/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp

Bug Summary

File:	var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp
Warning:	line 880, column 9 Value stored to 'pc2' is never read

Annotated Source Code

Press '?' to see keyboard shortcuts

Show analyzer invocation

clang -cc1 -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name Unified_cpp_js_src12.cpp -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=cplusplus -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -analyzer-config-compatibility-mode=true -mrelocation-model pic -pic-level 2 -fhalf-no-semantic-interposition -mframe-pointer=all -relaxed-aliasing -ffp-contract=off -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fdebug-compilation-dir=/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/js/src -fcoverage-compilation-dir=/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/js/src -resource-dir /usr/lib/llvm-20/lib/clang/20 -include /var/lib/jenkins/workspace/firefox-scan-build/config/gcc_hidden.h -include /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/mozilla-config.h -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/stl_wrappers -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/system_wrappers -U _FORTIFY_SOURCE -D _FORTIFY_SOURCE=2 -D _GLIBCXX_ASSERTIONS -D DEBUG=1 -D WASM_SUPPORTS_HUGE_MEMORY -D JS_CACHEIR_SPEW -D JS_STRUCTURED_SPEW -D JS_HAS_CTYPES -D FFI_BUILDING -D EXPORT_JS_API -D MOZ_HAS_MOZGLUE -D MOZ_SUPPORT_LEAKCHECKING -I /var/lib/jenkins/workspace/firefox-scan-build/js/src -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/js/src -I /var/lib/jenkins/workspace/firefox-scan-build/intl/icu_capi/bindings/c -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/js/src/ctypes/libffi/include -I /var/lib/jenkins/workspace/firefox-scan-build/js/src/ctypes/libffi/src/x86 -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/nspr -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/nss -D MOZILLA_CLIENT -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../include/c++/14 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../include/x86_64-linux-gnu/c++/14 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../include/c++/14/backward -internal-isystem /usr/lib/llvm-20/lib/clang/20/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -O3 -Wno-error=tautological-type-limit-compare -Wno-invalid-offsetof -Wno-range-loop-analysis -Wno-deprecated-anon-enum-enum-conversion -Wno-deprecated-enum-enum-conversion -Wno-deprecated-this-capture -Wno-inline-new-delete -Wno-error=deprecated-declarations -Wno-error=array-bounds -Wno-error=free-nonheap-object -Wno-error=atomic-alignment -Wno-error=deprecated-builtins -Wno-psabi -Wno-error=builtin-macro-redefined -Wno-vla-cxx-extension -Wno-unknown-warning-option -fdeprecated-macro -ferror-limit 19 -fstrict-flex-arrays=1 -stack-protector 2 -fstack-clash-protection -ftrivial-auto-var-init=pattern -fno-rtti -fgnuc-version=4.2.1 -fskip-odr-check-in-gmf -fno-sized-deallocation -fno-aligned-allocation -vectorize-loops -vectorize-slp -analyzer-checker optin.performance.Padding -analyzer-output=html -analyzer-config stable-report-filename=true -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/scan-build-2025-01-20-090804-167946-1 -x c++ Unified_cpp_js_src12.cpp

1	/* -- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 --
2	* vim: set ts=8 sts=2 et sw=2 tw=80:
3	* This Source Code Form is subject to the terms of the Mozilla Public
4	* License, v. 2.0. If a copy of the MPL was not distributed with this
5	* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7	/*
8	* JS bytecode descriptors, disassemblers, and (expression) decompilers.
9	*/
10
11	#include "vm/BytecodeUtil-inl.h"
12
13	#define __STDC_FORMAT_MACROS
14
15	#include "mozilla/Maybe.h"
16	#include "mozilla/ReverseIterator.h"
17	#include "mozilla/Sprintf.h"
18
19	#include <inttypes.h>
20	#include <stdio.h>
21	#include <string.h>
22
23	#include "jsapi.h"
24	#include "jstypes.h"
25
26	#include "gc/PublicIterators.h"
27	#include "jit/IonScript.h" // IonBlockCounts
28	#include "js/CharacterEncoding.h"
29	#include "js/ColumnNumber.h" // JS::LimitedColumnNumberOneOrigin
30	#include "js/experimental/CodeCoverage.h"
31	#include "js/experimental/PCCountProfiling.h" // JS::{Start,Stop}PCCountProfiling, JS::PurgePCCounts, JS::GetPCCountScript{Count,Summary,Contents}
32	#include "js/friend/DumpFunctions.h" // js::DumpPC, js::DumpScript
33	#include "js/friend/ErrorMessages.h" // js::GetErrorMessage, JSMSG_*
34	#include "js/Printer.h"
35	#include "js/Printf.h"
36	#include "js/Symbol.h"
37	#include "util/DifferentialTesting.h"
38	#include "util/Identifier.h" // IsIdentifier
39	#include "util/Memory.h"
40	#include "util/Text.h"
41	#include "vm/BuiltinObjectKind.h"
42	#include "vm/BytecodeIterator.h" // for AllBytecodesIterable
43	#include "vm/BytecodeLocation.h"
44	#include "vm/CodeCoverage.h"
45	#include "vm/EnvironmentObject.h"
46	#include "vm/FrameIter.h" // js::{,Script}FrameIter
47	#include "vm/JSAtomUtils.h" // AtomToPrintableString, Atomize
48	#include "vm/JSContext.h"
49	#include "vm/JSFunction.h"
50	#include "vm/JSObject.h"
51	#include "vm/JSONPrinter.h"
52	#include "vm/JSScript.h"
53	#include "vm/Opcodes.h"
54	#include "vm/Realm.h"
55	#include "vm/Shape.h"
56	#include "vm/ToSource.h" // js::ValueToSource
57	#include "vm/TypeofEqOperand.h" // TypeofEqOperand
58
59	#include "gc/GC-inl.h"
60	#include "vm/BytecodeIterator-inl.h"
61	#include "vm/JSContext-inl.h"
62	#include "vm/JSScript-inl.h"
63	#include "vm/Realm-inl.h"
64
65	using namespace js;
66
67	/*
68	* Index limit must stay within 32 bits.
69	*/
70	static_assert(sizeof(uint32_t) * CHAR_BIT8 >= INDEX_LIMIT_LOG2 + 1);
71
72	const JSCodeSpec js::CodeSpecTable[] = {
73	#define MAKE_CODESPEC(op, op_snake, token, length, nuses, ndefs, format) \
74	{length, nuses, ndefs, format},
75	FOR_EACH_OPCODE(MAKE_CODESPEC)MAKE_CODESPEC(Undefined, undefined, "", 1, 0, 1, JOF_BYTE) MAKE_CODESPEC (Null, null, "null", 1, 0, 1, JOF_BYTE) MAKE_CODESPEC(False, false_ , "false", 1, 0, 1, JOF_BYTE) MAKE_CODESPEC(True, true_, "true" , 1, 0, 1, JOF_BYTE) MAKE_CODESPEC(Int32, int32, __null, 5, 0 , 1, JOF_INT32) MAKE_CODESPEC(Zero, zero, "0", 1, 0, 1, JOF_BYTE ) MAKE_CODESPEC(One, one, "1", 1, 0, 1, JOF_BYTE) MAKE_CODESPEC (Int8, int8, __null, 2, 0, 1, JOF_INT8) MAKE_CODESPEC(Uint16, uint16, __null, 3, 0, 1, JOF_UINT16) MAKE_CODESPEC(Uint24, uint24 , __null, 4, 0, 1, JOF_UINT24) MAKE_CODESPEC(Double, double_, __null, 9, 0, 1, JOF_DOUBLE) MAKE_CODESPEC(BigInt, big_int, __null , 5, 0, 1, JOF_BIGINT) MAKE_CODESPEC(String, string, __null, 5 , 0, 1, JOF_STRING) MAKE_CODESPEC(Symbol, symbol, __null, 2, 0 , 1, JOF_UINT8) MAKE_CODESPEC(Void, void_, __null, 1, 1, 1, JOF_BYTE ) MAKE_CODESPEC(Typeof, typeof_, __null, 1, 1, 1, JOF_BYTE\|JOF_IC ) MAKE_CODESPEC(TypeofExpr, typeof_expr, __null, 1, 1, 1, JOF_BYTE \|JOF_IC) MAKE_CODESPEC(TypeofEq, typeof_eq, __null, 2, 1, 1, JOF_UINT8 \|JOF_IC) MAKE_CODESPEC(Pos, pos, "+ ", 1, 1, 1, JOF_BYTE\|JOF_IC ) MAKE_CODESPEC(Neg, neg, "- ", 1, 1, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC (BitNot, bit_not, "~", 1, 1, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC (Not, not_, "!", 1, 1, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(BitOr , bit_or, "\|", 1, 2, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(BitXor , bit_xor, "^", 1, 2, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(BitAnd , bit_and, "&", 1, 2, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(Eq , eq, "==", 1, 2, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(Ne, ne, "!=" , 1, 2, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(StrictEq, strict_eq , "===", 1, 2, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(StrictNe, strict_ne , "!==", 1, 2, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(Lt, lt, "<" , 1, 2, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(Gt, gt, ">", 1, 2 , 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(Le, le, "<=", 1, 2, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(Ge, ge, ">=", 1, 2, 1, JOF_BYTE \|JOF_IC) MAKE_CODESPEC(Instanceof, instanceof, "instanceof", 1 , 2, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(In, in_, "in", 1, 2, 1 , JOF_BYTE\|JOF_IC) MAKE_CODESPEC(Lsh, lsh, "<<", 1, 2, 1 , JOF_BYTE\|JOF_IC) MAKE_CODESPEC(Rsh, rsh, ">>", 1, 2, 1 , JOF_BYTE\|JOF_IC) MAKE_CODESPEC(Ursh, ursh, ">>>", 1 , 2, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(Add, add, "+", 1, 2, 1 , JOF_BYTE\|JOF_IC) MAKE_CODESPEC(Sub, sub, "-", 1, 2, 1, JOF_BYTE \|JOF_IC) MAKE_CODESPEC(Inc, inc, __null, 1, 1, 1, JOF_BYTE\|JOF_IC ) MAKE_CODESPEC(Dec, dec, __null, 1, 1, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC (Mul, mul, "", 1, 2, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(Div, div , "/", 1, 2, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(Mod, mod, "%", 1, 2, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(Pow, pow, "*", 1, 2 , 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(NopIsAssignOp, nop_is_assign_op , __null, 1, 0, 0, JOF_BYTE) MAKE_CODESPEC(ToPropertyKey, to_property_key , __null, 1, 1, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(ToNumeric, to_numeric , __null, 1, 1, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(ToString, to_string , __null, 1, 1, 1, JOF_BYTE) MAKE_CODESPEC(IsNullOrUndefined, is_null_or_undefined, __null, 1, 1, 2, JOF_BYTE) MAKE_CODESPEC (GlobalThis, global_this, __null, 1, 0, 1, JOF_BYTE) MAKE_CODESPEC (NonSyntacticGlobalThis, non_syntactic_global_this, __null, 1 , 0, 1, JOF_BYTE) MAKE_CODESPEC(NewTarget, new_target, __null , 1, 0, 1, JOF_BYTE) MAKE_CODESPEC(DynamicImport, dynamic_import , __null, 1, 2, 1, JOF_BYTE) MAKE_CODESPEC(ImportMeta, import_meta , __null, 1, 0, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(NewInit, new_init , __null, 1, 0, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(NewObject, new_object , __null, 5, 0, 1, JOF_SHAPE\|JOF_IC) MAKE_CODESPEC(Object, object , __null, 5, 0, 1, JOF_OBJECT) MAKE_CODESPEC(ObjWithProto, obj_with_proto , __null, 1, 1, 1, JOF_BYTE) MAKE_CODESPEC(InitProp, init_prop , __null, 5, 2, 1, JOF_ATOM\|JOF_PROPINIT\|JOF_IC) MAKE_CODESPEC (InitHiddenProp, init_hidden_prop, __null, 5, 2, 1, JOF_ATOM\| JOF_PROPINIT\|JOF_IC) MAKE_CODESPEC(InitLockedProp, init_locked_prop , __null, 5, 2, 1, JOF_ATOM\|JOF_PROPINIT\|JOF_IC) MAKE_CODESPEC (InitElem, init_elem, __null, 1, 3, 1, JOF_BYTE\|JOF_PROPINIT\| JOF_IC) MAKE_CODESPEC(InitHiddenElem, init_hidden_elem, __null , 1, 3, 1, JOF_BYTE\|JOF_PROPINIT\|JOF_IC) MAKE_CODESPEC(InitLockedElem , init_locked_elem, __null, 1, 3, 1, JOF_BYTE\|JOF_PROPINIT\|JOF_IC ) MAKE_CODESPEC(InitPropGetter, init_prop_getter, __null, 5, 2 , 1, JOF_ATOM\|JOF_PROPINIT) MAKE_CODESPEC(InitHiddenPropGetter , init_hidden_prop_getter, __null, 5, 2, 1, JOF_ATOM\|JOF_PROPINIT ) MAKE_CODESPEC(InitElemGetter, init_elem_getter, __null, 1, 3 , 1, JOF_BYTE\|JOF_PROPINIT) MAKE_CODESPEC(InitHiddenElemGetter , init_hidden_elem_getter, __null, 1, 3, 1, JOF_BYTE\|JOF_PROPINIT ) MAKE_CODESPEC(InitPropSetter, init_prop_setter, __null, 5, 2 , 1, JOF_ATOM\|JOF_PROPINIT) MAKE_CODESPEC(InitHiddenPropSetter , init_hidden_prop_setter, __null, 5, 2, 1, JOF_ATOM\|JOF_PROPINIT ) MAKE_CODESPEC(InitElemSetter, init_elem_setter, __null, 1, 3 , 1, JOF_BYTE\|JOF_PROPINIT) MAKE_CODESPEC(InitHiddenElemSetter , init_hidden_elem_setter, __null, 1, 3, 1, JOF_BYTE\|JOF_PROPINIT ) MAKE_CODESPEC(GetProp, get_prop, __null, 5, 1, 1, JOF_ATOM\| JOF_IC) MAKE_CODESPEC(GetElem, get_elem, __null, 1, 2, 1, JOF_BYTE \|JOF_IC) MAKE_CODESPEC(SetProp, set_prop, __null, 5, 2, 1, JOF_ATOM \|JOF_PROPSET\|JOF_CHECKSLOPPY\|JOF_IC) MAKE_CODESPEC(StrictSetProp , strict_set_prop, __null, 5, 2, 1, JOF_ATOM\|JOF_PROPSET\|JOF_CHECKSTRICT \|JOF_IC) MAKE_CODESPEC(SetElem, set_elem, __null, 1, 3, 1, JOF_BYTE \|JOF_PROPSET\|JOF_CHECKSLOPPY\|JOF_IC) MAKE_CODESPEC(StrictSetElem , strict_set_elem, __null, 1, 3, 1, JOF_BYTE\|JOF_PROPSET\|JOF_CHECKSTRICT \|JOF_IC) MAKE_CODESPEC(DelProp, del_prop, __null, 5, 1, 1, JOF_ATOM \|JOF_CHECKSLOPPY) MAKE_CODESPEC(StrictDelProp, strict_del_prop , __null, 5, 1, 1, JOF_ATOM\|JOF_CHECKSTRICT) MAKE_CODESPEC(DelElem , del_elem, __null, 1, 2, 1, JOF_BYTE\|JOF_CHECKSLOPPY) MAKE_CODESPEC (StrictDelElem, strict_del_elem, __null, 1, 2, 1, JOF_BYTE\|JOF_CHECKSTRICT ) MAKE_CODESPEC(HasOwn, has_own, __null, 1, 2, 1, JOF_BYTE\|JOF_IC ) MAKE_CODESPEC(CheckPrivateField, check_private_field, __null , 3, 2, 3, JOF_TWO_UINT8\|JOF_CHECKSTRICT\|JOF_IC) MAKE_CODESPEC (NewPrivateName, new_private_name, __null, 5, 0, 1, JOF_ATOM) MAKE_CODESPEC(SuperBase, super_base, __null, 1, 1, 1, JOF_BYTE ) MAKE_CODESPEC(GetPropSuper, get_prop_super, __null, 5, 2, 1 , JOF_ATOM\|JOF_IC) MAKE_CODESPEC(GetElemSuper, get_elem_super , __null, 1, 3, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(SetPropSuper , set_prop_super, __null, 5, 3, 1, JOF_ATOM\|JOF_PROPSET\|JOF_CHECKSLOPPY ) MAKE_CODESPEC(StrictSetPropSuper, strict_set_prop_super, __null , 5, 3, 1, JOF_ATOM\|JOF_PROPSET\|JOF_CHECKSTRICT) MAKE_CODESPEC (SetElemSuper, set_elem_super, __null, 1, 4, 1, JOF_BYTE\|JOF_PROPSET \|JOF_CHECKSLOPPY) MAKE_CODESPEC(StrictSetElemSuper, strict_set_elem_super , __null, 1, 4, 1, JOF_BYTE\|JOF_PROPSET\|JOF_CHECKSTRICT) MAKE_CODESPEC (Iter, iter, __null, 1, 1, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC( MoreIter, more_iter, __null, 1, 1, 2, JOF_BYTE) MAKE_CODESPEC (IsNoIter, is_no_iter, __null, 1, 1, 2, JOF_BYTE) MAKE_CODESPEC (EndIter, end_iter, __null, 1, 2, 0, JOF_BYTE) MAKE_CODESPEC( CloseIter, close_iter, __null, 2, 1, 0, JOF_UINT8\|JOF_IC) MAKE_CODESPEC (OptimizeGetIterator, optimize_get_iterator, __null, 1, 1, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC(CheckIsObj, check_is_obj, __null , 2, 1, 1, JOF_UINT8) MAKE_CODESPEC(CheckObjCoercible, check_obj_coercible , __null, 1, 1, 1, JOF_BYTE) MAKE_CODESPEC(ToAsyncIter, to_async_iter , __null, 1, 2, 1, JOF_BYTE) MAKE_CODESPEC(MutateProto, mutate_proto , __null, 1, 2, 1, JOF_BYTE) MAKE_CODESPEC(NewArray, new_array , __null, 5, 0, 1, JOF_UINT32\|JOF_IC) MAKE_CODESPEC(InitElemArray , init_elem_array, __null, 5, 2, 1, JOF_UINT32\|JOF_PROPINIT) MAKE_CODESPEC (InitElemInc, init_elem_inc, __null, 1, 3, 2, JOF_BYTE\|JOF_PROPINIT \|JOF_IC) MAKE_CODESPEC(Hole, hole, __null, 1, 0, 1, JOF_BYTE) MAKE_CODESPEC(RegExp, reg_exp, __null, 5, 0, 1, JOF_REGEXP) MAKE_CODESPEC (Lambda, lambda, __null, 5, 0, 1, JOF_OBJECT\|JOF_USES_ENV\|JOF_IC ) MAKE_CODESPEC(SetFunName, set_fun_name, __null, 2, 2, 1, JOF_UINT8 ) MAKE_CODESPEC(InitHomeObject, init_home_object, __null, 1, 2 , 1, JOF_BYTE) MAKE_CODESPEC(CheckClassHeritage, check_class_heritage , __null, 1, 1, 1, JOF_BYTE) MAKE_CODESPEC(FunWithProto, fun_with_proto , __null, 5, 1, 1, JOF_OBJECT\|JOF_USES_ENV) MAKE_CODESPEC(BuiltinObject , builtin_object, __null, 2, 0, 1, JOF_UINT8\|JOF_IC) MAKE_CODESPEC (Call, call, __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_IC) MAKE_CODESPEC (CallContent, call_content, __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE \|JOF_IC) MAKE_CODESPEC(CallIter, call_iter, __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_IC) MAKE_CODESPEC(CallContentIter, call_content_iter , __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_IC) MAKE_CODESPEC (CallIgnoresRv, call_ignores_rv, __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE \|JOF_IC) MAKE_CODESPEC(SpreadCall, spread_call, __null, 1, 3, 1, JOF_BYTE\|JOF_INVOKE\|JOF_SPREAD\|JOF_IC) MAKE_CODESPEC(OptimizeSpreadCall , optimize_spread_call, __null, 1, 1, 1, JOF_BYTE\|JOF_IC) MAKE_CODESPEC (Eval, eval, __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_CHECKSLOPPY \|JOF_IC) MAKE_CODESPEC(SpreadEval, spread_eval, __null, 1, 3, 1, JOF_BYTE\|JOF_INVOKE\|JOF_SPREAD\|JOF_CHECKSLOPPY\|JOF_IC) MAKE_CODESPEC (StrictEval, strict_eval, __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE \|JOF_CHECKSTRICT\|JOF_IC) MAKE_CODESPEC(StrictSpreadEval, strict_spread_eval , __null, 1, 3, 1, JOF_BYTE\|JOF_INVOKE\|JOF_SPREAD\|JOF_CHECKSTRICT \|JOF_IC) MAKE_CODESPEC(ImplicitThis, implicit_this, "", 1, 1, 1, JOF_BYTE) MAKE_CODESPEC(CallSiteObj, call_site_obj, __null , 5, 0, 1, JOF_OBJECT) MAKE_CODESPEC(IsConstructing, is_constructing , __null, 1, 0, 1, JOF_BYTE) MAKE_CODESPEC(New, new_, __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_CONSTRUCT\|JOF_IC) MAKE_CODESPEC (NewContent, new_content, __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE \|JOF_CONSTRUCT\|JOF_IC) MAKE_CODESPEC(SuperCall, super_call, __null , 3, -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_CONSTRUCT\|JOF_IC) MAKE_CODESPEC (SpreadNew, spread_new, __null, 1, 4, 1, JOF_BYTE\|JOF_INVOKE\| JOF_CONSTRUCT\|JOF_SPREAD\|JOF_IC) MAKE_CODESPEC(SpreadSuperCall , spread_super_call, __null, 1, 4, 1, JOF_BYTE\|JOF_INVOKE\|JOF_CONSTRUCT \|JOF_SPREAD\|JOF_IC) MAKE_CODESPEC(SuperFun, super_fun, __null , 1, 1, 1, JOF_BYTE) MAKE_CODESPEC(CheckThisReinit, check_this_reinit , __null, 1, 1, 1, JOF_BYTE) MAKE_CODESPEC(Generator, generator , __null, 1, 0, 1, JOF_BYTE\|JOF_USES_ENV) MAKE_CODESPEC(InitialYield , initial_yield, __null, 4, 1, 3, JOF_RESUMEINDEX) MAKE_CODESPEC (AfterYield, after_yield, __null, 5, 0, 0, JOF_ICINDEX) MAKE_CODESPEC (FinalYieldRval, final_yield_rval, __null, 1, 1, 0, JOF_BYTE) MAKE_CODESPEC(Yield, yield, __null, 4, 2, 3, JOF_RESUMEINDEX ) MAKE_CODESPEC(IsGenClosing, is_gen_closing, __null, 1, 1, 2 , JOF_BYTE) MAKE_CODESPEC(AsyncAwait, async_await, __null, 1, 2, 1, JOF_BYTE) MAKE_CODESPEC(AsyncResolve, async_resolve, __null , 1, 2, 1, JOF_BYTE) MAKE_CODESPEC(AsyncReject, async_reject, __null, 1, 3, 1, JOF_BYTE) MAKE_CODESPEC(Await, await, __null , 4, 2, 3, JOF_RESUMEINDEX) MAKE_CODESPEC(CanSkipAwait, can_skip_await , __null, 1, 1, 2, JOF_BYTE) MAKE_CODESPEC(MaybeExtractAwaitValue , maybe_extract_await_value, __null, 1, 2, 2, JOF_BYTE) MAKE_CODESPEC (ResumeKind, resume_kind, __null, 2, 0, 1, JOF_UINT8) MAKE_CODESPEC (CheckResumeKind, check_resume_kind, __null, 1, 3, 1, JOF_BYTE ) MAKE_CODESPEC(Resume, resume, __null, 1, 3, 1, JOF_BYTE\|JOF_INVOKE ) MAKE_CODESPEC(JumpTarget, jump_target, __null, 5, 0, 0, JOF_ICINDEX ) MAKE_CODESPEC(LoopHead, loop_head, __null, 6, 0, 0, JOF_LOOPHEAD ) MAKE_CODESPEC(Goto, goto_, __null, 5, 0, 0, JOF_JUMP) MAKE_CODESPEC (JumpIfFalse, jump_if_false, __null, 5, 1, 0, JOF_JUMP\|JOF_IC ) MAKE_CODESPEC(JumpIfTrue, jump_if_true, __null, 5, 1, 0, JOF_JUMP \|JOF_IC) MAKE_CODESPEC(And, and_, __null, 5, 1, 1, JOF_JUMP\|JOF_IC ) MAKE_CODESPEC(Or, or_, __null, 5, 1, 1, JOF_JUMP\|JOF_IC) MAKE_CODESPEC (Coalesce, coalesce, __null, 5, 1, 1, JOF_JUMP) MAKE_CODESPEC (Case, case_, __null, 5, 2, 1, JOF_JUMP) MAKE_CODESPEC(Default , default_, __null, 5, 1, 0, JOF_JUMP) MAKE_CODESPEC(TableSwitch , table_switch, __null, 16, 1, 0, JOF_TABLESWITCH) MAKE_CODESPEC (Return, return_, __null, 1, 1, 0, JOF_BYTE) MAKE_CODESPEC(GetRval , get_rval, __null, 1, 0, 1, JOF_BYTE) MAKE_CODESPEC(SetRval, set_rval, __null, 1, 1, 0, JOF_BYTE) MAKE_CODESPEC(RetRval, ret_rval , __null, 1, 0, 0, JOF_BYTE) MAKE_CODESPEC(CheckReturn, check_return , __null, 1, 1, 1, JOF_BYTE) MAKE_CODESPEC(Throw, throw_, __null , 1, 1, 0, JOF_BYTE) MAKE_CODESPEC(ThrowWithStack, throw_with_stack , __null, 1, 2, 0, JOF_BYTE) MAKE_CODESPEC(CreateSuppressedError , create_suppressed_error, __null, 1, 2, 1, JOF_BYTE) MAKE_CODESPEC (ThrowMsg, throw_msg, __null, 2, 0, 0, JOF_UINT8) MAKE_CODESPEC (ThrowSetConst, throw_set_const, __null, 5, 0, 0, JOF_ATOM) MAKE_CODESPEC (Try, try_, __null, 1, 0, 0, JOF_BYTE) MAKE_CODESPEC(TryDestructuring , try_destructuring, __null, 1, 0, 0, JOF_BYTE) MAKE_CODESPEC (Exception, exception, __null, 1, 0, 1, JOF_BYTE) MAKE_CODESPEC (ExceptionAndStack, exception_and_stack, __null, 1, 0, 2, JOF_BYTE ) MAKE_CODESPEC(Finally, finally, __null, 1, 0, 0, JOF_BYTE) MAKE_CODESPEC (Uninitialized, uninitialized, __null, 1, 0, 1, JOF_BYTE) MAKE_CODESPEC (InitLexical, init_lexical, __null, 4, 1, 1, JOF_LOCAL) MAKE_CODESPEC (InitGLexical, init_g_lexical, __null, 5, 1, 1, JOF_ATOM\|JOF_PROPINIT \|JOF_GNAME\|JOF_IC) MAKE_CODESPEC(InitAliasedLexical, init_aliased_lexical , __null, 5, 1, 1, JOF_ENVCOORD\|JOF_PROPINIT) MAKE_CODESPEC(CheckLexical , check_lexical, __null, 4, 1, 1, JOF_LOCAL) MAKE_CODESPEC(CheckAliasedLexical , check_aliased_lexical, __null, 5, 1, 1, JOF_ENVCOORD) MAKE_CODESPEC (CheckThis, check_this, __null, 1, 1, 1, JOF_BYTE) MAKE_CODESPEC (BindUnqualifiedGName, bind_unqualified_g_name, __null, 5, 0, 1, JOF_ATOM\|JOF_GNAME\|JOF_IC) MAKE_CODESPEC(BindUnqualifiedName , bind_unqualified_name, __null, 5, 0, 1, JOF_ATOM\|JOF_IC\|JOF_USES_ENV ) MAKE_CODESPEC(BindName, bind_name, __null, 5, 0, 1, JOF_ATOM \|JOF_IC\|JOF_USES_ENV) MAKE_CODESPEC(GetName, get_name, __null , 5, 0, 1, JOF_ATOM\|JOF_IC\|JOF_USES_ENV) MAKE_CODESPEC(GetGName , get_g_name, __null, 5, 0, 1, JOF_ATOM\|JOF_GNAME\|JOF_IC) MAKE_CODESPEC (GetArg, get_arg, __null, 3, 0, 1, JOF_QARG) MAKE_CODESPEC(GetFrameArg , get_frame_arg, __null, 3, 0, 1, JOF_QARG) MAKE_CODESPEC(GetLocal , get_local, __null, 4, 0, 1, JOF_LOCAL) MAKE_CODESPEC(ArgumentsLength , arguments_length, __null, 1, 0, 1, JOF_BYTE) MAKE_CODESPEC( GetActualArg, get_actual_arg, __null, 1, 1, 1, JOF_BYTE) MAKE_CODESPEC (GetAliasedVar, get_aliased_var, __null, 5, 0, 1, JOF_ENVCOORD \|JOF_USES_ENV) MAKE_CODESPEC(GetAliasedDebugVar, get_aliased_debug_var , __null, 5, 0, 1, JOF_DEBUGCOORD) MAKE_CODESPEC(GetImport, get_import , __null, 5, 0, 1, JOF_ATOM\|JOF_IC) MAKE_CODESPEC(GetBoundName , get_bound_name, __null, 5, 1, 1, JOF_ATOM\|JOF_IC) MAKE_CODESPEC (GetIntrinsic, get_intrinsic, __null, 5, 0, 1, JOF_ATOM\|JOF_IC ) MAKE_CODESPEC(Callee, callee, __null, 1, 0, 1, JOF_BYTE) MAKE_CODESPEC (EnvCallee, env_callee, __null, 2, 0, 1, JOF_UINT8) MAKE_CODESPEC (SetName, set_name, __null, 5, 2, 1, JOF_ATOM\|JOF_PROPSET\|JOF_CHECKSLOPPY \|JOF_IC\|JOF_USES_ENV) MAKE_CODESPEC(StrictSetName, strict_set_name , __null, 5, 2, 1, JOF_ATOM\|JOF_PROPSET\|JOF_CHECKSTRICT\|JOF_IC \|JOF_USES_ENV) MAKE_CODESPEC(SetGName, set_g_name, __null, 5, 2, 1, JOF_ATOM\|JOF_PROPSET\|JOF_GNAME\|JOF_CHECKSLOPPY\|JOF_IC) MAKE_CODESPEC(StrictSetGName, strict_set_g_name, __null, 5, 2 , 1, JOF_ATOM\|JOF_PROPSET\|JOF_GNAME\|JOF_CHECKSTRICT\|JOF_IC) MAKE_CODESPEC (SetArg, set_arg, __null, 3, 1, 1, JOF_QARG) MAKE_CODESPEC(SetLocal , set_local, __null, 4, 1, 1, JOF_LOCAL) MAKE_CODESPEC(SetAliasedVar , set_aliased_var, __null, 5, 1, 1, JOF_ENVCOORD\|JOF_PROPSET\| JOF_USES_ENV) MAKE_CODESPEC(SetIntrinsic, set_intrinsic, __null , 5, 1, 1, JOF_ATOM) MAKE_CODESPEC(PushLexicalEnv, push_lexical_env , __null, 5, 0, 0, JOF_SCOPE\|JOF_USES_ENV) MAKE_CODESPEC(PopLexicalEnv , pop_lexical_env, __null, 1, 0, 0, JOF_BYTE\|JOF_USES_ENV) MAKE_CODESPEC (DebugLeaveLexicalEnv, debug_leave_lexical_env, __null, 1, 0, 0, JOF_BYTE) MAKE_CODESPEC(RecreateLexicalEnv, recreate_lexical_env , __null, 5, 0, 0, JOF_SCOPE) MAKE_CODESPEC(FreshenLexicalEnv , freshen_lexical_env, __null, 5, 0, 0, JOF_SCOPE) MAKE_CODESPEC (PushClassBodyEnv, push_class_body_env, __null, 5, 0, 0, JOF_SCOPE ) MAKE_CODESPEC(PushVarEnv, push_var_env, __null, 5, 0, 0, JOF_SCOPE \|JOF_USES_ENV) MAKE_CODESPEC(EnterWith, enter_with, __null, 5 , 1, 0, JOF_SCOPE) MAKE_CODESPEC(LeaveWith, leave_with, __null , 1, 0, 0, JOF_BYTE) MAKE_CODESPEC(AddDisposable, add_disposable , __null, 2, 3, 0, JOF_UINT8\|JOF_USES_ENV) MAKE_CODESPEC(TakeDisposeCapability , take_dispose_capability, __null, 1, 0, 1, JOF_BYTE\|JOF_USES_ENV ) MAKE_CODESPEC(BindVar, bind_var, __null, 1, 0, 1, JOF_BYTE\| JOF_USES_ENV) MAKE_CODESPEC(GlobalOrEvalDeclInstantiation, global_or_eval_decl_instantiation , __null, 5, 0, 0, JOF_GCTHING\|JOF_USES_ENV) MAKE_CODESPEC(DelName , del_name, __null, 5, 0, 1, JOF_ATOM\|JOF_CHECKSLOPPY\|JOF_USES_ENV ) MAKE_CODESPEC(Arguments, arguments, __null, 1, 0, 1, JOF_BYTE \|JOF_USES_ENV) MAKE_CODESPEC(Rest, rest, __null, 1, 0, 1, JOF_BYTE \|JOF_IC) MAKE_CODESPEC(FunctionThis, function_this, __null, 1 , 0, 1, JOF_BYTE) MAKE_CODESPEC(Pop, pop, __null, 1, 1, 0, JOF_BYTE ) MAKE_CODESPEC(PopN, pop_n, __null, 3, -1, 0, JOF_UINT16) MAKE_CODESPEC (Dup, dup, __null, 1, 1, 2, JOF_BYTE) MAKE_CODESPEC(Dup2, dup2 , __null, 1, 2, 4, JOF_BYTE) MAKE_CODESPEC(DupAt, dup_at, __null , 4, 0, 1, JOF_UINT24) MAKE_CODESPEC(Swap, swap, __null, 1, 2 , 2, JOF_BYTE) MAKE_CODESPEC(Pick, pick, __null, 2, 0, 0, JOF_UINT8 ) MAKE_CODESPEC(Unpick, unpick, __null, 2, 0, 0, JOF_UINT8) MAKE_CODESPEC (Nop, nop, __null, 1, 0, 0, JOF_BYTE) MAKE_CODESPEC(Lineno, lineno , __null, 5, 0, 0, JOF_UINT32) MAKE_CODESPEC(NopDestructuring , nop_destructuring, __null, 1, 0, 0, JOF_BYTE) MAKE_CODESPEC (ForceInterpreter, force_interpreter, __null, 1, 0, 0, JOF_BYTE ) MAKE_CODESPEC(DebugCheckSelfHosted, debug_check_self_hosted , __null, 1, 1, 1, JOF_BYTE) MAKE_CODESPEC(Debugger, debugger , __null, 1, 0, 0, JOF_BYTE)
76	#undef MAKE_CODESPEC
77	};
78
79	/*
80	* Each element of the array is either a source literal associated with JS
81	* bytecode or null.
