[diff] [blame]	1107	{
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1108	VM& vm = exec->vm();
				1109	NativeCallFrameTracer tracer(&vm, exec);
				1110	auto scope = DECLARE_THROW_SCOPE(vm);
msaboff@apple.com	51d65f2	2013-04-10 20:01:14 +0000	[diff] [blame]	1111
msaboff@apple.com	6ebf3b8	2013-04-11 16:19:35 +0000	[diff] [blame]	1112	if (UNLIKELY(size < 0))
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	1113	return bitwise_cast<char*>(throwException(exec, scope, createRangeError(exec, ASCIILiteral("Array size is not a small enough positive integer."))));
msaboff@apple.com	51d65f2	2013-04-10 20:01:14 +0000	[diff] [blame]	1114
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1115	JSArray* result;
				1116	if (butterfly)
fpizlo@apple.com	9a17595	2016-09-28 21:55:53 +0000	[diff] [blame]	1117	result = JSArray::createWithButterfly(vm, nullptr, arrayStructure, butterfly);
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1118	else
				1119	result = JSArray::create(vm, arrayStructure, size);
fpizlo@apple.com	8dde06b	2015-10-12 22:41:01 +0000	[diff] [blame]	1120	return bitwise_cast<char*>(result);
fpizlo@apple.com	98a693c	2011-09-28 05:33:21 +0000	[diff] [blame]	1121	}
				1122
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1123	char* JIT_OPERATION operationNewArrayBuffer(ExecState* exec, Structure* arrayStructure, size_t start, size_t size)
fpizlo@apple.com	98a693c	2011-09-28 05:33:21 +0000	[diff] [blame]	1124	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1125	VM& vm = exec->vm();
				1126	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	59d1ddb	2013-11-05 00:05:02 +0000	[diff] [blame]	1127	return bitwise_cast<char*>(constructArray(exec, arrayStructure, exec->codeBlock()->constantBuffer(start), size));
fpizlo@apple.com	98a693c	2011-09-28 05:33:21 +0000	[diff] [blame]	1128	}
				1129
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1130	char* JIT_OPERATION operationNewInt8ArrayWithSize(
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1131	ExecState* exec, Structure* structure, int32_t length, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1132	{
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1133	return newTypedArrayWithSize<JSInt8Array>(exec, structure, length, vector);
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1134	}
				1135
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1136	char* JIT_OPERATION operationNewInt8ArrayWithOneArgument(
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1137	ExecState* exec, Structure* structure, EncodedJSValue encodedValue)
				1138	{
fpizlo@apple.com	39303e0	2016-04-05 22:17:35 +0000	[diff] [blame]	1139	VM& vm = exec->vm();
				1140	NativeCallFrameTracer tracer(&vm, exec);
keith_miller@apple.com	a646a26	2015-10-16 21:40:21 +0000	[diff] [blame]	1141	return reinterpret_cast<char*>(constructGenericTypedArrayViewWithArguments<JSInt8Array>(exec, structure, encodedValue, 0, Nullopt));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1142	}
				1143
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1144	char* JIT_OPERATION operationNewInt16ArrayWithSize(
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1145	ExecState* exec, Structure* structure, int32_t length, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1146	{
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1147	return newTypedArrayWithSize<JSInt16Array>(exec, structure, length, vector);
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1148	}
				1149
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1150	char* JIT_OPERATION operationNewInt16ArrayWithOneArgument(
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1151	ExecState* exec, Structure* structure, EncodedJSValue encodedValue)
				1152	{
fpizlo@apple.com	39303e0	2016-04-05 22:17:35 +0000	[diff] [blame]	1153	VM& vm = exec->vm();
				1154	NativeCallFrameTracer tracer(&vm, exec);
keith_miller@apple.com	a646a26	2015-10-16 21:40:21 +0000	[diff] [blame]	1155	return reinterpret_cast<char*>(constructGenericTypedArrayViewWithArguments<JSInt16Array>(exec, structure, encodedValue, 0, Nullopt));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1156	}
				1157
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1158	char* JIT_OPERATION operationNewInt32ArrayWithSize(
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1159	ExecState* exec, Structure* structure, int32_t length, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1160	{
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1161	return newTypedArrayWithSize<JSInt32Array>(exec, structure, length, vector);
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1162	}
				1163
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1164	char* JIT_OPERATION operationNewInt32ArrayWithOneArgument(
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1165	ExecState* exec, Structure* structure, EncodedJSValue encodedValue)
				1166	{
fpizlo@apple.com	39303e0	2016-04-05 22:17:35 +0000	[diff] [blame]	1167	VM& vm = exec->vm();
				1168	NativeCallFrameTracer tracer(&vm, exec);
keith_miller@apple.com	a646a26	2015-10-16 21:40:21 +0000	[diff] [blame]	1169	return reinterpret_cast<char*>(constructGenericTypedArrayViewWithArguments<JSInt32Array>(exec, structure, encodedValue, 0, Nullopt));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1170	}
				1171
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1172	char* JIT_OPERATION operationNewUint8ArrayWithSize(
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1173	ExecState* exec, Structure* structure, int32_t length, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1174	{
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1175	return newTypedArrayWithSize<JSUint8Array>(exec, structure, length, vector);
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1176	}
				1177
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1178	char* JIT_OPERATION operationNewUint8ArrayWithOneArgument(
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1179	ExecState* exec, Structure* structure, EncodedJSValue encodedValue)
				1180	{
fpizlo@apple.com	39303e0	2016-04-05 22:17:35 +0000	[diff] [blame]	1181	VM& vm = exec->vm();
				1182	NativeCallFrameTracer tracer(&vm, exec);
keith_miller@apple.com	a646a26	2015-10-16 21:40:21 +0000	[diff] [blame]	1183	return reinterpret_cast<char*>(constructGenericTypedArrayViewWithArguments<JSUint8Array>(exec, structure, encodedValue, 0, Nullopt));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1184	}
				1185
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1186	char* JIT_OPERATION operationNewUint8ClampedArrayWithSize(
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1187	ExecState* exec, Structure* structure, int32_t length, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1188	{
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1189	return newTypedArrayWithSize<JSUint8ClampedArray>(exec, structure, length, vector);
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1190	}
				1191
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1192	char* JIT_OPERATION operationNewUint8ClampedArrayWithOneArgument(
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1193	ExecState* exec, Structure* structure, EncodedJSValue encodedValue)
				1194	{
fpizlo@apple.com	39303e0	2016-04-05 22:17:35 +0000	[diff] [blame]	1195	VM& vm = exec->vm();
				1196	NativeCallFrameTracer tracer(&vm, exec);
keith_miller@apple.com	a646a26	2015-10-16 21:40:21 +0000	[diff] [blame]	1197	return reinterpret_cast<char*>(constructGenericTypedArrayViewWithArguments<JSUint8ClampedArray>(exec, structure, encodedValue, 0, Nullopt));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1198	}
				1199
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1200	char* JIT_OPERATION operationNewUint16ArrayWithSize(
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1201	ExecState* exec, Structure* structure, int32_t length, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1202	{
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1203	return newTypedArrayWithSize<JSUint16Array>(exec, structure, length, vector);
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1204	}
				1205
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1206	char* JIT_OPERATION operationNewUint16ArrayWithOneArgument(
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1207	ExecState* exec, Structure* structure, EncodedJSValue encodedValue)
				1208	{
fpizlo@apple.com	39303e0	2016-04-05 22:17:35 +0000	[diff] [blame]	1209	VM& vm = exec->vm();
				1210	NativeCallFrameTracer tracer(&vm, exec);
keith_miller@apple.com	a646a26	2015-10-16 21:40:21 +0000	[diff] [blame]	1211	return reinterpret_cast<char*>(constructGenericTypedArrayViewWithArguments<JSUint16Array>(exec, structure, encodedValue, 0, Nullopt));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1212	}
				1213
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1214	char* JIT_OPERATION operationNewUint32ArrayWithSize(
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1215	ExecState* exec, Structure* structure, int32_t length, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1216	{
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1217	return newTypedArrayWithSize<JSUint32Array>(exec, structure, length, vector);
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1218	}
				1219
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1220	char* JIT_OPERATION operationNewUint32ArrayWithOneArgument(
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1221	ExecState* exec, Structure* structure, EncodedJSValue encodedValue)
				1222	{
fpizlo@apple.com	39303e0	2016-04-05 22:17:35 +0000	[diff] [blame]	1223	VM& vm = exec->vm();
				1224	NativeCallFrameTracer tracer(&vm, exec);
keith_miller@apple.com	a646a26	2015-10-16 21:40:21 +0000	[diff] [blame]	1225	return reinterpret_cast<char*>(constructGenericTypedArrayViewWithArguments<JSUint32Array>(exec, structure, encodedValue, 0, Nullopt));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1226	}
				1227
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1228	char* JIT_OPERATION operationNewFloat32ArrayWithSize(
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1229	ExecState* exec, Structure* structure, int32_t length, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1230	{
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1231	return newTypedArrayWithSize<JSFloat32Array>(exec, structure, length, vector);
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1232	}
				1233
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1234	char* JIT_OPERATION operationNewFloat32ArrayWithOneArgument(
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1235	ExecState* exec, Structure* structure, EncodedJSValue encodedValue)
				1236	{
fpizlo@apple.com	39303e0	2016-04-05 22:17:35 +0000	[diff] [blame]	1237	VM& vm = exec->vm();
				1238	NativeCallFrameTracer tracer(&vm, exec);
keith_miller@apple.com	a646a26	2015-10-16 21:40:21 +0000	[diff] [blame]	1239	return reinterpret_cast<char*>(constructGenericTypedArrayViewWithArguments<JSFloat32Array>(exec, structure, encodedValue, 0, Nullopt));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1240	}
				1241
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1242	char* JIT_OPERATION operationNewFloat64ArrayWithSize(
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1243	ExecState* exec, Structure* structure, int32_t length, char* vector)
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1244	{
fpizlo@apple.com	30a7258	2016-09-08 16:47:34 +0000	[diff] [blame]	1245	return newTypedArrayWithSize<JSFloat64Array>(exec, structure, length, vector);
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1246	}
				1247
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1248	char* JIT_OPERATION operationNewFloat64ArrayWithOneArgument(
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1249	ExecState* exec, Structure* structure, EncodedJSValue encodedValue)
				1250	{
fpizlo@apple.com	39303e0	2016-04-05 22:17:35 +0000	[diff] [blame]	1251	VM& vm = exec->vm();
				1252	NativeCallFrameTracer tracer(&vm, exec);
keith_miller@apple.com	a646a26	2015-10-16 21:40:21 +0000	[diff] [blame]	1253	return reinterpret_cast<char*>(constructGenericTypedArrayViewWithArguments<JSFloat64Array>(exec, structure, encodedValue, 0, Nullopt));
fpizlo@apple.com	372fa82	2013-08-21 19:43:47 +0000	[diff] [blame]	1254	}
				1255
saambarati1@gmail.com	144f17c	2015-07-15 21:41:08 +0000	[diff] [blame]	1256	JSCell* JIT_OPERATION operationCreateActivationDirect(ExecState* exec, Structure* structure, JSScope* scope, SymbolTable* table, EncodedJSValue initialValueEncoded)
fpizlo@apple.com	c644611	2012-05-23 20:52:42 +0000	[diff] [blame]	1257	{
saambarati1@gmail.com	144f17c	2015-07-15 21:41:08 +0000	[diff] [blame]	1258	JSValue initialValue = JSValue::decode(initialValueEncoded);
				1259	ASSERT(initialValue == jsUndefined() \|\| initialValue == jsTDZValue());
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1260	VM& vm = exec->vm();
				1261	NativeCallFrameTracer tracer(&vm, exec);
saambarati1@gmail.com	144f17c	2015-07-15 21:41:08 +0000	[diff] [blame]	1262	return JSLexicalEnvironment::create(vm, structure, scope, table, initialValue);
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1263	}
				1264
				1265	JSCell* JIT_OPERATION operationCreateDirectArguments(ExecState* exec, Structure* structure, int32_t length, int32_t minCapacity)
				1266	{
				1267	VM& vm = exec->vm();
				1268	NativeCallFrameTracer target(&vm, exec);
				1269	DirectArguments* result = DirectArguments::create(
				1270	vm, structure, length, std::max(length, minCapacity));
				1271	// The caller will store to this object without barriers. Most likely, at this point, this is
				1272	// still a young object and so no barriers are needed. But it's good to be careful anyway,
				1273	// since the GC should be allowed to do crazy (like pretenuring, for example).
