Bug Summary

File:var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Realm-inl.h
Warning:line 71, column 31
Called C++ object pointer is uninitialized

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name Interpreter.cpp -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=cplusplus -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -analyzer-config-compatibility-mode=true -mrelocation-model pic -pic-level 2 -fhalf-no-semantic-interposition -mframe-pointer=all -relaxed-aliasing -ffp-contract=off -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fdebug-compilation-dir=/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/js/src -fcoverage-compilation-dir=/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/js/src -resource-dir /usr/lib/llvm-19/lib/clang/19 -include /var/lib/jenkins/workspace/firefox-scan-build/config/gcc_hidden.h -include /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/mozilla-config.h -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/stl_wrappers -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/system_wrappers -U _FORTIFY_SOURCE -D _FORTIFY_SOURCE=2 -D DEBUG=1 -D WASM_SUPPORTS_HUGE_MEMORY -D JS_CACHEIR_SPEW -D JS_STRUCTURED_SPEW -D JS_HAS_CTYPES -D FFI_BUILDING -D EXPORT_JS_API -D MOZ_HAS_MOZGLUE -D MOZ_SUPPORT_LEAKCHECKING -I /var/lib/jenkins/workspace/firefox-scan-build/js/src -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/js/src -I /var/lib/jenkins/workspace/firefox-scan-build/intl/icu_capi/bindings/c -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/js/src/ctypes/libffi/include -I /var/lib/jenkins/workspace/firefox-scan-build/js/src/ctypes/libffi/src/x86 -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/nspr -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/nss -D MOZILLA_CLIENT -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../include/c++/14 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../include/x86_64-linux-gnu/c++/14 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../include/c++/14/backward -internal-isystem /usr/lib/llvm-19/lib/clang/19/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -O3 -Wno-error=tautological-type-limit-compare -Wno-invalid-offsetof -Wno-range-loop-analysis -Wno-deprecated-anon-enum-enum-conversion -Wno-deprecated-enum-enum-conversion -Wno-deprecated-this-capture -Wno-inline-new-delete -Wno-error=deprecated-declarations -Wno-error=array-bounds -Wno-error=free-nonheap-object -Wno-error=atomic-alignment -Wno-error=deprecated-builtins -Wno-psabi -Wno-error=builtin-macro-redefined -Wno-vla-cxx-extension -Wno-unknown-warning-option -fdeprecated-macro -ferror-limit 19 -fstrict-flex-arrays=1 -stack-protector 2 -fstack-clash-protection -ftrivial-auto-var-init=pattern -fno-rtti -fgnuc-version=4.2.1 -fskip-odr-check-in-gmf -fno-sized-deallocation -fno-aligned-allocation -vectorize-loops -vectorize-slp -analyzer-checker optin.performance.Padding -analyzer-output=html -analyzer-config stable-report-filename=true -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/scan-build-2024-09-22-115206-3586786-1 -x c++ /var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp

/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp

1/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*-
2 * vim: set ts=8 sts=2 et sw=2 tw=80:
3 * This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7/*
8 * JavaScript bytecode interpreter.
9 */
10
11#include "vm/Interpreter-inl.h"
12
13#include "mozilla/DebugOnly.h"
14#include "mozilla/FloatingPoint.h"
15#include "mozilla/Maybe.h"
16#include "mozilla/ScopeExit.h"
17#include "mozilla/Sprintf.h"
18#include "mozilla/TimeStamp.h"
19
20#include <string.h>
21
22#include "jsapi.h"
23#include "jsnum.h"
24
25#include "builtin/Array.h"
26#include "builtin/Eval.h"
27#include "builtin/ModuleObject.h"
28#include "builtin/Object.h"
29#include "builtin/Promise.h"
30#include "gc/GC.h"
31#include "jit/BaselineJIT.h"
32#include "jit/Jit.h"
33#include "jit/JitRuntime.h"
34#include "js/experimental/JitInfo.h" // JSJitInfo
35#include "js/friend/ErrorMessages.h" // js::GetErrorMessage, JSMSG_*
36#include "js/friend/StackLimits.h" // js::AutoCheckRecursionLimit
37#include "js/friend/WindowProxy.h" // js::IsWindowProxy
38#include "js/Printer.h"
39#include "proxy/DeadObjectProxy.h"
40#include "util/StringBuilder.h"
41#include "vm/AsyncFunction.h"
42#include "vm/AsyncIteration.h"
43#include "vm/BigIntType.h"
44#include "vm/BytecodeUtil.h" // JSDVG_SEARCH_STACK
45#ifdef ENABLE_EXPLICIT_RESOURCE_MANAGEMENT
46# include "vm/ErrorObject.h"
47#endif
48#include "vm/EqualityOperations.h" // js::StrictlyEqual
49#include "vm/GeneratorObject.h"
50#include "vm/Iteration.h"
51#include "vm/JSContext.h"
52#include "vm/JSFunction.h"
53#include "vm/JSObject.h"
54#include "vm/JSScript.h"
55#include "vm/Opcodes.h"
56#include "vm/PIC.h"
57#include "vm/PlainObject.h" // js::PlainObject
58#include "vm/Scope.h"
59#include "vm/Shape.h"
60#include "vm/SharedStencil.h" // GCThingIndex
61#include "vm/StringType.h"
62#include "vm/ThrowMsgKind.h" // ThrowMsgKind
63#include "vm/TypeofEqOperand.h" // TypeofEqOperand
64#ifdef ENABLE_EXPLICIT_RESOURCE_MANAGEMENT
65# include "vm/UsingHint.h"
66#endif
67#ifdef ENABLE_RECORD_TUPLE
68# include "vm/RecordType.h"
69# include "vm/TupleType.h"
70#endif
71
72#include "builtin/Boolean-inl.h"
73#include "debugger/DebugAPI-inl.h"
74#include "vm/ArgumentsObject-inl.h"
75#ifdef ENABLE_EXPLICIT_RESOURCE_MANAGEMENT
76# include "vm/DisposableRecord-inl.h"
77#endif
78#include "vm/EnvironmentObject-inl.h"
79#include "vm/GeckoProfiler-inl.h"
80#include "vm/JSScript-inl.h"
81#include "vm/NativeObject-inl.h"
82#include "vm/ObjectOperations-inl.h"
83#include "vm/PlainObject-inl.h" // js::CopyInitializerObject, js::CreateThis
84#include "vm/Probes-inl.h"
85#include "vm/Stack-inl.h"
86
87using namespace js;
88
89using mozilla::DebugOnly;
90using mozilla::NumberEqualsInt32;
91
92template <bool Eq>
93static MOZ_ALWAYS_INLINEinline bool LooseEqualityOp(JSContext* cx,
94 InterpreterRegs& regs) {
95 HandleValue rval = regs.stackHandleAt(-1);
96 HandleValue lval = regs.stackHandleAt(-2);
97 bool cond;
98 if (!LooselyEqual(cx, lval, rval, &cond)) {
99 return false;
100 }
101 cond = (cond == Eq);
102 regs.sp--;
103 regs.sp[-1].setBoolean(cond);
104 return true;
105}
106
107JSObject* js::BoxNonStrictThis(JSContext* cx, HandleValue thisv) {
108 MOZ_ASSERT(!thisv.isMagic())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!thisv.isMagic())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!thisv.isMagic()))), 0))) { do
{ } while (false); MOZ_ReportAssertionFailure("!thisv.isMagic()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 108); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!thisv.isMagic()"
")"); do { *((volatile int*)__null) = 108; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
109
110 if (thisv.isNullOrUndefined()) {
111 return cx->global()->lexicalEnvironment().thisObject();
112 }
113
114 if (thisv.isObject()) {
115 return &thisv.toObject();
116 }
117
118 return PrimitiveToObject(cx, thisv);
119}
120
121static bool IsNSVOLexicalEnvironment(JSObject* env) {
122 return env->is<LexicalEnvironmentObject>() &&
123 env->as<LexicalEnvironmentObject>()
124 .enclosingEnvironment()
125 .is<NonSyntacticVariablesObject>();
126}
127
128bool js::GetFunctionThis(JSContext* cx, AbstractFramePtr frame,
129 MutableHandleValue res) {
130 MOZ_ASSERT(frame.isFunctionFrame())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(frame.isFunctionFrame())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(frame.isFunctionFrame()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("frame.isFunctionFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 130); AnnotateMozCrashReason("MOZ_ASSERT" "(" "frame.isFunctionFrame()"
")"); do { *((volatile int*)__null) = 130; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
131 MOZ_ASSERT(!frame.callee()->isArrow())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!frame.callee()->isArrow())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!frame.callee()->isArrow(
)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!frame.callee()->isArrow()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 131); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!frame.callee()->isArrow()"
")"); do { *((volatile int*)__null) = 131; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
132
133 if (frame.thisArgument().isObject() || frame.callee()->strict()) {
134 res.set(frame.thisArgument());
135 return true;
136 }
137
138 MOZ_ASSERT(!frame.callee()->isSelfHostedBuiltin(),do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!frame.callee()->isSelfHostedBuiltin())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(!frame.callee()->isSelfHostedBuiltin()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("!frame.callee()->isSelfHostedBuiltin()"
" (" "Self-hosted builtins must be strict" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 139); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!frame.callee()->isSelfHostedBuiltin()"
") (" "Self-hosted builtins must be strict" ")"); do { *((volatile
int*)__null) = 139; __attribute__((nomerge)) ::abort(); } while
(false); } } while (false)
139 "Self-hosted builtins must be strict")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!frame.callee()->isSelfHostedBuiltin())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(!frame.callee()->isSelfHostedBuiltin()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("!frame.callee()->isSelfHostedBuiltin()"
" (" "Self-hosted builtins must be strict" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 139); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!frame.callee()->isSelfHostedBuiltin()"
") (" "Self-hosted builtins must be strict" ")"); do { *((volatile
int*)__null) = 139; __attribute__((nomerge)) ::abort(); } while
(false); } } while (false);
140
141 RootedValue thisv(cx, frame.thisArgument());
142
143 // If there is a NSVO on environment chain, use it as basis for fallback
144 // global |this|. This gives a consistent definition of global lexical
145 // |this| between function and global contexts.
146 //
147 // NOTE: If only non-syntactic WithEnvironments are on the chain, we use the
148 // global lexical |this| value. This is for compatibility with the Subscript
149 // Loader.
150 if (frame.script()->hasNonSyntacticScope() && thisv.isNullOrUndefined()) {
151 JSObject* env = frame.environmentChain();
152 while (true) {
153 if (IsNSVOLexicalEnvironment(env) ||
154 env->is<GlobalLexicalEnvironmentObject>()) {
155 auto* obj = env->as<ExtensibleLexicalEnvironmentObject>().thisObject();
156 res.setObject(*obj);
157 return true;
158 }
159 if (!env->enclosingEnvironment()) {
160 // This can only happen in Debugger eval frames: in that case we
161 // don't always have a global lexical env, see EvaluateInEnv.
162 MOZ_ASSERT(env->is<GlobalObject>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(env->is<GlobalObject>())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(env->is<GlobalObject>
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("env->is<GlobalObject>()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 162); AnnotateMozCrashReason("MOZ_ASSERT" "(" "env->is<GlobalObject>()"
")"); do { *((volatile int*)__null) = 162; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
163 res.setObject(*GetThisObject(env));
164 return true;
165 }
166 env = env->enclosingEnvironment();
167 }
168 }
169
170 JSObject* obj = BoxNonStrictThis(cx, thisv);
171 if (!obj) {
172 return false;
173 }
174
175 res.setObject(*obj);
176 return true;
177}
178
179void js::GetNonSyntacticGlobalThis(JSContext* cx, HandleObject envChain,
180 MutableHandleValue res) {
181 JSObject* env = envChain;
182 while (true) {
183 if (env->is<ExtensibleLexicalEnvironmentObject>()) {
184 auto* obj = env->as<ExtensibleLexicalEnvironmentObject>().thisObject();
185 res.setObject(*obj);
186 return;
187 }
188 if (!env->enclosingEnvironment()) {
189 // This can only happen in Debugger eval frames: in that case we
190 // don't always have a global lexical env, see EvaluateInEnv.
191 MOZ_ASSERT(env->is<GlobalObject>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(env->is<GlobalObject>())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(env->is<GlobalObject>
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("env->is<GlobalObject>()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 191); AnnotateMozCrashReason("MOZ_ASSERT" "(" "env->is<GlobalObject>()"
")"); do { *((volatile int*)__null) = 191; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
192 res.setObject(*GetThisObject(env));
193 return;
194 }
195 env = env->enclosingEnvironment();
196 }
197}
198
199#ifdef DEBUG1
200static bool IsSelfHostedOrKnownBuiltinCtor(JSFunction* fun, JSContext* cx) {
201 if (fun->isSelfHostedOrIntrinsic()) {
202 return true;
203 }
204
205 // GetBuiltinConstructor in MapGroupBy
206 if (fun == cx->global()->maybeGetConstructor(JSProto_Map)) {
207 return true;
208 }
209
210 // GetBuiltinConstructor in intlFallbackSymbol
211 if (fun == cx->global()->maybeGetConstructor(JSProto_Symbol)) {
212 return true;
213 }
214
215 // ConstructorForTypedArray in MergeSortTypedArray
216 if (fun == cx->global()->maybeGetConstructor(JSProto_Int8Array) ||
217 fun == cx->global()->maybeGetConstructor(JSProto_Uint8Array) ||
218 fun == cx->global()->maybeGetConstructor(JSProto_Int16Array) ||
219 fun == cx->global()->maybeGetConstructor(JSProto_Uint16Array) ||
220 fun == cx->global()->maybeGetConstructor(JSProto_Int32Array) ||
221 fun == cx->global()->maybeGetConstructor(JSProto_Uint32Array) ||
222 fun == cx->global()->maybeGetConstructor(JSProto_Float32Array) ||
223 fun == cx->global()->maybeGetConstructor(JSProto_Float64Array) ||
224 fun == cx->global()->maybeGetConstructor(JSProto_Uint8ClampedArray) ||
225 fun == cx->global()->maybeGetConstructor(JSProto_BigInt64Array) ||
226 fun == cx->global()->maybeGetConstructor(JSProto_BigUint64Array)) {
227 return true;
228 }
229
230 return false;
231}
232#endif // DEBUG
233
234bool js::Debug_CheckSelfHosted(JSContext* cx, HandleValue funVal) {
235#ifdef DEBUG1
236 JSFunction* fun = &UncheckedUnwrap(&funVal.toObject())->as<JSFunction>();
237 MOZ_ASSERT(IsSelfHostedOrKnownBuiltinCtor(fun, cx),do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsSelfHostedOrKnownBuiltinCtor(fun, cx))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(IsSelfHostedOrKnownBuiltinCtor(fun, cx)))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("IsSelfHostedOrKnownBuiltinCtor(fun, cx)"
" (" "functions directly called inside self-hosted JS must be one of "
"selfhosted function, self-hosted intrinsic, or known built-in "
"constructor" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 240); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsSelfHostedOrKnownBuiltinCtor(fun, cx)"
") (" "functions directly called inside self-hosted JS must be one of "
"selfhosted function, self-hosted intrinsic, or known built-in "
"constructor" ")"); do { *((volatile int*)__null) = 240; __attribute__
((nomerge)) ::abort(); } while (false); } } while (false)
238 "functions directly called inside self-hosted JS must be one of "do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsSelfHostedOrKnownBuiltinCtor(fun, cx))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(IsSelfHostedOrKnownBuiltinCtor(fun, cx)))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("IsSelfHostedOrKnownBuiltinCtor(fun, cx)"
" (" "functions directly called inside self-hosted JS must be one of "
"selfhosted function, self-hosted intrinsic, or known built-in "
"constructor" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 240); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsSelfHostedOrKnownBuiltinCtor(fun, cx)"
") (" "functions directly called inside self-hosted JS must be one of "
"selfhosted function, self-hosted intrinsic, or known built-in "
"constructor" ")"); do { *((volatile int*)__null) = 240; __attribute__
((nomerge)) ::abort(); } while (false); } } while (false)
239 "selfhosted function, self-hosted intrinsic, or known built-in "do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsSelfHostedOrKnownBuiltinCtor(fun, cx))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(IsSelfHostedOrKnownBuiltinCtor(fun, cx)))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("IsSelfHostedOrKnownBuiltinCtor(fun, cx)"
" (" "functions directly called inside self-hosted JS must be one of "
"selfhosted function, self-hosted intrinsic, or known built-in "
"constructor" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 240); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsSelfHostedOrKnownBuiltinCtor(fun, cx)"
") (" "functions directly called inside self-hosted JS must be one of "
"selfhosted function, self-hosted intrinsic, or known built-in "
"constructor" ")"); do { *((volatile int*)__null) = 240; __attribute__
((nomerge)) ::abort(); } while (false); } } while (false)
240 "constructor")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsSelfHostedOrKnownBuiltinCtor(fun, cx))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(IsSelfHostedOrKnownBuiltinCtor(fun, cx)))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("IsSelfHostedOrKnownBuiltinCtor(fun, cx)"
" (" "functions directly called inside self-hosted JS must be one of "
"selfhosted function, self-hosted intrinsic, or known built-in "
"constructor" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 240); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsSelfHostedOrKnownBuiltinCtor(fun, cx)"
") (" "functions directly called inside self-hosted JS must be one of "
"selfhosted function, self-hosted intrinsic, or known built-in "
"constructor" ")"); do { *((volatile int*)__null) = 240; __attribute__
((nomerge)) ::abort(); } while (false); } } while (false);
241#else
242 MOZ_CRASH("self-hosted checks should only be done in Debug builds")do { do { } while (false); MOZ_ReportCrash("" "self-hosted checks should only be done in Debug builds"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 242); AnnotateMozCrashReason("MOZ_CRASH(" "self-hosted checks should only be done in Debug builds"
")"); do { *((volatile int*)__null) = 242; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
243#endif
244
245 // This is purely to police self-hosted code. There is no actual operation.
246 return true;
247}
248
249static inline bool GetLengthProperty(const Value& lval, MutableHandleValue vp) {
250 /* Optimize length accesses on strings, arrays, and arguments. */
251 if (lval.isString()) {
252 vp.setInt32(lval.toString()->length());
253 return true;
254 }
255 if (lval.isObject()) {
256 JSObject* obj = &lval.toObject();
257 if (obj->is<ArrayObject>()) {
258 vp.setNumber(obj->as<ArrayObject>().length());
259 return true;
260 }
261
262 if (obj->is<ArgumentsObject>()) {
263 ArgumentsObject* argsobj = &obj->as<ArgumentsObject>();
264 if (!argsobj->hasOverriddenLength()) {
265 uint32_t length = argsobj->initialLength();
266 MOZ_ASSERT(length < INT32_MAX)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(length < (2147483647))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(length < (2147483647)))),
0))) { do { } while (false); MOZ_ReportAssertionFailure("length < (2147483647)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 266); AnnotateMozCrashReason("MOZ_ASSERT" "(" "length < (2147483647)"
")"); do { *((volatile int*)__null) = 266; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
267 vp.setInt32(int32_t(length));
268 return true;
269 }
270 }
271 }
272
273 return false;
274}
275
276static inline bool GetPropertyOperation(JSContext* cx,
277 Handle<PropertyName*> name,
278 HandleValue lval,
279 MutableHandleValue vp) {
280 if (name == cx->names().length && ::GetLengthProperty(lval, vp)) {
281 return true;
282 }
283
284 return GetProperty(cx, lval, name, vp);
285}
286
287static inline bool GetNameOperation(JSContext* cx, HandleObject envChain,
288 Handle<PropertyName*> name, JSOp nextOp,
289 MutableHandleValue vp) {
290 /* Kludge to allow (typeof foo == "undefined") tests. */
291 if (IsTypeOfNameOp(nextOp)) {
292 return GetEnvironmentName<GetNameMode::TypeOf>(cx, envChain, name, vp);
293 }
294 return GetEnvironmentName<GetNameMode::Normal>(cx, envChain, name, vp);
295}
296
297bool js::GetImportOperation(JSContext* cx, HandleObject envChain,
298 HandleScript script, jsbytecode* pc,
299 MutableHandleValue vp) {
300 RootedObject env(cx), pobj(cx);
301 Rooted<PropertyName*> name(cx, script->getName(pc));
302 PropertyResult prop;
303
304 MOZ_ALWAYS_TRUE(LookupName(cx, name, envChain, &env, &pobj, &prop))do { if ((__builtin_expect(!!(LookupName(cx, name, envChain, &
env, &pobj, &prop)), 1))) { } else { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(false)>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(false))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("false" " (" "LookupName(cx, name, envChain, &env, &pobj, &prop)"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 304); AnnotateMozCrashReason("MOZ_DIAGNOSTIC_ASSERT" "(" "false"
") (" "LookupName(cx, name, envChain, &env, &pobj, &prop)"
")"); do { *((volatile int*)__null) = 304; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
305 MOZ_ASSERT(env && env->is<ModuleEnvironmentObject>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(env && env->is<ModuleEnvironmentObject
>())>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(env && env->is<ModuleEnvironmentObject
>()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("env && env->is<ModuleEnvironmentObject>()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 305); AnnotateMozCrashReason("MOZ_ASSERT" "(" "env && env->is<ModuleEnvironmentObject>()"
")"); do { *((volatile int*)__null) = 305; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
306 MOZ_ASSERT(env->as<ModuleEnvironmentObject>().hasImportBinding(name))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(env->as<ModuleEnvironmentObject>().hasImportBinding
(name))>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(env->as<ModuleEnvironmentObject>().hasImportBinding
(name)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("env->as<ModuleEnvironmentObject>().hasImportBinding(name)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 306); AnnotateMozCrashReason("MOZ_ASSERT" "(" "env->as<ModuleEnvironmentObject>().hasImportBinding(name)"
")"); do { *((volatile int*)__null) = 306; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
307 return FetchName<GetNameMode::Normal>(cx, env, pobj, name, prop, vp);
308}
309
310bool js::ReportIsNotFunction(JSContext* cx, HandleValue v, int numToSkip,
311 MaybeConstruct construct) {
312 unsigned error = construct ? JSMSG_NOT_CONSTRUCTOR : JSMSG_NOT_FUNCTION;
313 int spIndex = numToSkip >= 0 ? -(numToSkip + 1) : JSDVG_SEARCH_STACK1;
314
315 ReportValueError(cx, error, spIndex, v, nullptr);
316 return false;
317}
318
319JSObject* js::ValueToCallable(JSContext* cx, HandleValue v, int numToSkip,
320 MaybeConstruct construct) {
321 if (v.isObject() && v.toObject().isCallable()) {
322 return &v.toObject();
323 }
324
325 ReportIsNotFunction(cx, v, numToSkip, construct);
326 return nullptr;
327}
328
329static bool MaybeCreateThisForConstructor(JSContext* cx, const CallArgs& args) {
330 if (args.thisv().isObject()) {
331 return true;
332 }
333
334 RootedFunction callee(cx, &args.callee().as<JSFunction>());
335 RootedObject newTarget(cx, &args.newTarget().toObject());
336
337 MOZ_ASSERT(callee->hasBytecode())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(callee->hasBytecode())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(callee->hasBytecode()))),
0))) { do { } while (false); MOZ_ReportAssertionFailure("callee->hasBytecode()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 337); AnnotateMozCrashReason("MOZ_ASSERT" "(" "callee->hasBytecode()"
")"); do { *((volatile int*)__null) = 337; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
338
339 if (!CreateThis(cx, callee, newTarget, GenericObject, args.mutableThisv())) {
340 return false;
341 }
342
343 // Ensure the callee still has a non-lazy script. We normally don't relazify
344 // in active compartments, but the .prototype lookup might have called the
345 // relazifyFunctions testing function that doesn't have this restriction.
346 return JSFunction::getOrCreateScript(cx, callee);
347}
348
349#ifdef ENABLE_RECORD_TUPLE
350static bool AddRecordSpreadOperation(JSContext* cx, HandleValue recHandle,
351 HandleValue spreadeeHandle) {
352 MOZ_ASSERT(recHandle.toExtendedPrimitive().is<RecordType>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(recHandle.toExtendedPrimitive().is<RecordType>
())>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(recHandle.toExtendedPrimitive().is<RecordType>
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("recHandle.toExtendedPrimitive().is<RecordType>()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 352); AnnotateMozCrashReason("MOZ_ASSERT" "(" "recHandle.toExtendedPrimitive().is<RecordType>()"
")"); do { *((volatile int*)__null) = 352; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
353 RecordType* rec = &recHandle.toExtendedPrimitive().as<RecordType>();
354
355 RootedObject obj(cx, ToObjectOrGetObjectPayload(cx, spreadeeHandle));
356
357 RootedIdVector keys(cx);
358 if (!GetPropertyKeys(cx, obj, JSITER_OWNONLY0x8 | JSITER_SYMBOLS0x20, &keys)) {
359 return false;
360 }
361
362 size_t len = keys.length();
363 RootedId propKey(cx);
364 RootedValue propValue(cx);
365 for (size_t i = 0; i < len; i++) {
366 propKey.set(keys[i]);
367
368 // Step 4.c.ii.1.
369 if (MOZ_UNLIKELY(!GetProperty(cx, obj, obj, propKey, &propValue))(__builtin_expect(!!(!GetProperty(cx, obj, obj, propKey, &
propValue)), 0))) {
370 return false;
371 }
372
373 if (MOZ_UNLIKELY(!rec->initializeNextProperty(cx, propKey, propValue))(__builtin_expect(!!(!rec->initializeNextProperty(cx, propKey
, propValue)), 0))) {
374 return false;
375 }
376 }
377
378 return true;
379}
380#endif
381
382InterpreterFrame* InvokeState::pushInterpreterFrame(JSContext* cx) {
383 return cx->interpreterStack().pushInvokeFrame(cx, args_, construct_);
384}
385
386InterpreterFrame* ExecuteState::pushInterpreterFrame(JSContext* cx) {
387 return cx->interpreterStack().pushExecuteFrame(cx, script_, envChain_,
388 evalInFrame_);
389}
390
391InterpreterFrame* RunState::pushInterpreterFrame(JSContext* cx) {
392 if (isInvoke()) {
393 return asInvoke()->pushInterpreterFrame(cx);
394 }
395 return asExecute()->pushInterpreterFrame(cx);
396}
397
398static MOZ_ALWAYS_INLINEinline bool MaybeEnterInterpreterTrampoline(JSContext* cx,
399 RunState& state) {
400#ifdef NIGHTLY_BUILD1
401 if (jit::JitOptions.emitInterpreterEntryTrampoline &&
402 cx->runtime()->hasJitRuntime()) {
403 js::jit::JitRuntime* jitRuntime = cx->runtime()->jitRuntime();
404 JSScript* script = state.script();
405
406 uint8_t* codeRaw = nullptr;
407 auto p = jitRuntime->getInterpreterEntryMap()->lookup(script);
408 if (p) {
409 codeRaw = p->value().raw();
410 } else {
411 js::jit::JitCode* code =
412 jitRuntime->generateEntryTrampolineForScript(cx, script);
413 if (!code) {
414 ReportOutOfMemory(cx);
415 return false;
416 }
417
418 js::jit::EntryTrampoline entry(cx, code);
419 if (!jitRuntime->getInterpreterEntryMap()->put(script, entry)) {
420 ReportOutOfMemory(cx);
421 return false;
422 }
423 codeRaw = code->raw();
424 }
425
426 MOZ_ASSERT(codeRaw, "Should have a valid trampoline here.")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(codeRaw)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(codeRaw))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("codeRaw" " (" "Should have a valid trampoline here."
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 426); AnnotateMozCrashReason("MOZ_ASSERT" "(" "codeRaw" ") ("
"Should have a valid trampoline here." ")"); do { *((volatile
int*)__null) = 426; __attribute__((nomerge)) ::abort(); } while
(false); } } while (false);
427 // The C++ entry thunk is located at the vmInterpreterEntryOffset offset.
428 codeRaw += jitRuntime->vmInterpreterEntryOffset();
429 return js::jit::EnterInterpreterEntryTrampoline(codeRaw, cx, &state);
430 }
431#endif
432 return Interpret(cx, state);
433}
434
435// MSVC with PGO inlines a lot of functions in RunScript, resulting in large
436// stack frames and stack overflow issues, see bug 1167883. Turn off PGO to
437// avoid this.
438#ifdef _MSC_VER
439# pragma optimize("g", off)
440#endif
441bool js::RunScript(JSContext* cx, RunState& state) {
442 AutoCheckRecursionLimit recursion(cx);
443 if (!recursion.check(cx)) {
444 return false;
445 }
446
447 MOZ_ASSERT_IF(cx->runtime()->hasJitRuntime(),do { if (cx->runtime()->hasJitRuntime()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(!cx->
runtime()->jitRuntime()->disallowArbitraryCode())>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(!cx->runtime()->jitRuntime()->disallowArbitraryCode
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!cx->runtime()->jitRuntime()->disallowArbitraryCode()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 448); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cx->runtime()->jitRuntime()->disallowArbitraryCode()"
")"); do { *((volatile int*)__null) = 448; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
448 !cx->runtime()->jitRuntime()->disallowArbitraryCode())do { if (cx->runtime()->hasJitRuntime()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(!cx->
runtime()->jitRuntime()->disallowArbitraryCode())>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(!cx->runtime()->jitRuntime()->disallowArbitraryCode
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!cx->runtime()->jitRuntime()->disallowArbitraryCode()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 448); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cx->runtime()->jitRuntime()->disallowArbitraryCode()"
")"); do { *((volatile int*)__null) = 448; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
449
450 // Since any script can conceivably GC, make sure it's safe to do so.
451 cx->verifyIsSafeToGC();
452
453 MOZ_ASSERT(cx->realm() == state.script()->realm())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->realm() == state.script()->realm())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(cx->realm() == state.script()->realm()))), 0))) { do
{ } while (false); MOZ_ReportAssertionFailure("cx->realm() == state.script()->realm()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 453); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->realm() == state.script()->realm()"
")"); do { *((volatile int*)__null) = 453; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
454
455 MOZ_DIAGNOSTIC_ASSERT(cx->realm()->isSystem() ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->realm()->isSystem() || cx->runtime()->
allowContentJS())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(cx->realm()->isSystem(
) || cx->runtime()->allowContentJS()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("cx->realm()->isSystem() || cx->runtime()->allowContentJS()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 456); AnnotateMozCrashReason("MOZ_DIAGNOSTIC_ASSERT" "(" "cx->realm()->isSystem() || cx->runtime()->allowContentJS()"
")"); do { *((volatile int*)__null) = 456; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
456 cx->runtime()->allowContentJS())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->realm()->isSystem() || cx->runtime()->
allowContentJS())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(cx->realm()->isSystem(
) || cx->runtime()->allowContentJS()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("cx->realm()->isSystem() || cx->runtime()->allowContentJS()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 456); AnnotateMozCrashReason("MOZ_DIAGNOSTIC_ASSERT" "(" "cx->realm()->isSystem() || cx->runtime()->allowContentJS()"
")"); do { *((volatile int*)__null) = 456; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
457
458 if (!DebugAPI::checkNoExecute(cx, state.script())) {
459 return false;
460 }
461
462 GeckoProfilerEntryMarker marker(cx, state.script());
463
464 bool measuringTime = !cx->isMeasuringExecutionTime();
465 mozilla::TimeStamp startTime;
466 if (measuringTime) {
467 cx->setIsMeasuringExecutionTime(true);
468 cx->setIsExecuting(true);
469 startTime = mozilla::TimeStamp::Now();
470 }
471 auto timerEnd = mozilla::MakeScopeExit([&]() {
472 if (measuringTime) {
473 mozilla::TimeDuration delta = mozilla::TimeStamp::Now() - startTime;
474 cx->realm()->timers.executionTime += delta;
475 cx->setIsMeasuringExecutionTime(false);
476 cx->setIsExecuting(false);
477 }
478 });
479
480 jit::EnterJitStatus status = jit::MaybeEnterJit(cx, state);
481 switch (status) {
482 case jit::EnterJitStatus::Error:
483 return false;
484 case jit::EnterJitStatus::Ok:
485 return true;
486 case jit::EnterJitStatus::NotEntered:
487 break;
488 }
489
490 bool ok = MaybeEnterInterpreterTrampoline(cx, state);
491
492 return ok;
493}
494#ifdef _MSC_VER
495# pragma optimize("", on)
496#endif
497
498STATIC_PRECONDITION_ASSUME(ubound(args.argv_) >= argc)
499MOZ_ALWAYS_INLINEinline bool CallJSNative(JSContext* cx, Native native,
500 CallReason reason, const CallArgs& args) {
501 AutoCheckRecursionLimit recursion(cx);
502 if (!recursion.check(cx)) {
503 return false;
504 }
505
506 NativeResumeMode resumeMode = DebugAPI::onNativeCall(cx, args, reason);
507 if (resumeMode != NativeResumeMode::Continue) {
508 return resumeMode == NativeResumeMode::Override;
509 }
510
511#ifdef DEBUG1
512 bool alreadyThrowing = cx->isExceptionPending();
513#endif
514 cx->check(args);
515 MOZ_ASSERT(!args.callee().is<ProxyObject>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!args.callee().is<ProxyObject>())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(!args.callee().is<ProxyObject>()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("!args.callee().is<ProxyObject>()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 515); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!args.callee().is<ProxyObject>()"
")"); do { *((volatile int*)__null) = 515; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
516
517 AutoRealm ar(cx, &args.callee());
518 bool ok = native(cx, args.length(), args.base());
519 if (ok) {
520 cx->check(args.rval());
521 MOZ_ASSERT_IF(!alreadyThrowing, !cx->isExceptionPending())do { if (!alreadyThrowing) { do { static_assert( mozilla::detail
::AssertionConditionType<decltype(!cx->isExceptionPending
())>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(!cx->isExceptionPending()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("!cx->isExceptionPending()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 521); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cx->isExceptionPending()"
")"); do { *((volatile int*)__null) = 521; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
522 }
523 return ok;
524}
525
526STATIC_PRECONDITION(ubound(args.argv_) >= argc)
527MOZ_ALWAYS_INLINEinline bool CallJSNativeConstructor(JSContext* cx, Native native,
528 const CallArgs& args) {
529#ifdef DEBUG1
530 RootedObject callee(cx, &args.callee());
531#endif
532
533 MOZ_ASSERT(args.thisv().isMagic())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.thisv().isMagic())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.thisv().isMagic()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("args.thisv().isMagic()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 533); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.thisv().isMagic()"
")"); do { *((volatile int*)__null) = 533; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
534 if (!CallJSNative(cx, native, CallReason::Call, args)) {
535 return false;
536 }
537
538 /*
539 * Native constructors must return non-primitive values on success.
540 * Although it is legal, if a constructor returns the callee, there is a
541 * 99.9999% chance it is a bug. If any valid code actually wants the
542 * constructor to return the callee, the assertion can be removed or
543 * (another) conjunct can be added to the antecedent.
544 *
545 * Exceptions:
546 * - (new Object(Object)) returns the callee.
547 * - The bound function construct hook can return an arbitrary object,
548 * including the callee.
549 *
550 * Also allow if this may be due to a debugger hook since fuzzing may let this
551 * happen.
552 */
553 MOZ_ASSERT(args.rval().isObject())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.rval().isObject())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.rval().isObject()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("args.rval().isObject()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 553); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.rval().isObject()"
")"); do { *((volatile int*)__null) = 553; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
554 MOZ_ASSERT_IF(!JS_IsNativeFunction(callee, obj_construct) &&do { if (!JS_IsNativeFunction(callee, obj_construct) &&
!callee->is<BoundFunctionObject>() && !cx->
realm()->debuggerObservesNativeCall()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(args.rval
() != ObjectValue(*callee))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.rval() != ObjectValue(*
callee)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("args.rval() != ObjectValue(*callee)", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 557); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.rval() != ObjectValue(*callee)"
")"); do { *((volatile int*)__null) = 557; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
555 !callee->is<BoundFunctionObject>() &&do { if (!JS_IsNativeFunction(callee, obj_construct) &&
!callee->is<BoundFunctionObject>() && !cx->
realm()->debuggerObservesNativeCall()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(args.rval
() != ObjectValue(*callee))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.rval() != ObjectValue(*
callee)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("args.rval() != ObjectValue(*callee)", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 557); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.rval() != ObjectValue(*callee)"
")"); do { *((volatile int*)__null) = 557; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
556 !cx->realm()->debuggerObservesNativeCall(),do { if (!JS_IsNativeFunction(callee, obj_construct) &&
!callee->is<BoundFunctionObject>() && !cx->
realm()->debuggerObservesNativeCall()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(args.rval
() != ObjectValue(*callee))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.rval() != ObjectValue(*
callee)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("args.rval() != ObjectValue(*callee)", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 557); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.rval() != ObjectValue(*callee)"
")"); do { *((volatile int*)__null) = 557; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
557 args.rval() != ObjectValue(*callee))do { if (!JS_IsNativeFunction(callee, obj_construct) &&
!callee->is<BoundFunctionObject>() && !cx->
realm()->debuggerObservesNativeCall()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(args.rval
() != ObjectValue(*callee))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.rval() != ObjectValue(*
callee)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("args.rval() != ObjectValue(*callee)", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 557); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.rval() != ObjectValue(*callee)"
")"); do { *((volatile int*)__null) = 557; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
558
559 return true;
560}
561
562/*
563 * Find a function reference and its 'this' value implicit first parameter
564 * under argc arguments on cx's stack, and call the function. Push missing
565 * required arguments, allocate declared local variables, and pop everything
566 * when done. Then push the return value.
567 *
568 * Note: This function DOES NOT call GetThisValue to munge |args.thisv()| if
569 * necessary. The caller (usually the interpreter) must have performed
570 * this step already!
571 */
572bool js::InternalCallOrConstruct(JSContext* cx, const CallArgs& args,
573 MaybeConstruct construct,
574 CallReason reason /* = CallReason::Call */) {
575 MOZ_ASSERT(args.length() <= ARGS_LENGTH_MAX)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.length() <= ARGS_LENGTH_MAX)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.length() <= ARGS_LENGTH_MAX
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"args.length() <= ARGS_LENGTH_MAX", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 575); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.length() <= ARGS_LENGTH_MAX"
")"); do { *((volatile int*)__null) = 575; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
576
577 unsigned skipForCallee = args.length() + 1 + (construct == CONSTRUCT);
578 if (args.calleev().isPrimitive()) {
579 return ReportIsNotFunction(cx, args.calleev(), skipForCallee, construct);
580 }
581
582 /* Invoke non-functions. */
583 if (MOZ_UNLIKELY(!args.callee().is<JSFunction>())(__builtin_expect(!!(!args.callee().is<JSFunction>()), 0
))) {
584 MOZ_ASSERT_IF(construct, !args.callee().isConstructor())do { if (construct) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(!args.callee().isConstructor())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!args.callee().isConstructor
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!args.callee().isConstructor()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 584); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!args.callee().isConstructor()"
")"); do { *((volatile int*)__null) = 584; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
585
586 if (!args.callee().isCallable()) {
587 return ReportIsNotFunction(cx, args.calleev(), skipForCallee, construct);
588 }
589
590 if (args.callee().is<ProxyObject>()) {
591 RootedObject proxy(cx, &args.callee());
592 return Proxy::call(cx, proxy, args);
593 }
594
595 JSNative call = args.callee().callHook();
596 MOZ_ASSERT(call, "isCallable without a callHook?")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(call)>::isValid, "invalid assertion condition"); if
((__builtin_expect(!!(!(!!(call))), 0))) { do { } while (false
); MOZ_ReportAssertionFailure("call" " (" "isCallable without a callHook?"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 596); AnnotateMozCrashReason("MOZ_ASSERT" "(" "call" ") (" "isCallable without a callHook?"
")"); do { *((volatile int*)__null) = 596; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
597
598 return CallJSNative(cx, call, reason, args);
599 }
600
601 /* Invoke native functions. */
602 RootedFunction fun(cx, &args.callee().as<JSFunction>());
603 if (fun->isNativeFun()) {
604 MOZ_ASSERT_IF(construct, !fun->isConstructor())do { if (construct) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(!fun->isConstructor())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!fun->isConstructor()))),
0))) { do { } while (false); MOZ_ReportAssertionFailure("!fun->isConstructor()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 604); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!fun->isConstructor()"
")"); do { *((volatile int*)__null) = 604; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
605 JSNative native = fun->native();
606 if (!construct && args.ignoresReturnValue() && fun->hasJitInfo()) {
607 const JSJitInfo* jitInfo = fun->jitInfo();
608 if (jitInfo->type() == JSJitInfo::IgnoresReturnValueNative) {
609 native = jitInfo->ignoresReturnValueMethod;
610 }
611 }
612 return CallJSNative(cx, native, reason, args);
613 }
614
615 // Self-hosted builtins are considered native by the onNativeCall hook.
616 if (fun->isSelfHostedBuiltin()) {
617 NativeResumeMode resumeMode = DebugAPI::onNativeCall(cx, args, reason);
618 if (resumeMode != NativeResumeMode::Continue) {
619 return resumeMode == NativeResumeMode::Override;
620 }
621 }
622
623 if (!JSFunction::getOrCreateScript(cx, fun)) {
624 return false;
625 }
626
627 /* Run function until JSOp::RetRval, JSOp::Return or error. */
628 InvokeState state(cx, args, construct);
629
630 // Create |this| if we're constructing. Switch to the callee's realm to
631 // ensure this object has the correct realm.
632 AutoRealm ar(cx, state.script());
633 if (construct && !MaybeCreateThisForConstructor(cx, args)) {
634 return false;
635 }
636
637 // Calling class constructors throws an error from the callee's realm.
638 if (construct != CONSTRUCT && fun->isClassConstructor()) {
639 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
640 JSMSG_CANT_CALL_CLASS_CONSTRUCTOR);
641 return false;
642 }
643
644 bool ok = RunScript(cx, state);
645
646 MOZ_ASSERT_IF(ok && construct, args.rval().isObject())do { if (ok && construct) { do { static_assert( mozilla
::detail::AssertionConditionType<decltype(args.rval().isObject
())>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(args.rval().isObject()))), 0))) { do { } while (false
); MOZ_ReportAssertionFailure("args.rval().isObject()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 646); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.rval().isObject()"
")"); do { *((volatile int*)__null) = 646; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
647 return ok;
648}
649
650// Returns true if the callee needs an outerized |this| object. Outerization
651// means passing the WindowProxy instead of the Window (a GlobalObject) because
652// we must never expose the Window to script. This returns false only for DOM
653// getters or setters.
654static bool CalleeNeedsOuterizedThisObject(const Value& callee) {
655 if (!callee.isObject() || !callee.toObject().is<JSFunction>()) {
656 return true;
657 }
658 JSFunction& fun = callee.toObject().as<JSFunction>();
659 if (!fun.isNativeFun() || !fun.hasJitInfo()) {
660 return true;
661 }
662 return fun.jitInfo()->needsOuterizedThisObject();
663}
664
665static bool InternalCall(JSContext* cx, const AnyInvokeArgs& args,
666 CallReason reason) {
667 MOZ_ASSERT(args.array() + args.length() == args.end(),do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.array() + args.length() == args.end())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(args.array() + args.length() == args.end()))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("args.array() + args.length() == args.end()"
" (" "must pass calling arguments to a calling attempt" ")",
"/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 668); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.array() + args.length() == args.end()"
") (" "must pass calling arguments to a calling attempt" ")"
); do { *((volatile int*)__null) = 668; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
668 "must pass calling arguments to a calling attempt")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.array() + args.length() == args.end())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(args.array() + args.length() == args.end()))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("args.array() + args.length() == args.end()"
" (" "must pass calling arguments to a calling attempt" ")",
"/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 668); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.array() + args.length() == args.end()"
") (" "must pass calling arguments to a calling attempt" ")"
); do { *((volatile int*)__null) = 668; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
669
670#ifdef DEBUG1
671 // The caller is responsible for calling GetThisObject if needed.
672 if (args.thisv().isObject()) {
673 JSObject* thisObj = &args.thisv().toObject();
674 MOZ_ASSERT_IF(CalleeNeedsOuterizedThisObject(args.calleev()),do { if (CalleeNeedsOuterizedThisObject(args.calleev())) { do
{ static_assert( mozilla::detail::AssertionConditionType<
decltype(GetThisObject(thisObj) == thisObj)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(GetThisObject(thisObj) == thisObj
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"GetThisObject(thisObj) == thisObj", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 675); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetThisObject(thisObj) == thisObj"
")"); do { *((volatile int*)__null) = 675; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
675 GetThisObject(thisObj) == thisObj)do { if (CalleeNeedsOuterizedThisObject(args.calleev())) { do
{ static_assert( mozilla::detail::AssertionConditionType<
decltype(GetThisObject(thisObj) == thisObj)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(GetThisObject(thisObj) == thisObj
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"GetThisObject(thisObj) == thisObj", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 675); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetThisObject(thisObj) == thisObj"
")"); do { *((volatile int*)__null) = 675; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
676 }
677#endif
678
679 return InternalCallOrConstruct(cx, args, NO_CONSTRUCT, reason);
680}
681
682bool js::CallFromStack(JSContext* cx, const CallArgs& args,
683 CallReason reason /* = CallReason::Call */) {
684 return InternalCall(cx, static_cast<const AnyInvokeArgs&>(args), reason);
685}
686
687// ES7 rev 0c1bd3004329336774cbc90de727cd0cf5f11e93
688// 7.3.12 Call.
689bool js::Call(JSContext* cx, HandleValue fval, HandleValue thisv,
690 const AnyInvokeArgs& args, MutableHandleValue rval,
691 CallReason reason) {
692 // Explicitly qualify these methods to bypass AnyInvokeArgs's deliberate
693 // shadowing.
694 args.CallArgs::setCallee(fval);
695 args.CallArgs::setThis(thisv);
696
697 if (thisv.isObject()) {
698 // If |this| is a global object, it might be a Window and in that case we
699 // usually have to pass the WindowProxy instead.
700 JSObject* thisObj = &thisv.toObject();
701 if (thisObj->is<GlobalObject>()) {
702 if (CalleeNeedsOuterizedThisObject(fval)) {
703 args.mutableThisv().setObject(*GetThisObject(thisObj));
704 }
705 } else {
706 // Fast path: we don't have to do anything if the object isn't a global.
707 MOZ_ASSERT(GetThisObject(thisObj) == thisObj)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(GetThisObject(thisObj) == thisObj)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(GetThisObject(thisObj) == thisObj
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"GetThisObject(thisObj) == thisObj", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 707); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetThisObject(thisObj) == thisObj"
")"); do { *((volatile int*)__null) = 707; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
708 }
709 }
710
711 if (!InternalCall(cx, args, reason)) {
712 return false;
713 }
714
715 rval.set(args.rval());
716 return true;
717}
718
719static bool InternalConstruct(JSContext* cx, const AnyConstructArgs& args,
720 CallReason reason = CallReason::Call) {
721 MOZ_ASSERT(args.array() + args.length() + 1 == args.end(),do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.array() + args.length() + 1 == args.end())>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(args.array() + args.length() + 1 == args.end()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("args.array() + args.length() + 1 == args.end()"
" (" "must pass constructing arguments to a construction attempt"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 722); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.array() + args.length() + 1 == args.end()"
") (" "must pass constructing arguments to a construction attempt"
")"); do { *((volatile int*)__null) = 722; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
722 "must pass constructing arguments to a construction attempt")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.array() + args.length() + 1 == args.end())>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(args.array() + args.length() + 1 == args.end()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("args.array() + args.length() + 1 == args.end()"
" (" "must pass constructing arguments to a construction attempt"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 722); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.array() + args.length() + 1 == args.end()"
") (" "must pass constructing arguments to a construction attempt"
")"); do { *((volatile int*)__null) = 722; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
723 MOZ_ASSERT(!FunctionClass.getConstruct())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!FunctionClass.getConstruct())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!FunctionClass.getConstruct(
)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!FunctionClass.getConstruct()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 723); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!FunctionClass.getConstruct()"
")"); do { *((volatile int*)__null) = 723; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
724 MOZ_ASSERT(!ExtendedFunctionClass.getConstruct())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!ExtendedFunctionClass.getConstruct())>::isValid,
"invalid assertion condition"); if ((__builtin_expect(!!(!(!
!(!ExtendedFunctionClass.getConstruct()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("!ExtendedFunctionClass.getConstruct()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 724); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!ExtendedFunctionClass.getConstruct()"
")"); do { *((volatile int*)__null) = 724; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
725
726 // Callers are responsible for enforcing these preconditions.
727 MOZ_ASSERT(IsConstructor(args.calleev()),do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsConstructor(args.calleev()))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(IsConstructor(args.calleev()
)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("IsConstructor(args.calleev())" " (" "trying to construct a value that isn't a constructor"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 728); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsConstructor(args.calleev())"
") (" "trying to construct a value that isn't a constructor"
")"); do { *((volatile int*)__null) = 728; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
728 "trying to construct a value that isn't a constructor")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsConstructor(args.calleev()))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(IsConstructor(args.calleev()
)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("IsConstructor(args.calleev())" " (" "trying to construct a value that isn't a constructor"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 728); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsConstructor(args.calleev())"
") (" "trying to construct a value that isn't a constructor"
")"); do { *((volatile int*)__null) = 728; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
729 MOZ_ASSERT(IsConstructor(args.CallArgs::newTarget()),do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsConstructor(args.CallArgs::newTarget()))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(IsConstructor(args.CallArgs::newTarget())))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("IsConstructor(args.CallArgs::newTarget())"
" (" "provided new.target value must be a constructor" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 730); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsConstructor(args.CallArgs::newTarget())"
") (" "provided new.target value must be a constructor" ")")
; do { *((volatile int*)__null) = 730; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
730 "provided new.target value must be a constructor")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsConstructor(args.CallArgs::newTarget()))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(IsConstructor(args.CallArgs::newTarget())))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("IsConstructor(args.CallArgs::newTarget())"
" (" "provided new.target value must be a constructor" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 730); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsConstructor(args.CallArgs::newTarget())"
") (" "provided new.target value must be a constructor" ")")
; do { *((volatile int*)__null) = 730; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
731
732 MOZ_ASSERT(args.thisv().isMagic(JS_IS_CONSTRUCTING) ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.thisv().isMagic(JS_IS_CONSTRUCTING) || args.thisv
().isObject())>::isValid, "invalid assertion condition"); if
((__builtin_expect(!!(!(!!(args.thisv().isMagic(JS_IS_CONSTRUCTING
) || args.thisv().isObject()))), 0))) { do { } while (false);
MOZ_ReportAssertionFailure("args.thisv().isMagic(JS_IS_CONSTRUCTING) || args.thisv().isObject()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 733); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.thisv().isMagic(JS_IS_CONSTRUCTING) || args.thisv().isObject()"
")"); do { *((volatile int*)__null) = 733; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
733 args.thisv().isObject())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.thisv().isMagic(JS_IS_CONSTRUCTING) || args.thisv
().isObject())>::isValid, "invalid assertion condition"); if
((__builtin_expect(!!(!(!!(args.thisv().isMagic(JS_IS_CONSTRUCTING
) || args.thisv().isObject()))), 0))) { do { } while (false);
MOZ_ReportAssertionFailure("args.thisv().isMagic(JS_IS_CONSTRUCTING) || args.thisv().isObject()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 733); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.thisv().isMagic(JS_IS_CONSTRUCTING) || args.thisv().isObject()"
")"); do { *((volatile int*)__null) = 733; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
734
735 JSObject& callee = args.callee();
736 if (callee.is<JSFunction>()) {
737 RootedFunction fun(cx, &callee.as<JSFunction>());
738
739 if (fun->isNativeFun()) {
740 return CallJSNativeConstructor(cx, fun->native(), args);
741 }
742
743 if (!InternalCallOrConstruct(cx, args, CONSTRUCT, reason)) {
744 return false;
745 }
746
747 MOZ_ASSERT(args.CallArgs::rval().isObject())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.CallArgs::rval().isObject())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.CallArgs::rval().isObject
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("args.CallArgs::rval().isObject()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 747); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.CallArgs::rval().isObject()"
")"); do { *((volatile int*)__null) = 747; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
748 return true;
749 }
750
751 if (callee.is<ProxyObject>()) {
752 RootedObject proxy(cx, &callee);
753 return Proxy::construct(cx, proxy, args);
754 }
755
756 JSNative construct = callee.constructHook();
757 MOZ_ASSERT(construct != nullptr, "IsConstructor without a construct hook?")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(construct != nullptr)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(construct != nullptr))), 0))
) { do { } while (false); MOZ_ReportAssertionFailure("construct != nullptr"
" (" "IsConstructor without a construct hook?" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 757); AnnotateMozCrashReason("MOZ_ASSERT" "(" "construct != nullptr"
") (" "IsConstructor without a construct hook?" ")"); do { *
((volatile int*)__null) = 757; __attribute__((nomerge)) ::abort
(); } while (false); } } while (false);
758
759 return CallJSNativeConstructor(cx, construct, args);
760}
761
762// Check that |callee|, the callee in a |new| expression, is a constructor.
763static bool StackCheckIsConstructorCalleeNewTarget(JSContext* cx,
764 HandleValue callee,
765 HandleValue newTarget) {
766 // Calls from the stack could have any old non-constructor callee.
767 if (!IsConstructor(callee)) {
768 ReportValueError(cx, JSMSG_NOT_CONSTRUCTOR, JSDVG_SEARCH_STACK1, callee,
769 nullptr);
770 return false;
771 }
772
773 // The new.target has already been vetted by previous calls, or is the callee.