82	*/
83	static const char* const CodeToken[] = {
84	#define TOKEN(op, op_snake, token, ...) token,
85	FOR_EACH_OPCODE(TOKEN)TOKEN(Undefined, undefined, "", 1, 0, 1, JOF_BYTE) TOKEN(Null , null, "null", 1, 0, 1, JOF_BYTE) TOKEN(False, false_, "false" , 1, 0, 1, JOF_BYTE) TOKEN(True, true_, "true", 1, 0, 1, JOF_BYTE ) TOKEN(Int32, int32, __null, 5, 0, 1, JOF_INT32) TOKEN(Zero, zero, "0", 1, 0, 1, JOF_BYTE) TOKEN(One, one, "1", 1, 0, 1, JOF_BYTE ) TOKEN(Int8, int8, __null, 2, 0, 1, JOF_INT8) TOKEN(Uint16, uint16 , __null, 3, 0, 1, JOF_UINT16) TOKEN(Uint24, uint24, __null, 4 , 0, 1, JOF_UINT24) TOKEN(Double, double_, __null, 9, 0, 1, JOF_DOUBLE ) TOKEN(BigInt, big_int, __null, 5, 0, 1, JOF_BIGINT) TOKEN(String , string, __null, 5, 0, 1, JOF_STRING) TOKEN(Symbol, symbol, __null , 2, 0, 1, JOF_UINT8) TOKEN(Void, void_, __null, 1, 1, 1, JOF_BYTE ) TOKEN(Typeof, typeof_, __null, 1, 1, 1, JOF_BYTE\|JOF_IC) TOKEN (TypeofExpr, typeof_expr, __null, 1, 1, 1, JOF_BYTE\|JOF_IC) TOKEN (TypeofEq, typeof_eq, __null, 2, 1, 1, JOF_UINT8\|JOF_IC) TOKEN (Pos, pos, "+ ", 1, 1, 1, JOF_BYTE\|JOF_IC) TOKEN(Neg, neg, "- " , 1, 1, 1, JOF_BYTE\|JOF_IC) TOKEN(BitNot, bit_not, "~", 1, 1, 1, JOF_BYTE\|JOF_IC) TOKEN(Not, not_, "!", 1, 1, 1, JOF_BYTE\| JOF_IC) TOKEN(BitOr, bit_or, "\|", 1, 2, 1, JOF_BYTE\|JOF_IC) TOKEN (BitXor, bit_xor, "^", 1, 2, 1, JOF_BYTE\|JOF_IC) TOKEN(BitAnd , bit_and, "&", 1, 2, 1, JOF_BYTE\|JOF_IC) TOKEN(Eq, eq, "==" , 1, 2, 1, JOF_BYTE\|JOF_IC) TOKEN(Ne, ne, "!=", 1, 2, 1, JOF_BYTE \|JOF_IC) TOKEN(StrictEq, strict_eq, "===", 1, 2, 1, JOF_BYTE\| JOF_IC) TOKEN(StrictNe, strict_ne, "!==", 1, 2, 1, JOF_BYTE\|JOF_IC ) TOKEN(Lt, lt, "<", 1, 2, 1, JOF_BYTE\|JOF_IC) TOKEN(Gt, gt , ">", 1, 2, 1, JOF_BYTE\|JOF_IC) TOKEN(Le, le, "<=", 1, 2, 1, JOF_BYTE\|JOF_IC) TOKEN(Ge, ge, ">=", 1, 2, 1, JOF_BYTE \|JOF_IC) TOKEN(Instanceof, instanceof, "instanceof", 1, 2, 1, JOF_BYTE\|JOF_IC) TOKEN(In, in_, "in", 1, 2, 1, JOF_BYTE\|JOF_IC ) TOKEN(Lsh, lsh, "<<", 1, 2, 1, JOF_BYTE\|JOF_IC) TOKEN (Rsh, rsh, ">>", 1, 2, 1, JOF_BYTE\|JOF_IC) TOKEN(Ursh, ursh , ">>>", 1, 2, 1, JOF_BYTE\|JOF_IC) TOKEN(Add, add, "+" , 1, 2, 1, JOF_BYTE\|JOF_IC) TOKEN(Sub, sub, "-", 1, 2, 1, JOF_BYTE \|JOF_IC) TOKEN(Inc, inc, __null, 1, 1, 1, JOF_BYTE\|JOF_IC) TOKEN (Dec, dec, __null, 1, 1, 1, JOF_BYTE\|JOF_IC) TOKEN(Mul, mul, "" , 1, 2, 1, JOF_BYTE\|JOF_IC) TOKEN(Div, div, "/", 1, 2, 1, JOF_BYTE \|JOF_IC) TOKEN(Mod, mod, "%", 1, 2, 1, JOF_BYTE\|JOF_IC) TOKEN (Pow, pow, "*", 1, 2, 1, JOF_BYTE\|JOF_IC) TOKEN(NopIsAssignOp , nop_is_assign_op, __null, 1, 0, 0, JOF_BYTE) TOKEN(ToPropertyKey , to_property_key, __null, 1, 1, 1, JOF_BYTE\|JOF_IC) TOKEN(ToNumeric , to_numeric, __null, 1, 1, 1, JOF_BYTE\|JOF_IC) TOKEN(ToString , to_string, __null, 1, 1, 1, JOF_BYTE) TOKEN(IsNullOrUndefined , is_null_or_undefined, __null, 1, 1, 2, JOF_BYTE) TOKEN(GlobalThis , global_this, __null, 1, 0, 1, JOF_BYTE) TOKEN(NonSyntacticGlobalThis , non_syntactic_global_this, __null, 1, 0, 1, JOF_BYTE) TOKEN (NewTarget, new_target, __null, 1, 0, 1, JOF_BYTE) TOKEN(DynamicImport , dynamic_import, __null, 1, 2, 1, JOF_BYTE) TOKEN(ImportMeta , import_meta, __null, 1, 0, 1, JOF_BYTE\|JOF_IC) TOKEN(NewInit , new_init, __null, 1, 0, 1, JOF_BYTE\|JOF_IC) TOKEN(NewObject , new_object, __null, 5, 0, 1, JOF_SHAPE\|JOF_IC) TOKEN(Object , object, __null, 5, 0, 1, JOF_OBJECT) TOKEN(ObjWithProto, obj_with_proto , __null, 1, 1, 1, JOF_BYTE) TOKEN(InitProp, init_prop, __null , 5, 2, 1, JOF_ATOM\|JOF_PROPINIT\|JOF_IC) TOKEN(InitHiddenProp , init_hidden_prop, __null, 5, 2, 1, JOF_ATOM\|JOF_PROPINIT\|JOF_IC ) TOKEN(InitLockedProp, init_locked_prop, __null, 5, 2, 1, JOF_ATOM \|JOF_PROPINIT\|JOF_IC) TOKEN(InitElem, init_elem, __null, 1, 3 , 1, JOF_BYTE\|JOF_PROPINIT\|JOF_IC) TOKEN(InitHiddenElem, init_hidden_elem , __null, 1, 3, 1, JOF_BYTE\|JOF_PROPINIT\|JOF_IC) TOKEN(InitLockedElem , init_locked_elem, __null, 1, 3, 1, JOF_BYTE\|JOF_PROPINIT\|JOF_IC ) TOKEN(InitPropGetter, init_prop_getter, __null, 5, 2, 1, JOF_ATOM \|JOF_PROPINIT) TOKEN(InitHiddenPropGetter, init_hidden_prop_getter , __null, 5, 2, 1, JOF_ATOM\|JOF_PROPINIT) TOKEN(InitElemGetter , init_elem_getter, __null, 1, 3, 1, JOF_BYTE\|JOF_PROPINIT) TOKEN (InitHiddenElemGetter, init_hidden_elem_getter, __null, 1, 3, 1, JOF_BYTE\|JOF_PROPINIT) TOKEN(InitPropSetter, init_prop_setter , __null, 5, 2, 1, JOF_ATOM\|JOF_PROPINIT) TOKEN(InitHiddenPropSetter , init_hidden_prop_setter, __null, 5, 2, 1, JOF_ATOM\|JOF_PROPINIT ) TOKEN(InitElemSetter, init_elem_setter, __null, 1, 3, 1, JOF_BYTE \|JOF_PROPINIT) TOKEN(InitHiddenElemSetter, init_hidden_elem_setter , __null, 1, 3, 1, JOF_BYTE\|JOF_PROPINIT) TOKEN(GetProp, get_prop , __null, 5, 1, 1, JOF_ATOM\|JOF_IC) TOKEN(GetElem, get_elem, __null , 1, 2, 1, JOF_BYTE\|JOF_IC) TOKEN(SetProp, set_prop, __null, 5 , 2, 1, JOF_ATOM\|JOF_PROPSET\|JOF_CHECKSLOPPY\|JOF_IC) TOKEN(StrictSetProp , strict_set_prop, __null, 5, 2, 1, JOF_ATOM\|JOF_PROPSET\|JOF_CHECKSTRICT \|JOF_IC) TOKEN(SetElem, set_elem, __null, 1, 3, 1, JOF_BYTE\|JOF_PROPSET \|JOF_CHECKSLOPPY\|JOF_IC) TOKEN(StrictSetElem, strict_set_elem , __null, 1, 3, 1, JOF_BYTE\|JOF_PROPSET\|JOF_CHECKSTRICT\|JOF_IC ) TOKEN(DelProp, del_prop, __null, 5, 1, 1, JOF_ATOM\|JOF_CHECKSLOPPY ) TOKEN(StrictDelProp, strict_del_prop, __null, 5, 1, 1, JOF_ATOM \|JOF_CHECKSTRICT) TOKEN(DelElem, del_elem, __null, 1, 2, 1, JOF_BYTE \|JOF_CHECKSLOPPY) TOKEN(StrictDelElem, strict_del_elem, __null , 1, 2, 1, JOF_BYTE\|JOF_CHECKSTRICT) TOKEN(HasOwn, has_own, __null , 1, 2, 1, JOF_BYTE\|JOF_IC) TOKEN(CheckPrivateField, check_private_field , __null, 3, 2, 3, JOF_TWO_UINT8\|JOF_CHECKSTRICT\|JOF_IC) TOKEN (NewPrivateName, new_private_name, __null, 5, 0, 1, JOF_ATOM) TOKEN(SuperBase, super_base, __null, 1, 1, 1, JOF_BYTE) TOKEN (GetPropSuper, get_prop_super, __null, 5, 2, 1, JOF_ATOM\|JOF_IC ) TOKEN(GetElemSuper, get_elem_super, __null, 1, 3, 1, JOF_BYTE \|JOF_IC) TOKEN(SetPropSuper, set_prop_super, __null, 5, 3, 1, JOF_ATOM\|JOF_PROPSET\|JOF_CHECKSLOPPY) TOKEN(StrictSetPropSuper , strict_set_prop_super, __null, 5, 3, 1, JOF_ATOM\|JOF_PROPSET \|JOF_CHECKSTRICT) TOKEN(SetElemSuper, set_elem_super, __null, 1, 4, 1, JOF_BYTE\|JOF_PROPSET\|JOF_CHECKSLOPPY) TOKEN(StrictSetElemSuper , strict_set_elem_super, __null, 1, 4, 1, JOF_BYTE\|JOF_PROPSET \|JOF_CHECKSTRICT) TOKEN(Iter, iter, __null, 1, 1, 1, JOF_BYTE \|JOF_IC) TOKEN(MoreIter, more_iter, __null, 1, 1, 2, JOF_BYTE ) TOKEN(IsNoIter, is_no_iter, __null, 1, 1, 2, JOF_BYTE) TOKEN (EndIter, end_iter, __null, 1, 2, 0, JOF_BYTE) TOKEN(CloseIter , close_iter, __null, 2, 1, 0, JOF_UINT8\|JOF_IC) TOKEN(OptimizeGetIterator , optimize_get_iterator, __null, 1, 1, 1, JOF_BYTE\|JOF_IC) TOKEN (CheckIsObj, check_is_obj, __null, 2, 1, 1, JOF_UINT8) TOKEN( CheckObjCoercible, check_obj_coercible, __null, 1, 1, 1, JOF_BYTE ) TOKEN(ToAsyncIter, to_async_iter, __null, 1, 2, 1, JOF_BYTE ) TOKEN(MutateProto, mutate_proto, __null, 1, 2, 1, JOF_BYTE) TOKEN(NewArray, new_array, __null, 5, 0, 1, JOF_UINT32\|JOF_IC ) TOKEN(InitElemArray, init_elem_array, __null, 5, 2, 1, JOF_UINT32 \|JOF_PROPINIT) TOKEN(InitElemInc, init_elem_inc, __null, 1, 3 , 2, JOF_BYTE\|JOF_PROPINIT\|JOF_IC) TOKEN(Hole, hole, __null, 1 , 0, 1, JOF_BYTE) TOKEN(RegExp, reg_exp, __null, 5, 0, 1, JOF_REGEXP ) TOKEN(Lambda, lambda, __null, 5, 0, 1, JOF_OBJECT\|JOF_USES_ENV \|JOF_IC) TOKEN(SetFunName, set_fun_name, __null, 2, 2, 1, JOF_UINT8 ) TOKEN(InitHomeObject, init_home_object, __null, 1, 2, 1, JOF_BYTE ) TOKEN(CheckClassHeritage, check_class_heritage, __null, 1, 1 , 1, JOF_BYTE) TOKEN(FunWithProto, fun_with_proto, __null, 5, 1, 1, JOF_OBJECT\|JOF_USES_ENV) TOKEN(BuiltinObject, builtin_object , __null, 2, 0, 1, JOF_UINT8\|JOF_IC) TOKEN(Call, call, __null , 3, -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_IC) TOKEN(CallContent, call_content , __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_IC) TOKEN(CallIter , call_iter, __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_IC) TOKEN (CallContentIter, call_content_iter, __null, 3, -1, 1, JOF_ARGC \|JOF_INVOKE\|JOF_IC) TOKEN(CallIgnoresRv, call_ignores_rv, __null , 3, -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_IC) TOKEN(SpreadCall, spread_call , __null, 1, 3, 1, JOF_BYTE\|JOF_INVOKE\|JOF_SPREAD\|JOF_IC) TOKEN (OptimizeSpreadCall, optimize_spread_call, __null, 1, 1, 1, JOF_BYTE \|JOF_IC) TOKEN(Eval, eval, __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE \|JOF_CHECKSLOPPY\|JOF_IC) TOKEN(SpreadEval, spread_eval, __null , 1, 3, 1, JOF_BYTE\|JOF_INVOKE\|JOF_SPREAD\|JOF_CHECKSLOPPY\|JOF_IC ) TOKEN(StrictEval, strict_eval, __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE \|JOF_CHECKSTRICT\|JOF_IC) TOKEN(StrictSpreadEval, strict_spread_eval , __null, 1, 3, 1, JOF_BYTE\|JOF_INVOKE\|JOF_SPREAD\|JOF_CHECKSTRICT \|JOF_IC) TOKEN(ImplicitThis, implicit_this, "", 1, 1, 1, JOF_BYTE ) TOKEN(CallSiteObj, call_site_obj, __null, 5, 0, 1, JOF_OBJECT ) TOKEN(IsConstructing, is_constructing, __null, 1, 0, 1, JOF_BYTE ) TOKEN(New, new_, __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_CONSTRUCT \|JOF_IC) TOKEN(NewContent, new_content, __null, 3, -1, 1, JOF_ARGC \|JOF_INVOKE\|JOF_CONSTRUCT\|JOF_IC) TOKEN(SuperCall, super_call , __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_CONSTRUCT\|JOF_IC) TOKEN(SpreadNew, spread_new, __null, 1, 4, 1, JOF_BYTE\|JOF_INVOKE \|JOF_CONSTRUCT\|JOF_SPREAD\|JOF_IC) TOKEN(SpreadSuperCall, spread_super_call , __null, 1, 4, 1, JOF_BYTE\|JOF_INVOKE\|JOF_CONSTRUCT\|JOF_SPREAD \|JOF_IC) TOKEN(SuperFun, super_fun, __null, 1, 1, 1, JOF_BYTE ) TOKEN(CheckThisReinit, check_this_reinit, __null, 1, 1, 1, JOF_BYTE ) TOKEN(Generator, generator, __null, 1, 0, 1, JOF_BYTE\|JOF_USES_ENV ) TOKEN(InitialYield, initial_yield, __null, 4, 1, 3, JOF_RESUMEINDEX ) TOKEN(AfterYield, after_yield, __null, 5, 0, 0, JOF_ICINDEX ) TOKEN(FinalYieldRval, final_yield_rval, __null, 1, 1, 0, JOF_BYTE ) TOKEN(Yield, yield, __null, 4, 2, 3, JOF_RESUMEINDEX) TOKEN (IsGenClosing, is_gen_closing, __null, 1, 1, 2, JOF_BYTE) TOKEN (AsyncAwait, async_await, __null, 1, 2, 1, JOF_BYTE) TOKEN(AsyncResolve , async_resolve, __null, 1, 2, 1, JOF_BYTE) TOKEN(AsyncReject , async_reject, __null, 1, 3, 1, JOF_BYTE) TOKEN(Await, await , __null, 4, 2, 3, JOF_RESUMEINDEX) TOKEN(CanSkipAwait, can_skip_await , __null, 1, 1, 2, JOF_BYTE) TOKEN(MaybeExtractAwaitValue, maybe_extract_await_value , __null, 1, 2, 2, JOF_BYTE) TOKEN(ResumeKind, resume_kind, __null , 2, 0, 1, JOF_UINT8) TOKEN(CheckResumeKind, check_resume_kind , __null, 1, 3, 1, JOF_BYTE) TOKEN(Resume, resume, __null, 1, 3, 1, JOF_BYTE\|JOF_INVOKE) TOKEN(JumpTarget, jump_target, __null , 5, 0, 0, JOF_ICINDEX) TOKEN(LoopHead, loop_head, __null, 6, 0, 0, JOF_LOOPHEAD) TOKEN(Goto, goto_, __null, 5, 0, 0, JOF_JUMP ) TOKEN(JumpIfFalse, jump_if_false, __null, 5, 1, 0, JOF_JUMP \|JOF_IC) TOKEN(JumpIfTrue, jump_if_true, __null, 5, 1, 0, JOF_JUMP \|JOF_IC) TOKEN(And, and_, __null, 5, 1, 1, JOF_JUMP\|JOF_IC) TOKEN (Or, or_, __null, 5, 1, 1, JOF_JUMP\|JOF_IC) TOKEN(Coalesce, coalesce , __null, 5, 1, 1, JOF_JUMP) TOKEN(Case, case_, __null, 5, 2, 1, JOF_JUMP) TOKEN(Default, default_, __null, 5, 1, 0, JOF_JUMP ) TOKEN(TableSwitch, table_switch, __null, 16, 1, 0, JOF_TABLESWITCH ) TOKEN(Return, return_, __null, 1, 1, 0, JOF_BYTE) TOKEN(GetRval , get_rval, __null, 1, 0, 1, JOF_BYTE) TOKEN(SetRval, set_rval , __null, 1, 1, 0, JOF_BYTE) TOKEN(RetRval, ret_rval, __null, 1, 0, 0, JOF_BYTE) TOKEN(CheckReturn, check_return, __null, 1 , 1, 1, JOF_BYTE) TOKEN(Throw, throw_, __null, 1, 1, 0, JOF_BYTE ) TOKEN(ThrowWithStack, throw_with_stack, __null, 1, 2, 0, JOF_BYTE ) TOKEN(CreateSuppressedError, create_suppressed_error, __null , 1, 2, 1, JOF_BYTE) TOKEN(ThrowMsg, throw_msg, __null, 2, 0, 0, JOF_UINT8) TOKEN(ThrowSetConst, throw_set_const, __null, 5 , 0, 0, JOF_ATOM) TOKEN(Try, try_, __null, 1, 0, 0, JOF_BYTE) TOKEN(TryDestructuring, try_destructuring, __null, 1, 0, 0, JOF_BYTE ) TOKEN(Exception, exception, __null, 1, 0, 1, JOF_BYTE) TOKEN (ExceptionAndStack, exception_and_stack, __null, 1, 0, 2, JOF_BYTE ) TOKEN(Finally, finally, __null, 1, 0, 0, JOF_BYTE) TOKEN(Uninitialized , uninitialized, __null, 1, 0, 1, JOF_BYTE) TOKEN(InitLexical , init_lexical, __null, 4, 1, 1, JOF_LOCAL) TOKEN(InitGLexical , init_g_lexical, __null, 5, 1, 1, JOF_ATOM\|JOF_PROPINIT\|JOF_GNAME \|JOF_IC) TOKEN(InitAliasedLexical, init_aliased_lexical, __null , 5, 1, 1, JOF_ENVCOORD\|JOF_PROPINIT) TOKEN(CheckLexical, check_lexical , __null, 4, 1, 1, JOF_LOCAL) TOKEN(CheckAliasedLexical, check_aliased_lexical , __null, 5, 1, 1, JOF_ENVCOORD) TOKEN(CheckThis, check_this, __null, 1, 1, 1, JOF_BYTE) TOKEN(BindUnqualifiedGName, bind_unqualified_g_name , __null, 5, 0, 1, JOF_ATOM\|JOF_GNAME\|JOF_IC) TOKEN(BindUnqualifiedName , bind_unqualified_name, __null, 5, 0, 1, JOF_ATOM\|JOF_IC\|JOF_USES_ENV ) TOKEN(BindName, bind_name, __null, 5, 0, 1, JOF_ATOM\|JOF_IC \|JOF_USES_ENV) TOKEN(GetName, get_name, __null, 5, 0, 1, JOF_ATOM \|JOF_IC\|JOF_USES_ENV) TOKEN(GetGName, get_g_name, __null, 5, 0 , 1, JOF_ATOM\|JOF_GNAME\|JOF_IC) TOKEN(GetArg, get_arg, __null , 3, 0, 1, JOF_QARG) TOKEN(GetFrameArg, get_frame_arg, __null , 3, 0, 1, JOF_QARG) TOKEN(GetLocal, get_local, __null, 4, 0, 1, JOF_LOCAL) TOKEN(ArgumentsLength, arguments_length, __null , 1, 0, 1, JOF_BYTE) TOKEN(GetActualArg, get_actual_arg, __null , 1, 1, 1, JOF_BYTE) TOKEN(GetAliasedVar, get_aliased_var, __null , 5, 0, 1, JOF_ENVCOORD\|JOF_USES_ENV) TOKEN(GetAliasedDebugVar , get_aliased_debug_var, __null, 5, 0, 1, JOF_DEBUGCOORD) TOKEN (GetImport, get_import, __null, 5, 0, 1, JOF_ATOM\|JOF_IC) TOKEN (GetBoundName, get_bound_name, __null, 5, 1, 1, JOF_ATOM\|JOF_IC ) TOKEN(GetIntrinsic, get_intrinsic, __null, 5, 0, 1, JOF_ATOM \|JOF_IC) TOKEN(Callee, callee, __null, 1, 0, 1, JOF_BYTE) TOKEN (EnvCallee, env_callee, __null, 2, 0, 1, JOF_UINT8) TOKEN(SetName , set_name, __null, 5, 2, 1, JOF_ATOM\|JOF_PROPSET\|JOF_CHECKSLOPPY \|JOF_IC\|JOF_USES_ENV) TOKEN(StrictSetName, strict_set_name, __null , 5, 2, 1, JOF_ATOM\|JOF_PROPSET\|JOF_CHECKSTRICT\|JOF_IC\|JOF_USES_ENV ) TOKEN(SetGName, set_g_name, __null, 5, 2, 1, JOF_ATOM\|JOF_PROPSET \|JOF_GNAME\|JOF_CHECKSLOPPY\|JOF_IC) TOKEN(StrictSetGName, strict_set_g_name , __null, 5, 2, 1, JOF_ATOM\|JOF_PROPSET\|JOF_GNAME\|JOF_CHECKSTRICT \|JOF_IC) TOKEN(SetArg, set_arg, __null, 3, 1, 1, JOF_QARG) TOKEN (SetLocal, set_local, __null, 4, 1, 1, JOF_LOCAL) TOKEN(SetAliasedVar , set_aliased_var, __null, 5, 1, 1, JOF_ENVCOORD\|JOF_PROPSET\| JOF_USES_ENV) TOKEN(SetIntrinsic, set_intrinsic, __null, 5, 1 , 1, JOF_ATOM) TOKEN(PushLexicalEnv, push_lexical_env, __null , 5, 0, 0, JOF_SCOPE\|JOF_USES_ENV) TOKEN(PopLexicalEnv, pop_lexical_env , __null, 1, 0, 0, JOF_BYTE\|JOF_USES_ENV) TOKEN(DebugLeaveLexicalEnv , debug_leave_lexical_env, __null, 1, 0, 0, JOF_BYTE) TOKEN(RecreateLexicalEnv , recreate_lexical_env, __null, 5, 0, 0, JOF_SCOPE) TOKEN(FreshenLexicalEnv , freshen_lexical_env, __null, 5, 0, 0, JOF_SCOPE) TOKEN(PushClassBodyEnv , push_class_body_env, __null, 5, 0, 0, JOF_SCOPE) TOKEN(PushVarEnv , push_var_env, __null, 5, 0, 0, JOF_SCOPE\|JOF_USES_ENV) TOKEN (EnterWith, enter_with, __null, 5, 1, 0, JOF_SCOPE) TOKEN(LeaveWith , leave_with, __null, 1, 0, 0, JOF_BYTE) TOKEN(AddDisposable, add_disposable, __null, 2, 3, 0, JOF_UINT8\|JOF_USES_ENV) TOKEN (TakeDisposeCapability, take_dispose_capability, __null, 1, 0 , 1, JOF_BYTE\|JOF_USES_ENV) TOKEN(BindVar, bind_var, __null, 1 , 0, 1, JOF_BYTE\|JOF_USES_ENV) TOKEN(GlobalOrEvalDeclInstantiation , global_or_eval_decl_instantiation, __null, 5, 0, 0, JOF_GCTHING \|JOF_USES_ENV) TOKEN(DelName, del_name, __null, 5, 0, 1, JOF_ATOM \|JOF_CHECKSLOPPY\|JOF_USES_ENV) TOKEN(Arguments, arguments, __null , 1, 0, 1, JOF_BYTE\|JOF_USES_ENV) TOKEN(Rest, rest, __null, 1 , 0, 1, JOF_BYTE\|JOF_IC) TOKEN(FunctionThis, function_this, __null , 1, 0, 1, JOF_BYTE) TOKEN(Pop, pop, __null, 1, 1, 0, JOF_BYTE ) TOKEN(PopN, pop_n, __null, 3, -1, 0, JOF_UINT16) TOKEN(Dup, dup, __null, 1, 1, 2, JOF_BYTE) TOKEN(Dup2, dup2, __null, 1, 2, 4, JOF_BYTE) TOKEN(DupAt, dup_at, __null, 4, 0, 1, JOF_UINT24 ) TOKEN(Swap, swap, __null, 1, 2, 2, JOF_BYTE) TOKEN(Pick, pick , __null, 2, 0, 0, JOF_UINT8) TOKEN(Unpick, unpick, __null, 2 , 0, 0, JOF_UINT8) TOKEN(Nop, nop, __null, 1, 0, 0, JOF_BYTE) TOKEN(Lineno, lineno, __null, 5, 0, 0, JOF_UINT32) TOKEN(NopDestructuring , nop_destructuring, __null, 1, 0, 0, JOF_BYTE) TOKEN(ForceInterpreter , force_interpreter, __null, 1, 0, 0, JOF_BYTE) TOKEN(DebugCheckSelfHosted , debug_check_self_hosted, __null, 1, 1, 1, JOF_BYTE) TOKEN(Debugger , debugger, __null, 1, 0, 0, JOF_BYTE)
86	#undef TOKEN
87	};
88
89	/*
90	* Array of JS bytecode names used by PC count JSON, DEBUG-only Disassemble
91	* and JIT debug spew.