				1274	vm.heap.writeBarrier(result);
fpizlo@apple.com	9a548f1	2012-05-24 05:33:09 +0000	[diff] [blame]	1275	return result;
fpizlo@apple.com	c644611	2012-05-23 20:52:42 +0000	[diff] [blame]	1276	}
				1277
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1278	JSCell* JIT_OPERATION operationCreateScopedArguments(ExecState* exec, Structure* structure, Register* argumentStart, int32_t length, JSFunction* callee, JSLexicalEnvironment* scope)
fpizlo@apple.com	6d4456e	2012-05-23 03:48:52 +0000	[diff] [blame]	1279	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1280	VM& vm = exec->vm();
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1281	NativeCallFrameTracer target(&vm, exec);
fpizlo@apple.com	d554749	2012-06-07 00:23:36 +0000	[diff] [blame]	1282
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1283	// We could pass the ScopedArgumentsTable* as an argument. We currently don't because I
				1284	// didn't feel like changing the max number of arguments for a slow path call from 6 to 7.
				1285	ScopedArgumentsTable* table = scope->symbolTable()->arguments();
fpizlo@apple.com	d554749	2012-06-07 00:23:36 +0000	[diff] [blame]	1286
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1287	return ScopedArguments::createByCopyingFrom(
				1288	vm, structure, argumentStart, length, callee, table, scope);
fpizlo@apple.com	d554749	2012-06-07 00:23:36 +0000	[diff] [blame]	1289	}
				1290
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1291	JSCell* JIT_OPERATION operationCreateClonedArguments(ExecState* exec, Structure* structure, Register* argumentStart, int32_t length, JSFunction* callee)
fpizlo@apple.com	d554749	2012-06-07 00:23:36 +0000	[diff] [blame]	1292	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1293	VM& vm = exec->vm();
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1294	NativeCallFrameTracer target(&vm, exec);
				1295	return ClonedArguments::createByCopyingFrom(
				1296	exec, structure, argumentStart, length, callee);
fpizlo@apple.com	6d4456e	2012-05-23 03:48:52 +0000	[diff] [blame]	1297	}
				1298
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1299	JSCell* JIT_OPERATION operationCreateDirectArgumentsDuringExit(ExecState* exec, InlineCallFrame* inlineCallFrame, JSFunction* callee, int32_t argumentCount)
fpizlo@apple.com	17da7f3	2012-02-25 23:05:38 +0000	[diff] [blame]	1300	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1301	VM& vm = exec->vm();
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1302	NativeCallFrameTracer target(&vm, exec);
				1303
				1304	DeferGCForAWhile deferGC(vm.heap);
				1305
				1306	CodeBlock* codeBlock;
				1307	if (inlineCallFrame)
				1308	codeBlock = baselineCodeBlockForInlineCallFrame(inlineCallFrame);
				1309	else
				1310	codeBlock = exec->codeBlock();
				1311
				1312	unsigned length = argumentCount - 1;
				1313	unsigned capacity = std::max(length, static_cast<unsigned>(codeBlock->numParameters() - 1));
				1314	DirectArguments* result = DirectArguments::create(
				1315	vm, codeBlock->globalObject()->directArgumentsStructure(), length, capacity);
				1316
				1317	result->callee().set(vm, result, callee);
				1318
				1319	Register* arguments =
				1320	exec->registers() + (inlineCallFrame ? inlineCallFrame->stackOffset : 0) +
				1321	CallFrame::argumentOffset(0);
				1322	for (unsigned i = length; i--;)
				1323	result->setIndexQuickly(vm, i, arguments[i].jsValue());
				1324
				1325	return result;
				1326	}
				1327
				1328	JSCell* JIT_OPERATION operationCreateClonedArgumentsDuringExit(ExecState* exec, InlineCallFrame* inlineCallFrame, JSFunction* callee, int32_t argumentCount)
				1329	{
				1330	VM& vm = exec->vm();
				1331	NativeCallFrameTracer target(&vm, exec);
				1332
				1333	DeferGCForAWhile deferGC(vm.heap);
				1334
				1335	CodeBlock* codeBlock;
				1336	if (inlineCallFrame)
				1337	codeBlock = baselineCodeBlockForInlineCallFrame(inlineCallFrame);
				1338	else
				1339	codeBlock = exec->codeBlock();
				1340
				1341	unsigned length = argumentCount - 1;
				1342	ClonedArguments* result = ClonedArguments::createEmpty(
keith_miller@apple.com	2636739	2016-03-14 20:55:15 +0000	[diff] [blame]	1343	vm, codeBlock->globalObject()->clonedArgumentsStructure(), callee, length);
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1344
				1345	Register* arguments =
				1346	exec->registers() + (inlineCallFrame ? inlineCallFrame->stackOffset : 0) +
				1347	CallFrame::argumentOffset(0);
				1348	for (unsigned i = length; i--;)
keith_miller@apple.com	2636739	2016-03-14 20:55:15 +0000	[diff] [blame]	1349	result->initializeIndex(vm, i, arguments[i].jsValue());
				1350
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1351
				1352	return result;
fpizlo@apple.com	17da7f3	2012-02-25 23:05:38 +0000	[diff] [blame]	1353	}
				1354
sbarati@apple.com	6cfefd8	2016-08-13 02:14:42 +0000	[diff] [blame]	1355	JSCell* JIT_OPERATION operationCreateRest(ExecState* exec, Register* argumentStart, unsigned numberOfParamsToSkip, unsigned arraySize)
sbarati@apple.com	c0722da	2015-11-20 02:37:47 +0000	[diff] [blame]	1356	{
keith_miller@apple.com	1b8b006	2016-04-16 01:26:10 +0000	[diff] [blame]	1357	VM* vm = &exec->vm();
				1358	NativeCallFrameTracer tracer(vm, exec);
				1359
sbarati@apple.com	6cfefd8	2016-08-13 02:14:42 +0000	[diff] [blame]	1360	JSGlobalObject* globalObject = exec->lexicalGlobalObject();
				1361	Structure* structure = globalObject->arrayStructureForIndexingTypeDuringAllocation(ArrayWithContiguous);
				1362	static_assert(sizeof(Register) == sizeof(JSValue), "This is a strong assumption here.");
				1363	JSValue* argumentsToCopyRegion = bitwise_cast<JSValue*>(argumentStart) + numberOfParamsToSkip;
				1364	return constructArray(exec, structure, argumentsToCopyRegion, arraySize);
sbarati@apple.com	c0722da	2015-11-20 02:37:47 +0000	[diff] [blame]	1365	}
				1366
fpizlo@apple.com	b8823d5	2015-05-03 00:15:27 +0000	[diff] [blame]	1367	size_t JIT_OPERATION operationObjectIsObject(ExecState* exec, JSGlobalObject* globalObject, JSCell* object)
oliver@apple.com	e722ad0	2013-01-09 02:37:29 +0000	[diff] [blame]	1368	{
mark.lam@apple.com	87a5b6f	2014-02-05 04:22:43 +0000	[diff] [blame]	1369	VM& vm = exec->vm();
				1370	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	b8823d5	2015-05-03 00:15:27 +0000	[diff] [blame]	1371
				1372	ASSERT(jsDynamicCast<JSObject*>(object));
				1373
				1374	if (object->structure(vm)->masqueradesAsUndefined(globalObject))
				1375	return false;
				1376	if (object->type() == JSFunctionType)
				1377	return false;
				1378	if (object->inlineTypeFlags() & TypeOfShouldCallGetCallData) {
				1379	CallData callData;
utatane.tea@gmail.com	f76f1b4	2016-03-05 17:01:04 +0000	[diff] [blame]	1380	if (object->methodTable(vm)->getCallData(object, callData) != CallType::None)
fpizlo@apple.com	b8823d5	2015-05-03 00:15:27 +0000	[diff] [blame]	1381	return false;
				1382	}
				1383
				1384	return true;
				1385	}
				1386
				1387	size_t JIT_OPERATION operationObjectIsFunction(ExecState* exec, JSGlobalObject* globalObject, JSCell* object)
				1388	{
				1389	VM& vm = exec->vm();
				1390	NativeCallFrameTracer tracer(&vm, exec);
				1391
				1392	ASSERT(jsDynamicCast<JSObject*>(object));
				1393
				1394	if (object->structure(vm)->masqueradesAsUndefined(globalObject))
				1395	return false;
				1396	if (object->type() == JSFunctionType)
				1397	return true;
				1398	if (object->inlineTypeFlags() & TypeOfShouldCallGetCallData) {
				1399	CallData callData;
utatane.tea@gmail.com	f76f1b4	2016-03-05 17:01:04 +0000	[diff] [blame]	1400	if (object->methodTable(vm)->getCallData(object, callData) != CallType::None)
fpizlo@apple.com	b8823d5	2015-05-03 00:15:27 +0000	[diff] [blame]	1401	return true;
				1402	}
				1403
				1404	return false;
				1405	}
				1406
				1407	JSCell* JIT_OPERATION operationTypeOfObject(ExecState* exec, JSGlobalObject* globalObject, JSCell* object)
				1408	{
				1409	VM& vm = exec->vm();
				1410	NativeCallFrameTracer tracer(&vm, exec);
				1411
				1412	ASSERT(jsDynamicCast<JSObject*>(object));
				1413
				1414	if (object->structure(vm)->masqueradesAsUndefined(globalObject))
				1415	return vm.smallStrings.undefinedString();
				1416	if (object->type() == JSFunctionType)
				1417	return vm.smallStrings.functionString();
				1418	if (object->inlineTypeFlags() & TypeOfShouldCallGetCallData) {
				1419	CallData callData;
utatane.tea@gmail.com	f76f1b4	2016-03-05 17:01:04 +0000	[diff] [blame]	1420	if (object->methodTable(vm)->getCallData(object, callData) != CallType::None)
fpizlo@apple.com	b8823d5	2015-05-03 00:15:27 +0000	[diff] [blame]	1421	return vm.smallStrings.functionString();
				1422	}
				1423
				1424	return vm.smallStrings.objectString();
				1425	}
				1426
				1427	int32_t JIT_OPERATION operationTypeOfObjectAsTypeofType(ExecState* exec, JSGlobalObject* globalObject, JSCell* object)
				1428	{
				1429	VM& vm = exec->vm();
				1430	NativeCallFrameTracer tracer(&vm, exec);
				1431
				1432	ASSERT(jsDynamicCast<JSObject*>(object));
				1433
				1434	if (object->structure(vm)->masqueradesAsUndefined(globalObject))
				1435	return static_cast<int32_t>(TypeofType::Undefined);
				1436	if (object->type() == JSFunctionType)
				1437	return static_cast<int32_t>(TypeofType::Function);
				1438	if (object->inlineTypeFlags() & TypeOfShouldCallGetCallData) {
				1439	CallData callData;
utatane.tea@gmail.com	f76f1b4	2016-03-05 17:01:04 +0000	[diff] [blame]	1440	if (object->methodTable(vm)->getCallData(object, callData) != CallType::None)