774 // We can just assert that it's a constructor.
775 MOZ_ASSERT(IsConstructor(newTarget))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsConstructor(newTarget))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(IsConstructor(newTarget)))),
0))) { do { } while (false); MOZ_ReportAssertionFailure("IsConstructor(newTarget)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 775); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsConstructor(newTarget)"
")"); do { *((volatile int*)__null) = 775; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
776
777 return true;
778}
779
780bool js::ConstructFromStack(JSContext* cx, const CallArgs& args,
781 CallReason reason /* CallReason::Call */) {
782 if (!StackCheckIsConstructorCalleeNewTarget(cx, args.calleev(),
783 args.newTarget())) {
784 return false;
785 }
786
787 return InternalConstruct(cx, static_cast<const AnyConstructArgs&>(args),
788 reason);
789}
790
791bool js::Construct(JSContext* cx, HandleValue fval,
792 const AnyConstructArgs& args, HandleValue newTarget,
793 MutableHandleObject objp) {
794 MOZ_ASSERT(args.thisv().isMagic(JS_IS_CONSTRUCTING))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.thisv().isMagic(JS_IS_CONSTRUCTING))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(args.thisv().isMagic(JS_IS_CONSTRUCTING)))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("args.thisv().isMagic(JS_IS_CONSTRUCTING)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 794); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.thisv().isMagic(JS_IS_CONSTRUCTING)"
")"); do { *((volatile int*)__null) = 794; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
795
796 // Explicitly qualify to bypass AnyConstructArgs's deliberate shadowing.
797 args.CallArgs::setCallee(fval);
798 args.CallArgs::newTarget().set(newTarget);
799
800 if (!InternalConstruct(cx, args)) {
801 return false;
802 }
803
804 MOZ_ASSERT(args.CallArgs::rval().isObject())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.CallArgs::rval().isObject())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.CallArgs::rval().isObject
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("args.CallArgs::rval().isObject()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 804); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.CallArgs::rval().isObject()"
")"); do { *((volatile int*)__null) = 804; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
805 objp.set(&args.CallArgs::rval().toObject());
806 return true;
807}
808
809bool js::InternalConstructWithProvidedThis(JSContext* cx, HandleValue fval,
810 HandleValue thisv,
811 const AnyConstructArgs& args,
812 HandleValue newTarget,
813 MutableHandleValue rval) {
814 args.CallArgs::setCallee(fval);
815
816 MOZ_ASSERT(thisv.isObject())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(thisv.isObject())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(thisv.isObject()))), 0))) { do
{ } while (false); MOZ_ReportAssertionFailure("thisv.isObject()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 816); AnnotateMozCrashReason("MOZ_ASSERT" "(" "thisv.isObject()"
")"); do { *((volatile int*)__null) = 816; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
817 args.CallArgs::setThis(thisv);
818
819 args.CallArgs::newTarget().set(newTarget);
820
821 if (!InternalConstruct(cx, args)) {
822 return false;
823 }
824
825 rval.set(args.CallArgs::rval());
826 return true;
827}
828
829bool js::CallGetter(JSContext* cx, HandleValue thisv, HandleValue getter,
830 MutableHandleValue rval) {
831 FixedInvokeArgs<0> args(cx);
832
833 return Call(cx, getter, thisv, args, rval, CallReason::Getter);
834}
835
836bool js::CallSetter(JSContext* cx, HandleValue thisv, HandleValue setter,
837 HandleValue v) {
838 FixedInvokeArgs<1> args(cx);
839 args[0].set(v);
840
841 RootedValue ignored(cx);
842 return Call(cx, setter, thisv, args, &ignored, CallReason::Setter);
843}
844
845bool js::ExecuteKernel(JSContext* cx, HandleScript script,
846 HandleObject envChainArg, AbstractFramePtr evalInFrame,
847 MutableHandleValue result) {
848 MOZ_ASSERT_IF(script->isGlobalCode(),do { if (script->isGlobalCode()) { do { static_assert( mozilla
::detail::AssertionConditionType<decltype(envChainArg->
is<GlobalLexicalEnvironmentObject>() || !IsSyntacticEnvironment
(envChainArg))>::isValid, "invalid assertion condition"); if
((__builtin_expect(!!(!(!!(envChainArg->is<GlobalLexicalEnvironmentObject
>() || !IsSyntacticEnvironment(envChainArg)))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("envChainArg->is<GlobalLexicalEnvironmentObject>() || !IsSyntacticEnvironment(envChainArg)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 850); AnnotateMozCrashReason("MOZ_ASSERT" "(" "envChainArg->is<GlobalLexicalEnvironmentObject>() || !IsSyntacticEnvironment(envChainArg)"
")"); do { *((volatile int*)__null) = 850; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
849 envChainArg->is<GlobalLexicalEnvironmentObject>() ||do { if (script->isGlobalCode()) { do { static_assert( mozilla
::detail::AssertionConditionType<decltype(envChainArg->
is<GlobalLexicalEnvironmentObject>() || !IsSyntacticEnvironment
(envChainArg))>::isValid, "invalid assertion condition"); if
((__builtin_expect(!!(!(!!(envChainArg->is<GlobalLexicalEnvironmentObject
>() || !IsSyntacticEnvironment(envChainArg)))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("envChainArg->is<GlobalLexicalEnvironmentObject>() || !IsSyntacticEnvironment(envChainArg)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 850); AnnotateMozCrashReason("MOZ_ASSERT" "(" "envChainArg->is<GlobalLexicalEnvironmentObject>() || !IsSyntacticEnvironment(envChainArg)"
")"); do { *((volatile int*)__null) = 850; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
850 !IsSyntacticEnvironment(envChainArg))do { if (script->isGlobalCode()) { do { static_assert( mozilla
::detail::AssertionConditionType<decltype(envChainArg->
is<GlobalLexicalEnvironmentObject>() || !IsSyntacticEnvironment
(envChainArg))>::isValid, "invalid assertion condition"); if
((__builtin_expect(!!(!(!!(envChainArg->is<GlobalLexicalEnvironmentObject
>() || !IsSyntacticEnvironment(envChainArg)))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("envChainArg->is<GlobalLexicalEnvironmentObject>() || !IsSyntacticEnvironment(envChainArg)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 850); AnnotateMozCrashReason("MOZ_ASSERT" "(" "envChainArg->is<GlobalLexicalEnvironmentObject>() || !IsSyntacticEnvironment(envChainArg)"
")"); do { *((volatile int*)__null) = 850; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
851#ifdef DEBUG1
852 RootedObject terminatingEnv(cx, envChainArg);
853 while (IsSyntacticEnvironment(terminatingEnv)) {
854 terminatingEnv = terminatingEnv->enclosingEnvironment();
855 }
856 MOZ_ASSERT(terminatingEnv->is<GlobalObject>() ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(terminatingEnv->is<GlobalObject>() || script
->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(terminatingEnv->is<GlobalObject
>() || script->hasNonSyntacticScope()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("terminatingEnv->is<GlobalObject>() || script->hasNonSyntacticScope()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 857); AnnotateMozCrashReason("MOZ_ASSERT" "(" "terminatingEnv->is<GlobalObject>() || script->hasNonSyntacticScope()"
")"); do { *((volatile int*)__null) = 857; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
857 script->hasNonSyntacticScope())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(terminatingEnv->is<GlobalObject>() || script
->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(terminatingEnv->is<GlobalObject
>() || script->hasNonSyntacticScope()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("terminatingEnv->is<GlobalObject>() || script->hasNonSyntacticScope()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 857); AnnotateMozCrashReason("MOZ_ASSERT" "(" "terminatingEnv->is<GlobalObject>() || script->hasNonSyntacticScope()"
")"); do { *((volatile int*)__null) = 857; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
858#endif
859
860 if (script->treatAsRunOnce()) {
861 if (script->hasRunOnce()) {
862 JS_ReportErrorASCII(cx,
863 "Trying to execute a run-once script multiple times");
864 return false;
865 }
866
867 script->setHasRunOnce();
868 }
869
870 if (script->isEmpty()) {
871 result.setUndefined();
872 return true;
873 }
874
875 probes::StartExecution(script);
876 ExecuteState state(cx, script, envChainArg, evalInFrame, result);
877 bool ok = RunScript(cx, state);
878 probes::StopExecution(script);
879
880 return ok;
881}
882
883bool js::Execute(JSContext* cx, HandleScript script, HandleObject envChain,
884 MutableHandleValue rval) {
885 /* The env chain is something we control, so we know it can't
886 have any outer objects on it. */
887 MOZ_ASSERT(!IsWindowProxy(envChain))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!IsWindowProxy(envChain))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!IsWindowProxy(envChain)))),
0))) { do { } while (false); MOZ_ReportAssertionFailure("!IsWindowProxy(envChain)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 887); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!IsWindowProxy(envChain)"
")"); do { *((volatile int*)__null) = 887; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
888
889 if (script->isModule()) {
890 MOZ_RELEASE_ASSERT(do { static_assert( mozilla::detail::AssertionConditionType<
decltype(envChain == script->module()->environment())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(envChain == script->module()->environment())))
, 0))) { do { } while (false); MOZ_ReportAssertionFailure("envChain == script->module()->environment()"
" (" "Module scripts can only be executed in the module's environment"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 892); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "envChain == script->module()->environment()"
") (" "Module scripts can only be executed in the module's environment"
")"); do { *((volatile int*)__null) = 892; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
891 envChain == script->module()->environment(),do { static_assert( mozilla::detail::AssertionConditionType<
decltype(envChain == script->module()->environment())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(envChain == script->module()->environment())))
, 0))) { do { } while (false); MOZ_ReportAssertionFailure("envChain == script->module()->environment()"
" (" "Module scripts can only be executed in the module's environment"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 892); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "envChain == script->module()->environment()"
") (" "Module scripts can only be executed in the module's environment"
")"); do { *((volatile int*)__null) = 892; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
892 "Module scripts can only be executed in the module's environment")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(envChain == script->module()->environment())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(envChain == script->module()->environment())))
, 0))) { do { } while (false); MOZ_ReportAssertionFailure("envChain == script->module()->environment()"
" (" "Module scripts can only be executed in the module's environment"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 892); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "envChain == script->module()->environment()"
") (" "Module scripts can only be executed in the module's environment"
")"); do { *((volatile int*)__null) = 892; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
893 } else {
894 MOZ_RELEASE_ASSERT(do { static_assert( mozilla::detail::AssertionConditionType<
decltype(envChain->is<GlobalLexicalEnvironmentObject>
() || script->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(envChain->is<GlobalLexicalEnvironmentObject
>() || script->hasNonSyntacticScope()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
" (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 898); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
") (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")"); do { *((volatile int*)__null) =
898; __attribute__((nomerge)) ::abort(); } while (false); } }
while (false)
895 envChain->is<GlobalLexicalEnvironmentObject>() ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(envChain->is<GlobalLexicalEnvironmentObject>
() || script->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(envChain->is<GlobalLexicalEnvironmentObject
>() || script->hasNonSyntacticScope()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
" (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 898); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
") (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")"); do { *((volatile int*)__null) =
898; __attribute__((nomerge)) ::abort(); } while (false); } }
while (false)
896 script->hasNonSyntacticScope(),do { static_assert( mozilla::detail::AssertionConditionType<
decltype(envChain->is<GlobalLexicalEnvironmentObject>
() || script->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(envChain->is<GlobalLexicalEnvironmentObject
>() || script->hasNonSyntacticScope()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
" (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 898); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
") (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")"); do { *((volatile int*)__null) =
898; __attribute__((nomerge)) ::abort(); } while (false); } }
while (false)
897 "Only global scripts with non-syntactic envs can be executed with "do { static_assert( mozilla::detail::AssertionConditionType<
decltype(envChain->is<GlobalLexicalEnvironmentObject>
() || script->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(envChain->is<GlobalLexicalEnvironmentObject
>() || script->hasNonSyntacticScope()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
" (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 898); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
") (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")"); do { *((volatile int*)__null) =
898; __attribute__((nomerge)) ::abort(); } while (false); } }
while (false)
898 "interesting envchains")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(envChain->is<GlobalLexicalEnvironmentObject>
() || script->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(envChain->is<GlobalLexicalEnvironmentObject
>() || script->hasNonSyntacticScope()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
" (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 898); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
") (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")"); do { *((volatile int*)__null) =
898; __attribute__((nomerge)) ::abort(); } while (false); } }
while (false);
899 }
900
901 /* Ensure the env chain is all same-compartment and terminates in a global. */
902#ifdef DEBUG1
903 JSObject* s = envChain;
904 do {
905 cx->check(s);
906 MOZ_ASSERT_IF(!s->enclosingEnvironment(), s->is<GlobalObject>())do { if (!s->enclosingEnvironment()) { do { static_assert(
mozilla::detail::AssertionConditionType<decltype(s->is
<GlobalObject>())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(s->is<GlobalObject>
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("s->is<GlobalObject>()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 906); AnnotateMozCrashReason("MOZ_ASSERT" "(" "s->is<GlobalObject>()"
")"); do { *((volatile int*)__null) = 906; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
907 } while ((s = s->enclosingEnvironment()));
908#endif
909
910 return ExecuteKernel(cx, script, envChain, NullFramePtr() /* evalInFrame */,
911 rval);
912}
913
914/*
915 * ES6 (4-25-16) 12.10.4 InstanceofOperator
916 */
917bool js::InstanceofOperator(JSContext* cx, HandleObject obj, HandleValue v,
918 bool* bp) {
919 /* Step 1. is handled by caller. */
920
921 /* Step 2. */
922 RootedValue hasInstance(cx);
923 RootedId id(cx, PropertyKey::Symbol(cx->wellKnownSymbols().hasInstance));
924 if (!GetProperty(cx, obj, obj, id, &hasInstance)) {
925 return false;
926 }
927
928 if (!hasInstance.isNullOrUndefined()) {
929 if (!IsCallable(hasInstance)) {
930 return ReportIsNotFunction(cx, hasInstance);
931 }
932
933 /* Step 3. */
934 RootedValue rval(cx);
935 if (!Call(cx, hasInstance, obj, v, &rval)) {
936 return false;
937 }
938 *bp = ToBoolean(rval);
939 return true;
940 }
941
942 /* Step 4. */
943 if (!obj->isCallable()) {
944 RootedValue val(cx, ObjectValue(*obj));
945 return ReportIsNotFunction(cx, val);
946 }
947
948 /* Step 5. */
949 return OrdinaryHasInstance(cx, obj, v, bp);
950}
951
952JSType js::TypeOfObject(JSObject* obj) {
953#ifdef ENABLE_RECORD_TUPLE
954 MOZ_ASSERT(!js::IsExtendedPrimitive(*obj))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!js::IsExtendedPrimitive(*obj))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!js::IsExtendedPrimitive(*obj
)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!js::IsExtendedPrimitive(*obj)", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 954); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!js::IsExtendedPrimitive(*obj)"
")"); do { *((volatile int*)__null) = 954; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
955#endif
956
957 AutoUnsafeCallWithABI unsafe;
958 if (EmulatesUndefined(obj)) {
959 return JSTYPE_UNDEFINED;
960 }
961 if (obj->isCallable()) {
962 return JSTYPE_FUNCTION;
963 }
964 return JSTYPE_OBJECT;
965}
966
967#ifdef ENABLE_RECORD_TUPLE
968JSType TypeOfExtendedPrimitive(JSObject* obj) {
969 MOZ_ASSERT(js::IsExtendedPrimitive(*obj))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(js::IsExtendedPrimitive(*obj))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(js::IsExtendedPrimitive(*obj
)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("js::IsExtendedPrimitive(*obj)", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 969); AnnotateMozCrashReason("MOZ_ASSERT" "(" "js::IsExtendedPrimitive(*obj)"
")"); do { *((volatile int*)__null) = 969; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
970
971 if (obj->is<RecordType>()) {
972 return JSTYPE_RECORD;
973 }
974 if (obj->is<TupleType>()) {
975 return JSTYPE_TUPLE;
976 }
977 MOZ_CRASH("Unknown ExtendedPrimitive")do { do { } while (false); MOZ_ReportCrash("" "Unknown ExtendedPrimitive"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 977); AnnotateMozCrashReason("MOZ_CRASH(" "Unknown ExtendedPrimitive"
")"); do { *((volatile int*)__null) = 977; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
978}
979#endif
980
981JSType js::TypeOfValue(const Value& v) {
982 switch (v.type()) {
983 case ValueType::Double:
984 case ValueType::Int32:
985 return JSTYPE_NUMBER;
986 case ValueType::String:
987 return JSTYPE_STRING;
988 case ValueType::Null:
989 return JSTYPE_OBJECT;
990 case ValueType::Undefined:
991 return JSTYPE_UNDEFINED;
992 case ValueType::Object:
993 return TypeOfObject(&v.toObject());
994#ifdef ENABLE_RECORD_TUPLE
995 case ValueType::ExtendedPrimitive:
996 return TypeOfExtendedPrimitive(&v.toExtendedPrimitive());
997#endif
998 case ValueType::Boolean:
999 return JSTYPE_BOOLEAN;
1000 case ValueType::BigInt:
1001 return JSTYPE_BIGINT;
1002 case ValueType::Symbol:
1003 return JSTYPE_SYMBOL;
1004 case ValueType::Magic:
1005 case ValueType::PrivateGCThing:
1006 break;
1007 }
1008
1009 ReportBadValueTypeAndCrash(v);
1010}
1011
1012bool js::CheckClassHeritageOperation(JSContext* cx, HandleValue heritage) {
1013 if (IsConstructor(heritage)) {
1014 return true;
1015 }
1016
1017 if (heritage.isNull()) {
1018 return true;
1019 }
1020
1021 if (heritage.isObject()) {
1022 ReportIsNotFunction(cx, heritage, 0, CONSTRUCT);
1023 return false;
1024 }
1025
1026 ReportValueError(cx, JSMSG_BAD_HERITAGE, -1, heritage, nullptr,
1027 "not an object or null");
1028 return false;
1029}
1030
1031PlainObject* js::ObjectWithProtoOperation(JSContext* cx, HandleValue val) {
1032 if (!val.isObjectOrNull()) {
1033 ReportValueError(cx, JSMSG_NOT_OBJORNULL, -1, val, nullptr);
1034 return nullptr;
1035 }
1036
1037 RootedObject proto(cx, val.toObjectOrNull());
1038 return NewPlainObjectWithProto(cx, proto);
1039}
1040
1041JSObject* js::FunWithProtoOperation(JSContext* cx, HandleFunction fun,
1042 HandleObject parent, HandleObject proto) {
1043 return CloneFunctionReuseScript(cx, fun, parent, proto);
1044}
1045
1046/*
1047 * Enter the new with environment using an object at sp[-1] and associate the
1048 * depth of the with block with sp + stackIndex.
1049 */
1050bool js::EnterWithOperation(JSContext* cx, AbstractFramePtr frame,
1051 HandleValue val, Handle<WithScope*> scope) {
1052 RootedObject obj(cx);
1053 if (val.isObject()) {
1054 obj = &val.toObject();
1055 } else {
1056 obj = ToObject(cx, val);
1057 if (!obj) {
1058 return false;
1059 }
1060 }
1061
1062 RootedObject envChain(cx, frame.environmentChain());
1063 WithEnvironmentObject* withobj =
1064 WithEnvironmentObject::create(cx, obj, envChain, scope);
1065 if (!withobj) {
1066 return false;
1067 }
1068
1069 frame.pushOnEnvironmentChain(*withobj);
1070 return true;
1071}
1072
1073static void PopEnvironment(JSContext* cx, EnvironmentIter& ei) {
1074 switch (ei.scope().kind()) {
1075 case ScopeKind::Lexical:
1076 case ScopeKind::SimpleCatch:
1077 case ScopeKind::Catch:
1078 case ScopeKind::NamedLambda:
1079 case ScopeKind::StrictNamedLambda:
1080 case ScopeKind::FunctionLexical:
1081 case ScopeKind::ClassBody:
1082 if (MOZ_UNLIKELY(cx->realm()->isDebuggee())(__builtin_expect(!!(cx->realm()->isDebuggee()), 0))) {
1083 DebugEnvironments::onPopLexical(cx, ei);
1084 }
1085 if (ei.scope().hasEnvironment()) {
1086 ei.initialFrame()
1087 .popOffEnvironmentChain<ScopedLexicalEnvironmentObject>();
1088 }
1089 break;
1090 case ScopeKind::With:
1091 if (MOZ_UNLIKELY(cx->realm()->isDebuggee())(__builtin_expect(!!(cx->realm()->isDebuggee()), 0))) {
1092 DebugEnvironments::onPopWith(ei.initialFrame());
1093 }
1094 ei.initialFrame().popOffEnvironmentChain<WithEnvironmentObject>();
1095 break;
1096 case ScopeKind::Function:
1097 if (MOZ_UNLIKELY(cx->realm()->isDebuggee())(__builtin_expect(!!(cx->realm()->isDebuggee()), 0))) {
1098 DebugEnvironments::onPopCall(cx, ei.initialFrame());
1099 }
1100 if (ei.scope().hasEnvironment()) {
1101 ei.initialFrame().popOffEnvironmentChain<CallObject>();
1102 }
1103 break;
1104 case ScopeKind::FunctionBodyVar:
1105 case ScopeKind::StrictEval:
1106 if (MOZ_UNLIKELY(cx->realm()->isDebuggee())(__builtin_expect(!!(cx->realm()->isDebuggee()), 0))) {
1107 DebugEnvironments::onPopVar(cx, ei);
1108 }
1109 if (ei.scope().hasEnvironment()) {
1110 ei.initialFrame().popOffEnvironmentChain<VarEnvironmentObject>();
1111 }
1112 break;
1113 case ScopeKind::Module:
1114 if (MOZ_UNLIKELY(cx->realm()->isDebuggee())(__builtin_expect(!!(cx->realm()->isDebuggee()), 0))) {
1115 DebugEnvironments::onPopModule(cx, ei);
1116 }
1117 break;
1118 case ScopeKind::Eval:
1119 case ScopeKind::Global:
1120 case ScopeKind::NonSyntactic:
1121 break;
1122 case ScopeKind::WasmInstance:
1123 case ScopeKind::WasmFunction:
1124 MOZ_CRASH("wasm is not interpreted")do { do { } while (false); MOZ_ReportCrash("" "wasm is not interpreted"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1124); AnnotateMozCrashReason("MOZ_CRASH(" "wasm is not interpreted"
")"); do { *((volatile int*)__null) = 1124; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
1125 break;
1126 }
1127}
1128
1129// Unwind environment chain and iterator to match the env corresponding to
1130// the given bytecode position.
1131void js::UnwindEnvironment(JSContext* cx, EnvironmentIter& ei, jsbytecode* pc) {
1132 if (!ei.withinInitialFrame()) {
1133 return;
1134 }
1135
1136 Rooted<Scope*> scope(cx, ei.initialFrame().script()->innermostScope(pc));
1137
1138#ifdef DEBUG1
1139 // A frame's environment chain cannot be unwound to anything enclosing the
1140 // body scope of a script. This includes the parameter defaults
1141 // environment and the decl env object. These environments, once pushed
1142 // onto the environment chain, are expected to be there for the duration
1143 // of the frame.
1144 //
1145 // Attempting to unwind to the parameter defaults code in a script is a
1146 // bug; that section of code has no try-catch blocks.
1147 JSScript* script = ei.initialFrame().script();
1148 for (uint32_t i = 0; i < script->bodyScopeIndex(); i++) {
1149 MOZ_ASSERT(scope != script->getScope(GCThingIndex(i)))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(scope != script->getScope(GCThingIndex(i)))>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(scope != script->getScope(GCThingIndex(i))))), 0)
)) { do { } while (false); MOZ_ReportAssertionFailure("scope != script->getScope(GCThingIndex(i))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1149); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope != script->getScope(GCThingIndex(i))"
")"); do { *((volatile int*)__null) = 1149; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1150 }
1151#endif
1152
1153 for (; ei.maybeScope() != scope; ei++) {
1154 PopEnvironment(cx, ei);
1155 }
1156}
1157
1158// Unwind all environments. This is needed because block scopes may cover the
1159// first bytecode at a script's main(). e.g.,
1160//
1161// function f() { { let i = 0; } }
1162//
1163// will have no pc location distinguishing the first block scope from the
1164// outermost function scope.
1165void js::UnwindAllEnvironmentsInFrame(JSContext* cx, EnvironmentIter& ei) {
1166 for (; ei.withinInitialFrame(); ei++) {
1167 PopEnvironment(cx, ei);
1168 }
1169}
1170
1171// Compute the pc needed to unwind the environment to the beginning of a try
1172// block. We cannot unwind to *after* the JSOp::Try, because that might be the
1173// first opcode of an inner scope, with the same problem as above. e.g.,
1174//
1175// try { { let x; } }
1176//
1177// will have no pc location distinguishing the try block scope from the inner
1178// let block scope.
1179jsbytecode* js::UnwindEnvironmentToTryPc(JSScript* script, const TryNote* tn) {
1180 jsbytecode* pc = script->offsetToPC(tn->start);
1181 if (tn->kind() == TryNoteKind::Catch || tn->kind() == TryNoteKind::Finally) {
1182 pc -= JSOpLength_Try;
1183 MOZ_ASSERT(JSOp(*pc) == JSOp::Try)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(JSOp(*pc) == JSOp::Try)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(JSOp(*pc) == JSOp::Try))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("JSOp(*pc) == JSOp::Try"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1183); AnnotateMozCrashReason("MOZ_ASSERT" "(" "JSOp(*pc) == JSOp::Try"
")"); do { *((volatile int*)__null) = 1183; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1184 } else if (tn->kind() == TryNoteKind::Destructuring) {
1185 pc -= JSOpLength_TryDestructuring;
1186 MOZ_ASSERT(JSOp(*pc) == JSOp::TryDestructuring)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(JSOp(*pc) == JSOp::TryDestructuring)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(JSOp(*pc) == JSOp::TryDestructuring
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"JSOp(*pc) == JSOp::TryDestructuring", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1186); AnnotateMozCrashReason("MOZ_ASSERT" "(" "JSOp(*pc) == JSOp::TryDestructuring"
")"); do { *((volatile int*)__null) = 1186; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1187 }
1188 return pc;
1189}
1190
1191static void SettleOnTryNote(JSContext* cx, const TryNote* tn,
1192 EnvironmentIter& ei, InterpreterRegs& regs) {
1193 // Unwind the environment to the beginning of the JSOp::Try.
1194 UnwindEnvironment(cx, ei, UnwindEnvironmentToTryPc(regs.fp()->script(), tn));
1195
1196 // Set pc to the first bytecode after the the try note to point
1197 // to the beginning of catch or finally.
1198 regs.pc = regs.fp()->script()->offsetToPC(tn->start + tn->length);
1199 regs.sp = regs.spForStackDepth(tn->stackDepth);
1200}
1201
1202class InterpreterTryNoteFilter {
1203 const InterpreterRegs& regs_;
1204
1205 public:
1206 explicit InterpreterTryNoteFilter(const InterpreterRegs& regs)
1207 : regs_(regs) {}
1208 bool operator()(const TryNote* note) {
1209 return note->stackDepth <= regs_.stackDepth();
1210 }
1211};
1212
1213class TryNoteIterInterpreter : public TryNoteIter<InterpreterTryNoteFilter> {
1214 public:
1215 TryNoteIterInterpreter(JSContext* cx, const InterpreterRegs& regs)
1216 : TryNoteIter(cx, regs.fp()->script(), regs.pc,
1217 InterpreterTryNoteFilter(regs)) {}
1218};
1219
1220static void UnwindIteratorsForUncatchableException(
1221 JSContext* cx, const InterpreterRegs& regs) {
1222 // c.f. the regular (catchable) TryNoteIterInterpreter loop in
1223 // ProcessTryNotes.
1224 for (TryNoteIterInterpreter tni(cx, regs); !tni.done(); ++tni) {
1225 const TryNote* tn = *tni;
1226 switch (tn->kind()) {
1227 case TryNoteKind::ForIn: {
1228 Value* sp = regs.spForStackDepth(tn->stackDepth);
1229 UnwindIteratorForUncatchableException(&sp[-1].toObject());
1230 break;
1231 }
1232 default:
1233 break;
1234 }
1235 }
1236}
1237
1238enum HandleErrorContinuation {
1239 SuccessfulReturnContinuation,
1240 ErrorReturnContinuation,
1241 CatchContinuation,
1242 FinallyContinuation
1243};
1244
1245static HandleErrorContinuation ProcessTryNotes(JSContext* cx,
1246 EnvironmentIter& ei,
1247 InterpreterRegs& regs) {
1248 for (TryNoteIterInterpreter tni(cx, regs); !tni.done(); ++tni) {
1249 const TryNote* tn = *tni;
1250
1251 switch (tn->kind()) {
1252 case TryNoteKind::Catch:
1253 /* Catch cannot intercept the closing of a generator. */
1254 if (cx->isClosingGenerator()) {
1255 break;
1256 }
1257
1258 SettleOnTryNote(cx, tn, ei, regs);
1259 return CatchContinuation;
1260
1261 case TryNoteKind::Finally:
1262 SettleOnTryNote(cx, tn, ei, regs);
1263 return FinallyContinuation;
1264
1265 case TryNoteKind::ForIn: {
1266 /* This is similar to JSOp::EndIter in the interpreter loop. */
1267 MOZ_ASSERT(tn->stackDepth <= regs.stackDepth())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(tn->stackDepth <= regs.stackDepth())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(tn->stackDepth <= regs.stackDepth()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("tn->stackDepth <= regs.stackDepth()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1267); AnnotateMozCrashReason("MOZ_ASSERT" "(" "tn->stackDepth <= regs.stackDepth()"
")"); do { *((volatile int*)__null) = 1267; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1268 Value* sp = regs.spForStackDepth(tn->stackDepth);
1269 JSObject* obj = &sp[-1].toObject();
1270 CloseIterator(obj);
1271 break;
1272 }
1273
1274 case TryNoteKind::Destructuring: {
1275 // Whether the destructuring iterator is done is at the top of the
1276 // stack. The iterator object is second from the top.
1277 MOZ_ASSERT(tn->stackDepth > 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(tn->stackDepth > 1)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(tn->stackDepth > 1))),
0))) { do { } while (false); MOZ_ReportAssertionFailure("tn->stackDepth > 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1277); AnnotateMozCrashReason("MOZ_ASSERT" "(" "tn->stackDepth > 1"
")"); do { *((volatile int*)__null) = 1277; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1278 Value* sp = regs.spForStackDepth(tn->stackDepth);
1279 RootedValue doneValue(cx, sp[-1]);
1280 MOZ_RELEASE_ASSERT(!doneValue.isMagic())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!doneValue.isMagic())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!doneValue.isMagic()))), 0))
) { do { } while (false); MOZ_ReportAssertionFailure("!doneValue.isMagic()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1280); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "!doneValue.isMagic()"
")"); do { *((volatile int*)__null) = 1280; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1281 bool done = ToBoolean(doneValue);
1282 if (!done) {
1283 RootedObject iterObject(cx, &sp[-2].toObject());
1284 if (!IteratorCloseForException(cx, iterObject)) {
1285 SettleOnTryNote(cx, tn, ei, regs);
1286 return ErrorReturnContinuation;
1287 }
1288 }
1289 break;
1290 }
1291
1292 case TryNoteKind::ForOf:
1293 case TryNoteKind::Loop:
1294 break;
1295
1296 // TryNoteKind::ForOfIterClose is handled internally by the try note
1297 // iterator.
1298 default:
1299 MOZ_CRASH("Invalid try note")do { do { } while (false); MOZ_ReportCrash("" "Invalid try note"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1299); AnnotateMozCrashReason("MOZ_CRASH(" "Invalid try note"
")"); do { *((volatile int*)__null) = 1299; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
1300 }
1301 }
1302
1303 return SuccessfulReturnContinuation;
1304}
1305
1306bool js::HandleClosingGeneratorReturn(JSContext* cx, AbstractFramePtr frame,
1307 bool ok) {
1308 /*
1309 * Propagate the exception or error to the caller unless the exception
1310 * is an asynchronous return from a generator.
1311 */
1312 if (cx->isClosingGenerator()) {
1313 cx->clearPendingException();
1314 ok = true;
1315 auto* genObj = GetGeneratorObjectForFrame(cx, frame);
1316 genObj->setClosed(cx);
1317 }
1318 return ok;
1319}
1320
1321static HandleErrorContinuation HandleError(JSContext* cx,
1322 InterpreterRegs& regs) {
1323 MOZ_ASSERT(regs.fp()->script()->containsPC(regs.pc))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(regs.fp()->script()->containsPC(regs.pc))>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(regs.fp()->script()->containsPC(regs.pc)))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("regs.fp()->script()->containsPC(regs.pc)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1323); AnnotateMozCrashReason("MOZ_ASSERT" "(" "regs.fp()->script()->containsPC(regs.pc)"
")"); do { *((volatile int*)__null) = 1323; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1324 MOZ_ASSERT(cx->realm() == regs.fp()->script()->realm())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->realm() == regs.fp()->script()->realm()
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(cx->realm() == regs.fp()->script()->realm()
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"cx->realm() == regs.fp()->script()->realm()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1324); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->realm() == regs.fp()->script()->realm()"
")"); do { *((volatile int*)__null) = 1324; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1325
1326 if (regs.fp()->script()->hasScriptCounts()) {
1327 PCCounts* counts = regs.fp()->script()->getThrowCounts(regs.pc);
1328 // If we failed to allocate, then skip the increment and continue to
1329 // handle the exception.
1330 if (counts) {
1331 counts->numExec()++;
1332 }
1333 }
1334
1335 EnvironmentIter ei(cx, regs.fp(), regs.pc);
1336 bool ok = false;
1337
1338again:
1339 if (cx->isExceptionPending()) {
1340 /* Call debugger throw hooks. */
1341 if (!cx->isClosingGenerator()) {
1342 if (!DebugAPI::onExceptionUnwind(cx, regs.fp())) {
1343 if (!cx->isExceptionPending()) {
1344 goto again;
1345 }
1346 }
1347 // Ensure that the debugger hasn't returned 'true' while clearing the
1348 // exception state.
1349 MOZ_ASSERT(cx->isExceptionPending())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->isExceptionPending())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(cx->isExceptionPending())
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("cx->isExceptionPending()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1349); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->isExceptionPending()"
")"); do { *((volatile int*)__null) = 1349; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1350 }
1351
1352 HandleErrorContinuation res = ProcessTryNotes(cx, ei, regs);
1353 switch (res) {
1354 case SuccessfulReturnContinuation:
1355 break;
1356 case ErrorReturnContinuation:
1357 goto again;
1358 case CatchContinuation:
1359 case FinallyContinuation:
1360 // No need to increment the PCCounts number of execution here, as
1361 // the interpreter increments any PCCounts if present.
1362 MOZ_ASSERT_IF(regs.fp()->script()->hasScriptCounts(),do { if (regs.fp()->script()->hasScriptCounts()) { do {
static_assert( mozilla::detail::AssertionConditionType<decltype
(regs.fp()->script()->maybeGetPCCounts(regs.pc))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(regs.fp()->script()->maybeGetPCCounts(regs.pc)))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("regs.fp()->script()->maybeGetPCCounts(regs.pc)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1363); AnnotateMozCrashReason("MOZ_ASSERT" "(" "regs.fp()->script()->maybeGetPCCounts(regs.pc)"
")"); do { *((volatile int*)__null) = 1363; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
1363 regs.fp()->script()->maybeGetPCCounts(regs.pc))do { if (regs.fp()->script()->hasScriptCounts()) { do {
static_assert( mozilla::detail::AssertionConditionType<decltype
(regs.fp()->script()->maybeGetPCCounts(regs.pc))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(regs.fp()->script()->maybeGetPCCounts(regs.pc)))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("regs.fp()->script()->maybeGetPCCounts(regs.pc)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1363); AnnotateMozCrashReason("MOZ_ASSERT" "(" "regs.fp()->script()->maybeGetPCCounts(regs.pc)"
")"); do { *((volatile int*)__null) = 1363; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
1364 return res;
1365 }
1366
1367 ok = HandleClosingGeneratorReturn(cx, regs.fp(), ok);
1368 } else {
1369 UnwindIteratorsForUncatchableException(cx, regs);
1370
1371 // We may be propagating a forced return from a debugger hook function.
1372 if (MOZ_UNLIKELY(cx->isPropagatingForcedReturn())(__builtin_expect(!!(cx->isPropagatingForcedReturn()), 0))) {
1373 cx->clearPropagatingForcedReturn();
1374 ok = true;
1375 }
1376 }
1377
1378 ok = DebugAPI::onLeaveFrame(cx, regs.fp(), regs.pc, ok);
1379
1380 // After this point, we will pop the frame regardless. Settle the frame on
1381 // the end of the script.
1382 regs.setToEndOfScript();
1383
1384 return ok ? SuccessfulReturnContinuation : ErrorReturnContinuation;
1385}
1386
1387#define REGS(activation.regs()) (activation.regs())
1388#define PUSH_COPY(v)do { *(activation.regs()).sp++ = (v); cx->debugOnlyCheck((
activation.regs()).sp[-1]); } while (0) \
1389 do { \
1390 *REGS(activation.regs()).sp++ = (v); \
1391 cx->debugOnlyCheck(REGS(activation.regs()).sp[-1]); \
1392 } while (0)
1393#define PUSH_COPY_SKIP_CHECK(v)*(activation.regs()).sp++ = (v) *REGS(activation.regs()).sp++ = (v)
1394#define PUSH_NULL()(activation.regs()).sp++->setNull() REGS(activation.regs()).sp++->setNull()
1395#define PUSH_UNDEFINED()(activation.regs()).sp++->setUndefined() REGS(activation.regs()).sp++->setUndefined()
1396#define PUSH_BOOLEAN(b)(activation.regs()).sp++->setBoolean(b) REGS(activation.regs()).sp++->setBoolean(b)
1397#define PUSH_DOUBLE(d)(activation.regs()).sp++->setDouble(d) REGS(activation.regs()).sp++->setDouble(d)
1398#define PUSH_INT32(i)(activation.regs()).sp++->setInt32(i) REGS(activation.regs()).sp++->setInt32(i)
1399#define PUSH_SYMBOL(s)(activation.regs()).sp++->setSymbol(s) REGS(activation.regs()).sp++->setSymbol(s)
1400#define PUSH_BIGINT(b)(activation.regs()).sp++->setBigInt(b) REGS(activation.regs()).sp++->setBigInt(b)
1401#define PUSH_STRING(s)do { (activation.regs()).sp++->setString(s); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0) \
1402 do { \
1403 REGS(activation.regs()).sp++->setString(s); \
1404 cx->debugOnlyCheck(REGS(activation.regs()).sp[-1]); \
1405 } while (0)
1406#define PUSH_OBJECT(obj)do { (activation.regs()).sp++->setObject(obj); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0) \
1407 do { \
1408 REGS(activation.regs()).sp++->setObject(obj); \
1409 cx->debugOnlyCheck(REGS(activation.regs()).sp[-1]); \
1410 } while (0)
1411#define PUSH_OBJECT_OR_NULL(obj)do { (activation.regs()).sp++->setObjectOrNull(obj); cx->
debugOnlyCheck((activation.regs()).sp[-1]); } while (0) \
1412 do { \
1413 REGS(activation.regs()).sp++->setObjectOrNull(obj); \
1414 cx->debugOnlyCheck(REGS(activation.regs()).sp[-1]); \
1415 } while (0)
1416#ifdef ENABLE_RECORD_TUPLE
1417# define PUSH_EXTENDED_PRIMITIVE(obj) \
1418 do { \
1419 REGS(activation.regs()).sp++->setExtendedPrimitive(obj); \
1420 cx->debugOnlyCheck(REGS(activation.regs()).sp[-1]); \
1421 } while (0)
1422#endif
1423#define PUSH_MAGIC(magic)(activation.regs()).sp++->setMagic(magic) REGS(activation.regs()).sp++->setMagic(magic)
1424#define POP_COPY_TO(v)(v) = *--(activation.regs()).sp (v) = *--REGS(activation.regs()).sp
1425#define POP_RETURN_VALUE()(activation.regs()).fp()->setReturnValue(*--(activation.regs
()).sp) REGS(activation.regs()).fp()->setReturnValue(*--REGS(activation.regs()).sp)
1426
1427/*
1428 * Same for JSOp::SetName and JSOp::SetProp, which differ only slightly but
1429 * remain distinct for the decompiler.
1430 */
1431static_assert(JSOpLength_SetName == JSOpLength_SetProp);
1432
1433/* See TRY_BRANCH_AFTER_COND. */
1434static_assert(JSOpLength_JumpIfTrue == JSOpLength_JumpIfFalse);
1435static_assert(uint8_t(JSOp::JumpIfTrue) == uint8_t(JSOp::JumpIfFalse) + 1);
1436
1437/*
1438 * Compute the implicit |this| value used by a call expression with an
1439 * unqualified name reference. The environment the binding was found on is
1440 * passed as argument, env.
1441 *
1442 * The implicit |this| is |undefined| for all environment types except
1443 * WithEnvironmentObject. This is the case for |with(...) {...}| expressions or
1444 * if the embedding uses a non-syntactic WithEnvironmentObject.
1445 *
1446 * NOTE: A non-syntactic WithEnvironmentObject may have a corresponding
1447 * extensible LexicalEnviornmentObject, but it will not be considered as an
1448 * implicit |this|. This is for compatibility with the Gecko subscript loader.
1449 */
1450static inline Value ComputeImplicitThis(JSObject* env) {
1451 // Fast-path for GlobalObject
1452 if (env->is<GlobalObject>()) {
1453 return UndefinedValue();
1454 }
1455
1456 // WithEnvironmentObjects have an actual implicit |this|
1457 if (env->is<WithEnvironmentObject>()) {
1458 auto* thisObject = env->as<WithEnvironmentObject>().withThis();
1459 return ObjectValue(*thisObject);
1460 }
1461
1462 // Debugger environments need special casing, as despite being
1463 // non-syntactic, they wrap syntactic environments and should not be
1464 // treated like other embedding-specific non-syntactic environments.
1465 if (env->is<DebugEnvironmentProxy>()) {
1466 return ComputeImplicitThis(&env->as<DebugEnvironmentProxy>().environment());
1467 }
1468
1469 MOZ_ASSERT(env->is<EnvironmentObject>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(env->is<EnvironmentObject>())>::isValid,
"invalid assertion condition"); if ((__builtin_expect(!!(!(!
!(env->is<EnvironmentObject>()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("env->is<EnvironmentObject>()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1469); AnnotateMozCrashReason("MOZ_ASSERT" "(" "env->is<EnvironmentObject>()"
")"); do { *((volatile int*)__null) = 1469; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1470 return UndefinedValue();
1471}
1472
1473// BigInt proposal 3.2.4 Abstract Relational Comparison
1474// Returns Nothing when at least one operand is a NaN, or when
1475// ToNumeric or StringToBigInt can't interpret a string as a numeric
1476// value. (These cases correspond to a NaN result in the spec.)
1477// Otherwise, return a boolean to indicate whether lhs is less than
1478// rhs. The operands must be primitives; the caller is responsible for
1479// evaluating them in the correct order.
1480static MOZ_ALWAYS_INLINEinline bool LessThanImpl(JSContext* cx,
1481 MutableHandleValue lhs,
1482 MutableHandleValue rhs,
1483 mozilla::Maybe<bool>& res) {
1484 // Steps 1 and 2 are performed by the caller.
1485
1486 // Step 3.
1487 if (lhs.isString() && rhs.isString()) {
1488 JSString* l = lhs.toString();
1489 JSString* r = rhs.toString();
1490 int32_t result;
1491 if (!CompareStrings(cx, l, r, &result)) {
1492 return false;
1493 }
1494 res = mozilla::Some(result < 0);
1495 return true;
1496 }
1497
1498 // Step 4a.
1499 if (lhs.isBigInt() && rhs.isString()) {
1500 return BigInt::lessThan(cx, lhs, rhs, res);
1501 }
1502
1503 // Step 4b.
1504 if (lhs.isString() && rhs.isBigInt()) {
1505 return BigInt::lessThan(cx, lhs, rhs, res);
1506 }
1507
1508 // Steps 4c and 4d.
1509 if (!ToNumeric(cx, lhs) || !ToNumeric(cx, rhs)) {
1510 return false;
1511 }
1512
1513 // Steps 4e-j.
1514 if (lhs.isBigInt() || rhs.isBigInt()) {
1515 return BigInt::lessThan(cx, lhs, rhs, res);
1516 }
1517
1518 // Step 4e for Number operands.
1519 MOZ_ASSERT(lhs.isNumber() && rhs.isNumber())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(lhs.isNumber() && rhs.isNumber())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(lhs.isNumber() && rhs.isNumber()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("lhs.isNumber() && rhs.isNumber()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1519); AnnotateMozCrashReason("MOZ_ASSERT" "(" "lhs.isNumber() && rhs.isNumber()"
")"); do { *((volatile int*)__null) = 1519; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1520 double lhsNum = lhs.toNumber();
1521 double rhsNum = rhs.toNumber();
1522
1523 if (std::isnan(lhsNum) || std::isnan(rhsNum)) {
1524 res = mozilla::Maybe<bool>(mozilla::Nothing());
1525 return true;
1526 }
1527
1528 res = mozilla::Some(lhsNum < rhsNum);
1529 return true;
1530}
1531
1532static MOZ_ALWAYS_INLINEinline bool LessThanOperation(JSContext* cx,
1533 MutableHandleValue lhs,
1534 MutableHandleValue rhs,
1535 bool* res) {
1536 if (lhs.isInt32() && rhs.isInt32()) {
1537 *res = lhs.toInt32() < rhs.toInt32();
1538 return true;
1539 }
1540
1541 if (!ToPrimitive(cx, JSTYPE_NUMBER, lhs)) {
1542 return false;
1543 }
1544
1545 if (!ToPrimitive(cx, JSTYPE_NUMBER, rhs)) {
1546 return false;
1547 }
1548
1549 mozilla::Maybe<bool> tmpResult;
1550 if (!LessThanImpl(cx, lhs, rhs, tmpResult)) {
1551 return false;
1552 }
1553 *res = tmpResult.valueOr(false);
1554 return true;
1555}
1556
1557static MOZ_ALWAYS_INLINEinline bool LessThanOrEqualOperation(JSContext* cx,
1558 MutableHandleValue lhs,
1559 MutableHandleValue rhs,
1560 bool* res) {
1561 if (lhs.isInt32() && rhs.isInt32()) {
1562 *res = lhs.toInt32() <= rhs.toInt32();
1563 return true;
1564 }
1565
1566 if (!ToPrimitive(cx, JSTYPE_NUMBER, lhs)) {
1567 return false;
1568 }
1569
1570 if (!ToPrimitive(cx, JSTYPE_NUMBER, rhs)) {
1571 return false;
1572 }
1573
1574 mozilla::Maybe<bool> tmpResult;
1575 if (!LessThanImpl(cx, rhs, lhs, tmpResult)) {
1576 return false;
1577 }
1578 *res = !tmpResult.valueOr(true);
1579 return true;
1580}
1581
1582static MOZ_ALWAYS_INLINEinline bool GreaterThanOperation(JSContext* cx,
1583 MutableHandleValue lhs,
1584 MutableHandleValue rhs,
1585 bool* res) {
1586 if (lhs.isInt32() && rhs.isInt32()) {
1587 *res = lhs.toInt32() > rhs.toInt32();
1588 return true;
1589 }
1590
1591 if (!ToPrimitive(cx, JSTYPE_NUMBER, lhs)) {
1592 return false;
1593 }
1594
1595 if (!ToPrimitive(cx, JSTYPE_NUMBER, rhs)) {
1596 return false;
1597 }
1598
1599 mozilla::Maybe<bool> tmpResult;
1600 if (!LessThanImpl(cx, rhs, lhs, tmpResult)) {
1601 return false;
1602 }
1603 *res = tmpResult.valueOr(false);
1604 return true;
1605}
1606
1607static MOZ_ALWAYS_INLINEinline bool GreaterThanOrEqualOperation(
1608 JSContext* cx, MutableHandleValue lhs, MutableHandleValue rhs, bool* res) {
1609 if (lhs.isInt32() && rhs.isInt32()) {
1610 *res = lhs.toInt32() >= rhs.toInt32();
1611 return true;
1612 }
1613
1614 if (!ToPrimitive(cx, JSTYPE_NUMBER, lhs)) {
1615 return false;
1616 }
1617
1618 if (!ToPrimitive(cx, JSTYPE_NUMBER, rhs)) {
1619 return false;
1620 }
1621
1622 mozilla::Maybe<bool> tmpResult;
1623 if (!LessThanImpl(cx, lhs, rhs, tmpResult)) {
1624 return false;
1625 }
1626 *res = !tmpResult.valueOr(true);
1627 return true;
1628}
1629
1630static MOZ_ALWAYS_INLINEinline bool SetObjectElementOperation(
1631 JSContext* cx, HandleObject obj, HandleId id, HandleValue value,
1632 HandleValue receiver, bool strict) {
1633 ObjectOpResult result;
1634 return SetProperty(cx, obj, id, value, receiver, result) &&
1635 result.checkStrictModeError(cx, obj, id, strict);
1636}
1637
1638void js::ReportInNotObjectError(JSContext* cx, HandleValue lref,
1639 HandleValue rref) {
1640 auto uniqueCharsFromString = [](JSContext* cx,
1641 HandleValue ref) -> UniqueChars {
1642 static const size_t MaxStringLength = 16;
1643 RootedString str(cx, ref.toString());
1644 if (str->length() > MaxStringLength) {
1645 JSStringBuilder buf(cx);
1646 if (!buf.appendSubstring(str, 0, MaxStringLength)) {
1647 return nullptr;
1648 }
1649 if (!buf.append("...")) {
1650 return nullptr;
1651 }
1652 str = buf.finishString();
1653 if (!str) {
1654 return nullptr;
1655 }
1656 }
1657 return QuoteString(cx, str, '"');
1658 };
1659
1660 if (lref.isString() && rref.isString()) {
1661 UniqueChars lbytes = uniqueCharsFromString(cx, lref);
1662 if (!lbytes) {
1663 return;
1664 }
1665 UniqueChars rbytes = uniqueCharsFromString(cx, rref);
1666 if (!rbytes) {
1667 return;
1668 }
1669 JS_ReportErrorNumberUTF8(cx, GetErrorMessage, nullptr, JSMSG_IN_STRING,
1670 lbytes.get(), rbytes.get());
1671 return;
1672 }
1673
1674 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_IN_NOT_OBJECT,
1675 InformalValueTypeName(rref));
1676}
1677
1678#ifdef ENABLE_EXPLICIT_RESOURCE_MANAGEMENT
1679
1680enum SyncDisposalClosureSlots {
1681 SyncDisposalClosureSlot_MethodSlot = 0,
1682};
1683
1684// TODO: the following methods are to varying degrees
1685// shared between the interpreter, DisposableStack/AsyncDisposableStack,
1686// jit, etc. find a way to better organise these in one place. (bug 1913999)
1687
1688// Explicit Resource Management Proposal
1689// 7.5.6 GetDisposeMethod ( V, hint )
1690// https://arai-a.github.io/ecma262-compare/?pr=3000&id=sec-getdisposemethod
1691// Steps 1.b.ii.1.a-f
1692static bool SyncDisposalClosure(JSContext* cx, unsigned argc, JS::Value* vp) {
1693 JS::CallArgs args = CallArgsFromVp(argc, vp);
1694
1695 JS::Rooted<JSFunction*> callee(cx, &args.callee().as<JSFunction>());
1696
1697 JS::Rooted<JS::Value> method(
1698 cx, callee->getExtendedSlot(SyncDisposalClosureSlot_MethodSlot));
1699
1700 // Step 1.b.ii.1.a. Let O be the this value.
1701 JS::Rooted<JS::Value> O(cx, args.thisv());
1702
1703 // Step 1.b.ii.1.b. Let promiseCapability be !
1704 // NewPromiseCapability(%Promise%).
1705 JSObject* createPromise = JS::NewPromiseObject(cx, nullptr);
1706 if (!createPromise) {
1707 return false;
1708 }
1709 JS::Rooted<PromiseObject*> promiseCapability(
1710 cx, &createPromise->as<PromiseObject>());
1711
1712 // Step 1.b.ii.1.c. Let result be Completion(Call(method, O)).
1713 JS::Rooted<JS::Value> rval(cx);
1714 bool result = Call(cx, method, O, &rval);
1715
1716 // Step 1.b.ii.1.d. IfAbruptRejectPromise(result, promiseCapability).
1717 if (!result) {
1718 return AbruptRejectPromise(cx, args, promiseCapability, nullptr);
1719 }
1720
1721 // Step 1.b.ii.1.e. Perform ? Call(promiseCapability.[[Resolve]], undefined, «
1722 // undefined »).
1723 if (!JS::ResolvePromise(cx, promiseCapability, JS::UndefinedHandleValue)) {
1724 return false;
1725 }
1726
1727 // Step 1.b.ii.1.f. Return promiseCapability.[[Promise]].