92	*/
93	const char* const js::CodeNameTable[] = {
94	#define OPNAME(op, ...) #op,
95	FOR_EACH_OPCODE(OPNAME)OPNAME(Undefined, undefined, "", 1, 0, 1, JOF_BYTE) OPNAME(Null , null, "null", 1, 0, 1, JOF_BYTE) OPNAME(False, false_, "false" , 1, 0, 1, JOF_BYTE) OPNAME(True, true_, "true", 1, 0, 1, JOF_BYTE ) OPNAME(Int32, int32, __null, 5, 0, 1, JOF_INT32) OPNAME(Zero , zero, "0", 1, 0, 1, JOF_BYTE) OPNAME(One, one, "1", 1, 0, 1 , JOF_BYTE) OPNAME(Int8, int8, __null, 2, 0, 1, JOF_INT8) OPNAME (Uint16, uint16, __null, 3, 0, 1, JOF_UINT16) OPNAME(Uint24, uint24 , __null, 4, 0, 1, JOF_UINT24) OPNAME(Double, double_, __null , 9, 0, 1, JOF_DOUBLE) OPNAME(BigInt, big_int, __null, 5, 0, 1 , JOF_BIGINT) OPNAME(String, string, __null, 5, 0, 1, JOF_STRING ) OPNAME(Symbol, symbol, __null, 2, 0, 1, JOF_UINT8) OPNAME(Void , void_, __null, 1, 1, 1, JOF_BYTE) OPNAME(Typeof, typeof_, __null , 1, 1, 1, JOF_BYTE\|JOF_IC) OPNAME(TypeofExpr, typeof_expr, __null , 1, 1, 1, JOF_BYTE\|JOF_IC) OPNAME(TypeofEq, typeof_eq, __null , 2, 1, 1, JOF_UINT8\|JOF_IC) OPNAME(Pos, pos, "+ ", 1, 1, 1, JOF_BYTE \|JOF_IC) OPNAME(Neg, neg, "- ", 1, 1, 1, JOF_BYTE\|JOF_IC) OPNAME (BitNot, bit_not, "~", 1, 1, 1, JOF_BYTE\|JOF_IC) OPNAME(Not, not_ , "!", 1, 1, 1, JOF_BYTE\|JOF_IC) OPNAME(BitOr, bit_or, "\|", 1 , 2, 1, JOF_BYTE\|JOF_IC) OPNAME(BitXor, bit_xor, "^", 1, 2, 1 , JOF_BYTE\|JOF_IC) OPNAME(BitAnd, bit_and, "&", 1, 2, 1, JOF_BYTE \|JOF_IC) OPNAME(Eq, eq, "==", 1, 2, 1, JOF_BYTE\|JOF_IC) OPNAME (Ne, ne, "!=", 1, 2, 1, JOF_BYTE\|JOF_IC) OPNAME(StrictEq, strict_eq , "===", 1, 2, 1, JOF_BYTE\|JOF_IC) OPNAME(StrictNe, strict_ne , "!==", 1, 2, 1, JOF_BYTE\|JOF_IC) OPNAME(Lt, lt, "<", 1, 2 , 1, JOF_BYTE\|JOF_IC) OPNAME(Gt, gt, ">", 1, 2, 1, JOF_BYTE \|JOF_IC) OPNAME(Le, le, "<=", 1, 2, 1, JOF_BYTE\|JOF_IC) OPNAME (Ge, ge, ">=", 1, 2, 1, JOF_BYTE\|JOF_IC) OPNAME(Instanceof , instanceof, "instanceof", 1, 2, 1, JOF_BYTE\|JOF_IC) OPNAME( In, in_, "in", 1, 2, 1, JOF_BYTE\|JOF_IC) OPNAME(Lsh, lsh, "<<" , 1, 2, 1, JOF_BYTE\|JOF_IC) OPNAME(Rsh, rsh, ">>", 1, 2 , 1, JOF_BYTE\|JOF_IC) OPNAME(Ursh, ursh, ">>>", 1, 2 , 1, JOF_BYTE\|JOF_IC) OPNAME(Add, add, "+", 1, 2, 1, JOF_BYTE \|JOF_IC) OPNAME(Sub, sub, "-", 1, 2, 1, JOF_BYTE\|JOF_IC) OPNAME (Inc, inc, __null, 1, 1, 1, JOF_BYTE\|JOF_IC) OPNAME(Dec, dec, __null, 1, 1, 1, JOF_BYTE\|JOF_IC) OPNAME(Mul, mul, "", 1, 2 , 1, JOF_BYTE\|JOF_IC) OPNAME(Div, div, "/", 1, 2, 1, JOF_BYTE \|JOF_IC) OPNAME(Mod, mod, "%", 1, 2, 1, JOF_BYTE\|JOF_IC) OPNAME (Pow, pow, "*", 1, 2, 1, JOF_BYTE\|JOF_IC) OPNAME(NopIsAssignOp , nop_is_assign_op, __null, 1, 0, 0, JOF_BYTE) OPNAME(ToPropertyKey , to_property_key, __null, 1, 1, 1, JOF_BYTE\|JOF_IC) OPNAME(ToNumeric , to_numeric, __null, 1, 1, 1, JOF_BYTE\|JOF_IC) OPNAME(ToString , to_string, __null, 1, 1, 1, JOF_BYTE) OPNAME(IsNullOrUndefined , is_null_or_undefined, __null, 1, 1, 2, JOF_BYTE) OPNAME(GlobalThis , global_this, __null, 1, 0, 1, JOF_BYTE) OPNAME(NonSyntacticGlobalThis , non_syntactic_global_this, __null, 1, 0, 1, JOF_BYTE) OPNAME (NewTarget, new_target, __null, 1, 0, 1, JOF_BYTE) OPNAME(DynamicImport , dynamic_import, __null, 1, 2, 1, JOF_BYTE) OPNAME(ImportMeta , import_meta, __null, 1, 0, 1, JOF_BYTE\|JOF_IC) OPNAME(NewInit , new_init, __null, 1, 0, 1, JOF_BYTE\|JOF_IC) OPNAME(NewObject , new_object, __null, 5, 0, 1, JOF_SHAPE\|JOF_IC) OPNAME(Object , object, __null, 5, 0, 1, JOF_OBJECT) OPNAME(ObjWithProto, obj_with_proto , __null, 1, 1, 1, JOF_BYTE) OPNAME(InitProp, init_prop, __null , 5, 2, 1, JOF_ATOM\|JOF_PROPINIT\|JOF_IC) OPNAME(InitHiddenProp , init_hidden_prop, __null, 5, 2, 1, JOF_ATOM\|JOF_PROPINIT\|JOF_IC ) OPNAME(InitLockedProp, init_locked_prop, __null, 5, 2, 1, JOF_ATOM \|JOF_PROPINIT\|JOF_IC) OPNAME(InitElem, init_elem, __null, 1, 3 , 1, JOF_BYTE\|JOF_PROPINIT\|JOF_IC) OPNAME(InitHiddenElem, init_hidden_elem , __null, 1, 3, 1, JOF_BYTE\|JOF_PROPINIT\|JOF_IC) OPNAME(InitLockedElem , init_locked_elem, __null, 1, 3, 1, JOF_BYTE\|JOF_PROPINIT\|JOF_IC ) OPNAME(InitPropGetter, init_prop_getter, __null, 5, 2, 1, JOF_ATOM \|JOF_PROPINIT) OPNAME(InitHiddenPropGetter, init_hidden_prop_getter , __null, 5, 2, 1, JOF_ATOM\|JOF_PROPINIT) OPNAME(InitElemGetter , init_elem_getter, __null, 1, 3, 1, JOF_BYTE\|JOF_PROPINIT) OPNAME (InitHiddenElemGetter, init_hidden_elem_getter, __null, 1, 3, 1, JOF_BYTE\|JOF_PROPINIT) OPNAME(InitPropSetter, init_prop_setter , __null, 5, 2, 1, JOF_ATOM\|JOF_PROPINIT) OPNAME(InitHiddenPropSetter , init_hidden_prop_setter, __null, 5, 2, 1, JOF_ATOM\|JOF_PROPINIT ) OPNAME(InitElemSetter, init_elem_setter, __null, 1, 3, 1, JOF_BYTE \|JOF_PROPINIT) OPNAME(InitHiddenElemSetter, init_hidden_elem_setter , __null, 1, 3, 1, JOF_BYTE\|JOF_PROPINIT) OPNAME(GetProp, get_prop , __null, 5, 1, 1, JOF_ATOM\|JOF_IC) OPNAME(GetElem, get_elem, __null, 1, 2, 1, JOF_BYTE\|JOF_IC) OPNAME(SetProp, set_prop, __null , 5, 2, 1, JOF_ATOM\|JOF_PROPSET\|JOF_CHECKSLOPPY\|JOF_IC) OPNAME (StrictSetProp, strict_set_prop, __null, 5, 2, 1, JOF_ATOM\|JOF_PROPSET \|JOF_CHECKSTRICT\|JOF_IC) OPNAME(SetElem, set_elem, __null, 1, 3, 1, JOF_BYTE\|JOF_PROPSET\|JOF_CHECKSLOPPY\|JOF_IC) OPNAME(StrictSetElem , strict_set_elem, __null, 1, 3, 1, JOF_BYTE\|JOF_PROPSET\|JOF_CHECKSTRICT \|JOF_IC) OPNAME(DelProp, del_prop, __null, 5, 1, 1, JOF_ATOM\| JOF_CHECKSLOPPY) OPNAME(StrictDelProp, strict_del_prop, __null , 5, 1, 1, JOF_ATOM\|JOF_CHECKSTRICT) OPNAME(DelElem, del_elem , __null, 1, 2, 1, JOF_BYTE\|JOF_CHECKSLOPPY) OPNAME(StrictDelElem , strict_del_elem, __null, 1, 2, 1, JOF_BYTE\|JOF_CHECKSTRICT) OPNAME(HasOwn, has_own, __null, 1, 2, 1, JOF_BYTE\|JOF_IC) OPNAME (CheckPrivateField, check_private_field, __null, 3, 2, 3, JOF_TWO_UINT8 \|JOF_CHECKSTRICT\|JOF_IC) OPNAME(NewPrivateName, new_private_name , __null, 5, 0, 1, JOF_ATOM) OPNAME(SuperBase, super_base, __null , 1, 1, 1, JOF_BYTE) OPNAME(GetPropSuper, get_prop_super, __null , 5, 2, 1, JOF_ATOM\|JOF_IC) OPNAME(GetElemSuper, get_elem_super , __null, 1, 3, 1, JOF_BYTE\|JOF_IC) OPNAME(SetPropSuper, set_prop_super , __null, 5, 3, 1, JOF_ATOM\|JOF_PROPSET\|JOF_CHECKSLOPPY) OPNAME (StrictSetPropSuper, strict_set_prop_super, __null, 5, 3, 1, JOF_ATOM \|JOF_PROPSET\|JOF_CHECKSTRICT) OPNAME(SetElemSuper, set_elem_super , __null, 1, 4, 1, JOF_BYTE\|JOF_PROPSET\|JOF_CHECKSLOPPY) OPNAME (StrictSetElemSuper, strict_set_elem_super, __null, 1, 4, 1, JOF_BYTE \|JOF_PROPSET\|JOF_CHECKSTRICT) OPNAME(Iter, iter, __null, 1, 1 , 1, JOF_BYTE\|JOF_IC) OPNAME(MoreIter, more_iter, __null, 1, 1 , 2, JOF_BYTE) OPNAME(IsNoIter, is_no_iter, __null, 1, 1, 2, JOF_BYTE ) OPNAME(EndIter, end_iter, __null, 1, 2, 0, JOF_BYTE) OPNAME (CloseIter, close_iter, __null, 2, 1, 0, JOF_UINT8\|JOF_IC) OPNAME (OptimizeGetIterator, optimize_get_iterator, __null, 1, 1, 1, JOF_BYTE\|JOF_IC) OPNAME(CheckIsObj, check_is_obj, __null, 2, 1, 1, JOF_UINT8) OPNAME(CheckObjCoercible, check_obj_coercible , __null, 1, 1, 1, JOF_BYTE) OPNAME(ToAsyncIter, to_async_iter , __null, 1, 2, 1, JOF_BYTE) OPNAME(MutateProto, mutate_proto , __null, 1, 2, 1, JOF_BYTE) OPNAME(NewArray, new_array, __null , 5, 0, 1, JOF_UINT32\|JOF_IC) OPNAME(InitElemArray, init_elem_array , __null, 5, 2, 1, JOF_UINT32\|JOF_PROPINIT) OPNAME(InitElemInc , init_elem_inc, __null, 1, 3, 2, JOF_BYTE\|JOF_PROPINIT\|JOF_IC ) OPNAME(Hole, hole, __null, 1, 0, 1, JOF_BYTE) OPNAME(RegExp , reg_exp, __null, 5, 0, 1, JOF_REGEXP) OPNAME(Lambda, lambda , __null, 5, 0, 1, JOF_OBJECT\|JOF_USES_ENV\|JOF_IC) OPNAME(SetFunName , set_fun_name, __null, 2, 2, 1, JOF_UINT8) OPNAME(InitHomeObject , init_home_object, __null, 1, 2, 1, JOF_BYTE) OPNAME(CheckClassHeritage , check_class_heritage, __null, 1, 1, 1, JOF_BYTE) OPNAME(FunWithProto , fun_with_proto, __null, 5, 1, 1, JOF_OBJECT\|JOF_USES_ENV) OPNAME (BuiltinObject, builtin_object, __null, 2, 0, 1, JOF_UINT8\|JOF_IC ) OPNAME(Call, call, __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_IC ) OPNAME(CallContent, call_content, __null, 3, -1, 1, JOF_ARGC \|JOF_INVOKE\|JOF_IC) OPNAME(CallIter, call_iter, __null, 3, -1 , 1, JOF_ARGC\|JOF_INVOKE\|JOF_IC) OPNAME(CallContentIter, call_content_iter , __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_IC) OPNAME(CallIgnoresRv , call_ignores_rv, __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_IC ) OPNAME(SpreadCall, spread_call, __null, 1, 3, 1, JOF_BYTE\|JOF_INVOKE \|JOF_SPREAD\|JOF_IC) OPNAME(OptimizeSpreadCall, optimize_spread_call , __null, 1, 1, 1, JOF_BYTE\|JOF_IC) OPNAME(Eval, eval, __null , 3, -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_CHECKSLOPPY\|JOF_IC) OPNAME (SpreadEval, spread_eval, __null, 1, 3, 1, JOF_BYTE\|JOF_INVOKE \|JOF_SPREAD\|JOF_CHECKSLOPPY\|JOF_IC) OPNAME(StrictEval, strict_eval , __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_CHECKSTRICT\|JOF_IC ) OPNAME(StrictSpreadEval, strict_spread_eval, __null, 1, 3, 1 , JOF_BYTE\|JOF_INVOKE\|JOF_SPREAD\|JOF_CHECKSTRICT\|JOF_IC) OPNAME (ImplicitThis, implicit_this, "", 1, 1, 1, JOF_BYTE) OPNAME(CallSiteObj , call_site_obj, __null, 5, 0, 1, JOF_OBJECT) OPNAME(IsConstructing , is_constructing, __null, 1, 0, 1, JOF_BYTE) OPNAME(New, new_ , __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_CONSTRUCT\|JOF_IC) OPNAME(NewContent, new_content, __null, 3, -1, 1, JOF_ARGC\|JOF_INVOKE \|JOF_CONSTRUCT\|JOF_IC) OPNAME(SuperCall, super_call, __null, 3 , -1, 1, JOF_ARGC\|JOF_INVOKE\|JOF_CONSTRUCT\|JOF_IC) OPNAME(SpreadNew , spread_new, __null, 1, 4, 1, JOF_BYTE\|JOF_INVOKE\|JOF_CONSTRUCT \|JOF_SPREAD\|JOF_IC) OPNAME(SpreadSuperCall, spread_super_call , __null, 1, 4, 1, JOF_BYTE\|JOF_INVOKE\|JOF_CONSTRUCT\|JOF_SPREAD \|JOF_IC) OPNAME(SuperFun, super_fun, __null, 1, 1, 1, JOF_BYTE ) OPNAME(CheckThisReinit, check_this_reinit, __null, 1, 1, 1, JOF_BYTE) OPNAME(Generator, generator, __null, 1, 0, 1, JOF_BYTE \|JOF_USES_ENV) OPNAME(InitialYield, initial_yield, __null, 4, 1, 3, JOF_RESUMEINDEX) OPNAME(AfterYield, after_yield, __null , 5, 0, 0, JOF_ICINDEX) OPNAME(FinalYieldRval, final_yield_rval , __null, 1, 1, 0, JOF_BYTE) OPNAME(Yield, yield, __null, 4, 2 , 3, JOF_RESUMEINDEX) OPNAME(IsGenClosing, is_gen_closing, __null , 1, 1, 2, JOF_BYTE) OPNAME(AsyncAwait, async_await, __null, 1 , 2, 1, JOF_BYTE) OPNAME(AsyncResolve, async_resolve, __null, 1, 2, 1, JOF_BYTE) OPNAME(AsyncReject, async_reject, __null, 1, 3, 1, JOF_BYTE) OPNAME(Await, await, __null, 4, 2, 3, JOF_RESUMEINDEX ) OPNAME(CanSkipAwait, can_skip_await, __null, 1, 1, 2, JOF_BYTE ) OPNAME(MaybeExtractAwaitValue, maybe_extract_await_value, __null , 1, 2, 2, JOF_BYTE) OPNAME(ResumeKind, resume_kind, __null, 2 , 0, 1, JOF_UINT8) OPNAME(CheckResumeKind, check_resume_kind, __null, 1, 3, 1, JOF_BYTE) OPNAME(Resume, resume, __null, 1, 3, 1, JOF_BYTE\|JOF_INVOKE) OPNAME(JumpTarget, jump_target, __null , 5, 0, 0, JOF_ICINDEX) OPNAME(LoopHead, loop_head, __null, 6 , 0, 0, JOF_LOOPHEAD) OPNAME(Goto, goto_, __null, 5, 0, 0, JOF_JUMP ) OPNAME(JumpIfFalse, jump_if_false, __null, 5, 1, 0, JOF_JUMP \|JOF_IC) OPNAME(JumpIfTrue, jump_if_true, __null, 5, 1, 0, JOF_JUMP \|JOF_IC) OPNAME(And, and_, __null, 5, 1, 1, JOF_JUMP\|JOF_IC) OPNAME (Or, or_, __null, 5, 1, 1, JOF_JUMP\|JOF_IC) OPNAME(Coalesce, coalesce , __null, 5, 1, 1, JOF_JUMP) OPNAME(Case, case_, __null, 5, 2 , 1, JOF_JUMP) OPNAME(Default, default_, __null, 5, 1, 0, JOF_JUMP ) OPNAME(TableSwitch, table_switch, __null, 16, 1, 0, JOF_TABLESWITCH ) OPNAME(Return, return_, __null, 1, 1, 0, JOF_BYTE) OPNAME(GetRval , get_rval, __null, 1, 0, 1, JOF_BYTE) OPNAME(SetRval, set_rval , __null, 1, 1, 0, JOF_BYTE) OPNAME(RetRval, ret_rval, __null , 1, 0, 0, JOF_BYTE) OPNAME(CheckReturn, check_return, __null , 1, 1, 1, JOF_BYTE) OPNAME(Throw, throw_, __null, 1, 1, 0, JOF_BYTE ) OPNAME(ThrowWithStack, throw_with_stack, __null, 1, 2, 0, JOF_BYTE ) OPNAME(CreateSuppressedError, create_suppressed_error, __null , 1, 2, 1, JOF_BYTE) OPNAME(ThrowMsg, throw_msg, __null, 2, 0 , 0, JOF_UINT8) OPNAME(ThrowSetConst, throw_set_const, __null , 5, 0, 0, JOF_ATOM) OPNAME(Try, try_, __null, 1, 0, 0, JOF_BYTE ) OPNAME(TryDestructuring, try_destructuring, __null, 1, 0, 0 , JOF_BYTE) OPNAME(Exception, exception, __null, 1, 0, 1, JOF_BYTE ) OPNAME(ExceptionAndStack, exception_and_stack, __null, 1, 0 , 2, JOF_BYTE) OPNAME(Finally, finally, __null, 1, 0, 0, JOF_BYTE ) OPNAME(Uninitialized, uninitialized, __null, 1, 0, 1, JOF_BYTE ) OPNAME(InitLexical, init_lexical, __null, 4, 1, 1, JOF_LOCAL ) OPNAME(InitGLexical, init_g_lexical, __null, 5, 1, 1, JOF_ATOM \|JOF_PROPINIT\|JOF_GNAME\|JOF_IC) OPNAME(InitAliasedLexical, init_aliased_lexical , __null, 5, 1, 1, JOF_ENVCOORD\|JOF_PROPINIT) OPNAME(CheckLexical , check_lexical, __null, 4, 1, 1, JOF_LOCAL) OPNAME(CheckAliasedLexical , check_aliased_lexical, __null, 5, 1, 1, JOF_ENVCOORD) OPNAME (CheckThis, check_this, __null, 1, 1, 1, JOF_BYTE) OPNAME(BindUnqualifiedGName , bind_unqualified_g_name, __null, 5, 0, 1, JOF_ATOM\|JOF_GNAME \|JOF_IC) OPNAME(BindUnqualifiedName, bind_unqualified_name, __null , 5, 0, 1, JOF_ATOM\|JOF_IC\|JOF_USES_ENV) OPNAME(BindName, bind_name , __null, 5, 0, 1, JOF_ATOM\|JOF_IC\|JOF_USES_ENV) OPNAME(GetName , get_name, __null, 5, 0, 1, JOF_ATOM\|JOF_IC\|JOF_USES_ENV) OPNAME (GetGName, get_g_name, __null, 5, 0, 1, JOF_ATOM\|JOF_GNAME\|JOF_IC ) OPNAME(GetArg, get_arg, __null, 3, 0, 1, JOF_QARG) OPNAME(GetFrameArg , get_frame_arg, __null, 3, 0, 1, JOF_QARG) OPNAME(GetLocal, get_local , __null, 4, 0, 1, JOF_LOCAL) OPNAME(ArgumentsLength, arguments_length , __null, 1, 0, 1, JOF_BYTE) OPNAME(GetActualArg, get_actual_arg , __null, 1, 1, 1, JOF_BYTE) OPNAME(GetAliasedVar, get_aliased_var , __null, 5, 0, 1, JOF_ENVCOORD\|JOF_USES_ENV) OPNAME(GetAliasedDebugVar , get_aliased_debug_var, __null, 5, 0, 1, JOF_DEBUGCOORD) OPNAME (GetImport, get_import, __null, 5, 0, 1, JOF_ATOM\|JOF_IC) OPNAME (GetBoundName, get_bound_name, __null, 5, 1, 1, JOF_ATOM\|JOF_IC ) OPNAME(GetIntrinsic, get_intrinsic, __null, 5, 0, 1, JOF_ATOM \|JOF_IC) OPNAME(Callee, callee, __null, 1, 0, 1, JOF_BYTE) OPNAME (EnvCallee, env_callee, __null, 2, 0, 1, JOF_UINT8) OPNAME(SetName , set_name, __null, 5, 2, 1, JOF_ATOM\|JOF_PROPSET\|JOF_CHECKSLOPPY \|JOF_IC\|JOF_USES_ENV) OPNAME(StrictSetName, strict_set_name, __null , 5, 2, 1, JOF_ATOM\|JOF_PROPSET\|JOF_CHECKSTRICT\|JOF_IC\|JOF_USES_ENV ) OPNAME(SetGName, set_g_name, __null, 5, 2, 1, JOF_ATOM\|JOF_PROPSET \|JOF_GNAME\|JOF_CHECKSLOPPY\|JOF_IC) OPNAME(StrictSetGName, strict_set_g_name , __null, 5, 2, 1, JOF_ATOM\|JOF_PROPSET\|JOF_GNAME\|JOF_CHECKSTRICT \|JOF_IC) OPNAME(SetArg, set_arg, __null, 3, 1, 1, JOF_QARG) OPNAME (SetLocal, set_local, __null, 4, 1, 1, JOF_LOCAL) OPNAME(SetAliasedVar , set_aliased_var, __null, 5, 1, 1, JOF_ENVCOORD\|JOF_PROPSET\| JOF_USES_ENV) OPNAME(SetIntrinsic, set_intrinsic, __null, 5, 1 , 1, JOF_ATOM) OPNAME(PushLexicalEnv, push_lexical_env, __null , 5, 0, 0, JOF_SCOPE\|JOF_USES_ENV) OPNAME(PopLexicalEnv, pop_lexical_env , __null, 1, 0, 0, JOF_BYTE\|JOF_USES_ENV) OPNAME(DebugLeaveLexicalEnv , debug_leave_lexical_env, __null, 1, 0, 0, JOF_BYTE) OPNAME( RecreateLexicalEnv, recreate_lexical_env, __null, 5, 0, 0, JOF_SCOPE ) OPNAME(FreshenLexicalEnv, freshen_lexical_env, __null, 5, 0 , 0, JOF_SCOPE) OPNAME(PushClassBodyEnv, push_class_body_env, __null, 5, 0, 0, JOF_SCOPE) OPNAME(PushVarEnv, push_var_env, __null, 5, 0, 0, JOF_SCOPE\|JOF_USES_ENV) OPNAME(EnterWith, enter_with , __null, 5, 1, 0, JOF_SCOPE) OPNAME(LeaveWith, leave_with, __null , 1, 0, 0, JOF_BYTE) OPNAME(AddDisposable, add_disposable, __null , 2, 3, 0, JOF_UINT8\|JOF_USES_ENV) OPNAME(TakeDisposeCapability , take_dispose_capability, __null, 1, 0, 1, JOF_BYTE\|JOF_USES_ENV ) OPNAME(BindVar, bind_var, __null, 1, 0, 1, JOF_BYTE\|JOF_USES_ENV ) OPNAME(GlobalOrEvalDeclInstantiation, global_or_eval_decl_instantiation , __null, 5, 0, 0, JOF_GCTHING\|JOF_USES_ENV) OPNAME(DelName, del_name , __null, 5, 0, 1, JOF_ATOM\|JOF_CHECKSLOPPY\|JOF_USES_ENV) OPNAME (Arguments, arguments, __null, 1, 0, 1, JOF_BYTE\|JOF_USES_ENV ) OPNAME(Rest, rest, __null, 1, 0, 1, JOF_BYTE\|JOF_IC) OPNAME (FunctionThis, function_this, __null, 1, 0, 1, JOF_BYTE) OPNAME (Pop, pop, __null, 1, 1, 0, JOF_BYTE) OPNAME(PopN, pop_n, __null , 3, -1, 0, JOF_UINT16) OPNAME(Dup, dup, __null, 1, 1, 2, JOF_BYTE ) OPNAME(Dup2, dup2, __null, 1, 2, 4, JOF_BYTE) OPNAME(DupAt, dup_at, __null, 4, 0, 1, JOF_UINT24) OPNAME(Swap, swap, __null , 1, 2, 2, JOF_BYTE) OPNAME(Pick, pick, __null, 2, 0, 0, JOF_UINT8 ) OPNAME(Unpick, unpick, __null, 2, 0, 0, JOF_UINT8) OPNAME(Nop , nop, __null, 1, 0, 0, JOF_BYTE) OPNAME(Lineno, lineno, __null , 5, 0, 0, JOF_UINT32) OPNAME(NopDestructuring, nop_destructuring , __null, 1, 0, 0, JOF_BYTE) OPNAME(ForceInterpreter, force_interpreter , __null, 1, 0, 0, JOF_BYTE) OPNAME(DebugCheckSelfHosted, debug_check_self_hosted , __null, 1, 1, 1, JOF_BYTE) OPNAME(Debugger, debugger, __null , 1, 0, 0, JOF_BYTE)
96	#undef OPNAME
97	};
98
99	/************************************************************************/
100
101	static bool DecompileArgumentFromStack(JSContext* cx, int formalIndex,
102	UniqueChars* res);
103
104	/* static */ const char PCCounts::numExecName[] = "interp";
105
106	[[nodiscard]] static bool DumpIonScriptCounts(StringPrinter* sp,
107	HandleScript script,
108	jit::IonScriptCounts* ionCounts) {
109	sp->printf("IonScript [%zu blocks]:\n", ionCounts->numBlocks());
110
111	for (size_t i = 0; i < ionCounts->numBlocks(); i++) {
112	const jit::IonBlockCounts& block = ionCounts->block(i);
113	unsigned lineNumber = 0;
114	JS::LimitedColumnNumberOneOrigin columnNumber;
115	lineNumber = PCToLineNumber(script, script->offsetToPC(block.offset()),
116	&columnNumber);
117	sp->printf("BB #%" PRIu32"u" " [%05u,%u,%u]", block.id(), block.offset(),
118	lineNumber, columnNumber.oneOriginValue());
119	if (block.description()) {
120	sp->printf(" [inlined %s]", block.description());
121	}
122	for (size_t j = 0; j < block.numSuccessors(); j++) {
123	sp->printf(" -> #%" PRIu32"u", block.successor(j));
124	}
125	sp->printf(" :: %" PRIu64"l" "u" " hits\n", block.hitCount());
126	sp->printf("%s\n", block.code());
127	}
128
129	return true;
130	}
131
132	[[nodiscard]] static bool DumpPCCounts(JSContext* cx, HandleScript script,
133	StringPrinter* sp) {
134	// In some edge cases Disassemble1 can end up invoking JS code, so ensure
135	// script counts haven't been discarded.
136	if (!script->hasScriptCounts()) {
137	return true;
138	}
139
140	#ifdef DEBUG1
141	jsbytecode* pc = script->code();
142	while (pc < script->codeEnd()) {
143	jsbytecode* next = GetNextPc(pc);
144
145	if (!Disassemble1(cx, script, pc, script->pcToOffset(pc), true, sp)) {
146	return false;
147	}
148
149	sp->put(" {");
150	if (script->hasScriptCounts()) {
151	PCCounts* counts = script->maybeGetPCCounts(pc);
152	if (double val = counts ? counts->numExec() : 0.0) {