fpizlo@apple.com	b8823d5	2015-05-03 00:15:27 +0000	[diff] [blame]	1441	return static_cast<int32_t>(TypeofType::Function);
				1442	}
				1443
				1444	return static_cast<int32_t>(TypeofType::Object);
oliver@apple.com	e722ad0	2013-01-09 02:37:29 +0000	[diff] [blame]	1445	}
				1446
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1447	char* JIT_OPERATION operationAllocatePropertyStorageWithInitialCapacity(ExecState* exec)
fpizlo@apple.com	1ffdcff	2012-07-19 00:30:34 +0000	[diff] [blame]	1448	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1449	VM& vm = exec->vm();
				1450	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	c17054c	2012-09-18 15:22:29 +0000	[diff] [blame]	1451
fpizlo@apple.com	d8dd053	2012-09-13 04:18:52 +0000	[diff] [blame]	1452	return reinterpret_cast<char*>(
oliver@apple.com	a03796a	2013-07-25 04:01:20 +0000	[diff] [blame]	1453	Butterfly::createUninitialized(vm, 0, 0, initialOutOfLineCapacity, false, 0));
fpizlo@apple.com	1ffdcff	2012-07-19 00:30:34 +0000	[diff] [blame]	1454	}
				1455
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1456	char* JIT_OPERATION operationAllocatePropertyStorage(ExecState* exec, size_t newSize)
fpizlo@apple.com	1ffdcff	2012-07-19 00:30:34 +0000	[diff] [blame]	1457	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1458	VM& vm = exec->vm();
				1459	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	c17054c	2012-09-18 15:22:29 +0000	[diff] [blame]	1460
fpizlo@apple.com	d8dd053	2012-09-13 04:18:52 +0000	[diff] [blame]	1461	return reinterpret_cast<char*>(
oliver@apple.com	a03796a	2013-07-25 04:01:20 +0000	[diff] [blame]	1462	Butterfly::createUninitialized(vm, 0, 0, newSize, false, 0));
fpizlo@apple.com	d8dd053	2012-09-13 04:18:52 +0000	[diff] [blame]	1463	}
				1464
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1465	char* JIT_OPERATION operationEnsureInt32(ExecState* exec, JSCell* cell)
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	1466	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1467	VM& vm = exec->vm();
				1468	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	1469
fpizlo@apple.com	274b6f1	2012-12-20 00:19:03 +0000	[diff] [blame]	1470	if (!cell->isObject())
				1471	return 0;
				1472
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1473	return reinterpret_cast<char*>(asObject(cell)->ensureInt32(vm).data());
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	1474	}
				1475
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1476	char* JIT_OPERATION operationEnsureDouble(ExecState* exec, JSCell* cell)
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	1477	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1478	VM& vm = exec->vm();
				1479	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	1480
fpizlo@apple.com	274b6f1	2012-12-20 00:19:03 +0000	[diff] [blame]	1481	if (!cell->isObject())
				1482	return 0;
				1483
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1484	return reinterpret_cast<char*>(asObject(cell)->ensureDouble(vm).data());
fpizlo@apple.com	75c91a7	2012-11-08 22:28:25 +0000	[diff] [blame]	1485	}
				1486
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1487	char* JIT_OPERATION operationEnsureContiguous(ExecState* exec, JSCell* cell)
fpizlo@apple.com	0e9910a	2012-10-09 23:39:53 +0000	[diff] [blame]	1488	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1489	VM& vm = exec->vm();
				1490	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	0e9910a	2012-10-09 23:39:53 +0000	[diff] [blame]	1491
fpizlo@apple.com	274b6f1	2012-12-20 00:19:03 +0000	[diff] [blame]	1492	if (!cell->isObject())
				1493	return 0;
				1494
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1495	return reinterpret_cast<char*>(asObject(cell)->ensureContiguous(vm).data());
fpizlo@apple.com	0e9910a	2012-10-09 23:39:53 +0000	[diff] [blame]	1496	}
				1497
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1498	char* JIT_OPERATION operationEnsureArrayStorage(ExecState* exec, JSCell* cell)
fpizlo@apple.com	497c751	2012-09-19 01:20:52 +0000	[diff] [blame]	1499	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1500	VM& vm = exec->vm();
				1501	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	274b6f1	2012-12-20 00:19:03 +0000	[diff] [blame]	1502
				1503	if (!cell->isObject())
				1504	return 0;
fpizlo@apple.com	497c751	2012-09-19 01:20:52 +0000	[diff] [blame]	1505
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1506	return reinterpret_cast<char*>(asObject(cell)->ensureArrayStorage(vm));
fpizlo@apple.com	497c751	2012-09-19 01:20:52 +0000	[diff] [blame]	1507	}
				1508
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1509	StringImpl* JIT_OPERATION operationResolveRope(ExecState* exec, JSString* string)
fpizlo@apple.com	70bb5c5	2012-12-11 05:22:49 +0000	[diff] [blame]	1510	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1511	VM& vm = exec->vm();
				1512	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	70bb5c5	2012-12-11 05:22:49 +0000	[diff] [blame]	1513
				1514	return string->value(exec).impl();
				1515	}
				1516
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1517	JSString* JIT_OPERATION operationSingleCharacterString(ExecState* exec, int32_t character)
oliver@apple.com	63af2d4	2013-07-25 04:03:33 +0000	[diff] [blame]	1518	{
				1519	VM& vm = exec->vm();
				1520	NativeCallFrameTracer tracer(&vm, exec);
				1521
				1522	return jsSingleCharacterString(exec, static_cast<UChar>(character));
				1523	}
				1524
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1525	JSCell* JIT_OPERATION operationNewStringObject(ExecState* exec, JSString* string, Structure* structure)
fpizlo@apple.com	0e6e154	2013-03-18 18:09:22 +0000	[diff] [blame]	1526	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1527	VM& vm = exec->vm();
				1528	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	0e6e154	2013-03-18 18:09:22 +0000	[diff] [blame]	1529
akling@apple.com	019809c	2013-10-06 18:16:48 +0000	[diff] [blame]	1530	return StringObject::create(vm, structure, string);
fpizlo@apple.com	0e6e154	2013-03-18 18:09:22 +0000	[diff] [blame]	1531	}
				1532
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1533	JSCell* JIT_OPERATION operationToStringOnCell(ExecState* exec, JSCell* cell)
fpizlo@apple.com	0e6e154	2013-03-18 18:09:22 +0000	[diff] [blame]	1534	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1535	VM& vm = exec->vm();
				1536	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	0e6e154	2013-03-18 18:09:22 +0000	[diff] [blame]	1537
				1538	return JSValue(cell).toString(exec);
				1539	}
				1540
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1541	JSCell* JIT_OPERATION operationToString(ExecState* exec, EncodedJSValue value)
fpizlo@apple.com	0e6e154	2013-03-18 18:09:22 +0000	[diff] [blame]	1542	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1543	VM& vm = exec->vm();
				1544	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	0e6e154	2013-03-18 18:09:22 +0000	[diff] [blame]	1545
				1546	return JSValue::decode(value).toString(exec);
				1547	}
				1548
utatane.tea@gmail.com	153559e	2015-04-06 19:07:12 +0000	[diff] [blame]	1549	JSCell* JIT_OPERATION operationCallStringConstructorOnCell(ExecState* exec, JSCell* cell)
				1550	{
				1551	VM& vm = exec->vm();
				1552	NativeCallFrameTracer tracer(&vm, exec);
				1553
				1554	return stringConstructor(exec, cell);
				1555	}
				1556
				1557	JSCell* JIT_OPERATION operationCallStringConstructor(ExecState* exec, EncodedJSValue value)
				1558	{
				1559	VM& vm = exec->vm();
				1560	NativeCallFrameTracer tracer(&vm, exec);
				1561
				1562	return stringConstructor(exec, JSValue::decode(value));
				1563	}
				1564
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1565	JSCell* JIT_OPERATION operationMakeRope2(ExecState* exec, JSString* left, JSString* right)
fpizlo@apple.com	8d22591	2013-03-19 00:44:57 +0000	[diff] [blame]	1566	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1567	VM& vm = exec->vm();
				1568	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	24c4999	2014-04-19 21:13:46 +0000	[diff] [blame]	1569
mark.lam@apple.com	581437a	2016-09-22 23:41:56 +0000	[diff] [blame]	1570	return jsString(exec, left, right);
fpizlo@apple.com	8d22591	2013-03-19 00:44:57 +0000	[diff] [blame]	1571	}
				1572
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1573	JSCell* JIT_OPERATION operationMakeRope3(ExecState* exec, JSString* a, JSString* b, JSString* c)
fpizlo@apple.com	4463e44	2013-03-20 20:29:37 +0000	[diff] [blame]	1574	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1575	VM& vm = exec->vm();
				1576	NativeCallFrameTracer tracer(&vm, exec);
fpizlo@apple.com	4463e44	2013-03-20 20:29:37 +0000	[diff] [blame]	1577
mark.lam@apple.com	581437a	2016-09-22 23:41:56 +0000	[diff] [blame]	1578	return jsString(exec, a, b, c);
fpizlo@apple.com	4463e44	2013-03-20 20:29:37 +0000	[diff] [blame]	1579	}
				1580
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1581	JSCell* JIT_OPERATION operationStrCat2(ExecState* exec, EncodedJSValue a, EncodedJSValue b)
				1582	{
				1583	VM& vm = exec->vm();
				1584	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	1585	auto scope = DECLARE_THROW_SCOPE(vm);
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1586
				1587	JSString* str1 = JSValue::decode(a).toString(exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	1588	ASSERT(!scope.exception()); // Impossible, since we must have been given primitives.