1728 args.rval().set(JS::ObjectValue(*promiseCapability));
1729 return true;
1730}
1731
1732// Explicit Resource Management Proposal
1733// GetDisposeMethod ( V, hint )
1734// https://arai-a.github.io/ecma262-compare/?pr=3000&id=sec-getdisposemethod
1735bool js::GetDisposeMethod(JSContext* cx, JS::Handle<JS::Value> objVal,
1736 UsingHint hint,
1737 JS::MutableHandle<JS::Value> disposeMethod) {
1738 switch (hint) {
1739 case UsingHint::Async: {
1740 // Step 1. If hint is async-dispose, then
1741 // Step 1.a. Let method be ? GetMethod(V, @@asyncDispose).
1742 // GetMethod throws TypeError if method is not callable
1743 // this is handled below at the end of the function.
1744 JS::Rooted<JS::PropertyKey> idAsync(
1745 cx, PropertyKey::Symbol(cx->wellKnownSymbols().asyncDispose));
1746 JS::Rooted<JSObject*> obj(cx, &objVal.toObject());
1747
1748 if (!GetProperty(cx, obj, obj, idAsync, disposeMethod)) {
1749 return false;
1750 }
1751
1752 // Step 1.b. If method is undefined, then
1753 // GetMethod returns undefined if the function is null but
1754 // since we do not do the conversion here we check for
1755 // null or undefined here.
1756 if (disposeMethod.isNullOrUndefined()) {
1757 // Step 1.b.i. Set method to ? GetMethod(V, @@dispose).
1758 JS::Rooted<JS::PropertyKey> idSync(
1759 cx, PropertyKey::Symbol(cx->wellKnownSymbols().dispose));
1760 JS::Rooted<JS::Value> syncDisposeMethod(cx);
1761 if (!GetProperty(cx, obj, obj, idSync, &syncDisposeMethod)) {
1762 return false;
1763 }
1764
1765 if (!syncDisposeMethod.isNullOrUndefined()) {
1766 // Step 1.b.ii. If method is not undefined, then
1767 if (!IsCallable(syncDisposeMethod)) {
1768 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
1769 JSMSG_DISPOSE_NOT_CALLABLE);
1770 return false;
1771 }
1772
1773 // Step 1.b.ii.1. Let closure be a new Abstract Closure with no
1774 // parameters that captures method and performs the following steps
1775 // when called:
1776 // Steps 1.b.ii.1.a-f: See SyncDisposalClosure
1777 // Step 1.b.ii.3. Return CreateBuiltinFunction(closure, 0, "", « »).
1778 JS::Handle<PropertyName*> funName = cx->names().empty_;
1779 JSFunction* asyncWrapper = NewNativeFunction(
1780 cx, SyncDisposalClosure, 0, funName,
1781 gc::AllocKind::FUNCTION_EXTENDED, GenericObject);
1782 if (!asyncWrapper) {
1783 return false;
1784 }
1785 asyncWrapper->initExtendedSlot(SyncDisposalClosureSlot_MethodSlot,
1786 syncDisposeMethod);
1787 disposeMethod.set(JS::ObjectValue(*asyncWrapper));
1788 }
1789 }
1790
1791 break;
1792 }
1793
1794 case UsingHint::Sync: {
1795 // Step 2. Else,
1796 // Step 2.a. Let method be ? GetMethod(V, @@dispose).
1797 JS::Rooted<JS::PropertyKey> id(
1798 cx, PropertyKey::Symbol(cx->wellKnownSymbols().dispose));
1799 JS::Rooted<JSObject*> obj(cx, &objVal.toObject());
1800
1801 if (!GetProperty(cx, obj, obj, id, disposeMethod)) {
1802 return false;
1803 }
1804
1805 break;
1806 }
1807 default:
1808 MOZ_CRASH("Invalid UsingHint")do { do { } while (false); MOZ_ReportCrash("" "Invalid UsingHint"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1808); AnnotateMozCrashReason("MOZ_CRASH(" "Invalid UsingHint"
")"); do { *((volatile int*)__null) = 1808; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
1809 }
1810
1811 // CreateDisposableResource ( V, hint [ , method ] )
1812 // https://arai-a.github.io/ecma262-compare/?pr=3000&id=sec-createdisposableresource
1813 //
1814 // Step 1.b.iii. If method is undefined, throw a TypeError exception.
1815 if (disposeMethod.isNullOrUndefined() || !IsCallable(disposeMethod)) {
1816 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
1817 JSMSG_DISPOSE_NOT_CALLABLE);
1818 return false;
1819 }
1820
1821 return true;
1822}
1823
1824// Explicit Resource Management Proposal
1825// CreateDisposableResource ( V, hint [ , method ] )
1826// https://arai-a.github.io/ecma262-compare/?pr=3000&id=sec-createdisposableresource
1827bool js::CreateDisposableResource(
1828 JSContext* cx, JS::Handle<JS::Value> obj, UsingHint hint,
1829 JS::Handle<mozilla::Maybe<JS::Value>> methodVal,
1830 JS::MutableHandle<JS::Value> result) {
1831 // Step 1. If method is not present, then
1832 JS::Rooted<JS::Value> method(cx);
1833 JS::Rooted<JS::Value> object(cx);
1834 if (!methodVal.isSome()) {
1835 // Step 1.a. If V is either null or undefined, then
1836 if (obj.isNullOrUndefined()) {
1837 // Step 1.a.i. Set V to undefined.
1838 // Step 1.a.ii. Set method to undefined.
1839 object.setUndefined();
1840 method.setUndefined();
1841 } else {
1842 // Step 1.b. Else,
1843 // Step 1.b.i. If V is not an Object, throw a TypeError exception.
1844 if (!obj.isObject()) {
1845 return ThrowCheckIsObject(cx, CheckIsObjectKind::Disposable);
1846 }
1847
1848 // Step 1.b.ii. Set method to ? GetDisposeMethod(V, hint).
1849 // Step 1.b.iii. If method is undefined, throw a TypeError exception.
1850 object.set(obj);
1851 if (!GetDisposeMethod(cx, object, hint, &method)) {
1852 return false;
1853 }
1854 }
1855 } else {
1856 // Step 2. Else,
1857 // Step 2.a. If IsCallable(method) is false, throw a TypeError exception.
1858 if (!IsCallable(*methodVal)) {
1859 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
1860 JSMSG_DISPOSE_NOT_CALLABLE);
1861 return false;
1862 }
1863 object.set(obj);
1864 method.set(*methodVal);
1865 }
1866
1867 // Step 3. Return the
1868 // DisposableResource Record { [[ResourceValue]]: V, [[Hint]]: hint,
1869 // [[DisposeMethod]]: method }.
1870 DisposableRecordObject* disposableRecord =
1871 DisposableRecordObject::create(cx, object, method, hint);
1872 if (!disposableRecord) {
1873 return false;
1874 }
1875 result.set(ObjectValue(*disposableRecord));
1876
1877 return true;
1878}
1879
1880// Explicit Resource Management Proposal
1881// https://arai-a.github.io/ecma262-compare/?pr=3000&id=sec-disposeresources
1882// Steps 3.e.iii.1.c-e.
1883ErrorObject* js::CreateSuppressedError(JSContext* cx,
1884 JS::Handle<JS::Value> error,
1885 JS::Handle<JS::Value> suppressed) {
1886 // Step 3.e.iii.1.c. Let error be a newly created SuppressedError object.
1887 JS_ReportErrorNumberUTF8(cx, GetErrorMessage, nullptr,
1888 JSMSG_ERROR_WAS_SUPPRESSED);
1889
1890 JS::Rooted<JS::Value> thrownSuppressed(cx);
1891
1892 if (!cx->getPendingException(&thrownSuppressed)) {
1893 return nullptr;
1894 }
1895
1896 cx->clearPendingException();
1897
1898 JS::Rooted<ErrorObject*> errorObj(
1899 cx, &thrownSuppressed.toObject().as<ErrorObject>());
1900
1901 // Step 3.e.iii.1.d. Perform
1902 // CreateNonEnumerableDataPropertyOrThrow(error, "error", result).
1903 if (!NativeDefineDataProperty(cx, errorObj, cx->names().error, error, 0)) {
1904 return nullptr;
1905 }
1906
1907 // Step 3.e.iii.1.e. Perform
1908 // CreateNonEnumerableDataPropertyOrThrow(error, "suppressed",
1909 // suppressed).
1910 if (!NativeDefineDataProperty(cx, errorObj, cx->names().suppressed,
1911 suppressed, 0)) {
1912 return nullptr;
1913 }
1914
1915 // TODO: Improve the capturing of stack and error messages (Bug 1906150)
1916
1917 return errorObj;
1918}
1919
1920// Explicit Resource Management Proposal
1921// 7.5.4 AddDisposableResource ( disposeCapability, V, hint [ , method ] )
1922// https://arai-a.github.io/ecma262-compare/?pr=3000&id=sec-adddisposableresource
1923// TODO: It is known at compile time whether or not methodVal will be present.
1924// thus consider splitting the function to avoid the branching. (Bug 1913999)
1925bool js::AddDisposableResource(
1926 JSContext* cx, JS::Handle<ArrayObject*> disposeCapability,
1927 JS::Handle<JS::Value> val, UsingHint hint,
1928 JS::Handle<mozilla::Maybe<JS::Value>> methodVal) {
1929 JS::Rooted<JS::Value> resource(cx);
1930
1931 // Step 1. If method is not present, then
1932 if (!methodVal.isSome()) {
1933 // Step 1.a. If V is either null or undefined and hint is sync-dispose,
1934 // return unused.
1935 if (val.isNullOrUndefined() && hint == UsingHint::Sync) {
1936 return true;
1937 }
1938
1939 // Step 1.c. Let resource be ? CreateDisposableResource(V, hint).
1940 if (!CreateDisposableResource(cx, val, hint, methodVal, &resource)) {
1941 return false;
1942 }
1943 } else {
1944 // Step 2. Else,
1945 // Step 2.a. Assert: V is undefined.
1946 MOZ_ASSERT(val.isUndefined())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(val.isUndefined())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(val.isUndefined()))), 0))) {
do { } while (false); MOZ_ReportAssertionFailure("val.isUndefined()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1946); AnnotateMozCrashReason("MOZ_ASSERT" "(" "val.isUndefined()"
")"); do { *((volatile int*)__null) = 1946; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1947
1948 // Step 2.b. Let resource be ? CreateDisposableResource(undefined, hint,
1949 // method).
1950 if (!CreateDisposableResource(cx, val, hint, methodVal, &resource)) {
1951 return false;
1952 }
1953 }
1954
1955 // Step 3. Append resource to disposeCapability.[[DisposableResourceStack]].
1956 return NewbornArrayPush(cx, disposeCapability, resource);
1957}
1958
1959// Explicit Resource Management Proposal
1960// 7.5.4 AddDisposableResource ( disposeCapability, V, hint [ , method ] )
1961// https://arai-a.github.io/ecma262-compare/?pr=3000&id=sec-adddisposableresource
1962// Step 3
1963bool js::AddDisposableResourceToCapability(JSContext* cx,
1964 JS::Handle<JSObject*> env,
1965 JS::Handle<JS::Value> val,
1966 JS::Handle<JS::Value> method,
1967 bool needsClosure, UsingHint hint) {
1968 JS::Rooted<ArrayObject*> disposeCapability(
1969 cx,
1970 env->as<DisposableEnvironmentObject>().getOrCreateDisposeCapability(cx));
1971 if (!disposeCapability) {
1972 return false;
1973 }
1974
1975 JS::Rooted<JS::Value> disposeMethod(cx);
1976
1977 if (needsClosure) {
1978 JS::Handle<PropertyName*> funName = cx->names().empty_;
1979 JSFunction* asyncWrapper =
1980 NewNativeFunction(cx, SyncDisposalClosure, 0, funName,
1981 gc::AllocKind::FUNCTION_EXTENDED, GenericObject);
1982
1983 if (!asyncWrapper) {
1984 return false;
1985 }
1986 asyncWrapper->initExtendedSlot(SyncDisposalClosureSlot_MethodSlot, method);
1987 disposeMethod.set(JS::ObjectValue(*asyncWrapper));
1988 } else {
1989 disposeMethod.set(method);
1990 }
1991
1992 DisposableRecordObject* disposableRecord =
1993 DisposableRecordObject::create(cx, val, disposeMethod, hint);
1994 if (!disposableRecord) {
1995 return false;
1996 }
1997
1998 return NewbornArrayPush(cx, disposeCapability,
1999 JS::ObjectValue(*disposableRecord));
2000}
2001#endif
2002
2003bool MOZ_NEVER_INLINE__attribute__((noinline)) JS_HAZ_JSNATIVE_CALLER js::Interpret(JSContext* cx,
2004 RunState& state) {
2005/*
2006 * Define macros for an interpreter loop. Opcode dispatch is done by
2007 * indirect goto (aka a threaded interpreter), which is technically
2008 * non-standard but is supported by all of our supported compilers.
2009 */
2010#define INTERPRETER_LOOP()
2011#define CASE(OP)label_OP: label_##OP:
2012#define DEFAULT()label_default: \
2013 label_default:
2014#define DISPATCH_TO(OP)goto* addresses[(OP)] goto* addresses[(OP)]
2015
2016#define LABEL(X)(&&label_X) (&&label_##X)
2017
2018 // Use addresses instead of offsets to optimize for runtime speed over
2019 // load-time relocation overhead.
2020 static const void* const addresses[EnableInterruptsPseudoOpcode + 1] = {
2021#define OPCODE_LABEL(op, ...) LABEL(op)(&&label_op),
2022 FOR_EACH_OPCODE(OPCODE_LABEL)OPCODE_LABEL(Undefined, undefined, "", 1, 0, 1, JOF_BYTE) OPCODE_LABEL
(Null, null, "null", 1, 0, 1, JOF_BYTE) OPCODE_LABEL(False, false_
, "false", 1, 0, 1, JOF_BYTE) OPCODE_LABEL(True, true_, "true"
, 1, 0, 1, JOF_BYTE) OPCODE_LABEL(Int32, int32, __null, 5, 0,
1, JOF_INT32) OPCODE_LABEL(Zero, zero, "0", 1, 0, 1, JOF_BYTE
) OPCODE_LABEL(One, one, "1", 1, 0, 1, JOF_BYTE) OPCODE_LABEL
(Int8, int8, __null, 2, 0, 1, JOF_INT8) OPCODE_LABEL(Uint16, uint16
, __null, 3, 0, 1, JOF_UINT16) OPCODE_LABEL(Uint24, uint24, __null
, 4, 0, 1, JOF_UINT24) OPCODE_LABEL(Double, double_, __null, 9
, 0, 1, JOF_DOUBLE) OPCODE_LABEL(BigInt, big_int, __null, 5, 0
, 1, JOF_BIGINT) OPCODE_LABEL(String, string, __null, 5, 0, 1
, JOF_STRING) OPCODE_LABEL(Symbol, symbol, __null, 2, 0, 1, JOF_UINT8
) OPCODE_LABEL(Void, void_, __null, 1, 1, 1, JOF_BYTE) OPCODE_LABEL
(Typeof, typeof_, __null, 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL
(TypeofExpr, typeof_expr, __null, 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL
(TypeofEq, typeof_eq, __null, 2, 1, 1, JOF_UINT8|JOF_IC) OPCODE_LABEL
(Pos, pos, "+ ", 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Neg, neg
, "- ", 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(BitNot, bit_not
, "~", 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Not, not_, "!",
1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(BitOr, bit_or, "|", 1
, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(BitXor, bit_xor, "^", 1
, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(BitAnd, bit_and, "&"
, 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Eq, eq, "==", 1, 2, 1
, JOF_BYTE|JOF_IC) OPCODE_LABEL(Ne, ne, "!=", 1, 2, 1, JOF_BYTE
|JOF_IC) OPCODE_LABEL(StrictEq, strict_eq, "===", 1, 2, 1, JOF_BYTE
|JOF_IC) OPCODE_LABEL(StrictNe, strict_ne, "!==", 1, 2, 1, JOF_BYTE
|JOF_IC) OPCODE_LABEL(Lt, lt, "<", 1, 2, 1, JOF_BYTE|JOF_IC
) OPCODE_LABEL(Gt, gt, ">", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL
(Le, le, "<=", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Ge, ge
, ">=", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Instanceof,
instanceof, "instanceof", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL
(In, in_, "in", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Lsh, lsh
, "<<", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Rsh, rsh
, ">>", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Ursh, ursh
, ">>>", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Add,
add, "+", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Sub, sub, "-"
, 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Inc, inc, __null, 1,
1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Dec, dec, __null, 1, 1, 1
, JOF_BYTE|JOF_IC) OPCODE_LABEL(Mul, mul, "*", 1, 2, 1, JOF_BYTE
|JOF_IC) OPCODE_LABEL(Div, div, "/", 1, 2, 1, JOF_BYTE|JOF_IC
) OPCODE_LABEL(Mod, mod, "%", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL
(Pow, pow, "**", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(NopIsAssignOp
, nop_is_assign_op, __null, 1, 0, 0, JOF_BYTE) OPCODE_LABEL(ToPropertyKey
, to_property_key, __null, 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL
(ToNumeric, to_numeric, __null, 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL
(ToString, to_string, __null, 1, 1, 1, JOF_BYTE) OPCODE_LABEL
(IsNullOrUndefined, is_null_or_undefined, __null, 1, 1, 2, JOF_BYTE
) OPCODE_LABEL(GlobalThis, global_this, __null, 1, 0, 1, JOF_BYTE
) OPCODE_LABEL(NonSyntacticGlobalThis, non_syntactic_global_this
, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL(NewTarget, new_target
, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL(DynamicImport, dynamic_import
, __null, 1, 2, 1, JOF_BYTE) OPCODE_LABEL(ImportMeta, import_meta
, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL(NewInit, new_init, __null
, 1, 0, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(NewObject, new_object
, __null, 5, 0, 1, JOF_SHAPE|JOF_IC) OPCODE_LABEL(Object, object
, __null, 5, 0, 1, JOF_OBJECT) OPCODE_LABEL(ObjWithProto, obj_with_proto
, __null, 1, 1, 1, JOF_BYTE) OPCODE_LABEL(InitProp, init_prop
, __null, 5, 2, 1, JOF_ATOM|JOF_PROPINIT|JOF_IC) OPCODE_LABEL
(InitHiddenProp, init_hidden_prop, __null, 5, 2, 1, JOF_ATOM|
JOF_PROPINIT|JOF_IC) OPCODE_LABEL(InitLockedProp, init_locked_prop
, __null, 5, 2, 1, JOF_ATOM|JOF_PROPINIT|JOF_IC) OPCODE_LABEL
(InitElem, init_elem, __null, 1, 3, 1, JOF_BYTE|JOF_PROPINIT|
JOF_IC) OPCODE_LABEL(InitHiddenElem, init_hidden_elem, __null
, 1, 3, 1, JOF_BYTE|JOF_PROPINIT|JOF_IC) OPCODE_LABEL(InitLockedElem
, init_locked_elem, __null, 1, 3, 1, JOF_BYTE|JOF_PROPINIT|JOF_IC
) OPCODE_LABEL(InitPropGetter, init_prop_getter, __null, 5, 2
, 1, JOF_ATOM|JOF_PROPINIT) OPCODE_LABEL(InitHiddenPropGetter
, init_hidden_prop_getter, __null, 5, 2, 1, JOF_ATOM|JOF_PROPINIT
) OPCODE_LABEL(InitElemGetter, init_elem_getter, __null, 1, 3
, 1, JOF_BYTE|JOF_PROPINIT) OPCODE_LABEL(InitHiddenElemGetter
, init_hidden_elem_getter, __null, 1, 3, 1, JOF_BYTE|JOF_PROPINIT
) OPCODE_LABEL(InitPropSetter, init_prop_setter, __null, 5, 2
, 1, JOF_ATOM|JOF_PROPINIT) OPCODE_LABEL(InitHiddenPropSetter
, init_hidden_prop_setter, __null, 5, 2, 1, JOF_ATOM|JOF_PROPINIT
) OPCODE_LABEL(InitElemSetter, init_elem_setter, __null, 1, 3
, 1, JOF_BYTE|JOF_PROPINIT) OPCODE_LABEL(InitHiddenElemSetter
, init_hidden_elem_setter, __null, 1, 3, 1, JOF_BYTE|JOF_PROPINIT
) OPCODE_LABEL(GetProp, get_prop, __null, 5, 1, 1, JOF_ATOM|JOF_IC
) OPCODE_LABEL(GetElem, get_elem, __null, 1, 2, 1, JOF_BYTE|JOF_IC
) OPCODE_LABEL(SetProp, set_prop, __null, 5, 2, 1, JOF_ATOM|JOF_PROPSET
|JOF_CHECKSLOPPY|JOF_IC) OPCODE_LABEL(StrictSetProp, strict_set_prop
, __null, 5, 2, 1, JOF_ATOM|JOF_PROPSET|JOF_CHECKSTRICT|JOF_IC
) OPCODE_LABEL(SetElem, set_elem, __null, 1, 3, 1, JOF_BYTE|JOF_PROPSET
|JOF_CHECKSLOPPY|JOF_IC) OPCODE_LABEL(StrictSetElem, strict_set_elem
, __null, 1, 3, 1, JOF_BYTE|JOF_PROPSET|JOF_CHECKSTRICT|JOF_IC
) OPCODE_LABEL(DelProp, del_prop, __null, 5, 1, 1, JOF_ATOM|JOF_CHECKSLOPPY
) OPCODE_LABEL(StrictDelProp, strict_del_prop, __null, 5, 1, 1
, JOF_ATOM|JOF_CHECKSTRICT) OPCODE_LABEL(DelElem, del_elem, __null
, 1, 2, 1, JOF_BYTE|JOF_CHECKSLOPPY) OPCODE_LABEL(StrictDelElem
, strict_del_elem, __null, 1, 2, 1, JOF_BYTE|JOF_CHECKSTRICT)
OPCODE_LABEL(HasOwn, has_own, __null, 1, 2, 1, JOF_BYTE|JOF_IC
) OPCODE_LABEL(CheckPrivateField, check_private_field, __null
, 3, 2, 3, JOF_TWO_UINT8|JOF_CHECKSTRICT|JOF_IC) OPCODE_LABEL
(NewPrivateName, new_private_name, __null, 5, 0, 1, JOF_ATOM)
OPCODE_LABEL(SuperBase, super_base, __null, 1, 1, 1, JOF_BYTE
) OPCODE_LABEL(GetPropSuper, get_prop_super, __null, 5, 2, 1,
JOF_ATOM|JOF_IC) OPCODE_LABEL(GetElemSuper, get_elem_super, __null
, 1, 3, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(SetPropSuper, set_prop_super
, __null, 5, 3, 1, JOF_ATOM|JOF_PROPSET|JOF_CHECKSLOPPY) OPCODE_LABEL
(StrictSetPropSuper, strict_set_prop_super, __null, 5, 3, 1, JOF_ATOM
|JOF_PROPSET|JOF_CHECKSTRICT) OPCODE_LABEL(SetElemSuper, set_elem_super
, __null, 1, 4, 1, JOF_BYTE|JOF_PROPSET|JOF_CHECKSLOPPY) OPCODE_LABEL
(StrictSetElemSuper, strict_set_elem_super, __null, 1, 4, 1, JOF_BYTE
|JOF_PROPSET|JOF_CHECKSTRICT) OPCODE_LABEL(Iter, iter, __null
, 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(MoreIter, more_iter,
__null, 1, 1, 2, JOF_BYTE) OPCODE_LABEL(IsNoIter, is_no_iter
, __null, 1, 1, 2, JOF_BYTE) OPCODE_LABEL(EndIter, end_iter, __null
, 1, 2, 0, JOF_BYTE) OPCODE_LABEL(CloseIter, close_iter, __null
, 2, 1, 0, JOF_UINT8|JOF_IC) OPCODE_LABEL(OptimizeGetIterator
, optimize_get_iterator, __null, 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL
(CheckIsObj, check_is_obj, __null, 2, 1, 1, JOF_UINT8) OPCODE_LABEL
(CheckObjCoercible, check_obj_coercible, __null, 1, 1, 1, JOF_BYTE
) OPCODE_LABEL(ToAsyncIter, to_async_iter, __null, 1, 2, 1, JOF_BYTE
) OPCODE_LABEL(MutateProto, mutate_proto, __null, 1, 2, 1, JOF_BYTE
) OPCODE_LABEL(NewArray, new_array, __null, 5, 0, 1, JOF_UINT32
|JOF_IC) OPCODE_LABEL(InitElemArray, init_elem_array, __null,
5, 2, 1, JOF_UINT32|JOF_PROPINIT) OPCODE_LABEL(InitElemInc, init_elem_inc
, __null, 1, 3, 2, JOF_BYTE|JOF_PROPINIT|JOF_IC) OPCODE_LABEL
(Hole, hole, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL(RegExp, reg_exp
, __null, 5, 0, 1, JOF_REGEXP) OPCODE_LABEL(Lambda, lambda, __null
, 5, 0, 1, JOF_OBJECT|JOF_USES_ENV) OPCODE_LABEL(SetFunName, set_fun_name
, __null, 2, 2, 1, JOF_UINT8) OPCODE_LABEL(InitHomeObject, init_home_object
, __null, 1, 2, 1, JOF_BYTE) OPCODE_LABEL(CheckClassHeritage,
check_class_heritage, __null, 1, 1, 1, JOF_BYTE) OPCODE_LABEL
(FunWithProto, fun_with_proto, __null, 5, 1, 1, JOF_OBJECT|JOF_USES_ENV
) OPCODE_LABEL(BuiltinObject, builtin_object, __null, 2, 0, 1
, JOF_UINT8) OPCODE_LABEL(Call, call, __null, 3, -1, 1, JOF_ARGC
|JOF_INVOKE|JOF_IC) OPCODE_LABEL(CallContent, call_content, __null
, 3, -1, 1, JOF_ARGC|JOF_INVOKE|JOF_IC) OPCODE_LABEL(CallIter
, call_iter, __null, 3, -1, 1, JOF_ARGC|JOF_INVOKE|JOF_IC) OPCODE_LABEL
(CallContentIter, call_content_iter, __null, 3, -1, 1, JOF_ARGC
|JOF_INVOKE|JOF_IC) OPCODE_LABEL(CallIgnoresRv, call_ignores_rv
, __null, 3, -1, 1, JOF_ARGC|JOF_INVOKE|JOF_IC) OPCODE_LABEL(
SpreadCall, spread_call, __null, 1, 3, 1, JOF_BYTE|JOF_INVOKE
|JOF_SPREAD|JOF_IC) OPCODE_LABEL(OptimizeSpreadCall, optimize_spread_call
, __null, 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Eval, eval, __null
, 3, -1, 1, JOF_ARGC|JOF_INVOKE|JOF_CHECKSLOPPY|JOF_IC) OPCODE_LABEL
(SpreadEval, spread_eval, __null, 1, 3, 1, JOF_BYTE|JOF_INVOKE
|JOF_SPREAD|JOF_CHECKSLOPPY|JOF_IC) OPCODE_LABEL(StrictEval, strict_eval
, __null, 3, -1, 1, JOF_ARGC|JOF_INVOKE|JOF_CHECKSTRICT|JOF_IC
) OPCODE_LABEL(StrictSpreadEval, strict_spread_eval, __null, 1
, 3, 1, JOF_BYTE|JOF_INVOKE|JOF_SPREAD|JOF_CHECKSTRICT|JOF_IC
) OPCODE_LABEL(ImplicitThis, implicit_this, "", 1, 1, 1, JOF_BYTE
) OPCODE_LABEL(CallSiteObj, call_site_obj, __null, 5, 0, 1, JOF_OBJECT
) OPCODE_LABEL(IsConstructing, is_constructing, __null, 1, 0,
1, JOF_BYTE) OPCODE_LABEL(New, new_, __null, 3, -1, 1, JOF_ARGC
|JOF_INVOKE|JOF_CONSTRUCT|JOF_IC) OPCODE_LABEL(NewContent, new_content
, __null, 3, -1, 1, JOF_ARGC|JOF_INVOKE|JOF_CONSTRUCT|JOF_IC)
OPCODE_LABEL(SuperCall, super_call, __null, 3, -1, 1, JOF_ARGC
|JOF_INVOKE|JOF_CONSTRUCT|JOF_IC) OPCODE_LABEL(SpreadNew, spread_new
, __null, 1, 4, 1, JOF_BYTE|JOF_INVOKE|JOF_CONSTRUCT|JOF_SPREAD
|JOF_IC) OPCODE_LABEL(SpreadSuperCall, spread_super_call, __null
, 1, 4, 1, JOF_BYTE|JOF_INVOKE|JOF_CONSTRUCT|JOF_SPREAD|JOF_IC
) OPCODE_LABEL(SuperFun, super_fun, __null, 1, 1, 1, JOF_BYTE
) OPCODE_LABEL(CheckThisReinit, check_this_reinit, __null, 1,
1, 1, JOF_BYTE) OPCODE_LABEL(Generator, generator, __null, 1
, 0, 1, JOF_BYTE|JOF_USES_ENV) OPCODE_LABEL(InitialYield, initial_yield
, __null, 4, 1, 3, JOF_RESUMEINDEX) OPCODE_LABEL(AfterYield, after_yield
, __null, 5, 0, 0, JOF_ICINDEX) OPCODE_LABEL(FinalYieldRval, final_yield_rval
, __null, 1, 1, 0, JOF_BYTE) OPCODE_LABEL(Yield, yield, __null
, 4, 2, 3, JOF_RESUMEINDEX) OPCODE_LABEL(IsGenClosing, is_gen_closing
, __null, 1, 1, 2, JOF_BYTE) OPCODE_LABEL(AsyncAwait, async_await
, __null, 1, 2, 1, JOF_BYTE) OPCODE_LABEL(AsyncResolve, async_resolve
, __null, 1, 2, 1, JOF_BYTE) OPCODE_LABEL(AsyncReject, async_reject
, __null, 1, 3, 1, JOF_BYTE) OPCODE_LABEL(Await, await, __null
, 4, 2, 3, JOF_RESUMEINDEX) OPCODE_LABEL(CanSkipAwait, can_skip_await
, __null, 1, 1, 2, JOF_BYTE) OPCODE_LABEL(MaybeExtractAwaitValue
, maybe_extract_await_value, __null, 1, 2, 2, JOF_BYTE) OPCODE_LABEL
(ResumeKind, resume_kind, __null, 2, 0, 1, JOF_UINT8) OPCODE_LABEL
(CheckResumeKind, check_resume_kind, __null, 1, 3, 1, JOF_BYTE
) OPCODE_LABEL(Resume, resume, __null, 1, 3, 1, JOF_BYTE|JOF_INVOKE
) OPCODE_LABEL(JumpTarget, jump_target, __null, 5, 0, 0, JOF_ICINDEX
) OPCODE_LABEL(LoopHead, loop_head, __null, 6, 0, 0, JOF_LOOPHEAD
) OPCODE_LABEL(Goto, goto_, __null, 5, 0, 0, JOF_JUMP) OPCODE_LABEL
(JumpIfFalse, jump_if_false, __null, 5, 1, 0, JOF_JUMP|JOF_IC
) OPCODE_LABEL(JumpIfTrue, jump_if_true, __null, 5, 1, 0, JOF_JUMP
|JOF_IC) OPCODE_LABEL(And, and_, __null, 5, 1, 1, JOF_JUMP|JOF_IC
) OPCODE_LABEL(Or, or_, __null, 5, 1, 1, JOF_JUMP|JOF_IC) OPCODE_LABEL
(Coalesce, coalesce, __null, 5, 1, 1, JOF_JUMP) OPCODE_LABEL(
Case, case_, __null, 5, 2, 1, JOF_JUMP) OPCODE_LABEL(Default,
default_, __null, 5, 1, 0, JOF_JUMP) OPCODE_LABEL(TableSwitch
, table_switch, __null, 16, 1, 0, JOF_TABLESWITCH) OPCODE_LABEL
(Return, return_, __null, 1, 1, 0, JOF_BYTE) OPCODE_LABEL(GetRval
, get_rval, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL(SetRval, set_rval
, __null, 1, 1, 0, JOF_BYTE) OPCODE_LABEL(RetRval, ret_rval, __null
, 1, 0, 0, JOF_BYTE) OPCODE_LABEL(CheckReturn, check_return, __null
, 1, 1, 1, JOF_BYTE) OPCODE_LABEL(Throw, throw_, __null, 1, 1
, 0, JOF_BYTE) OPCODE_LABEL(ThrowWithStack, throw_with_stack,
__null, 1, 2, 0, JOF_BYTE) OPCODE_LABEL(ThrowMsg, throw_msg,
__null, 2, 0, 0, JOF_UINT8) OPCODE_LABEL(ThrowSetConst, throw_set_const
, __null, 5, 0, 0, JOF_ATOM) OPCODE_LABEL(Try, try_, __null, 1
, 0, 0, JOF_BYTE) OPCODE_LABEL(TryDestructuring, try_destructuring
, __null, 1, 0, 0, JOF_BYTE) OPCODE_LABEL(Exception, exception
, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL(ExceptionAndStack, exception_and_stack
, __null, 1, 0, 2, JOF_BYTE) OPCODE_LABEL(Finally, finally, __null
, 1, 0, 0, JOF_BYTE) OPCODE_LABEL(Uninitialized, uninitialized
, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL(InitLexical, init_lexical
, __null, 4, 1, 1, JOF_LOCAL) OPCODE_LABEL(InitGLexical, init_g_lexical
, __null, 5, 1, 1, JOF_ATOM|JOF_PROPINIT|JOF_GNAME|JOF_IC) OPCODE_LABEL
(InitAliasedLexical, init_aliased_lexical, __null, 5, 1, 1, JOF_ENVCOORD
|JOF_PROPINIT) OPCODE_LABEL(CheckLexical, check_lexical, __null
, 4, 1, 1, JOF_LOCAL) OPCODE_LABEL(CheckAliasedLexical, check_aliased_lexical
, __null, 5, 1, 1, JOF_ENVCOORD) OPCODE_LABEL(CheckThis, check_this
, __null, 1, 1, 1, JOF_BYTE) OPCODE_LABEL(BindUnqualifiedGName
, bind_unqualified_g_name, __null, 5, 0, 1, JOF_ATOM|JOF_GNAME
|JOF_IC) OPCODE_LABEL(BindUnqualifiedName, bind_unqualified_name
, __null, 5, 0, 1, JOF_ATOM|JOF_IC|JOF_USES_ENV) OPCODE_LABEL
(BindName, bind_name, __null, 5, 0, 1, JOF_ATOM|JOF_IC|JOF_USES_ENV
) OPCODE_LABEL(GetName, get_name, __null, 5, 0, 1, JOF_ATOM|JOF_IC
|JOF_USES_ENV) OPCODE_LABEL(GetGName, get_g_name, __null, 5, 0
, 1, JOF_ATOM|JOF_GNAME|JOF_IC) OPCODE_LABEL(GetArg, get_arg,
__null, 3, 0, 1, JOF_QARG) OPCODE_LABEL(GetFrameArg, get_frame_arg
, __null, 3, 0, 1, JOF_QARG) OPCODE_LABEL(GetLocal, get_local
, __null, 4, 0, 1, JOF_LOCAL) OPCODE_LABEL(ArgumentsLength, arguments_length
, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL(GetActualArg, get_actual_arg
, __null, 1, 1, 1, JOF_BYTE) OPCODE_LABEL(GetAliasedVar, get_aliased_var
, __null, 5, 0, 1, JOF_ENVCOORD|JOF_USES_ENV) OPCODE_LABEL(GetAliasedDebugVar
, get_aliased_debug_var, __null, 5, 0, 1, JOF_DEBUGCOORD) OPCODE_LABEL
(GetImport, get_import, __null, 5, 0, 1, JOF_ATOM) OPCODE_LABEL
(GetBoundName, get_bound_name, __null, 5, 1, 1, JOF_ATOM|JOF_IC
) OPCODE_LABEL(GetIntrinsic, get_intrinsic, __null, 5, 0, 1, JOF_ATOM
|JOF_IC) OPCODE_LABEL(Callee, callee, __null, 1, 0, 1, JOF_BYTE
) OPCODE_LABEL(EnvCallee, env_callee, __null, 2, 0, 1, JOF_UINT8
) OPCODE_LABEL(SetName, set_name, __null, 5, 2, 1, JOF_ATOM|JOF_PROPSET
|JOF_CHECKSLOPPY|JOF_IC|JOF_USES_ENV) OPCODE_LABEL(StrictSetName
, strict_set_name, __null, 5, 2, 1, JOF_ATOM|JOF_PROPSET|JOF_CHECKSTRICT
|JOF_IC|JOF_USES_ENV) OPCODE_LABEL(SetGName, set_g_name, __null
, 5, 2, 1, JOF_ATOM|JOF_PROPSET|JOF_GNAME|JOF_CHECKSLOPPY|JOF_IC
) OPCODE_LABEL(StrictSetGName, strict_set_g_name, __null, 5, 2
, 1, JOF_ATOM|JOF_PROPSET|JOF_GNAME|JOF_CHECKSTRICT|JOF_IC) OPCODE_LABEL
(SetArg, set_arg, __null, 3, 1, 1, JOF_QARG) OPCODE_LABEL(SetLocal
, set_local, __null, 4, 1, 1, JOF_LOCAL) OPCODE_LABEL(SetAliasedVar
, set_aliased_var, __null, 5, 1, 1, JOF_ENVCOORD|JOF_PROPSET|
JOF_USES_ENV) OPCODE_LABEL(SetIntrinsic, set_intrinsic, __null
, 5, 1, 1, JOF_ATOM) OPCODE_LABEL(PushLexicalEnv, push_lexical_env
, __null, 5, 0, 0, JOF_SCOPE|JOF_USES_ENV) OPCODE_LABEL(PopLexicalEnv
, pop_lexical_env, __null, 1, 0, 0, JOF_BYTE|JOF_USES_ENV) OPCODE_LABEL
(DebugLeaveLexicalEnv, debug_leave_lexical_env, __null, 1, 0,
0, JOF_BYTE) OPCODE_LABEL(RecreateLexicalEnv, recreate_lexical_env
, __null, 5, 0, 0, JOF_SCOPE) OPCODE_LABEL(FreshenLexicalEnv,
freshen_lexical_env, __null, 5, 0, 0, JOF_SCOPE) OPCODE_LABEL
(PushClassBodyEnv, push_class_body_env, __null, 5, 0, 0, JOF_SCOPE
) OPCODE_LABEL(PushVarEnv, push_var_env, __null, 5, 0, 0, JOF_SCOPE
|JOF_USES_ENV) OPCODE_LABEL(EnterWith, enter_with, __null, 5,
1, 0, JOF_SCOPE) OPCODE_LABEL(LeaveWith, leave_with, __null,
1, 0, 0, JOF_BYTE) OPCODE_LABEL(BindVar, bind_var, __null, 1
, 0, 1, JOF_BYTE|JOF_USES_ENV) OPCODE_LABEL(GlobalOrEvalDeclInstantiation
, global_or_eval_decl_instantiation, __null, 5, 0, 0, JOF_GCTHING
|JOF_USES_ENV) OPCODE_LABEL(DelName, del_name, __null, 5, 0, 1
, JOF_ATOM|JOF_CHECKSLOPPY|JOF_USES_ENV) OPCODE_LABEL(Arguments
, arguments, __null, 1, 0, 1, JOF_BYTE|JOF_USES_ENV) OPCODE_LABEL
(Rest, rest, __null, 1, 0, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(FunctionThis
, function_this, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL(Pop,
pop, __null, 1, 1, 0, JOF_BYTE) OPCODE_LABEL(PopN, pop_n, __null
, 3, -1, 0, JOF_UINT16) OPCODE_LABEL(Dup, dup, __null, 1, 1, 2
, JOF_BYTE) OPCODE_LABEL(Dup2, dup2, __null, 1, 2, 4, JOF_BYTE
) OPCODE_LABEL(DupAt, dup_at, __null, 4, 0, 1, JOF_UINT24) OPCODE_LABEL
(Swap, swap, __null, 1, 2, 2, JOF_BYTE) OPCODE_LABEL(Pick, pick
, __null, 2, 0, 0, JOF_UINT8) OPCODE_LABEL(Unpick, unpick, __null
, 2, 0, 0, JOF_UINT8) OPCODE_LABEL(Nop, nop, __null, 1, 0, 0,
JOF_BYTE) OPCODE_LABEL(Lineno, lineno, __null, 5, 0, 0, JOF_UINT32
) OPCODE_LABEL(NopDestructuring, nop_destructuring, __null, 1
, 0, 0, JOF_BYTE) OPCODE_LABEL(ForceInterpreter, force_interpreter
, __null, 1, 0, 0, JOF_BYTE) OPCODE_LABEL(DebugCheckSelfHosted
, debug_check_self_hosted, __null, 1, 1, 1, JOF_BYTE) OPCODE_LABEL
(Debugger, debugger, __null, 1, 0, 0, JOF_BYTE)
2023#undef OPCODE_LABEL
2024#define TRAILING_LABEL(v) \
2025 ((v) == EnableInterruptsPseudoOpcode ? LABEL(EnableInterruptsPseudoOpcode)(&&label_EnableInterruptsPseudoOpcode) \
2026 : LABEL(default)(&&label_default)),
2027 FOR_EACH_TRAILING_UNUSED_OPCODE(TRAILING_LABEL)TRAILING_LABEL(237) TRAILING_LABEL(238) TRAILING_LABEL(239) TRAILING_LABEL
(240) TRAILING_LABEL(241) TRAILING_LABEL(242) TRAILING_LABEL(
243) TRAILING_LABEL(244) TRAILING_LABEL(245) TRAILING_LABEL(246
) TRAILING_LABEL(247) TRAILING_LABEL(248) TRAILING_LABEL(249)
TRAILING_LABEL(250) TRAILING_LABEL(251) TRAILING_LABEL(252) TRAILING_LABEL
(253) TRAILING_LABEL(254) TRAILING_LABEL(255)
2028#undef TRAILING_LABEL
2029 };
2030
2031 /*
2032 * Increment REGS.pc by N, load the opcode at that position,
2033 * and jump to the code to execute it.
2034 *
2035 * When Debugger puts a script in single-step mode, all js::Interpret
2036 * invocations that might be presently running that script must have
2037 * interrupts enabled. It's not practical to simply check
2038 * script->stepModeEnabled() at each point some callee could have changed
2039 * it, because there are so many places js::Interpret could possibly cause
2040 * JavaScript to run: each place an object might be coerced to a primitive
2041 * or a number, for example. So instead, we expose a simple mechanism to
2042 * let Debugger tweak the affected js::Interpret frames when an onStep
2043 * handler is added: calling activation.enableInterruptsUnconditionally()
2044 * will enable interrupts, and activation.opMask() is or'd with the opcode
2045 * to implement a simple alternate dispatch.
2046 */
2047#define ADVANCE_AND_DISPATCH(N)do { (activation.regs()).pc += (N); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0) \
2048 JS_BEGIN_MACROdo { \
2049 REGS(activation.regs()).pc += (N); \
2050 SANITY_CHECKS()do { js::gc::MaybeVerifyBarriers(cx); } while (0); \
2051 DISPATCH_TO(*REGS.pc | activation.opMask())goto* addresses[(*(activation.regs()).pc | activation.opMask(
))]; \
2052 JS_END_MACRO} while (0)
2053
2054 /*
2055 * Shorthand for the common sequence at the end of a fixed-size opcode.
2056 */
2057#define END_CASE(OP)do { (activation.regs()).pc += (JSOpLength_OP); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0); ADVANCE_AND_DISPATCH(JSOpLength_##OP)do { (activation.regs()).pc += (JSOpLength_##OP); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2058
2059 /*
2060 * Prepare to call a user-supplied branch handler, and abort the script
2061 * if it returns false.
2062 */
2063#define CHECK_BRANCH()do { if (!CheckForInterrupt(cx)) goto error; } while (0) \
2064 JS_BEGIN_MACROdo { \
2065 if (!CheckForInterrupt(cx)) goto error; \
2066 JS_END_MACRO} while (0)
2067
2068 /*
2069 * This is a simple wrapper around ADVANCE_AND_DISPATCH which also does
2070 * a CHECK_BRANCH() if n is not positive, which possibly indicates that it
2071 * is the backedge of a loop.
2072 */
2073#define BRANCH(n)do { int32_t nlen = (n); if (nlen <= 0) do { if (!CheckForInterrupt
(cx)) goto error; } while (0); do { (activation.regs()).pc +=
(nlen); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto
* addresses[(*(activation.regs()).pc | activation.opMask())];
} while (0); } while (0) \
2074 JS_BEGIN_MACROdo { \
2075 int32_t nlen = (n); \
2076 if (nlen <= 0) CHECK_BRANCH()do { if (!CheckForInterrupt(cx)) goto error; } while (0); \
2077 ADVANCE_AND_DISPATCH(nlen)do { (activation.regs()).pc += (nlen); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0); \
2078 JS_END_MACRO} while (0)
2079
2080 /*
2081 * Initialize code coverage vectors.
2082 */
2083#define INIT_COVERAGE()do { if (!script->hasScriptCounts()) { if (cx->realm()->
collectCoverageForDebug()) { if (!script->initScriptCounts
(cx)) goto error; } } } while (0) \
2084 JS_BEGIN_MACROdo { \
2085 if (!script->hasScriptCounts()) { \
2086 if (cx->realm()->collectCoverageForDebug()) { \
2087 if (!script->initScriptCounts(cx)) goto error; \
2088 } \
2089 } \
2090 JS_END_MACRO} while (0)
2091
2092 /*
2093 * Increment the code coverage counter associated with the given pc.
2094 */
2095#define COUNT_COVERAGE_PC(PC)do { if (script->hasScriptCounts()) { PCCounts* counts = script
->maybeGetPCCounts(PC); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(counts)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(counts))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2095); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 2095; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0) \
2096 JS_BEGIN_MACROdo { \
2097 if (script->hasScriptCounts()) { \
2098 PCCounts* counts = script->maybeGetPCCounts(PC); \
2099 MOZ_ASSERT(counts)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(counts)>::isValid, "invalid assertion condition")
; if ((__builtin_expect(!!(!(!!(counts))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2099); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 2099; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); \
2100 counts->numExec()++; \
2101 } \
2102 JS_END_MACRO} while (0)
2103
2104#define COUNT_COVERAGE_MAIN()do { jsbytecode* main = script->main(); if (!BytecodeIsJumpTarget
(JSOp(*main))) do { if (script->hasScriptCounts()) { PCCounts
* counts = script->maybeGetPCCounts(main); do { static_assert
( mozilla::detail::AssertionConditionType<decltype(counts)
>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(counts))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2104); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 2104; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0); } while (0) \
2105 JS_BEGIN_MACROdo { \
2106 jsbytecode* main = script->main(); \
2107 if (!BytecodeIsJumpTarget(JSOp(*main))) COUNT_COVERAGE_PC(main)do { if (script->hasScriptCounts()) { PCCounts* counts = script
->maybeGetPCCounts(main); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(counts)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(counts))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2107); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 2107; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0); \
2108 JS_END_MACRO} while (0)
2109
2110#define COUNT_COVERAGE()do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc
)))>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc)))
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2110); AnnotateMozCrashReason("MOZ_ASSERT" "(" "BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
")"); do { *((volatile int*)__null) = 2110; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); do { if (script
->hasScriptCounts()) { PCCounts* counts = script->maybeGetPCCounts
((activation.regs()).pc); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(counts)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(counts))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2110); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 2110; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0); } while (0) \
2111 JS_BEGIN_MACROdo { \
2112 MOZ_ASSERT(BytecodeIsJumpTarget(JSOp(*REGS.pc)))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc)))
>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc)))
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2112); AnnotateMozCrashReason("MOZ_ASSERT" "(" "BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
")"); do { *((volatile int*)__null) = 2112; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); \
2113 COUNT_COVERAGE_PC(REGS.pc)do { if (script->hasScriptCounts()) { PCCounts* counts = script
->maybeGetPCCounts((activation.regs()).pc); do { static_assert
( mozilla::detail::AssertionConditionType<decltype(counts)
>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(counts))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2113); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 2113; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0); \
2114 JS_END_MACRO} while (0)
2115
2116#define SET_SCRIPT(s)do { script = (s); do { static_assert( mozilla::detail::AssertionConditionType
<decltype(cx->realm() == script->realm())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(cx->realm() == script->realm()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("cx->realm() == script->realm()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2116); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->realm() == script->realm()"
")"); do { *((volatile int*)__null) = 2116; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); if (DebugAPI
::hasAnyBreakpointsOrStepMode(script) || script->hasScriptCounts
()) activation.enableInterruptsUnconditionally(); } while (0) \
2117 JS_BEGIN_MACROdo { \
2118 script = (s); \
2119 MOZ_ASSERT(cx->realm() == script->realm())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->realm() == script->realm())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(cx->realm() == script->
realm()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("cx->realm() == script->realm()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2119); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->realm() == script->realm()"
")"); do { *((volatile int*)__null) = 2119; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); \
2120 if (DebugAPI::hasAnyBreakpointsOrStepMode(script) || \
2121 script->hasScriptCounts()) \
2122 activation.enableInterruptsUnconditionally(); \
2123 JS_END_MACRO} while (0)
2124
2125#define SANITY_CHECKS()do { js::gc::MaybeVerifyBarriers(cx); } while (0) \
2126 JS_BEGIN_MACROdo { \
2127 js::gc::MaybeVerifyBarriers(cx); \
2128 JS_END_MACRO} while (0)
2129
2130// Verify that an uninitialized lexical is followed by a correct check op.
2131#ifdef DEBUG1
2132# define ASSERT_UNINITIALIZED_ALIASED_LEXICAL(val)do { if (IsUninitializedLexical(val)) { JSOp next = JSOp(*GetNextPc
((activation.regs()).pc)); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(next == JSOp::CheckThis ||
next == JSOp::CheckReturn || next == JSOp::CheckThisReinit ||
next == JSOp::CheckAliasedLexical)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(next == JSOp::CheckThis || next
== JSOp::CheckReturn || next == JSOp::CheckThisReinit || next
== JSOp::CheckAliasedLexical))), 0))) { do { } while (false)
; MOZ_ReportAssertionFailure("next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2132); AnnotateMozCrashReason("MOZ_ASSERT" "(" "next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
")"); do { *((volatile int*)__null) = 2132; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
0) \
2133 JS_BEGIN_MACROdo { \
2134 if (IsUninitializedLexical(val)) { \
2135 JSOp next = JSOp(*GetNextPc(REGS(activation.regs()).pc)); \
2136 MOZ_ASSERT(next == JSOp::CheckThis || next == JSOp::CheckReturn || \do { static_assert( mozilla::detail::AssertionConditionType<
decltype(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2138); AnnotateMozCrashReason("MOZ_ASSERT" "(" "next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
")"); do { *((volatile int*)__null) = 2138; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
2137 next == JSOp::CheckThisReinit || \do { static_assert( mozilla::detail::AssertionConditionType<
decltype(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2138); AnnotateMozCrashReason("MOZ_ASSERT" "(" "next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
")"); do { *((volatile int*)__null) = 2138; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
2138 next == JSOp::CheckAliasedLexical)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2138); AnnotateMozCrashReason("MOZ_ASSERT" "(" "next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
")"); do { *((volatile int*)__null) = 2138; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); \
2139 } \
2140 JS_END_MACRO} while (0)
2141#else
2142# define ASSERT_UNINITIALIZED_ALIASED_LEXICAL(val)do { if (IsUninitializedLexical(val)) { JSOp next = JSOp(*GetNextPc
((activation.regs()).pc)); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(next == JSOp::CheckThis ||
next == JSOp::CheckReturn || next == JSOp::CheckThisReinit ||
next == JSOp::CheckAliasedLexical)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(next == JSOp::CheckThis || next
== JSOp::CheckReturn || next == JSOp::CheckThisReinit || next
== JSOp::CheckAliasedLexical))), 0))) { do { } while (false)
; MOZ_ReportAssertionFailure("next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2142); AnnotateMozCrashReason("MOZ_ASSERT" "(" "next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
")"); do { *((volatile int*)__null) = 2142; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
0) \
2143 JS_BEGIN_MACROdo { \
2144 /* nothing */ \
2145 JS_END_MACRO} while (0)
2146#endif
2147
2148 gc::MaybeVerifyBarriers(cx, true);
2149
2150 InterpreterFrame* entryFrame = state.pushInterpreterFrame(cx);
2151 if (!entryFrame) {
2152 return false;
2153 }
2154
2155 ActivationEntryMonitor entryMonitor(cx, entryFrame);
2156 InterpreterActivation activation(state, cx, entryFrame);
2157
2158 /* The script is used frequently, so keep a local copy. */
2159 RootedScript script(cx);
2160 SET_SCRIPT(REGS.fp()->script())do { script = ((activation.regs()).fp()->script()); do { static_assert
( mozilla::detail::AssertionConditionType<decltype(cx->
realm() == script->realm())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(cx->realm() == script->
realm()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("cx->realm() == script->realm()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2160); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->realm() == script->realm()"
")"); do { *((volatile int*)__null) = 2160; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); if (DebugAPI
::hasAnyBreakpointsOrStepMode(script) || script->hasScriptCounts
()) activation.enableInterruptsUnconditionally(); } while (0);
2161
2162 /*
2163 * Pool of rooters for use in this interpreter frame. References to these
2164 * are used for local variables within interpreter cases. This avoids
2165 * creating new rooters each time an interpreter case is entered, and also
2166 * correctness pitfalls due to incorrect compilation of destructor calls
2167 * around computed gotos.