153	sp->printf("\"%s\": %.0f", PCCounts::numExecName, val);
154	}
155	}
156	sp->put("}\n");
157
158	pc = next;
159	}
160	#endif
161
162	if (!script->hasScriptCounts()) {
163	return true;
164	}
165
166	jit::IonScriptCounts* ionCounts = script->getIonCounts();
167	while (ionCounts) {
168	if (!DumpIonScriptCounts(sp, script, ionCounts)) {
169	return false;
170	}
171
172	ionCounts = ionCounts->previous();
173	}
174
175	return true;
176	}
177
178	bool js::DumpRealmPCCounts(JSContext* cx) {
179	Rooted<GCVector<JSScript>> scripts(cx, GCVector<JSScript>(cx));
180	for (auto base = cx->zone()->cellIter<BaseScript>(); !base.done();
181	base.next()) {
182	if (base->realm() != cx->realm()) {
183	continue;
184	}
185	MOZ_ASSERT_IF(base->hasScriptCounts(), base->hasBytecode())do { if (base->hasScriptCounts()) { do { static_assert( mozilla ::detail::AssertionConditionType<decltype(base->hasBytecode ())>::isValid, "invalid assertion condition"); if ((__builtin_expect (!!(!(!!(base->hasBytecode()))), 0))) { do { } while (false ); MOZ_ReportAssertionFailure("base->hasBytecode()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 185); AnnotateMozCrashReason("MOZ_ASSERT" "(" "base->hasBytecode()" ")"); do { ((volatile int)__null) = 185; __attribute__((nomerge )) ::abort(); } while (false); } } while (false); } } while ( false);
186	if (base->hasScriptCounts()) {
187	if (!scripts.append(base->asJSScript())) {
188	return false;
189	}
190	}
191	}
192
193	for (uint32_t i = 0; i < scripts.length(); i++) {
194	HandleScript script = scripts[i];
195	Sprinter sprinter(cx);
196	if (!sprinter.init()) {
197	return false;
198	}
199
200	const char* filename = script->filename();
201	if (!filename) {
202	filename = "(unknown)";
203	}
204	fprintf(stdoutstdout, "--- SCRIPT %s:%u ---\n", filename, script->lineno());
205	if (!DumpPCCounts(cx, script, &sprinter)) {
206	return false;
207	}
208	JS::UniqueChars out = sprinter.release();
209	if (!out) {
210	return false;
211	}
212	fputs(out.get(), stdoutstdout);
213	fprintf(stdoutstdout, "--- END SCRIPT %s:%u ---\n", filename, script->lineno());
214	}
215
216	return true;
217	}
218
219	/////////////////////////////////////////////////////////////////////
220	// Bytecode Parser
221	/////////////////////////////////////////////////////////////////////
222
223	// Stores the information about the stack slot, where the value comes from.
224	// Elements of BytecodeParser::Bytecode.{offsetStack,offsetStackAfter} arrays.
225	class OffsetAndDefIndex {
226	// The offset of the PC that pushed the value for this slot.
227	uint32_t offset_;
228
229	// The index in `ndefs` for the PC (0-origin)
230	uint8_t defIndex_;
231
232	enum : uint8_t {
233	Normal = 0,
234
235	// Ignored this value in the expression decompilation.
236	// Used by JSOp::NopDestructuring. See BytecodeParser::simulateOp.
237	Ignored,
238
239	// The value in this slot comes from 2 or more paths.
240	// offset_ and defIndex_ holds the information for the path that
241	// reaches here first.
242	Merged,
243	} type_;
244
245	public:
246	uint32_t offset() const {
247	MOZ_ASSERT(!isSpecial())do { static_assert( mozilla::detail::AssertionConditionType< decltype(!isSpecial())>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(!isSpecial()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("!isSpecial()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 247); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!isSpecial()" ")"); do { ((volatile int)__null) = 247; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
248	return offset_;
249	};
250	uint32_t specialOffset() const {
251	MOZ_ASSERT(isSpecial())do { static_assert( mozilla::detail::AssertionConditionType< decltype(isSpecial())>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(isSpecial()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("isSpecial()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 251); AnnotateMozCrashReason("MOZ_ASSERT" "(" "isSpecial()" ")"); do { ((volatile int)__null) = 251; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
252	return offset_;
253	};
254
255	uint8_t defIndex() const {
256	MOZ_ASSERT(!isSpecial())do { static_assert( mozilla::detail::AssertionConditionType< decltype(!isSpecial())>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(!isSpecial()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("!isSpecial()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 256); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!isSpecial()" ")"); do { ((volatile int)__null) = 256; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
257	return defIndex_;
258	}
259	uint8_t specialDefIndex() const {
260	MOZ_ASSERT(isSpecial())do { static_assert( mozilla::detail::AssertionConditionType< decltype(isSpecial())>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(isSpecial()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("isSpecial()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 260); AnnotateMozCrashReason("MOZ_ASSERT" "(" "isSpecial()" ")"); do { ((volatile int)__null) = 260; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
261	return defIndex_;
262	}
263
264	bool isSpecial() const { return type_ != Normal; }
265	bool isMerged() const { return type_ == Merged; }
266	bool isIgnored() const { return type_ == Ignored; }
267
268	void set(uint32_t aOffset, uint8_t aDefIndex) {
269	offset_ = aOffset;
270	defIndex_ = aDefIndex;
271	type_ = Normal;
272	}
273
274	// Keep offset_ and defIndex_ values for stack dump.
275	void setMerged() { type_ = Merged; }
276	void setIgnored() { type_ = Ignored; }
277
278	bool operator==(const OffsetAndDefIndex& rhs) const {
279	return offset_ == rhs.offset_ && defIndex_ == rhs.defIndex_;
280	}
281
282	bool operator!=(const OffsetAndDefIndex& rhs) const {
283	return !(*this == rhs);
284	}
285	};
286
287	namespace {
288
289	class BytecodeParser {
290	public:
291	enum class JumpKind {
292	Simple,
293	SwitchCase,
294	SwitchDefault,
295	TryCatch,
296	TryFinally
297	};
298
299	private:
300	class Bytecode {
301	public:
302	explicit Bytecode(const LifoAllocPolicy<Fallible>& alloc)
303	: parsed(false),
304	stackDepth(0),
305	offsetStack(nullptr)
306	#if defined(DEBUG1) \|\| defined(JS_JITSPEW1)
307	,
308	stackDepthAfter(0),
309	offsetStackAfter(nullptr),
310	jumpOrigins(alloc)
311	#endif /* defined(DEBUG) \|\| defined(JS_JITSPEW) */
312	{
313	}
314
315	// Whether this instruction has been analyzed to get its output defines
316	// and stack.
317	bool parsed;
318
319	// Stack depth before this opcode.
320	uint32_t stackDepth;
321
322	// Pointer to array of \|stackDepth\| offsets. An element at position N
323	// in the array is the offset of the opcode that defined the
324	// corresponding stack slot. The top of the stack is at position
325	// \|stackDepth - 1\|.
326	OffsetAndDefIndex* offsetStack;
327
328	#if defined(DEBUG1) \|\| defined(JS_JITSPEW1)
329	// stack depth after this opcode.
330	uint32_t stackDepthAfter;
331
332	// Pointer to array of \|stackDepthAfter\| offsets.
333	OffsetAndDefIndex* offsetStackAfter;
334
335	struct JumpInfo {
336	uint32_t from;
337	JumpKind kind;
338
339	JumpInfo(uint32_t from_, JumpKind kind_) : from(from_), kind(kind_) {}
340	};
341
342	// A list of offsets of the bytecode that jumps to this bytecode,
343	// exclusing previous bytecode.
344	Vector<JumpInfo, 0, LifoAllocPolicy<Fallible>> jumpOrigins;
345	#endif /* defined(DEBUG) \|\| defined(JS_JITSPEW) */
346
347	bool captureOffsetStack(LifoAlloc& alloc, const OffsetAndDefIndex* stack,
348	uint32_t depth) {
349	stackDepth = depth;
350	if (stackDepth) {
351	offsetStack = alloc.newArray<OffsetAndDefIndex>(stackDepth);
352	if (!offsetStack) {
353	return false;
354	}
355	for (uint32_t n = 0; n < stackDepth; n++) {
356	offsetStack[n] = stack[n];
357	}
358	}
359	return true;
360	}
361
362	#if defined(DEBUG1) \|\| defined(JS_JITSPEW1)
363	bool captureOffsetStackAfter(LifoAlloc& alloc,
364	const OffsetAndDefIndex* stack,
365	uint32_t depth) {
366	stackDepthAfter = depth;
367	if (stackDepthAfter) {
368	offsetStackAfter = alloc.newArray<OffsetAndDefIndex>(stackDepthAfter);
369	if (!offsetStackAfter) {
370	return false;
371	}
372	for (uint32_t n = 0; n < stackDepthAfter; n++) {
373	offsetStackAfter[n] = stack[n];
374	}
375	}
376	return true;
377	}
378
379	bool addJump(uint32_t from, JumpKind kind) {
380	return jumpOrigins.append(JumpInfo(from, kind));
381	}
382	#endif /* defined(DEBUG) \|\| defined(JS_JITSPEW) */
383
384	// When control-flow merges, intersect the stacks, marking slots that
385	// are defined by different offsets and/or defIndices merged.
386	// This is sufficient for forward control-flow. It doesn't grok loops
387	// -- for that you would have to iterate to a fixed point -- but there
388	// shouldn't be operands on the stack at a loop back-edge anyway.
389	void mergeOffsetStack(const OffsetAndDefIndex* stack, uint32_t depth) {
390	MOZ_ASSERT(depth == stackDepth)do { static_assert( mozilla::detail::AssertionConditionType< decltype(depth == stackDepth)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(depth == stackDepth))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("depth == stackDepth" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 390); AnnotateMozCrashReason("MOZ_ASSERT" "(" "depth == stackDepth" ")"); do { ((volatile int)__null) = 390; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
391	for (uint32_t n = 0; n < stackDepth; n++) {
392	if (stack[n].isIgnored()) {
393	continue;
394	}
395	if (offsetStack[n].isIgnored()) {
396	offsetStack[n] = stack[n];
397	}
398	if (offsetStack[n] != stack[n]) {
399	offsetStack[n].setMerged();
400	}
401	}
402	}
403	};
404
405	JSContext* cx_;
406	LifoAlloc& alloc_;
407	RootedScript script_;
408
409	Bytecode** codeArray_;
410
411	#if defined(DEBUG1) \|\| defined(JS_JITSPEW1)
412	// Dedicated mode for stack dump.
413	// Capture stack after each opcode, and also enable special handling for
414	// some opcodes to make stack transition clearer.
415	bool isStackDump = false;
416	#endif
417
418	public:
419	BytecodeParser(JSContext* cx, LifoAlloc& alloc, JSScript* script)
420	: cx_(cx), alloc_(alloc), script_(cx, script), codeArray_(nullptr) {}
421
422	bool parse();
423
424	#if defined(DEBUG1) \|\| defined(JS_JITSPEW1)
425	bool isReachable(const jsbytecode* pc) const { return maybeCode(pc); }
426	#endif
427
428	uint32_t stackDepthAtPC(uint32_t offset) const {
429	// Sometimes the code generator in debug mode asks about the stack depth
430	// of unreachable code (bug 932180 comment 22). Assume that unreachable
431	// code has no operands on the stack.
432	return getCode(offset).stackDepth;
433	}
434	uint32_t stackDepthAtPC(const jsbytecode* pc) const {
435	return stackDepthAtPC(script_->pcToOffset(pc));
436	}
437
438	#if defined(DEBUG1) \|\| defined(JS_JITSPEW1)
439	uint32_t stackDepthAfterPC(uint32_t offset) const {
440	return getCode(offset).stackDepthAfter;
441	}
442	uint32_t stackDepthAfterPC(const jsbytecode* pc) const {
443	return stackDepthAfterPC(script_->pcToOffset(pc));
444	}
445	#endif
446
447	const OffsetAndDefIndex& offsetForStackOperand(uint32_t offset,
448	int operand) const {
449	Bytecode& code = getCode(offset);
450	if (operand < 0) {
451	operand += code.stackDepth;
452	MOZ_ASSERT(operand >= 0)do { static_assert( mozilla::detail::AssertionConditionType< decltype(operand >= 0)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(operand >= 0))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("operand >= 0" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 452); AnnotateMozCrashReason("MOZ_ASSERT" "(" "operand >= 0" ")"); do { ((volatile int)__null) = 452; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
453	}
454	MOZ_ASSERT(uint32_t(operand) < code.stackDepth)do { static_assert( mozilla::detail::AssertionConditionType< decltype(uint32_t(operand) < code.stackDepth)>::isValid , "invalid assertion condition"); if ((__builtin_expect(!!(!( !!(uint32_t(operand) < code.stackDepth))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("uint32_t(operand) < code.stackDepth" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 454); AnnotateMozCrashReason("MOZ_ASSERT" "(" "uint32_t(operand) < code.stackDepth" ")"); do { ((volatile int)__null) = 454; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
455	return code.offsetStack[operand];
456	}
457	jsbytecode* pcForStackOperand(jsbytecode* pc, int operand,
458	uint8_t* defIndex) const {
459	size_t offset = script_->pcToOffset(pc);
460	const OffsetAndDefIndex& offsetAndDefIndex =
461	offsetForStackOperand(offset, operand);
462	if (offsetAndDefIndex.isSpecial()) {
463	return nullptr;
464	}
465	*defIndex = offsetAndDefIndex.defIndex();
466	return script_->offsetToPC(offsetAndDefIndex.offset());
467	}
468
469	#if defined(DEBUG1) \|\| defined(JS_JITSPEW1)
470	const OffsetAndDefIndex& offsetForStackOperandAfterPC(uint32_t offset,
471	int operand) const {
472	Bytecode& code = getCode(offset);
473	if (operand < 0) {
474	operand += code.stackDepthAfter;
475	MOZ_ASSERT(operand >= 0)do { static_assert( mozilla::detail::AssertionConditionType< decltype(operand >= 0)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(operand >= 0))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("operand >= 0" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 475); AnnotateMozCrashReason("MOZ_ASSERT" "(" "operand >= 0" ")"); do { ((volatile int)__null) = 475; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
476	}
477	MOZ_ASSERT(uint32_t(operand) < code.stackDepthAfter)do { static_assert( mozilla::detail::AssertionConditionType< decltype(uint32_t(operand) < code.stackDepthAfter)>::isValid , "invalid assertion condition"); if ((__builtin_expect(!!(!( !!(uint32_t(operand) < code.stackDepthAfter))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("uint32_t(operand) < code.stackDepthAfter" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 477); AnnotateMozCrashReason("MOZ_ASSERT" "(" "uint32_t(operand) < code.stackDepthAfter" ")"); do { ((volatile int)__null) = 477; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
478	return code.offsetStackAfter[operand];
479	}
480
481	template <typename Callback>
482	bool forEachJumpOrigins(jsbytecode* pc, Callback callback) const {
483	Bytecode& code = getCode(script_->pcToOffset(pc));
484
485	for (Bytecode::JumpInfo& info : code.jumpOrigins) {
486	if (!callback(script_->offsetToPC(info.from), info.kind)) {
487	return false;
488	}
489	}
490
491	return true;
492	}
493
494	void setStackDump() { isStackDump = true; }
495	#endif /* defined(DEBUG) \|\| defined(JS_JITSPEW) */
496
497	private:
498	LifoAlloc& alloc() { return alloc_; }
499
500	void reportOOM() { ReportOutOfMemory(cx_); }
501
502	uint32_t maximumStackDepth() const {
503	return script_->nslots() - script_->nfixed();
504	}
505
506	Bytecode& getCode(uint32_t offset) const {
507	MOZ_ASSERT(offset < script_->length())do { static_assert( mozilla::detail::AssertionConditionType< decltype(offset < script_->length())>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(offset < script_->length ()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure ("offset < script_->length()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 507); AnnotateMozCrashReason("MOZ_ASSERT" "(" "offset < script_->length()" ")"); do { ((volatile int)__null) = 507; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
508	MOZ_ASSERT(codeArray_[offset])do { static_assert( mozilla::detail::AssertionConditionType< decltype(codeArray_[offset])>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(codeArray_[offset]))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("codeArray_[offset]" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 508); AnnotateMozCrashReason("MOZ_ASSERT" "(" "codeArray_[offset]" ")"); do { ((volatile int)__null) = 508; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
509	return *codeArray_[offset];
510	}
511
512	Bytecode* maybeCode(uint32_t offset) const {
513	MOZ_ASSERT(offset < script_->length())do { static_assert( mozilla::detail::AssertionConditionType< decltype(offset < script_->length())>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(offset < script_->length ()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure ("offset < script_->length()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 513); AnnotateMozCrashReason("MOZ_ASSERT" "(" "offset < script_->length()" ")"); do { ((volatile int)__null) = 513; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
514	return codeArray_[offset];
515	}
516
517	#if defined(DEBUG1) \|\| defined(JS_JITSPEW1)
518	Bytecode* maybeCode(const jsbytecode* pc) const {
519	return maybeCode(script_->pcToOffset(pc));
520	}
521	#endif
522
523	uint32_t simulateOp(JSOp op, uint32_t offset, OffsetAndDefIndex* offsetStack,
524	uint32_t stackDepth);
525
526	inline bool recordBytecode(uint32_t offset,
527	const OffsetAndDefIndex* offsetStack,
528	uint32_t stackDepth);
529
530	inline bool addJump(uint32_t offset, uint32_t stackDepth,
531	const OffsetAndDefIndex* offsetStack, jsbytecode* pc,
532	JumpKind kind);
533	};
534
535	} // anonymous namespace
536
537	uint32_t BytecodeParser::simulateOp(JSOp op, uint32_t offset,
538	OffsetAndDefIndex* offsetStack,
539	uint32_t stackDepth) {
540	jsbytecode* pc = script_->offsetToPC(offset);
541	uint32_t nuses = GetUseCount(pc);
542	uint32_t ndefs = GetDefCount(pc);
543
544	MOZ_RELEASE_ASSERT(stackDepth >= nuses)do { static_assert( mozilla::detail::AssertionConditionType< decltype(stackDepth >= nuses)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(stackDepth >= nuses))), 0 ))) { do { } while (false); MOZ_ReportAssertionFailure("stackDepth >= nuses" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 544); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "stackDepth >= nuses" ")"); do { ((volatile int)__null) = 544; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
545	stackDepth -= nuses;
546	MOZ_RELEASE_ASSERT(stackDepth + ndefs <= maximumStackDepth())do { static_assert( mozilla::detail::AssertionConditionType< decltype(stackDepth + ndefs <= maximumStackDepth())>::isValid , "invalid assertion condition"); if ((__builtin_expect(!!(!( !!(stackDepth + ndefs <= maximumStackDepth()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("stackDepth + ndefs <= maximumStackDepth()" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 546); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "stackDepth + ndefs <= maximumStackDepth()" ")"); do { ((volatile int)__null) = 546; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
547
548	#ifdef DEBUG1
549	if (isStackDump) {
550	// Opcodes that modifies the object but keeps it on the stack while
551	// initialization should be listed here instead of switch below.