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1589	JSString* str2 = JSValue::decode(b).toString(exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	1590	ASSERT(!scope.exception());
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1591
mark.lam@apple.com	581437a	2016-09-22 23:41:56 +0000	[diff] [blame]	1592	scope.release();
				1593	return jsString(exec, str1, str2);
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1594	}
				1595
				1596	JSCell* JIT_OPERATION operationStrCat3(ExecState* exec, EncodedJSValue a, EncodedJSValue b, EncodedJSValue c)
				1597	{
				1598	VM& vm = exec->vm();
				1599	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	1600	auto scope = DECLARE_THROW_SCOPE(vm);
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1601
				1602	JSString* str1 = JSValue::decode(a).toString(exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	1603	ASSERT(!scope.exception()); // Impossible, since we must have been given primitives.
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1604	JSString* str2 = JSValue::decode(b).toString(exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	1605	ASSERT(!scope.exception());
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1606	JSString* str3 = JSValue::decode(c).toString(exec);
mark.lam@apple.com	451de99	2016-09-07 22:10:50 +0000	[diff] [blame]	1607	ASSERT(!scope.exception());
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1608
mark.lam@apple.com	581437a	2016-09-22 23:41:56 +0000	[diff] [blame]	1609	scope.release();
				1610	return jsString(exec, str1, str2, str3);
fpizlo@apple.com	b3b187c	2015-08-22 18:35:47 +0000	[diff] [blame]	1611	}
				1612
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1613	char* JIT_OPERATION operationFindSwitchImmTargetForDouble(
oliver@apple.com	9b7647b	2013-07-25 04:03:00 +0000	[diff] [blame]	1614	ExecState* exec, EncodedJSValue encodedValue, size_t tableIndex)
				1615	{
keith_miller@apple.com	1b8b006	2016-04-16 01:26:10 +0000	[diff] [blame]	1616	VM& vm = exec->vm();
				1617	NativeCallFrameTracer tracer(&vm, exec);
				1618
oliver@apple.com	9b7647b	2013-07-25 04:03:00 +0000	[diff] [blame]	1619	CodeBlock* codeBlock = exec->codeBlock();
oliver@apple.com	a14cea5	2013-07-25 04:03:23 +0000	[diff] [blame]	1620	SimpleJumpTable& table = codeBlock->switchJumpTable(tableIndex);
oliver@apple.com	9b7647b	2013-07-25 04:03:00 +0000	[diff] [blame]	1621	JSValue value = JSValue::decode(encodedValue);
				1622	ASSERT(value.isDouble());
				1623	double asDouble = value.asDouble();
				1624	int32_t asInt32 = static_cast<int32_t>(asDouble);
				1625	if (asDouble == asInt32)
				1626	return static_cast<char*>(table.ctiForValue(asInt32).executableAddress());
				1627	return static_cast<char*>(table.ctiDefault.executableAddress());
				1628	}
				1629
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1630	char* JIT_OPERATION operationSwitchString(ExecState* exec, size_t tableIndex, JSString* string)
oliver@apple.com	5c826c0	2013-07-25 04:03:51 +0000	[diff] [blame]	1631	{
				1632	VM& vm = exec->vm();
				1633	NativeCallFrameTracer tracer(&vm, exec);
				1634
				1635	return static_cast<char*>(exec->codeBlock()->stringSwitchJumpTable(tableIndex).ctiForValue(string->value(exec).impl()).executableAddress());
				1636	}
				1637
fpizlo@apple.com	5a3036b	2015-04-29 03:34:43 +0000	[diff] [blame]	1638	int32_t JIT_OPERATION operationSwitchStringAndGetBranchOffset(ExecState* exec, size_t tableIndex, JSString* string)
				1639	{
				1640	VM& vm = exec->vm();
				1641	NativeCallFrameTracer tracer(&vm, exec);
				1642
				1643	return exec->codeBlock()->stringSwitchJumpTable(tableIndex).offsetForValue(string->value(exec).impl(), std::numeric_limits<int32_t>::min());
				1644	}
				1645
commit-queue@webkit.org	36c5288	2016-04-22 05:08:28 +0000	[diff] [blame]	1646	uintptr_t JIT_OPERATION operationCompareStringImplLess(StringImpl* a, StringImpl* b)
				1647	{
				1648	return codePointCompare(a, b) < 0;
				1649	}
				1650
				1651	uintptr_t JIT_OPERATION operationCompareStringImplLessEq(StringImpl* a, StringImpl* b)
				1652	{
				1653	return codePointCompare(a, b) <= 0;
				1654	}
				1655
				1656	uintptr_t JIT_OPERATION operationCompareStringImplGreater(StringImpl* a, StringImpl* b)
				1657	{
				1658	return codePointCompare(a, b) > 0;
				1659	}
				1660
				1661	uintptr_t JIT_OPERATION operationCompareStringImplGreaterEq(StringImpl* a, StringImpl* b)
				1662	{
				1663	return codePointCompare(a, b) >= 0;
				1664	}
				1665
				1666	uintptr_t JIT_OPERATION operationCompareStringLess(ExecState* exec, JSString* a, JSString* b)
				1667	{
				1668	VM& vm = exec->vm();
				1669	NativeCallFrameTracer tracer(&vm, exec);
				1670
				1671	return codePointCompareLessThan(asString(a)->value(exec), asString(b)->value(exec));
				1672	}
				1673
				1674	uintptr_t JIT_OPERATION operationCompareStringLessEq(ExecState* exec, JSString* a, JSString* b)
				1675	{
				1676	VM& vm = exec->vm();
				1677	NativeCallFrameTracer tracer(&vm, exec);
				1678
				1679	return !codePointCompareLessThan(asString(b)->value(exec), asString(a)->value(exec));
				1680	}
				1681
				1682	uintptr_t JIT_OPERATION operationCompareStringGreater(ExecState* exec, JSString* a, JSString* b)
				1683	{
				1684	VM& vm = exec->vm();
				1685	NativeCallFrameTracer tracer(&vm, exec);
				1686
				1687	return codePointCompareLessThan(asString(b)->value(exec), asString(a)->value(exec));
				1688	}
				1689
				1690	uintptr_t JIT_OPERATION operationCompareStringGreaterEq(ExecState* exec, JSString* a, JSString* b)
				1691	{
				1692	VM& vm = exec->vm();
				1693	NativeCallFrameTracer tracer(&vm, exec);
				1694
				1695	return !codePointCompareLessThan(asString(a)->value(exec), asString(b)->value(exec));
				1696	}
				1697
fpizlo@apple.com	3a2fa4c	2015-04-13 22:13:12 +0000	[diff] [blame]	1698	void JIT_OPERATION operationNotifyWrite(ExecState* exec, WatchpointSet* set)
fpizlo@apple.com	3396171	2013-11-20 05:49:05 +0000	[diff] [blame]	1699	{
				1700	VM& vm = exec->vm();
				1701	NativeCallFrameTracer tracer(&vm, exec);
				1702
sbarati@apple.com	0c3609d	2016-06-28 21:30:20 +0000	[diff] [blame]	1703	set->touch(vm, "Executed NotifyWrite");
fpizlo@apple.com	3396171	2013-11-20 05:49:05 +0000	[diff] [blame]	1704	}
				1705
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1706	void JIT_OPERATION operationThrowStackOverflowForVarargs(ExecState* exec)
				1707	{
				1708	VM& vm = exec->vm();
				1709	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	1710	auto scope = DECLARE_THROW_SCOPE(vm);
				1711	throwStackOverflowError(exec, scope);
fpizlo@apple.com	da834ae	2015-03-26 04:28:43 +0000	[diff] [blame]	1712	}
				1713
fpizlo@apple.com	8fefdd3	2015-02-18 19:55:47 +0000	[diff] [blame]	1714	int32_t JIT_OPERATION operationSizeOfVarargs(ExecState* exec, EncodedJSValue encodedArguments, int32_t firstVarArgOffset)
				1715	{
				1716	VM& vm = exec->vm();
				1717	NativeCallFrameTracer tracer(&vm, exec);
				1718	JSValue arguments = JSValue::decode(encodedArguments);
				1719
				1720	return sizeOfVarargs(exec, arguments, firstVarArgOffset);
				1721	}
				1722
sbarati@apple.com	a3db465	2016-09-20 01:05:50 +0000	[diff] [blame]	1723	int32_t JIT_OPERATION operationHasOwnProperty(ExecState* exec, JSObject* thisObject, EncodedJSValue encodedKey)
				1724	{
				1725	VM& vm = exec->vm();
				1726	NativeCallFrameTracer tracer(&vm, exec);
				1727	auto scope = DECLARE_THROW_SCOPE(vm);
				1728
				1729	JSValue key = JSValue::decode(encodedKey);
				1730	Identifier propertyName = key.toPropertyKey(exec);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	1731	RETURN_IF_EXCEPTION(scope, false);
sbarati@apple.com	a3db465	2016-09-20 01:05:50 +0000	[diff] [blame]	1732
				1733	PropertySlot slot(thisObject, PropertySlot::InternalMethodType::GetOwnProperty);
				1734	bool result = thisObject->hasOwnProperty(exec, propertyName.impl(), slot);
mark.lam@apple.com	e1ab17c	2016-09-26 19:11:17 +0000	[diff] [blame]	1735	RETURN_IF_EXCEPTION(scope, false);
sbarati@apple.com	a3db465	2016-09-20 01:05:50 +0000	[diff] [blame]	1736
				1737	HasOwnPropertyCache* hasOwnPropertyCache = vm.hasOwnPropertyCache();
				1738	ASSERT(hasOwnPropertyCache);
				1739	hasOwnPropertyCache->tryAdd(vm, slot, thisObject, propertyName.impl(), result);
				1740	return result;
				1741	}
				1742
fpizlo@apple.com	8fefdd3	2015-02-18 19:55:47 +0000	[diff] [blame]	1743	void JIT_OPERATION operationLoadVarargs(ExecState* exec, int32_t firstElementDest, EncodedJSValue encodedArguments, int32_t offset, int32_t length, int32_t mandatoryMinimum)