2168 */
2169 RootedTuple<Value, Value, JSObject*, JSObject*, JSFunction*, JSAtom*,
2170 PropertyName*, PropertyKey, JSScript*, Scope*>
2171 roots(cx);
2172 RootedField<Value, 0> rootValue0(roots);
2173 RootedField<Value, 1> rootValue1(roots);
2174 RootedField<JSObject*, 2> rootObject0(roots);
2175 RootedField<JSObject*, 3> rootObject1(roots);
2176 RootedField<JSFunction*> rootFunction0(roots);
2177 RootedField<JSAtom*> rootAtom0(roots);
2178 RootedField<PropertyName*> rootName0(roots);
2179 RootedField<PropertyKey> rootId0(roots);
2180 RootedField<JSScript*> rootScript0(roots);
2181 RootedField<Scope*> rootScope0(roots);
2182
2183 DebugOnly<uint32_t> blockDepth;
2184
2185 /* State communicated between non-local jumps: */
2186 bool interpReturnOK;
2187 bool frameHalfInitialized;
2188
2189 if (!activation.entryFrame()->prologue(cx)) {
2190 goto prologue_error;
2191 }
2192
2193 if (!DebugAPI::onEnterFrame(cx, activation.entryFrame())) {
2194 goto error;
2195 }
2196
2197 // Increment the coverage for the main entry point.
2198 INIT_COVERAGE()do { if (!script->hasScriptCounts()) { if (cx->realm()->
collectCoverageForDebug()) { if (!script->initScriptCounts
(cx)) goto error; } } } while (0);
2199 COUNT_COVERAGE_MAIN()do { jsbytecode* main = script->main(); if (!BytecodeIsJumpTarget
(JSOp(*main))) do { if (script->hasScriptCounts()) { PCCounts
* counts = script->maybeGetPCCounts(main); do { static_assert
( mozilla::detail::AssertionConditionType<decltype(counts)
>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(counts))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2199); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 2199; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0); } while (0);
2200
2201 // Enter the interpreter loop starting at the current pc.
2202 ADVANCE_AND_DISPATCH(0)do { (activation.regs()).pc += (0); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0);
2203
2204 INTERPRETER_LOOP() {
2205 CASE(EnableInterruptsPseudoOpcode)label_EnableInterruptsPseudoOpcode: {
2206 bool moreInterrupts = false;
2207 jsbytecode op = *REGS(activation.regs()).pc;
2208
2209 if (!script->hasScriptCounts() &&
2210 cx->realm()->collectCoverageForDebug()) {
2211 if (!script->initScriptCounts(cx)) {
2212 goto error;
2213 }
2214 }
2215
2216 if (script->isDebuggee()) {
2217 if (DebugAPI::stepModeEnabled(script)) {
2218 if (!DebugAPI::onSingleStep(cx)) {
2219 goto error;
2220 }
2221 moreInterrupts = true;
2222 }
2223
2224 if (DebugAPI::hasAnyBreakpointsOrStepMode(script)) {
2225 moreInterrupts = true;
2226 }
2227
2228 if (DebugAPI::hasBreakpointsAt(script, REGS(activation.regs()).pc)) {
2229 if (!DebugAPI::onTrap(cx)) {
2230 goto error;
2231 }
2232 }
2233 }
2234
2235 MOZ_ASSERT(activation.opMask() == EnableInterruptsPseudoOpcode)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(activation.opMask() == EnableInterruptsPseudoOpcode)
>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(activation.opMask() == EnableInterruptsPseudoOpcode)
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("activation.opMask() == EnableInterruptsPseudoOpcode"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2235); AnnotateMozCrashReason("MOZ_ASSERT" "(" "activation.opMask() == EnableInterruptsPseudoOpcode"
")"); do { *((volatile int*)__null) = 2235; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2236 if (!moreInterrupts) {
2237 activation.clearInterruptsMask();
2238 }
2239
2240 /* Commence executing the actual opcode. */
2241 SANITY_CHECKS()do { js::gc::MaybeVerifyBarriers(cx); } while (0);
2242 DISPATCH_TO(op)goto* addresses[(op)];
2243 }
2244
2245 /* Various 1-byte no-ops. */
2246 CASE(Nop)label_Nop:
2247 CASE(Try)label_Try:
2248 CASE(NopDestructuring)label_NopDestructuring:
2249 CASE(NopIsAssignOp)label_NopIsAssignOp:
2250 CASE(TryDestructuring)label_TryDestructuring: {
2251 MOZ_ASSERT(GetBytecodeLength(REGS.pc) == 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(GetBytecodeLength((activation.regs()).pc) == 1)>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(GetBytecodeLength((activation.regs()).pc) == 1))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("GetBytecodeLength((activation.regs()).pc) == 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2251); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetBytecodeLength((activation.regs()).pc) == 1"
")"); do { *((volatile int*)__null) = 2251; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2252 ADVANCE_AND_DISPATCH(1)do { (activation.regs()).pc += (1); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0);
2253 }
2254
2255 CASE(JumpTarget)label_JumpTarget:
2256 COUNT_COVERAGE()do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc
)))>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc)))
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2256); AnnotateMozCrashReason("MOZ_ASSERT" "(" "BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
")"); do { *((volatile int*)__null) = 2256; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); do { if (script
->hasScriptCounts()) { PCCounts* counts = script->maybeGetPCCounts
((activation.regs()).pc); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(counts)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(counts))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2256); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 2256; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0); } while (0);
2257 END_CASE(JumpTarget)do { (activation.regs()).pc += (JSOpLength_JumpTarget); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2258
2259 CASE(LoopHead)label_LoopHead: {
2260 COUNT_COVERAGE()do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc
)))>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc)))
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2260); AnnotateMozCrashReason("MOZ_ASSERT" "(" "BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
")"); do { *((volatile int*)__null) = 2260; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); do { if (script
->hasScriptCounts()) { PCCounts* counts = script->maybeGetPCCounts
((activation.regs()).pc); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(counts)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(counts))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2260); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 2260; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0); } while (0);
2261
2262 // Attempt on-stack replacement into the Baseline Interpreter.
2263 if (jit::IsBaselineInterpreterEnabled()) {
2264 script->incWarmUpCounter();
2265
2266 jit::MethodStatus status =
2267 jit::CanEnterBaselineInterpreterAtBranch(cx, REGS(activation.regs()).fp());
2268 if (status == jit::Method_Error) {
2269 goto error;
2270 }
2271 if (status == jit::Method_Compiled) {
2272 bool wasProfiler = REGS(activation.regs()).fp()->hasPushedGeckoProfilerFrame();
2273
2274 jit::JitExecStatus maybeOsr;
2275 {
2276 GeckoProfilerBaselineOSRMarker osr(cx, wasProfiler);
2277 maybeOsr =
2278 jit::EnterBaselineInterpreterAtBranch(cx, REGS(activation.regs()).fp(), REGS(activation.regs()).pc);
2279 }
2280
2281 // We failed to call into baseline at all, so treat as an error.
2282 if (maybeOsr == jit::JitExec_Aborted) {
2283 goto error;
2284 }
2285
2286 interpReturnOK = (maybeOsr == jit::JitExec_Ok);
2287
2288 // Pop the profiler frame pushed by the interpreter. (The compiled
2289 // version of the function popped a copy of the frame pushed by the
2290 // OSR trampoline.)
2291 if (wasProfiler) {
2292 cx->geckoProfiler().exit(cx, script);
2293 }
2294
2295 if (activation.entryFrame() != REGS(activation.regs()).fp()) {
2296 goto jit_return_pop_frame;
2297 }
2298 goto leave_on_safe_point;
2299 }
2300 }
2301 }
2302 END_CASE(LoopHead)do { (activation.regs()).pc += (JSOpLength_LoopHead); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2303
2304 CASE(Lineno)label_Lineno:
2305 END_CASE(Lineno)do { (activation.regs()).pc += (JSOpLength_Lineno); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2306
2307 CASE(ForceInterpreter)label_ForceInterpreter: {
2308 // Ensure pattern matching still works.
2309 MOZ_ASSERT(script->hasForceInterpreterOp())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(script->hasForceInterpreterOp())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(script->hasForceInterpreterOp
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("script->hasForceInterpreterOp()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2309); AnnotateMozCrashReason("MOZ_ASSERT" "(" "script->hasForceInterpreterOp()"
")"); do { *((volatile int*)__null) = 2309; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2310 }
2311 END_CASE(ForceInterpreter)do { (activation.regs()).pc += (JSOpLength_ForceInterpreter);
do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2312
2313 CASE(Undefined)label_Undefined: { PUSH_UNDEFINED()(activation.regs()).sp++->setUndefined(); }
2314 END_CASE(Undefined)do { (activation.regs()).pc += (JSOpLength_Undefined); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2315
2316 CASE(Pop)label_Pop: { REGS(activation.regs()).sp--; }
2317 END_CASE(Pop)do { (activation.regs()).pc += (JSOpLength_Pop); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2318
2319 CASE(PopN)label_PopN: {
2320 MOZ_ASSERT(GET_UINT16(REGS.pc) <= REGS.stackDepth())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(GET_UINT16((activation.regs()).pc) <= (activation
.regs()).stackDepth())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(GET_UINT16((activation.regs(
)).pc) <= (activation.regs()).stackDepth()))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("GET_UINT16((activation.regs()).pc) <= (activation.regs()).stackDepth()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2320); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GET_UINT16((activation.regs()).pc) <= (activation.regs()).stackDepth()"
")"); do { *((volatile int*)__null) = 2320; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2321 REGS(activation.regs()).sp -= GET_UINT16(REGS(activation.regs()).pc);
2322 }
2323 END_CASE(PopN)do { (activation.regs()).pc += (JSOpLength_PopN); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2324
2325 CASE(DupAt)label_DupAt: {
2326 MOZ_ASSERT(GET_UINT24(REGS.pc) < REGS.stackDepth())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(GET_UINT24((activation.regs()).pc) < (activation.
regs()).stackDepth())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(GET_UINT24((activation.regs(
)).pc) < (activation.regs()).stackDepth()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("GET_UINT24((activation.regs()).pc) < (activation.regs()).stackDepth()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2326); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GET_UINT24((activation.regs()).pc) < (activation.regs()).stackDepth()"
")"); do { *((volatile int*)__null) = 2326; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2327 unsigned i = GET_UINT24(REGS(activation.regs()).pc);
2328 const Value& rref = REGS(activation.regs()).sp[-int(i + 1)];
2329 PUSH_COPY(rref)do { *(activation.regs()).sp++ = (rref); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
2330 }
2331 END_CASE(DupAt)do { (activation.regs()).pc += (JSOpLength_DupAt); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2332
2333 CASE(SetRval)label_SetRval: { POP_RETURN_VALUE()(activation.regs()).fp()->setReturnValue(*--(activation.regs
()).sp); }
2334 END_CASE(SetRval)do { (activation.regs()).pc += (JSOpLength_SetRval); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2335
2336 CASE(GetRval)label_GetRval: { PUSH_COPY(REGS.fp()->returnValue())do { *(activation.regs()).sp++ = ((activation.regs()).fp()->
returnValue()); cx->debugOnlyCheck((activation.regs()).sp[
-1]); } while (0); }
2337 END_CASE(GetRval)do { (activation.regs()).pc += (JSOpLength_GetRval); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2338
2339 CASE(EnterWith)label_EnterWith: {
2340 ReservedRooted<Value> val(&rootValue0, REGS(activation.regs()).sp[-1]);
2341 REGS(activation.regs()).sp--;
2342 ReservedRooted<Scope*> scope(&rootScope0, script->getScope(REGS(activation.regs()).pc));
2343
2344 if (!EnterWithOperation(cx, REGS(activation.regs()).fp(), val, scope.as<WithScope>())) {
2345 goto error;
2346 }
2347 }
2348 END_CASE(EnterWith)do { (activation.regs()).pc += (JSOpLength_EnterWith); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2349
2350 CASE(LeaveWith)label_LeaveWith: {
2351 REGS(activation.regs()).fp()->popOffEnvironmentChain<WithEnvironmentObject>();
2352 }
2353 END_CASE(LeaveWith)do { (activation.regs()).pc += (JSOpLength_LeaveWith); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2354
2355#ifdef ENABLE_EXPLICIT_RESOURCE_MANAGEMENT
2356 CASE(AddDisposable)label_AddDisposable: {
2357 ReservedRooted<JSObject*> env(&rootObject0,
2358 REGS(activation.regs()).fp()->environmentChain());
2359
2360 ReservedRooted<JS::Value> needsClosure(&rootValue0);
2361 POP_COPY_TO(needsClosure)(needsClosure) = *--(activation.regs()).sp;
2362
2363 ReservedRooted<JS::Value> method(&rootValue1);
2364 POP_COPY_TO(method)(method) = *--(activation.regs()).sp;
2365
2366 JS::Rooted<JS::Value> val(cx);
2367 POP_COPY_TO(val)(val) = *--(activation.regs()).sp;
2368
2369 UsingHint hint = UsingHint(GET_UINT8(REGS(activation.regs()).pc));
2370
2371 if (!AddDisposableResourceToCapability(cx, env, val, method,
2372 needsClosure.toBoolean(), hint)) {
2373 goto error;
2374 }
2375 }
2376 END_CASE(AddDisposable)do { (activation.regs()).pc += (JSOpLength_AddDisposable); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2377
2378 CASE(TakeDisposeCapability)label_TakeDisposeCapability: {
2379 ReservedRooted<JSObject*> env(&rootObject0,
2380 REGS(activation.regs()).fp()->environmentChain());
2381 JS::Value maybeDisposables =
2382 env->as<DisposableEnvironmentObject>().getDisposables();
2383
2384 MOZ_ASSERT(maybeDisposables.isObject() || maybeDisposables.isUndefined())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(maybeDisposables.isObject() || maybeDisposables.isUndefined
())>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(maybeDisposables.isObject() || maybeDisposables.isUndefined
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("maybeDisposables.isObject() || maybeDisposables.isUndefined()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2384); AnnotateMozCrashReason("MOZ_ASSERT" "(" "maybeDisposables.isObject() || maybeDisposables.isUndefined()"
")"); do { *((volatile int*)__null) = 2384; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2385
2386 if (maybeDisposables.isUndefined()) {
2387 PUSH_UNDEFINED()(activation.regs()).sp++->setUndefined();
2388 } else {
2389 PUSH_OBJECT(maybeDisposables.toObject())do { (activation.regs()).sp++->setObject(maybeDisposables.
toObject()); cx->debugOnlyCheck((activation.regs()).sp[-1]
); } while (0);
2390 env->as<DisposableEnvironmentObject>().clearDisposables();
2391 }
2392 }
2393 END_CASE(TakeDisposeCapability)do { (activation.regs()).pc += (JSOpLength_TakeDisposeCapability
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2394
2395 CASE(CreateSuppressedError)label_CreateSuppressedError: {
2396 ReservedRooted<JS::Value> error(&rootValue0);
2397 ReservedRooted<JS::Value> suppressed(&rootValue1);
2398 POP_COPY_TO(suppressed)(suppressed) = *--(activation.regs()).sp;
2399 POP_COPY_TO(error)(error) = *--(activation.regs()).sp;
2400 ErrorObject* errorObj = CreateSuppressedError(cx, error, suppressed);
2401 if (!errorObj) {
2402 goto error;
2403 }
2404 PUSH_OBJECT(*errorObj)do { (activation.regs()).sp++->setObject(*errorObj); cx->
debugOnlyCheck((activation.regs()).sp[-1]); } while (0);
2405 }
2406 END_CASE(CreateSuppressedError)do { (activation.regs()).pc += (JSOpLength_CreateSuppressedError
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2407#endif
2408
2409 CASE(Return)label_Return: {
2410 POP_RETURN_VALUE()(activation.regs()).fp()->setReturnValue(*--(activation.regs
()).sp);
2411 /* FALL THROUGH */
2412 }
2413 CASE(RetRval)label_RetRval: {
2414 /*
2415 * When the inlined frame exits with an exception or an error, ok will be
2416 * false after the inline_return label.
2417 */
2418 CHECK_BRANCH()do { if (!CheckForInterrupt(cx)) goto error; } while (0);
2419
2420 successful_return_continuation:
2421 interpReturnOK = true;
2422
2423 return_continuation:
2424 frameHalfInitialized = false;
2425
2426 prologue_return_continuation:
2427
2428 if (activation.entryFrame() != REGS(activation.regs()).fp()) {
2429 // Stop the engine. (No details about which engine exactly, could be
2430 // interpreter, Baseline or IonMonkey.)
2431 if (MOZ_LIKELY(!frameHalfInitialized)(__builtin_expect(!!(!frameHalfInitialized), 1))) {
2432 interpReturnOK =
2433 DebugAPI::onLeaveFrame(cx, REGS(activation.regs()).fp(), REGS(activation.regs()).pc, interpReturnOK);
2434
2435 REGS(activation.regs()).fp()->epilogue(cx, REGS(activation.regs()).pc);
2436 }
2437
2438 jit_return_pop_frame:
2439
2440 activation.popInlineFrame(REGS(activation.regs()).fp());
2441 {
2442 JSScript* callerScript = REGS(activation.regs()).fp()->script();
2443 if (cx->realm() != callerScript->realm()) {
2444 cx->leaveRealm(callerScript->realm());
2445 }
2446 SET_SCRIPT(callerScript)do { script = (callerScript); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(cx->realm() == script
->realm())>::isValid, "invalid assertion condition"); if
((__builtin_expect(!!(!(!!(cx->realm() == script->realm
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("cx->realm() == script->realm()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2446); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->realm() == script->realm()"
")"); do { *((volatile int*)__null) = 2446; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); if (DebugAPI
::hasAnyBreakpointsOrStepMode(script) || script->hasScriptCounts
()) activation.enableInterruptsUnconditionally(); } while (0);
2447 }
2448
2449 jit_return:
2450
2451 MOZ_ASSERT(IsInvokePC(REGS.pc))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsInvokePC((activation.regs()).pc))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(IsInvokePC((activation.regs(
)).pc)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("IsInvokePC((activation.regs()).pc)", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2451); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsInvokePC((activation.regs()).pc)"
")"); do { *((volatile int*)__null) = 2451; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2452 MOZ_ASSERT(cx->realm() == script->realm())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->realm() == script->realm())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(cx->realm() == script->
realm()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("cx->realm() == script->realm()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2452); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->realm() == script->realm()"
")"); do { *((volatile int*)__null) = 2452; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2453
2454 /* Resume execution in the calling frame. */
2455 if (MOZ_LIKELY(interpReturnOK)(__builtin_expect(!!(interpReturnOK), 1))) {
2456 if (JSOp(*REGS(activation.regs()).pc) == JSOp::Resume) {
2457 ADVANCE_AND_DISPATCH(JSOpLength_Resume)do { (activation.regs()).pc += (JSOpLength_Resume); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2458 }
2459
2460 MOZ_ASSERT(GetBytecodeLength(REGS.pc) == JSOpLength_Call)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(GetBytecodeLength((activation.regs()).pc) == JSOpLength_Call
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(GetBytecodeLength((activation.regs()).pc) == JSOpLength_Call
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"GetBytecodeLength((activation.regs()).pc) == JSOpLength_Call"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2460); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetBytecodeLength((activation.regs()).pc) == JSOpLength_Call"
")"); do { *((volatile int*)__null) = 2460; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2461 ADVANCE_AND_DISPATCH(JSOpLength_Call)do { (activation.regs()).pc += (JSOpLength_Call); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2462 }
2463
2464 goto error;
2465 } else {
2466 // Stack should be empty for the outer frame, unless we executed the
2467 // first |await| expression in an async function.
2468 MOZ_ASSERT(REGS.stackDepth() == 0 ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() == 0 || (JSOp(*(activation
.regs()).pc) == JSOp::Await && !(activation.regs()).fp
()->isResumedGenerator()))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!((activation.regs()).stackDepth
() == 0 || (JSOp(*(activation.regs()).pc) == JSOp::Await &&
!(activation.regs()).fp()->isResumedGenerator())))), 0)))
{ do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() == 0 || (JSOp(*(activation.regs()).pc) == JSOp::Await && !(activation.regs()).fp()->isResumedGenerator())"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2470); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() == 0 || (JSOp(*(activation.regs()).pc) == JSOp::Await && !(activation.regs()).fp()->isResumedGenerator())"
")"); do { *((volatile int*)__null) = 2470; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
2469 (JSOp(*REGS.pc) == JSOp::Await &&do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() == 0 || (JSOp(*(activation
.regs()).pc) == JSOp::Await && !(activation.regs()).fp
()->isResumedGenerator()))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!((activation.regs()).stackDepth
() == 0 || (JSOp(*(activation.regs()).pc) == JSOp::Await &&
!(activation.regs()).fp()->isResumedGenerator())))), 0)))
{ do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() == 0 || (JSOp(*(activation.regs()).pc) == JSOp::Await && !(activation.regs()).fp()->isResumedGenerator())"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2470); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() == 0 || (JSOp(*(activation.regs()).pc) == JSOp::Await && !(activation.regs()).fp()->isResumedGenerator())"
")"); do { *((volatile int*)__null) = 2470; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
2470 !REGS.fp()->isResumedGenerator()))do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() == 0 || (JSOp(*(activation
.regs()).pc) == JSOp::Await && !(activation.regs()).fp
()->isResumedGenerator()))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!((activation.regs()).stackDepth
() == 0 || (JSOp(*(activation.regs()).pc) == JSOp::Await &&
!(activation.regs()).fp()->isResumedGenerator())))), 0)))
{ do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() == 0 || (JSOp(*(activation.regs()).pc) == JSOp::Await && !(activation.regs()).fp()->isResumedGenerator())"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2470); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() == 0 || (JSOp(*(activation.regs()).pc) == JSOp::Await && !(activation.regs()).fp()->isResumedGenerator())"
")"); do { *((volatile int*)__null) = 2470; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2471 }
2472 goto exit;
2473 }
2474
2475 CASE(Default)label_Default: {
2476 REGS(activation.regs()).sp--;
2477 /* FALL THROUGH */
2478 }
2479 CASE(Goto)label_Goto: { BRANCH(GET_JUMP_OFFSET(REGS.pc))do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc))
; if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0); }
2480
2481 CASE(JumpIfFalse)label_JumpIfFalse: {
2482 bool cond = ToBoolean(REGS(activation.regs()).stackHandleAt(-1));
2483 REGS(activation.regs()).sp--;
2484 if (!cond) {
2485 BRANCH(GET_JUMP_OFFSET(REGS.pc))do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc))
; if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0);
2486 }
2487 }
2488 END_CASE(JumpIfFalse)do { (activation.regs()).pc += (JSOpLength_JumpIfFalse); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2489
2490 CASE(JumpIfTrue)label_JumpIfTrue: {
2491 bool cond = ToBoolean(REGS(activation.regs()).stackHandleAt(-1));
2492 REGS(activation.regs()).sp--;
2493 if (cond) {
2494 BRANCH(GET_JUMP_OFFSET(REGS.pc))do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc))
; if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0);
2495 }
2496 }
2497 END_CASE(JumpIfTrue)do { (activation.regs()).pc += (JSOpLength_JumpIfTrue); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2498
2499 CASE(Or)label_Or: {
2500 bool cond = ToBoolean(REGS(activation.regs()).stackHandleAt(-1));
2501 if (cond) {
2502 ADVANCE_AND_DISPATCH(GET_JUMP_OFFSET(REGS.pc))do { (activation.regs()).pc += (GET_JUMP_OFFSET((activation.regs
()).pc)); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto
* addresses[(*(activation.regs()).pc | activation.opMask())];
} while (0);
2503 }
2504 }
2505 END_CASE(Or)do { (activation.regs()).pc += (JSOpLength_Or); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2506
2507 CASE(Coalesce)label_Coalesce: {
2508 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-1);
2509 bool cond = !res.isNullOrUndefined();
2510 if (cond) {
2511 ADVANCE_AND_DISPATCH(GET_JUMP_OFFSET(REGS.pc))do { (activation.regs()).pc += (GET_JUMP_OFFSET((activation.regs
()).pc)); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto
* addresses[(*(activation.regs()).pc | activation.opMask())];
} while (0);
2512 }
2513 }
2514 END_CASE(Coalesce)do { (activation.regs()).pc += (JSOpLength_Coalesce); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2515
2516 CASE(And)label_And: {
2517 bool cond = ToBoolean(REGS(activation.regs()).stackHandleAt(-1));
2518 if (!cond) {
2519 ADVANCE_AND_DISPATCH(GET_JUMP_OFFSET(REGS.pc))do { (activation.regs()).pc += (GET_JUMP_OFFSET((activation.regs
()).pc)); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto
* addresses[(*(activation.regs()).pc | activation.opMask())];
} while (0);
2520 }
2521 }
2522 END_CASE(And)do { (activation.regs()).pc += (JSOpLength_And); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2523
2524#define FETCH_ELEMENT_ID(n, id)do { if (!ToPropertyKey(cx, (activation.regs()).stackHandleAt
(n), &(id))) goto error; } while (0) \
2525 JS_BEGIN_MACROdo { \
2526 if (!ToPropertyKey(cx, REGS(activation.regs()).stackHandleAt(n), &(id))) goto error; \
2527 JS_END_MACRO} while (0)
2528
2529#define TRY_BRANCH_AFTER_COND(cond, spdec)do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(GetBytecodeLength((activation.regs()).pc) == 1)>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(GetBytecodeLength((activation.regs()).pc) == 1))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("GetBytecodeLength((activation.regs()).pc) == 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2529); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetBytecodeLength((activation.regs()).pc) == 1"
")"); do { *((volatile int*)__null) = 2529; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); unsigned diff_
= (unsigned)GET_UINT8((activation.regs()).pc) - (unsigned)JSOp
::JumpIfFalse; if (diff_ <= 1) { (activation.regs()).sp -=
(spdec); if ((cond) == (diff_ != 0)) { ++(activation.regs())
.pc; do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs())
.pc)); if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto
error; } while (0); do { (activation.regs()).pc += (nlen); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
); } while (0); } do { (activation.regs()).pc += (1 + JSOpLength_JumpIfFalse
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
); } } while (0) \
2530 JS_BEGIN_MACROdo { \
2531 MOZ_ASSERT(GetBytecodeLength(REGS.pc) == 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(GetBytecodeLength((activation.regs()).pc) == 1)>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(GetBytecodeLength((activation.regs()).pc) == 1))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("GetBytecodeLength((activation.regs()).pc) == 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2531); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetBytecodeLength((activation.regs()).pc) == 1"
")"); do { *((volatile int*)__null) = 2531; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); \
2532 unsigned diff_ = \
2533 (unsigned)GET_UINT8(REGS(activation.regs()).pc) - (unsigned)JSOp::JumpIfFalse; \
2534 if (diff_ <= 1) { \
2535 REGS(activation.regs()).sp -= (spdec); \
2536 if ((cond) == (diff_ != 0)) { \
2537 ++REGS(activation.regs()).pc; \
2538 BRANCH(GET_JUMP_OFFSET(REGS.pc))do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc))
; if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0); \
2539 } \
2540 ADVANCE_AND_DISPATCH(1 + JSOpLength_JumpIfFalse)do { (activation.regs()).pc += (1 + JSOpLength_JumpIfFalse); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
); \
2541 } \
2542 JS_END_MACRO} while (0)
2543
2544 CASE(In)label_In: {
2545 HandleValue rref = REGS(activation.regs()).stackHandleAt(-1);
2546 if (!rref.isObject()) {
2547 HandleValue lref = REGS(activation.regs()).stackHandleAt(-2);
2548 ReportInNotObjectError(cx, lref, rref);
2549 goto error;
2550 }
2551 bool found;
2552 {
2553 ReservedRooted<JSObject*> obj(&rootObject0, &rref.toObject());
2554 ReservedRooted<jsid> id(&rootId0);
2555 FETCH_ELEMENT_ID(-2, id)do { if (!ToPropertyKey(cx, (activation.regs()).stackHandleAt
(-2), &(id))) goto error; } while (0);
2556 if (!HasProperty(cx, obj, id, &found)) {
2557 goto error;
2558 }
2559 }
2560 TRY_BRANCH_AFTER_COND(found, 2)do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(GetBytecodeLength((activation.regs()).pc) == 1)>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(GetBytecodeLength((activation.regs()).pc) == 1))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("GetBytecodeLength((activation.regs()).pc) == 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2560); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetBytecodeLength((activation.regs()).pc) == 1"
")"); do { *((volatile int*)__null) = 2560; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); unsigned diff_
= (unsigned)GET_UINT8((activation.regs()).pc) - (unsigned)JSOp
::JumpIfFalse; if (diff_ <= 1) { (activation.regs()).sp -=
(2); if ((found) == (diff_ != 0)) { ++(activation.regs()).pc
; do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc
)); if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0); } do { (activation.regs()).pc += (1 + JSOpLength_JumpIfFalse
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
); } } while (0);
2561 REGS(activation.regs()).sp--;
2562 REGS(activation.regs()).sp[-1].setBoolean(found);
2563 }
2564 END_CASE(In)do { (activation.regs()).pc += (JSOpLength_In); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2565
2566 CASE(HasOwn)label_HasOwn: {
2567 HandleValue val = REGS(activation.regs()).stackHandleAt(-1);
2568 HandleValue idval = REGS(activation.regs()).stackHandleAt(-2);
2569
2570 bool found;
2571 if (!HasOwnProperty(cx, val, idval, &found)) {
2572 goto error;
2573 }
2574
2575 REGS(activation.regs()).sp--;
2576 REGS(activation.regs()).sp[-1].setBoolean(found);
2577 }
2578 END_CASE(HasOwn)do { (activation.regs()).pc += (JSOpLength_HasOwn); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2579
2580 CASE(CheckPrivateField)label_CheckPrivateField: {
2581 /* Load the object being initialized into lval/val. */
2582 HandleValue val = REGS(activation.regs()).stackHandleAt(-2);
2583 HandleValue idval = REGS(activation.regs()).stackHandleAt(-1);
2584
2585 bool result = false;
2586 if (!CheckPrivateFieldOperation(cx, REGS(activation.regs()).pc, val, idval, &result)) {
2587 goto error;
2588 }
2589
2590 PUSH_BOOLEAN(result)(activation.regs()).sp++->setBoolean(result);
2591 }
2592 END_CASE(CheckPrivateField)do { (activation.regs()).pc += (JSOpLength_CheckPrivateField)
; do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2593
2594 CASE(NewPrivateName)label_NewPrivateName: {
2595 ReservedRooted<JSAtom*> name(&rootAtom0, script->getAtom(REGS(activation.regs()).pc));
2596
2597 auto* symbol = NewPrivateName(cx, name);
2598 if (!symbol) {
2599 goto error;
2600 }
2601
2602 PUSH_SYMBOL(symbol)(activation.regs()).sp++->setSymbol(symbol);
2603 }
2604 END_CASE(NewPrivateName)do { (activation.regs()).pc += (JSOpLength_NewPrivateName); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2605
2606 CASE(IsNullOrUndefined)label_IsNullOrUndefined: {
2607 bool b = REGS(activation.regs()).sp[-1].isNullOrUndefined();
2608 PUSH_BOOLEAN(b)(activation.regs()).sp++->setBoolean(b);
2609 }
2610 END_CASE(IsNullOrUndefined)do { (activation.regs()).pc += (JSOpLength_IsNullOrUndefined)
; do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2611
2612 CASE(Iter)label_Iter: {
2613 MOZ_ASSERT(REGS.stackDepth() >= 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 1)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 1))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2613); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 1"
")"); do { *((volatile int*)__null) = 2613; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2614 HandleValue val = REGS(activation.regs()).stackHandleAt(-1);
2615 JSObject* iter = ValueToIterator(cx, val);
2616 if (!iter) {
2617 goto error;
2618 }
2619 REGS(activation.regs()).sp[-1].setObject(*iter);
2620 }
2621 END_CASE(Iter)do { (activation.regs()).pc += (JSOpLength_Iter); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2622
2623 CASE(MoreIter)label_MoreIter: {
2624 MOZ_ASSERT(REGS.stackDepth() >= 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 1)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 1))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2624); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 1"
")"); do { *((volatile int*)__null) = 2624; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2625 MOZ_ASSERT(REGS.sp[-1].isObject())do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).sp[-1].isObject())>::isValid,
"invalid assertion condition"); if ((__builtin_expect(!!(!(!
!((activation.regs()).sp[-1].isObject()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("(activation.regs()).sp[-1].isObject()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2625); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).sp[-1].isObject()"
")"); do { *((volatile int*)__null) = 2625; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2626 Value v = IteratorMore(&REGS(activation.regs()).sp[-1].toObject());
2627 PUSH_COPY(v)do { *(activation.regs()).sp++ = (v); cx->debugOnlyCheck((
activation.regs()).sp[-1]); } while (0);
2628 }
2629 END_CASE(MoreIter)do { (activation.regs()).pc += (JSOpLength_MoreIter); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2630
2631 CASE(IsNoIter)label_IsNoIter: {
2632 bool b = REGS(activation.regs()).sp[-1].isMagic(JS_NO_ITER_VALUE);
2633 PUSH_BOOLEAN(b)(activation.regs()).sp++->setBoolean(b);
2634 }
2635 END_CASE(IsNoIter)do { (activation.regs()).pc += (JSOpLength_IsNoIter); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2636
2637 CASE(EndIter)label_EndIter: {
2638 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2638); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 2638; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2639 CloseIterator(&REGS(activation.regs()).sp[-2].toObject());
2640 REGS(activation.regs()).sp -= 2;
2641 }
2642 END_CASE(EndIter)do { (activation.regs()).pc += (JSOpLength_EndIter); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2643
2644 CASE(CloseIter)label_CloseIter: {
2645 ReservedRooted<JSObject*> iter(&rootObject0, &REGS(activation.regs()).sp[-1].toObject());
2646 CompletionKind kind = CompletionKind(GET_UINT8(REGS(activation.regs()).pc));
2647 if (!CloseIterOperation(cx, iter, kind)) {
2648 goto error;
2649 }
2650 REGS(activation.regs()).sp--;
2651 }
2652 END_CASE(CloseIter)do { (activation.regs()).pc += (JSOpLength_CloseIter); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2653
2654 CASE(OptimizeGetIterator)label_OptimizeGetIterator: {
2655 ReservedRooted<Value> val(&rootValue0, REGS(activation.regs()).sp[-1]);
2656 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
2657 bool result;
2658 if (!OptimizeGetIterator(cx, val, &result)) {
2659 goto error;
2660 }
2661 rval.setBoolean(result);
2662 }
2663 END_CASE(OptimizeGetIterator)do { (activation.regs()).pc += (JSOpLength_OptimizeGetIterator
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2664
2665 CASE(IsGenClosing)label_IsGenClosing: {
2666 bool b = REGS(activation.regs()).sp[-1].isMagic(JS_GENERATOR_CLOSING);
2667 PUSH_BOOLEAN(b)(activation.regs()).sp++->setBoolean(b);
2668 }
2669 END_CASE(IsGenClosing)do { (activation.regs()).pc += (JSOpLength_IsGenClosing); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2670
2671 CASE(Dup)label_Dup: {
2672 MOZ_ASSERT(REGS.stackDepth() >= 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 1)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 1))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2672); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 1"
")"); do { *((volatile int*)__null) = 2672; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2673 const Value& rref = REGS(activation.regs()).sp[-1];
2674 PUSH_COPY(rref)do { *(activation.regs()).sp++ = (rref); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
2675 }
2676 END_CASE(Dup)do { (activation.regs()).pc += (JSOpLength_Dup); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2677
2678 CASE(Dup2)label_Dup2: {
2679 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2679); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 2679; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2680 const Value& lref = REGS(activation.regs()).sp[-2];
2681 const Value& rref = REGS(activation.regs()).sp[-1];
2682 PUSH_COPY(lref)do { *(activation.regs()).sp++ = (lref); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
2683 PUSH_COPY(rref)do { *(activation.regs()).sp++ = (rref); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
2684 }
2685 END_CASE(Dup2)do { (activation.regs()).pc += (JSOpLength_Dup2); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2686
2687 CASE(Swap)label_Swap: {
2688 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2688); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 2688; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2689 Value& lref = REGS(activation.regs()).sp[-2];
2690 Value& rref = REGS(activation.regs()).sp[-1];
2691 lref.swap(rref);
2692 }
2693 END_CASE(Swap)do { (activation.regs()).pc += (JSOpLength_Swap); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2694
2695 CASE(Pick)label_Pick: {
2696 unsigned i = GET_UINT8(REGS(activation.regs()).pc);
2697 MOZ_ASSERT(REGS.stackDepth() >= i + 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= i + 1)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= i + 1))), 0))) { do
{ } while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= i + 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2697); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= i + 1"
")"); do { *((volatile int*)__null) = 2697; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2698 Value lval = REGS(activation.regs()).sp[-int(i + 1)];
2699 memmove(REGS(activation.regs()).sp - (i + 1), REGS(activation.regs()).sp - i, sizeof(Value) * i);
2700 REGS(activation.regs()).sp[-1] = lval;
2701 }
2702 END_CASE(Pick)do { (activation.regs()).pc += (JSOpLength_Pick); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2703
2704 CASE(Unpick)label_Unpick: {
2705 int i = GET_UINT8(REGS(activation.regs()).pc);
2706 MOZ_ASSERT(REGS.stackDepth() >= unsigned(i) + 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= unsigned(i) +
1)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).stackDepth() >= unsigned(i) +
1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("(activation.regs()).stackDepth() >= unsigned(i) + 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2706); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= unsigned(i) + 1"
")"); do { *((volatile int*)__null) = 2706; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2707 Value lval = REGS(activation.regs()).sp[-1];
2708 memmove(REGS(activation.regs()).sp - i, REGS(activation.regs()).sp - (i + 1), sizeof(Value) * i);
2709 REGS(activation.regs()).sp[-(i + 1)] = lval;
2710 }
2711 END_CASE(Unpick)do { (activation.regs()).pc += (JSOpLength_Unpick); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2712
2713 CASE(BindUnqualifiedGName)label_BindUnqualifiedGName:
2714 CASE(BindUnqualifiedName)label_BindUnqualifiedName: {
2715 JSOp op = JSOp(*REGS(activation.regs()).pc);
2716 ReservedRooted<JSObject*> envChain(&rootObject0);
2717 if (op == JSOp::BindUnqualifiedName) {
2718 envChain.set(REGS(activation.regs()).fp()->environmentChain());
2719 } else {
2720 MOZ_ASSERT(!script->hasNonSyntacticScope())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!script->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!script->hasNonSyntacticScope
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!script->hasNonSyntacticScope()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2720); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!script->hasNonSyntacticScope()"
")"); do { *((volatile int*)__null) = 2720; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2721 envChain.set(&REGS(activation.regs()).fp()->global().lexicalEnvironment());
2722 }
2723 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
2724
2725 // Assigning to an undeclared name adds a property to the global object.