552	// For error message, they shouldn't be shown as the original object
553	// after adding properties.
554	// For stack dump, keeping the input is better.
555	switch (op) {
556	case JSOp::InitHiddenProp:
557	case JSOp::InitHiddenPropGetter:
558	case JSOp::InitHiddenPropSetter:
559	case JSOp::InitLockedProp:
560	case JSOp::InitProp:
561	case JSOp::InitPropGetter:
562	case JSOp::InitPropSetter:
563	case JSOp::MutateProto:
564	case JSOp::SetFunName:
565	// Keep the second value.
566	MOZ_ASSERT(nuses == 2)do { static_assert( mozilla::detail::AssertionConditionType< decltype(nuses == 2)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(nuses == 2))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("nuses == 2", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 566); AnnotateMozCrashReason("MOZ_ASSERT" "(" "nuses == 2" ")" ); do { ((volatile int)__null) = 566; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
567	MOZ_ASSERT(ndefs == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(ndefs == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(ndefs == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("ndefs == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 567); AnnotateMozCrashReason("MOZ_ASSERT" "(" "ndefs == 1" ")" ); do { ((volatile int)__null) = 567; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
568	goto end;
569
570	case JSOp::InitElem:
571	case JSOp::InitElemGetter:
572	case JSOp::InitElemSetter:
573	case JSOp::InitHiddenElem:
574	case JSOp::InitHiddenElemGetter:
575	case JSOp::InitHiddenElemSetter:
576	case JSOp::InitLockedElem:
577	// Keep the third value.
578	MOZ_ASSERT(nuses == 3)do { static_assert( mozilla::detail::AssertionConditionType< decltype(nuses == 3)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(nuses == 3))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("nuses == 3", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 578); AnnotateMozCrashReason("MOZ_ASSERT" "(" "nuses == 3" ")" ); do { ((volatile int)__null) = 578; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
579	MOZ_ASSERT(ndefs == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(ndefs == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(ndefs == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("ndefs == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 579); AnnotateMozCrashReason("MOZ_ASSERT" "(" "ndefs == 1" ")" ); do { ((volatile int)__null) = 579; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
580	goto end;
581
582	default:
583	break;
584	}
585	}
586	#endif /* DEBUG */
587
588	// Mark the current offset as defining its values on the offset stack,
589	// unless it just reshuffles the stack. In that case we want to preserve
590	// the opcode that generated the original value.
591	switch (op) {
592	default:
593	for (uint32_t n = 0; n != ndefs; ++n) {
594	offsetStack[stackDepth + n].set(offset, n);
595	}
596	break;
597
598	case JSOp::NopDestructuring:
599	// Poison the last offset to not obfuscate the error message.
600	offsetStack[stackDepth - 1].setIgnored();
601	break;
602
603	case JSOp::Case:
604	// Keep the switch value.
605	MOZ_ASSERT(ndefs == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(ndefs == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(ndefs == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("ndefs == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 605); AnnotateMozCrashReason("MOZ_ASSERT" "(" "ndefs == 1" ")" ); do { ((volatile int)__null) = 605; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
606	break;
607
608	case JSOp::Dup:
609	MOZ_ASSERT(ndefs == 2)do { static_assert( mozilla::detail::AssertionConditionType< decltype(ndefs == 2)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(ndefs == 2))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("ndefs == 2", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 609); AnnotateMozCrashReason("MOZ_ASSERT" "(" "ndefs == 2" ")" ); do { ((volatile int)__null) = 609; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
610	offsetStack[stackDepth + 1] = offsetStack[stackDepth];
611	break;
612
613	case JSOp::Dup2:
614	MOZ_ASSERT(ndefs == 4)do { static_assert( mozilla::detail::AssertionConditionType< decltype(ndefs == 4)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(ndefs == 4))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("ndefs == 4", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 614); AnnotateMozCrashReason("MOZ_ASSERT" "(" "ndefs == 4" ")" ); do { ((volatile int)__null) = 614; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
615	offsetStack[stackDepth + 2] = offsetStack[stackDepth];
616	offsetStack[stackDepth + 3] = offsetStack[stackDepth + 1];
617	break;
618
619	case JSOp::DupAt: {
620	MOZ_ASSERT(ndefs == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(ndefs == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(ndefs == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("ndefs == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 620); AnnotateMozCrashReason("MOZ_ASSERT" "(" "ndefs == 1" ")" ); do { ((volatile int)__null) = 620; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
621	unsigned n = GET_UINT24(pc);
622	MOZ_ASSERT(n < stackDepth)do { static_assert( mozilla::detail::AssertionConditionType< decltype(n < stackDepth)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(n < stackDepth))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("n < stackDepth" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 622); AnnotateMozCrashReason("MOZ_ASSERT" "(" "n < stackDepth" ")"); do { ((volatile int)__null) = 622; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
623	offsetStack[stackDepth] = offsetStack[stackDepth - 1 - n];
624	break;
625	}
626
627	case JSOp::Swap: {
628	MOZ_ASSERT(ndefs == 2)do { static_assert( mozilla::detail::AssertionConditionType< decltype(ndefs == 2)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(ndefs == 2))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("ndefs == 2", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 628); AnnotateMozCrashReason("MOZ_ASSERT" "(" "ndefs == 2" ")" ); do { ((volatile int)__null) = 628; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
629	OffsetAndDefIndex tmp = offsetStack[stackDepth + 1];
630	offsetStack[stackDepth + 1] = offsetStack[stackDepth];
631	offsetStack[stackDepth] = tmp;
632	break;
633	}
634
635	case JSOp::Pick: {
636	unsigned n = GET_UINT8(pc);
637	MOZ_ASSERT(ndefs == n + 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(ndefs == n + 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(ndefs == n + 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("ndefs == n + 1" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 637); AnnotateMozCrashReason("MOZ_ASSERT" "(" "ndefs == n + 1" ")"); do { ((volatile int)__null) = 637; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
638	uint32_t top = stackDepth + n;
639	OffsetAndDefIndex tmp = offsetStack[stackDepth];
640	for (uint32_t i = stackDepth; i < top; i++) {
641	offsetStack[i] = offsetStack[i + 1];
642	}
643	offsetStack[top] = tmp;
644	break;
645	}
646
647	case JSOp::Unpick: {
648	unsigned n = GET_UINT8(pc);
649	MOZ_ASSERT(ndefs == n + 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(ndefs == n + 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(ndefs == n + 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("ndefs == n + 1" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 649); AnnotateMozCrashReason("MOZ_ASSERT" "(" "ndefs == n + 1" ")"); do { ((volatile int)__null) = 649; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
650	uint32_t top = stackDepth + n;
651	OffsetAndDefIndex tmp = offsetStack[top];
652	for (uint32_t i = top; i > stackDepth; i--) {
653	offsetStack[i] = offsetStack[i - 1];
654	}
655	offsetStack[stackDepth] = tmp;
656	break;
657	}
658
659	case JSOp::And:
660	case JSOp::CheckIsObj:
661	case JSOp::CheckObjCoercible:
662	case JSOp::CheckThis:
663	case JSOp::CheckThisReinit:
664	case JSOp::CheckClassHeritage:
665	case JSOp::DebugCheckSelfHosted:
666	case JSOp::InitGLexical:
667	case JSOp::InitLexical:
668	case JSOp::Or:
669	case JSOp::Coalesce:
670	case JSOp::SetAliasedVar:
671	case JSOp::SetArg:
672	case JSOp::SetIntrinsic:
673	case JSOp::SetLocal:
674	case JSOp::InitAliasedLexical:
675	case JSOp::CheckLexical:
676	case JSOp::CheckAliasedLexical:
677	// Keep the top value.
678	MOZ_ASSERT(nuses == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(nuses == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(nuses == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("nuses == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 678); AnnotateMozCrashReason("MOZ_ASSERT" "(" "nuses == 1" ")" ); do { ((volatile int)__null) = 678; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
679	MOZ_ASSERT(ndefs == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(ndefs == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(ndefs == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("ndefs == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 679); AnnotateMozCrashReason("MOZ_ASSERT" "(" "ndefs == 1" ")" ); do { ((volatile int)__null) = 679; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
680	break;
681
682	case JSOp::InitHomeObject:
683	// Pop the top value, keep the other value.
684	MOZ_ASSERT(nuses == 2)do { static_assert( mozilla::detail::AssertionConditionType< decltype(nuses == 2)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(nuses == 2))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("nuses == 2", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 684); AnnotateMozCrashReason("MOZ_ASSERT" "(" "nuses == 2" ")" ); do { ((volatile int)__null) = 684; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
685	MOZ_ASSERT(ndefs == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(ndefs == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(ndefs == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("ndefs == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 685); AnnotateMozCrashReason("MOZ_ASSERT" "(" "ndefs == 1" ")" ); do { ((volatile int)__null) = 685; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
686	break;
687
688	case JSOp::CheckResumeKind:
689	// Pop the top two values, keep the other value.
690	MOZ_ASSERT(nuses == 3)do { static_assert( mozilla::detail::AssertionConditionType< decltype(nuses == 3)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(nuses == 3))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("nuses == 3", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 690); AnnotateMozCrashReason("MOZ_ASSERT" "(" "nuses == 3" ")" ); do { ((volatile int)__null) = 690; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
691	MOZ_ASSERT(ndefs == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(ndefs == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(ndefs == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("ndefs == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 691); AnnotateMozCrashReason("MOZ_ASSERT" "(" "ndefs == 1" ")" ); do { ((volatile int)__null) = 691; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
692	break;
693
694	case JSOp::SetGName:
695	case JSOp::SetName:
696	case JSOp::SetProp:
697	case JSOp::StrictSetGName:
698	case JSOp::StrictSetName:
699	case JSOp::StrictSetProp:
700	// Keep the top value, removing other 1 value.
701	MOZ_ASSERT(nuses == 2)do { static_assert( mozilla::detail::AssertionConditionType< decltype(nuses == 2)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(nuses == 2))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("nuses == 2", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 701); AnnotateMozCrashReason("MOZ_ASSERT" "(" "nuses == 2" ")" ); do { ((volatile int)__null) = 701; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
702	MOZ_ASSERT(ndefs == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(ndefs == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(ndefs == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("ndefs == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 702); AnnotateMozCrashReason("MOZ_ASSERT" "(" "ndefs == 1" ")" ); do { ((volatile int)__null) = 702; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
703	offsetStack[stackDepth] = offsetStack[stackDepth + 1];
704	break;
705
706	case JSOp::SetPropSuper:
707	case JSOp::StrictSetPropSuper:
708	// Keep the top value, removing other 2 values.
709	MOZ_ASSERT(nuses == 3)do { static_assert( mozilla::detail::AssertionConditionType< decltype(nuses == 3)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(nuses == 3))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("nuses == 3", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 709); AnnotateMozCrashReason("MOZ_ASSERT" "(" "nuses == 3" ")" ); do { ((volatile int)__null) = 709; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
710	MOZ_ASSERT(ndefs == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(ndefs == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(ndefs == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("ndefs == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 710); AnnotateMozCrashReason("MOZ_ASSERT" "(" "ndefs == 1" ")" ); do { ((volatile int)__null) = 710; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
711	offsetStack[stackDepth] = offsetStack[stackDepth + 2];
712	break;
713
714	case JSOp::SetElemSuper:
715	case JSOp::StrictSetElemSuper:
716	// Keep the top value, removing other 3 values.
717	MOZ_ASSERT(nuses == 4)do { static_assert( mozilla::detail::AssertionConditionType< decltype(nuses == 4)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(nuses == 4))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("nuses == 4", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 717); AnnotateMozCrashReason("MOZ_ASSERT" "(" "nuses == 4" ")" ); do { ((volatile int)__null) = 717; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
718	MOZ_ASSERT(ndefs == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(ndefs == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(ndefs == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("ndefs == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 718); AnnotateMozCrashReason("MOZ_ASSERT" "(" "ndefs == 1" ")" ); do { ((volatile int)__null) = 718; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
719	offsetStack[stackDepth] = offsetStack[stackDepth + 3];
720	break;
721
722	case JSOp::IsGenClosing:
723	case JSOp::IsNoIter:
724	case JSOp::IsNullOrUndefined:
725	case JSOp::MoreIter:
726	case JSOp::CanSkipAwait:
727	// Keep the top value and push one more value.
728	MOZ_ASSERT(nuses == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(nuses == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(nuses == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("nuses == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 728); AnnotateMozCrashReason("MOZ_ASSERT" "(" "nuses == 1" ")" ); do { ((volatile int)__null) = 728; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
729	MOZ_ASSERT(ndefs == 2)do { static_assert( mozilla::detail::AssertionConditionType< decltype(ndefs == 2)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(ndefs == 2))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("ndefs == 2", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 729); AnnotateMozCrashReason("MOZ_ASSERT" "(" "ndefs == 2" ")" ); do { ((volatile int)__null) = 729; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
730	offsetStack[stackDepth + 1].set(offset, 1);
731	break;
732
733	case JSOp::MaybeExtractAwaitValue:
734	// Keep the top value and replace the second to top value.
735	MOZ_ASSERT(nuses == 2)do { static_assert( mozilla::detail::AssertionConditionType< decltype(nuses == 2)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(nuses == 2))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("nuses == 2", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 735); AnnotateMozCrashReason("MOZ_ASSERT" "(" "nuses == 2" ")" ); do { ((volatile int)__null) = 735; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
736	MOZ_ASSERT(ndefs == 2)do { static_assert( mozilla::detail::AssertionConditionType< decltype(ndefs == 2)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(ndefs == 2))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("ndefs == 2", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 736); AnnotateMozCrashReason("MOZ_ASSERT" "(" "ndefs == 2" ")" ); do { ((volatile int)__null) = 736; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
737	offsetStack[stackDepth].set(offset, 0);
738	break;
739
740	case JSOp::CheckPrivateField:
741	// Keep the top two values, and push one new value.
742	MOZ_ASSERT(nuses == 2)do { static_assert( mozilla::detail::AssertionConditionType< decltype(nuses == 2)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(nuses == 2))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("nuses == 2", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 742); AnnotateMozCrashReason("MOZ_ASSERT" "(" "nuses == 2" ")" ); do { ((volatile int)__null) = 742; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
743	MOZ_ASSERT(ndefs == 3)do { static_assert( mozilla::detail::AssertionConditionType< decltype(ndefs == 3)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(ndefs == 3))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("ndefs == 3", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 743); AnnotateMozCrashReason("MOZ_ASSERT" "(" "ndefs == 3" ")" ); do { ((volatile int)__null) = 743; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
744	offsetStack[stackDepth + 2].set(offset, 2);
745	break;
746	}
747
748	#ifdef DEBUG1
749	end:
750	#endif /* DEBUG */
751
752	stackDepth += ndefs;
753	return stackDepth;
754	}
755
756	bool BytecodeParser::recordBytecode(uint32_t offset,
757	const OffsetAndDefIndex* offsetStack,
758	uint32_t stackDepth) {
759	MOZ_RELEASE_ASSERT(offset < script_->length())do { static_assert( mozilla::detail::AssertionConditionType< decltype(offset < script_->length())>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(offset < script_->length ()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure ("offset < script_->length()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 759); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "offset < script_->length()" ")"); do { ((volatile int)__null) = 759; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
760	MOZ_RELEASE_ASSERT(stackDepth <= maximumStackDepth())do { static_assert( mozilla::detail::AssertionConditionType< decltype(stackDepth <= maximumStackDepth())>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(stackDepth <= maximumStackDepth ()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure ("stackDepth <= maximumStackDepth()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 760); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "stackDepth <= maximumStackDepth()" ")"); do { ((volatile int)__null) = 760; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
761
762	Bytecode*& code = codeArray_[offset];
763	if (!code) {
764	code = alloc().new_<Bytecode>(alloc());
765	if (!code \|\| !code->captureOffsetStack(alloc(), offsetStack, stackDepth)) {
766	reportOOM();
767	return false;
768	}
769	} else {
770	code->mergeOffsetStack(offsetStack, stackDepth);
771	}
772
773	return true;
774	}
775
776	bool BytecodeParser::addJump(uint32_t offset, uint32_t stackDepth,
777	const OffsetAndDefIndex* offsetStack,
778	jsbytecode* pc, JumpKind kind) {
779	if (!recordBytecode(offset, offsetStack, stackDepth)) {
780	return false;
781	}
782
783	#ifdef DEBUG1
784	uint32_t currentOffset = script_->pcToOffset(pc);
785	if (isStackDump) {
786	if (!codeArray_[offset]->addJump(currentOffset, kind)) {
787	reportOOM();
788	return false;
789	}
790	}
791
792	// If this is a backedge, assert we parsed the target JSOp::LoopHead.
793	MOZ_ASSERT_IF(offset < currentOffset, codeArray_[offset]->parsed)do { if (offset < currentOffset) { do { static_assert( mozilla ::detail::AssertionConditionType<decltype(codeArray_[offset ]->parsed)>::isValid, "invalid assertion condition"); if ((__builtin_expect(!!(!(!!(codeArray_[offset]->parsed))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("codeArray_[offset]->parsed" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 793); AnnotateMozCrashReason("MOZ_ASSERT" "(" "codeArray_[offset]->parsed" ")"); do { ((volatile int)__null) = 793; __attribute__((nomerge )) ::abort(); } while (false); } } while (false); } } while ( false);
794	#endif /* DEBUG */
795
796	return true;
797	}
798
799	bool BytecodeParser::parse() {
800	MOZ_ASSERT(!codeArray_)do { static_assert( mozilla::detail::AssertionConditionType< decltype(!codeArray_)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(!codeArray_))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("!codeArray_", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 800); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!codeArray_" ")"); do { ((volatile int)__null) = 800; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
801
802	uint32_t length = script_->length();
803	codeArray_ = alloc().newArray<Bytecode*>(length);
804
805	if (!codeArray_) {
806	reportOOM();
807	return false;
808	}
809
810	mozilla::PodZero(codeArray_, length);
811
812	// Fill in stack depth and definitions at initial bytecode.
813	Bytecode* startcode = alloc().new_<Bytecode>(alloc());
814	if (!startcode) {
815	reportOOM();
816	return false;
817	}
818
819	// Fill in stack depth and definitions at initial bytecode.
820	OffsetAndDefIndex* offsetStack =
821	alloc().newArray<OffsetAndDefIndex>(maximumStackDepth());
822	if (maximumStackDepth() && !offsetStack) {
823	reportOOM();
824	return false;
825	}
826
827	startcode->stackDepth = 0;
828	codeArray_[0] = startcode;
829
830	for (uint32_t offset = 0, nextOffset = 0; offset < length;
831	offset = nextOffset) {
832	Bytecode* code = maybeCode(offset);
833	jsbytecode* pc = script_->offsetToPC(offset);
834
835	// Next bytecode to analyze.
836	nextOffset = offset + GetBytecodeLength(pc);
837
838	MOZ_RELEASE_ASSERT(pc < JSOP_LIMIT)do { static_assert( mozilla::detail::AssertionConditionType< decltype(pc < JSOP_LIMIT)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(pc < JSOP_LIMIT))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("pc < JSOP_LIMIT" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 838); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "pc < JSOP_LIMIT" ")"); do { ((volatile int*)__null) = 838; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
839	JSOp op = JSOp(*pc);
840
841	if (!code) {
842	// Haven't found a path by which this bytecode is reachable.
843	continue;
844	}
845
846	// On a jump target, we reload the offsetStack saved for the current
847	// bytecode, as it contains either the original offset stack, or the
848	// merged offset stack.
849	if (BytecodeIsJumpTarget(op)) {
850	for (uint32_t n = 0; n < code->stackDepth; ++n) {
851	offsetStack[n] = code->offsetStack[n];
852	}
853	}
854
855	if (code->parsed) {
856	// No need to reparse.
857	continue;
858	}
859
860	code->parsed = true;
861
862	uint32_t stackDepth = simulateOp(op, offset, offsetStack, code->stackDepth);
863
864	#if defined(DEBUG1) \|\| defined(JS_JITSPEW1)
865	if (isStackDump) {
866	if (!code->captureOffsetStackAfter(alloc(), offsetStack, stackDepth)) {
867	reportOOM();
868	return false;
869	}
870	}
871	#endif /* defined(DEBUG) \|\| defined(JS_JITSPEW) */
872
873	switch (op) {
874	case JSOp::TableSwitch: {
875	uint32_t defaultOffset = offset + GET_JUMP_OFFSET(pc);
876	jsbytecode* pc2 = pc + JUMP_OFFSET_LEN;
877	int32_t low = GET_JUMP_OFFSET(pc2);
878	pc2 += JUMP_OFFSET_LEN;
879	int32_t high = GET_JUMP_OFFSET(pc2);
880	pc2 += JUMP_OFFSET_LEN;
	Value stored to 'pc2' is never read
881
882	if (!addJump(defaultOffset, stackDepth, offsetStack, pc,
883	JumpKind::SwitchDefault)) {
884	return false;
885	}
886
887	uint32_t ncases = high - low + 1;
888
889	for (uint32_t i = 0; i < ncases; i++) {
890	uint32_t targetOffset = script_->tableSwitchCaseOffset(pc, i);
891	if (targetOffset != defaultOffset) {
892	if (!addJump(targetOffset, stackDepth, offsetStack, pc,
893	JumpKind::SwitchCase)) {
894	return false;
895	}
896	}
897	}
898	break;
899	}
900
901	case JSOp::Try: {
902	// Everything between a try and corresponding catch or finally is
903	// conditional. Note that there is no problem with code which is skipped
904	// by a thrown exception but is not caught by a later handler in the
905	// same function: no more code will execute, and it does not matter what
906	// is defined.
907	for (const TryNote& tn : script_->trynotes()) {
908	if (tn.start == offset + JSOpLength_Try) {
909	uint32_t catchOffset = tn.start + tn.length;
910	if (tn.kind() == TryNoteKind::Catch) {
911	if (!addJump(catchOffset, stackDepth, offsetStack, pc,
912	JumpKind::TryCatch)) {
913	return false;
914	}
915	} else if (tn.kind() == TryNoteKind::Finally) {
916	// Three additional values will be on the stack at the beginning
917	// of the finally block: the exception/resume index, the exception
918	// stack, and the \|throwing\| value. For the benefit of the
919	// decompiler, point them at this Try.
920	offsetStack[stackDepth].set(offset, 0);
921	offsetStack[stackDepth + 1].set(offset, 1);
922	offsetStack[stackDepth + 2].set(offset, 2);
923	if (!addJump(catchOffset, stackDepth + 3, offsetStack, pc,
924	JumpKind::TryFinally)) {
925	return false;
926	}
927	}
928	}
929	}
930	break;
931	}
932
933	default:
934	break;
935	}
936
937	// Check basic jump opcodes, which may or may not have a fallthrough.
938	if (IsJumpOpcode(op)) {
939	// Case instructions do not push the lvalue back when branching.
940	uint32_t newStackDepth = stackDepth;
941	if (op == JSOp::Case) {
942	newStackDepth--;
943	}
944
945	uint32_t targetOffset = offset + GET_JUMP_OFFSET(pc);
946	if (!addJump(targetOffset, newStackDepth, offsetStack, pc,
947	JumpKind::Simple)) {
948	return false;
949	}
950	}
951
952	// Handle any fallthrough from this opcode.
953	if (BytecodeFallsThrough(op)) {
954	if (!recordBytecode(nextOffset, offsetStack, stackDepth)) {
955	return false;
956	}
957	}
958	}
959
960	return true;
961	}
962
963	#if defined(DEBUG1) \|\| defined(JS_JITSPEW1)
964
965	bool js::ReconstructStackDepth(JSContext* cx, JSScript* script, jsbytecode* pc,
966	uint32_t* depth, bool* reachablePC) {
967	LifoAllocScope allocScope(&cx->tempLifoAlloc());
968	BytecodeParser parser(cx, allocScope.alloc(), script);
969	if (!parser.parse()) {
970	return false;
971	}
972
973	*reachablePC = parser.isReachable(pc);
974
975	if (*reachablePC) {
976	*depth = parser.stackDepthAtPC(pc);
977	}
978
979	return true;
980	}
981
982	static unsigned Disassemble1(JSContext* cx, HandleScript script, jsbytecode* pc,
983	unsigned loc, bool lines,
984	const BytecodeParser* parser, StringPrinter* sp);
985
986	/*
987	* If pc != nullptr, include a prefix indicating whether the PC is at the
988	* current line. If showAll is true, include the entry stack depth.