				1744	{
				1745	VM& vm = exec->vm();
				1746	NativeCallFrameTracer tracer(&vm, exec);
				1747	JSValue arguments = JSValue::decode(encodedArguments);
				1748
				1749	loadVarargs(exec, VirtualRegister(firstElementDest), arguments, offset, length);
				1750
				1751	for (int32_t i = length; i < mandatoryMinimum; ++i)
				1752	exec->r(firstElementDest + i) = jsUndefined();
				1753	}
				1754
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1755	double JIT_OPERATION operationFModOnInts(int32_t a, int32_t b)
fpizlo@apple.com	2c2536e	2012-03-21 01:29:28 +0000	[diff] [blame]	1756	{
				1757	return fmod(a, b);
				1758	}
				1759
utatane.tea@gmail.com	d2fca0a	2015-12-15 03:51:42 +0000	[diff] [blame]	1760	#if USE(JSVALUE32_64)
				1761	double JIT_OPERATION operationRandom(JSGlobalObject* globalObject)
				1762	{
				1763	return globalObject->weakRandomNumber();
				1764	}
				1765	#endif
				1766
mark.lam@apple.com	03a3e38	2016-01-08 18:44:36 +0000	[diff] [blame]	1767	JSCell* JIT_OPERATION operationStringFromCharCode(ExecState* exec, int32_t op1)
commit-queue@webkit.org	aa31a5e	2013-04-09 06:45:16 +0000	[diff] [blame]	1768	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1769	VM* vm = &exec->vm();
				1770	NativeCallFrameTracer tracer(vm, exec);
mark.lam@apple.com	03a3e38	2016-01-08 18:44:36 +0000	[diff] [blame]	1771	return JSC::stringFromCharCode(exec, op1);
commit-queue@webkit.org	aa31a5e	2013-04-09 06:45:16 +0000	[diff] [blame]	1772	}
				1773
mark.lam@apple.com	151fe10	2016-01-13 23:28:38 +0000	[diff] [blame]	1774	EncodedJSValue JIT_OPERATION operationStringFromCharCodeUntyped(ExecState* exec, EncodedJSValue encodedValue)
				1775	{
				1776	VM* vm = &exec->vm();
				1777	NativeCallFrameTracer tracer(vm, exec);
				1778	JSValue charValue = JSValue::decode(encodedValue);
				1779	int32_t chInt = charValue.toUInt32(exec);
				1780	return JSValue::encode(JSC::stringFromCharCode(exec, chInt));
				1781	}
				1782
fpizlo@apple.com	f299993	2014-07-15 00:41:39 +0000	[diff] [blame]	1783	int64_t JIT_OPERATION operationConvertBoxedDoubleToInt52(EncodedJSValue encodedValue)
				1784	{
				1785	JSValue value = JSValue::decode(encodedValue);
				1786	if (!value.isDouble())
				1787	return JSValue::notInt52;
				1788	return tryConvertToInt52(value.asDouble());
				1789	}
				1790
				1791	int64_t JIT_OPERATION operationConvertDoubleToInt52(double value)
				1792	{
				1793	return tryConvertToInt52(value);
				1794	}
				1795
sbarati@apple.com	fa85752	2016-03-07 01:00:33 +0000	[diff] [blame]	1796	size_t JIT_OPERATION operationDefaultHasInstance(ExecState* exec, JSCell* value, JSCell* proto) // Returns jsBoolean(True\|False) on 64-bit.
				1797	{
				1798	VM* vm = &exec->vm();
				1799	NativeCallFrameTracer tracer(vm, exec);
				1800	if (JSObject::defaultHasInstance(exec, value, proto))
				1801	return 1;
				1802	return 0;
				1803	}
				1804
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1805	char* JIT_OPERATION operationNewRawObject(ExecState* exec, Structure* structure, int32_t length, Butterfly* butterfly)
fpizlo@apple.com	280ef00	2016-04-05 22:13:16 +0000	[diff] [blame]	1806	{
				1807	VM& vm = exec->vm();
				1808	NativeCallFrameTracer tracer(&vm, exec);
				1809
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1810	if (!butterfly
				1811	&& (structure->outOfLineCapacity() \|\| hasIndexedProperties(structure->indexingType()))) {
fpizlo@apple.com	280ef00	2016-04-05 22:13:16 +0000	[diff] [blame]	1812	IndexingHeader header;
				1813	header.setVectorLength(length);
				1814	header.setPublicLength(0);
				1815
				1816	butterfly = Butterfly::create(
				1817	vm, nullptr, 0, structure->outOfLineCapacity(),
				1818	hasIndexedProperties(structure->indexingType()), header,
				1819	length * sizeof(EncodedJSValue));
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1820	}
fpizlo@apple.com	280ef00	2016-04-05 22:13:16 +0000	[diff] [blame]	1821
				1822	JSObject* result = JSObject::createRawObject(exec, structure, butterfly);
				1823	result->butterfly(); // Ensure that the butterfly is in to-space.
				1824	return bitwise_cast<char*>(result);
				1825	}
				1826
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1827	JSCell* JIT_OPERATION operationNewObjectWithButterfly(ExecState* exec, Structure* structure, Butterfly* butterfly)
fpizlo@apple.com	280ef00	2016-04-05 22:13:16 +0000	[diff] [blame]	1828	{
				1829	VM& vm = exec->vm();
				1830	NativeCallFrameTracer tracer(&vm, exec);
				1831
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1832	if (!butterfly) {
				1833	butterfly = Butterfly::create(
				1834	vm, nullptr, 0, structure->outOfLineCapacity(), false, IndexingHeader(), 0);
				1835	}
fpizlo@apple.com	280ef00	2016-04-05 22:13:16 +0000	[diff] [blame]	1836
				1837	JSObject* result = JSObject::createRawObject(exec, structure, butterfly);
				1838	result->butterfly(); // Ensure that the butterfly is in to-space.
				1839	return result;
				1840	}
				1841
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1842	JSCell* JIT_OPERATION operationNewObjectWithButterflyWithIndexingHeaderAndVectorLength(ExecState* exec, Structure* structure, unsigned length, Butterfly* butterfly)
fpizlo@apple.com	280ef00	2016-04-05 22:13:16 +0000	[diff] [blame]	1843	{
				1844	VM& vm = exec->vm();
				1845	NativeCallFrameTracer tracer(&vm, exec);
				1846
				1847	IndexingHeader header;
				1848	header.setVectorLength(length);
				1849	header.setPublicLength(0);
fpizlo@apple.com	bc16ddb	2016-09-06 01:02:22 +0000	[diff] [blame]	1850	if (butterfly)
				1851	*butterfly->indexingHeader() = header;
				1852	else {
				1853	butterfly = Butterfly::create(
				1854	vm, nullptr, 0, structure->outOfLineCapacity(), true, header,
				1855	sizeof(EncodedJSValue) * length);
				1856	}
				1857
fpizlo@apple.com	280ef00	2016-04-05 22:13:16 +0000	[diff] [blame]	1858	// Paradoxically this may allocate a JSArray. That's totally cool.
				1859	JSObject* result = JSObject::createRawObject(exec, structure, butterfly);
				1860	result->butterfly(); // Ensure that the butterfly is in to-space.
				1861	return result;
				1862	}
				1863
saambarati1@gmail.com	daf1020	2014-10-01 20:47:51 +0000	[diff] [blame]	1864	void JIT_OPERATION operationProcessTypeProfilerLogDFG(ExecState* exec)
				1865	{
sbarati@apple.com	c6fb755	2016-06-07 20:07:56 +0000	[diff] [blame]	1866	VM& vm = exec->vm();
				1867	NativeCallFrameTracer tracer(&vm, exec);
				1868
				1869	vm.typeProfilerLog()->processLogEntries(ASCIILiteral("Log Full, called from inside DFG."));
saambarati1@gmail.com	daf1020	2014-10-01 20:47:51 +0000	[diff] [blame]	1870	}
				1871
mark.lam@apple.com	9df8b83	2013-09-26 20:27:14 +0000	[diff] [blame]	1872	void JIT_OPERATION debugOperationPrintSpeculationFailure(ExecState* exec, void* debugInfoRaw, void* scratch)
fpizlo@apple.com	746c6d07	2011-09-07 02:47:51 +0000	[diff] [blame]	1873	{
ggaren@apple.com	9a9a4b5	2013-04-18 19:32:17 +0000	[diff] [blame]	1874	VM* vm = &exec->vm();
				1875	NativeCallFrameTracer tracer(vm, exec);
oliver@apple.com	e07a459	2012-01-25 19:43:06 +0000	[diff] [blame]	1876
fpizlo@apple.com	746c6d07	2011-09-07 02:47:51 +0000	[diff] [blame]	1877	SpeculationFailureDebugInfo* debugInfo = static_cast<SpeculationFailureDebugInfo*>(debugInfoRaw);
fpizlo@apple.com	f2bf0dd	2011-09-26 04:05:28 +0000	[diff] [blame]	1878	CodeBlock* codeBlock = debugInfo->codeBlock;
fpizlo@apple.com	47d3b64	2011-10-05 21:36:23 +0000	[diff] [blame]	1879	CodeBlock* alternative = codeBlock->alternative();
mark.lam@apple.com	e7ecf83	2014-04-02 20:49:27 +0000	[diff] [blame]	1880	dataLog("Speculation failure in ", *codeBlock);
				1881	dataLog(" @ exit #", vm->osrExitIndex, " (bc#", debugInfo->bytecodeOffset, ", ", exitKindToString(debugInfo->kind), ") with ");
fpizlo@apple.com	0bfcc38	2012-11-30 03:42:29 +0000	[diff] [blame]	1882	if (alternative) {
				1883	dataLog(
				1884	"executeCounter = ", alternative->jitExecuteCounter(),
				1885	", reoptimizationRetryCounter = ", alternative->reoptimizationRetryCounter(),
				1886	", optimizationDelayCounter = ", alternative->optimizationDelayCounter());
				1887	} else
				1888	dataLog("no alternative code block (i.e. we've been jettisoned)");
				1889	dataLog(", osrExitCounter = ", codeBlock->osrExitCounter(), "\n");
fpizlo@apple.com	03e446e	2013-01-11 22:18:27 +0000	[diff] [blame]	1890	dataLog(" GPRs at time of exit:");
				1891	char* scratchPointer = static_cast<char*>(scratch);
				1892	for (unsigned i = 0; i < GPRInfo::numberOfRegisters; ++i) {