2726 JSObject* env = LookupNameUnqualified(cx, name, envChain);
2727 if (!env) {
2728 goto error;
2729 }
2730
2731 PUSH_OBJECT(*env)do { (activation.regs()).sp++->setObject(*env); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
2732
2733 static_assert(
2734 JSOpLength_BindUnqualifiedName == JSOpLength_BindUnqualifiedGName,
2735 "We're sharing the END_CASE so the lengths better match");
2736 }
2737 END_CASE(BindUnqualifiedName)do { (activation.regs()).pc += (JSOpLength_BindUnqualifiedName
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2738
2739 CASE(BindName)label_BindName: {
2740 auto envChain = REGS(activation.regs()).fp()->environmentChain();
2741 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
2742
2743 JSObject* env = LookupNameWithGlobalDefault(cx, name, envChain);
2744 if (!env) {
2745 goto error;
2746 }
2747
2748 PUSH_OBJECT(*env)do { (activation.regs()).sp++->setObject(*env); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
2749 }
2750 END_CASE(BindName)do { (activation.regs()).pc += (JSOpLength_BindName); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2751
2752 CASE(BindVar)label_BindVar: {
2753 JSObject* varObj = BindVarOperation(cx, REGS(activation.regs()).fp()->environmentChain());
2754 PUSH_OBJECT(*varObj)do { (activation.regs()).sp++->setObject(*varObj); cx->
debugOnlyCheck((activation.regs()).sp[-1]); } while (0);
2755 }
2756 END_CASE(BindVar)do { (activation.regs()).pc += (JSOpLength_BindVar); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2757
2758 CASE(BitOr)label_BitOr: {
2759 MutableHandleValue lhs = REGS(activation.regs()).stackHandleAt(-2);
2760 MutableHandleValue rhs = REGS(activation.regs()).stackHandleAt(-1);
2761 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2762 if (!BitOrOperation(cx, lhs, rhs, res)) {
2763 goto error;
2764 }
2765 REGS(activation.regs()).sp--;
2766 }
2767 END_CASE(BitOr)do { (activation.regs()).pc += (JSOpLength_BitOr); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2768
2769 CASE(BitXor)label_BitXor: {
2770 MutableHandleValue lhs = REGS(activation.regs()).stackHandleAt(-2);
2771 MutableHandleValue rhs = REGS(activation.regs()).stackHandleAt(-1);
2772 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2773 if (!BitXorOperation(cx, lhs, rhs, res)) {
2774 goto error;
2775 }
2776 REGS(activation.regs()).sp--;
2777 }
2778 END_CASE(BitXor)do { (activation.regs()).pc += (JSOpLength_BitXor); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2779
2780 CASE(BitAnd)label_BitAnd: {
2781 MutableHandleValue lhs = REGS(activation.regs()).stackHandleAt(-2);
2782 MutableHandleValue rhs = REGS(activation.regs()).stackHandleAt(-1);
2783 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2784 if (!BitAndOperation(cx, lhs, rhs, res)) {
2785 goto error;
2786 }
2787 REGS(activation.regs()).sp--;
2788 }
2789 END_CASE(BitAnd)do { (activation.regs()).pc += (JSOpLength_BitAnd); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2790
2791 CASE(Eq)label_Eq: {
2792 if (!LooseEqualityOp<true>(cx, REGS(activation.regs()))) {
2793 goto error;
2794 }
2795 }
2796 END_CASE(Eq)do { (activation.regs()).pc += (JSOpLength_Eq); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2797
2798 CASE(Ne)label_Ne: {
2799 if (!LooseEqualityOp<false>(cx, REGS(activation.regs()))) {
2800 goto error;
2801 }
2802 }
2803 END_CASE(Ne)do { (activation.regs()).pc += (JSOpLength_Ne); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2804
2805#define STRICT_EQUALITY_OP(OP, COND) \
2806 JS_BEGIN_MACROdo { \
2807 HandleValue lval = REGS(activation.regs()).stackHandleAt(-2); \
2808 HandleValue rval = REGS(activation.regs()).stackHandleAt(-1); \
2809 bool equal; \
2810 if (!js::StrictlyEqual(cx, lval, rval, &equal)) { \
2811 goto error; \
2812 } \
2813 (COND) = equal OP true; \
2814 REGS(activation.regs()).sp--; \
2815 JS_END_MACRO} while (0)
2816
2817 CASE(StrictEq)label_StrictEq: {
2818 bool cond;
2819 STRICT_EQUALITY_OP(==, cond);
2820 REGS(activation.regs()).sp[-1].setBoolean(cond);
2821 }
2822 END_CASE(StrictEq)do { (activation.regs()).pc += (JSOpLength_StrictEq); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2823
2824 CASE(StrictNe)label_StrictNe: {
2825 bool cond;
2826 STRICT_EQUALITY_OP(!=, cond);
2827 REGS(activation.regs()).sp[-1].setBoolean(cond);
2828 }
2829 END_CASE(StrictNe)do { (activation.regs()).pc += (JSOpLength_StrictNe); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2830
2831#undef STRICT_EQUALITY_OP
2832
2833 CASE(Case)label_Case: {
2834 bool cond = REGS(activation.regs()).sp[-1].toBoolean();
2835 REGS(activation.regs()).sp--;
2836 if (cond) {
2837 REGS(activation.regs()).sp--;
2838 BRANCH(GET_JUMP_OFFSET(REGS.pc))do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc))
; if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0);
2839 }
2840 }
2841 END_CASE(Case)do { (activation.regs()).pc += (JSOpLength_Case); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2842
2843 CASE(Lt)label_Lt: {
2844 bool cond;
2845 MutableHandleValue lval = REGS(activation.regs()).stackHandleAt(-2);
2846 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
2847 if (!LessThanOperation(cx, lval, rval, &cond)) {
2848 goto error;
2849 }
2850 TRY_BRANCH_AFTER_COND(cond, 2)do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(GetBytecodeLength((activation.regs()).pc) == 1)>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(GetBytecodeLength((activation.regs()).pc) == 1))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("GetBytecodeLength((activation.regs()).pc) == 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2850); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetBytecodeLength((activation.regs()).pc) == 1"
")"); do { *((volatile int*)__null) = 2850; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); unsigned diff_
= (unsigned)GET_UINT8((activation.regs()).pc) - (unsigned)JSOp
::JumpIfFalse; if (diff_ <= 1) { (activation.regs()).sp -=
(2); if ((cond) == (diff_ != 0)) { ++(activation.regs()).pc;
do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc)
); if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0); } do { (activation.regs()).pc += (1 + JSOpLength_JumpIfFalse
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
); } } while (0);
2851 REGS(activation.regs()).sp[-2].setBoolean(cond);
2852 REGS(activation.regs()).sp--;
2853 }
2854 END_CASE(Lt)do { (activation.regs()).pc += (JSOpLength_Lt); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2855
2856 CASE(Le)label_Le: {
2857 bool cond;
2858 MutableHandleValue lval = REGS(activation.regs()).stackHandleAt(-2);
2859 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
2860 if (!LessThanOrEqualOperation(cx, lval, rval, &cond)) {
2861 goto error;
2862 }
2863 TRY_BRANCH_AFTER_COND(cond, 2)do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(GetBytecodeLength((activation.regs()).pc) == 1)>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(GetBytecodeLength((activation.regs()).pc) == 1))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("GetBytecodeLength((activation.regs()).pc) == 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2863); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetBytecodeLength((activation.regs()).pc) == 1"
")"); do { *((volatile int*)__null) = 2863; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); unsigned diff_
= (unsigned)GET_UINT8((activation.regs()).pc) - (unsigned)JSOp
::JumpIfFalse; if (diff_ <= 1) { (activation.regs()).sp -=
(2); if ((cond) == (diff_ != 0)) { ++(activation.regs()).pc;
do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc)
); if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0); } do { (activation.regs()).pc += (1 + JSOpLength_JumpIfFalse
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
); } } while (0);
2864 REGS(activation.regs()).sp[-2].setBoolean(cond);
2865 REGS(activation.regs()).sp--;
2866 }
2867 END_CASE(Le)do { (activation.regs()).pc += (JSOpLength_Le); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2868
2869 CASE(Gt)label_Gt: {
2870 bool cond;
2871 MutableHandleValue lval = REGS(activation.regs()).stackHandleAt(-2);
2872 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
2873 if (!GreaterThanOperation(cx, lval, rval, &cond)) {
2874 goto error;
2875 }
2876 TRY_BRANCH_AFTER_COND(cond, 2)do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(GetBytecodeLength((activation.regs()).pc) == 1)>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(GetBytecodeLength((activation.regs()).pc) == 1))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("GetBytecodeLength((activation.regs()).pc) == 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2876); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetBytecodeLength((activation.regs()).pc) == 1"
")"); do { *((volatile int*)__null) = 2876; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); unsigned diff_
= (unsigned)GET_UINT8((activation.regs()).pc) - (unsigned)JSOp
::JumpIfFalse; if (diff_ <= 1) { (activation.regs()).sp -=
(2); if ((cond) == (diff_ != 0)) { ++(activation.regs()).pc;
do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc)
); if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0); } do { (activation.regs()).pc += (1 + JSOpLength_JumpIfFalse
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
); } } while (0);
2877 REGS(activation.regs()).sp[-2].setBoolean(cond);
2878 REGS(activation.regs()).sp--;
2879 }
2880 END_CASE(Gt)do { (activation.regs()).pc += (JSOpLength_Gt); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2881
2882 CASE(Ge)label_Ge: {
2883 bool cond;
2884 MutableHandleValue lval = REGS(activation.regs()).stackHandleAt(-2);
2885 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
2886 if (!GreaterThanOrEqualOperation(cx, lval, rval, &cond)) {
2887 goto error;
2888 }
2889 TRY_BRANCH_AFTER_COND(cond, 2)do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(GetBytecodeLength((activation.regs()).pc) == 1)>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(GetBytecodeLength((activation.regs()).pc) == 1))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("GetBytecodeLength((activation.regs()).pc) == 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2889); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetBytecodeLength((activation.regs()).pc) == 1"
")"); do { *((volatile int*)__null) = 2889; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); unsigned diff_
= (unsigned)GET_UINT8((activation.regs()).pc) - (unsigned)JSOp
::JumpIfFalse; if (diff_ <= 1) { (activation.regs()).sp -=
(2); if ((cond) == (diff_ != 0)) { ++(activation.regs()).pc;
do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc)
); if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0); } do { (activation.regs()).pc += (1 + JSOpLength_JumpIfFalse
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
); } } while (0);
2890 REGS(activation.regs()).sp[-2].setBoolean(cond);
2891 REGS(activation.regs()).sp--;
2892 }
2893 END_CASE(Ge)do { (activation.regs()).pc += (JSOpLength_Ge); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2894
2895 CASE(Lsh)label_Lsh: {
2896 MutableHandleValue lhs = REGS(activation.regs()).stackHandleAt(-2);
2897 MutableHandleValue rhs = REGS(activation.regs()).stackHandleAt(-1);
2898 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2899 if (!BitLshOperation(cx, lhs, rhs, res)) {
2900 goto error;
2901 }
2902 REGS(activation.regs()).sp--;
2903 }
2904 END_CASE(Lsh)do { (activation.regs()).pc += (JSOpLength_Lsh); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2905
2906 CASE(Rsh)label_Rsh: {
2907 MutableHandleValue lhs = REGS(activation.regs()).stackHandleAt(-2);
2908 MutableHandleValue rhs = REGS(activation.regs()).stackHandleAt(-1);
2909 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2910 if (!BitRshOperation(cx, lhs, rhs, res)) {
2911 goto error;
2912 }
2913 REGS(activation.regs()).sp--;
2914 }
2915 END_CASE(Rsh)do { (activation.regs()).pc += (JSOpLength_Rsh); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2916
2917 CASE(Ursh)label_Ursh: {
2918 MutableHandleValue lhs = REGS(activation.regs()).stackHandleAt(-2);
2919 MutableHandleValue rhs = REGS(activation.regs()).stackHandleAt(-1);
2920 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2921 if (!UrshOperation(cx, lhs, rhs, res)) {
2922 goto error;
2923 }
2924 REGS(activation.regs()).sp--;
2925 }
2926 END_CASE(Ursh)do { (activation.regs()).pc += (JSOpLength_Ursh); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2927
2928 CASE(Add)label_Add: {
2929 MutableHandleValue lval = REGS(activation.regs()).stackHandleAt(-2);
2930 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
2931 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2932 if (!AddOperation(cx, lval, rval, res)) {
2933 goto error;
2934 }
2935 REGS(activation.regs()).sp--;
2936 }
2937 END_CASE(Add)do { (activation.regs()).pc += (JSOpLength_Add); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2938
2939 CASE(Sub)label_Sub: {
2940 ReservedRooted<Value> lval(&rootValue0, REGS(activation.regs()).sp[-2]);
2941 ReservedRooted<Value> rval(&rootValue1, REGS(activation.regs()).sp[-1]);
2942 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2943 if (!SubOperation(cx, &lval, &rval, res)) {
2944 goto error;
2945 }
2946 REGS(activation.regs()).sp--;
2947 }
2948 END_CASE(Sub)do { (activation.regs()).pc += (JSOpLength_Sub); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2949
2950 CASE(Mul)label_Mul: {
2951 ReservedRooted<Value> lval(&rootValue0, REGS(activation.regs()).sp[-2]);
2952 ReservedRooted<Value> rval(&rootValue1, REGS(activation.regs()).sp[-1]);
2953 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2954 if (!MulOperation(cx, &lval, &rval, res)) {
2955 goto error;
2956 }
2957 REGS(activation.regs()).sp--;
2958 }
2959 END_CASE(Mul)do { (activation.regs()).pc += (JSOpLength_Mul); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2960
2961 CASE(Div)label_Div: {
2962 ReservedRooted<Value> lval(&rootValue0, REGS(activation.regs()).sp[-2]);
2963 ReservedRooted<Value> rval(&rootValue1, REGS(activation.regs()).sp[-1]);
2964 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2965 if (!DivOperation(cx, &lval, &rval, res)) {
2966 goto error;
2967 }
2968 REGS(activation.regs()).sp--;
2969 }
2970 END_CASE(Div)do { (activation.regs()).pc += (JSOpLength_Div); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2971
2972 CASE(Mod)label_Mod: {
2973 ReservedRooted<Value> lval(&rootValue0, REGS(activation.regs()).sp[-2]);
2974 ReservedRooted<Value> rval(&rootValue1, REGS(activation.regs()).sp[-1]);
2975 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2976 if (!ModOperation(cx, &lval, &rval, res)) {
2977 goto error;
2978 }
2979 REGS(activation.regs()).sp--;
2980 }
2981 END_CASE(Mod)do { (activation.regs()).pc += (JSOpLength_Mod); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2982
2983 CASE(Pow)label_Pow: {
2984 ReservedRooted<Value> lval(&rootValue0, REGS(activation.regs()).sp[-2]);
2985 ReservedRooted<Value> rval(&rootValue1, REGS(activation.regs()).sp[-1]);
2986 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2987 if (!PowOperation(cx, &lval, &rval, res)) {
2988 goto error;
2989 }
2990 REGS(activation.regs()).sp--;
2991 }
2992 END_CASE(Pow)do { (activation.regs()).pc += (JSOpLength_Pow); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2993
2994 CASE(Not)label_Not: {
2995 bool cond = ToBoolean(REGS(activation.regs()).stackHandleAt(-1));
2996 REGS(activation.regs()).sp--;
2997 PUSH_BOOLEAN(!cond)(activation.regs()).sp++->setBoolean(!cond);
2998 }
2999 END_CASE(Not)do { (activation.regs()).pc += (JSOpLength_Not); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3000
3001 CASE(BitNot)label_BitNot: {
3002 MutableHandleValue val = REGS(activation.regs()).stackHandleAt(-1);
3003 if (!BitNotOperation(cx, val, val)) {
3004 goto error;
3005 }
3006 }
3007 END_CASE(BitNot)do { (activation.regs()).pc += (JSOpLength_BitNot); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3008
3009 CASE(Neg)label_Neg: {
3010 MutableHandleValue val = REGS(activation.regs()).stackHandleAt(-1);
3011 if (!NegOperation(cx, val, val)) {
3012 goto error;
3013 }
3014 }
3015 END_CASE(Neg)do { (activation.regs()).pc += (JSOpLength_Neg); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3016
3017 CASE(Pos)label_Pos: {
3018 if (!ToNumber(cx, REGS(activation.regs()).stackHandleAt(-1))) {
3019 goto error;
3020 }
3021 }
3022 END_CASE(Pos)do { (activation.regs()).pc += (JSOpLength_Pos); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3023
3024 CASE(DelName)label_DelName: {
3025 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
3026 HandleObject envChain = REGS(activation.regs()).fp()->environmentChain();
3027
3028 PUSH_BOOLEAN(true)(activation.regs()).sp++->setBoolean(true);
3029 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-1);
3030 if (!DeleteNameOperation(cx, name, envChain, res)) {
3031 goto error;
3032 }
3033 }
3034 END_CASE(DelName)do { (activation.regs()).pc += (JSOpLength_DelName); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3035
3036 CASE(DelProp)label_DelProp:
3037 CASE(StrictDelProp)label_StrictDelProp: {
3038 static_assert(JSOpLength_DelProp == JSOpLength_StrictDelProp,
3039 "delprop and strictdelprop must be the same size");
3040 HandleValue val = REGS(activation.regs()).stackHandleAt(-1);
3041 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
3042 bool res = false;
3043 if (JSOp(*REGS(activation.regs()).pc) == JSOp::StrictDelProp) {
3044 if (!DelPropOperation<true>(cx, val, name, &res)) {
3045 goto error;
3046 }
3047 } else {
3048 if (!DelPropOperation<false>(cx, val, name, &res)) {
3049 goto error;
3050 }
3051 }
3052 REGS(activation.regs()).sp[-1].setBoolean(res);
3053 }
3054 END_CASE(DelProp)do { (activation.regs()).pc += (JSOpLength_DelProp); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3055
3056 CASE(DelElem)label_DelElem:
3057 CASE(StrictDelElem)label_StrictDelElem: {
3058 static_assert(JSOpLength_DelElem == JSOpLength_StrictDelElem,
3059 "delelem and strictdelelem must be the same size");
3060 HandleValue val = REGS(activation.regs()).stackHandleAt(-2);
3061 HandleValue propval = REGS(activation.regs()).stackHandleAt(-1);
3062 bool res = false;
3063 if (JSOp(*REGS(activation.regs()).pc) == JSOp::StrictDelElem) {
3064 if (!DelElemOperation<true>(cx, val, propval, &res)) {
3065 goto error;
3066 }
3067 } else {
3068 if (!DelElemOperation<false>(cx, val, propval, &res)) {
3069 goto error;
3070 }
3071 }
3072 REGS(activation.regs()).sp[-2].setBoolean(res);
3073 REGS(activation.regs()).sp--;
3074 }
3075 END_CASE(DelElem)do { (activation.regs()).pc += (JSOpLength_DelElem); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3076
3077 CASE(ToPropertyKey)label_ToPropertyKey: {
3078 ReservedRooted<Value> idval(&rootValue1, REGS(activation.regs()).sp[-1]);
3079 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-1);
3080 if (!ToPropertyKeyOperation(cx, idval, res)) {
3081 goto error;
3082 }
3083 }
3084 END_CASE(ToPropertyKey)do { (activation.regs()).pc += (JSOpLength_ToPropertyKey); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3085
3086 CASE(TypeofExpr)label_TypeofExpr:
3087 CASE(Typeof)label_Typeof: {
3088 REGS(activation.regs()).sp[-1].setString(TypeOfOperation(REGS(activation.regs()).sp[-1], cx->runtime()));
3089 }
3090 END_CASE(Typeof)do { (activation.regs()).pc += (JSOpLength_Typeof); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3091
3092 CASE(TypeofEq)label_TypeofEq: {
3093 auto operand = TypeofEqOperand::fromRawValue(GET_UINT8(REGS(activation.regs()).pc));
3094 bool result = js::TypeOfValue(REGS(activation.regs()).sp[-1]) == operand.type();
3095 if (operand.compareOp() == JSOp::Ne) {
3096 result = !result;
3097 }
3098 REGS(activation.regs()).sp[-1].setBoolean(result);
3099 }
3100 END_CASE(TypeofEq)do { (activation.regs()).pc += (JSOpLength_TypeofEq); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3101
3102 CASE(Void)label_Void: { REGS(activation.regs()).sp[-1].setUndefined(); }
3103 END_CASE(Void)do { (activation.regs()).pc += (JSOpLength_Void); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3104
3105 CASE(FunctionThis)label_FunctionThis: {
3106 PUSH_NULL()(activation.regs()).sp++->setNull();
3107 if (!GetFunctionThis(cx, REGS(activation.regs()).fp(), REGS(activation.regs()).stackHandleAt(-1))) {
3108 goto error;
3109 }
3110 }
3111 END_CASE(FunctionThis)do { (activation.regs()).pc += (JSOpLength_FunctionThis); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3112
3113 CASE(GlobalThis)label_GlobalThis: {
3114 MOZ_ASSERT(!script->hasNonSyntacticScope())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!script->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!script->hasNonSyntacticScope
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!script->hasNonSyntacticScope()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3114); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!script->hasNonSyntacticScope()"
")"); do { *((volatile int*)__null) = 3114; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3115 PUSH_OBJECT(*cx->global()->lexicalEnvironment().thisObject())do { (activation.regs()).sp++->setObject(*cx->global()->
lexicalEnvironment().thisObject()); cx->debugOnlyCheck((activation
.regs()).sp[-1]); } while (0);
3116 }
3117 END_CASE(GlobalThis)do { (activation.regs()).pc += (JSOpLength_GlobalThis); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3118
3119 CASE(NonSyntacticGlobalThis)label_NonSyntacticGlobalThis: {
3120 PUSH_NULL()(activation.regs()).sp++->setNull();
3121 GetNonSyntacticGlobalThis(cx, REGS(activation.regs()).fp()->environmentChain(),
3122 REGS(activation.regs()).stackHandleAt(-1));
3123 }
3124 END_CASE(NonSyntacticGlobalThis)do { (activation.regs()).pc += (JSOpLength_NonSyntacticGlobalThis
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3125
3126 CASE(CheckIsObj)label_CheckIsObj: {
3127 if (!REGS(activation.regs()).sp[-1].isObject()) {
3128 MOZ_ALWAYS_FALSE(do { if ((__builtin_expect(!!(!(ThrowCheckIsObject(cx, CheckIsObjectKind
(GET_UINT8((activation.regs()).pc))))), 1))) { } else { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(false)>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(false))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("false" " (" "!(ThrowCheckIsObject(cx, CheckIsObjectKind(GET_UINT8((activation.regs()).pc))))"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3129); AnnotateMozCrashReason("MOZ_DIAGNOSTIC_ASSERT" "(" "false"
") (" "!(ThrowCheckIsObject(cx, CheckIsObjectKind(GET_UINT8((activation.regs()).pc))))"
")"); do { *((volatile int*)__null) = 3129; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
3129 ThrowCheckIsObject(cx, CheckIsObjectKind(GET_UINT8(REGS.pc))))do { if ((__builtin_expect(!!(!(ThrowCheckIsObject(cx, CheckIsObjectKind
(GET_UINT8((activation.regs()).pc))))), 1))) { } else { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(false)>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(false))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("false" " (" "!(ThrowCheckIsObject(cx, CheckIsObjectKind(GET_UINT8((activation.regs()).pc))))"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3129); AnnotateMozCrashReason("MOZ_DIAGNOSTIC_ASSERT" "(" "false"
") (" "!(ThrowCheckIsObject(cx, CheckIsObjectKind(GET_UINT8((activation.regs()).pc))))"
")"); do { *((volatile int*)__null) = 3129; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
3130 goto error;
3131 }
3132 }
3133 END_CASE(CheckIsObj)do { (activation.regs()).pc += (JSOpLength_CheckIsObj); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3134
3135 CASE(CheckThis)label_CheckThis: {
3136 if (REGS(activation.regs()).sp[-1].isMagic(JS_UNINITIALIZED_LEXICAL)) {
3137 MOZ_ALWAYS_FALSE(ThrowUninitializedThis(cx))do { if ((__builtin_expect(!!(!(ThrowUninitializedThis(cx))),
1))) { } else { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(false)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(false))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("false" " (" "!(ThrowUninitializedThis(cx))"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3137); AnnotateMozCrashReason("MOZ_DIAGNOSTIC_ASSERT" "(" "false"
") (" "!(ThrowUninitializedThis(cx))" ")"); do { *((volatile
int*)__null) = 3137; __attribute__((nomerge)) ::abort(); } while
(false); } } while (false); } } while (false);
3138 goto error;
3139 }
3140 }
3141 END_CASE(CheckThis)do { (activation.regs()).pc += (JSOpLength_CheckThis); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3142
3143 CASE(CheckThisReinit)label_CheckThisReinit: {
3144 if (!REGS(activation.regs()).sp[-1].isMagic(JS_UNINITIALIZED_LEXICAL)) {
3145 MOZ_ALWAYS_FALSE(ThrowInitializedThis(cx))do { if ((__builtin_expect(!!(!(ThrowInitializedThis(cx))), 1
))) { } else { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(false)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(false))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("false" " (" "!(ThrowInitializedThis(cx))"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3145); AnnotateMozCrashReason("MOZ_DIAGNOSTIC_ASSERT" "(" "false"
") (" "!(ThrowInitializedThis(cx))" ")"); do { *((volatile int
*)__null) = 3145; __attribute__((nomerge)) ::abort(); } while
(false); } } while (false); } } while (false);
3146 goto error;
3147 }
3148 }
3149 END_CASE(CheckThisReinit)do { (activation.regs()).pc += (JSOpLength_CheckThisReinit); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3150
3151 CASE(CheckReturn)label_CheckReturn: {
3152 ReservedRooted<Value> thisv(&rootValue0, REGS(activation.regs()).sp[-1]);
3153 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
3154 if (!REGS(activation.regs()).fp()->checkReturn(cx, thisv, rval)) {
3155 goto error;
3156 }
3157 }
3158 END_CASE(CheckReturn)do { (activation.regs()).pc += (JSOpLength_CheckReturn); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3159
3160 CASE(GetProp)label_GetProp: {
3161 ReservedRooted<Value> lval(&rootValue0, REGS(activation.regs()).sp[-1]);
3162 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-1);
3163 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
3164 if (!GetPropertyOperation(cx, name, lval, res)) {
3165 goto error;
3166 }
3167 cx->debugOnlyCheck(res);
3168 }
3169 END_CASE(GetProp)do { (activation.regs()).pc += (JSOpLength_GetProp); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3170
3171 CASE(GetPropSuper)label_GetPropSuper: {
3172 ReservedRooted<Value> receiver(&rootValue0, REGS(activation.regs()).sp[-2]);
3173 HandleValue lval = REGS(activation.regs()).stackHandleAt(-1);
3174 MOZ_ASSERT(lval.isObjectOrNull())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(lval.isObjectOrNull())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(lval.isObjectOrNull()))), 0)
)) { do { } while (false); MOZ_ReportAssertionFailure("lval.isObjectOrNull()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3174); AnnotateMozCrashReason("MOZ_ASSERT" "(" "lval.isObjectOrNull()"
")"); do { *((volatile int*)__null) = 3174; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3175 MutableHandleValue rref = REGS(activation.regs()).stackHandleAt(-2);
3176 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
3177
3178 ReservedRooted<JSObject*> obj(&rootObject0);
3179 obj = ToObjectFromStackForPropertyAccess(cx, lval, -1, name);
3180 if (!obj) {
3181 goto error;
3182 }
3183
3184 if (!GetProperty(cx, obj, receiver, name, rref)) {
3185 goto error;
3186 }
3187
3188 cx->debugOnlyCheck(rref);
3189
3190 REGS(activation.regs()).sp--;
3191 }
3192 END_CASE(GetPropSuper)do { (activation.regs()).pc += (JSOpLength_GetPropSuper); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3193
3194 CASE(GetBoundName)label_GetBoundName: {
3195 ReservedRooted<JSObject*> env(&rootObject0, &REGS(activation.regs()).sp[-1].toObject());
3196 ReservedRooted<jsid> id(&rootId0, NameToId(script->getName(REGS(activation.regs()).pc)));
3197 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
3198 if (!GetNameBoundInEnvironment(cx, env, id, rval)) {
3199 goto error;
3200 }
3201 cx->debugOnlyCheck(rval);
3202 }
3203 END_CASE(GetBoundName)do { (activation.regs()).pc += (JSOpLength_GetBoundName); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3204
3205 CASE(SetIntrinsic)label_SetIntrinsic: {
3206 HandleValue value = REGS(activation.regs()).stackHandleAt(-1);
3207
3208 if (!SetIntrinsicOperation(cx, script, REGS(activation.regs()).pc, value)) {
3209 goto error;
3210 }
3211 }
3212 END_CASE(SetIntrinsic)do { (activation.regs()).pc += (JSOpLength_SetIntrinsic); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3213
3214 CASE(SetGName)label_SetGName:
3215 CASE(StrictSetGName)label_StrictSetGName:
3216 CASE(SetName)label_SetName:
3217 CASE(StrictSetName)label_StrictSetName: {
3218 static_assert(JSOpLength_SetName == JSOpLength_StrictSetName,
3219 "setname and strictsetname must be the same size");
3220 static_assert(JSOpLength_SetGName == JSOpLength_StrictSetGName,
3221 "setgname and strictsetgname must be the same size");
3222 static_assert(JSOpLength_SetName == JSOpLength_SetGName,
3223 "We're sharing the END_CASE so the lengths better match");
3224
3225 ReservedRooted<JSObject*> env(&rootObject0, &REGS(activation.regs()).sp[-2].toObject());
3226 HandleValue value = REGS(activation.regs()).stackHandleAt(-1);
3227
3228 if (!SetNameOperation(cx, script, REGS(activation.regs()).pc, env, value)) {
3229 goto error;
3230 }
3231
3232 REGS(activation.regs()).sp[-2] = REGS(activation.regs()).sp[-1];
3233 REGS(activation.regs()).sp--;
3234 }
3235 END_CASE(SetName)do { (activation.regs()).pc += (JSOpLength_SetName); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3236
3237 CASE(SetProp)label_SetProp:
3238 CASE(StrictSetProp)label_StrictSetProp: {
3239 static_assert(JSOpLength_SetProp == JSOpLength_StrictSetProp,
3240 "setprop and strictsetprop must be the same size");
3241 int lvalIndex = -2;
3242 HandleValue lval = REGS(activation.regs()).stackHandleAt(lvalIndex);
3243 HandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
3244
3245 ReservedRooted<jsid> id(&rootId0, NameToId(script->getName(REGS(activation.regs()).pc)));
3246
3247 bool strict = JSOp(*REGS(activation.regs()).pc) == JSOp::StrictSetProp;
3248
3249 ReservedRooted<JSObject*> obj(&rootObject0);
3250 obj = ToObjectFromStackForPropertyAccess(cx, lval, lvalIndex, id);
3251 if (!obj) {
3252 goto error;
3253 }
3254
3255 if (!SetObjectElementOperation(cx, obj, id, rval, lval, strict)) {
3256 goto error;
3257 }
3258
3259 REGS(activation.regs()).sp[-2] = REGS(activation.regs()).sp[-1];
3260 REGS(activation.regs()).sp--;
3261 }
3262 END_CASE(SetProp)do { (activation.regs()).pc += (JSOpLength_SetProp); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3263
3264 CASE(SetPropSuper)label_SetPropSuper:
3265 CASE(StrictSetPropSuper)label_StrictSetPropSuper: {
3266 static_assert(
3267 JSOpLength_SetPropSuper == JSOpLength_StrictSetPropSuper,
3268 "setprop-super and strictsetprop-super must be the same size");
3269
3270 HandleValue receiver = REGS(activation.regs()).stackHandleAt(-3);
3271 HandleValue lval = REGS(activation.regs()).stackHandleAt(-2);
3272 MOZ_ASSERT(lval.isObjectOrNull())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(lval.isObjectOrNull())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(lval.isObjectOrNull()))), 0)
)) { do { } while (false); MOZ_ReportAssertionFailure("lval.isObjectOrNull()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3272); AnnotateMozCrashReason("MOZ_ASSERT" "(" "lval.isObjectOrNull()"
")"); do { *((volatile int*)__null) = 3272; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3273 HandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
3274 ReservedRooted<jsid> id(&rootId0, NameToId(script->getName(REGS(activation.regs()).pc)));
3275
3276 bool strict = JSOp(*REGS(activation.regs()).pc) == JSOp::StrictSetPropSuper;
3277
3278 ReservedRooted<JSObject*> obj(&rootObject0);
3279 obj = ToObjectFromStackForPropertyAccess(cx, lval, -2, id);
3280 if (!obj) {
3281 goto error;
3282 }
3283
3284 if (!SetObjectElementOperation(cx, obj, id, rval, receiver, strict)) {
3285 goto error;
3286 }
3287
3288 REGS(activation.regs()).sp[-3] = REGS(activation.regs()).sp[-1];
3289 REGS(activation.regs()).sp -= 2;
3290 }
3291 END_CASE(SetPropSuper)do { (activation.regs()).pc += (JSOpLength_SetPropSuper); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3292
3293 CASE(GetElem)label_GetElem: {
3294 int lvalIndex = -2;
3295 ReservedRooted<Value> lval(&rootValue0, REGS(activation.regs()).sp[lvalIndex]);
3296 HandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
3297 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
3298
3299 if (!GetElementOperationWithStackIndex(cx, lval, lvalIndex, rval, res)) {
3300 goto error;
3301 }
3302
3303 REGS(activation.regs()).sp--;
3304 }
3305 END_CASE(GetElem)do { (activation.regs()).pc += (JSOpLength_GetElem); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3306
3307 CASE(GetElemSuper)label_GetElemSuper: {
3308 ReservedRooted<Value> receiver(&rootValue0, REGS(activation.regs()).sp[-3]);
3309 HandleValue index = REGS(activation.regs()).stackHandleAt(-2);
3310 HandleValue lval = REGS(activation.regs()).stackHandleAt(-1);
3311 MOZ_ASSERT(lval.isObjectOrNull())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(lval.isObjectOrNull())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(lval.isObjectOrNull()))), 0)
)) { do { } while (false); MOZ_ReportAssertionFailure("lval.isObjectOrNull()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3311); AnnotateMozCrashReason("MOZ_ASSERT" "(" "lval.isObjectOrNull()"
")"); do { *((volatile int*)__null) = 3311; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3312
3313 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-3);
3314
3315 ReservedRooted<JSObject*> obj(&rootObject0);
3316 obj = ToObjectFromStackForPropertyAccess(cx, lval, -1, index);
3317 if (!obj) {
3318 goto error;
3319 }
3320
3321 if (!GetObjectElementOperation(cx, JSOp(*REGS(activation.regs()).pc), obj, receiver, index,
3322 res)) {
3323 goto error;
3324 }
3325
3326 REGS(activation.regs()).sp -= 2;
3327 }
3328 END_CASE(GetElemSuper)do { (activation.regs()).pc += (JSOpLength_GetElemSuper); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3329
3330 CASE(SetElem)label_SetElem:
3331 CASE(StrictSetElem)label_StrictSetElem: {
3332 static_assert(JSOpLength_SetElem == JSOpLength_StrictSetElem,
3333 "setelem and strictsetelem must be the same size");
3334 int receiverIndex = -3;
3335 HandleValue receiver = REGS(activation.regs()).stackHandleAt(receiverIndex);
3336 HandleValue value = REGS(activation.regs()).stackHandleAt(-1);
3337
3338 ReservedRooted<JSObject*> obj(&rootObject0);
3339 obj = ToObjectFromStackForPropertyAccess(cx, receiver, receiverIndex,
3340 REGS(activation.regs()).stackHandleAt(-2));
3341 if (!obj) {
3342 goto error;
3343 }
3344
3345 ReservedRooted<jsid> id(&rootId0);
3346 FETCH_ELEMENT_ID(-2, id)do { if (!ToPropertyKey(cx, (activation.regs()).stackHandleAt
(-2), &(id))) goto error; } while (0);
3347
3348 if (!SetObjectElementOperation(cx, obj, id, value, receiver,
3349 JSOp(*REGS(activation.regs()).pc) == JSOp::StrictSetElem)) {
3350 goto error;
3351 }
3352 REGS(activation.regs()).sp[-3] = value;
3353 REGS(activation.regs()).sp -= 2;
3354 }
3355 END_CASE(SetElem)do { (activation.regs()).pc += (JSOpLength_SetElem); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3356
3357 CASE(SetElemSuper)label_SetElemSuper:
3358 CASE(StrictSetElemSuper)label_StrictSetElemSuper: {
3359 static_assert(
3360 JSOpLength_SetElemSuper == JSOpLength_StrictSetElemSuper,
3361 "setelem-super and strictsetelem-super must be the same size");
3362
3363 HandleValue receiver = REGS(activation.regs()).stackHandleAt(-4);
3364 HandleValue lval = REGS(activation.regs()).stackHandleAt(-2);
3365 MOZ_ASSERT(lval.isObjectOrNull())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(lval.isObjectOrNull())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(lval.isObjectOrNull()))), 0)
)) { do { } while (false); MOZ_ReportAssertionFailure("lval.isObjectOrNull()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3365); AnnotateMozCrashReason("MOZ_ASSERT" "(" "lval.isObjectOrNull()"
")"); do { *((volatile int*)__null) = 3365; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3366 HandleValue value = REGS(activation.regs()).stackHandleAt(-1);
3367
3368 ReservedRooted<JSObject*> obj(&rootObject0);
3369 obj = ToObjectFromStackForPropertyAccess(cx, lval, -2,
3370 REGS(activation.regs()).stackHandleAt(-3));
3371 if (!obj) {
3372 goto error;
3373 }
3374
3375 ReservedRooted<jsid> id(&rootId0);
3376 FETCH_ELEMENT_ID(-3, id)do { if (!ToPropertyKey(cx, (activation.regs()).stackHandleAt
(-3), &(id))) goto error; } while (0);
3377
3378 bool strict = JSOp(*REGS(activation.regs()).pc) == JSOp::StrictSetElemSuper;
3379 if (!SetObjectElementOperation(cx, obj, id, value, receiver, strict)) {
3380 goto error;
3381 }
3382 REGS(activation.regs()).sp[-4] = value;
3383 REGS(activation.regs()).sp -= 3;
3384 }
3385 END_CASE(SetElemSuper)do { (activation.regs()).pc += (JSOpLength_SetElemSuper); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3386
3387 CASE(Eval)label_Eval:
3388 CASE(StrictEval)label_StrictEval: {
3389 static_assert(JSOpLength_Eval == JSOpLength_StrictEval,
3390 "eval and stricteval must be the same size");
3391
3392 CallArgs args = CallArgsFromSp(GET_ARGC(REGS(activation.regs()).pc), REGS(activation.regs()).sp);
3393 if (cx->global()->valueIsEval(args.calleev())) {
3394 if (!DirectEval(cx, args.get(0), args.rval())) {
3395 goto error;
3396 }
3397 } else {
3398 if (!CallFromStack(cx, args, CallReason::Call)) {
3399 goto error;
3400 }
3401 }
3402
3403 REGS(activation.regs()).sp = args.spAfterCall();
3404 }
3405 END_CASE(Eval)do { (activation.regs()).pc += (JSOpLength_Eval); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3406
3407 CASE(SpreadNew)label_SpreadNew:
3408 CASE(SpreadCall)label_SpreadCall:
3409 CASE(SpreadSuperCall)label_SpreadSuperCall: {
3410 if (REGS(activation.regs()).fp()->hasPushedGeckoProfilerFrame()) {
3411 cx->geckoProfiler().updatePC(cx, script, REGS(activation.regs()).pc);
3412 }
3413 /* FALL THROUGH */
3414 }
3415
3416 CASE(SpreadEval)label_SpreadEval:
3417 CASE(StrictSpreadEval)label_StrictSpreadEval: {
3418 static_assert(JSOpLength_SpreadEval == JSOpLength_StrictSpreadEval,
3419 "spreadeval and strictspreadeval must be the same size");
3420 bool construct = JSOp(*REGS(activation.regs()).pc) == JSOp::SpreadNew ||
3421 JSOp(*REGS(activation.regs()).pc) == JSOp::SpreadSuperCall;
3422
3423 MOZ_ASSERT(REGS.stackDepth() >= 3u + construct)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 3u + construct
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).stackDepth() >= 3u + construct
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"(activation.regs()).stackDepth() >= 3u + construct", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3423); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 3u + construct"
")"); do { *((volatile int*)__null) = 3423; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3424
3425 HandleValue callee = REGS(activation.regs()).stackHandleAt(-3 - construct);
3426 HandleValue thisv = REGS(activation.regs()).stackHandleAt(-2 - construct);
3427 HandleValue arr = REGS(activation.regs()).stackHandleAt(-1 - construct);
3428 MutableHandleValue ret = REGS(activation.regs()).stackHandleAt(-3 - construct);
3429
3430 ReservedRooted<Value> newTarget(&rootValue0);
3431 if (construct) {
3432 newTarget = REGS(activation.regs()).sp[-1];
3433 } else {
3434 newTarget = NullValue();
3435 }
3436
3437 if (!SpreadCallOperation(cx, script, REGS(activation.regs()).pc, thisv, callee, arr,
3438 newTarget, ret)) {
3439 goto error;
3440 }
3441
3442 REGS(activation.regs()).sp -= 2 + construct;
3443 }
3444 END_CASE(SpreadCall)do { (activation.regs()).pc += (JSOpLength_SpreadCall); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3445
3446 CASE(New)label_New:
3447 CASE(NewContent)label_NewContent:
3448 CASE(Call)label_Call:
3449 CASE(CallContent)label_CallContent:
3450 CASE(CallIgnoresRv)label_CallIgnoresRv:
3451 CASE(CallIter)label_CallIter:
3452 CASE(CallContentIter)label_CallContentIter:
3453 CASE(SuperCall)label_SuperCall: {
3454 static_assert(JSOpLength_Call == JSOpLength_New,
3455 "call and new must be the same size");
3456 static_assert(JSOpLength_Call == JSOpLength_CallContent,
3457 "call and call-content must be the same size");
3458 static_assert(JSOpLength_Call == JSOpLength_CallIgnoresRv,
3459 "call and call-ignores-rv must be the same size");
3460 static_assert(JSOpLength_Call == JSOpLength_CallIter,
3461 "call and calliter must be the same size");
3462 static_assert(JSOpLength_Call == JSOpLength_CallContentIter,
3463 "call and call-content-iter must be the same size");
3464 static_assert(JSOpLength_Call == JSOpLength_SuperCall,
3465 "call and supercall must be the same size");
3466
3467 if (REGS(activation.regs()).fp()->hasPushedGeckoProfilerFrame()) {
3468 cx->geckoProfiler().updatePC(cx, script, REGS(activation.regs()).pc);
3469 }
3470
3471 JSOp op = JSOp(*REGS(activation.regs()).pc);
3472 MaybeConstruct construct = MaybeConstruct(
3473 op == JSOp::New || op == JSOp::NewContent || op == JSOp::SuperCall);
3474 bool ignoresReturnValue = op == JSOp::CallIgnoresRv;
3475 unsigned argStackSlots = GET_ARGC(REGS(activation.regs()).pc) + construct;
3476
3477 MOZ_ASSERT(REGS.stackDepth() >= 2u + GET_ARGC(REGS.pc))do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2u + GET_ARGC
((activation.regs()).pc))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!((activation.regs()).stackDepth
() >= 2u + GET_ARGC((activation.regs()).pc)))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2u + GET_ARGC((activation.regs()).pc)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3477); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2u + GET_ARGC((activation.regs()).pc)"
")"); do { *((volatile int*)__null) = 3477; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3478 CallArgs args =
3479 CallArgsFromSp(argStackSlots, REGS(activation.regs()).sp, construct, ignoresReturnValue);
3480
3481 JSFunction* maybeFun;
3482 bool isFunction = IsFunctionObject(args.calleev(), &maybeFun);
3483
3484 // Use the slow path if the callee is not an interpreted function, if we
3485 // have to throw an exception, or if we might have to invoke the
3486 // OnNativeCall hook for a self-hosted builtin.
3487 if (!isFunction || !maybeFun->isInterpreted() ||
3488 (construct && !maybeFun->isConstructor()) ||
3489 (!construct && maybeFun->isClassConstructor()) ||
3490 cx->realm()->debuggerObservesNativeCall()) {
3491 if (construct) {
3492 CallReason reason = op == JSOp::NewContent ? CallReason::CallContent
3493 : CallReason::Call;
3494 if (!ConstructFromStack(cx, args, reason)) {
3495 goto error;
3496 }
3497 } else {
3498 if ((op == JSOp::CallIter || op == JSOp::CallContentIter) &&
3499 args.calleev().isPrimitive()) {
3500 MOZ_ASSERT(args.length() == 0, "thisv must be on top of the stack")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.length() == 0)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.length() == 0))), 0))) {
do { } while (false); MOZ_ReportAssertionFailure("args.length() == 0"
" (" "thisv must be on top of the stack" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3500); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.length() == 0"
") (" "thisv must be on top of the stack" ")"); do { *((volatile
int*)__null) = 3500; __attribute__((nomerge)) ::abort(); } while
(false); } } while (false);
3501 ReportValueError(cx, JSMSG_NOT_ITERABLE, -1, args.thisv(), nullptr);
3502 goto error;
3503 }
3504
3505 CallReason reason =
3506 (op == JSOp::CallContent || op == JSOp::CallContentIter)
3507 ? CallReason::CallContent
3508 : CallReason::Call;
3509 if (!CallFromStack(cx, args, reason)) {
3510 goto error;
3511 }
3512 }
3513 Value* newsp = args.spAfterCall();
3514 REGS(activation.regs()).sp = newsp;
3515 ADVANCE_AND_DISPATCH(JSOpLength_Call)do { (activation.regs()).pc += (JSOpLength_Call); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3516 }
3517
3518 {
3519 MOZ_ASSERT(maybeFun)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(maybeFun)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(maybeFun))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("maybeFun", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3519); AnnotateMozCrashReason("MOZ_ASSERT" "(" "maybeFun" ")"
); do { *((volatile int*)__null) = 3519; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3520 ReservedRooted<JSFunction*> fun(&rootFunction0, maybeFun);
3521 ReservedRooted<JSScript*> funScript(
3522 &rootScript0, JSFunction::getOrCreateScript(cx, fun));
3523 if (!funScript) {
3524 goto error;
3525 }
3526
3527 // Enter the callee's realm if this is a cross-realm call. Use
3528 // MakeScopeExit to leave this realm on all error/JIT-return paths
3529 // below.
3530 const bool isCrossRealm = cx->realm() != funScript->realm();
3531 if (isCrossRealm) {
3532 cx->enterRealmOf(funScript);
3533 }
3534 auto leaveRealmGuard =
3535 mozilla::MakeScopeExit([isCrossRealm, cx, &script] {
3536 if (isCrossRealm) {
3537 cx->leaveRealm(script->realm());
3538 }
3539 });
3540
3541 if (construct && !MaybeCreateThisForConstructor(cx, args)) {
3542 goto error;
3543 }
3544
3545 {
3546 InvokeState state(cx, args, construct);
3547
3548 jit::EnterJitStatus status = jit::MaybeEnterJit(cx, state);
3549 switch (status) {
3550 case jit::EnterJitStatus::Error:
3551 goto error;
3552 case jit::EnterJitStatus::Ok:
3553 interpReturnOK = true;
3554 CHECK_BRANCH()do { if (!CheckForInterrupt(cx)) goto error; } while (0);
3555 REGS(activation.regs()).sp = args.spAfterCall();
3556 goto jit_return;
3557 case jit::EnterJitStatus::NotEntered:
3558 break;
3559 }
3560
3561#ifdef NIGHTLY_BUILD1
3562 // If entry trampolines are enabled, call back into
3563 // MaybeEnterInterpreterTrampoline so we can generate an
3564 // entry trampoline for the new frame.
3565 if (jit::JitOptions.emitInterpreterEntryTrampoline) {
3566 if (MaybeEnterInterpreterTrampoline(cx, state)) {
3567 interpReturnOK = true;
3568 CHECK_BRANCH()do { if (!CheckForInterrupt(cx)) goto error; } while (0);
3569 REGS(activation.regs()).sp = args.spAfterCall();
3570 goto jit_return;
3571 }
3572 goto error;
3573 }
3574#endif
3575 }
3576
3577 funScript = fun->nonLazyScript();
3578
3579 if (!activation.pushInlineFrame(args, funScript, construct)) {
3580 goto error;
3581 }
3582 leaveRealmGuard.release(); // We leave the callee's realm when we
3583 // call popInlineFrame.
3584 }
3585
3586 SET_SCRIPT(REGS.fp()->script())do { script = ((activation.regs()).fp()->script()); do { static_assert
( mozilla::detail::AssertionConditionType<decltype(cx->
realm() == script->realm())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(cx->realm() == script->
realm()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("cx->realm() == script->realm()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3586); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->realm() == script->realm()"
")"); do { *((volatile int*)__null) = 3586; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); if (DebugAPI
::hasAnyBreakpointsOrStepMode(script) || script->hasScriptCounts
()) activation.enableInterruptsUnconditionally(); } while (0);
3587
3588 if (!REGS(activation.regs()).fp()->prologue(cx)) {
3589 goto prologue_error;
3590 }
3591
3592 if (!DebugAPI::onEnterFrame(cx, REGS(activation.regs()).fp())) {
3593 goto error;
3594 }
3595
3596 // Increment the coverage for the main entry point.
3597 INIT_COVERAGE()do { if (!script->hasScriptCounts()) { if (cx->realm()->
collectCoverageForDebug()) { if (!script->initScriptCounts
(cx)) goto error; } } } while (0);
3598 COUNT_COVERAGE_MAIN()do { jsbytecode* main = script->main(); if (!BytecodeIsJumpTarget
(JSOp(*main))) do { if (script->hasScriptCounts()) { PCCounts
* counts = script->maybeGetPCCounts(main); do { static_assert
( mozilla::detail::AssertionConditionType<decltype(counts)
>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(counts))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3598); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 3598; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0); } while (0);
3599
3600 /* Load first op and dispatch it (safe since JSOp::RetRval). */
3601 ADVANCE_AND_DISPATCH(0)do { (activation.regs()).pc += (0); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0);
3602 }
3603
3604 CASE(OptimizeSpreadCall)label_OptimizeSpreadCall: {
3605 ReservedRooted<Value> val(&rootValue0, REGS(activation.regs()).sp[-1]);
3606 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
3607
3608 if (!OptimizeSpreadCall(cx, val, rval)) {
3609 goto error;
3610 }
3611 }
3612 END_CASE(OptimizeSpreadCall)do { (activation.regs()).pc += (JSOpLength_OptimizeSpreadCall
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3613
3614 CASE(ThrowMsg)label_ThrowMsg: {
3615 MOZ_ALWAYS_FALSE(ThrowMsgOperation(cx, GET_UINT8(REGS.pc)))do { if ((__builtin_expect(!!(!(ThrowMsgOperation(cx, GET_UINT8
((activation.regs()).pc)))), 1))) { } else { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(false)>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(false))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("false" " (" "!(ThrowMsgOperation(cx, GET_UINT8((activation.regs()).pc)))"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3615); AnnotateMozCrashReason("MOZ_DIAGNOSTIC_ASSERT" "(" "false"
") (" "!(ThrowMsgOperation(cx, GET_UINT8((activation.regs()).pc)))"
")"); do { *((volatile int*)__null) = 3615; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
3616 goto error;
3617 }
3618 END_CASE(ThrowMsg)do { (activation.regs()).pc += (JSOpLength_ThrowMsg); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3619
3620 CASE(ImplicitThis)label_ImplicitThis: {
3621 Value thisv = ComputeImplicitThis(&REGS(activation.regs()).sp[-1].toObject());
3622 REGS(activation.regs()).sp[-1] = thisv;
3623 }
3624 END_CASE(ImplicitThis)do { (activation.regs()).pc += (JSOpLength_ImplicitThis); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3625
3626 CASE(GetGName)label_GetGName: {
3627 ReservedRooted<Value> rval(&rootValue0);
3628 ReservedRooted<JSObject*> env(&rootObject0,
3629 &cx->global()->lexicalEnvironment());
3630 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
3631 MOZ_ASSERT(!script->hasNonSyntacticScope())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!script->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!script->hasNonSyntacticScope
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!script->hasNonSyntacticScope()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3631); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!script->hasNonSyntacticScope()"
")"); do { *((volatile int*)__null) = 3631; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3632 if (!GetNameOperation(cx, env, name, JSOp(REGS(activation.regs()).pc[JSOpLength_GetGName]),
3633 &rval)) {
3634 goto error;
3635 }
3636
3637 PUSH_COPY(rval)do { *(activation.regs()).sp++ = (rval); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3638 }
3639 END_CASE(GetGName)do { (activation.regs()).pc += (JSOpLength_GetGName); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3640
3641 CASE(GetName)label_GetName: {
3642 ReservedRooted<Value> rval(&rootValue0);
3643 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
3644 if (!GetNameOperation(cx, REGS(activation.regs()).fp()->environmentChain(), name,
3645 JSOp(REGS(activation.regs()).pc[JSOpLength_GetName]), &rval)) {
3646 goto error;
3647 }
3648
3649 PUSH_COPY(rval)do { *(activation.regs()).sp++ = (rval); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3650 }
3651 END_CASE(GetName)do { (activation.regs()).pc += (JSOpLength_GetName); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3652
3653 CASE(GetImport)label_GetImport: {
3654 PUSH_NULL()(activation.regs()).sp++->setNull();
3655 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
3656 HandleObject envChain = REGS(activation.regs()).fp()->environmentChain();
3657 if (!GetImportOperation(cx, envChain, script, REGS(activation.regs()).pc, rval)) {
3658 goto error;
3659 }
3660 }
3661 END_CASE(GetImport)do { (activation.regs()).pc += (JSOpLength_GetImport); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3662
3663 CASE(GetIntrinsic)label_GetIntrinsic: {
3664 ReservedRooted<Value> rval(&rootValue0);
3665 if (!GetIntrinsicOperation(cx, script, REGS(activation.regs()).pc, &rval)) {
3666 goto error;
3667 }
3668
3669 PUSH_COPY(rval)do { *(activation.regs()).sp++ = (rval); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3670 }
3671 END_CASE(GetIntrinsic)do { (activation.regs()).pc += (JSOpLength_GetIntrinsic); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3672
3673 CASE(Uint16)label_Uint16: { PUSH_INT32((int32_t)GET_UINT16(REGS.pc))(activation.regs()).sp++->setInt32((int32_t)GET_UINT16((activation
.regs()).pc)); }
3674 END_CASE(Uint16)do { (activation.regs()).pc += (JSOpLength_Uint16); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3675
3676 CASE(Uint24)label_Uint24: { PUSH_INT32((int32_t)GET_UINT24(REGS.pc))(activation.regs()).sp++->setInt32((int32_t)GET_UINT24((activation
.regs()).pc)); }
3677 END_CASE(Uint24)do { (activation.regs()).pc += (JSOpLength_Uint24); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3678
3679 CASE(Int8)label_Int8: { PUSH_INT32(GET_INT8(REGS.pc))(activation.regs()).sp++->setInt32(GET_INT8((activation.regs
()).pc)); }
3680 END_CASE(Int8)do { (activation.regs()).pc += (JSOpLength_Int8); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3681
3682 CASE(Int32)label_Int32: { PUSH_INT32(GET_INT32(REGS.pc))(activation.regs()).sp++->setInt32(GET_INT32((activation.regs
()).pc)); }
3683 END_CASE(Int32)do { (activation.regs()).pc += (JSOpLength_Int32); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3684
3685 CASE(Double)label_Double: { PUSH_COPY(GET_INLINE_VALUE(REGS.pc))do { *(activation.regs()).sp++ = (GET_INLINE_VALUE((activation
.regs()).pc)); cx->debugOnlyCheck((activation.regs()).sp[-
1]); } while (0); }
3686 END_CASE(Double)do { (activation.regs()).pc += (JSOpLength_Double); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3687
3688 CASE(String)label_String: { PUSH_STRING(script->getString(REGS.pc))do { (activation.regs()).sp++->setString(script->getString
((activation.regs()).pc)); cx->debugOnlyCheck((activation.
regs()).sp[-1]); } while (0); }
3689 END_CASE(String)do { (activation.regs()).pc += (JSOpLength_String); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3690
3691 CASE(ToString)label_ToString: {
3692 MutableHandleValue oper = REGS(activation.regs()).stackHandleAt(-1);
3693
3694 if (!oper.isString()) {
3695 JSString* operString = ToString<CanGC>(cx, oper);
3696 if (!operString) {
3697 goto error;
3698 }
3699 oper.setString(operString);
3700 }
3701 }
3702 END_CASE(ToString)do { (activation.regs()).pc += (JSOpLength_ToString); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3703
3704 CASE(Symbol)label_Symbol: {
3705 PUSH_SYMBOL(cx->wellKnownSymbols().get(GET_UINT8(REGS.pc)))(activation.regs()).sp++->setSymbol(cx->wellKnownSymbols
().get(GET_UINT8((activation.regs()).pc)));
3706 }
3707 END_CASE(Symbol)do { (activation.regs()).pc += (JSOpLength_Symbol); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3708
3709 CASE(Object)label_Object: {
3710 MOZ_ASSERT(script->treatAsRunOnce())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(script->treatAsRunOnce())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(script->treatAsRunOnce())
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("script->treatAsRunOnce()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3710); AnnotateMozCrashReason("MOZ_ASSERT" "(" "script->treatAsRunOnce()"
")"); do { *((volatile int*)__null) = 3710; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3711 PUSH_OBJECT(*script->getObject(REGS.pc))do { (activation.regs()).sp++->setObject(*script->getObject
((activation.regs()).pc)); cx->debugOnlyCheck((activation.
regs()).sp[-1]); } while (0);
3712 }
3713 END_CASE(Object)do { (activation.regs()).pc += (JSOpLength_Object); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3714
3715 CASE(CallSiteObj)label_CallSiteObj: {
3716 JSObject* cso = script->getObject(REGS(activation.regs()).pc);
3717 MOZ_ASSERT(!cso->as<ArrayObject>().isExtensible())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!cso->as<ArrayObject>().isExtensible())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(!cso->as<ArrayObject>().isExtensible()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("!cso->as<ArrayObject>().isExtensible()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3717); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cso->as<ArrayObject>().isExtensible()"
")"); do { *((volatile int*)__null) = 3717; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3718 MOZ_ASSERT(cso->as<ArrayObject>().containsPure(cx->names().raw))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cso->as<ArrayObject>().containsPure(cx->
names().raw))>::isValid, "invalid assertion condition"); if
((__builtin_expect(!!(!(!!(cso->as<ArrayObject>().containsPure
(cx->names().raw)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("cso->as<ArrayObject>().containsPure(cx->names().raw)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3718); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cso->as<ArrayObject>().containsPure(cx->names().raw)"
")"); do { *((volatile int*)__null) = 3718; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3719 PUSH_OBJECT(*cso)do { (activation.regs()).sp++->setObject(*cso); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3720 }
3721 END_CASE(CallSiteObj)do { (activation.regs()).pc += (JSOpLength_CallSiteObj); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3722
3723 CASE(RegExp)label_RegExp: {
3724 /*
3725 * Push a regexp object cloned from the regexp literal object mapped by
3726 * the bytecode at pc.
3727 */
3728 ReservedRooted<JSObject*> re(&rootObject0, script->getRegExp(REGS(activation.regs()).pc));
3729 JSObject* obj = CloneRegExpObject(cx, re.as<RegExpObject>());
3730 if (!obj) {
3731 goto error;
3732 }
3733 PUSH_OBJECT(*obj)do { (activation.regs()).sp++->setObject(*obj); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3734 }
3735 END_CASE(RegExp)do { (activation.regs()).pc += (JSOpLength_RegExp); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3736
3737 CASE(Zero)label_Zero: { PUSH_INT32(0)(activation.regs()).sp++->setInt32(0); }
3738 END_CASE(Zero)do { (activation.regs()).pc += (JSOpLength_Zero); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3739
3740 CASE(One)label_One: { PUSH_INT32(1)(activation.regs()).sp++->setInt32(1); }
3741 END_CASE(One)do { (activation.regs()).pc += (JSOpLength_One); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3742
3743 CASE(Null)label_Null: { PUSH_NULL()(activation.regs()).sp++->setNull(); }
3744 END_CASE(Null)do { (activation.regs()).pc += (JSOpLength_Null); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3745
3746 CASE(False)label_False: { PUSH_BOOLEAN(false)(activation.regs()).sp++->setBoolean(false); }
3747 END_CASE(False)do { (activation.regs()).pc += (JSOpLength_False); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3748
3749 CASE(True)label_True: { PUSH_BOOLEAN(true)(activation.regs()).sp++->setBoolean(true); }
3750 END_CASE(True)do { (activation.regs()).pc += (JSOpLength_True); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3751
3752 CASE(TableSwitch)label_TableSwitch: {
3753 jsbytecode* pc2 = REGS(activation.regs()).pc;
3754 int32_t len = GET_JUMP_OFFSET(pc2);
3755
3756 /*
3757 * ECMAv2+ forbids conversion of discriminant, so we will skip to the
3758 * default case if the discriminant isn't already an int jsval. (This
3759 * opcode is emitted only for dense int-domain switches.)
3760 */
3761 const Value& rref = *--REGS(activation.regs()).sp;
3762 int32_t i;
3763 if (rref.isInt32()) {
3764 i = rref.toInt32();
3765 } else {
3766 /* Use mozilla::NumberEqualsInt32 to treat -0 (double) as 0. */
3767 if (!rref.isDouble() || !NumberEqualsInt32(rref.toDouble(), &i)) {
3768 ADVANCE_AND_DISPATCH(len)do { (activation.regs()).pc += (len); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0);
3769 }
3770 }
3771
3772 pc2 += JUMP_OFFSET_LEN;
3773 int32_t low = GET_JUMP_OFFSET(pc2);
3774 pc2 += JUMP_OFFSET_LEN;
3775 int32_t high = GET_JUMP_OFFSET(pc2);
3776
3777 i = uint32_t(i) - uint32_t(low);
3778 if (uint32_t(i) < uint32_t(high - low + 1)) {
3779 len = script->tableSwitchCaseOffset(REGS(activation.regs()).pc, uint32_t(i)) -
3780 script->pcToOffset(REGS(activation.regs()).pc);
3781 }
3782 ADVANCE_AND_DISPATCH(len)do { (activation.regs()).pc += (len); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0);
3783 }
3784
3785 CASE(Arguments)label_Arguments: {
3786 MOZ_ASSERT(script->needsArgsObj())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(script->needsArgsObj())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(script->needsArgsObj())))
, 0))) { do { } while (false); MOZ_ReportAssertionFailure("script->needsArgsObj()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3786); AnnotateMozCrashReason("MOZ_ASSERT" "(" "script->needsArgsObj()"
")"); do { *((volatile int*)__null) = 3786; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3787 ArgumentsObject* obj = ArgumentsObject::createExpected(cx, REGS(activation.regs()).fp());
3788 if (!obj) {
3789 goto error;
3790 }
3791 PUSH_COPY(ObjectValue(*obj))do { *(activation.regs()).sp++ = (ObjectValue(*obj)); cx->
debugOnlyCheck((activation.regs()).sp[-1]); } while (0);
3792 }
3793 END_CASE(Arguments)do { (activation.regs()).pc += (JSOpLength_Arguments); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3794
3795 CASE(Rest)label_Rest: {
3796 ReservedRooted<JSObject*> rest(&rootObject0,
3797 REGS(activation.regs()).fp()->createRestParameter(cx));
3798 if (!rest) {
3799 goto error;
3800 }
3801 PUSH_COPY(ObjectValue(*rest))do { *(activation.regs()).sp++ = (ObjectValue(*rest)); cx->
debugOnlyCheck((activation.regs()).sp[-1]); } while (0);
3802 }
3803 END_CASE(Rest)do { (activation.regs()).pc += (JSOpLength_Rest); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3804
3805 CASE(GetAliasedVar)label_GetAliasedVar: {
3806 EnvironmentCoordinate ec = EnvironmentCoordinate(REGS(activation.regs()).pc);
3807 ReservedRooted<Value> val(
3808 &rootValue0, REGS(activation.regs()).fp()->aliasedEnvironment(ec).aliasedBinding(ec));
3809
3810 ASSERT_UNINITIALIZED_ALIASED_LEXICAL(val)do { if (IsUninitializedLexical(val)) { JSOp next = JSOp(*GetNextPc
((activation.regs()).pc)); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(next == JSOp::CheckThis ||
next == JSOp::CheckReturn || next == JSOp::CheckThisReinit ||
next == JSOp::CheckAliasedLexical)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(next == JSOp::CheckThis || next
== JSOp::CheckReturn || next == JSOp::CheckThisReinit || next
== JSOp::CheckAliasedLexical))), 0))) { do { } while (false)
; MOZ_ReportAssertionFailure("next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3810); AnnotateMozCrashReason("MOZ_ASSERT" "(" "next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
")"); do { *((volatile int*)__null) = 3810; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
0);
3811
3812 PUSH_COPY(val)do { *(activation.regs()).sp++ = (val); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3813 }
3814 END_CASE(GetAliasedVar)do { (activation.regs()).pc += (JSOpLength_GetAliasedVar); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3815
3816 CASE(GetAliasedDebugVar)label_GetAliasedDebugVar: {
3817 EnvironmentCoordinate ec = EnvironmentCoordinate(REGS(activation.regs()).pc);
3818 ReservedRooted<Value> val(
3819 &rootValue0,
3820 REGS(activation.regs()).fp()->aliasedEnvironmentMaybeDebug(ec).aliasedBinding(ec));
3821
3822 ASSERT_UNINITIALIZED_ALIASED_LEXICAL(val)do { if (IsUninitializedLexical(val)) { JSOp next = JSOp(*GetNextPc
((activation.regs()).pc)); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(next == JSOp::CheckThis ||
next == JSOp::CheckReturn || next == JSOp::CheckThisReinit ||
next == JSOp::CheckAliasedLexical)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(next == JSOp::CheckThis || next
== JSOp::CheckReturn || next == JSOp::CheckThisReinit || next
== JSOp::CheckAliasedLexical))), 0))) { do { } while (false)
; MOZ_ReportAssertionFailure("next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3822); AnnotateMozCrashReason("MOZ_ASSERT" "(" "next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
")"); do { *((volatile int*)__null) = 3822; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
0);
3823
3824 PUSH_COPY(val)do { *(activation.regs()).sp++ = (val); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3825 }
3826 END_CASE(GetAliasedVar)do { (activation.regs()).pc += (JSOpLength_GetAliasedVar); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3827
3828 CASE(SetAliasedVar)label_SetAliasedVar: {
3829 EnvironmentCoordinate ec = EnvironmentCoordinate(REGS(activation.regs()).pc);
3830 EnvironmentObject& obj = REGS(activation.regs()).fp()->aliasedEnvironment(ec);
3831 MOZ_ASSERT(!IsUninitializedLexical(obj.aliasedBinding(ec)))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!IsUninitializedLexical(obj.aliasedBinding(ec)))>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(!IsUninitializedLexical(obj.aliasedBinding(ec))))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("!IsUninitializedLexical(obj.aliasedBinding(ec))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3831); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!IsUninitializedLexical(obj.aliasedBinding(ec))"
")"); do { *((volatile int*)__null) = 3831; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3832 obj.setAliasedBinding(ec, REGS(activation.regs()).sp[-1]);
3833 }
3834 END_CASE(SetAliasedVar)do { (activation.regs()).pc += (JSOpLength_SetAliasedVar); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3835
3836 CASE(ThrowSetConst)label_ThrowSetConst: {
3837 ReportRuntimeLexicalError(cx, JSMSG_BAD_CONST_ASSIGN, script, REGS(activation.regs()).pc);
3838 goto error;
3839 }
3840 END_CASE(ThrowSetConst)do { (activation.regs()).pc += (JSOpLength_ThrowSetConst); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3841
3842 CASE(CheckLexical)label_CheckLexical: {
3843 if (REGS(activation.regs()).sp[-1].isMagic(JS_UNINITIALIZED_LEXICAL)) {
3844 ReportRuntimeLexicalError(cx, JSMSG_UNINITIALIZED_LEXICAL, script,
3845 REGS(activation.regs()).pc);
3846 goto error;
3847 }
3848 }
3849 END_CASE(CheckLexical)do { (activation.regs()).pc += (JSOpLength_CheckLexical); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3850
3851 CASE(CheckAliasedLexical)label_CheckAliasedLexical: {
3852 if (REGS(activation.regs()).sp[-1].isMagic(JS_UNINITIALIZED_LEXICAL)) {
3853 ReportRuntimeLexicalError(cx, JSMSG_UNINITIALIZED_LEXICAL, script,
3854 REGS(activation.regs()).pc);
3855 goto error;
3856 }
3857 }
3858 END_CASE(CheckAliasedLexical)do { (activation.regs()).pc += (JSOpLength_CheckAliasedLexical
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3859
3860 CASE(InitLexical)label_InitLexical: {
3861 uint32_t i = GET_LOCALNO(REGS(activation.regs()).pc);
3862 REGS(activation.regs()).fp()->unaliasedLocal(i) = REGS(activation.regs()).sp[-1];
3863 }
3864 END_CASE(InitLexical)do { (activation.regs()).pc += (JSOpLength_InitLexical); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3865
3866 CASE(InitAliasedLexical)label_InitAliasedLexical: {
3867 EnvironmentCoordinate ec = EnvironmentCoordinate(REGS(activation.regs()).pc);
3868 EnvironmentObject& obj = REGS(activation.regs()).fp()->aliasedEnvironment(ec);
3869 obj.setAliasedBinding(ec, REGS(activation.regs()).sp[-1]);
3870 }
3871 END_CASE(InitAliasedLexical)do { (activation.regs()).pc += (JSOpLength_InitAliasedLexical
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3872
3873 CASE(InitGLexical)label_InitGLexical: {
3874 ExtensibleLexicalEnvironmentObject* lexicalEnv;
3875 if (script->hasNonSyntacticScope()) {
3876 lexicalEnv = &REGS(activation.regs()).fp()->extensibleLexicalEnvironment();
3877 } else {
3878 lexicalEnv = &cx->global()->lexicalEnvironment();
3879 }
3880 HandleValue value = REGS(activation.regs()).stackHandleAt(-1);
3881 InitGlobalLexicalOperation(cx, lexicalEnv, script, REGS(activation.regs()).pc, value);
3882 }
3883 END_CASE(InitGLexical)do { (activation.regs()).pc += (JSOpLength_InitGLexical); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3884
3885 CASE(Uninitialized)label_Uninitialized: { PUSH_MAGIC(JS_UNINITIALIZED_LEXICAL)(activation.regs()).sp++->setMagic(JS_UNINITIALIZED_LEXICAL
); }
3886 END_CASE(Uninitialized)do { (activation.regs()).pc += (JSOpLength_Uninitialized); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3887
3888 CASE(GetArg)label_GetArg: {
3889 unsigned i = GET_ARGNO(REGS(activation.regs()).pc);
3890 if (script->argsObjAliasesFormals()) {
3891 PUSH_COPY(REGS.fp()->argsObj().arg(i))do { *(activation.regs()).sp++ = ((activation.regs()).fp()->
argsObj().arg(i)); cx->debugOnlyCheck((activation.regs()).
sp[-1]); } while (0);
3892 } else {
3893 PUSH_COPY(REGS.fp()->unaliasedFormal(i))do { *(activation.regs()).sp++ = ((activation.regs()).fp()->
unaliasedFormal(i)); cx->debugOnlyCheck((activation.regs()
).sp[-1]); } while (0);
3894 }
3895 }
3896 END_CASE(GetArg)do { (activation.regs()).pc += (JSOpLength_GetArg); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3897
3898 CASE(GetFrameArg)label_GetFrameArg: {
3899 uint32_t i = GET_ARGNO(REGS(activation.regs()).pc);
3900 PUSH_COPY(REGS.fp()->unaliasedFormal(i, DONT_CHECK_ALIASING))do { *(activation.regs()).sp++ = ((activation.regs()).fp()->
unaliasedFormal(i, DONT_CHECK_ALIASING)); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3901 }
3902 END_CASE(GetFrameArg)do { (activation.regs()).pc += (JSOpLength_GetFrameArg); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3903
3904 CASE(SetArg)label_SetArg: {
3905 unsigned i = GET_ARGNO(REGS(activation.regs()).pc);
3906 if (script->argsObjAliasesFormals()) {
3907 REGS(activation.regs()).fp()->argsObj().setArg(i, REGS(activation.regs()).sp[-1]);
3908 } else {
3909 REGS(activation.regs()).fp()->unaliasedFormal(i) = REGS(activation.regs()).sp[-1];
3910 }
3911 }
3912 END_CASE(SetArg)do { (activation.regs()).pc += (JSOpLength_SetArg); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3913
3914 CASE(GetLocal)label_GetLocal: {
3915 uint32_t i = GET_LOCALNO(REGS(activation.regs()).pc);
3916 PUSH_COPY_SKIP_CHECK(REGS.fp()->unaliasedLocal(i))*(activation.regs()).sp++ = ((activation.regs()).fp()->unaliasedLocal
(i));
3917
3918#ifdef DEBUG1
3919 if (IsUninitializedLexical(REGS(activation.regs()).sp[-1])) {
3920 JSOp next = JSOp(*GetNextPc(REGS(activation.regs()).pc));
3921 MOZ_ASSERT(next == JSOp::CheckThis || next == JSOp::CheckReturn ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckLexical
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckLexical
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckLexical"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3922); AnnotateMozCrashReason("MOZ_ASSERT" "(" "next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckLexical"
")"); do { *((volatile int*)__null) = 3922; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
3922 next == JSOp::CheckThisReinit || next == JSOp::CheckLexical)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckLexical
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckLexical
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckLexical"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3922); AnnotateMozCrashReason("MOZ_ASSERT" "(" "next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckLexical"
")"); do { *((volatile int*)__null) = 3922; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3923 }
3924
3925 /*
3926 * Skip the same-compartment assertion if the local will be immediately
3927 * popped. We do not guarantee sync for dead locals when coming in from
3928 * the method JIT, and a GetLocal followed by Pop is not considered to
3929 * be a use of the variable.