989	*/
990	[[nodiscard]] static bool DisassembleAtPC(
991	JSContext* cx, JSScript* scriptArg, bool lines, const jsbytecode* pc,
992	bool showAll, StringPrinter* sp,
993	DisassembleSkeptically skeptically = DisassembleSkeptically::No) {
994	LifoAllocScope allocScope(&cx->tempLifoAlloc());
995	RootedScript script(cx, scriptArg);
996	mozilla::Maybe<BytecodeParser> parser;
997
998	if (skeptically == DisassembleSkeptically::No) {
999	parser.emplace(cx, allocScope.alloc(), script);
1000	parser->setStackDump();
1001	if (!parser->parse()) {
1002	return false;
1003	}
1004	}
1005
1006	if (showAll) {
1007	sp->printf("%s:%u\n", script->filename(), unsigned(script->lineno()));
1008	}
1009
1010	if (pc != nullptr) {
1011	sp->put(" ");
1012	}
1013	if (showAll) {
1014	sp->put("sn stack ");
1015	}
1016	sp->put("loc ");
1017	if (lines) {
1018	sp->put("line");
1019	}
1020	sp->put(" op\n");
1021
1022	if (pc != nullptr) {
1023	sp->put(" ");
1024	}
1025	if (showAll) {
1026	sp->put("-- ----- ");
1027	}
1028	sp->put("----- ");
1029	if (lines) {
1030	sp->put("----");
1031	}
1032	sp->put(" --\n");
1033
1034	jsbytecode* next = script->code();
1035	jsbytecode* end = script->codeEnd();
1036	while (next < end) {
1037	if (next == script->main()) {
1038	sp->put("main:\n");
1039	}
1040	if (pc != nullptr) {
1041	sp->put(pc == next ? "--> " : " ");
1042	}
1043	if (showAll) {
1044	if (parser && parser->isReachable(next)) {
1045	sp->printf("%05u ", parser->stackDepthAtPC(next));
1046	} else {
1047	sp->put(" ");
1048	}
1049	}
1050	unsigned len = Disassemble1(cx, script, next, script->pcToOffset(next),
1051	lines, parser.ptrOr(nullptr), sp);
1052	if (!len) {
1053	return false;
1054	}
1055
1056	next += len;
1057	}
1058
1059	return true;
1060	}
1061
1062	bool js::Disassemble(JSContext* cx, HandleScript script, bool lines,
1063	StringPrinter* sp, DisassembleSkeptically skeptically) {
1064	return DisassembleAtPC(cx, script, lines, nullptr, false, sp, skeptically);
1065	}
1066
1067	JS_PUBLIC_API bool js::DumpPC(JSContext* cx, FILE* fp) {
1068	gc::AutoSuppressGC suppressGC(cx);
1069	Sprinter sprinter(cx);
1070	if (!sprinter.init()) {
1071	return false;
1072	}
1073	ScriptFrameIter iter(cx);
1074	if (iter.done()) {
1075	fprintf(fp, "Empty stack.\n");
1076	return true;
1077	}
1078	RootedScript script(cx, iter.script());
1079	bool ok = DisassembleAtPC(cx, script, true, iter.pc(), false, &sprinter);
1080	JS::UniqueChars out = sprinter.release();
1081	if (!out) {
1082	return false;
1083	}
1084	fprintf(fp, "%s", out.get());
1085	return ok;
1086	}
1087
1088	JS_PUBLIC_API bool js::DumpScript(JSContext* cx, JSScript* scriptArg,
1089	FILE* fp) {
1090	gc::AutoSuppressGC suppressGC(cx);
1091	Sprinter sprinter(cx);
1092	if (!sprinter.init()) {
1093	return false;
1094	}
1095	RootedScript script(cx, scriptArg);
1096	bool ok = Disassemble(cx, script, true, &sprinter);
1097	JS::UniqueChars out = sprinter.release();
1098	if (!out) {
1099	return false;
1100	}
1101	fprintf(fp, "%s", out.get());
1102	return ok;
1103	}
1104
1105	UniqueChars js::ToDisassemblySource(JSContext* cx, HandleValue v) {
1106	if (v.isString()) {
1107	return QuoteString(cx, v.toString(), '"');
1108	}
1109
1110	if (JS::RuntimeHeapIsBusy()) {
1111	return DuplicateString(cx, "<value>");
1112	}
1113
1114	if (v.isObject()) {
1115	JSObject& obj = v.toObject();
1116
1117	if (obj.is<JSFunction>()) {
1118	RootedFunction fun(cx, &obj.as<JSFunction>());
1119	JSString* str = JS_DecompileFunction(cx, fun);
1120	if (!str) {
1121	return nullptr;
1122	}
1123	return QuoteString(cx, str);
1124	}
1125
1126	if (obj.is<RegExpObject>()) {
1127	Rooted<RegExpObject*> reobj(cx, &obj.as<RegExpObject>());
1128	JSString* source = RegExpObject::toString(cx, reobj);
1129	if (!source) {
1130	return nullptr;
1131	}
1132	return QuoteString(cx, source);
1133	}
1134	}
1135
1136	JSString* str = ValueToSource(cx, v);
1137	if (!str) {
1138	return nullptr;
1139	}
1140	return QuoteString(cx, str);
1141	}
1142
1143	static bool ToDisassemblySource(JSContext* cx, Handle<Scope*> scope,
1144	UniqueChars* bytes) {
1145	UniqueChars source = JS_smprintf("%s {", ScopeKindString(scope->kind()));
1146	if (!source) {
1147	ReportOutOfMemory(cx);
1148	return false;
1149	}
1150
1151	for (Rooted<BindingIter> bi(cx, BindingIter(scope)); bi; bi++) {
1152	UniqueChars nameBytes = AtomToPrintableString(cx, bi.name());
1153	if (!nameBytes) {
1154	return false;
1155	}
1156
1157	source = JS_sprintf_append(std::move(source), "%s: ", nameBytes.get());
1158	if (!source) {
1159	ReportOutOfMemory(cx);
1160	return false;
1161	}
1162
1163	BindingLocation loc = bi.location();
1164	switch (loc.kind()) {
1165	case BindingLocation::Kind::Global:
1166	source = JS_sprintf_append(std::move(source), "global");
1167	break;
1168
1169	case BindingLocation::Kind::Frame:
1170	source =
1171	JS_sprintf_append(std::move(source), "frame slot %u", loc.slot());
1172	break;
1173
1174	case BindingLocation::Kind::Environment:
1175	source =
1176	JS_sprintf_append(std::move(source), "env slot %u", loc.slot());
1177	break;
1178
1179	case BindingLocation::Kind::Argument:
1180	source =
1181	JS_sprintf_append(std::move(source), "arg slot %u", loc.slot());
1182	break;
1183
1184	case BindingLocation::Kind::NamedLambdaCallee:
1185	source = JS_sprintf_append(std::move(source), "named lambda callee");
1186	break;
1187
1188	case BindingLocation::Kind::Import:
1189	source = JS_sprintf_append(std::move(source), "import");
1190	break;
1191	}
1192
1193	if (!source) {
1194	ReportOutOfMemory(cx);
1195	return false;
1196	}
1197
1198	if (!bi.isLast()) {
1199	source = JS_sprintf_append(std::move(source), ", ");
1200	if (!source) {
1201	ReportOutOfMemory(cx);
1202	return false;
1203	}
1204	}
1205	}
1206
1207	source = JS_sprintf_append(std::move(source), "}");
1208	if (!source) {
1209	ReportOutOfMemory(cx);
1210	return false;
1211	}
1212
1213	*bytes = std::move(source);
1214	return true;
1215	}
1216
1217	static bool DumpJumpOrigins(HandleScript script, jsbytecode* pc,
1218	const BytecodeParser* parser, StringPrinter* sp) {
1219	bool called = false;
1220	auto callback = [&script, &sp, &called](jsbytecode* pc,
1221	BytecodeParser::JumpKind kind) {
1222	if (!called) {
1223	called = true;
1224	sp->put("\n# ");
1225	} else {
1226	sp->put(", ");
1227	}
1228
1229	switch (kind) {
1230	case BytecodeParser::JumpKind::Simple:
1231	break;
1232
1233	case BytecodeParser::JumpKind::SwitchCase:
1234	sp->put("switch-case ");
1235	break;
1236
1237	case BytecodeParser::JumpKind::SwitchDefault:
1238	sp->put("switch-default ");
1239	break;
1240
1241	case BytecodeParser::JumpKind::TryCatch:
1242	sp->put("try-catch ");
1243	break;
1244
1245	case BytecodeParser::JumpKind::TryFinally:
1246	sp->put("try-finally ");
1247	break;
1248	}
1249
1250	sp->printf("from %s @ %05u", CodeName(JSOp(*pc)),
1251	unsigned(script->pcToOffset(pc)));
1252
1253	return true;
1254	};
1255	if (!parser->forEachJumpOrigins(pc, callback)) {
1256	return false;
1257	}
1258	if (called) {
1259	sp->put("\n");
1260	}
1261
1262	return true;
1263	}
1264
1265	static bool DecompileAtPCForStackDump(
1266	JSContext* cx, HandleScript script,
1267	const OffsetAndDefIndex& offsetAndDefIndex, StringPrinter* sp);
1268
1269	static bool PrintShapeProperties(JSContext* cx, StringPrinter* sp,
1270	SharedShape* shape) {
1271	// Add all property keys to a vector to allow printing them in property
1272	// definition order.
1273	Vector<PropertyKey> props(cx);
1274	for (SharedShapePropertyIter<NoGC> iter(shape); !iter.done(); iter++) {
1275	if (!props.append(iter->key())) {
1276	return false;
1277	}
1278	}
1279
1280	sp->put("{");
1281
1282	for (size_t i = props.length(); i > 0; i--) {
1283	PropertyKey key = props[i - 1];
1284	RootedValue keyv(cx, IdToValue(key));
1285	JSString* str = ToString<NoGC>(cx, keyv);
1286	if (!str) {
1287	ReportOutOfMemory(cx);
1288	return false;
1289	}
1290	sp->putString(cx, str);
1291	if (i > 1) {
1292	sp->put(", ");
1293	}
1294	}
1295
1296	sp->put("}");
1297	return true;
1298	}
1299
1300	static unsigned Disassemble1(JSContext* cx, HandleScript script, jsbytecode* pc,
1301	unsigned loc, bool lines,
1302	const BytecodeParser* parser, StringPrinter* sp) {
1303	if (parser && parser->isReachable(pc)) {
1304	if (!DumpJumpOrigins(script, pc, parser, sp)) {
1305	return 0;
1306	}
1307	}
1308
1309	size_t before = sp->length();
1310	bool stackDumped = false;
1311	auto dumpStack = [&cx, &script, &pc, &parser, &sp, &before, &stackDumped]() {
1312	if (!parser) {
1313	return true;
1314	}
1315	if (stackDumped) {
1316	return true;
1317	}
1318	stackDumped = true;
1319
1320	size_t after = sp->length();
1321	MOZ_ASSERT(after >= before)do { static_assert( mozilla::detail::AssertionConditionType< decltype(after >= before)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(after >= before))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("after >= before" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 1321); AnnotateMozCrashReason("MOZ_ASSERT" "(" "after >= before" ")"); do { ((volatile int)__null) = 1321; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
1322
1323	static const size_t stack_column = 40;
1324	for (size_t i = after - before; i < stack_column - 1; i++) {
1325	sp->put(" ");
1326	}
1327
1328	sp->put(" # ");
1329
1330	if (!parser->isReachable(pc)) {
1331	sp->put("!!! UNREACHABLE !!!");
1332	} else {
1333	uint32_t depth = parser->stackDepthAfterPC(pc);
1334
1335	for (uint32_t i = 0; i < depth; i++) {
1336	if (i) {
1337	sp->put(" ");
1338	}
1339
1340	const OffsetAndDefIndex& offsetAndDefIndex =
1341	parser->offsetForStackOperandAfterPC(script->pcToOffset(pc), i);
1342	// This will decompile the stack for the same PC many times.
1343	// We'll avoid optimizing it since this is a testing function
1344	// and it won't be worth managing cached expression here.
1345	if (!DecompileAtPCForStackDump(cx, script, offsetAndDefIndex, sp)) {
1346	return false;
1347	}
1348	}
1349	}
1350
1351	return true;
1352	};
1353
1354	if (*pc >= JSOP_LIMIT) {
1355	char numBuf1[12], numBuf2[12];
1356	SprintfLiteral(numBuf1, "%d", int(*pc));
1357	SprintfLiteral(numBuf2, "%d", JSOP_LIMIT);
1358	JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
1359	JSMSG_BYTECODE_TOO_BIG, numBuf1, numBuf2);
1360	return 0;
1361	}
1362	JSOp op = JSOp(*pc);
1363	const JSCodeSpec& cs = CodeSpec(op);
1364	const unsigned len = cs.length;
1365	sp->printf("%05u:", loc);
1366	if (lines) {
1367	sp->printf("%4u", PCToLineNumber(script, pc));
1368	}
1369	sp->printf(" %s", CodeName(op));
1370
1371	int i;
1372	switch (JOF_TYPE(cs.format)) {
1373	case JOF_BYTE:
1374	break;
1375
1376	case JOF_JUMP: {
1377	ptrdiff_t off = GET_JUMP_OFFSET(pc);
1378	sp->printf(" %u (%+d)", unsigned(loc + int(off)), int(off));
1379	break;
1380	}
1381
1382	case JOF_SCOPE: {
1383	Rooted<Scope*> scope(cx, script->getScope(pc));
1384	UniqueChars bytes;
1385	if (!ToDisassemblySource(cx, scope, &bytes)) {
1386	return 0;
1387	}
1388	sp->printf(" %s", bytes.get());
1389	break;
1390	}
1391
1392	case JOF_ENVCOORD: {
1393	RootedValue v(cx, StringValue(EnvironmentCoordinateNameSlow(script, pc)));
1394	UniqueChars bytes = ToDisassemblySource(cx, v);
1395	if (!bytes) {
1396	return 0;
1397	}
1398	EnvironmentCoordinate ec(pc);
1399	sp->printf(" %s (hops = %u, slot = %u)", bytes.get(), ec.hops(),
1400	ec.slot());
1401	break;
1402	}
1403	case JOF_DEBUGCOORD: {
1404	EnvironmentCoordinate ec(pc);
1405	sp->printf("(hops = %u, slot = %u)", ec.hops(), ec.slot());
1406	break;
1407	}
1408	case JOF_ATOM: {
1409	RootedValue v(cx, StringValue(script->getAtom(pc)));
1410	UniqueChars bytes = ToDisassemblySource(cx, v);
1411	if (!bytes) {
1412	return 0;
1413	}
1414	sp->printf(" %s", bytes.get());
1415	break;
1416	}
1417	case JOF_STRING: {
1418	RootedValue v(cx, StringValue(script->getString(pc)));
1419	UniqueChars bytes = ToDisassemblySource(cx, v);
1420	if (!bytes) {
1421	return 0;
1422	}
1423	sp->printf(" %s", bytes.get());
1424	break;
1425	}
1426
1427	case JOF_DOUBLE: {
1428	double d = GET_INLINE_VALUE(pc).toDouble();
1429	sp->printf(" %lf", d);
1430	break;
1431	}
1432
1433	case JOF_BIGINT: {
1434	RootedValue v(cx, BigIntValue(script->getBigInt(pc)));
1435	UniqueChars bytes = ToDisassemblySource(cx, v);
1436	if (!bytes) {
1437	return 0;
1438	}
1439	sp->printf(" %s", bytes.get());
1440	break;
1441	}
1442
1443	case JOF_OBJECT: {
1444	JSObject* obj = script->getObject(pc);
1445	{
1446	RootedValue v(cx, ObjectValue(*obj));
1447	UniqueChars bytes = ToDisassemblySource(cx, v);
1448	if (!bytes) {
1449	return 0;
1450	}
1451	sp->printf(" %s", bytes.get());
1452	}
1453	break;
1454	}
1455
1456	case JOF_SHAPE: {
1457	SharedShape* shape = script->getShape(pc);
1458	sp->put(" ");
1459	if (!PrintShapeProperties(cx, sp, shape)) {
1460	return 0;
1461	}
1462	break;
1463	}
1464
1465	case JOF_REGEXP: {
1466	js::RegExpObject* obj = script->getRegExp(pc);
1467	RootedValue v(cx, ObjectValue(*obj));
1468	UniqueChars bytes = ToDisassemblySource(cx, v);
1469	if (!bytes) {
1470	return 0;
1471	}
1472	sp->printf(" %s", bytes.get());
1473	break;
1474	}
1475
1476	case JOF_TABLESWITCH: {
1477	int32_t i, low, high;
1478
1479	ptrdiff_t off = GET_JUMP_OFFSET(pc);
1480	jsbytecode* pc2 = pc + JUMP_OFFSET_LEN;
1481	low = GET_JUMP_OFFSET(pc2);
1482	pc2 += JUMP_OFFSET_LEN;
1483	high = GET_JUMP_OFFSET(pc2);
1484	pc2 += JUMP_OFFSET_LEN;
1485	sp->printf(" defaultOffset %d low %d high %d", int(off), low, high);
1486
1487	// Display stack dump before diplaying the offsets for each case.
1488	if (!dumpStack()) {
1489	return 0;
1490	}
1491
1492	for (i = low; i <= high; i++) {
1493	off =
1494	script->tableSwitchCaseOffset(pc, i - low) - script->pcToOffset(pc);
1495	sp->printf("\n\t%d: %d", i, int(off));
1496	}
1497	break;
1498	}
1499
1500	case JOF_QARG:
1501	sp->printf(" %u", GET_ARGNO(pc));
1502	break;
1503
1504	case JOF_LOCAL:
1505	sp->printf(" %u", GET_LOCALNO(pc));
1506	break;
1507
1508	case JOF_GCTHING:
1509	sp->printf(" %u", unsigned(GET_GCTHING_INDEX(pc)));
1510	break;
1511
1512	case JOF_UINT32:
1513	sp->printf(" %u", GET_UINT32(pc));
1514	break;
1515
1516	case JOF_ICINDEX:
1517	sp->printf(" (ic: %u)", GET_ICINDEX(pc));
1518	break;
1519
1520	case JOF_LOOPHEAD:
1521	sp->printf(" (ic: %u, depthHint: %u)", GET_ICINDEX(pc),
1522	LoopHeadDepthHint(pc));
1523	break;
1524
1525	case JOF_TWO_UINT8: {
1526	int one = (int)GET_UINT8(pc);
1527	int two = (int)GET_UINT8(pc + 1);
1528
1529	sp->printf(" %d", one);
1530	sp->printf(" %d", two);
1531	break;
1532	}
1533
1534	case JOF_ARGC:
1535	case JOF_UINT16:
1536	i = (int)GET_UINT16(pc);
1537	goto print_int;
1538
1539	case JOF_RESUMEINDEX:
1540	case JOF_UINT24:
1541	MOZ_ASSERT(len == 4)do { static_assert( mozilla::detail::AssertionConditionType< decltype(len == 4)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(len == 4))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("len == 4", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 1541); AnnotateMozCrashReason("MOZ_ASSERT" "(" "len == 4" ")" ); do { ((volatile int)__null) = 1541; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
1542	i = (int)GET_UINT24(pc);
1543	goto print_int;
1544
1545	case JOF_UINT8:
1546	i = GET_UINT8(pc);
1547	goto print_int;
1548
1549	case JOF_INT8:
1550	i = GET_INT8(pc);
1551	goto print_int;
1552
1553	case JOF_INT32:
1554	MOZ_ASSERT(op == JSOp::Int32)do { static_assert( mozilla::detail::AssertionConditionType< decltype(op == JSOp::Int32)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(op == JSOp::Int32))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("op == JSOp::Int32" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 1554); AnnotateMozCrashReason("MOZ_ASSERT" "(" "op == JSOp::Int32" ")"); do { ((volatile int)__null) = 1554; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
1555	i = GET_INT32(pc);
1556	print_int:
1557	sp->printf(" %d", i);
1558	break;
1559
1560	default: {
1561	char numBuf[12];
1562	SprintfLiteral(numBuf, "%x", cs.format);
1563	JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
1564	JSMSG_UNKNOWN_FORMAT, numBuf);
1565	return 0;
1566	}
1567	}
1568
1569	if (!dumpStack()) {
1570	return 0;
1571	}
1572
1573	sp->put("\n");
1574	return len;
1575	}
1576
1577	unsigned js::Disassemble1(JSContext* cx, JS::Handle<JSScript*> script,
1578	jsbytecode* pc, unsigned loc, bool lines,
1579	StringPrinter* sp) {
1580	return Disassemble1(cx, script, pc, loc, lines, nullptr, sp);
1581	}
1582
1583	#endif /* defined(DEBUG) \|\| defined(JS_JITSPEW) */
1584
1585	namespace {
1586	/*
1587	* The expression decompiler is invoked by error handling code to produce a
1588	* string representation of the erroring expression. As it's only a debugging
1589	* tool, it only supports basic expressions. For anything complicated, it simply
1590	* puts "(intermediate value)" into the error result.
1591	*
1592	* Here's the basic algorithm:
1593	*
1594	* 1. Find the stack location of the value whose expression we wish to
1595	* decompile. The error handler can explicitly pass this as an
1596	* argument. Otherwise, we search backwards down the stack for the offending
1597	* value.
1598	*
1599	* 2. Instantiate and run a BytecodeParser for the current frame. This creates a
1600	* stack of pcs parallel to the interpreter stack; given an interpreter stack
1601	* location, the corresponding pc stack location contains the opcode that pushed
1602	* the value in the interpreter. Now, with the result of step 1, we have the
1603	* opcode responsible for pushing the value we want to decompile.
1604	*
1605	* 3. Pass the opcode to decompilePC. decompilePC is the main decompiler
1606	* routine, responsible for a string representation of the expression that
1607	* generated a certain stack location. decompilePC looks at one opcode and
1608	* returns the JS source equivalent of that opcode.
1609	*
1610	* 4. Expressions can, of course, contain subexpressions. For example, the
1611	* literals "4" and "5" are subexpressions of the addition operator in "4 +
1612	* 5". If we need to decompile a subexpression, we call decompilePC (step 2)
1613	* recursively on the operands' pcs. The result is a depth-first traversal of
1614	* the expression tree.
1615	*
1616	*/
1617	struct ExpressionDecompiler {
1618	JSContext* cx;
1619	RootedScript script;
1620	const BytecodeParser& parser;
1621	Sprinter sprinter;
1622
1623	#if defined(DEBUG1) \|\| defined(JS_JITSPEW1)
1624	// Dedicated mode for stack dump.
1625	// Generates an expression for stack dump, including internal state,
1626	// and also disables special handling for self-hosted code.
1627	bool isStackDump;
1628	#endif
1629
1630	ExpressionDecompiler(JSContext* cx, JSScript* script,
1631	const BytecodeParser& parser)
1632	: cx(cx),
1633	script(cx, script),
1634	parser(parser),
1635	sprinter(cx)
1636	#if defined(DEBUG1) \|\| defined(JS_JITSPEW1)
1637	,
1638	isStackDump(false)
1639	#endif
1640	{
1641	}
1642	bool init();
1643	bool decompilePCForStackOperand(jsbytecode* pc, int i);
1644	bool decompilePC(jsbytecode* pc, uint8_t defIndex);
1645	bool decompilePC(const OffsetAndDefIndex& offsetAndDefIndex);
1646	JSAtom* getArg(unsigned slot);
1647	JSAtom* loadAtom(jsbytecode* pc);
1648	JSString* loadString(jsbytecode* pc);
1649	bool quote(JSString* s, char quote);
1650	bool write(const char* s);
1651	bool write(JSString* str);
1652	UniqueChars getOutput();
1653	#if defined(DEBUG1) \|\| defined(JS_JITSPEW1)
1654	void setStackDump() { isStackDump = true; }
1655	#endif
1656	};
1657
1658	bool ExpressionDecompiler::decompilePCForStackOperand(jsbytecode* pc, int i) {
1659	return decompilePC(parser.offsetForStackOperand(script->pcToOffset(pc), i));
1660	}
1661
1662	bool ExpressionDecompiler::decompilePC(jsbytecode* pc, uint8_t defIndex) {
1663	MOZ_ASSERT(script->containsPC(pc))do { static_assert( mozilla::detail::AssertionConditionType< decltype(script->containsPC(pc))>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(script->containsPC(pc)))) , 0))) { do { } while (false); MOZ_ReportAssertionFailure("script->containsPC(pc)" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 1663); AnnotateMozCrashReason("MOZ_ASSERT" "(" "script->containsPC(pc)" ")"); do { ((volatile int)__null) = 1663; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
1664
1665	JSOp op = (JSOp)*pc;
1666
1667	if (const char* token = CodeToken[uint8_t(op)]) {
1668	MOZ_ASSERT(defIndex == 0)do { static_assert( mozilla::detail::AssertionConditionType< decltype(defIndex == 0)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(defIndex == 0))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("defIndex == 0", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 1668); AnnotateMozCrashReason("MOZ_ASSERT" "(" "defIndex == 0" ")"); do { ((volatile int)__null) = 1668; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
1669	MOZ_ASSERT(CodeSpec(op).ndefs == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(CodeSpec(op).ndefs == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(CodeSpec(op).ndefs == 1))), 0 ))) { do { } while (false); MOZ_ReportAssertionFailure("CodeSpec(op).ndefs == 1" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 1669); AnnotateMozCrashReason("MOZ_ASSERT" "(" "CodeSpec(op).ndefs == 1" ")"); do { ((volatile int)__null) = 1669; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
1670
1671	// Handle simple cases of binary and unary operators.
1672	switch (CodeSpec(op).nuses) {
1673	case 2: {
1674	const char* extra = "";
1675
1676	MOZ_ASSERT(pc + 1 < script->codeEnd(),do { static_assert( mozilla::detail::AssertionConditionType< decltype(pc + 1 < script->codeEnd())>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(pc + 1 < script->codeEnd ()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure ("pc + 1 < script->codeEnd()" " (" "binary opcode shouldn't be the last opcode in the script" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 1677); AnnotateMozCrashReason("MOZ_ASSERT" "(" "pc + 1 < script->codeEnd()" ") (" "binary opcode shouldn't be the last opcode in the script" ")"); do { ((volatile int)__null) = 1677; __attribute__((nomerge )) ::abort(); } while (false); } } while (false)
1677	"binary opcode shouldn't be the last opcode in the script")do { static_assert( mozilla::detail::AssertionConditionType< decltype(pc + 1 < script->codeEnd())>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(pc + 1 < script->codeEnd ()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure ("pc + 1 < script->codeEnd()" " (" "binary opcode shouldn't be the last opcode in the script" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 1677); AnnotateMozCrashReason("MOZ_ASSERT" "(" "pc + 1 < script->codeEnd()" ") (" "binary opcode shouldn't be the last opcode in the script" ")"); do { ((volatile int)__null) = 1677; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
1678	if (CodeSpec(op).length == 1 &&
1679	(JSOp)(*(pc + 1)) == JSOp::NopIsAssignOp) {
1680	extra = "=";
1681	}
1682
1683	return write("(") && decompilePCForStackOperand(pc, -2) && write(" ") &&
1684	write(token) && write(extra) && write(" ") &&
1685	decompilePCForStackOperand(pc, -1) && write(")");
1686	break;
1687	}
1688	case 1:
1689	return write("(") && write(token) &&
1690	decompilePCForStackOperand(pc, -1) && write(")");
1691	default:
1692	break;
1693	}
1694	}
1695
1696	switch (op) {
1697	case JSOp::DelName:
1698	return write("(delete ") && write(loadAtom(pc)) && write(")");
1699
1700	case JSOp::GetGName:
1701	case JSOp::GetName:
1702	case JSOp::GetIntrinsic:
1703	return write(loadAtom(pc));
1704	case JSOp::GetArg: {
1705	unsigned slot = GET_ARGNO(pc);
1706
1707	// For self-hosted scripts that are called from non-self-hosted code,
1708	// decompiling the parameter name in the self-hosted script is
1709	// unhelpful. Decompile the argument name instead.
1710	if (script->selfHosted()
1711	#ifdef DEBUG1
1712	// For stack dump, argument name is not necessary.
1713	&& !isStackDump
1714	#endif /* DEBUG */
1715	) {
1716	UniqueChars result;
1717	if (!DecompileArgumentFromStack(cx, slot, &result)) {
1718	return false;
1719	}
1720
1721	// Note that decompiling the argument in the parent frame might
1722	// not succeed.