				1893	GPRReg gpr = GPRInfo::toRegister(i);
commit-queue@webkit.org	94ea812	2013-02-25 13:13:43 +0000	[diff] [blame]	1894	dataLog(" ", GPRInfo::debugName(gpr), ":", RawPointer(reinterpret_cast_ptr<void*>(scratchPointer)));
fpizlo@apple.com	03e446e	2013-01-11 22:18:27 +0000	[diff] [blame]	1895	scratchPointer += sizeof(EncodedJSValue);
				1896	}
				1897	dataLog("\n");
				1898	dataLog(" FPRs at time of exit:");
				1899	for (unsigned i = 0; i < FPRInfo::numberOfRegisters; ++i) {
				1900	FPRReg fpr = FPRInfo::toRegister(i);
				1901	dataLog(" ", FPRInfo::debugName(fpr), ":");
commit-queue@webkit.org	94ea812	2013-02-25 13:13:43 +0000	[diff] [blame]	1902	uint64_t bits = reinterpret_cast_ptr<uint64_t>(scratchPointer);
				1903	double value = reinterpret_cast_ptr<double>(scratchPointer);
ossy@webkit.org	71aebd7	2013-01-12 09:33:01 +0000	[diff] [blame]	1904	dataLogF("%llx:%lf", static_cast<long long>(bits), value);
fpizlo@apple.com	03e446e	2013-01-11 22:18:27 +0000	[diff] [blame]	1905	scratchPointer += sizeof(EncodedJSValue);
				1906	}
				1907	dataLog("\n");
fpizlo@apple.com	746c6d07	2011-09-07 02:47:51 +0000	[diff] [blame]	1908	}
fpizlo@apple.com	746c6d07	2011-09-07 02:47:51 +0000	[diff] [blame]	1909
sbarati@apple.com	e67fd78	2016-04-19 01:38:30 +0000	[diff] [blame]	1910	JSCell* JIT_OPERATION operationResolveScope(ExecState* exec, JSScope* scope, UniquedStringImpl* impl)
				1911	{
				1912	VM& vm = exec->vm();
				1913	NativeCallFrameTracer tracer(&vm, exec);
				1914
				1915	JSObject* resolvedScope = JSScope::resolve(exec, scope, Identifier::fromUid(exec, impl));
				1916	return resolvedScope;
				1917	}
				1918
				1919	EncodedJSValue JIT_OPERATION operationGetDynamicVar(ExecState* exec, JSObject* scope, UniquedStringImpl* impl, unsigned getPutInfoBits)
				1920	{
				1921	VM& vm = exec->vm();
				1922	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	1923	auto throwScope = DECLARE_THROW_SCOPE(vm);
sbarati@apple.com	e67fd78	2016-04-19 01:38:30 +0000	[diff] [blame]	1924
utatane.tea@gmail.com	d80165c	2016-06-06 01:56:11 +0000	[diff] [blame]	1925	Identifier ident = Identifier::fromUid(exec, impl);
				1926	return JSValue::encode(scope->getPropertySlot(exec, ident, [&] (bool found, PropertySlot& slot) -> JSValue {
				1927	if (!found) {
				1928	GetPutInfo getPutInfo(getPutInfoBits);
				1929	if (getPutInfo.resolveMode() == ThrowIfNotFound)
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	1930	throwException(exec, throwScope, createUndefinedVariableError(exec, ident));
utatane.tea@gmail.com	d80165c	2016-06-06 01:56:11 +0000	[diff] [blame]	1931	return jsUndefined();
sbarati@apple.com	e67fd78	2016-04-19 01:38:30 +0000	[diff] [blame]	1932	}
sbarati@apple.com	e67fd78	2016-04-19 01:38:30 +0000	[diff] [blame]	1933
utatane.tea@gmail.com	d80165c	2016-06-06 01:56:11 +0000	[diff] [blame]	1934	if (scope->isGlobalLexicalEnvironment()) {
				1935	// When we can't statically prove we need a TDZ check, we must perform the check on the slow path.
				1936	JSValue result = slot.getValue(exec, ident);
				1937	if (result == jsTDZValue()) {
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	1938	throwException(exec, throwScope, createTDZError(exec));
utatane.tea@gmail.com	d80165c	2016-06-06 01:56:11 +0000	[diff] [blame]	1939	return jsUndefined();
				1940	}
				1941	return result;
				1942	}
				1943
				1944	return slot.getValue(exec, ident);
				1945	}));
sbarati@apple.com	e67fd78	2016-04-19 01:38:30 +0000	[diff] [blame]	1946	}
				1947
				1948	void JIT_OPERATION operationPutDynamicVar(ExecState* exec, JSObject* scope, EncodedJSValue value, UniquedStringImpl* impl, unsigned getPutInfoBits)
				1949	{
				1950	VM& vm = exec->vm();
				1951	NativeCallFrameTracer tracer(&vm, exec);
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	1952	auto throwScope = DECLARE_THROW_SCOPE(vm);
sbarati@apple.com	e67fd78	2016-04-19 01:38:30 +0000	[diff] [blame]	1953
				1954	const Identifier& ident = Identifier::fromUid(exec, impl);
				1955	GetPutInfo getPutInfo(getPutInfoBits);
				1956	bool hasProperty = scope->hasProperty(exec, ident);
				1957	if (hasProperty
				1958	&& scope->isGlobalLexicalEnvironment()
				1959	&& !isInitialization(getPutInfo.initializationMode())) {
				1960	// When we can't statically prove we need a TDZ check, we must perform the check on the slow path.
				1961	PropertySlot slot(scope, PropertySlot::InternalMethodType::Get);
				1962	JSGlobalLexicalEnvironment::getOwnPropertySlot(scope, exec, ident, slot);
				1963	if (slot.getValue(exec, ident) == jsTDZValue()) {
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	1964	throwException(exec, throwScope, createTDZError(exec));
sbarati@apple.com	e67fd78	2016-04-19 01:38:30 +0000	[diff] [blame]	1965	return;
				1966	}
				1967	}
				1968
				1969	if (getPutInfo.resolveMode() == ThrowIfNotFound && !hasProperty) {
mark.lam@apple.com	284f456	2016-08-30 20:54:54 +0000	[diff] [blame]	1970	throwException(exec, throwScope, createUndefinedVariableError(exec, ident));
sbarati@apple.com	e67fd78	2016-04-19 01:38:30 +0000	[diff] [blame]	1971	return;
				1972	}
				1973
				1974	CodeOrigin origin = exec->codeOrigin();
				1975	bool strictMode;
				1976	if (origin.inlineCallFrame)
				1977	strictMode = origin.inlineCallFrame->baselineCodeBlock->isStrictMode();
				1978	else
				1979	strictMode = exec->codeBlock()->isStrictMode();
				1980	PutPropertySlot slot(scope, strictMode, PutPropertySlot::UnknownContext, isInitialization(getPutInfo.initializationMode()));
				1981	scope->methodTable()->put(scope, exec, ident, JSValue::decode(value), slot);
				1982	}
				1983
sbarati@apple.com	21fc86e	2016-09-06 23:22:01 +0000	[diff] [blame]	1984	int32_t JIT_OPERATION operationMapHash(ExecState* exec, EncodedJSValue input)
				1985	{
				1986	VM& vm = exec->vm();
				1987	NativeCallFrameTracer tracer(&vm, exec);
				1988
				1989	return jsMapHash(exec, vm, normalizeMapKey(JSValue::decode(input)));
				1990	}
				1991
				1992	JSCell* JIT_OPERATION operationJSMapFindBucket(ExecState* exec, JSCell* map, EncodedJSValue key, int32_t hash)
				1993	{
				1994	VM& vm = exec->vm();
				1995	NativeCallFrameTracer tracer(&vm, exec);
				1996	JSMap::BucketType** bucket = jsCast<JSMap*>(map)->findBucket(exec, normalizeMapKey(JSValue::decode(key)), hash);
				1997	if (!bucket)
				1998	return nullptr;
				1999	return *bucket;
				2000	}
				2001
				2002	JSCell* JIT_OPERATION operationJSSetFindBucket(ExecState* exec, JSCell* map, EncodedJSValue key, int32_t hash)
				2003	{
				2004	VM& vm = exec->vm();
				2005	NativeCallFrameTracer tracer(&vm, exec);
				2006	JSSet::BucketType** bucket = jsCast<JSSet*>(map)->findBucket(exec, normalizeMapKey(JSValue::decode(key)), hash);
				2007	if (!bucket)
				2008	return nullptr;
				2009	return *bucket;
				2010	}
				2011
fpizlo@apple.com	2c4a7e9	2014-08-06 05:27:46 +0000	[diff] [blame]	2012	extern "C" void JIT_OPERATION triggerReoptimizationNow(CodeBlock* codeBlock, OSRExitBase* exit)
fpizlo@apple.com	16e2cbf	2012-06-22 23:32:59 +0000	[diff] [blame]	2013	{
fpizlo@apple.com	9822549	2013-09-10 18:29:45 +0000	[diff] [blame]	2014	// It's sort of preferable that we don't GC while in here. Anyways, doing so wouldn't
				2015	// really be profitable.
				2016	DeferGCForAWhile deferGC(codeBlock->vm()->heap);
				2017
oliver@apple.com	284cc3d	2013-07-25 04:00:33 +0000	[diff] [blame]	2018	if (Options::verboseOSR())
				2019	dataLog(*codeBlock, ": Entered reoptimize\n");
fpizlo@apple.com	16e2cbf	2012-06-22 23:32:59 +0000	[diff] [blame]	2020	// We must be called with the baseline code block.
oliver@apple.com	5a24fdd	2013-07-25 04:00:54 +0000	[diff] [blame]	2021	ASSERT(JITCode::isBaselineCode(codeBlock->jitType()));
fpizlo@apple.com	16e2cbf	2012-06-22 23:32:59 +0000	[diff] [blame]	2022
				2023	// If I am my own replacement, then reoptimization has already been triggered.
				2024	// This can happen in recursive functions.
oliver@apple.com	d2a1638	2013-07-25 04:04:18 +0000	[diff] [blame]	2025	if (codeBlock->replacement() == codeBlock) {
				2026	if (Options::verboseOSR())
				2027	dataLog(*codeBlock, ": Not reoptimizing because we've already been jettisoned.\n");
fpizlo@apple.com	16e2cbf	2012-06-22 23:32:59 +0000	[diff] [blame]	2028	return;
oliver@apple.com	d2a1638	2013-07-25 04:04:18 +0000	[diff] [blame]	2029	}
				2030
fpizlo@apple.com	16e2cbf	2012-06-22 23:32:59 +0000	[diff] [blame]	2031	// Otherwise, the replacement must be optimized code. Use this as an opportunity
				2032	// to check our logic.