3930 */
3931 if (JSOp(REGS(activation.regs()).pc[JSOpLength_GetLocal]) != JSOp::Pop) {
3932 cx->debugOnlyCheck(REGS(activation.regs()).sp[-1]);
3933 }
3934#endif
3935 }
3936 END_CASE(GetLocal)do { (activation.regs()).pc += (JSOpLength_GetLocal); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3937
3938 CASE(SetLocal)label_SetLocal: {
3939 uint32_t i = GET_LOCALNO(REGS(activation.regs()).pc);
3940
3941 MOZ_ASSERT(!IsUninitializedLexical(REGS.fp()->unaliasedLocal(i)))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!IsUninitializedLexical((activation.regs()).fp()->
unaliasedLocal(i)))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!IsUninitializedLexical((activation
.regs()).fp()->unaliasedLocal(i))))), 0))) { do { } while (
false); MOZ_ReportAssertionFailure("!IsUninitializedLexical((activation.regs()).fp()->unaliasedLocal(i))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3941); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!IsUninitializedLexical((activation.regs()).fp()->unaliasedLocal(i))"
")"); do { *((volatile int*)__null) = 3941; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3942
3943 REGS(activation.regs()).fp()->unaliasedLocal(i) = REGS(activation.regs()).sp[-1];
3944 }
3945 END_CASE(SetLocal)do { (activation.regs()).pc += (JSOpLength_SetLocal); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3946
3947 CASE(ArgumentsLength)label_ArgumentsLength: {
3948 MOZ_ASSERT(!script->needsArgsObj())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!script->needsArgsObj())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!script->needsArgsObj()))
), 0))) { do { } while (false); MOZ_ReportAssertionFailure("!script->needsArgsObj()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3948); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!script->needsArgsObj()"
")"); do { *((volatile int*)__null) = 3948; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3949 PUSH_INT32(REGS.fp()->numActualArgs())(activation.regs()).sp++->setInt32((activation.regs()).fp(
)->numActualArgs());
3950 }
3951 END_CASE(ArgumentsLength)do { (activation.regs()).pc += (JSOpLength_ArgumentsLength); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3952
3953 CASE(GetActualArg)label_GetActualArg: {
3954 MOZ_ASSERT(!script->needsArgsObj())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!script->needsArgsObj())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!script->needsArgsObj()))
), 0))) { do { } while (false); MOZ_ReportAssertionFailure("!script->needsArgsObj()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3954); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!script->needsArgsObj()"
")"); do { *((volatile int*)__null) = 3954; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3955 uint32_t index = REGS(activation.regs()).sp[-1].toInt32();
3956 REGS(activation.regs()).sp[-1] = REGS(activation.regs()).fp()->unaliasedActual(index);
3957 }
3958 END_CASE(GetActualArg)do { (activation.regs()).pc += (JSOpLength_GetActualArg); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3959
3960 CASE(GlobalOrEvalDeclInstantiation)label_GlobalOrEvalDeclInstantiation: {
3961 GCThingIndex lastFun = GET_GCTHING_INDEX(REGS(activation.regs()).pc);
3962 HandleObject env = REGS(activation.regs()).fp()->environmentChain();
3963 if (!GlobalOrEvalDeclInstantiation(cx, env, script, lastFun)) {
3964 goto error;
3965 }
3966 }
3967 END_CASE(GlobalOrEvalDeclInstantiation)do { (activation.regs()).pc += (JSOpLength_GlobalOrEvalDeclInstantiation
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3968
3969 CASE(Lambda)label_Lambda: {
3970 /* Load the specified function object literal. */
3971 ReservedRooted<JSFunction*> fun(&rootFunction0,
3972 script->getFunction(REGS(activation.regs()).pc));
3973 JSObject* obj = Lambda(cx, fun, REGS(activation.regs()).fp()->environmentChain());
3974 if (!obj) {
3975 goto error;
3976 }
3977
3978 MOZ_ASSERT(obj->staticPrototype())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(obj->staticPrototype())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(obj->staticPrototype())))
, 0))) { do { } while (false); MOZ_ReportAssertionFailure("obj->staticPrototype()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3978); AnnotateMozCrashReason("MOZ_ASSERT" "(" "obj->staticPrototype()"
")"); do { *((volatile int*)__null) = 3978; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3979 PUSH_OBJECT(*obj)do { (activation.regs()).sp++->setObject(*obj); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3980 }
3981 END_CASE(Lambda)do { (activation.regs()).pc += (JSOpLength_Lambda); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3982
3983 CASE(ToAsyncIter)label_ToAsyncIter: {
3984 ReservedRooted<Value> nextMethod(&rootValue0, REGS(activation.regs()).sp[-1]);
3985 ReservedRooted<JSObject*> iter(&rootObject1, &REGS(activation.regs()).sp[-2].toObject());
3986 JSObject* asyncIter = CreateAsyncFromSyncIterator(cx, iter, nextMethod);
3987 if (!asyncIter) {
3988 goto error;
3989 }
3990
3991 REGS(activation.regs()).sp--;
3992 REGS(activation.regs()).sp[-1].setObject(*asyncIter);
3993 }
3994 END_CASE(ToAsyncIter)do { (activation.regs()).pc += (JSOpLength_ToAsyncIter); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3995
3996 CASE(CanSkipAwait)label_CanSkipAwait: {
3997 ReservedRooted<Value> val(&rootValue0, REGS(activation.regs()).sp[-1]);
3998 bool canSkip;
3999 if (!CanSkipAwait(cx, val, &canSkip)) {
4000 goto error;
4001 }
4002
4003 PUSH_BOOLEAN(canSkip)(activation.regs()).sp++->setBoolean(canSkip);
4004 }
4005 END_CASE(CanSkipAwait)do { (activation.regs()).pc += (JSOpLength_CanSkipAwait); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4006
4007 CASE(MaybeExtractAwaitValue)label_MaybeExtractAwaitValue: {
4008 MutableHandleValue val = REGS(activation.regs()).stackHandleAt(-2);
4009 ReservedRooted<Value> canSkip(&rootValue0, REGS(activation.regs()).sp[-1]);
4010
4011 if (canSkip.toBoolean()) {
4012 if (!ExtractAwaitValue(cx, val, val)) {
4013 goto error;
4014 }
4015 }
4016 }
4017 END_CASE(MaybeExtractAwaitValue)do { (activation.regs()).pc += (JSOpLength_MaybeExtractAwaitValue
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4018
4019 CASE(AsyncAwait)label_AsyncAwait: {
4020 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4020); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 4020; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4021 ReservedRooted<JSObject*> gen(&rootObject1, &REGS(activation.regs()).sp[-1].toObject());
4022 ReservedRooted<Value> value(&rootValue0, REGS(activation.regs()).sp[-2]);
4023 JSObject* promise =
4024 AsyncFunctionAwait(cx, gen.as<AsyncFunctionGeneratorObject>(), value);
4025 if (!promise) {
4026 goto error;
4027 }
4028
4029 REGS(activation.regs()).sp--;
4030 REGS(activation.regs()).sp[-1].setObject(*promise);
4031 }
4032 END_CASE(AsyncAwait)do { (activation.regs()).pc += (JSOpLength_AsyncAwait); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4033
4034 CASE(AsyncResolve)label_AsyncResolve: {
4035 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4035); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 4035; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4036 ReservedRooted<JSObject*> gen(&rootObject1, &REGS(activation.regs()).sp[-1].toObject());
4037 ReservedRooted<Value> value(&rootValue0, REGS(activation.regs()).sp[-2]);
4038 JSObject* promise = AsyncFunctionResolve(
4039 cx, gen.as<AsyncFunctionGeneratorObject>(), value);
4040 if (!promise) {
4041 goto error;
4042 }
4043
4044 REGS(activation.regs()).sp--;
4045 REGS(activation.regs()).sp[-1].setObject(*promise);
4046 }
4047 END_CASE(AsyncResolve)do { (activation.regs()).pc += (JSOpLength_AsyncResolve); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4048
4049 CASE(AsyncReject)label_AsyncReject: {
4050 MOZ_ASSERT(REGS.stackDepth() >= 3)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 3)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 3))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 3"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4050); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 3"
")"); do { *((volatile int*)__null) = 4050; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4051 ReservedRooted<JSObject*> gen(&rootObject1, &REGS(activation.regs()).sp[-1].toObject());
4052 ReservedRooted<Value> stack(&rootValue0, REGS(activation.regs()).sp[-2]);
4053 ReservedRooted<Value> reason(&rootValue1, REGS(activation.regs()).sp[-3]);
4054 JSObject* promise = AsyncFunctionReject(
4055 cx, gen.as<AsyncFunctionGeneratorObject>(), reason, stack);
4056 if (!promise) {
4057 goto error;
4058 }
4059
4060 REGS(activation.regs()).sp -= 2;
4061 REGS(activation.regs()).sp[-1].setObject(*promise);
4062 }
4063 END_CASE(AsyncReject)do { (activation.regs()).pc += (JSOpLength_AsyncReject); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4064
4065 CASE(SetFunName)label_SetFunName: {
4066 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4066); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 4066; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4067 FunctionPrefixKind prefixKind = FunctionPrefixKind(GET_UINT8(REGS(activation.regs()).pc));
4068 ReservedRooted<Value> name(&rootValue0, REGS(activation.regs()).sp[-1]);
4069 ReservedRooted<JSFunction*> fun(&rootFunction0,
4070 &REGS(activation.regs()).sp[-2].toObject().as<JSFunction>());
4071 if (!SetFunctionName(cx, fun, name, prefixKind)) {
4072 goto error;
4073 }
4074
4075 REGS(activation.regs()).sp--;
4076 }
4077 END_CASE(SetFunName)do { (activation.regs()).pc += (JSOpLength_SetFunName); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4078
4079 CASE(Callee)label_Callee: {
4080 MOZ_ASSERT(REGS.fp()->isFunctionFrame())do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).fp()->isFunctionFrame())>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isFunctionFrame()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isFunctionFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4080); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isFunctionFrame()"
")"); do { *((volatile int*)__null) = 4080; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4081 PUSH_COPY(REGS.fp()->calleev())do { *(activation.regs()).sp++ = ((activation.regs()).fp()->
calleev()); cx->debugOnlyCheck((activation.regs()).sp[-1])
; } while (0);
4082 }
4083 END_CASE(Callee)do { (activation.regs()).pc += (JSOpLength_Callee); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
4084
4085 CASE(InitPropGetter)label_InitPropGetter:
4086 CASE(InitHiddenPropGetter)label_InitHiddenPropGetter:
4087 CASE(InitPropSetter)label_InitPropSetter:
4088 CASE(InitHiddenPropSetter)label_InitHiddenPropSetter: {
4089 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4089); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 4089; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4090
4091 ReservedRooted<JSObject*> obj(&rootObject0, &REGS(activation.regs()).sp[-2].toObject());
4092 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
4093 ReservedRooted<JSObject*> val(&rootObject1, &REGS(activation.regs()).sp[-1].toObject());
4094
4095 if (!InitPropGetterSetterOperation(cx, REGS(activation.regs()).pc, obj, name, val)) {
4096 goto error;
4097 }
4098
4099 REGS(activation.regs()).sp--;
4100 }
4101 END_CASE(InitPropGetter)do { (activation.regs()).pc += (JSOpLength_InitPropGetter); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4102
4103 CASE(InitElemGetter)label_InitElemGetter:
4104 CASE(InitHiddenElemGetter)label_InitHiddenElemGetter:
4105 CASE(InitElemSetter)label_InitElemSetter:
4106 CASE(InitHiddenElemSetter)label_InitHiddenElemSetter: {
4107 MOZ_ASSERT(REGS.stackDepth() >= 3)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 3)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 3))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 3"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4107); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 3"
")"); do { *((volatile int*)__null) = 4107; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4108
4109 ReservedRooted<JSObject*> obj(&rootObject0, &REGS(activation.regs()).sp[-3].toObject());
4110 ReservedRooted<Value> idval(&rootValue0, REGS(activation.regs()).sp[-2]);
4111 ReservedRooted<JSObject*> val(&rootObject1, &REGS(activation.regs()).sp[-1].toObject());
4112
4113 if (!InitElemGetterSetterOperation(cx, REGS(activation.regs()).pc, obj, idval, val)) {
4114 goto error;
4115 }
4116
4117 REGS(activation.regs()).sp -= 2;
4118 }
4119 END_CASE(InitElemGetter)do { (activation.regs()).pc += (JSOpLength_InitElemGetter); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4120
4121 CASE(Hole)label_Hole: { PUSH_MAGIC(JS_ELEMENTS_HOLE)(activation.regs()).sp++->setMagic(JS_ELEMENTS_HOLE); }
4122 END_CASE(Hole)do { (activation.regs()).pc += (JSOpLength_Hole); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
4123
4124 CASE(NewInit)label_NewInit: {
4125 JSObject* obj = NewObjectOperation(cx, script, REGS(activation.regs()).pc);
4126
4127 if (!obj) {
4128 goto error;
4129 }
4130 PUSH_OBJECT(*obj)do { (activation.regs()).sp++->setObject(*obj); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
4131 }
4132 END_CASE(NewInit)do { (activation.regs()).pc += (JSOpLength_NewInit); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
4133
4134 CASE(NewArray)label_NewArray: {
4135 uint32_t length = GET_UINT32(REGS(activation.regs()).pc);
4136 ArrayObject* obj = NewArrayOperation(cx, length);
4137 if (!obj) {
4138 goto error;
4139 }
4140 PUSH_OBJECT(*obj)do { (activation.regs()).sp++->setObject(*obj); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
4141 }
4142 END_CASE(NewArray)do { (activation.regs()).pc += (JSOpLength_NewArray); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4143
4144 CASE(NewObject)label_NewObject: {
4145 JSObject* obj = NewObjectOperation(cx, script, REGS(activation.regs()).pc);
4146 if (!obj) {
4147 goto error;
4148 }
4149 PUSH_OBJECT(*obj)do { (activation.regs()).sp++->setObject(*obj); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
4150 }
4151 END_CASE(NewObject)do { (activation.regs()).pc += (JSOpLength_NewObject); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4152
4153 CASE(MutateProto)label_MutateProto: {
4154 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4154); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 4154; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4155
4156 if (REGS(activation.regs()).sp[-1].isObjectOrNull()) {
4157 ReservedRooted<JSObject*> newProto(&rootObject1,
4158 REGS(activation.regs()).sp[-1].toObjectOrNull());
4159 ReservedRooted<JSObject*> obj(&rootObject0, &REGS(activation.regs()).sp[-2].toObject());
4160 MOZ_ASSERT(obj->is<PlainObject>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(obj->is<PlainObject>())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(obj->is<PlainObject>
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("obj->is<PlainObject>()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4160); AnnotateMozCrashReason("MOZ_ASSERT" "(" "obj->is<PlainObject>()"
")"); do { *((volatile int*)__null) = 4160; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4161
4162 if (!SetPrototype(cx, obj, newProto)) {
4163 goto error;
4164 }
4165 }
4166
4167 REGS(activation.regs()).sp--;
4168 }
4169 END_CASE(MutateProto)do { (activation.regs()).pc += (JSOpLength_MutateProto); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4170
4171 CASE(InitProp)label_InitProp:
4172 CASE(InitLockedProp)label_InitLockedProp:
4173 CASE(InitHiddenProp)label_InitHiddenProp: {
4174 static_assert(JSOpLength_InitProp == JSOpLength_InitLockedProp,
4175 "initprop and initlockedprop must be the same size");
4176 static_assert(JSOpLength_InitProp == JSOpLength_InitHiddenProp,
4177 "initprop and inithiddenprop must be the same size");
4178 /* Load the property's initial value into rval. */
4179 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4179); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 4179; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4180 ReservedRooted<Value> rval(&rootValue0, REGS(activation.regs()).sp[-1]);
4181
4182 /* Load the object being initialized into lval/obj. */
4183 ReservedRooted<JSObject*> obj(&rootObject0, &REGS(activation.regs()).sp[-2].toObject());
4184
4185 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
4186
4187 if (!InitPropertyOperation(cx, REGS(activation.regs()).pc, obj, name, rval)) {
4188 goto error;
4189 }
4190
4191 REGS(activation.regs()).sp--;
4192 }
4193 END_CASE(InitProp)do { (activation.regs()).pc += (JSOpLength_InitProp); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4194
4195 CASE(InitElem)label_InitElem:
4196 CASE(InitHiddenElem)label_InitHiddenElem:
4197 CASE(InitLockedElem)label_InitLockedElem: {
4198 MOZ_ASSERT(REGS.stackDepth() >= 3)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 3)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 3))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 3"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4198); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 3"
")"); do { *((volatile int*)__null) = 4198; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4199 HandleValue val = REGS(activation.regs()).stackHandleAt(-1);
4200 HandleValue id = REGS(activation.regs()).stackHandleAt(-2);
4201
4202 ReservedRooted<JSObject*> obj(&rootObject0, &REGS(activation.regs()).sp[-3].toObject());
4203
4204 if (!InitElemOperation(cx, REGS(activation.regs()).pc, obj, id, val)) {
4205 goto error;
4206 }
4207
4208 REGS(activation.regs()).sp -= 2;
4209 }
4210 END_CASE(InitElem)do { (activation.regs()).pc += (JSOpLength_InitElem); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4211
4212 CASE(InitElemArray)label_InitElemArray: {
4213 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4213); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 4213; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4214 HandleValue val = REGS(activation.regs()).stackHandleAt(-1);
4215 ReservedRooted<JSObject*> obj(&rootObject0, &REGS(activation.regs()).sp[-2].toObject());
4216
4217 InitElemArrayOperation(cx, REGS(activation.regs()).pc, obj.as<ArrayObject>(), val);
4218 REGS(activation.regs()).sp--;
4219 }
4220 END_CASE(InitElemArray)do { (activation.regs()).pc += (JSOpLength_InitElemArray); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4221
4222 CASE(InitElemInc)label_InitElemInc: {
4223 MOZ_ASSERT(REGS.stackDepth() >= 3)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 3)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 3))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 3"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4223); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 3"
")"); do { *((volatile int*)__null) = 4223; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4224 HandleValue val = REGS(activation.regs()).stackHandleAt(-1);
4225
4226 ReservedRooted<JSObject*> obj(&rootObject0, &REGS(activation.regs()).sp[-3].toObject());
4227
4228 uint32_t index = REGS(activation.regs()).sp[-2].toInt32();
4229 if (!InitElemIncOperation(cx, obj.as<ArrayObject>(), index, val)) {
4230 goto error;
4231 }
4232
4233 REGS(activation.regs()).sp[-2].setInt32(index + 1);
4234 REGS(activation.regs()).sp--;
4235 }
4236 END_CASE(InitElemInc)do { (activation.regs()).pc += (JSOpLength_InitElemInc); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4237
4238#ifdef ENABLE_RECORD_TUPLE
4239 CASE(InitRecord)label_InitRecord: {
4240 uint32_t length = GET_UINT32(REGS(activation.regs()).pc);
4241 RecordType* rec = RecordType::createUninitialized(cx, length);
4242 if (!rec) {
4243 goto error;
4244 }
4245 PUSH_EXTENDED_PRIMITIVE(*rec);
4246 }
4247 END_CASE(InitRecord)do { (activation.regs()).pc += (JSOpLength_InitRecord); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4248
4249 CASE(AddRecordProperty)label_AddRecordProperty: {
4250 MOZ_ASSERT(REGS.stackDepth() >= 3)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 3)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 3))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 3"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4250); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 3"
")"); do { *((volatile int*)__null) = 4250; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4251
4252 ReservedRooted<JSObject*> rec(&rootObject0,
4253 &REGS(activation.regs()).sp[-3].toExtendedPrimitive());
4254 MOZ_ASSERT(rec->is<RecordType>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(rec->is<RecordType>())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(rec->is<RecordType>
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("rec->is<RecordType>()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4254); AnnotateMozCrashReason("MOZ_ASSERT" "(" "rec->is<RecordType>()"
")"); do { *((volatile int*)__null) = 4254; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4255
4256 ReservedRooted<Value> key(&rootValue0, REGS(activation.regs()).sp[-2]);
4257 ReservedRooted<jsid> id(&rootId0);
4258 if (!JS_ValueToId(cx, key, &id)) {
4259 goto error;
4260 }
4261 if (!rec->as<RecordType>().initializeNextProperty(
4262 cx, id, REGS(activation.regs()).stackHandleAt(-1))) {
4263 goto error;
4264 }
4265
4266 REGS(activation.regs()).sp -= 2;
4267 }
4268 END_CASE(AddRecordProperty)do { (activation.regs()).pc += (JSOpLength_AddRecordProperty)
; do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4269
4270 CASE(AddRecordSpread)label_AddRecordSpread: {
4271 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4271); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 4271; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4272
4273 if (!AddRecordSpreadOperation(cx, REGS(activation.regs()).stackHandleAt(-2),
4274 REGS(activation.regs()).stackHandleAt(-1))) {
4275 goto error;
4276 }
4277 REGS(activation.regs()).sp--;
4278 }
4279 END_CASE(AddRecordSpread)do { (activation.regs()).pc += (JSOpLength_AddRecordSpread); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4280
4281 CASE(FinishRecord)label_FinishRecord: {
4282 MOZ_ASSERT(REGS.stackDepth() >= 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 1)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 1))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4282); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 1"
")"); do { *((volatile int*)__null) = 4282; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4283 RecordType* rec = &REGS(activation.regs()).sp[-1].toExtendedPrimitive().as<RecordType>();
4284 if (!rec->finishInitialization(cx)) {
4285 goto error;
4286 }
4287 }
4288 END_CASE(FinishRecord)do { (activation.regs()).pc += (JSOpLength_FinishRecord); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4289
4290 CASE(InitTuple)label_InitTuple: {
4291 uint32_t length = GET_UINT32(REGS(activation.regs()).pc);
4292 TupleType* tup = TupleType::createUninitialized(cx, length);
4293 if (!tup) {
4294 goto error;
4295 }
4296 PUSH_EXTENDED_PRIMITIVE(*tup);
4297 }
4298 END_CASE(InitTuple)do { (activation.regs()).pc += (JSOpLength_InitTuple); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4299
4300 CASE(AddTupleElement)label_AddTupleElement: {
4301 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4301); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 4301; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4302
4303 ReservedRooted<JSObject*> tup(&rootObject0,
4304 &REGS(activation.regs()).sp[-2].toExtendedPrimitive());
4305 HandleValue val = REGS(activation.regs()).stackHandleAt(-1);
4306
4307 if (!tup->as<TupleType>().initializeNextElement(cx, val)) {
4308 goto error;
4309 }
4310
4311 REGS(activation.regs()).sp--;
4312 }
4313 END_CASE(AddTupleElement)do { (activation.regs()).pc += (JSOpLength_AddTupleElement); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4314
4315 CASE(FinishTuple)label_FinishTuple: {
4316 MOZ_ASSERT(REGS.stackDepth() >= 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 1)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 1))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4316); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 1"
")"); do { *((volatile int*)__null) = 4316; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4317 TupleType& tup = REGS(activation.regs()).sp[-1].toExtendedPrimitive().as<TupleType>();
4318 tup.finishInitialization(cx);
4319 }
4320 END_CASE(FinishTuple)do { (activation.regs()).pc += (JSOpLength_FinishTuple); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4321#endif
4322
4323 CASE(Exception)label_Exception: {
4324 PUSH_NULL()(activation.regs()).sp++->setNull();
4325 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-1);
4326 if (!GetAndClearException(cx, res)) {
4327 goto error;
4328 }
4329 }
4330 END_CASE(Exception)do { (activation.regs()).pc += (JSOpLength_Exception); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4331
4332 CASE(ExceptionAndStack)label_ExceptionAndStack: {
4333 ReservedRooted<Value> stack(&rootValue0);
4334 if (!cx->getPendingExceptionStack(&stack)) {
4335 goto error;
4336 }
4337 PUSH_NULL()(activation.regs()).sp++->setNull();
4338 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-1);
4339 if (!GetAndClearException(cx, res)) {
4340 goto error;
4341 }
4342 PUSH_COPY(stack)do { *(activation.regs()).sp++ = (stack); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
4343 }
4344 END_CASE(ExceptionAndStack)do { (activation.regs()).pc += (JSOpLength_ExceptionAndStack)
; do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4345
4346 CASE(Finally)label_Finally: { CHECK_BRANCH()do { if (!CheckForInterrupt(cx)) goto error; } while (0); }
4347 END_CASE(Finally)do { (activation.regs()).pc += (JSOpLength_Finally); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
4348
4349 CASE(Throw)label_Throw: {
4350 CHECK_BRANCH()do { if (!CheckForInterrupt(cx)) goto error; } while (0);
4351 ReservedRooted<Value> v(&rootValue0);
4352 POP_COPY_TO(v)(v) = *--(activation.regs()).sp;
4353 MOZ_ALWAYS_FALSE(ThrowOperation(cx, v))do { if ((__builtin_expect(!!(!(ThrowOperation(cx, v))), 1)))
{ } else { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(false)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(false))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("false" " (" "!(ThrowOperation(cx, v))"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4353); AnnotateMozCrashReason("MOZ_DIAGNOSTIC_ASSERT" "(" "false"
") (" "!(ThrowOperation(cx, v))" ")"); do { *((volatile int*
)__null) = 4353; __attribute__((nomerge)) ::abort(); } while (
false); } } while (false); } } while (false);
4354 /* let the code at error try to catch the exception. */
4355 goto error;
4356 }
4357
4358 CASE(ThrowWithStack)label_ThrowWithStack: {
4359 CHECK_BRANCH()do { if (!CheckForInterrupt(cx)) goto error; } while (0);
4360 ReservedRooted<Value> v(&rootValue0);
4361 ReservedRooted<Value> stack(&rootValue1);
4362 POP_COPY_TO(stack)(stack) = *--(activation.regs()).sp;
4363 POP_COPY_TO(v)(v) = *--(activation.regs()).sp;
4364 MOZ_ALWAYS_FALSE(ThrowWithStackOperation(cx, v, stack))do { if ((__builtin_expect(!!(!(ThrowWithStackOperation(cx, v
, stack))), 1))) { } else { do { static_assert( mozilla::detail
::AssertionConditionType<decltype(false)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(false))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("false" " (" "!(ThrowWithStackOperation(cx, v, stack))"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4364); AnnotateMozCrashReason("MOZ_DIAGNOSTIC_ASSERT" "(" "false"
") (" "!(ThrowWithStackOperation(cx, v, stack))" ")"); do { *
((volatile int*)__null) = 4364; __attribute__((nomerge)) ::abort
(); } while (false); } } while (false); } } while (false);
4365 /* let the code at error try to catch the exception. */
4366 goto error;
4367 }
4368
4369 CASE(Instanceof)label_Instanceof: {
4370 ReservedRooted<Value> rref(&rootValue0, REGS(activation.regs()).sp[-1]);
4371 if (HandleValue(rref).isPrimitive()) {
4372 ReportValueError(cx, JSMSG_BAD_INSTANCEOF_RHS, -1, rref, nullptr);
4373 goto error;
4374 }
4375 ReservedRooted<JSObject*> obj(&rootObject0, &rref.toObject());
4376 bool cond = false;
4377 if (!InstanceofOperator(cx, obj, REGS(activation.regs()).stackHandleAt(-2), &cond)) {
4378 goto error;
4379 }
4380 REGS(activation.regs()).sp--;
4381 REGS(activation.regs()).sp[-1].setBoolean(cond);
4382 }
4383 END_CASE(Instanceof)do { (activation.regs()).pc += (JSOpLength_Instanceof); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4384
4385 CASE(Debugger)label_Debugger: {
4386 if (!DebugAPI::onDebuggerStatement(cx, REGS(activation.regs()).fp())) {
4387 goto error;
4388 }
4389 }
4390 END_CASE(Debugger)do { (activation.regs()).pc += (JSOpLength_Debugger); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4391
4392 CASE(PushLexicalEnv)label_PushLexicalEnv: {
4393 ReservedRooted<Scope*> scope(&rootScope0, script->getScope(REGS(activation.regs()).pc));
4394
4395 // Create block environment and push on scope chain.
4396 if (!REGS(activation.regs()).fp()->pushLexicalEnvironment(cx, scope.as<LexicalScope>())) {
4397 goto error;
4398 }
4399 }
4400 END_CASE(PushLexicalEnv)do { (activation.regs()).pc += (JSOpLength_PushLexicalEnv); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4401
4402 CASE(PopLexicalEnv)label_PopLexicalEnv: {
4403#ifdef DEBUG1
4404 Scope* scope = script->lookupScope(REGS(activation.regs()).pc);
4405 MOZ_ASSERT(scope)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(scope)>::isValid, "invalid assertion condition");
if ((__builtin_expect(!!(!(!!(scope))), 0))) { do { } while (
false); MOZ_ReportAssertionFailure("scope", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4405); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope" ")")
; do { *((volatile int*)__null) = 4405; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4406 MOZ_ASSERT(scope->is<LexicalScope>() || scope->is<ClassBodyScope>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(scope->is<LexicalScope>() || scope->is<
ClassBodyScope>())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(scope->is<LexicalScope
>() || scope->is<ClassBodyScope>()))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("scope->is<LexicalScope>() || scope->is<ClassBodyScope>()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4406); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope->is<LexicalScope>() || scope->is<ClassBodyScope>()"
")"); do { *((volatile int*)__null) = 4406; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4407 MOZ_ASSERT_IF(scope->is<LexicalScope>(),do { if (scope->is<LexicalScope>()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(scope->
as<LexicalScope>().hasEnvironment())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(scope->as<LexicalScope
>().hasEnvironment()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("scope->as<LexicalScope>().hasEnvironment()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4408); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope->as<LexicalScope>().hasEnvironment()"
")"); do { *((volatile int*)__null) = 4408; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
4408 scope->as<LexicalScope>().hasEnvironment())do { if (scope->is<LexicalScope>()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(scope->
as<LexicalScope>().hasEnvironment())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(scope->as<LexicalScope
>().hasEnvironment()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("scope->as<LexicalScope>().hasEnvironment()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4408); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope->as<LexicalScope>().hasEnvironment()"
")"); do { *((volatile int*)__null) = 4408; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4409 MOZ_ASSERT_IF(scope->is<ClassBodyScope>(),do { if (scope->is<ClassBodyScope>()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(scope->
as<ClassBodyScope>().hasEnvironment())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(scope->as<ClassBodyScope
>().hasEnvironment()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("scope->as<ClassBodyScope>().hasEnvironment()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4410); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope->as<ClassBodyScope>().hasEnvironment()"
")"); do { *((volatile int*)__null) = 4410; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
4410 scope->as<ClassBodyScope>().hasEnvironment())do { if (scope->is<ClassBodyScope>()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(scope->
as<ClassBodyScope>().hasEnvironment())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(scope->as<ClassBodyScope
>().hasEnvironment()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("scope->as<ClassBodyScope>().hasEnvironment()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4410); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope->as<ClassBodyScope>().hasEnvironment()"
")"); do { *((volatile int*)__null) = 4410; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4411#endif
4412
4413 if (MOZ_UNLIKELY(cx->realm()->isDebuggee())(__builtin_expect(!!(cx->realm()->isDebuggee()), 0))) {
4414 DebugEnvironments::onPopLexical(cx, REGS(activation.regs()).fp(), REGS(activation.regs()).pc);
4415 }
4416
4417 // Pop block from scope chain.
4418 REGS(activation.regs()).fp()->popOffEnvironmentChain<LexicalEnvironmentObject>();
4419 }
4420 END_CASE(PopLexicalEnv)do { (activation.regs()).pc += (JSOpLength_PopLexicalEnv); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4421
4422 CASE(DebugLeaveLexicalEnv)label_DebugLeaveLexicalEnv: {
4423#ifdef DEBUG1
4424 Scope* scope = script->lookupScope(REGS(activation.regs()).pc);
4425 MOZ_ASSERT(scope)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(scope)>::isValid, "invalid assertion condition");
if ((__builtin_expect(!!(!(!!(scope))), 0))) { do { } while (
false); MOZ_ReportAssertionFailure("scope", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4425); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope" ")")
; do { *((volatile int*)__null) = 4425; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4426 MOZ_ASSERT(scope->is<LexicalScope>() || scope->is<ClassBodyScope>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(scope->is<LexicalScope>() || scope->is<
ClassBodyScope>())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(scope->is<LexicalScope
>() || scope->is<ClassBodyScope>()))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("scope->is<LexicalScope>() || scope->is<ClassBodyScope>()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4426); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope->is<LexicalScope>() || scope->is<ClassBodyScope>()"
")"); do { *((volatile int*)__null) = 4426; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4427 MOZ_ASSERT_IF(scope->is<LexicalScope>(),do { if (scope->is<LexicalScope>()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(!scope->
as<LexicalScope>().hasEnvironment())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!scope->as<LexicalScope
>().hasEnvironment()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!scope->as<LexicalScope>().hasEnvironment()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4428); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!scope->as<LexicalScope>().hasEnvironment()"
")"); do { *((volatile int*)__null) = 4428; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
4428 !scope->as<LexicalScope>().hasEnvironment())do { if (scope->is<LexicalScope>()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(!scope->
as<LexicalScope>().hasEnvironment())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!scope->as<LexicalScope
>().hasEnvironment()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!scope->as<LexicalScope>().hasEnvironment()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4428); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!scope->as<LexicalScope>().hasEnvironment()"
")"); do { *((volatile int*)__null) = 4428; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4429 MOZ_ASSERT_IF(scope->is<ClassBodyScope>(),do { if (scope->is<ClassBodyScope>()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(!scope->
as<ClassBodyScope>().hasEnvironment())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!scope->as<ClassBodyScope
>().hasEnvironment()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!scope->as<ClassBodyScope>().hasEnvironment()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4430); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!scope->as<ClassBodyScope>().hasEnvironment()"
")"); do { *((volatile int*)__null) = 4430; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
4430 !scope->as<ClassBodyScope>().hasEnvironment())do { if (scope->is<ClassBodyScope>()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(!scope->
as<ClassBodyScope>().hasEnvironment())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!scope->as<ClassBodyScope
>().hasEnvironment()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!scope->as<ClassBodyScope>().hasEnvironment()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4430); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!scope->as<ClassBodyScope>().hasEnvironment()"
")"); do { *((volatile int*)__null) = 4430; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4431#endif
4432 // FIXME: This opcode should not be necessary. The debugger shouldn't
4433 // need help from bytecode to do its job. See bug 927782.
4434
4435 if (MOZ_UNLIKELY(cx->realm()->isDebuggee())(__builtin_expect(!!(cx->realm()->isDebuggee()), 0))) {
4436 DebugEnvironments::onPopLexical(cx, REGS(activation.regs()).fp(), REGS(activation.regs()).pc);
4437 }
4438 }
4439 END_CASE(DebugLeaveLexicalEnv)do { (activation.regs()).pc += (JSOpLength_DebugLeaveLexicalEnv
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4440
4441 CASE(FreshenLexicalEnv)label_FreshenLexicalEnv: {
4442#ifdef DEBUG1
4443 Scope* scope = script->getScope(REGS(activation.regs()).pc);
4444 auto envChain = REGS(activation.regs()).fp()->environmentChain();
4445 auto* envScope = &envChain->as<BlockLexicalEnvironmentObject>().scope();
4446 MOZ_ASSERT(scope == envScope)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(scope == envScope)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(scope == envScope))), 0))) {
do { } while (false); MOZ_ReportAssertionFailure("scope == envScope"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4446); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope == envScope"
")"); do { *((volatile int*)__null) = 4446; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4447#endif
4448
4449 if (!REGS(activation.regs()).fp()->freshenLexicalEnvironment(cx, REGS(activation.regs()).pc)) {
4450 goto error;
4451 }
4452 }
4453 END_CASE(FreshenLexicalEnv)do { (activation.regs()).pc += (JSOpLength_FreshenLexicalEnv)
; do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4454
4455 CASE(RecreateLexicalEnv)label_RecreateLexicalEnv: {
4456#ifdef DEBUG1
4457 Scope* scope = script->getScope(REGS(activation.regs()).pc);
4458 auto envChain = REGS(activation.regs()).fp()->environmentChain();
4459 auto* envScope = &envChain->as<BlockLexicalEnvironmentObject>().scope();
4460 MOZ_ASSERT(scope == envScope)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(scope == envScope)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(scope == envScope))), 0))) {
do { } while (false); MOZ_ReportAssertionFailure("scope == envScope"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4460); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope == envScope"
")"); do { *((volatile int*)__null) = 4460; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4461#endif
4462
4463 if (!REGS(activation.regs()).fp()->recreateLexicalEnvironment(cx, REGS(activation.regs()).pc)) {
4464 goto error;
4465 }
4466 }
4467 END_CASE(RecreateLexicalEnv)do { (activation.regs()).pc += (JSOpLength_RecreateLexicalEnv
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4468
4469 CASE(PushClassBodyEnv)label_PushClassBodyEnv: {
4470 ReservedRooted<Scope*> scope(&rootScope0, script->getScope(REGS(activation.regs()).pc));
4471
4472 if (!REGS(activation.regs()).fp()->pushClassBodyEnvironment(cx,
4473 scope.as<ClassBodyScope>())) {
4474 goto error;
4475 }
4476 }
4477 END_CASE(PushClassBodyEnv)do { (activation.regs()).pc += (JSOpLength_PushClassBodyEnv);
do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4478
4479 CASE(PushVarEnv)label_PushVarEnv: {
4480 ReservedRooted<Scope*> scope(&rootScope0, script->getScope(REGS(activation.regs()).pc));
4481
4482 if (!REGS(activation.regs()).fp()->pushVarEnvironment(cx, scope)) {
4483 goto error;
4484 }
4485 }
4486 END_CASE(PushVarEnv)do { (activation.regs()).pc += (JSOpLength_PushVarEnv); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4487
4488 CASE(Generator)label_Generator: {
4489 MOZ_ASSERT(!cx->isExceptionPending())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!cx->isExceptionPending())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!cx->isExceptionPending()
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"!cx->isExceptionPending()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4489); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cx->isExceptionPending()"
")"); do { *((volatile int*)__null) = 4489; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4490 MOZ_ASSERT(REGS.stackDepth() == 0)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() == 0)>::isValid,
"invalid assertion condition"); if ((__builtin_expect(!!(!(!
!((activation.regs()).stackDepth() == 0))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() == 0"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4490); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() == 0"
")"); do { *((volatile int*)__null) = 4490; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4491 JSObject* obj = AbstractGeneratorObject::createFromFrame(cx, REGS(activation.regs()).fp());
4492 if (!obj) {
4493 goto error;
4494 }
4495 PUSH_OBJECT(*obj)do { (activation.regs()).sp++->setObject(*obj); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
4496 }
4497 END_CASE(Generator)do { (activation.regs()).pc += (JSOpLength_Generator); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4498
4499 CASE(InitialYield)label_InitialYield: {
4500 MOZ_ASSERT(!cx->isExceptionPending())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!cx->isExceptionPending())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!cx->isExceptionPending()
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"!cx->isExceptionPending()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4500); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cx->isExceptionPending()"
")"); do { *((volatile int*)__null) = 4500; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4501 MOZ_ASSERT_IF(script->isModule() && script->isAsync(),do { if (script->isModule() && script->isAsync(
)) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype((activation.regs()).fp()->isModuleFrame())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isModuleFrame()))), 0))
) { do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isModuleFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4502); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isModuleFrame()"
")"); do { *((volatile int*)__null) = 4502; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
4502 REGS.fp()->isModuleFrame())do { if (script->isModule() && script->isAsync(
)) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype((activation.regs()).fp()->isModuleFrame())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isModuleFrame()))), 0))
) { do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isModuleFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4502); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isModuleFrame()"
")"); do { *((volatile int*)__null) = 4502; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4503 MOZ_ASSERT_IF(!script->isModule() && script->isAsync(),do { if (!script->isModule() && script->isAsync
()) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype((activation.regs()).fp()->isFunctionFrame())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isFunctionFrame()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isFunctionFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4504); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isFunctionFrame()"
")"); do { *((volatile int*)__null) = 4504; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
4504 REGS.fp()->isFunctionFrame())do { if (!script->isModule() && script->isAsync
()) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype((activation.regs()).fp()->isFunctionFrame())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isFunctionFrame()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isFunctionFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4504); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isFunctionFrame()"
")"); do { *((volatile int*)__null) = 4504; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4505 ReservedRooted<JSObject*> obj(&rootObject0, &REGS(activation.regs()).sp[-1].toObject());
4506 POP_RETURN_VALUE()(activation.regs()).fp()->setReturnValue(*--(activation.regs
()).sp);
4507 MOZ_ASSERT(REGS.stackDepth() == 0)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() == 0)>::isValid,
"invalid assertion condition"); if ((__builtin_expect(!!(!(!
!((activation.regs()).stackDepth() == 0))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() == 0"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4507); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() == 0"
")"); do { *((volatile int*)__null) = 4507; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4508 if (!AbstractGeneratorObject::suspend(cx, obj, REGS(activation.regs()).fp(), REGS(activation.regs()).pc,
4509 script->nfixed())) {
4510 goto error;
4511 }
4512 goto successful_return_continuation;
4513 }
4514
4515 CASE(Yield)label_Yield:
4516 CASE(Await)label_Await: {
4517 MOZ_ASSERT(!cx->isExceptionPending())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!cx->isExceptionPending())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!cx->isExceptionPending()
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"!cx->isExceptionPending()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4517); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cx->isExceptionPending()"
")"); do { *((volatile int*)__null) = 4517; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4518 MOZ_ASSERT_IF(script->isModule() && script->isAsync(),do { if (script->isModule() && script->isAsync(
)) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype((activation.regs()).fp()->isModuleFrame())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isModuleFrame()))), 0))
) { do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isModuleFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4519); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isModuleFrame()"
")"); do { *((volatile int*)__null) = 4519; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
4519 REGS.fp()->isModuleFrame())do { if (script->isModule() && script->isAsync(
)) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype((activation.regs()).fp()->isModuleFrame())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isModuleFrame()))), 0))
) { do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isModuleFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4519); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isModuleFrame()"
")"); do { *((volatile int*)__null) = 4519; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4520 MOZ_ASSERT_IF(!script->isModule() && script->isAsync(),do { if (!script->isModule() && script->isAsync
()) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype((activation.regs()).fp()->isFunctionFrame())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isFunctionFrame()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isFunctionFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4521); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isFunctionFrame()"
")"); do { *((volatile int*)__null) = 4521; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
4521 REGS.fp()->isFunctionFrame())do { if (!script->isModule() && script->isAsync
()) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype((activation.regs()).fp()->isFunctionFrame())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isFunctionFrame()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isFunctionFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4521); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isFunctionFrame()"
")"); do { *((volatile int*)__null) = 4521; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4522 ReservedRooted<JSObject*> obj(&rootObject0, &REGS(activation.regs()).sp[-1].toObject());
4523 if (!AbstractGeneratorObject::suspend(
4524 cx, obj, REGS(activation.regs()).fp(), REGS(activation.regs()).pc,
4525 script->nfixed() + REGS(activation.regs()).stackDepth() - 2)) {
4526 goto error;
4527 }
4528
4529 REGS(activation.regs()).sp--;
4530 POP_RETURN_VALUE()(activation.regs()).fp()->setReturnValue(*--(activation.regs
()).sp);
4531
4532 goto successful_return_continuation;
4533 }
4534
4535 CASE(ResumeKind)label_ResumeKind: {
4536 GeneratorResumeKind resumeKind = ResumeKindFromPC(REGS(activation.regs()).pc);
4537 PUSH_INT32(int32_t(resumeKind))(activation.regs()).sp++->setInt32(int32_t(resumeKind));
4538 }
4539 END_CASE(ResumeKind)do { (activation.regs()).pc += (JSOpLength_ResumeKind); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4540
4541 CASE(CheckResumeKind)label_CheckResumeKind: {
4542 int32_t kindInt = REGS(activation.regs()).sp[-1].toInt32();
4543 GeneratorResumeKind resumeKind = IntToResumeKind(kindInt);
4544 if (MOZ_UNLIKELY(resumeKind != GeneratorResumeKind::Next)(__builtin_expect(!!(resumeKind != GeneratorResumeKind::Next)
, 0))) {
4545 ReservedRooted<Value> val(&rootValue0, REGS(activation.regs()).sp[-3]);
4546 Rooted<AbstractGeneratorObject*> gen(
4547 cx, &REGS(activation.regs()).sp[-2].toObject().as<AbstractGeneratorObject>());
4548 MOZ_ALWAYS_FALSE(GeneratorThrowOrReturn(cx, activation.regs().fp(), gen,do { if ((__builtin_expect(!!(!(GeneratorThrowOrReturn(cx, activation
.regs().fp(), gen, val, resumeKind))), 1))) { } else { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(false)>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(false))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("false" " (" "!(GeneratorThrowOrReturn(cx, activation.regs().fp(), gen, val, resumeKind))"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4549); AnnotateMozCrashReason("MOZ_DIAGNOSTIC_ASSERT" "(" "false"
") (" "!(GeneratorThrowOrReturn(cx, activation.regs().fp(), gen, val, resumeKind))"
")"); do { *((volatile int*)__null) = 4549; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
4549 val, resumeKind))do { if ((__builtin_expect(!!(!(GeneratorThrowOrReturn(cx, activation
.regs().fp(), gen, val, resumeKind))), 1))) { } else { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(false)>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(false))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("false" " (" "!(GeneratorThrowOrReturn(cx, activation.regs().fp(), gen, val, resumeKind))"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4549); AnnotateMozCrashReason("MOZ_DIAGNOSTIC_ASSERT" "(" "false"
") (" "!(GeneratorThrowOrReturn(cx, activation.regs().fp(), gen, val, resumeKind))"
")"); do { *((volatile int*)__null) = 4549; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4550 goto error;
4551 }
4552 REGS(activation.regs()).sp -= 2;
4553 }
4554 END_CASE(CheckResumeKind)do { (activation.regs()).pc += (JSOpLength_CheckResumeKind); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4555
4556 CASE(Resume)label_Resume: {
4557 {
4558 Rooted<AbstractGeneratorObject*> gen(
4559 cx, &REGS(activation.regs()).sp[-3].toObject().as<AbstractGeneratorObject>());
4560 ReservedRooted<Value> val(&rootValue0, REGS(activation.regs()).sp[-2]);
4561 ReservedRooted<Value> resumeKindVal(&rootValue1, REGS(activation.regs()).sp[-1]);
4562
4563 // popInlineFrame expects there to be an additional value on the stack
4564 // to pop off, so leave "gen" on the stack.