1723	if (result) {
1724	return write(result.get());
1725	}
1726
1727	// If it fails, do not return parameter name and let the caller
1728	// fallback.
1729	return write("(intermediate value)");
1730	}
1731
1732	JSAtom* atom = getArg(slot);
1733	if (!atom) {
1734	return false;
1735	}
1736	return write(atom);
1737	}
1738	case JSOp::GetLocal: {
1739	JSAtom* atom = FrameSlotName(script, pc);
1740	MOZ_ASSERT(atom)do { static_assert( mozilla::detail::AssertionConditionType< decltype(atom)>::isValid, "invalid assertion condition"); if ((__builtin_expect(!!(!(!!(atom))), 0))) { do { } while (false ); MOZ_ReportAssertionFailure("atom", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 1740); AnnotateMozCrashReason("MOZ_ASSERT" "(" "atom" ")"); do { ((volatile int)__null) = 1740; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
1741	return write(atom);
1742	}
1743	case JSOp::GetAliasedVar: {
1744	JSAtom* atom = EnvironmentCoordinateNameSlow(script, pc);
1745	MOZ_ASSERT(atom)do { static_assert( mozilla::detail::AssertionConditionType< decltype(atom)>::isValid, "invalid assertion condition"); if ((__builtin_expect(!!(!(!!(atom))), 0))) { do { } while (false ); MOZ_ReportAssertionFailure("atom", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 1745); AnnotateMozCrashReason("MOZ_ASSERT" "(" "atom" ")"); do { ((volatile int)__null) = 1745; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
1746	return write(atom);
1747	}
1748
1749	case JSOp::DelProp:
1750	case JSOp::StrictDelProp:
1751	case JSOp::GetProp:
1752	case JSOp::GetBoundName: {
1753	bool hasDelete = op == JSOp::DelProp \|\| op == JSOp::StrictDelProp;
1754	Rooted<JSAtom*> prop(cx, loadAtom(pc));
1755	MOZ_ASSERT(prop)do { static_assert( mozilla::detail::AssertionConditionType< decltype(prop)>::isValid, "invalid assertion condition"); if ((__builtin_expect(!!(!(!!(prop))), 0))) { do { } while (false ); MOZ_ReportAssertionFailure("prop", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 1755); AnnotateMozCrashReason("MOZ_ASSERT" "(" "prop" ")"); do { ((volatile int)__null) = 1755; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
1756	return (hasDelete ? write("(delete ") : true) &&
1757	decompilePCForStackOperand(pc, -1) &&
1758	(IsIdentifier(prop)
1759	? write(".") && quote(prop, '\0')
1760	: write("[") && quote(prop, '\'') && write("]")) &&
1761	(hasDelete ? write(")") : true);
1762	}
1763	case JSOp::GetPropSuper: {
1764	Rooted<JSAtom*> prop(cx, loadAtom(pc));
1765	return write("super.") && quote(prop, '\0');
1766	}
1767	case JSOp::SetElem:
1768	case JSOp::StrictSetElem:
1769	// NOTE: We don't show the right hand side of the operation because
1770	// it's used in error messages like: "a[0] is not readable".
1771	//
1772	// We could though.
1773	return decompilePCForStackOperand(pc, -3) && write("[") &&
1774	decompilePCForStackOperand(pc, -2) && write("]");
1775
1776	case JSOp::DelElem:
1777	case JSOp::StrictDelElem:
1778	case JSOp::GetElem: {
1779	bool hasDelete = (op == JSOp::DelElem \|\| op == JSOp::StrictDelElem);
1780	return (hasDelete ? write("(delete ") : true) &&
1781	decompilePCForStackOperand(pc, -2) && write("[") &&
1782	decompilePCForStackOperand(pc, -1) && write("]") &&
1783	(hasDelete ? write(")") : true);
1784	}
1785
1786	case JSOp::GetElemSuper:
1787	return write("super[") && decompilePCForStackOperand(pc, -2) &&
1788	write("]");
1789	case JSOp::Null:
1790	return write("null");
1791	case JSOp::True:
1792	return write("true");
1793	case JSOp::False:
1794	return write("false");
1795	case JSOp::Zero:
1796	case JSOp::One:
1797	case JSOp::Int8:
1798	case JSOp::Uint16:
1799	case JSOp::Uint24:
1800	case JSOp::Int32:
1801	sprinter.printf("%d", GetBytecodeInteger(pc));
1802	return true;
1803	case JSOp::String:
1804	return quote(loadString(pc), '"');
1805	case JSOp::Symbol: {
1806	unsigned i = uint8_t(pc[1]);
1807	MOZ_ASSERT(i < JS::WellKnownSymbolLimit)do { static_assert( mozilla::detail::AssertionConditionType< decltype(i < JS::WellKnownSymbolLimit)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(i < JS::WellKnownSymbolLimit ))), 0))) { do { } while (false); MOZ_ReportAssertionFailure( "i < JS::WellKnownSymbolLimit", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 1807); AnnotateMozCrashReason("MOZ_ASSERT" "(" "i < JS::WellKnownSymbolLimit" ")"); do { ((volatile int)__null) = 1807; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
1808	if (i < JS::WellKnownSymbolLimit) {
1809	return write(cx->names().wellKnownSymbolDescriptions()[i]);
1810	}
1811	break;
1812	}
1813	case JSOp::Undefined:
1814	return write("undefined");
1815	case JSOp::GlobalThis:
1816	case JSOp::NonSyntacticGlobalThis:
1817	// \|this\| could convert to a very long object initialiser, so cite it by
1818	// its keyword name.
1819	return write("this");
1820	case JSOp::NewTarget:
1821	return write("new.target");
1822	case JSOp::ImportMeta:
1823	return write("import.meta");
1824	case JSOp::Call:
1825	case JSOp::CallContent:
1826	case JSOp::CallIgnoresRv:
1827	case JSOp::CallIter:
1828	case JSOp::CallContentIter: {
1829	uint16_t argc = GET_ARGC(pc);
1830	return decompilePCForStackOperand(pc, -int32_t(argc + 2)) &&
1831	write(argc ? "(...)" : "()");
1832	}
1833	case JSOp::SpreadCall:
1834	return decompilePCForStackOperand(pc, -3) && write("(...)");
1835	case JSOp::NewArray:
1836	return write("[]");
1837	case JSOp::RegExp: {
1838	Rooted<RegExpObject*> obj(cx, &script->getObject(pc)->as<RegExpObject>());
1839	JSString* str = RegExpObject::toString(cx, obj);
1840	if (!str) {
1841	return false;
1842	}
1843	return write(str);
1844	}
1845	case JSOp::Object: {
1846	JSObject* obj = script->getObject(pc);
1847	RootedValue objv(cx, ObjectValue(*obj));
1848	JSString* str = ValueToSource(cx, objv);
1849	if (!str) {
1850	return false;
1851	}
1852	return write(str);
1853	}
1854	case JSOp::Void:
1855	return write("(void ") && decompilePCForStackOperand(pc, -1) &&
1856	write(")");
1857
1858	case JSOp::SuperCall:
1859	if (GET_ARGC(pc) == 0) {
1860	return write("super()");
1861	}
1862	[[fallthrough]];
1863	case JSOp::SpreadSuperCall:
1864	return write("super(...)");
1865	case JSOp::SuperFun:
1866	return write("super");
1867
1868	case JSOp::Eval:
1869	case JSOp::SpreadEval:
1870	case JSOp::StrictEval:
1871	case JSOp::StrictSpreadEval:
1872	return write("eval(...)");
1873
1874	case JSOp::New:
1875	case JSOp::NewContent: {
1876	uint16_t argc = GET_ARGC(pc);
1877	return write("(new ") &&
1878	decompilePCForStackOperand(pc, -int32_t(argc + 3)) &&
1879	write(argc ? "(...))" : "())");
1880	}
1881
1882	case JSOp::SpreadNew:
1883	return write("(new ") && decompilePCForStackOperand(pc, -4) &&
1884	write("(...))");
1885
1886	case JSOp::DynamicImport:
1887	return write("import(...)");
1888
1889	case JSOp::Typeof:
1890	case JSOp::TypeofExpr:
1891	return write("(typeof ") && decompilePCForStackOperand(pc, -1) &&
1892	write(")");
1893
1894	case JSOp::TypeofEq: {
1895	auto operand = TypeofEqOperand::fromRawValue(GET_UINT8(pc));
1896	JSType type = operand.type();
1897	JSOp compareOp = operand.compareOp();
1898
1899	return write("(typeof ") && decompilePCForStackOperand(pc, -1) &&
1900	write(compareOp == JSOp::Ne ? " != \"" : " == \"") &&
1901	write(JSTypeToString(type)) && write("\")");
1902	}
1903
1904	case JSOp::InitElemArray:
1905	return write("[...]");
1906
1907	case JSOp::InitElemInc:
1908	if (defIndex == 0) {
1909	return write("[...]");
1910	}
1911	MOZ_ASSERT(defIndex == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(defIndex == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(defIndex == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("defIndex == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 1911); AnnotateMozCrashReason("MOZ_ASSERT" "(" "defIndex == 1" ")"); do { ((volatile int)__null) = 1911; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
1912	#ifdef DEBUG1
1913	// INDEX won't be be exposed to error message.
1914	if (isStackDump) {
1915	return write("INDEX");
1916	}
1917	#endif
1918	break;
1919
1920	case JSOp::ToNumeric:
1921	return write("(tonumeric ") && decompilePCForStackOperand(pc, -1) &&
1922	write(")");
1923
1924	case JSOp::Inc:
1925	return write("(inc ") && decompilePCForStackOperand(pc, -1) && write(")");
1926
1927	case JSOp::Dec:
1928	return write("(dec ") && decompilePCForStackOperand(pc, -1) && write(")");
1929
1930	case JSOp::BigInt:
1931	#if defined(DEBUG1) \|\| defined(JS_JITSPEW1)
1932	// BigInt::dumpLiteral() only available in this configuration.
1933	script->getBigInt(pc)->dumpLiteral(sprinter);
1934	return true;
1935	#else
1936	return write("[bigint]");
1937	#endif
1938
1939	case JSOp::BuiltinObject: {
1940	auto kind = BuiltinObjectKind(GET_UINT8(pc));
1941	return write(BuiltinObjectName(kind));
1942	}
1943
1944	#ifdef ENABLE_RECORD_TUPLE
1945	case JSOp::InitTuple:
1946	return write("#[]");
1947
1948	case JSOp::AddTupleElement:
1949	case JSOp::FinishTuple:
1950	return write("#[...]");
1951	#endif
1952
1953	default:
1954	break;
1955	}
1956
1957	#ifdef DEBUG1
1958	if (isStackDump) {
1959	// Special decompilation for stack dump.
1960	switch (op) {
1961	case JSOp::Arguments:
1962	return write("arguments");
1963
1964	case JSOp::ArgumentsLength:
1965	return write("arguments.length");
1966
1967	case JSOp::GetFrameArg:
1968	sprinter.printf("arguments[%u]", GET_ARGNO(pc));
1969	return true;
1970
1971	case JSOp::GetActualArg:
1972	return write("arguments[") && decompilePCForStackOperand(pc, -1) &&
1973	write("]");
1974
1975	case JSOp::BindUnqualifiedGName:
1976	return write("GLOBAL");
1977
1978	case JSOp::BindName:
1979	case JSOp::BindUnqualifiedName:
1980	case JSOp::BindVar:
1981	return write("ENV");
1982
1983	case JSOp::Callee:
1984	return write("CALLEE");
1985
1986	case JSOp::EnvCallee:
1987	return write("ENVCALLEE");
1988
1989	case JSOp::CallSiteObj:
1990	return write("OBJ");
1991
1992	case JSOp::Double:
1993	sprinter.printf("%lf", GET_INLINE_VALUE(pc).toDouble());
1994	return true;
1995
1996	case JSOp::Exception:
1997	return write("EXCEPTION");
1998
1999	case JSOp::ExceptionAndStack:
2000	if (defIndex == 0) {
2001	return write("EXCEPTION");
2002	}
2003	MOZ_ASSERT(defIndex == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(defIndex == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(defIndex == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("defIndex == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2003); AnnotateMozCrashReason("MOZ_ASSERT" "(" "defIndex == 1" ")"); do { ((volatile int)__null) = 2003; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2004	return write("STACK");
2005
2006	case JSOp::Try:
2007	// Used for the values live on entry to the finally block.
2008	// See TryNoteKind::Finally above.
2009	if (defIndex == 0) {
2010	return write("PC");
2011	}
2012	if (defIndex == 1) {
2013	return write("STACK");
2014	}
2015	MOZ_ASSERT(defIndex == 2)do { static_assert( mozilla::detail::AssertionConditionType< decltype(defIndex == 2)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(defIndex == 2))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("defIndex == 2", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2015); AnnotateMozCrashReason("MOZ_ASSERT" "(" "defIndex == 2" ")"); do { ((volatile int)__null) = 2015; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2016	return write("THROWING");
2017
2018	case JSOp::FunctionThis:
2019	case JSOp::ImplicitThis:
2020	return write("THIS");
2021
2022	case JSOp::FunWithProto:
2023	return write("FUN");
2024
2025	case JSOp::Generator:
2026	return write("GENERATOR");
2027
2028	case JSOp::GetImport:
2029	return write("VAL");
2030
2031	case JSOp::GetRval:
2032	return write("RVAL");
2033
2034	case JSOp::Hole:
2035	return write("HOLE");
2036
2037	case JSOp::IsGenClosing:
2038	// For stack dump, defIndex == 0 is not used.
2039	MOZ_ASSERT(defIndex == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(defIndex == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(defIndex == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("defIndex == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2039); AnnotateMozCrashReason("MOZ_ASSERT" "(" "defIndex == 1" ")"); do { ((volatile int)__null) = 2039; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2040	return write("ISGENCLOSING");
2041
2042	case JSOp::IsNoIter:
2043	// For stack dump, defIndex == 0 is not used.
2044	MOZ_ASSERT(defIndex == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(defIndex == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(defIndex == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("defIndex == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2044); AnnotateMozCrashReason("MOZ_ASSERT" "(" "defIndex == 1" ")"); do { ((volatile int)__null) = 2044; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2045	return write("ISNOITER");
2046
2047	case JSOp::IsConstructing:
2048	return write("JS_IS_CONSTRUCTING");
2049
2050	case JSOp::IsNullOrUndefined:
2051	return write("IS_NULL_OR_UNDEF");
2052
2053	case JSOp::Iter:
2054	return write("ITER");
2055
2056	case JSOp::Lambda:
2057	return write("FUN");
2058
2059	case JSOp::ToAsyncIter:
2060	return write("ASYNCITER");
2061
2062	case JSOp::MoreIter:
2063	// For stack dump, defIndex == 0 is not used.
2064	MOZ_ASSERT(defIndex == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(defIndex == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(defIndex == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("defIndex == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2064); AnnotateMozCrashReason("MOZ_ASSERT" "(" "defIndex == 1" ")"); do { ((volatile int)__null) = 2064; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2065	return write("MOREITER");
2066
2067	case JSOp::NewInit:
2068	case JSOp::NewObject:
2069	case JSOp::ObjWithProto:
2070	return write("OBJ");
2071
2072	case JSOp::OptimizeGetIterator:
2073	case JSOp::OptimizeSpreadCall:
2074	return write("OPTIMIZED");
2075
2076	case JSOp::Rest:
2077	return write("REST");
2078
2079	case JSOp::Resume:
2080	return write("RVAL");
2081
2082	case JSOp::SuperBase:
2083	return write("HOMEOBJECTPROTO");
2084
2085	case JSOp::ToPropertyKey:
2086	return write("TOPROPERTYKEY(") && decompilePCForStackOperand(pc, -1) &&
2087	write(")");
2088	case JSOp::ToString:
2089	return write("TOSTRING(") && decompilePCForStackOperand(pc, -1) &&
2090	write(")");
2091
2092	case JSOp::Uninitialized:
2093	return write("UNINITIALIZED");
2094
2095	case JSOp::InitialYield:
2096	case JSOp::Await:
2097	case JSOp::Yield:
2098	// Printing "yield SOMETHING" is confusing since the operand doesn't
2099	// match to the syntax, since the stack operand for "yield 10" is
2100	// the result object, not 10.
2101	if (defIndex == 0) {
2102	return write("RVAL");
2103	}
2104	if (defIndex == 1) {
2105	return write("GENERATOR");
2106	}
2107	MOZ_ASSERT(defIndex == 2)do { static_assert( mozilla::detail::AssertionConditionType< decltype(defIndex == 2)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(defIndex == 2))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("defIndex == 2", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2107); AnnotateMozCrashReason("MOZ_ASSERT" "(" "defIndex == 2" ")"); do { ((volatile int)__null) = 2107; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2108	return write("RESUMEKIND");
2109
2110	case JSOp::ResumeKind:
2111	return write("RESUMEKIND");
2112
2113	case JSOp::AsyncAwait:
2114	case JSOp::AsyncResolve:
2115	case JSOp::AsyncReject:
2116	return write("PROMISE");
2117
2118	case JSOp::CanSkipAwait:
2119	// For stack dump, defIndex == 0 is not used.
2120	MOZ_ASSERT(defIndex == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(defIndex == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(defIndex == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("defIndex == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2120); AnnotateMozCrashReason("MOZ_ASSERT" "(" "defIndex == 1" ")"); do { ((volatile int)__null) = 2120; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2121	return write("CAN_SKIP_AWAIT");
2122
2123	case JSOp::MaybeExtractAwaitValue:
2124	// For stack dump, defIndex == 1 is not used.
2125	MOZ_ASSERT(defIndex == 0)do { static_assert( mozilla::detail::AssertionConditionType< decltype(defIndex == 0)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(defIndex == 0))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("defIndex == 0", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2125); AnnotateMozCrashReason("MOZ_ASSERT" "(" "defIndex == 0" ")"); do { ((volatile int)__null) = 2125; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2126	return write("MAYBE_RESOLVED(") && decompilePCForStackOperand(pc, -2) &&
2127	write(")");
2128
2129	case JSOp::CheckPrivateField:
2130	return write("HasPrivateField");
2131
2132	case JSOp::NewPrivateName:
2133	return write("PRIVATENAME");
2134
2135	case JSOp::CheckReturn:
2136	return write("RVAL");
2137
2138	case JSOp::HasOwn:
2139	return write("HasOwn(") && decompilePCForStackOperand(pc, -2) &&
2140	write(", ") && decompilePCForStackOperand(pc, -1) && write(")");
2141
2142	# ifdef ENABLE_EXPLICIT_RESOURCE_MANAGEMENT1
2143	case JSOp::AddDisposable:
2144	return decompilePCForStackOperand(pc, -1);
2145
2146	case JSOp::TakeDisposeCapability:
2147	if (defIndex == 0) {
2148	return write("DISPOSECAPABILITY");
2149	}
2150	MOZ_ASSERT(defIndex == 1)do { static_assert( mozilla::detail::AssertionConditionType< decltype(defIndex == 1)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(defIndex == 1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("defIndex == 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2150); AnnotateMozCrashReason("MOZ_ASSERT" "(" "defIndex == 1" ")"); do { ((volatile int)__null) = 2150; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2151	return write("COUNT");
2152	# endif
2153
2154	default:
2155	break;
2156	}
2157	return write("<unknown>");
2158	}
2159	#endif /* DEBUG */
2160
2161	return write("(intermediate value)");
2162	}
2163
2164	bool ExpressionDecompiler::decompilePC(
2165	const OffsetAndDefIndex& offsetAndDefIndex) {
2166	if (offsetAndDefIndex.isSpecial()) {
2167	#ifdef DEBUG1
2168	if (isStackDump) {
2169	if (offsetAndDefIndex.isMerged()) {
2170	if (!write("merged<")) {
2171	return false;
2172	}
2173	} else if (offsetAndDefIndex.isIgnored()) {
2174	if (!write("ignored<")) {
2175	return false;
2176	}
2177	}
2178
2179	if (!decompilePC(script->offsetToPC(offsetAndDefIndex.specialOffset()),
2180	offsetAndDefIndex.specialDefIndex())) {
2181	return false;
2182	}
2183
2184	if (!write(">")) {
2185	return false;
2186	}
2187
2188	return true;
2189	}
2190	#endif /* DEBUG */
2191	return write("(intermediate value)");
2192	}
2193
2194	return decompilePC(script->offsetToPC(offsetAndDefIndex.offset()),
2195	offsetAndDefIndex.defIndex());
2196	}
2197
2198	bool ExpressionDecompiler::init() {
2199	cx->check(script);
2200	return sprinter.init();
2201	}
2202
2203	bool ExpressionDecompiler::write(const char* s) {
2204	sprinter.put(s);
2205	return true;
2206	}
2207
2208	bool ExpressionDecompiler::write(JSString* str) {
2209	if (str == cx->names().dot_this_) {
2210	return write("this");
2211	}
2212	if (str == cx->names().dot_newTarget_) {
2213	return write("new.target");
2214	}
2215	sprinter.putString(cx, str);
2216	return true;
2217	}
2218
2219	bool ExpressionDecompiler::quote(JSString* s, char quote) {
2220	QuoteString(&sprinter, s, quote);
2221	return true;
2222	}
2223
2224	JSAtom* ExpressionDecompiler::loadAtom(jsbytecode* pc) {
2225	return script->getAtom(pc);
2226	}
2227
2228	JSString* ExpressionDecompiler::loadString(jsbytecode* pc) {
2229	return script->getString(pc);
2230	}
2231
2232	JSAtom* ExpressionDecompiler::getArg(unsigned slot) {
2233	MOZ_ASSERT(script->isFunction())do { static_assert( mozilla::detail::AssertionConditionType< decltype(script->isFunction())>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(script->isFunction()))), 0 ))) { do { } while (false); MOZ_ReportAssertionFailure("script->isFunction()" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2233); AnnotateMozCrashReason("MOZ_ASSERT" "(" "script->isFunction()" ")"); do { ((volatile int)__null) = 2233; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2234	MOZ_ASSERT(slot < script->numArgs())do { static_assert( mozilla::detail::AssertionConditionType< decltype(slot < script->numArgs())>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(slot < script->numArgs ()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure ("slot < script->numArgs()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2234); AnnotateMozCrashReason("MOZ_ASSERT" "(" "slot < script->numArgs()" ")"); do { ((volatile int)__null) = 2234; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2235
2236	for (PositionalFormalParameterIter fi(script); fi; fi++) {
2237	if (fi.argumentSlot() == slot) {
2238	if (!fi.isDestructured()) {
2239	return fi.name();
2240	}
2241
2242	// Destructured arguments have no single binding name.
2243	static const char destructuredParam[] = "(destructured parameter)";
2244	return Atomize(cx, destructuredParam, strlen(destructuredParam));
2245	}
2246	}
2247
2248	MOZ_CRASH("No binding")do { do { } while (false); MOZ_ReportCrash("" "No binding", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2248); AnnotateMozCrashReason("MOZ_CRASH(" "No binding" ")" ); do { ((volatile int)__null) = 2248; __attribute__((nomerge )) ::abort(); } while (false); } while (false);
2249	}
2250
2251	UniqueChars ExpressionDecompiler::getOutput() { return sprinter.release(); }
2252
2253	} // anonymous namespace
2254
2255	#if defined(DEBUG1) \|\| defined(JS_JITSPEW1)
2256	static bool DecompileAtPCForStackDump(
2257	JSContext* cx, HandleScript script,
2258	const OffsetAndDefIndex& offsetAndDefIndex, StringPrinter* sp) {
2259	// The expression decompiler asserts the script is in the current realm.
2260	AutoRealm ar(cx, script);
2261
2262	LifoAllocScope allocScope(&cx->tempLifoAlloc());
2263	BytecodeParser parser(cx, allocScope.alloc(), script);
2264	parser.setStackDump();
2265	if (!parser.parse()) {
2266	return false;
2267	}
2268
2269	ExpressionDecompiler ed(cx, script, parser);
2270	ed.setStackDump();
2271	if (!ed.init()) {
2272	return false;
2273	}
2274
2275	if (!ed.decompilePC(offsetAndDefIndex)) {
2276	return false;
2277	}
2278
2279	UniqueChars result = ed.getOutput();
2280	if (!result) {
2281	return false;
2282	}
2283
2284	sp->put(result.get());
2285	return true;
2286	}
2287	#endif /* defined(DEBUG) \|\| defined(JS_JITSPEW) */
2288
2289	static bool FindStartPC(JSContext* cx, const FrameIter& iter,
2290	const BytecodeParser& parser, int spindex,
2291	int skipStackHits, const Value& v, jsbytecode** valuepc,
2292	uint8_t* defIndex) {
2293	jsbytecode* current = *valuepc;
2294	*valuepc = nullptr;
2295	*defIndex = 0;
2296
2297	if (spindex < 0 && spindex + int(parser.stackDepthAtPC(current)) < 0) {
2298	spindex = JSDVG_SEARCH_STACK1;
2299	}
2300
2301	if (spindex == JSDVG_SEARCH_STACK1) {
2302	size_t index = iter.numFrameSlots();
2303
2304	// The decompiler may be called from inside functions that are not
2305	// called from script, but via the C++ API directly, such as
2306	// Invoke. In that case, the youngest script frame may have a
2307	// completely unrelated pc and stack depth, so we give up.
2308	if (index < size_t(parser.stackDepthAtPC(current))) {
2309	return true;
2310	}
2311
2312	// We search from fp->sp to base to find the most recently calculated
2313	// value matching v under assumption that it is the value that caused
2314	// the exception.
2315	int stackHits = 0;
2316	Value s;
2317	do {
2318	if (!index) {
2319	return true;
2320	}
2321	s = iter.frameSlotValue(--index);
2322	} while (s != v \|\| stackHits++ != skipStackHits);
2323
2324	// If the current PC has fewer values on the stack than the index we are
2325	// looking for, the blamed value must be one pushed by the current
2326	// bytecode (e.g. JSOp::MoreIter), so restore *valuepc.
2327	if (index < size_t(parser.stackDepthAtPC(current))) {
2328	*valuepc = parser.pcForStackOperand(current, index, defIndex);
2329	} else {
2330	*valuepc = current;
2331	*defIndex = index - size_t(parser.stackDepthAtPC(current));
2332	}
2333	} else {
2334	*valuepc = parser.pcForStackOperand(current, spindex, defIndex);
2335	}
2336	return true;
2337	}
2338
2339	static bool DecompileExpressionFromStack(JSContext* cx, int spindex,
2340	int skipStackHits, HandleValue v,
2341	UniqueChars* res) {
2342	MOZ_ASSERT(spindex < 0 \|\| spindex == JSDVG_IGNORE_STACK \|\|do { static_assert( mozilla::detail::AssertionConditionType< decltype(spindex < 0 \|\| spindex == 0 \|\| spindex == 1)>:: isValid, "invalid assertion condition"); if ((__builtin_expect (!!(!(!!(spindex < 0 \|\| spindex == 0 \|\| spindex == 1))), 0 ))) { do { } while (false); MOZ_ReportAssertionFailure("spindex < 0 \|\| spindex == 0 \|\| spindex == 1" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2343); AnnotateMozCrashReason("MOZ_ASSERT" "(" "spindex < 0 \|\| spindex == 0 \|\| spindex == 1" ")"); do { ((volatile int)__null) = 2343; __attribute__((nomerge )) ::abort(); } while (false); } } while (false)
2343	spindex == JSDVG_SEARCH_STACK)do { static_assert( mozilla::detail::AssertionConditionType< decltype(spindex < 0 \|\| spindex == 0 \|\| spindex == 1)>:: isValid, "invalid assertion condition"); if ((__builtin_expect (!!(!(!!(spindex < 0 \|\| spindex == 0 \|\| spindex == 1))), 0 ))) { do { } while (false); MOZ_ReportAssertionFailure("spindex < 0 \|\| spindex == 0 \|\| spindex == 1" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2343); AnnotateMozCrashReason("MOZ_ASSERT" "(" "spindex < 0 \|\| spindex == 0 \|\| spindex == 1" ")"); do { ((volatile int)__null) = 2343; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2344
2345	*res = nullptr;
2346
2347	/*
2348	* Give up if we need deterministic behavior for differential testing.