				2033	ASSERT(codeBlock->hasOptimizedReplacement());
oliver@apple.com	d2a1638	2013-07-25 04:04:18 +0000	[diff] [blame]	2034	CodeBlock* optimizedCodeBlock = codeBlock->replacement();
				2035	ASSERT(JITCode::isOptimizingJIT(optimizedCodeBlock->jitType()));
fpizlo@apple.com	2c4a7e9	2014-08-06 05:27:46 +0000	[diff] [blame]	2036
				2037	bool didTryToEnterIntoInlinedLoops = false;
msaboff@apple.com	a3dc753	2015-09-24 21:42:59 +0000	[diff] [blame]	2038	for (InlineCallFrame* inlineCallFrame = exit->m_codeOrigin.inlineCallFrame; inlineCallFrame; inlineCallFrame = inlineCallFrame->directCaller.inlineCallFrame) {
ggaren@apple.com	81def5f	2015-10-09 23:10:16 +0000	[diff] [blame]	2039	if (inlineCallFrame->baselineCodeBlock->ownerScriptExecutable()->didTryToEnterInLoop()) {
fpizlo@apple.com	2c4a7e9	2014-08-06 05:27:46 +0000	[diff] [blame]	2040	didTryToEnterIntoInlinedLoops = true;
				2041	break;
				2042	}
				2043	}
oliver@apple.com	d2a1638	2013-07-25 04:04:18 +0000	[diff] [blame]	2044
				2045	// In order to trigger reoptimization, one of two things must have happened:
				2046	// 1) We exited more than some number of times.
				2047	// 2) We exited and got stuck in a loop, and now we're exiting again.
				2048	bool didExitABunch = optimizedCodeBlock->shouldReoptimizeNow();
				2049	bool didGetStuckInLoop =
fpizlo@apple.com	2c4a7e9	2014-08-06 05:27:46 +0000	[diff] [blame]	2050	(codeBlock->checkIfOptimizationThresholdReached() \|\| didTryToEnterIntoInlinedLoops)
oliver@apple.com	d2a1638	2013-07-25 04:04:18 +0000	[diff] [blame]	2051	&& optimizedCodeBlock->shouldReoptimizeFromLoopNow();
				2052
				2053	if (!didExitABunch && !didGetStuckInLoop) {
				2054	if (Options::verboseOSR())
				2055	dataLog(codeBlock, ": Not reoptimizing ", optimizedCodeBlock, " because it either didn't exit enough or didn't loop enough after exit.\n");
				2056	codeBlock->optimizeAfterLongWarmUp();
				2057	return;
				2058	}
fpizlo@apple.com	16e2cbf	2012-06-22 23:32:59 +0000	[diff] [blame]	2059
fpizlo@apple.com	0dda6d7	2014-02-02 02:25:13 +0000	[diff] [blame]	2060	optimizedCodeBlock->jettison(Profiler::JettisonDueToOSRExit, CountReoptimization);
fpizlo@apple.com	16e2cbf	2012-06-22 23:32:59 +0000	[diff] [blame]	2061	}
				2062
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2063	#if ENABLE(FTL_JIT)
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2064	static bool shouldTriggerFTLCompile(CodeBlock* codeBlock, JITCode* jitCode)
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2065	{
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2066	if (codeBlock->baselineVersion()->m_didFailFTLCompilation) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2067	CODEBLOCK_LOG_EVENT(codeBlock, "abortFTLCompile", ());
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2068	if (Options::verboseOSR())
				2069	dataLog("Deferring FTL-optimization of ", *codeBlock, " indefinitely because there was an FTL failure.\n");
				2070	jitCode->dontOptimizeAnytimeSoon(codeBlock);
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2071	return false;
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2072	}
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2073
				2074	if (!codeBlock->hasOptimizedReplacement()
				2075	&& !jitCode->checkIfOptimizationThresholdReached(codeBlock)) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2076	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("counter = ", jitCode->tierUpCounter));
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2077	if (Options::verboseOSR())
				2078	dataLog("Choosing not to FTL-optimize ", *codeBlock, " yet.\n");
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2079	return false;
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2080	}
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2081	return true;
				2082	}
				2083
				2084	static void triggerFTLReplacementCompile(VM* vm, CodeBlock* codeBlock, JITCode* jitCode)
				2085	{
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2086	Worklist::State worklistState;
msaboff@apple.com	9589433	2014-01-29 19:18:54 +0000	[diff] [blame]	2087	if (Worklist* worklist = existingGlobalFTLWorklistOrNull()) {
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2088	worklistState = worklist->completeAllReadyPlansForVM(
				2089	*vm, CompilationKey(codeBlock->baselineVersion(), FTLMode));
				2090	} else
				2091	worklistState = Worklist::NotKnown;
				2092
				2093	if (worklistState == Worklist::Compiling) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2094	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("still compiling"));
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2095	jitCode->setOptimizationThresholdBasedOnCompilationResult(
				2096	codeBlock, CompilationDeferred);
				2097	return;
				2098	}
				2099
				2100	if (codeBlock->hasOptimizedReplacement()) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2101	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("has replacement"));
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2102	// That's great, we've compiled the code - next time we call this function,
				2103	// we'll enter that replacement.
				2104	jitCode->optimizeSoon(codeBlock);
				2105	return;
				2106	}
				2107
				2108	if (worklistState == Worklist::Compiled) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2109	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("compiled and failed"));
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2110	// This means that we finished compiling, but failed somehow; in that case the
				2111	// thresholds will be set appropriately.
				2112	if (Options::verboseOSR())
				2113	dataLog("Code block ", *codeBlock, " was compiled but it doesn't have an optimized replacement.\n");
				2114	return;
				2115	}
				2116
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2117	CODEBLOCK_LOG_EVENT(codeBlock, "triggerFTLReplacement", ());
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2118	// We need to compile the code.
				2119	compile(
ggaren@apple.com	81def5f	2015-10-09 23:10:16 +0000	[diff] [blame]	2120	*vm, codeBlock->newReplacement(), codeBlock, FTLMode, UINT_MAX,
				2121	Operands<JSValue>(), ToFTLDeferredCompilationCallback::create());
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2122
				2123	// If we reached here, the counter has not be reset. Do that now.
				2124	jitCode->setOptimizationThresholdBasedOnCompilationResult(
				2125	codeBlock, CompilationDeferred);
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2126	}
				2127
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2128	void JIT_OPERATION triggerTierUpNow(ExecState* exec)
fpizlo@apple.com	0c60670	2014-02-06 07:11:48 +0000	[diff] [blame]	2129	{
				2130	VM* vm = &exec->vm();
				2131	NativeCallFrameTracer tracer(vm, exec);
sbarati@apple.com	efcb30a	2016-06-23 23:28:50 +0000	[diff] [blame]	2132	DeferGCForAWhile deferGC(vm->heap);
fpizlo@apple.com	0c60670	2014-02-06 07:11:48 +0000	[diff] [blame]	2133	CodeBlock* codeBlock = exec->codeBlock();
				2134
fpizlo@apple.com	8a5fd18	2015-02-02 18:38:08 +0000	[diff] [blame]	2135	if (codeBlock->jitType() != JITCode::DFGJIT) {
				2136	dataLog("Unexpected code block in DFG->FTL tier-up: ", *codeBlock, "\n");
				2137	RELEASE_ASSERT_NOT_REACHED();
				2138	}
				2139
fpizlo@apple.com	0c60670	2014-02-06 07:11:48 +0000	[diff] [blame]	2140	JITCode* jitCode = codeBlock->jitCode()->dfg();
				2141
				2142	if (Options::verboseOSR()) {
				2143	dataLog(
				2144	*codeBlock, ": Entered triggerTierUpNow with executeCounter = ",
				2145	jitCode->tierUpCounter, "\n");
				2146	}
benjamin@webkit.org	8f62599	2015-05-18 20:45:34 +0000	[diff] [blame]	2147
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2148	if (shouldTriggerFTLCompile(codeBlock, jitCode))
				2149	triggerFTLReplacementCompile(vm, codeBlock, jitCode);
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2150
				2151	if (codeBlock->hasOptimizedReplacement()) {
				2152	if (jitCode->tierUpEntryTriggers.isEmpty()) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2153	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("replacement in place, delaying indefinitely"));
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2154	// There is nothing more we can do, the only way this will be entered
				2155	// is through the function entry point.
				2156	jitCode->dontOptimizeAnytimeSoon(codeBlock);
				2157	return;
				2158	}
				2159	if (jitCode->osrEntryBlock() && jitCode->tierUpEntryTriggers.size() == 1) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2160	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("trigger in place, delaying indefinitely"));
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2161	// There is only one outer loop and its trigger must have been set
				2162	// when the plan completed.
				2163	// Exiting the inner loop is useless, we can ignore the counter and leave
				2164	// the trigger do its job.
				2165	jitCode->dontOptimizeAnytimeSoon(codeBlock);
				2166	return;
				2167	}
				2168	}
fpizlo@apple.com	0c60670	2014-02-06 07:11:48 +0000	[diff] [blame]	2169	}
				2170
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2171	static char* tierUpCommon(ExecState* exec, unsigned originBytecodeIndex, unsigned osrEntryBytecodeIndex)
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2172	{
				2173	VM* vm = &exec->vm();
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2174	CodeBlock* codeBlock = exec->codeBlock();
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2175
				2176	// Resolve any pending plan for OSR Enter on this function.
				2177	Worklist::State worklistState;
				2178	if (Worklist* worklist = existingGlobalFTLWorklistOrNull()) {
				2179	worklistState = worklist->completeAllReadyPlansForVM(
				2180	*vm, CompilationKey(codeBlock->baselineVersion(), FTLForOSREntryMode));
				2181	} else
				2182	worklistState = Worklist::NotKnown;
				2183
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2184	JITCode* jitCode = codeBlock->jitCode()->dfg();
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2185	if (worklistState == Worklist::Compiling) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2186	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("still compiling"));
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2187	jitCode->setOptimizationThresholdBasedOnCompilationResult(
				2188	codeBlock, CompilationDeferred);
				2189	return nullptr;
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2190	}
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2191
				2192	if (worklistState == Worklist::Compiled) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2193	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("compiled and failed"));
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2194	// This means that compilation failed and we already set the thresholds.
				2195	if (Options::verboseOSR())
				2196	dataLog("Code block ", *codeBlock, " was compiled but it doesn't have an optimized replacement.\n");
				2197	return nullptr;
				2198	}
				2199
				2200	// If we can OSR Enter, do it right away.
				2201	if (originBytecodeIndex == osrEntryBytecodeIndex) {
				2202	unsigned streamIndex = jitCode->bytecodeIndexToStreamIndex.get(originBytecodeIndex);
				2203	if (CodeBlock* entryBlock = jitCode->osrEntryBlock()) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2204	if (void* address = FTL::prepareOSREntry(exec, codeBlock, entryBlock, originBytecodeIndex, streamIndex)) {
				2205	CODEBLOCK_LOG_EVENT(entryBlock, "osrEntry", ("at bc#", originBytecodeIndex));
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2206	return static_cast<char*>(address);
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2207	}
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2208	}
				2209	}
				2210
fpizlo@apple.com	0c60670	2014-02-06 07:11:48 +0000	[diff] [blame]	2211	// - If we don't have an FTL code block, then try to compile one.