4565 REGS(activation.regs()).sp -= 1;
4566
4567 if (!AbstractGeneratorObject::resume(cx, activation, gen, val,
4568 resumeKindVal)) {
4569 goto error;
4570 }
4571
4572 JSScript* generatorScript = REGS(activation.regs()).fp()->script();
4573 if (cx->realm() != generatorScript->realm()) {
4574 cx->enterRealmOf(generatorScript);
4575 }
4576 SET_SCRIPT(generatorScript)do { script = (generatorScript); do { static_assert( mozilla::
detail::AssertionConditionType<decltype(cx->realm() == script
->realm())>::isValid, "invalid assertion condition"); if
((__builtin_expect(!!(!(!!(cx->realm() == script->realm
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("cx->realm() == script->realm()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4576); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->realm() == script->realm()"
")"); do { *((volatile int*)__null) = 4576; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); if (DebugAPI
::hasAnyBreakpointsOrStepMode(script) || script->hasScriptCounts
()) activation.enableInterruptsUnconditionally(); } while (0);
4577
4578 if (!probes::EnterScript(cx, generatorScript,
4579 generatorScript->function(), REGS(activation.regs()).fp())) {
4580 goto error;
4581 }
4582
4583 if (!DebugAPI::onResumeFrame(cx, REGS(activation.regs()).fp())) {
4584 MOZ_ASSERT_IF(cx->isPropagatingForcedReturn(), gen->isClosed())do { if (cx->isPropagatingForcedReturn()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(gen->
isClosed())>::isValid, "invalid assertion condition"); if (
(__builtin_expect(!!(!(!!(gen->isClosed()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("gen->isClosed()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4584); AnnotateMozCrashReason("MOZ_ASSERT" "(" "gen->isClosed()"
")"); do { *((volatile int*)__null) = 4584; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4585 goto error;
4586 }
4587 }
4588 ADVANCE_AND_DISPATCH(0)do { (activation.regs()).pc += (0); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0);
4589 }
4590
4591 CASE(AfterYield)label_AfterYield: {
4592 // AbstractGeneratorObject::resume takes care of setting the frame's
4593 // debuggee flag.
4594 MOZ_ASSERT_IF(REGS.fp()->script()->isDebuggee(), REGS.fp()->isDebuggee())do { if ((activation.regs()).fp()->script()->isDebuggee
()) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype((activation.regs()).fp()->isDebuggee())>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isDebuggee()))), 0))) {
do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isDebuggee()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4594); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isDebuggee()"
")"); do { *((volatile int*)__null) = 4594; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4595 COUNT_COVERAGE()do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc
)))>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc)))
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4595); AnnotateMozCrashReason("MOZ_ASSERT" "(" "BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
")"); do { *((volatile int*)__null) = 4595; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); do { if (script
->hasScriptCounts()) { PCCounts* counts = script->maybeGetPCCounts
((activation.regs()).pc); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(counts)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(counts))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4595); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 4595; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0); } while (0);
4596 }
4597 END_CASE(AfterYield)do { (activation.regs()).pc += (JSOpLength_AfterYield); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4598
4599 CASE(FinalYieldRval)label_FinalYieldRval: {
4600 ReservedRooted<JSObject*> gen(&rootObject0, &REGS(activation.regs()).sp[-1].toObject());
4601 REGS(activation.regs()).sp--;
4602 AbstractGeneratorObject::finalSuspend(cx, gen);
4603 goto successful_return_continuation;
4604 }
4605
4606 CASE(CheckClassHeritage)label_CheckClassHeritage: {
4607 HandleValue heritage = REGS(activation.regs()).stackHandleAt(-1);
4608
4609 if (!CheckClassHeritageOperation(cx, heritage)) {
4610 goto error;
4611 }
4612 }
4613 END_CASE(CheckClassHeritage)do { (activation.regs()).pc += (JSOpLength_CheckClassHeritage
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4614
4615 CASE(BuiltinObject)label_BuiltinObject: {
4616 auto kind = BuiltinObjectKind(GET_UINT8(REGS(activation.regs()).pc));
4617 JSObject* builtin = BuiltinObjectOperation(cx, kind);
4618 if (!builtin) {
4619 goto error;
4620 }
4621 PUSH_OBJECT(*builtin)do { (activation.regs()).sp++->setObject(*builtin); cx->
debugOnlyCheck((activation.regs()).sp[-1]); } while (0);
4622 }
4623 END_CASE(BuiltinObject)do { (activation.regs()).pc += (JSOpLength_BuiltinObject); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4624
4625 CASE(FunWithProto)label_FunWithProto: {
4626 ReservedRooted<JSObject*> proto(&rootObject1, &REGS(activation.regs()).sp[-1].toObject());
4627
4628 /* Load the specified function object literal. */
4629 ReservedRooted<JSFunction*> fun(&rootFunction0,
4630 script->getFunction(REGS(activation.regs()).pc));
4631
4632 JSObject* obj =
4633 FunWithProtoOperation(cx, fun, REGS(activation.regs()).fp()->environmentChain(), proto);
4634 if (!obj) {
4635 goto error;
4636 }
4637
4638 REGS(activation.regs()).sp[-1].setObject(*obj);
4639 }
4640 END_CASE(FunWithProto)do { (activation.regs()).pc += (JSOpLength_FunWithProto); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4641
4642 CASE(ObjWithProto)label_ObjWithProto: {
4643 JSObject* obj = ObjectWithProtoOperation(cx, REGS(activation.regs()).stackHandleAt(-1));
4644 if (!obj) {
4645 goto error;
4646 }
4647
4648 REGS(activation.regs()).sp[-1].setObject(*obj);
4649 }
4650 END_CASE(ObjWithProto)do { (activation.regs()).pc += (JSOpLength_ObjWithProto); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4651
4652 CASE(InitHomeObject)label_InitHomeObject: {
4653 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4653); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 4653; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4654
4655 /* Load the function to be initialized */
4656 JSFunction* func = &REGS(activation.regs()).sp[-2].toObject().as<JSFunction>();
4657 MOZ_ASSERT(func->allowSuperProperty())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(func->allowSuperProperty())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(func->allowSuperProperty(
)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("func->allowSuperProperty()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4657); AnnotateMozCrashReason("MOZ_ASSERT" "(" "func->allowSuperProperty()"
")"); do { *((volatile int*)__null) = 4657; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4658
4659 /* Load the home object */
4660 JSObject* obj = &REGS(activation.regs()).sp[-1].toObject();
4661 MOZ_ASSERT(obj->is<PlainObject>() || obj->is<JSFunction>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(obj->is<PlainObject>() || obj->is<JSFunction
>())>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(obj->is<PlainObject>() || obj->is<JSFunction
>()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("obj->is<PlainObject>() || obj->is<JSFunction>()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4661); AnnotateMozCrashReason("MOZ_ASSERT" "(" "obj->is<PlainObject>() || obj->is<JSFunction>()"
")"); do { *((volatile int*)__null) = 4661; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4662
4663 func->setExtendedSlot(FunctionExtended::METHOD_HOMEOBJECT_SLOT,
4664 ObjectValue(*obj));
4665 REGS(activation.regs()).sp--;
4666 }
4667 END_CASE(InitHomeObject)do { (activation.regs()).pc += (JSOpLength_InitHomeObject); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4668
4669 CASE(SuperBase)label_SuperBase: {
4670 JSFunction& superEnvFunc = REGS(activation.regs()).sp[-1].toObject().as<JSFunction>();
4671 MOZ_ASSERT(superEnvFunc.allowSuperProperty())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(superEnvFunc.allowSuperProperty())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(superEnvFunc.allowSuperProperty
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("superEnvFunc.allowSuperProperty()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4671); AnnotateMozCrashReason("MOZ_ASSERT" "(" "superEnvFunc.allowSuperProperty()"
")"); do { *((volatile int*)__null) = 4671; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4672 MOZ_ASSERT(superEnvFunc.baseScript()->needsHomeObject())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(superEnvFunc.baseScript()->needsHomeObject())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(superEnvFunc.baseScript()->needsHomeObject()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("superEnvFunc.baseScript()->needsHomeObject()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4672); AnnotateMozCrashReason("MOZ_ASSERT" "(" "superEnvFunc.baseScript()->needsHomeObject()"
")"); do { *((volatile int*)__null) = 4672; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4673 const Value& homeObjVal = superEnvFunc.getExtendedSlot(
4674 FunctionExtended::METHOD_HOMEOBJECT_SLOT);
4675
4676 JSObject* homeObj = &homeObjVal.toObject();
4677 JSObject* superBase = HomeObjectSuperBase(homeObj);
4678
4679 REGS(activation.regs()).sp[-1].setObjectOrNull(superBase);
4680 }
4681 END_CASE(SuperBase)do { (activation.regs()).pc += (JSOpLength_SuperBase); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4682
4683 CASE(NewTarget)label_NewTarget: {
4684 PUSH_COPY(REGS.fp()->newTarget())do { *(activation.regs()).sp++ = ((activation.regs()).fp()->
newTarget()); cx->debugOnlyCheck((activation.regs()).sp[-1
]); } while (0);
4685 MOZ_ASSERT(REGS.sp[-1].isObject() || REGS.sp[-1].isUndefined())do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).sp[-1].isObject() || (activation
.regs()).sp[-1].isUndefined())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!((activation.regs()).sp[-1].isObject
() || (activation.regs()).sp[-1].isUndefined()))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("(activation.regs()).sp[-1].isObject() || (activation.regs()).sp[-1].isUndefined()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4685); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).sp[-1].isObject() || (activation.regs()).sp[-1].isUndefined()"
")"); do { *((volatile int*)__null) = 4685; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4686 }
4687 END_CASE(NewTarget)do { (activation.regs()).pc += (JSOpLength_NewTarget); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4688
4689 CASE(ImportMeta)label_ImportMeta: {
4690 JSObject* metaObject = ImportMetaOperation(cx, script);
4691 if (!metaObject) {
4692 goto error;
4693 }
4694
4695 PUSH_OBJECT(*metaObject)do { (activation.regs()).sp++->setObject(*metaObject); cx->
debugOnlyCheck((activation.regs()).sp[-1]); } while (0);
4696 }
4697 END_CASE(ImportMeta)do { (activation.regs()).pc += (JSOpLength_ImportMeta); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4698
4699 CASE(DynamicImport)label_DynamicImport: {
4700 ReservedRooted<Value> options(&rootValue0, REGS(activation.regs()).sp[-1]);
4701 REGS(activation.regs()).sp--;
4702
4703 ReservedRooted<Value> specifier(&rootValue1);
4704 POP_COPY_TO(specifier)(specifier) = *--(activation.regs()).sp;
4705
4706 JSObject* promise =
4707 StartDynamicModuleImport(cx, script, specifier, options);
4708 if (!promise) goto error;
4709
4710 PUSH_OBJECT(*promise)do { (activation.regs()).sp++->setObject(*promise); cx->
debugOnlyCheck((activation.regs()).sp[-1]); } while (0);
4711 }
4712 END_CASE(DynamicImport)do { (activation.regs()).pc += (JSOpLength_DynamicImport); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4713
4714 CASE(EnvCallee)label_EnvCallee: {
4715 uint8_t numHops = GET_UINT8(REGS(activation.regs()).pc);
4716 JSObject* env = &REGS(activation.regs()).fp()->environmentChain()->as<EnvironmentObject>();
4717 for (unsigned i = 0; i < numHops; i++) {
4718 env = &env->as<EnvironmentObject>().enclosingEnvironment();
4719 }
4720 PUSH_OBJECT(env->as<CallObject>().callee())do { (activation.regs()).sp++->setObject(env->as<CallObject
>().callee()); cx->debugOnlyCheck((activation.regs()).sp
[-1]); } while (0);
4721 }
4722 END_CASE(EnvCallee)do { (activation.regs()).pc += (JSOpLength_EnvCallee); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4723
4724 CASE(SuperFun)label_SuperFun: {
4725 JSObject* superEnvFunc = &REGS(activation.regs()).sp[-1].toObject();
4726 JSObject* superFun = SuperFunOperation(superEnvFunc);
4727 REGS(activation.regs()).sp[-1].setObjectOrNull(superFun);
4728 }
4729 END_CASE(SuperFun)do { (activation.regs()).pc += (JSOpLength_SuperFun); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4730
4731 CASE(CheckObjCoercible)label_CheckObjCoercible: {
4732 ReservedRooted<Value> checkVal(&rootValue0, REGS(activation.regs()).sp[-1]);
4733 if (checkVal.isNullOrUndefined()) {
4734 MOZ_ALWAYS_FALSE(ThrowObjectCoercible(cx, checkVal))do { if ((__builtin_expect(!!(!(ThrowObjectCoercible(cx, checkVal
))), 1))) { } else { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(false)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(false))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("false" " (" "!(ThrowObjectCoercible(cx, checkVal))"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4734); AnnotateMozCrashReason("MOZ_DIAGNOSTIC_ASSERT" "(" "false"
") (" "!(ThrowObjectCoercible(cx, checkVal))" ")"); do { *((
volatile int*)__null) = 4734; __attribute__((nomerge)) ::abort
(); } while (false); } } while (false); } } while (false);
4735 goto error;
4736 }
4737 }
4738 END_CASE(CheckObjCoercible)do { (activation.regs()).pc += (JSOpLength_CheckObjCoercible)
; do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4739
4740 CASE(DebugCheckSelfHosted)label_DebugCheckSelfHosted: {
4741#ifdef DEBUG1
4742 ReservedRooted<Value> checkVal(&rootValue0, REGS(activation.regs()).sp[-1]);
4743 if (!Debug_CheckSelfHosted(cx, checkVal)) {
4744 goto error;
4745 }
4746#endif
4747 }
4748 END_CASE(DebugCheckSelfHosted)do { (activation.regs()).pc += (JSOpLength_DebugCheckSelfHosted
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4749
4750 CASE(IsConstructing)label_IsConstructing: { PUSH_MAGIC(JS_IS_CONSTRUCTING)(activation.regs()).sp++->setMagic(JS_IS_CONSTRUCTING); }
4751 END_CASE(IsConstructing)do { (activation.regs()).pc += (JSOpLength_IsConstructing); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4752
4753 CASE(Inc)label_Inc: {
4754 MutableHandleValue val = REGS(activation.regs()).stackHandleAt(-1);
4755 if (!IncOperation(cx, val, val)) {
4756 goto error;
4757 }
4758 }
4759 END_CASE(Inc)do { (activation.regs()).pc += (JSOpLength_Inc); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
4760
4761 CASE(Dec)label_Dec: {
4762 MutableHandleValue val = REGS(activation.regs()).stackHandleAt(-1);
4763 if (!DecOperation(cx, val, val)) {
4764 goto error;
4765 }
4766 }
4767 END_CASE(Dec)do { (activation.regs()).pc += (JSOpLength_Dec); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
4768
4769 CASE(ToNumeric)label_ToNumeric: {
4770 if (!ToNumeric(cx, REGS(activation.regs()).stackHandleAt(-1))) {
4771 goto error;
4772 }
4773 }
4774 END_CASE(ToNumeric)do { (activation.regs()).pc += (JSOpLength_ToNumeric); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4775
4776 CASE(BigInt)label_BigInt: { PUSH_BIGINT(script->getBigInt(REGS.pc))(activation.regs()).sp++->setBigInt(script->getBigInt((
activation.regs()).pc)); }
4777 END_CASE(BigInt)do { (activation.regs()).pc += (JSOpLength_BigInt); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
4778
4779 DEFAULT()label_default: {
4780 char numBuf[12];
4781 SprintfLiteral(numBuf, "%d", *REGS(activation.regs()).pc);
4782 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
4783 JSMSG_BAD_BYTECODE, numBuf);
4784 goto error;
4785 }
4786
4787 } /* interpreter loop */
4788
4789 MOZ_CRASH("Interpreter loop exited via fallthrough")do { do { } while (false); MOZ_ReportCrash("" "Interpreter loop exited via fallthrough"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4789); AnnotateMozCrashReason("MOZ_CRASH(" "Interpreter loop exited via fallthrough"
")"); do { *((volatile int*)__null) = 4789; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
4790
4791error:
4792 switch (HandleError(cx, REGS(activation.regs()))) {
4793 case SuccessfulReturnContinuation:
4794 goto successful_return_continuation;
4795
4796 case ErrorReturnContinuation:
4797 interpReturnOK = false;
4798 goto return_continuation;
4799
4800 case CatchContinuation:
4801 ADVANCE_AND_DISPATCH(0)do { (activation.regs()).pc += (0); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0);
4802
4803 case FinallyContinuation: {
4804 /*
4805 * Push (exception, stack, true) triple for finally to indicate that we
4806 * should rethrow the exception.
4807 */
4808 ReservedRooted<Value> exception(&rootValue0);
4809 ReservedRooted<Value> exceptionStack(&rootValue1);
4810 if (!cx->getPendingException(&exception) ||
4811 !cx->getPendingExceptionStack(&exceptionStack)) {
4812 interpReturnOK = false;
4813 goto return_continuation;
4814 }
4815 PUSH_COPY(exception)do { *(activation.regs()).sp++ = (exception); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
4816 PUSH_COPY(exceptionStack)do { *(activation.regs()).sp++ = (exceptionStack); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
4817 PUSH_BOOLEAN(true)(activation.regs()).sp++->setBoolean(true);
4818 cx->clearPendingException();
4819 }
4820 ADVANCE_AND_DISPATCH(0)do { (activation.regs()).pc += (0); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0);
4821 }
4822
4823 MOZ_CRASH("Invalid HandleError continuation")do { do { } while (false); MOZ_ReportCrash("" "Invalid HandleError continuation"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4823); AnnotateMozCrashReason("MOZ_CRASH(" "Invalid HandleError continuation"
")"); do { *((volatile int*)__null) = 4823; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
4824
4825exit:
4826 if (MOZ_LIKELY(!frameHalfInitialized)(__builtin_expect(!!(!frameHalfInitialized), 1))) {
4827 interpReturnOK =
4828 DebugAPI::onLeaveFrame(cx, REGS(activation.regs()).fp(), REGS(activation.regs()).pc, interpReturnOK);
4829
4830 REGS(activation.regs()).fp()->epilogue(cx, REGS(activation.regs()).pc);
4831 }
4832
4833 gc::MaybeVerifyBarriers(cx, true);
4834
4835 /*
4836 * This path is used when it's guaranteed the method can be finished
4837 * inside the JIT.
4838 */
4839leave_on_safe_point:
4840
4841 if (interpReturnOK) {
4842 state.setReturnValue(activation.entryFrame()->returnValue());
4843 }
4844
4845 return interpReturnOK;
4846
4847prologue_error:
4848 interpReturnOK = false;
4849 frameHalfInitialized = true;
4850 goto prologue_return_continuation;
4851}
4852
4853bool js::ThrowOperation(JSContext* cx, HandleValue v) {
4854 MOZ_ASSERT(!cx->isExceptionPending())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!cx->isExceptionPending())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!cx->isExceptionPending()
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"!cx->isExceptionPending()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4854); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cx->isExceptionPending()"
")"); do { *((volatile int*)__null) = 4854; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4855 cx->setPendingException(v, ShouldCaptureStack::Maybe);
4856 return false;
4857}
4858
4859bool js::ThrowWithStackOperation(JSContext* cx, HandleValue v,
4860 HandleValue stack) {
4861 MOZ_ASSERT(!cx->isExceptionPending())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!cx->isExceptionPending())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!cx->isExceptionPending()
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"!cx->isExceptionPending()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4861); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cx->isExceptionPending()"
")"); do { *((volatile int*)__null) = 4861; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4862 MOZ_ASSERT(stack.isObjectOrNull())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(stack.isObjectOrNull())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(stack.isObjectOrNull()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("stack.isObjectOrNull()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4862); AnnotateMozCrashReason("MOZ_ASSERT" "(" "stack.isObjectOrNull()"
")"); do { *((volatile int*)__null) = 4862; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4863
4864 // Use a normal throw when no stack was recorded.
4865 if (!stack.isObject()) {
4866 return ThrowOperation(cx, v);
4867 }
4868
4869 MOZ_ASSERT(UncheckedUnwrap(&stack.toObject())->is<SavedFrame>() ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(UncheckedUnwrap(&stack.toObject())->is<SavedFrame
>() || IsDeadProxyObject(&stack.toObject()))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(UncheckedUnwrap(&stack.toObject())->is<SavedFrame
>() || IsDeadProxyObject(&stack.toObject())))), 0))) {
do { } while (false); MOZ_ReportAssertionFailure("UncheckedUnwrap(&stack.toObject())->is<SavedFrame>() || IsDeadProxyObject(&stack.toObject())"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4870); AnnotateMozCrashReason("MOZ_ASSERT" "(" "UncheckedUnwrap(&stack.toObject())->is<SavedFrame>() || IsDeadProxyObject(&stack.toObject())"
")"); do { *((volatile int*)__null) = 4870; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
4870 IsDeadProxyObject(&stack.toObject()))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(UncheckedUnwrap(&stack.toObject())->is<SavedFrame
>() || IsDeadProxyObject(&stack.toObject()))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(UncheckedUnwrap(&stack.toObject())->is<SavedFrame
>() || IsDeadProxyObject(&stack.toObject())))), 0))) {
do { } while (false); MOZ_ReportAssertionFailure("UncheckedUnwrap(&stack.toObject())->is<SavedFrame>() || IsDeadProxyObject(&stack.toObject())"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4870); AnnotateMozCrashReason("MOZ_ASSERT" "(" "UncheckedUnwrap(&stack.toObject())->is<SavedFrame>() || IsDeadProxyObject(&stack.toObject())"
")"); do { *((volatile int*)__null) = 4870; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4871
4872 Rooted<SavedFrame*> stackObj(cx,
4873 stack.toObject().maybeUnwrapIf<SavedFrame>());
4874 cx->setPendingException(v, stackObj);
4875 return false;
4876}
4877
4878bool js::GetPendingExceptionStack(JSContext* cx, MutableHandleValue vp) {
4879 MOZ_ASSERT(cx->isExceptionPending())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->isExceptionPending())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(cx->isExceptionPending())
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("cx->isExceptionPending()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4879); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->isExceptionPending()"
")"); do { *((volatile int*)__null) = 4879; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4880 return cx->getPendingExceptionStack(vp);
4881}
4882
4883bool js::GetProperty(JSContext* cx, HandleValue v, Handle<PropertyName*> name,
4884 MutableHandleValue vp) {
4885 if (name == cx->names().length) {
4886 // Fast path for strings, arrays and arguments.
4887 if (::GetLengthProperty(v, vp)) {
4888 return true;
4889 }
4890 }
4891
4892 // Optimize common cases like (2).toString() or "foo".valueOf() to not
4893 // create a wrapper object.
4894 if (v.isPrimitive() && !v.isNullOrUndefined()) {
4895 JSObject* proto;
4896
4897 switch (v.type()) {
4898 case ValueType::Double:
4899 case ValueType::Int32:
4900 proto = GlobalObject::getOrCreateNumberPrototype(cx, cx->global());
4901 break;
4902 case ValueType::Boolean:
4903 proto = GlobalObject::getOrCreateBooleanPrototype(cx, cx->global());
4904 break;
4905 case ValueType::String:
4906 proto = GlobalObject::getOrCreateStringPrototype(cx, cx->global());
4907 break;
4908 case ValueType::Symbol:
4909 proto = GlobalObject::getOrCreateSymbolPrototype(cx, cx->global());
4910 break;
4911 case ValueType::BigInt:
4912 proto = GlobalObject::getOrCreateBigIntPrototype(cx, cx->global());
4913 break;
4914#ifdef ENABLE_RECORD_TUPLE
4915 case ValueType::ExtendedPrimitive: {
4916 RootedObject obj(cx, &v.toExtendedPrimitive());
4917 RootedId id(cx, NameToId(name));
4918 return ExtendedPrimitiveGetProperty(cx, obj, v, id, vp);
4919 }
4920#endif
4921 case ValueType::Undefined:
4922 case ValueType::Null:
4923 case ValueType::Magic:
4924 case ValueType::PrivateGCThing:
4925 case ValueType::Object:
4926 MOZ_CRASH("unexpected type")do { do { } while (false); MOZ_ReportCrash("" "unexpected type"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4926); AnnotateMozCrashReason("MOZ_CRASH(" "unexpected type"
")"); do { *((volatile int*)__null) = 4926; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
4927 }
4928
4929 if (!proto) {
4930 return false;
4931 }
4932
4933 if (GetPropertyPure(cx, proto, NameToId(name), vp.address())) {
4934 return true;
4935 }
4936 }
4937
4938 RootedValue receiver(cx, v);
4939 RootedObject obj(
4940 cx, ToObjectFromStackForPropertyAccess(cx, v, JSDVG_SEARCH_STACK1, name));
4941 if (!obj) {
4942 return false;
4943 }
4944
4945 return GetProperty(cx, obj, receiver, name, vp);
4946}
4947
4948JSObject* js::Lambda(JSContext* cx, HandleFunction fun, HandleObject parent) {
4949 JSFunction* clone;
4950 if (fun->isNativeFun()) {
4951 MOZ_ASSERT(IsAsmJSModule(fun))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsAsmJSModule(fun))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(IsAsmJSModule(fun)))), 0))) {
do { } while (false); MOZ_ReportAssertionFailure("IsAsmJSModule(fun)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4951); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsAsmJSModule(fun)"
")"); do { *((volatile int*)__null) = 4951; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4952 clone = CloneAsmJSModuleFunction(cx, fun);
4953 } else {
4954 RootedObject proto(cx, fun->staticPrototype());
4955 clone = CloneFunctionReuseScript(cx, fun, parent, proto);
4956 }
4957 if (!clone) {
4958 return nullptr;
4959 }
4960
4961 MOZ_ASSERT(fun->global() == clone->global())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(fun->global() == clone->global())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(fun->global() == clone->global()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("fun->global() == clone->global()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4961); AnnotateMozCrashReason("MOZ_ASSERT" "(" "fun->global() == clone->global()"
")"); do { *((volatile int*)__null) = 4961; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4962 return clone;
4963}
4964
4965JSObject* js::BindVarOperation(JSContext* cx, JSObject* envChain) {
4966 // Note: BindVarOperation has an unused cx argument because the JIT callVM
4967 // machinery requires this.
4968 return &GetVariablesObject(envChain);
4969}
4970
4971JSObject* js::ImportMetaOperation(JSContext* cx, HandleScript script) {
4972 RootedObject module(cx, GetModuleObjectForScript(script));
4973 return GetOrCreateModuleMetaObject(cx, module);
4974}
4975
4976JSObject* js::BuiltinObjectOperation(JSContext* cx, BuiltinObjectKind kind) {
4977 return GetOrCreateBuiltinObject(cx, kind);
4978}
4979
4980bool js::ThrowMsgOperation(JSContext* cx, const unsigned throwMsgKind) {
4981 auto errorNum = ThrowMsgKindToErrNum(ThrowMsgKind(throwMsgKind));
4982 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, errorNum);
4983 return false;
4984}
4985
4986bool js::GetAndClearExceptionAndStack(JSContext* cx, MutableHandleValue res,
4987 MutableHandle<SavedFrame*> stack) {
4988 if (!cx->getPendingException(res)) {
4989 return false;
4990 }
4991 stack.set(cx->getPendingExceptionStack());
4992 cx->clearPendingException();
4993
4994 // Allow interrupting deeply nested exception handling.
4995 return CheckForInterrupt(cx);
4996}
4997
4998bool js::GetAndClearException(JSContext* cx, MutableHandleValue res) {
4999 Rooted<SavedFrame*> stack(cx);
5000 return GetAndClearExceptionAndStack(cx, res, &stack);
5001}
5002
5003template <bool strict>
5004bool js::DelPropOperation(JSContext* cx, HandleValue val,
5005 Handle<PropertyName*> name, bool* res) {
5006 const int valIndex = -1;
5007 RootedObject obj(cx,
5008 ToObjectFromStackForPropertyAccess(cx, val, valIndex, name));
5009 if (!obj) {
5010 return false;
5011 }
5012
5013 RootedId id(cx, NameToId(name));
5014 ObjectOpResult result;
5015 if (!DeleteProperty(cx, obj, id, result)) {
5016 return false;
5017 }
5018
5019 if (strict) {
5020 if (!result) {
5021 return result.reportError(cx, obj, id);
5022 }
5023 *res = true;
5024 } else {
5025 *res = result.ok();
5026 }
5027 return true;
5028}
5029
5030template bool js::DelPropOperation<true>(JSContext* cx, HandleValue val,
5031 Handle<PropertyName*> name, bool* res);
5032template bool js::DelPropOperation<false>(JSContext* cx, HandleValue val,
5033 Handle<PropertyName*> name,
5034 bool* res);
5035
5036template <bool strict>
5037bool js::DelElemOperation(JSContext* cx, HandleValue val, HandleValue index,
5038 bool* res) {
5039 const int valIndex = -2;
5040 RootedObject obj(
5041 cx, ToObjectFromStackForPropertyAccess(cx, val, valIndex, index));
5042 if (!obj) {
5043 return false;
5044 }
5045
5046 RootedId id(cx);
5047 if (!ToPropertyKey(cx, index, &id)) {
5048 return false;
5049 }
5050 ObjectOpResult result;
5051 if (!DeleteProperty(cx, obj, id, result)) {
5052 return false;
5053 }
5054
5055 if (strict) {
5056 if (!result) {
5057 return result.reportError(cx, obj, id);
5058 }
5059 *res = true;
5060 } else {
5061 *res = result.ok();
5062 }
5063 return true;
5064}
5065
5066template bool js::DelElemOperation<true>(JSContext*, HandleValue, HandleValue,
5067 bool*);
5068template bool js::DelElemOperation<false>(JSContext*, HandleValue, HandleValue,
5069 bool*);
5070
5071bool js::SetObjectElement(JSContext* cx, HandleObject obj, HandleValue index,
5072 HandleValue value, bool strict) {
5073 RootedId id(cx);
5074 if (!ToPropertyKey(cx, index, &id)) {
5075 return false;
5076 }
5077 RootedValue receiver(cx, ObjectValue(*obj));
5078 return SetObjectElementOperation(cx, obj, id, value, receiver, strict);
5079}
5080
5081bool js::SetObjectElementWithReceiver(JSContext* cx, HandleObject obj,
5082 HandleValue index, HandleValue value,
5083 HandleValue receiver, bool strict) {
5084 RootedId id(cx);
5085 if (!ToPropertyKey(cx, index, &id)) {
5086 return false;
5087 }
5088 return SetObjectElementOperation(cx, obj, id, value, receiver, strict);
5089}
5090
5091bool js::AddValues(JSContext* cx, MutableHandleValue lhs,
5092 MutableHandleValue rhs, MutableHandleValue res) {
5093 return AddOperation(cx, lhs, rhs, res);
5094}
5095
5096bool js::SubValues(JSContext* cx, MutableHandleValue lhs,
5097 MutableHandleValue rhs, MutableHandleValue res) {
5098 return SubOperation(cx, lhs, rhs, res);
5099}
5100
5101bool js::MulValues(JSContext* cx, MutableHandleValue lhs,
5102 MutableHandleValue rhs, MutableHandleValue res) {
5103 return MulOperation(cx, lhs, rhs, res);
5104}
5105
5106bool js::DivValues(JSContext* cx, MutableHandleValue lhs,
5107 MutableHandleValue rhs, MutableHandleValue res) {
5108 return DivOperation(cx, lhs, rhs, res);
5109}
5110
5111bool js::ModValues(JSContext* cx, MutableHandleValue lhs,
5112 MutableHandleValue rhs, MutableHandleValue res) {
5113 return ModOperation(cx, lhs, rhs, res);
5114}
5115
5116bool js::PowValues(JSContext* cx, MutableHandleValue lhs,
5117 MutableHandleValue rhs, MutableHandleValue res) {
5118 return PowOperation(cx, lhs, rhs, res);
5119}
5120
5121bool js::BitNot(JSContext* cx, MutableHandleValue in, MutableHandleValue res) {
5122 return BitNotOperation(cx, in, res);
5123}
5124
5125bool js::BitXor(JSContext* cx, MutableHandleValue lhs, MutableHandleValue rhs,
5126 MutableHandleValue res) {
5127 return BitXorOperation(cx, lhs, rhs, res);
5128}
5129
5130bool js::BitOr(JSContext* cx, MutableHandleValue lhs, MutableHandleValue rhs,
5131 MutableHandleValue res) {
5132 return BitOrOperation(cx, lhs, rhs, res);
5133}
5134
5135bool js::BitAnd(JSContext* cx, MutableHandleValue lhs, MutableHandleValue rhs,
5136 MutableHandleValue res) {
5137 return BitAndOperation(cx, lhs, rhs, res);
5138}
5139
5140bool js::BitLsh(JSContext* cx, MutableHandleValue lhs, MutableHandleValue rhs,
5141 MutableHandleValue res) {
5142 return BitLshOperation(cx, lhs, rhs, res);
5143}
5144
5145bool js::BitRsh(JSContext* cx, MutableHandleValue lhs, MutableHandleValue rhs,
5146 MutableHandleValue res) {
5147 return BitRshOperation(cx, lhs, rhs, res);
5148}
5149
5150bool js::UrshValues(JSContext* cx, MutableHandleValue lhs,
5151 MutableHandleValue rhs, MutableHandleValue res) {
5152 return UrshOperation(cx, lhs, rhs, res);
5153}
5154
5155bool js::LessThan(JSContext* cx, MutableHandleValue lhs, MutableHandleValue rhs,
5156 bool* res) {
5157 return LessThanOperation(cx, lhs, rhs, res);
5158}
5159
5160bool js::LessThanOrEqual(JSContext* cx, MutableHandleValue lhs,
5161 MutableHandleValue rhs, bool* res) {
5162 return LessThanOrEqualOperation(cx, lhs, rhs, res);
5163}
5164
5165bool js::GreaterThan(JSContext* cx, MutableHandleValue lhs,
5166 MutableHandleValue rhs, bool* res) {
5167 return GreaterThanOperation(cx, lhs, rhs, res);
5168}
5169
5170bool js::GreaterThanOrEqual(JSContext* cx, MutableHandleValue lhs,
5171 MutableHandleValue rhs, bool* res) {
5172 return GreaterThanOrEqualOperation(cx, lhs, rhs, res);
5173}
5174
5175bool js::DeleteNameOperation(JSContext* cx, Handle<PropertyName*> name,
5176 HandleObject envChain, MutableHandleValue res) {
5177 RootedObject env(cx), pobj(cx);
5178 PropertyResult prop;
5179 if (!LookupName(cx, name, envChain, &env, &pobj, &prop)) {
5180 return false;
5181 }
5182
5183 if (!env) {
5184 // Return true for non-existent names.
5185 res.setBoolean(true);
5186 return true;
5187 }
5188
5189 ObjectOpResult result;
5190 RootedId id(cx, NameToId(name));
5191 if (!DeleteProperty(cx, env, id, result)) {
5192 return false;
5193 }
5194
5195 bool status = result.ok();
5196 res.setBoolean(status);
5197
5198#ifndef NIGHTLY_BUILD1
5199 if (status) {
5200 // Deleting a name from the global object removes it from [[VarNames]].
5201 if (pobj == env && env->is<GlobalObject>()) {
5202 env->as<GlobalObject>().removeFromVarNames(name);
5203 }
5204 }
5205#endif
5206
5207 return true;
5208}
5209
5210void js::ImplicitThisOperation(JSContext* cx, HandleObject env,
5211 MutableHandleValue res) {
5212 // Note: ImplicitThisOperation has an unused cx argument because the JIT
5213 // callVM machinery requires this.
5214 res.set(ComputeImplicitThis(env));
5215}
5216
5217unsigned js::GetInitDataPropAttrs(JSOp op) {
5218 switch (op) {
5219 case JSOp::InitProp:
5220 case JSOp::InitElem:
5221 return JSPROP_ENUMERATE;
5222 case JSOp::InitLockedProp:
5223 case JSOp::InitLockedElem:
5224 return JSPROP_PERMANENT | JSPROP_READONLY;
5225 case JSOp::InitHiddenProp:
5226 case JSOp::InitHiddenElem:
5227 // Non-enumerable, but writable and configurable
5228 return 0;
5229 default:;
5230 }
5231 MOZ_CRASH("Unknown data initprop")do { do { } while (false); MOZ_ReportCrash("" "Unknown data initprop"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5231); AnnotateMozCrashReason("MOZ_CRASH(" "Unknown data initprop"
")"); do { *((volatile int*)__null) = 5231; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
5232}
5233
5234static bool InitGetterSetterOperation(JSContext* cx, jsbytecode* pc,
5235 HandleObject obj, HandleId id,
5236 HandleObject val) {
5237 MOZ_ASSERT(val->isCallable())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(val->isCallable())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(val->isCallable()))), 0))
) { do { } while (false); MOZ_ReportAssertionFailure("val->isCallable()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5237); AnnotateMozCrashReason("MOZ_ASSERT" "(" "val->isCallable()"
")"); do { *((volatile int*)__null) = 5237; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5238
5239 JSOp op = JSOp(*pc);
5240
5241 unsigned attrs = 0;
5242 if (!IsHiddenInitOp(op)) {
5243 attrs |= JSPROP_ENUMERATE;
5244 }
5245
5246 if (op == JSOp::InitPropGetter || op == JSOp::InitElemGetter ||
5247 op == JSOp::InitHiddenPropGetter || op == JSOp::InitHiddenElemGetter) {
5248 return DefineAccessorProperty(cx, obj, id, val, nullptr, attrs);
5249 }
5250
5251 MOZ_ASSERT(op == JSOp::InitPropSetter || op == JSOp::InitElemSetter ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(op == JSOp::InitPropSetter || op == JSOp::InitElemSetter
|| op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(op == JSOp::InitPropSetter || op == JSOp::InitElemSetter
|| op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"op == JSOp::InitPropSetter || op == JSOp::InitElemSetter || op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5253); AnnotateMozCrashReason("MOZ_ASSERT" "(" "op == JSOp::InitPropSetter || op == JSOp::InitElemSetter || op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter"
")"); do { *((volatile int*)__null) = 5253; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
5252 op == JSOp::InitHiddenPropSetter ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(op == JSOp::InitPropSetter || op == JSOp::InitElemSetter
|| op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(op == JSOp::InitPropSetter || op == JSOp::InitElemSetter
|| op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"op == JSOp::InitPropSetter || op == JSOp::InitElemSetter || op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5253); AnnotateMozCrashReason("MOZ_ASSERT" "(" "op == JSOp::InitPropSetter || op == JSOp::InitElemSetter || op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter"
")"); do { *((volatile int*)__null) = 5253; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
5253 op == JSOp::InitHiddenElemSetter)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(op == JSOp::InitPropSetter || op == JSOp::InitElemSetter
|| op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(op == JSOp::InitPropSetter || op == JSOp::InitElemSetter
|| op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"op == JSOp::InitPropSetter || op == JSOp::InitElemSetter || op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5253); AnnotateMozCrashReason("MOZ_ASSERT" "(" "op == JSOp::InitPropSetter || op == JSOp::InitElemSetter || op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter"
")"); do { *((volatile int*)__null) = 5253; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5254 return DefineAccessorProperty(cx, obj, id, nullptr, val, attrs);
5255}
5256
5257bool js::InitPropGetterSetterOperation(JSContext* cx, jsbytecode* pc,
5258 HandleObject obj,
5259 Handle<PropertyName*> name,
5260 HandleObject val) {
5261 RootedId id(cx, NameToId(name));
5262 return InitGetterSetterOperation(cx, pc, obj, id, val);
5263}
5264
5265bool js::InitElemGetterSetterOperation(JSContext* cx, jsbytecode* pc,
5266 HandleObject obj, HandleValue idval,
5267 HandleObject val) {
5268 RootedId id(cx);
5269 if (!ToPropertyKey(cx, idval, &id)) {
5270 return false;
5271 }
5272
5273 return InitGetterSetterOperation(cx, pc, obj, id, val);
5274}
5275
5276bool js::SpreadCallOperation(JSContext* cx, HandleScript script, jsbytecode* pc,
5277 HandleValue thisv, HandleValue callee,
5278 HandleValue arr, HandleValue newTarget,
5279 MutableHandleValue res) {
5280 Rooted<ArrayObject*> aobj(cx, &arr.toObject().as<ArrayObject>());
5281 uint32_t length = aobj->length();
5282 JSOp op = JSOp(*pc);
5283 bool constructing = op == JSOp::SpreadNew || op == JSOp::SpreadSuperCall;
5284
5285 // {Construct,Invoke}Args::init does this too, but this gives us a better
5286 // error message.
5287 if (length > ARGS_LENGTH_MAX) {
5288 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
5289 constructing ? JSMSG_TOO_MANY_CON_SPREADARGS
5290 : JSMSG_TOO_MANY_FUN_SPREADARGS);
5291 return false;
5292 }
5293
5294 // Do our own checks for the callee being a function, as Invoke uses the
5295 // expression decompiler to decompile the callee stack operand based on
5296 // the number of arguments. Spread operations have the callee at sp - 3
5297 // when not constructing, and sp - 4 when constructing.
5298 if (callee.isPrimitive()) {
5299 return ReportIsNotFunction(cx, callee, 2 + constructing,
5300 constructing ? CONSTRUCT : NO_CONSTRUCT);
5301 }
5302
5303 if (!callee.toObject().isCallable()) {
5304 return ReportIsNotFunction(cx, callee, 2 + constructing,
5305 constructing ? CONSTRUCT : NO_CONSTRUCT);
5306 }
5307
5308 // The object must be an array with dense elements and no holes. Baseline's
5309 // optimized spread call stubs rely on this.
5310 MOZ_ASSERT(IsPackedArray(aobj))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsPackedArray(aobj))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(IsPackedArray(aobj)))), 0)))
{ do { } while (false); MOZ_ReportAssertionFailure("IsPackedArray(aobj)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5310); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsPackedArray(aobj)"
")"); do { *((volatile int*)__null) = 5310; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5311
5312 if (constructing) {
5313 if (!StackCheckIsConstructorCalleeNewTarget(cx, callee, newTarget)) {
5314 return false;
5315 }
5316
5317 ConstructArgs cargs(cx);
5318 if (!cargs.init(cx, length)) {
5319 return false;
5320 }
5321
5322 if (!GetElements(cx, aobj, length, cargs.array())) {
5323 return false;
5324 }
5325
5326 RootedObject obj(cx);
5327 if (!Construct(cx, callee, cargs, newTarget, &obj)) {
5328 return false;
5329 }
5330 res.setObject(*obj);
5331 } else {
5332 InvokeArgs args(cx);
5333 if (!args.init(cx, length)) {
5334 return false;
5335 }
5336
5337 if (!GetElements(cx, aobj, length, args.array())) {
5338 return false;
5339 }
5340
5341 if ((op == JSOp::SpreadEval || op == JSOp::StrictSpreadEval) &&
5342 cx->global()->valueIsEval(callee)) {
5343 if (!DirectEval(cx, args.get(0), res)) {
5344 return false;
5345 }
5346 } else {
5347 MOZ_ASSERT(op == JSOp::SpreadCall || op == JSOp::SpreadEval ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(op == JSOp::SpreadCall || op == JSOp::SpreadEval || op
== JSOp::StrictSpreadEval)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(op == JSOp::SpreadCall || op
== JSOp::SpreadEval || op == JSOp::StrictSpreadEval))), 0)))
{ do { } while (false); MOZ_ReportAssertionFailure("op == JSOp::SpreadCall || op == JSOp::SpreadEval || op == JSOp::StrictSpreadEval"
" (" "bad spread opcode" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5349); AnnotateMozCrashReason("MOZ_ASSERT" "(" "op == JSOp::SpreadCall || op == JSOp::SpreadEval || op == JSOp::StrictSpreadEval"
") (" "bad spread opcode" ")"); do { *((volatile int*)__null
) = 5349; __attribute__((nomerge)) ::abort(); } while (false)
; } } while (false)
5348 op == JSOp::StrictSpreadEval,do { static_assert( mozilla::detail::AssertionConditionType<
decltype(op == JSOp::SpreadCall || op == JSOp::SpreadEval || op
== JSOp::StrictSpreadEval)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(op == JSOp::SpreadCall || op
== JSOp::SpreadEval || op == JSOp::StrictSpreadEval))), 0)))
{ do { } while (false); MOZ_ReportAssertionFailure("op == JSOp::SpreadCall || op == JSOp::SpreadEval || op == JSOp::StrictSpreadEval"
" (" "bad spread opcode" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5349); AnnotateMozCrashReason("MOZ_ASSERT" "(" "op == JSOp::SpreadCall || op == JSOp::SpreadEval || op == JSOp::StrictSpreadEval"
") (" "bad spread opcode" ")"); do { *((volatile int*)__null
) = 5349; __attribute__((nomerge)) ::abort(); } while (false)
; } } while (false)
5349 "bad spread opcode")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(op == JSOp::SpreadCall || op == JSOp::SpreadEval || op
== JSOp::StrictSpreadEval)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(op == JSOp::SpreadCall || op
== JSOp::SpreadEval || op == JSOp::StrictSpreadEval))), 0)))
{ do { } while (false); MOZ_ReportAssertionFailure("op == JSOp::SpreadCall || op == JSOp::SpreadEval || op == JSOp::StrictSpreadEval"
" (" "bad spread opcode" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5349); AnnotateMozCrashReason("MOZ_ASSERT" "(" "op == JSOp::SpreadCall || op == JSOp::SpreadEval || op == JSOp::StrictSpreadEval"
") (" "bad spread opcode" ")"); do { *((volatile int*)__null
) = 5349; __attribute__((nomerge)) ::abort(); } while (false)
; } } while (false);
5350
5351 if (!Call(cx, callee, thisv, args, res)) {
5352 return false;
5353 }
5354 }
5355 }
5356
5357 return true;
5358}
5359
5360static bool OptimizeArrayIteration(JSContext* cx, HandleObject obj,
5361 bool* optimized) {
5362 *optimized = false;
5363
5364 // Optimize spread call by skipping spread operation when following
5365 // conditions are met:
5366 // * the argument is an array
5367 // * the array has no hole
5368 // * array[@@iterator] is not modified
5369 // * the array's prototype is Array.prototype
5370 // * Array.prototype[@@iterator] is not modified
5371 // * %ArrayIteratorPrototype%.next is not modified
5372 // * %ArrayIteratorPrototype%.return is not defined
5373 // * return is nowhere on the proto chain
5374 if (!IsPackedArray(obj)) {
5375 return true;
5376 }
5377
5378 ForOfPIC::Chain* stubChain = ForOfPIC::getOrCreate(cx);
5379 if (!stubChain) {
5380 return false;
5381 }
5382
5383 if (!stubChain->tryOptimizeArray(cx, obj.as<ArrayObject>(), optimized)) {
5384 return false;
5385 }
5386
5387 return true;
5388}
5389
5390static bool OptimizeArgumentsSpreadCall(JSContext* cx, HandleObject obj,
5391 MutableHandleValue result) {
5392 MOZ_ASSERT(result.isUndefined())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(result.isUndefined())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(result.isUndefined()))), 0))
) { do { } while (false); MOZ_ReportAssertionFailure("result.isUndefined()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5392); AnnotateMozCrashReason("MOZ_ASSERT" "(" "result.isUndefined()"
")"); do { *((volatile int*)__null) = 5392; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5393
5394 // Optimize spread call by skipping the spread operation when the following
5395 // conditions are met:
5396 // * the argument is an arguments object
5397 // * the arguments object has no deleted elements
5398 // * arguments.length is not overridden
5399 // * arguments[@@iterator] is not overridden
5400 // * %ArrayIteratorPrototype%.next is not modified
5401
5402 if (!obj->is<ArgumentsObject>()) {
5403 return true;
5404 }
5405
5406 Handle<ArgumentsObject*> args = obj.as<ArgumentsObject>();
5407 if (args->hasOverriddenElement() || args->hasOverriddenLength() ||
5408 args->hasOverriddenIterator()) {
5409 return true;
5410 }
5411
5412 ForOfPIC::Chain* stubChain = ForOfPIC::getOrCreate(cx);
5413 if (!stubChain) {
5414 return false;
5415 }
5416
5417 bool optimized;
5418 if (!stubChain->tryOptimizeArrayIteratorNext(cx, &optimized)) {
5419 return false;
5420 }
5421 if (!optimized) {
5422 return true;
5423 }
5424
5425 auto* array = ArrayFromArgumentsObject(cx, args);
5426 if (!array) {
5427 return false;
5428 }
5429
5430 result.setObject(*array);
5431 return true;
5432}
5433
5434bool js::OptimizeSpreadCall(JSContext* cx, HandleValue arg,
5435 MutableHandleValue result) {
5436 // This function returns |undefined| if the spread operation can't be
5437 // optimized.
5438 result.setUndefined();
5439
5440 if (!arg.isObject()) {
5441 return true;
5442 }
5443
5444 RootedObject obj(cx, &arg.toObject());
5445 bool optimized;
5446 if (!OptimizeArrayIteration(cx, obj, &optimized)) {
5447 return false;
5448 }
5449 if (optimized) {
5450 result.setObject(*obj);
5451 return true;
5452 }
5453
5454 if (!OptimizeArgumentsSpreadCall(cx, obj, result)) {
5455 return false;
5456 }
5457 if (result.isObject()) {
5458 return true;
5459 }
5460
5461 MOZ_ASSERT(result.isUndefined())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(result.isUndefined())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(result.isUndefined()))), 0))
) { do { } while (false); MOZ_ReportAssertionFailure("result.isUndefined()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5461); AnnotateMozCrashReason("MOZ_ASSERT" "(" "result.isUndefined()"
")"); do { *((volatile int*)__null) = 5461; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5462 return true;
5463}
5464
5465bool js::OptimizeGetIterator(JSContext* cx, HandleValue arg, bool* result) {
5466 // This function returns |false| if the iteration can't be optimized.
5467 *result = false;
5468
5469 if (!arg.isObject()) {
5470 return true;
5471 }
5472
5473 RootedObject obj(cx, &arg.toObject());
5474
5475 bool optimized;
5476 if (!OptimizeArrayIteration(cx, obj, &optimized)) {
5477 return false;
5478 }
5479
5480 if (optimized) {
5481 *result = true;
5482 return true;
5483 }
5484
5485 MOZ_ASSERT(!*result)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!*result)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!*result))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("!*result", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5485); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!*result" ")"
); do { *((volatile int*)__null) = 5485; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5486 return true;
5487}
5488
5489ArrayObject* js::ArrayFromArgumentsObject(JSContext* cx,
5490 Handle<ArgumentsObject*> args) {
5491 MOZ_ASSERT(!args->hasOverriddenLength())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!args->hasOverriddenLength())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!args->hasOverriddenLength
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!args->hasOverriddenLength()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5491); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!args->hasOverriddenLength()"
")"); do { *((volatile int*)__null) = 5491; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5492 MOZ_ASSERT(!args->hasOverriddenElement())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!args->hasOverriddenElement())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!args->hasOverriddenElement
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!args->hasOverriddenElement()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5492); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!args->hasOverriddenElement()"
")"); do { *((volatile int*)__null) = 5492; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5493
5494 uint32_t length = args->initialLength();
5495 auto* array = NewDenseFullyAllocatedArray(cx, length);
5496 if (!array) {
5497 return nullptr;
5498 }
5499 array->setDenseInitializedLength(length);
5500
5501 for (uint32_t index = 0; index < length; index++) {
5502 const Value& v = args->element(index);
5503 array->initDenseElement(index, v);
5504 }
5505
5506 return array;
5507}
5508
5509JSObject* js::NewObjectOperation(JSContext* cx, HandleScript script,
5510 const jsbytecode* pc) {
5511 if (JSOp(*pc) == JSOp::NewObject) {
5512 Rooted<SharedShape*> shape(cx, script->getShape(pc));
5513 return PlainObject::createWithShape(cx, shape);
5514 }
5515
5516 MOZ_ASSERT(JSOp(*pc) == JSOp::NewInit)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(JSOp(*pc) == JSOp::NewInit)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(JSOp(*pc) == JSOp::NewInit))
), 0))) { do { } while (false); MOZ_ReportAssertionFailure("JSOp(*pc) == JSOp::NewInit"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5516); AnnotateMozCrashReason("MOZ_ASSERT" "(" "JSOp(*pc) == JSOp::NewInit"
")"); do { *((volatile int*)__null) = 5516; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5517 return NewPlainObject(cx);
5518}
5519
5520JSObject* js::NewPlainObjectBaselineFallback(JSContext* cx,
5521 Handle<SharedShape*> shape,
5522 gc::AllocKind allocKind,
5523 gc::AllocSite* site) {
5524 MOZ_ASSERT(shape->getObjectClass() == &PlainObject::class_)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(shape->getObjectClass() == &PlainObject::class_
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(shape->getObjectClass() == &PlainObject::class_
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"shape->getObjectClass() == &PlainObject::class_", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5524); AnnotateMozCrashReason("MOZ_ASSERT" "(" "shape->getObjectClass() == &PlainObject::class_"
")"); do { *((volatile int*)__null) = 5524; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5525
5526 mozilla::Maybe<AutoRealm> ar;
5527 if (cx->realm() != shape->realm()) {
5528 MOZ_ASSERT(cx->compartment() == shape->compartment())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->compartment() == shape->compartment())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(cx->compartment() == shape->compartment()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("cx->compartment() == shape->compartment()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5528); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->compartment() == shape->compartment()"
")"); do { *((volatile int*)__null) = 5528; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5529 ar.emplace(cx, shape);
5530 }
5531
5532 gc::Heap initialHeap = site->initialHeap();
5533 return NativeObject::create<PlainObject>(cx, allocKind, initialHeap, shape,
5534 site);
5535}
5536
5537JSObject* js::NewPlainObjectOptimizedFallback(JSContext* cx,
5538 Handle<SharedShape*> shape,
5539 gc::AllocKind allocKind,
5540 gc::Heap initialHeap) {
5541 MOZ_ASSERT(shape->getObjectClass() == &PlainObject::class_)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(shape->getObjectClass() == &PlainObject::class_
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(shape->getObjectClass() == &PlainObject::class_
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"shape->getObjectClass() == &PlainObject::class_", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5541); AnnotateMozCrashReason("MOZ_ASSERT" "(" "shape->getObjectClass() == &PlainObject::class_"
")"); do { *((volatile int*)__null) = 5541; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1
Assuming the condition is false
2
Taking false branch
3
Loop condition is false. Exiting loop
5542
5543 mozilla::Maybe<AutoRealm> ar;
4
Calling defaulted default constructor for 'Maybe<js::AutoRealm>'
15
Returning from default constructor for 'Maybe<js::AutoRealm>'
5544 if (cx->realm() != shape->realm()) {
16
Assuming the condition is false
17
Taking false branch
5545 MOZ_ASSERT(cx->compartment() == shape->compartment())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->compartment() == shape->compartment())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(cx->compartment() == shape->compartment()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("cx->compartment() == shape->compartment()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5545); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->compartment() == shape->compartment()"
")"); do { *((volatile int*)__null) = 5545; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5546 ar.emplace(cx, shape);
5547 }
5548
5549 gc::AllocSite* site = cx->zone()->optimizedAllocSite();
5550 return NativeObject::create<PlainObject>(cx, allocKind, initialHeap, shape,
5551 site);
18
Calling implicit destructor for 'Maybe<js::AutoRealm>'
19
Calling '~MaybeStorage'
5552}
5553
5554ArrayObject* js::NewArrayOperation(
5555 JSContext* cx, uint32_t length,
5556 NewObjectKind newKind /* = GenericObject */) {
5557 return NewDenseFullyAllocatedArray(cx, length, newKind);
5558}
5559
5560ArrayObject* js::NewArrayObjectBaselineFallback(JSContext* cx, uint32_t length,
5561 gc::AllocKind allocKind,
5562 gc::AllocSite* site) {
5563 NewObjectKind newKind =
5564 site->initialHeap() == gc::Heap::Tenured ? TenuredObject : GenericObject;
5565 ArrayObject* array = NewDenseFullyAllocatedArray(cx, length, newKind, site);
5566 // It's important that we allocate an object with the alloc kind we were
5567 // expecting so that a new arena gets allocated if the current arena for that
5568 // kind is full.