2349	* IonMonkey doesn't use InterpreterFrames and this ensures we get the same
2350	* error messages.
2351	*/
2352	if (js::SupportDifferentialTesting()) {
2353	return true;
2354	}
2355
2356	if (spindex == JSDVG_IGNORE_STACK0) {
2357	return true;
2358	}
2359
2360	FrameIter frameIter(cx);
2361
2362	if (frameIter.done() \|\| !frameIter.hasScript() \|\|
2363	frameIter.realm() != cx->realm() \|\| frameIter.inPrologue()) {
2364	return true;
2365	}
2366
2367	/*
2368	* FIXME: Fall back if iter.isIon(), since the stack snapshot may be for the
2369	* previous pc (see bug 831120).
2370	*/
2371	if (frameIter.isIon()) {
2372	return true;
2373	}
2374
2375	RootedScript script(cx, frameIter.script());
2376	jsbytecode* valuepc = frameIter.pc();
2377
2378	MOZ_ASSERT(script->containsPC(valuepc))do { static_assert( mozilla::detail::AssertionConditionType< decltype(script->containsPC(valuepc))>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(script->containsPC(valuepc )))), 0))) { do { } while (false); MOZ_ReportAssertionFailure ("script->containsPC(valuepc)", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2378); AnnotateMozCrashReason("MOZ_ASSERT" "(" "script->containsPC(valuepc)" ")"); do { ((volatile int)__null) = 2378; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2379
2380	LifoAllocScope allocScope(&cx->tempLifoAlloc());
2381	BytecodeParser parser(cx, allocScope.alloc(), frameIter.script());
2382	if (!parser.parse()) {
2383	return false;
2384	}
2385
2386	uint8_t defIndex;
2387	if (!FindStartPC(cx, frameIter, parser, spindex, skipStackHits, v, &valuepc,
2388	&defIndex)) {
2389	return false;
2390	}
2391	if (!valuepc) {
2392	return true;
2393	}
2394
2395	ExpressionDecompiler ed(cx, script, parser);
2396	if (!ed.init()) {
2397	return false;
2398	}
2399	if (!ed.decompilePC(valuepc, defIndex)) {
2400	return false;
2401	}
2402
2403	*res = ed.getOutput();
2404	return *res != nullptr;
2405	}
2406
2407	UniqueChars js::DecompileValueGenerator(JSContext* cx, int spindex,
2408	HandleValue v, HandleString fallbackArg,
2409	int skipStackHits) {
2410	RootedString fallback(cx, fallbackArg);
2411	{
2412	UniqueChars result;
2413	if (!DecompileExpressionFromStack(cx, spindex, skipStackHits, v, &result)) {
2414	return nullptr;
2415	}
2416	if (result && strcmp(result.get(), "(intermediate value)")) {
2417	return result;
2418	}
2419	}
2420	if (!fallback) {
2421	if (v.isUndefined()) {
2422	return DuplicateString(cx, "undefined"); // Prevent users from seeing
2423	// "(void 0)"
2424	}
2425	fallback = ValueToSource(cx, v);
2426	if (!fallback) {
2427	return nullptr;
2428	}
2429	}
2430
2431	return StringToNewUTF8CharsZ(cx, *fallback);
2432	}
2433
2434	static bool DecompileArgumentFromStack(JSContext* cx, int formalIndex,
2435	UniqueChars* res) {
2436	MOZ_ASSERT(formalIndex >= 0)do { static_assert( mozilla::detail::AssertionConditionType< decltype(formalIndex >= 0)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(formalIndex >= 0))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("formalIndex >= 0" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2436); AnnotateMozCrashReason("MOZ_ASSERT" "(" "formalIndex >= 0" ")"); do { ((volatile int)__null) = 2436; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2437
2438	*res = nullptr;
2439
2440	/* See note in DecompileExpressionFromStack. */
2441	if (js::SupportDifferentialTesting()) {
2442	return true;
2443	}
2444
2445	/*
2446	* Settle on the nearest script frame, which should be the builtin that
2447	* called the intrinsic.
2448	*/
2449	FrameIter frameIter(cx);
2450	MOZ_ASSERT(!frameIter.done())do { static_assert( mozilla::detail::AssertionConditionType< decltype(!frameIter.done())>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(!frameIter.done()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("!frameIter.done()" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2450); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!frameIter.done()" ")"); do { ((volatile int)__null) = 2450; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2451	MOZ_ASSERT(frameIter.script()->selfHosted())do { static_assert( mozilla::detail::AssertionConditionType< decltype(frameIter.script()->selfHosted())>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(frameIter.script()->selfHosted ()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure ("frameIter.script()->selfHosted()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2451); AnnotateMozCrashReason("MOZ_ASSERT" "(" "frameIter.script()->selfHosted()" ")"); do { ((volatile int)__null) = 2451; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2452
2453	/*
2454	* Get the second-to-top frame, the non-self-hosted caller of the builtin
2455	* that called the intrinsic.
2456	*/
2457	++frameIter;
2458	if (frameIter.done() \|\| !frameIter.hasScript() \|\|
2459	frameIter.script()->selfHosted() \|\| frameIter.realm() != cx->realm()) {
2460	return true;
2461	}
2462
2463	RootedScript script(cx, frameIter.script());
2464	jsbytecode* current = frameIter.pc();
2465
2466	MOZ_ASSERT(script->containsPC(current))do { static_assert( mozilla::detail::AssertionConditionType< decltype(script->containsPC(current))>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(script->containsPC(current )))), 0))) { do { } while (false); MOZ_ReportAssertionFailure ("script->containsPC(current)", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2466); AnnotateMozCrashReason("MOZ_ASSERT" "(" "script->containsPC(current)" ")"); do { ((volatile int)__null) = 2466; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2467
2468	if (current < script->main()) {
2469	return true;
2470	}
2471
2472	/* Don't handle getters, setters or calls from fun.call/fun.apply. */
2473	JSOp op = JSOp(*current);
2474	if (op != JSOp::Call && op != JSOp::CallContent &&
2475	op != JSOp::CallIgnoresRv && op != JSOp::New && op != JSOp::NewContent) {
2476	return true;
2477	}
2478
2479	if (static_cast<unsigned>(formalIndex) >= GET_ARGC(current)) {
2480	return true;
2481	}
2482
2483	LifoAllocScope allocScope(&cx->tempLifoAlloc());
2484	BytecodeParser parser(cx, allocScope.alloc(), script);
2485	if (!parser.parse()) {
2486	return false;
2487	}
2488
2489	bool pushedNewTarget = op == JSOp::New \|\| op == JSOp::NewContent;
2490	int formalStackIndex = parser.stackDepthAtPC(current) - GET_ARGC(current) -
2491	pushedNewTarget + formalIndex;
2492	MOZ_ASSERT(formalStackIndex >= 0)do { static_assert( mozilla::detail::AssertionConditionType< decltype(formalStackIndex >= 0)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(formalStackIndex >= 0))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("formalStackIndex >= 0" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2492); AnnotateMozCrashReason("MOZ_ASSERT" "(" "formalStackIndex >= 0" ")"); do { ((volatile int)__null) = 2492; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2493	if (uint32_t(formalStackIndex) >= parser.stackDepthAtPC(current)) {
2494	return true;
2495	}
2496
2497	ExpressionDecompiler ed(cx, script, parser);
2498	if (!ed.init()) {
2499	return false;
2500	}
2501	if (!ed.decompilePCForStackOperand(current, formalStackIndex)) {
2502	return false;
2503	}
2504
2505	*res = ed.getOutput();
2506	return *res != nullptr;
2507	}
2508
2509	JSString* js::DecompileArgument(JSContext* cx, int formalIndex, HandleValue v) {
2510	{
2511	UniqueChars result;
2512	if (!DecompileArgumentFromStack(cx, formalIndex, &result)) {
2513	return nullptr;
2514	}
2515	if (result && strcmp(result.get(), "(intermediate value)")) {
2516	JS::ConstUTF8CharsZ utf8chars(result.get(), strlen(result.get()));
2517	return NewStringCopyUTF8Z(cx, utf8chars);
2518	}
2519	}
2520	if (v.isUndefined()) {
2521	return cx->names().undefined; // Prevent users from seeing "(void 0)"
2522	}
2523
2524	return ValueToSource(cx, v);
2525	}
2526
2527	extern bool js::IsValidBytecodeOffset(JSContext* cx, JSScript* script,
2528	size_t offset) {
2529	// This could be faster (by following jump instructions if the target
2530	// is <= offset).
2531	for (BytecodeRange r(cx, script); !r.empty(); r.popFront()) {
2532	size_t here = r.frontOffset();
2533	if (here >= offset) {
2534	return here == offset;
2535	}
2536	}
2537	return false;
2538	}
2539
2540	/*
2541	* There are three possible PCCount profiling states:
2542	*
2543	* 1. None: Neither scripts nor the runtime have count information.
2544	* 2. Profile: Active scripts have count information, the runtime does not.
2545	* 3. Query: Scripts do not have count information, the runtime does.
2546	*
2547	* When starting to profile scripts, counting begins immediately, with all JIT
2548	* code discarded and recompiled with counts as necessary. Active interpreter
2549	* frames will not begin profiling until they begin executing another script
2550	* (via a call or return).
2551	*
2552	* The below API functions manage transitions to new states, according
2553	* to the table below.
2554	*
2555	* Old State
2556	* -------------------------
2557	* Function None Profile Query
2558	* --------
2559	* StartPCCountProfiling Profile Profile Profile
2560	* StopPCCountProfiling None Query Query
2561	* PurgePCCounts None None None
2562	*/
2563
2564	static void ReleaseScriptCounts(JSRuntime* rt) {
2565	MOZ_ASSERT(rt->scriptAndCountsVector)do { static_assert( mozilla::detail::AssertionConditionType< decltype(rt->scriptAndCountsVector)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(rt->scriptAndCountsVector ))), 0))) { do { } while (false); MOZ_ReportAssertionFailure( "rt->scriptAndCountsVector", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2565); AnnotateMozCrashReason("MOZ_ASSERT" "(" "rt->scriptAndCountsVector" ")"); do { ((volatile int)__null) = 2565; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2566
2567	js_delete(rt->scriptAndCountsVector.ref());
2568	rt->scriptAndCountsVector = nullptr;
2569	}
2570
2571	void JS::StartPCCountProfiling(JSContext* cx) {
2572	JSRuntime* rt = cx->runtime();
2573
2574	if (rt->profilingScripts) {
2575	return;
2576	}
2577
2578	if (rt->scriptAndCountsVector) {
2579	ReleaseScriptCounts(rt);
2580	}
2581
2582	ReleaseAllJITCode(rt->gcContext());
2583
2584	rt->profilingScripts = true;
2585	}
2586
2587	void JS::StopPCCountProfiling(JSContext* cx) {
2588	JSRuntime* rt = cx->runtime();
2589
2590	if (!rt->profilingScripts) {
2591	return;
2592	}
2593	MOZ_ASSERT(!rt->scriptAndCountsVector)do { static_assert( mozilla::detail::AssertionConditionType< decltype(!rt->scriptAndCountsVector)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(!rt->scriptAndCountsVector ))), 0))) { do { } while (false); MOZ_ReportAssertionFailure( "!rt->scriptAndCountsVector", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2593); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!rt->scriptAndCountsVector" ")"); do { ((volatile int)__null) = 2593; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2594
2595	ReleaseAllJITCode(rt->gcContext());
2596
2597	auto* vec = cx->new_<PersistentRooted<ScriptAndCountsVector>>(
2598	cx, ScriptAndCountsVector());
2599	if (!vec) {
2600	return;
2601	}
2602
2603	for (ZonesIter zone(rt, SkipAtoms); !zone.done(); zone.next()) {
2604	for (auto base = zone->cellIter<BaseScript>(); !base.done(); base.next()) {
2605	if (base->hasScriptCounts() && base->hasJitScript()) {
2606	if (!vec->append(base->asJSScript())) {
2607	return;
2608	}
2609	}
2610	}
2611	}
2612
2613	rt->profilingScripts = false;
2614	rt->scriptAndCountsVector = vec;
2615	}
2616
2617	void JS::PurgePCCounts(JSContext* cx) {
2618	JSRuntime* rt = cx->runtime();
2619
2620	if (!rt->scriptAndCountsVector) {
2621	return;
2622	}
2623	MOZ_ASSERT(!rt->profilingScripts)do { static_assert( mozilla::detail::AssertionConditionType< decltype(!rt->profilingScripts)>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(!rt->profilingScripts))), 0))) { do { } while (false); MOZ_ReportAssertionFailure("!rt->profilingScripts" , "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2623); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!rt->profilingScripts" ")"); do { ((volatile int)__null) = 2623; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2624
2625	ReleaseScriptCounts(rt);
2626	}
2627
2628	size_t JS::GetPCCountScriptCount(JSContext* cx) {
2629	JSRuntime* rt = cx->runtime();
2630
2631	if (!rt->scriptAndCountsVector) {
2632	return 0;
2633	}
2634
2635	return rt->scriptAndCountsVector->length();
2636	}
2637
2638	[[nodiscard]] static bool JSONStringProperty(StringPrinter& sp,
2639	JSONPrinter& json,
2640	const char* name, JSString* str) {
2641	json.beginStringProperty(name);
2642	JSONQuoteString(&sp, str);
2643	json.endStringProperty();
2644	return true;
2645	}
2646
2647	JSString* JS::GetPCCountScriptSummary(JSContext* cx, size_t index) {
2648	JSRuntime* rt = cx->runtime();
2649
2650	if (!rt->scriptAndCountsVector \|\|
2651	index >= rt->scriptAndCountsVector->length()) {
2652	JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
2653	JSMSG_BUFFER_TOO_SMALL);
2654	return nullptr;
2655	}
2656
2657	const ScriptAndCounts& sac = (*rt->scriptAndCountsVector)[index];
2658	RootedScript script(cx, sac.script);
2659
2660	JSSprinter sp(cx);
2661	if (!sp.init()) {
2662	return nullptr;
2663	}
2664
2665	JSONPrinter json(sp, false);
2666
2667	json.beginObject();
2668
2669	Rooted<JSString*> filenameStr(cx);
2670	if (const char* filename = script->filename()) {
2671	filenameStr =
2672	JS_NewStringCopyUTF8N(cx, JS::UTF8Chars(filename, strlen(filename)));
2673	} else {
2674	filenameStr = JS_GetEmptyString(cx);
2675	}
2676	if (!filenameStr) {
2677	return nullptr;
2678	}
2679	if (!JSONStringProperty(sp, json, "file", filenameStr)) {
2680	return nullptr;
2681	}
2682	json.property("line", script->lineno());
2683
2684	if (JSFunction* fun = script->function()) {
2685	if (JSAtom* atom = fun->fullDisplayAtom()) {
2686	if (!JSONStringProperty(sp, json, "name", atom)) {
2687	return nullptr;
2688	}
2689	}
2690	}
2691
2692	uint64_t total = 0;
2693
2694	AllBytecodesIterable iter(script);
2695	for (BytecodeLocation loc : iter) {
2696	if (const PCCounts* counts = sac.maybeGetPCCounts(loc.toRawBytecode())) {
2697	total += counts->numExec();
2698	}
2699	}
2700
2701	json.beginObjectProperty("totals");
2702
2703	json.property(PCCounts::numExecName, total);
2704
2705	uint64_t ionActivity = 0;
2706	jit::IonScriptCounts* ionCounts = sac.getIonCounts();
2707	while (ionCounts) {
2708	for (size_t i = 0; i < ionCounts->numBlocks(); i++) {
2709	ionActivity += ionCounts->block(i).hitCount();
2710	}
2711	ionCounts = ionCounts->previous();
2712	}
2713	if (ionActivity) {
2714	json.property("ion", ionActivity);
2715	}
2716
2717	json.endObject();
2718
2719	json.endObject();
2720
2721	return sp.release(cx);
2722	}
2723
2724	static bool GetPCCountJSON(JSContext* cx, const ScriptAndCounts& sac,
2725	StringPrinter& sp) {
2726	JSONPrinter json(sp, false);
2727
2728	RootedScript script(cx, sac.script);
2729
2730	LifoAllocScope allocScope(&cx->tempLifoAlloc());
2731	BytecodeParser parser(cx, allocScope.alloc(), script);
2732	if (!parser.parse()) {
2733	return false;
2734	}
2735
2736	json.beginObject();
2737
2738	JSString* str = JS_DecompileScript(cx, script);
2739	if (!str) {
2740	return false;
2741	}
2742
2743	if (!JSONStringProperty(sp, json, "text", str)) {
2744	return false;
2745	}
2746
2747	json.property("line", script->lineno());
2748
2749	json.beginListProperty("opcodes");
2750
2751	uint64_t hits = 0;
2752	for (BytecodeRangeWithPosition range(cx, script); !range.empty();
2753	range.popFront()) {
2754	jsbytecode* pc = range.frontPC();
2755	size_t offset = script->pcToOffset(pc);
2756	JSOp op = JSOp(*pc);
2757
2758	// If the current instruction is a jump target,
2759	// then update the number of hits.
2760	if (const PCCounts* counts = sac.maybeGetPCCounts(pc)) {
2761	hits = counts->numExec();
2762	}
2763
2764	json.beginObject();
2765
2766	json.property("id", offset);
2767	json.property("line", range.frontLineNumber());
2768	json.property("name", CodeName(op));
2769
2770	{
2771	ExpressionDecompiler ed(cx, script, parser);
2772	if (!ed.init()) {
2773	return false;
2774	}
2775	// defIndex passed here is not used.
2776	if (!ed.decompilePC(pc, /* defIndex = */ 0)) {
2777	return false;
2778	}
2779	UniqueChars text = ed.getOutput();
2780	if (!text) {
2781	return false;
2782	}
2783
2784	JS::ConstUTF8CharsZ utf8chars(text.get(), strlen(text.get()));
2785	JSString* str = NewStringCopyUTF8Z(cx, utf8chars);
2786	if (!str) {
2787	return false;
2788	}
2789
2790	if (!JSONStringProperty(sp, json, "text", str)) {
2791	return false;
2792	}
2793	}
2794
2795	json.beginObjectProperty("counts");
2796	if (hits > 0) {
2797	json.property(PCCounts::numExecName, hits);
2798	}
2799	json.endObject();
2800
2801	json.endObject();
2802
2803	// If the current instruction has thrown,
2804	// then decrement the hit counts with the number of throws.
2805	if (const PCCounts* counts = sac.maybeGetThrowCounts(pc)) {
2806	hits -= counts->numExec();
2807	}
2808	}
2809
2810	json.endList();
2811
2812	if (jit::IonScriptCounts* ionCounts = sac.getIonCounts()) {
2813	json.beginListProperty("ion");
2814
2815	while (ionCounts) {
2816	json.beginList();
2817	for (size_t i = 0; i < ionCounts->numBlocks(); i++) {
2818	const jit::IonBlockCounts& block = ionCounts->block(i);
2819
2820	json.beginObject();
2821	json.property("id", block.id());
2822	json.property("offset", block.offset());
2823
2824	json.beginListProperty("successors");
2825	for (size_t j = 0; j < block.numSuccessors(); j++) {
2826	json.value(block.successor(j));
2827	}
2828	json.endList();
2829
2830	json.property("hits", block.hitCount());
2831
2832	JSString* str = NewStringCopyZ<CanGC>(cx, block.code());
2833	if (!str) {
2834	return false;
2835	}
2836
2837	if (!JSONStringProperty(sp, json, "code", str)) {
2838	return false;
2839	}
2840
2841	json.endObject();
2842	}
2843	json.endList();
2844
2845	ionCounts = ionCounts->previous();
2846	}
2847
2848	json.endList();
2849	}
2850
2851	json.endObject();
2852
2853	return true;
2854	}
2855
2856	JSString* JS::GetPCCountScriptContents(JSContext* cx, size_t index) {
2857	JSRuntime* rt = cx->runtime();
2858
2859	if (!rt->scriptAndCountsVector \|\|
2860	index >= rt->scriptAndCountsVector->length()) {
2861	JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
2862	JSMSG_BUFFER_TOO_SMALL);
2863	return nullptr;
2864	}
2865
2866	const ScriptAndCounts& sac = (*rt->scriptAndCountsVector)[index];
2867	JSScript* script = sac.script;
2868
2869	JSSprinter sp(cx);
2870	if (!sp.init()) {
2871	return nullptr;
2872	}
2873
2874	{
2875	AutoRealm ar(cx, &script->global());
2876	if (!GetPCCountJSON(cx, sac, sp)) {
2877	return nullptr;
2878	}
2879	}
2880
2881	return sp.release(cx);
2882	}
2883
2884	struct CollectedScripts {
2885	MutableHandle<ScriptVector> scripts;
2886	bool ok = true;
2887
2888	explicit CollectedScripts(MutableHandle<ScriptVector> scripts)
2889	: scripts(scripts) {}
2890
2891	static void consider(JSRuntime* rt, void* data, BaseScript* script,
2892	const JS::AutoRequireNoGC& nogc) {
2893	auto self = static_cast<CollectedScripts*>(data);
2894	if (!script->filename()) {
2895	return;
2896	}
2897	if (!self->scripts.append(script->asJSScript())) {
2898	self->ok = false;
2899	}
2900	}
2901	};
2902
2903	static bool GenerateLcovInfo(JSContext* cx, JS::Realm* realm,
2904	GenericPrinter& out) {
2905	AutoRealmUnchecked ar(cx, realm);
2906
2907	// Collect the list of scripts which are part of the current realm.
2908
2909	MOZ_RELEASE_ASSERT(do { static_assert( mozilla::detail::AssertionConditionType< decltype(coverage::IsLCovEnabled())>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(coverage::IsLCovEnabled()))) , 0))) { do { } while (false); MOZ_ReportAssertionFailure("coverage::IsLCovEnabled()" " (" "Coverage must be enabled for process before generating LCov info" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2911); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "coverage::IsLCovEnabled()" ") (" "Coverage must be enabled for process before generating LCov info" ")"); do { ((volatile int)__null) = 2911; __attribute__((nomerge )) ::abort(); } while (false); } } while (false)
2910	coverage::IsLCovEnabled(),do { static_assert( mozilla::detail::AssertionConditionType< decltype(coverage::IsLCovEnabled())>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(coverage::IsLCovEnabled()))) , 0))) { do { } while (false); MOZ_ReportAssertionFailure("coverage::IsLCovEnabled()" " (" "Coverage must be enabled for process before generating LCov info" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2911); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "coverage::IsLCovEnabled()" ") (" "Coverage must be enabled for process before generating LCov info" ")"); do { ((volatile int)__null) = 2911; __attribute__((nomerge )) ::abort(); } while (false); } } while (false)
2911	"Coverage must be enabled for process before generating LCov info")do { static_assert( mozilla::detail::AssertionConditionType< decltype(coverage::IsLCovEnabled())>::isValid, "invalid assertion condition" ); if ((__builtin_expect(!!(!(!!(coverage::IsLCovEnabled()))) , 0))) { do { } while (false); MOZ_ReportAssertionFailure("coverage::IsLCovEnabled()" " (" "Coverage must be enabled for process before generating LCov info" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/BytecodeUtil.cpp" , 2911); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "coverage::IsLCovEnabled()" ") (" "Coverage must be enabled for process before generating LCov info" ")"); do { ((volatile int)__null) = 2911; __attribute__((nomerge )) ::abort(); } while (false); } } while (false);
2912
2913	// Hold the scripts that we have already flushed, to avoid flushing them
2914	// twice.
2915	using JSScriptSet = GCHashSet<JSScript*>;
2916	Rooted<JSScriptSet> scriptsDone(cx, JSScriptSet(cx));
2917
2918	Rooted<ScriptVector> queue(cx, ScriptVector(cx));
2919
2920	{
2921	CollectedScripts result(&queue);
2922	IterateScripts(cx, realm, &result, &CollectedScripts::consider);
2923	if (!result.ok) {
2924	ReportOutOfMemory(cx);
2925	return false;
2926	}
2927	}
2928
2929	if (queue.length() == 0) {
2930	return true;
2931	}
2932
2933	// Ensure the LCovRealm exists to collect info into.
2934	coverage::LCovRealm* lcovRealm = realm->lcovRealm();
2935	if (!lcovRealm) {
2936	return false;
2937	}
2938
2939	// Collect code coverage info for one realm.
2940	do {
2941	RootedScript script(cx, queue.popCopy());
2942	RootedFunction fun(cx);
2943
2944	JSScriptSet::AddPtr entry = scriptsDone.lookupForAdd(script);
2945	if (entry) {
2946	continue;
2947	}
2948
2949	if (!coverage::CollectScriptCoverage(script, false)) {
2950	ReportOutOfMemory(cx);
2951	return false;
2952	}
2953
2954	script->resetScriptCounts();
2955
2956	if (!scriptsDone.add(entry, script)) {
2957	return false;
2958	}
2959
2960	if (!script->isTopLevel()) {
2961	continue;
2962	}
2963
2964	// Iterate from the last to the first object in order to have
2965	// the functions them visited in the opposite order when popping
2966	// elements from the stack of remaining scripts, such that the
2967	// functions are more-less listed with increasing line numbers.
2968	auto gcthings = script->gcthings();
2969	for (JS::GCCellPtr gcThing : mozilla::Reversed(gcthings)) {
2970	if (!gcThing.is<JSObject>()) {
2971	continue;
2972	}
2973	JSObject* obj = &gcThing.as<JSObject>();
2974
2975	if (!obj->is<JSFunction>()) {
2976	continue;
2977	}
2978	fun = &obj->as<JSFunction>();
2979
2980	// Ignore asm.js functions
2981	if (!fun->isInterpreted()) {
2982	continue;
2983	}
2984
2985	// Queue the script in the list of script associated to the
2986	// current source.
2987	JSScript* childScript = JSFunction::getOrCreateScript(cx, fun);
2988	if (!childScript \|\| !queue.append(childScript)) {
2989	return false;
2990	}
2991	}
2992	} while (!queue.empty());
2993
2994	bool isEmpty = true;
2995	lcovRealm->exportInto(out, &isEmpty);
2996	return true;
2997	}
2998
2999	JS_PUBLIC_API UniqueChars js::GetCodeCoverageSummaryAll(JSContext* cx,
3000	size_t* length) {
3001	Sprinter out(cx);
3002	if (!out.init()) {
3003	return nullptr;
3004	}
3005
3006	for (RealmsIter realm(cx->runtime()); !realm.done(); realm.next()) {
3007	if (!GenerateLcovInfo(cx, realm, out)) {
3008	return nullptr;
3009	}
3010	}
3011
3012	*length = out.length();
3013	return out.release();
3014	}
3015
3016	JS_PUBLIC_API UniqueChars js::GetCodeCoverageSummary(JSContext* cx,
3017	size_t* length) {
3018	Sprinter out(cx);
3019	if (!out.init()) {
3020	return nullptr;
3021	}
3022
3023	if (!GenerateLcovInfo(cx, cx->realm(), out)) {
3024	return nullptr;
3025	}
3026
3027	*length = out.length();
3028	return out.release();
3029	}