				2212	// - If we do have an FTL code block, then try to enter for a while.
				2213	// - If we couldn't enter for a while, then trigger OSR entry.
msaboff@apple.com	9589433	2014-01-29 19:18:54 +0000	[diff] [blame]	2214
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2215	if (!shouldTriggerFTLCompile(codeBlock, jitCode))
				2216	return nullptr;
				2217
				2218	if (!jitCode->neverExecutedEntry) {
				2219	triggerFTLReplacementCompile(vm, codeBlock, jitCode);
				2220
				2221	if (!codeBlock->hasOptimizedReplacement())
				2222	return nullptr;
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	2223
				2224	if (jitCode->osrEntryRetry < Options::ftlOSREntryRetryThreshold()) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2225	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("avoiding OSR entry compile"));
fpizlo@apple.com	239b078	2016-03-03 05:58:59 +0000	[diff] [blame]	2226	jitCode->osrEntryRetry++;
				2227	return nullptr;
				2228	}
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2229	} else
				2230	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("avoiding replacement compile"));
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2231
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2232	// It's time to try to compile code for OSR entry.
				2233	if (CodeBlock* entryBlock = jitCode->osrEntryBlock()) {
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2234	if (jitCode->osrEntryRetry < Options::ftlOSREntryRetryThreshold()) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2235	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("OSR entry failed, OSR entry threshold not met"));
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2236	jitCode->osrEntryRetry++;
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2237	jitCode->setOptimizationThresholdBasedOnCompilationResult(
				2238	codeBlock, CompilationDeferred);
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2239	return nullptr;
				2240	}
				2241
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2242	FTL::ForOSREntryJITCode* entryCode = entryBlock->jitCode()->ftlForOSREntry();
				2243	entryCode->countEntryFailure();
				2244	if (entryCode->entryFailureCount() <
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2245	Options::ftlOSREntryFailureCountForReoptimization()) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2246	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("OSR entry failed"));
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2247	jitCode->setOptimizationThresholdBasedOnCompilationResult(
				2248	codeBlock, CompilationDeferred);
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2249	return nullptr;
				2250	}
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2251
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2252	// OSR entry failed. Oh no! This implies that we need to retry. We retry
				2253	// without exponential backoff and we only do this for the entry code block.
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2254	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("OSR entry failed too many times"));
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2255	unsigned osrEntryBytecode = entryBlock->jitCode()->ftlForOSREntry()->bytecodeIndex();
ggaren@apple.com	81def5f	2015-10-09 23:10:16 +0000	[diff] [blame]	2256	jitCode->clearOSREntryBlock();
fpizlo@apple.com	0c60670	2014-02-06 07:11:48 +0000	[diff] [blame]	2257	jitCode->osrEntryRetry = 0;
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2258	jitCode->tierUpEntryTriggers.set(osrEntryBytecode, 0);
				2259	jitCode->setOptimizationThresholdBasedOnCompilationResult(
				2260	codeBlock, CompilationDeferred);
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2261	return nullptr;
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2262	}
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2263
				2264	unsigned streamIndex = jitCode->bytecodeIndexToStreamIndex.get(osrEntryBytecodeIndex);
				2265	auto tierUpHierarchyEntry = jitCode->tierUpInLoopHierarchy.find(osrEntryBytecodeIndex);
				2266	if (tierUpHierarchyEntry != jitCode->tierUpInLoopHierarchy.end()) {
				2267	for (unsigned osrEntryCandidate : tierUpHierarchyEntry->value) {
				2268	if (jitCode->tierUpEntrySeen.contains(osrEntryCandidate)) {
				2269	osrEntryBytecodeIndex = osrEntryCandidate;
				2270	streamIndex = jitCode->bytecodeIndexToStreamIndex.get(osrEntryBytecodeIndex);
				2271	}
				2272	}
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2273	}
				2274
fpizlo@apple.com	0c60670	2014-02-06 07:11:48 +0000	[diff] [blame]	2275	// We aren't compiling and haven't compiled anything for OSR entry. So, try to compile
				2276	// something.
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2277	auto triggerIterator = jitCode->tierUpEntryTriggers.find(osrEntryBytecodeIndex);
				2278	RELEASE_ASSERT(triggerIterator != jitCode->tierUpEntryTriggers.end());
				2279	uint8_t* triggerAddress = &(triggerIterator->value);
				2280
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2281	Operands<JSValue> mustHandleValues;
				2282	jitCode->reconstruct(
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2283	exec, codeBlock, CodeOrigin(osrEntryBytecodeIndex), streamIndex, mustHandleValues);
ggaren@apple.com	81def5f	2015-10-09 23:10:16 +0000	[diff] [blame]	2284	CodeBlock* replacementCodeBlock = codeBlock->newReplacement();
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2285
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2286	CODEBLOCK_LOG_EVENT(codeBlock, "triggerFTLOSR", ());
msaboff@apple.com	9589433	2014-01-29 19:18:54 +0000	[diff] [blame]	2287	CompilationResult forEntryResult = compile(
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2288	*vm, replacementCodeBlock, codeBlock, FTLForOSREntryMode, osrEntryBytecodeIndex,
				2289	mustHandleValues, ToFTLForOSREntryDeferredCompilationCallback::create(triggerAddress));
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2290
				2291	if (jitCode->neverExecutedEntry)
				2292	triggerFTLReplacementCompile(vm, codeBlock, jitCode);
				2293
				2294	if (forEntryResult != CompilationSuccessful) {
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2295	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("OSR ecompilation not successful"));
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2296	jitCode->setOptimizationThresholdBasedOnCompilationResult(
				2297	codeBlock, CompilationDeferred);
				2298	return nullptr;
				2299	}
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2300
				2301	CODEBLOCK_LOG_EVENT(jitCode->osrEntryBlock(), "osrEntry", ("at bc#", originBytecodeIndex));
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2302	// It's possible that the for-entry compile already succeeded. In that case OSR
				2303	// entry will succeed unless we ran out of stack. It's not clear what we should do.
				2304	// We signal to try again after a while if that happens.
				2305	void* address = FTL::prepareOSREntry(
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2306	exec, codeBlock, jitCode->osrEntryBlock(), originBytecodeIndex, streamIndex);
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2307	return static_cast<char*>(address);
				2308	}
commit-queue@webkit.org	2ae563d	2016-02-26 05:59:48 +0000	[diff] [blame]	2309
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2310	void JIT_OPERATION triggerTierUpNowInLoop(ExecState* exec, unsigned bytecodeIndex)
				2311	{
				2312	VM* vm = &exec->vm();
				2313	NativeCallFrameTracer tracer(vm, exec);
sbarati@apple.com	efcb30a	2016-06-23 23:28:50 +0000	[diff] [blame]	2314	DeferGCForAWhile deferGC(vm->heap);
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2315	CodeBlock* codeBlock = exec->codeBlock();
				2316
				2317	if (codeBlock->jitType() != JITCode::DFGJIT) {
				2318	dataLog("Unexpected code block in DFG->FTL tier-up: ", *codeBlock, "\n");
				2319	RELEASE_ASSERT_NOT_REACHED();
				2320	}
				2321
				2322	JITCode* jitCode = codeBlock->jitCode()->dfg();
				2323
				2324	if (Options::verboseOSR()) {
				2325	dataLog(
				2326	*codeBlock, ": Entered triggerTierUpNowInLoop with executeCounter = ",
				2327	jitCode->tierUpCounter, "\n");
				2328	}
				2329
				2330	auto tierUpHierarchyEntry = jitCode->tierUpInLoopHierarchy.find(bytecodeIndex);
				2331	if (tierUpHierarchyEntry != jitCode->tierUpInLoopHierarchy.end()
				2332	&& !tierUpHierarchyEntry->value.isEmpty()) {
				2333	tierUpCommon(exec, bytecodeIndex, tierUpHierarchyEntry->value.first());
				2334	} else if (shouldTriggerFTLCompile(codeBlock, jitCode))
				2335	triggerFTLReplacementCompile(vm, codeBlock, jitCode);
				2336
				2337	// Since we cannot OSR Enter here, the default "optimizeSoon()" is not useful.
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2338	if (codeBlock->hasOptimizedReplacement()) {
				2339	CODEBLOCK_LOG_EVENT(codeBlock, "delayFTLCompile", ("OSR in loop failed, deferring"));
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2340	jitCode->setOptimizationThresholdBasedOnCompilationResult(codeBlock, CompilationDeferred);
fpizlo@apple.com	4a528d0	2016-05-11 00:08:50 +0000	[diff] [blame]	2341	}
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2342	}
				2343
				2344	char* JIT_OPERATION triggerOSREntryNow(ExecState* exec, unsigned bytecodeIndex)
				2345	{
				2346	VM* vm = &exec->vm();
				2347	NativeCallFrameTracer tracer(vm, exec);
sbarati@apple.com	efcb30a	2016-06-23 23:28:50 +0000	[diff] [blame]	2348	DeferGCForAWhile deferGC(vm->heap);
benjamin@webkit.org	31527f5	2016-03-09 17:51:38 +0000	[diff] [blame]	2349	CodeBlock* codeBlock = exec->codeBlock();
				2350
				2351	if (codeBlock->jitType() != JITCode::DFGJIT) {
				2352	dataLog("Unexpected code block in DFG->FTL tier-up: ", *codeBlock, "\n");
				2353	RELEASE_ASSERT_NOT_REACHED();
				2354	}
				2355
				2356	JITCode* jitCode = codeBlock->jitCode()->dfg();
				2357	jitCode->tierUpEntrySeen.add(bytecodeIndex);
				2358
				2359	if (Options::verboseOSR()) {
				2360	dataLog(
				2361	*codeBlock, ": Entered triggerOSREntryNow with executeCounter = ",
				2362	jitCode->tierUpCounter, "\n");
				2363	}
				2364
				2365	return tierUpCommon(exec, bytecodeIndex, bytecodeIndex);
				2366	}
				2367
fpizlo@apple.com	532f1e5	2013-09-04 06:26:04 +0000	[diff] [blame]	2368	#endif // ENABLE(FTL_JIT)
				2369
barraclough@apple.com	c7af2d3	2011-05-26 21:37:05 +0000	[diff] [blame]	2370	} // extern "C"
fpizlo@apple.com	04659ba	2012-02-21 09:49:22 +0000	[diff] [blame]	2371	} } // namespace JSC::DFG
				2372
commit-queue@webkit.org	b841948	2012-08-30 22:21:48 +0000	[diff] [blame]	2373	#endif // ENABLE(DFG_JIT)
fpizlo@apple.com	7bbcaab	2012-02-22 05:23:19 +0000	[diff] [blame]	2374
commit-queue@webkit.org	b841948	2012-08-30 22:21:48 +0000	[diff] [blame]	2375	#endif // ENABLE(JIT)