5569 MOZ_ASSERT_IF(array && array->isTenured(),do { if (array && array->isTenured()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(array->
asTenured().getAllocKind() == allocKind)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(array->asTenured().getAllocKind
() == allocKind))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("array->asTenured().getAllocKind() == allocKind", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5570); AnnotateMozCrashReason("MOZ_ASSERT" "(" "array->asTenured().getAllocKind() == allocKind"
")"); do { *((volatile int*)__null) = 5570; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
5570 array->asTenured().getAllocKind() == allocKind)do { if (array && array->isTenured()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(array->
asTenured().getAllocKind() == allocKind)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(array->asTenured().getAllocKind
() == allocKind))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("array->asTenured().getAllocKind() == allocKind", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5570); AnnotateMozCrashReason("MOZ_ASSERT" "(" "array->asTenured().getAllocKind() == allocKind"
")"); do { *((volatile int*)__null) = 5570; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
5571 return array;
5572}
5573
5574ArrayObject* js::NewArrayObjectOptimizedFallback(JSContext* cx, uint32_t length,
5575 gc::AllocKind allocKind,
5576 NewObjectKind newKind) {
5577 gc::AllocSite* site = cx->zone()->optimizedAllocSite();
5578 ArrayObject* array = NewDenseFullyAllocatedArray(cx, length, newKind, site);
5579 // It's important that we allocate an object with the alloc kind we were
5580 // expecting so that a new arena gets allocated if the current arena for that
5581 // kind is full.
5582 MOZ_ASSERT_IF(array && array->isTenured(),do { if (array && array->isTenured()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(array->
asTenured().getAllocKind() == allocKind)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(array->asTenured().getAllocKind
() == allocKind))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("array->asTenured().getAllocKind() == allocKind", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5583); AnnotateMozCrashReason("MOZ_ASSERT" "(" "array->asTenured().getAllocKind() == allocKind"
")"); do { *((volatile int*)__null) = 5583; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
5583 array->asTenured().getAllocKind() == allocKind)do { if (array && array->isTenured()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(array->
asTenured().getAllocKind() == allocKind)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(array->asTenured().getAllocKind
() == allocKind))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("array->asTenured().getAllocKind() == allocKind", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5583); AnnotateMozCrashReason("MOZ_ASSERT" "(" "array->asTenured().getAllocKind() == allocKind"
")"); do { *((volatile int*)__null) = 5583; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
5584 return array;
5585}
5586
5587void js::ReportRuntimeLexicalError(JSContext* cx, unsigned errorNumber,
5588 HandleId id) {
5589 MOZ_ASSERT(errorNumber == JSMSG_UNINITIALIZED_LEXICAL ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(errorNumber == JSMSG_UNINITIALIZED_LEXICAL || errorNumber
== JSMSG_BAD_CONST_ASSIGN)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(errorNumber == JSMSG_UNINITIALIZED_LEXICAL
|| errorNumber == JSMSG_BAD_CONST_ASSIGN))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("errorNumber == JSMSG_UNINITIALIZED_LEXICAL || errorNumber == JSMSG_BAD_CONST_ASSIGN"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5590); AnnotateMozCrashReason("MOZ_ASSERT" "(" "errorNumber == JSMSG_UNINITIALIZED_LEXICAL || errorNumber == JSMSG_BAD_CONST_ASSIGN"
")"); do { *((volatile int*)__null) = 5590; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
5590 errorNumber == JSMSG_BAD_CONST_ASSIGN)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(errorNumber == JSMSG_UNINITIALIZED_LEXICAL || errorNumber
== JSMSG_BAD_CONST_ASSIGN)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(errorNumber == JSMSG_UNINITIALIZED_LEXICAL
|| errorNumber == JSMSG_BAD_CONST_ASSIGN))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("errorNumber == JSMSG_UNINITIALIZED_LEXICAL || errorNumber == JSMSG_BAD_CONST_ASSIGN"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5590); AnnotateMozCrashReason("MOZ_ASSERT" "(" "errorNumber == JSMSG_UNINITIALIZED_LEXICAL || errorNumber == JSMSG_BAD_CONST_ASSIGN"
")"); do { *((volatile int*)__null) = 5590; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5591 if (UniqueChars printable =
5592 IdToPrintableUTF8(cx, id, IdToPrintableBehavior::IdIsIdentifier)) {
5593 JS_ReportErrorNumberUTF8(cx, GetErrorMessage, nullptr, errorNumber,
5594 printable.get());
5595 }
5596}
5597
5598void js::ReportRuntimeLexicalError(JSContext* cx, unsigned errorNumber,
5599 Handle<PropertyName*> name) {
5600 RootedId id(cx, NameToId(name));
5601 ReportRuntimeLexicalError(cx, errorNumber, id);
5602}
5603
5604void js::ReportRuntimeLexicalError(JSContext* cx, unsigned errorNumber,
5605 HandleScript script, jsbytecode* pc) {
5606 JSOp op = JSOp(*pc);
5607 MOZ_ASSERT(op == JSOp::CheckLexical || op == JSOp::CheckAliasedLexical ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(op == JSOp::CheckLexical || op == JSOp::CheckAliasedLexical
|| op == JSOp::ThrowSetConst || op == JSOp::GetImport)>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(op == JSOp::CheckLexical || op == JSOp::CheckAliasedLexical
|| op == JSOp::ThrowSetConst || op == JSOp::GetImport))), 0)
)) { do { } while (false); MOZ_ReportAssertionFailure("op == JSOp::CheckLexical || op == JSOp::CheckAliasedLexical || op == JSOp::ThrowSetConst || op == JSOp::GetImport"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5608); AnnotateMozCrashReason("MOZ_ASSERT" "(" "op == JSOp::CheckLexical || op == JSOp::CheckAliasedLexical || op == JSOp::ThrowSetConst || op == JSOp::GetImport"
")"); do { *((volatile int*)__null) = 5608; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
5608 op == JSOp::ThrowSetConst || op == JSOp::GetImport)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(op == JSOp::CheckLexical || op == JSOp::CheckAliasedLexical
|| op == JSOp::ThrowSetConst || op == JSOp::GetImport)>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(op == JSOp::CheckLexical || op == JSOp::CheckAliasedLexical
|| op == JSOp::ThrowSetConst || op == JSOp::GetImport))), 0)
)) { do { } while (false); MOZ_ReportAssertionFailure("op == JSOp::CheckLexical || op == JSOp::CheckAliasedLexical || op == JSOp::ThrowSetConst || op == JSOp::GetImport"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5608); AnnotateMozCrashReason("MOZ_ASSERT" "(" "op == JSOp::CheckLexical || op == JSOp::CheckAliasedLexical || op == JSOp::ThrowSetConst || op == JSOp::GetImport"
")"); do { *((volatile int*)__null) = 5608; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5609
5610 Rooted<PropertyName*> name(cx);
5611 if (IsLocalOp(op)) {
5612 name = FrameSlotName(script, pc)->asPropertyName();
5613 } else if (IsAliasedVarOp(op)) {
5614 name = EnvironmentCoordinateNameSlow(script, pc);
5615 } else {
5616 MOZ_ASSERT(IsAtomOp(op))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsAtomOp(op))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(IsAtomOp(op)))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("IsAtomOp(op)", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5616); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsAtomOp(op)"
")"); do { *((volatile int*)__null) = 5616; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5617 name = script->getName(pc);
5618 }
5619
5620 ReportRuntimeLexicalError(cx, errorNumber, name);
5621}
5622
5623bool js::ThrowCheckIsObject(JSContext* cx, CheckIsObjectKind kind) {
5624 switch (kind) {
5625 case CheckIsObjectKind::IteratorNext:
5626 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
5627 JSMSG_ITER_METHOD_RETURNED_PRIMITIVE, "next");
5628 break;
5629 case CheckIsObjectKind::IteratorReturn:
5630 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
5631 JSMSG_ITER_METHOD_RETURNED_PRIMITIVE, "return");
5632 break;
5633 case CheckIsObjectKind::IteratorThrow:
5634 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
5635 JSMSG_ITER_METHOD_RETURNED_PRIMITIVE, "throw");
5636 break;
5637 case CheckIsObjectKind::GetIterator:
5638 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
5639 JSMSG_GET_ITER_RETURNED_PRIMITIVE);
5640 break;
5641 case CheckIsObjectKind::GetAsyncIterator:
5642 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
5643 JSMSG_GET_ASYNC_ITER_RETURNED_PRIMITIVE);
5644 break;
5645#ifdef ENABLE_DECORATORS
5646 case CheckIsObjectKind::DecoratorReturn:
5647 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
5648 JSMSG_DECORATOR_INVALID_RETURN_TYPE);
5649 break;
5650#endif
5651#ifdef ENABLE_EXPLICIT_RESOURCE_MANAGEMENT
5652 case CheckIsObjectKind::Disposable:
5653 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
5654 JSMSG_DISPOSABLE_NOT_OBJ);
5655 break;
5656#endif
5657 default:
5658 MOZ_CRASH("Unknown kind")do { do { } while (false); MOZ_ReportCrash("" "Unknown kind",
"/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5658); AnnotateMozCrashReason("MOZ_CRASH(" "Unknown kind" ")"
); do { *((volatile int*)__null) = 5658; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
5659 }
5660 return false;
5661}
5662
5663bool js::ThrowUninitializedThis(JSContext* cx) {
5664 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
5665 JSMSG_UNINITIALIZED_THIS);
5666 return false;
5667}
5668
5669bool js::ThrowInitializedThis(JSContext* cx) {
5670 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_REINIT_THIS);
5671 return false;
5672}
5673
5674bool js::ThrowObjectCoercible(JSContext* cx, HandleValue value) {
5675 MOZ_ASSERT(value.isNullOrUndefined())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(value.isNullOrUndefined())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(value.isNullOrUndefined())))
, 0))) { do { } while (false); MOZ_ReportAssertionFailure("value.isNullOrUndefined()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5675); AnnotateMozCrashReason("MOZ_ASSERT" "(" "value.isNullOrUndefined()"
")"); do { *((volatile int*)__null) = 5675; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5676 ReportIsNullOrUndefinedForPropertyAccess(cx, value, JSDVG_SEARCH_STACK1);
5677 return false;
5678}
5679
5680bool js::SetPropertySuper(JSContext* cx, HandleValue lval, HandleValue receiver,
5681 Handle<PropertyName*> name, HandleValue rval,
5682 bool strict) {
5683 MOZ_ASSERT(lval.isObjectOrNull())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(lval.isObjectOrNull())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(lval.isObjectOrNull()))), 0)
)) { do { } while (false); MOZ_ReportAssertionFailure("lval.isObjectOrNull()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5683); AnnotateMozCrashReason("MOZ_ASSERT" "(" "lval.isObjectOrNull()"
")"); do { *((volatile int*)__null) = 5683; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5684
5685 RootedObject obj(cx, ToObjectFromStackForPropertyAccess(
5686 cx, lval, JSDVG_SEARCH_STACK1, name));
5687 if (!obj) {
5688 return false;
5689 }
5690
5691 RootedId id(cx, NameToId(name));
5692 return SetObjectElementOperation(cx, obj, id, rval, receiver, strict);
5693}
5694
5695bool js::SetElementSuper(JSContext* cx, HandleValue lval, HandleValue receiver,
5696 HandleValue index, HandleValue rval, bool strict) {
5697 MOZ_ASSERT(lval.isObjectOrNull())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(lval.isObjectOrNull())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(lval.isObjectOrNull()))), 0)
)) { do { } while (false); MOZ_ReportAssertionFailure("lval.isObjectOrNull()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5697); AnnotateMozCrashReason("MOZ_ASSERT" "(" "lval.isObjectOrNull()"
")"); do { *((volatile int*)__null) = 5697; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5698
5699 RootedObject obj(cx, ToObjectFromStackForPropertyAccess(
5700 cx, lval, JSDVG_SEARCH_STACK1, index));
5701 if (!obj) {
5702 return false;
5703 }
5704
5705 return SetObjectElementWithReceiver(cx, obj, index, rval, receiver, strict);
5706}
5707
5708bool js::LoadAliasedDebugVar(JSContext* cx, JSObject* env, jsbytecode* pc,
5709 MutableHandleValue result) {
5710 EnvironmentCoordinate ec(pc);
5711
5712 for (unsigned i = ec.hops(); i; i--) {
5713 if (env->is<EnvironmentObject>()) {
5714 env = &env->as<EnvironmentObject>().enclosingEnvironment();
5715 } else {
5716 MOZ_ASSERT(env->is<DebugEnvironmentProxy>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(env->is<DebugEnvironmentProxy>())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(env->is<DebugEnvironmentProxy>()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("env->is<DebugEnvironmentProxy>()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5716); AnnotateMozCrashReason("MOZ_ASSERT" "(" "env->is<DebugEnvironmentProxy>()"
")"); do { *((volatile int*)__null) = 5716; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5717 env = &env->as<DebugEnvironmentProxy>().enclosingEnvironment();
5718 }
5719 }
5720
5721 EnvironmentObject& finalEnv =
5722 env->is<EnvironmentObject>()
5723 ? env->as<EnvironmentObject>()
5724 : env->as<DebugEnvironmentProxy>().environment();
5725
5726 result.set(finalEnv.aliasedBinding(ec));
5727 return true;
5728}
5729
5730// https://tc39.es/ecma262/#sec-iteratorclose
5731bool js::CloseIterOperation(JSContext* cx, HandleObject iter,
5732 CompletionKind kind) {
5733 // Steps 1-2 are implicit.
5734
5735 // Step 3
5736 RootedValue returnMethod(cx);
5737 bool innerResult =
5738 GetProperty(cx, iter, iter, cx->names().return_, &returnMethod);
5739
5740 // Step 4
5741 RootedValue result(cx);
5742 if (innerResult) {
5743 // Step 4b
5744 if (returnMethod.isNullOrUndefined()) {
5745 return true;
5746 }
5747 // Step 4c
5748 if (IsCallable(returnMethod)) {
5749 RootedValue thisVal(cx, ObjectValue(*iter));
5750 innerResult = Call(cx, returnMethod, thisVal, &result);
5751 } else {
5752 innerResult = ReportIsNotFunction(cx, returnMethod);
5753 }
5754 }
5755
5756 // Step 5
5757 if (kind == CompletionKind::Throw) {
5758 // If we close an iterator while unwinding for an exception,
5759 // the initial exception takes priority over any exception thrown
5760 // while closing the iterator.
5761 if (cx->isExceptionPending()) {
5762 cx->clearPendingException();
5763 }
5764 return true;
5765 }
5766
5767 // Step 6
5768 if (!innerResult) {
5769 return false;
5770 }
5771
5772 // Step 7
5773 if (!result.isObject()) {
5774 return ThrowCheckIsObject(cx, CheckIsObjectKind::IteratorReturn);
5775 }
5776
5777 // Step 8
5778 return true;
5779}

/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h

1/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2/* vim: set ts=8 sts=2 et sw=2 tw=80: */
3/* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7/* A class for optional values and in-place lazy construction. */
8
9#ifndef mozilla_Maybe_h
10#define mozilla_Maybe_h
11
12#include <functional>
13#include <new> // for placement new
14#include <ostream>
15#include <type_traits>
16#include <utility>
17
18#include "mozilla/Alignment.h"
19#include "mozilla/Assertions.h"
20#include "mozilla/Attributes.h"
21#include "mozilla/MaybeStorageBase.h"
22#include "mozilla/MemoryChecking.h"
23#include "mozilla/OperatorNewExtensions.h"
24#include "mozilla/Poison.h"
25#include "mozilla/ThreadSafety.h"
26
27class nsCycleCollectionTraversalCallback;
28
29template <typename T>
30inline void CycleCollectionNoteChild(
31 nsCycleCollectionTraversalCallback& aCallback, T* aChild, const char* aName,
32 uint32_t aFlags);
33
34namespace mozilla {
35
36struct Nothing {};
37
38inline constexpr bool operator==(const Nothing&, const Nothing&) {
39 return true;
40}
41
42template <class T>
43class Maybe;
44
45namespace detail {
46
47// You would think that poisoning Maybe instances could just be a call
48// to mozWritePoison. Unfortunately, using a simple call to
49// mozWritePoison generates poor code on MSVC for small structures. The
50// generated code contains (always not-taken) branches and does a bunch
51// of setup for `rep stos{l,q}`, even though we know at compile time
52// exactly how many words we're poisoning. Instead, we're going to
53// force MSVC to generate the code we want via recursive templates.
54
55// Write the given poisonValue into p at offset*sizeof(uintptr_t).
56template <size_t offset>
57inline void WritePoisonAtOffset(void* p, const uintptr_t poisonValue) {
58 memcpy(static_cast<char*>(p) + offset * sizeof(poisonValue), &poisonValue,
59 sizeof(poisonValue));
60}
61
62template <size_t Offset, size_t NOffsets>
63struct InlinePoisoner {
64 static void poison(void* p, const uintptr_t poisonValue) {
65 WritePoisonAtOffset<Offset>(p, poisonValue);
66 InlinePoisoner<Offset + 1, NOffsets>::poison(p, poisonValue);
67 }
68};
69
70template <size_t N>
71struct InlinePoisoner<N, N> {
72 static void poison(void*, const uintptr_t) {
73 // All done!
74 }
75};
76
77// We can't generate inline code for large structures, though, because we'll
78// blow out recursive template instantiation limits, and the code would be
79// bloated to boot. So provide a fallback to the out-of-line poisoner.
80template <size_t ObjectSize>
81struct OutOfLinePoisoner {
82 static MOZ_NEVER_INLINE__attribute__((noinline)) void poison(void* p, const uintptr_t) {
83 mozWritePoison(p, ObjectSize);
84 }
85};
86
87template <typename T>
88inline void PoisonObject(T* p) {
89 const uintptr_t POISON = mozPoisonValue();
90 std::conditional_t<(sizeof(T) <= 8 * sizeof(POISON)),
91 InlinePoisoner<0, sizeof(T) / sizeof(POISON)>,
92 OutOfLinePoisoner<sizeof(T)>>::poison(p, POISON);
93}
94
95template <typename T>
96struct MaybePoisoner {
97 static const size_t N = sizeof(T);
98
99 static void poison(void* aPtr) {
100#ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED1
101 if (N >= sizeof(uintptr_t)) {
102 PoisonObject(static_cast<std::remove_cv_t<T>*>(aPtr));
103 }
104#endif
105 MOZ_MAKE_MEM_UNDEFINED(aPtr, N)do { } while (0);
106 }
107};
108
109template <typename T,
110 bool TriviallyDestructibleAndCopyable =
111 IsTriviallyDestructibleAndCopyable<T>,
112 bool Copyable = std::is_copy_constructible_v<T>,
113 bool Movable = std::is_move_constructible_v<T>>
114class Maybe_CopyMove_Enabler;
115
116#define MOZ_MAYBE_COPY_OPS() \
117 Maybe_CopyMove_Enabler(const Maybe_CopyMove_Enabler& aOther) { \
118 if (downcast(aOther).isSome()) { \
119 downcast(*this).emplace(*downcast(aOther)); \
120 } \
121 } \
122 \
123 Maybe_CopyMove_Enabler& operator=(const Maybe_CopyMove_Enabler& aOther) { \
124 return downcast(*this).template operator= <T>(downcast(aOther)); \
125 }
126
127#define MOZ_MAYBE_MOVE_OPS() \
128 constexpr Maybe_CopyMove_Enabler(Maybe_CopyMove_Enabler&& aOther) { \
129 if (downcast(aOther).isSome()) { \
130 downcast(*this).emplace(std::move(*downcast(aOther))); \
131 downcast(aOther).reset(); \
132 } \
133 } \
134 \
135 constexpr Maybe_CopyMove_Enabler& operator=( \
136 Maybe_CopyMove_Enabler&& aOther) { \
137 downcast(*this).template operator= <T>(std::move(downcast(aOther))); \
138 \
139 return *this; \
140 }
141
142#define MOZ_MAYBE_DOWNCAST() \
143 static constexpr Maybe<T>& downcast(Maybe_CopyMove_Enabler& aObj) { \
144 return static_cast<Maybe<T>&>(aObj); \
145 } \
146 static constexpr const Maybe<T>& downcast( \
147 const Maybe_CopyMove_Enabler& aObj) { \
148 return static_cast<const Maybe<T>&>(aObj); \
149 }
150
151template <typename T>
152class Maybe_CopyMove_Enabler<T, true, true, true> {
153 public:
154 Maybe_CopyMove_Enabler() = default;
155
156 Maybe_CopyMove_Enabler(const Maybe_CopyMove_Enabler&) = default;
157 Maybe_CopyMove_Enabler& operator=(const Maybe_CopyMove_Enabler&) = default;
158 constexpr Maybe_CopyMove_Enabler(Maybe_CopyMove_Enabler&& aOther) {
159 downcast(aOther).reset();
160 }
161 constexpr Maybe_CopyMove_Enabler& operator=(Maybe_CopyMove_Enabler&& aOther) {
162 downcast(aOther).reset();
163 return *this;
164 }
165
166 private:
167 MOZ_MAYBE_DOWNCAST()
168};
169
170template <typename T>
171class Maybe_CopyMove_Enabler<T, true, false, true> {
172 public:
173 Maybe_CopyMove_Enabler() = default;
174
175 Maybe_CopyMove_Enabler(const Maybe_CopyMove_Enabler&) = delete;
176 Maybe_CopyMove_Enabler& operator=(const Maybe_CopyMove_Enabler&) = delete;
177 constexpr Maybe_CopyMove_Enabler(Maybe_CopyMove_Enabler&& aOther) {
178 downcast(aOther).reset();
179 }
180 constexpr Maybe_CopyMove_Enabler& operator=(Maybe_CopyMove_Enabler&& aOther) {
181 downcast(aOther).reset();
182 return *this;
183 }
184
185 private:
186 MOZ_MAYBE_DOWNCAST()
187};
188
189template <typename T>
190class Maybe_CopyMove_Enabler<T, false, true, true> {
191 public:
192 Maybe_CopyMove_Enabler() = default;
193
194 MOZ_MAYBE_COPY_OPS()
195 MOZ_MAYBE_MOVE_OPS()
196
197 private:
198 MOZ_MAYBE_DOWNCAST()
199};
200
201template <typename T>
202class Maybe_CopyMove_Enabler<T, false, false, true> {
203 public:
204 Maybe_CopyMove_Enabler() = default;
205
206 Maybe_CopyMove_Enabler(const Maybe_CopyMove_Enabler&) = delete;
207 Maybe_CopyMove_Enabler& operator=(const Maybe_CopyMove_Enabler&) = delete;
208 MOZ_MAYBE_MOVE_OPS()
209
210 private:
211 MOZ_MAYBE_DOWNCAST()
212};
213
214template <typename T>
215class Maybe_CopyMove_Enabler<T, false, true, false> {
216 public:
217 Maybe_CopyMove_Enabler() = default;
218
219 MOZ_MAYBE_COPY_OPS()
220 Maybe_CopyMove_Enabler(Maybe_CopyMove_Enabler&&) = delete;
221 Maybe_CopyMove_Enabler& operator=(Maybe_CopyMove_Enabler&&) = delete;
222
223 private:
224 MOZ_MAYBE_DOWNCAST()
225};
226
227template <typename T, bool TriviallyDestructibleAndCopyable>
228class Maybe_CopyMove_Enabler<T, TriviallyDestructibleAndCopyable, false,
229 false> {
230 public:
231 Maybe_CopyMove_Enabler() = default;
232
233 Maybe_CopyMove_Enabler(const Maybe_CopyMove_Enabler&) = delete;
234 Maybe_CopyMove_Enabler& operator=(const Maybe_CopyMove_Enabler&) = delete;
235 Maybe_CopyMove_Enabler(Maybe_CopyMove_Enabler&&) = delete;
236 Maybe_CopyMove_Enabler& operator=(Maybe_CopyMove_Enabler&&) = delete;
237};
238
239#undef MOZ_MAYBE_COPY_OPS
240#undef MOZ_MAYBE_MOVE_OPS
241#undef MOZ_MAYBE_DOWNCAST
242
243template <typename T, bool TriviallyDestructibleAndCopyable =
244 IsTriviallyDestructibleAndCopyable<T>>
245struct MaybeStorage;
246
247template <typename T>
248struct MaybeStorage<T, false> : MaybeStorageBase<T> {
249 protected:
250 char mIsSome = false; // not bool -- guarantees minimal space consumption
251
252 MaybeStorage() = default;
6
Calling defaulted default constructor for 'MaybeStorageBase<js::AutoRealm, false>'
11
Returning from default constructor for 'MaybeStorageBase<js::AutoRealm, false>'
12
Returning without writing to 'this->mStorage.val.cx_'
253 explicit MaybeStorage(const T& aVal)
254 : MaybeStorageBase<T>{aVal}, mIsSome{true} {}
255 explicit MaybeStorage(T&& aVal)
256 : MaybeStorageBase<T>{std::move(aVal)}, mIsSome{true} {}
257
258 template <typename... Args>
259 explicit MaybeStorage(std::in_place_t, Args&&... aArgs)
260 : MaybeStorageBase<T>{std::in_place, std::forward<Args>(aArgs)...},
261 mIsSome{true} {}
262
263 public:
264 // Copy and move operations are no-ops, since copying is moving is implemented
265 // by Maybe_CopyMove_Enabler.
266
267 MaybeStorage(const MaybeStorage&) : MaybeStorageBase<T>{} {}
268 MaybeStorage& operator=(const MaybeStorage&) { return *this; }
269 MaybeStorage(MaybeStorage&&) : MaybeStorageBase<T>{} {}
270 MaybeStorage& operator=(MaybeStorage&&) { return *this; }
271
272 ~MaybeStorage() {
273 if (mIsSome
19.1
Field 'mIsSome' is 0
19.1
Field 'mIsSome' is 0
19.1
Field 'mIsSome' is 0
19.1
Field 'mIsSome' is 0
) {
20
Taking false branch
274 this->addr()->T::~T();
275 }
276 }
21
Calling implicit destructor for 'MaybeStorageBase<js::AutoRealm, false>'
22
Calling '~Union'
277};
278
279template <typename T>
280struct MaybeStorage<T, true> : MaybeStorageBase<T> {
281 protected:
282 char mIsSome = false; // not bool -- guarantees minimal space consumption
283
284 constexpr MaybeStorage() = default;
285 constexpr explicit MaybeStorage(const T& aVal)
286 : MaybeStorageBase<T>{aVal}, mIsSome{true} {}
287 constexpr explicit MaybeStorage(T&& aVal)
288 : MaybeStorageBase<T>{std::move(aVal)}, mIsSome{true} {}
289
290 template <typename... Args>
291 constexpr explicit MaybeStorage(std::in_place_t, Args&&... aArgs)
292 : MaybeStorageBase<T>{std::in_place, std::forward<Args>(aArgs)...},
293 mIsSome{true} {}
294};
295
296template <typename T>
297struct IsMaybeImpl : std::false_type {};
298
299template <typename T>
300struct IsMaybeImpl<Maybe<T>> : std::true_type {};
301
302template <typename T>
303using IsMaybe = IsMaybeImpl<std::decay_t<T>>;
304
305} // namespace detail
306
307template <typename T, typename U = typename std::remove_cv<
308 typename std::remove_reference<T>::type>::type>
309constexpr Maybe<U> Some(T&& aValue);
310
311/*
312 * Maybe is a container class which contains either zero or one elements. It
313 * serves two roles. It can represent values which are *semantically* optional,
314 * augmenting a type with an explicit 'Nothing' value. In this role, it provides
315 * methods that make it easy to work with values that may be missing, along with
316 * equality and comparison operators so that Maybe values can be stored in
317 * containers. Maybe values can be constructed conveniently in expressions using
318 * type inference, as follows:
319 *
320 * void doSomething(Maybe<Foo> aFoo) {
321 * if (aFoo) // Make sure that aFoo contains a value...
322 * aFoo->takeAction(); // and then use |aFoo->| to access it.
323 * } // |*aFoo| also works!
324 *
325 * doSomething(Nothing()); // Passes a Maybe<Foo> containing no value.
326 * doSomething(Some(Foo(100))); // Passes a Maybe<Foo> containing |Foo(100)|.
327 *
328 * You'll note that it's important to check whether a Maybe contains a value
329 * before using it, using conversion to bool, |isSome()|, or |isNothing()|. You
330 * can avoid these checks, and sometimes write more readable code, using
331 * |valueOr()|, |ptrOr()|, and |refOr()|, which allow you to retrieve the value
332 * in the Maybe and provide a default for the 'Nothing' case. You can also use
333 * |apply()| to call a function only if the Maybe holds a value, and |map()| to
334 * transform the value in the Maybe, returning another Maybe with a possibly
335 * different type.
336 *
337 * Maybe's other role is to support lazily constructing objects without using
338 * dynamic storage. A Maybe directly contains storage for a value, but it's
339 * empty by default. |emplace()|, as mentioned above, can be used to construct a
340 * value in Maybe's storage. The value a Maybe contains can be destroyed by
341 * calling |reset()|; this will happen automatically if a Maybe is destroyed
342 * while holding a value.
343 *
344 * It's a common idiom in C++ to use a pointer as a 'Maybe' type, with a null
345 * value meaning 'Nothing' and any other value meaning 'Some'. You can convert
346 * from such a pointer to a Maybe value using 'ToMaybe()'.
347 *
348 * Maybe is inspired by similar types in the standard library of many other
349 * languages (e.g. Haskell's Maybe and Rust's Option). In the C++ world it's
350 * very similar to std::optional, which was proposed for C++14 and originated in
351 * Boost. The most important differences between Maybe and std::optional are:
352 *
353 * - std::optional<T> may be compared with T. We deliberately forbid that.
354 * - std::optional has |valueOr()|, equivalent to Maybe's |valueOr()|, but
355 * lacks corresponding methods for |refOr()| and |ptrOr()|.
356 * - std::optional lacks |map()| and |apply()|, making it less suitable for
357 * functional-style code.
358 * - std::optional lacks many convenience functions that Maybe has. Most
359 * unfortunately, it lacks equivalents of the type-inferred constructor
360 * functions |Some()| and |Nothing()|.
361 */
362template <class T>
363class MOZ_INHERIT_TYPE_ANNOTATIONS_FROM_TEMPLATE_ARGS Maybe
364 : private detail::MaybeStorage<T>,
365 public detail::Maybe_CopyMove_Enabler<T> {
366 template <typename, bool, bool, bool>
367 friend class detail::Maybe_CopyMove_Enabler;
368
369 template <typename U, typename V>
370 friend constexpr Maybe<V> Some(U&& aValue);
371
372 struct SomeGuard {};
373
374 template <typename U>
375 constexpr Maybe(U&& aValue, SomeGuard)
376 : detail::MaybeStorage<T>{std::forward<U>(aValue)} {}
377
378 using detail::MaybeStorage<T>::mIsSome;
379 using detail::MaybeStorage<T>::mStorage;
380
381 void poisonData() { detail::MaybePoisoner<T>::poison(&mStorage.val); }
382
383 public:
384 using ValueType = T;
385
386 MOZ_ALLOW_TEMPORARY constexpr Maybe() = default;
5
Calling defaulted default constructor for 'MaybeStorage<js::AutoRealm, false>'
13
Returning from default constructor for 'MaybeStorage<js::AutoRealm, false>'
14
Returning without writing to 'this->mStorage.val.cx_'
387
388 MOZ_ALLOW_TEMPORARY MOZ_IMPLICIT constexpr Maybe(Nothing) : Maybe{} {}
389
390 template <typename... Args>
391 constexpr explicit Maybe(std::in_place_t, Args&&... aArgs)
392 : detail::MaybeStorage<T>{std::in_place, std::forward<Args>(aArgs)...} {}
393
394 /**
395 * Maybe<T> can be copy-constructed from a Maybe<U> if T is constructible from
396 * a const U&.
397 */
398 template <typename U,
399 std::enable_if_t<std::is_constructible_v<T, const U&>, bool> = true>
400 MOZ_IMPLICIT Maybe(const Maybe<U>& aOther) {
401 if (aOther.isSome()) {
402 emplace(*aOther);
403 }
404 }
405
406 template <typename U, std::enable_if_t<!std::is_constructible_v<T, const U&>,
407 bool> = true>
408 explicit Maybe(const Maybe<U>& aOther) = delete;
409
410 /**
411 * Maybe<T> can be move-constructed from a Maybe<U> if T is constructible from
412 * a U&&.
413 */
414 template <typename U,
415 std::enable_if_t<std::is_constructible_v<T, U&&>, bool> = true>
416 MOZ_IMPLICIT Maybe(Maybe<U>&& aOther) {
417 if (aOther.isSome()) {
418 emplace(std::move(*aOther));
419 aOther.reset();
420 }
421 }
422 template <typename U,
423 std::enable_if_t<!std::is_constructible_v<T, U&&>, bool> = true>
424 explicit Maybe(Maybe<U>&& aOther) = delete;
425
426 template <typename U,
427 std::enable_if_t<std::is_constructible_v<T, const U&>, bool> = true>
428 Maybe& operator=(const Maybe<U>& aOther) {
429 if (aOther.isSome()) {
430 if (mIsSome) {
431 ref() = aOther.ref();
432 } else {
433 emplace(*aOther);
434 }
435 } else {
436 reset();
437 }
438 return *this;
439 }
440
441 template <typename U, std::enable_if_t<!std::is_constructible_v<T, const U&>,
442 bool> = true>
443 Maybe& operator=(const Maybe<U>& aOther) = delete;
444
445 template <typename U,
446 std::enable_if_t<std::is_constructible_v<T, U&&>, bool> = true>
447 Maybe& operator=(Maybe<U>&& aOther) {
448 if (aOther.isSome()) {
449 if (mIsSome) {
450 ref() = std::move(aOther.ref());
451 } else {
452 emplace(std::move(*aOther));
453 }
454 aOther.reset();
455 } else {
456 reset();
457 }
458
459 return *this;
460 }
461
462 template <typename U,
463 std::enable_if_t<!std::is_constructible_v<T, U&&>, bool> = true>
464 Maybe& operator=(Maybe<U>&& aOther) = delete;
465
466 constexpr Maybe& operator=(Nothing) {
467 reset();
468 return *this;
469 }
470
471 /* Methods that check whether this Maybe contains a value */
472 constexpr explicit operator bool() const { return isSome(); }
473 constexpr bool isSome() const { return mIsSome; }
474 constexpr bool isNothing() const { return !mIsSome; }
475
476 /* Returns the contents of this Maybe<T> by value. Unsafe unless |isSome()|.
477 */
478 constexpr T value() const&;
479 constexpr T value() &&;
480 constexpr T value() const&&;
481
482 /**
483 * Move the contents of this Maybe<T> out of internal storage and return it
484 * without calling the destructor. The internal storage is also reset to
485 * avoid multiple calls. Unsafe unless |isSome()|.
486 */
487 constexpr T extract() {
488 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 488); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 488; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
489 T v = std::move(mStorage.val);
490 reset();
491 return v;
492 }
493
494 /**
495 * Returns the value (possibly |Nothing()|) by moving it out of this Maybe<T>
496 * and leaving |Nothing()| in its place.
497 */
498 Maybe<T> take() { return std::exchange(*this, Nothing()); }
499
500 /*
501 * Returns the contents of this Maybe<T> by value. If |isNothing()|, returns
502 * the default value provided.
503 *
504 * Note: If the value passed to aDefault is not the result of a trivial
505 * expression, but expensive to evaluate, e.g. |valueOr(ExpensiveFunction())|,
506 * use |valueOrFrom| instead, e.g.
507 * |valueOrFrom([arg] { return ExpensiveFunction(arg); })|. This ensures
508 * that the expensive expression is only evaluated when its result will
509 * actually be used.
510 */
511 template <typename V>
512 constexpr T valueOr(V&& aDefault) const {
513 if (isSome()) {
514 return ref();
515 }
516 return std::forward<V>(aDefault);
517 }
518
519 /*
520 * Returns the contents of this Maybe<T> by value. If |isNothing()|, returns
521 * the value returned from the function or functor provided.
522 */
523 template <typename F>
524 constexpr T valueOrFrom(F&& aFunc) const {
525 if (isSome()) {
526 return ref();
527 }
528 return aFunc();
529 }
530
531 /* Returns the contents of this Maybe<T> by pointer. Unsafe unless |isSome()|.
532 */
533 T* ptr();
534 constexpr const T* ptr() const;
535
536 /*
537 * Returns the contents of this Maybe<T> by pointer. If |isNothing()|,
538 * returns the default value provided.
539 */
540 T* ptrOr(T* aDefault) {
541 if (isSome()) {
542 return ptr();
543 }
544 return aDefault;
545 }
546
547 constexpr const T* ptrOr(const T* aDefault) const {
548 if (isSome()) {
549 return ptr();
550 }
551 return aDefault;
552 }
553
554 /*
555 * Returns the contents of this Maybe<T> by pointer. If |isNothing()|,
556 * returns the value returned from the function or functor provided.
557 */
558 template <typename F>
559 T* ptrOrFrom(F&& aFunc) {
560 if (isSome()) {
561 return ptr();
562 }
563 return aFunc();
564 }
565
566 template <typename F>
567 const T* ptrOrFrom(F&& aFunc) const {
568 if (isSome()) {
569 return ptr();
570 }
571 return aFunc();
572 }
573
574 constexpr T* operator->();
575 constexpr const T* operator->() const;
576
577 /* Returns the contents of this Maybe<T> by ref. Unsafe unless |isSome()|. */
578 constexpr T& ref() &;
579 constexpr const T& ref() const&;
580 constexpr T&& ref() &&;
581 constexpr const T&& ref() const&&;
582
583 /*
584 * Returns the contents of this Maybe<T> by ref. If |isNothing()|, returns
585 * the default value provided.
586 */
587 constexpr T& refOr(T& aDefault) {
588 if (isSome()) {
589 return ref();
590 }
591 return aDefault;
592 }
593
594 constexpr const T& refOr(const T& aDefault) const {
595 if (isSome()) {
596 return ref();
597 }
598 return aDefault;
599 }
600
601 /*
602 * Returns the contents of this Maybe<T> by ref. If |isNothing()|, returns the
603 * value returned from the function or functor provided.
604 */
605 template <typename F>
606 constexpr T& refOrFrom(F&& aFunc) {
607 if (isSome()) {
608 return ref();
609 }
610 return aFunc();
611 }
612
613 template <typename F>
614 constexpr const T& refOrFrom(F&& aFunc) const {
615 if (isSome()) {
616 return ref();
617 }
618 return aFunc();
619 }
620
621 constexpr T& operator*() &;
622 constexpr const T& operator*() const&;
623 constexpr T&& operator*() &&;
624 constexpr const T&& operator*() const&&;
625
626 /* If |isSome()|, runs the provided function or functor on the contents of
627 * this Maybe. */
628 template <typename Func>
629 constexpr Maybe& apply(Func&& aFunc) & {
630 if (isSome()) {
631 std::forward<Func>(aFunc)(ref());
632 }
633 return *this;
634 }
635
636 template <typename Func>
637 constexpr const Maybe& apply(Func&& aFunc) const& {
638 if (isSome()) {
639 std::forward<Func>(aFunc)(ref());
640 }
641 return *this;
642 }
643
644 template <typename Func>
645 constexpr Maybe& apply(Func&& aFunc) && {
646 if (isSome()) {
647 std::forward<Func>(aFunc)(extract());
648 }
649 return *this;
650 }
651
652 template <typename Func>
653 constexpr Maybe& apply(Func&& aFunc) const&& {
654 if (isSome()) {
655 std::forward<Func>(aFunc)(extract());
656 }
657 return *this;
658 }
659
660 /*
661 * If |isSome()|, runs the provided function and returns the result wrapped
662 * in a Maybe. If |isNothing()|, returns an empty Maybe value with the same
663 * value type as what the provided function would have returned.
664 */
665 template <typename Func>
666 constexpr auto map(Func&& aFunc) & {
667 if (isSome()) {
668 return Some(std::forward<Func>(aFunc)(ref()));
669 }
670 return Maybe<decltype(std::forward<Func>(aFunc)(ref()))>{};
671 }
672
673 template <typename Func>
674 constexpr auto map(Func&& aFunc) const& {
675 if (isSome()) {
676 return Some(std::forward<Func>(aFunc)(ref()));
677 }
678 return Maybe<decltype(std::forward<Func>(aFunc)(ref()))>{};
679 }
680
681 template <typename Func>
682 constexpr auto map(Func&& aFunc) && {
683 if (isSome()) {
684 return Some(std::forward<Func>(aFunc)(extract()));
685 }
686 return Maybe<decltype(std::forward<Func>(aFunc)(extract()))>{};
687 }
688
689 template <typename Func>
690 constexpr auto map(Func&& aFunc) const&& {
691 if (isSome()) {
692 return Some(std::forward<Func>(aFunc)(extract()));
693 }
694 return Maybe<decltype(std::forward<Func>(aFunc)(extract()))>{};
695 }
696
697 /*
698 * If |isSome()|, runs the provided function or functor on the contents of
699 * this Maybe and returns the result. Note that the provided function or
700 * functor must return a Maybe<U> of any type U.
701 * If |isNothing()|, returns an empty Maybe value with the same type as what
702 * the provided function would have returned.
703 */
704 template <typename Func>
705 constexpr auto andThen(Func&& aFunc) & {
706 static_assert(std::is_invocable_v<Func, T&>);
707 using U = std::invoke_result_t<Func, T&>;
708 static_assert(detail::IsMaybe<U>::value);
709 if (isSome()) {
710 return std::invoke(std::forward<Func>(aFunc), ref());
711 }
712 return std::remove_cv_t<std::remove_reference_t<U>>{};
713 }
714
715 template <typename Func>
716 constexpr auto andThen(Func&& aFunc) const& {
717 static_assert(std::is_invocable_v<Func, const T&>);
718 using U = std::invoke_result_t<Func, const T&>;
719 static_assert(detail::IsMaybe<U>::value);
720 if (isSome()) {
721 return std::invoke(std::forward<Func>(aFunc), ref());
722 }
723 return std::remove_cv_t<std::remove_reference_t<U>>{};
724 }
725
726 template <typename Func>
727 constexpr auto andThen(Func&& aFunc) && {
728 static_assert(std::is_invocable_v<Func, T&&>);
729 using U = std::invoke_result_t<Func, T&&>;
730 static_assert(detail::IsMaybe<U>::value);
731 if (isSome()) {
732 return std::invoke(std::forward<Func>(aFunc), extract());
733 }
734 return std::remove_cv_t<std::remove_reference_t<U>>{};
735 }
736
737 template <typename Func>
738 constexpr auto andThen(Func&& aFunc) const&& {
739 static_assert(std::is_invocable_v<Func, const T&&>);
740 using U = std::invoke_result_t<Func, const T&&>;
741 static_assert(detail::IsMaybe<U>::value);
742 if (isSome()) {
743 return std::invoke(std::forward<Func>(aFunc), extract());
744 }
745 return std::remove_cv_t<std::remove_reference_t<U>>{};
746 }
747
748 /*
749 * If |isNothing()|, runs the provided function or functor and returns its
750 * result. If |isSome()|, returns the contained value wrapped in a Maybe.
751 */
752 template <typename Func>
753 constexpr Maybe orElse(Func&& aFunc) & {
754 static_assert(std::is_invocable_v<Func>);
755 using U = std::invoke_result_t<Func>;
756 static_assert(
757 std::is_same_v<Maybe, std::remove_cv_t<std::remove_reference_t<U>>>);
758 if (isSome()) {
759 return *this;
760 }
761 return std::invoke(std::forward<Func>(aFunc));
762 }
763
764 template <typename Func>
765 constexpr Maybe orElse(Func&& aFunc) const& {
766 static_assert(std::is_invocable_v<Func>);
767 using U = std::invoke_result_t<Func>;
768 static_assert(
769 std::is_same_v<Maybe, std::remove_cv_t<std::remove_reference_t<U>>>);
770 if (isSome()) {
771 return *this;
772 }
773 return std::invoke(std::forward<Func>(aFunc));
774 }
775
776 template <typename Func>
777 constexpr Maybe orElse(Func&& aFunc) && {
778 static_assert(std::is_invocable_v<Func>);
779 using U = std::invoke_result_t<Func>;
780 static_assert(
781 std::is_same_v<Maybe, std::remove_cv_t<std::remove_reference_t<U>>>);
782 if (isSome()) {
783 return std::move(*this);
784 }
785 return std::invoke(std::forward<Func>(aFunc));
786 }
787
788 template <typename Func>
789 constexpr Maybe orElse(Func&& aFunc) const&& {
790 static_assert(std::is_invocable_v<Func>);
791 using U = std::invoke_result_t<Func>;
792 static_assert(
793 std::is_same_v<Maybe, std::remove_cv_t<std::remove_reference_t<U>>>);
794 if (isSome()) {
795 return std::move(*this);
796 }
797 return std::invoke(std::forward<Func>(aFunc));
798 }
799
800 /* If |isSome()|, empties this Maybe and destroys its contents. */
801 constexpr void reset() {
802 if (isSome()) {
803 if constexpr (!std::is_trivially_destructible_v<T>) {
804 /*
805 * Static analyzer gets confused if we have Maybe<MutexAutoLock>,
806 * so we suppress thread-safety warnings here
807 */
808 MOZ_PUSH_IGNORE_THREAD_SAFETYGCC diagnostic push GCC diagnostic ignored "-Wthread-safety"
809 ref().T::~T();
810 MOZ_POP_THREAD_SAFETYGCC diagnostic pop
811 poisonData();
812 }
813 mIsSome = false;
814 }
815 }
816
817 /*
818 * Constructs a T value in-place in this empty Maybe<T>'s storage. The
819 * arguments to |emplace()| are the parameters to T's constructor.
820 */
821 template <typename... Args>
822 constexpr void emplace(Args&&... aArgs);
823
824 template <typename U>
825 constexpr std::enable_if_t<std::is_same_v<T, U> &&
826 std::is_copy_constructible_v<U> &&
827 !std::is_move_constructible_v<U>>
828 emplace(U&& aArgs) {
829 emplace(aArgs);
830 }
831
832 friend std::ostream& operator<<(std::ostream& aStream,
833 const Maybe<T>& aMaybe) {
834 if (aMaybe) {
835 aStream << aMaybe.ref();
836 } else {
837 aStream << "<Nothing>";
838 }
839 return aStream;
840 }
841};
842
843template <typename T>
844class Maybe<T&> {
845 public:
846 constexpr Maybe() = default;
847 constexpr MOZ_IMPLICIT Maybe(Nothing) {}
848
849 void emplace(T& aRef) { mValue = &aRef; }
850
851 /* Methods that check whether this Maybe contains a value */
852 constexpr explicit operator bool() const { return isSome(); }
853 constexpr bool isSome() const { return mValue; }
854 constexpr bool isNothing() const { return !mValue; }
855
856 T& ref() const {
857 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 857); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 857; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
858 return *mValue;
859 }
860
861 T* operator->() const { return &ref(); }
862 T& operator*() const { return ref(); }
863
864 // Deliberately not defining value and ptr accessors, as these may be
865 // confusing on a reference-typed Maybe.
866
867 // XXX Should we define refOr?
868
869 void reset() { mValue = nullptr; }
870
871 template <typename Func>
872 const Maybe& apply(Func&& aFunc) const {
873 if (isSome()) {
874 std::forward<Func>(aFunc)(ref());
875 }
876 return *this;
877 }
878
879 template <typename Func>
880 auto map(Func&& aFunc) const {
881 Maybe<decltype(std::forward<Func>(aFunc)(ref()))> val;
882 if (isSome()) {
883 val.emplace(std::forward<Func>(aFunc)(ref()));
884 }
885 return val;
886 }
887
888 template <typename Func>
889 constexpr auto andThen(Func&& aFunc) const {
890 static_assert(std::is_invocable_v<Func, T&>);
891 using U = std::invoke_result_t<Func, T&>;
892 static_assert(detail::IsMaybe<U>::value);
893 if (isSome()) {
894 return std::invoke(std::forward<Func>(aFunc), ref());
895 }
896 return std::remove_cv_t<std::remove_reference_t<U>>{};
897 }
898
899 template <typename Func>
900 constexpr Maybe orElse(Func&& aFunc) const {
901 static_assert(std::is_invocable_v<Func>);
902 using U = std::invoke_result_t<Func>;
903 static_assert(
904 std::is_same_v<Maybe, std::remove_cv_t<std::remove_reference_t<U>>>);
905 if (isSome()) {
906 return *this;
907 }
908 return std::invoke(std::forward<Func>(aFunc));
909 }
910
911 bool refEquals(const Maybe<T&>& aOther) const {
912 return mValue == aOther.mValue;
913 }
914
915 bool refEquals(const T& aOther) const { return mValue == &aOther; }
916
917 private:
918 T* mValue = nullptr;
919};
920
921template <typename T>
922constexpr T Maybe<T>::value() const& {
923 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 923); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 923; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
924 return ref();
925}
926
927template <typename T>
928constexpr T Maybe<T>::value() && {
929 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 929); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 929; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
930 return std::move(ref());
931}
932
933template <typename T>
934constexpr T Maybe<T>::value() const&& {
935 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 935); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 935; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
936 return std::move(ref());
937}
938
939template <typename T>
940T* Maybe<T>::ptr() {
941 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 941); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 941; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
942 return &ref();
943}
944
945template <typename T>
946constexpr const T* Maybe<T>::ptr() const {
947 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 947); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 947; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
948 return &ref();
949}
950
951template <typename T>
952constexpr T* Maybe<T>::operator->() {
953 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 953); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 953; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
954 return ptr();
955}
956
957template <typename T>
958constexpr const T* Maybe<T>::operator->() const {
959 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 959); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 959; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
960 return ptr();
961}
962
963template <typename T>
964constexpr T& Maybe<T>::ref() & {
965 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 965); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 965; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
966 return mStorage.val;
967}
968
969template <typename T>
970constexpr const T& Maybe<T>::ref() const& {
971 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 971); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 971; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
972 return mStorage.val;
973}
974
975template <typename T>
976constexpr T&& Maybe<T>::ref() && {
977 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 977); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 977; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
978 return std::move(mStorage.val);
979}
980
981template <typename T>
982constexpr const T&& Maybe<T>::ref() const&& {
983 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 983); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 983; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
984 return std::move(mStorage.val);
985}
986
987template <typename T>
988constexpr T& Maybe<T>::operator*() & {
989 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 989); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 989; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
990 return ref();
991}
992
993template <typename T>
994constexpr const T& Maybe<T>::operator*() const& {
995 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 995); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 995; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
996 return ref();
997}
998
999template <typename T>
1000constexpr T&& Maybe<T>::operator*() && {
1001 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 1001); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 1001; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1002 return std::move(ref());
1003}
1004
1005template <typename T>
1006constexpr const T&& Maybe<T>::operator*() const&& {
1007 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 1007); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 1007; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1008 return std::move(ref());
1009}
1010
1011template <typename T>
1012template <typename... Args>
1013constexpr void Maybe<T>::emplace(Args&&... aArgs) {
1014 MOZ_RELEASE_ASSERT(!isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("!isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 1014); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "!isSome()"
")"); do { *((volatile int*)__null) = 1014; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1015 ::new (KnownNotNull, &mStorage.val) T(std::forward<Args>(aArgs)...);
1016 mIsSome = true;
1017}
1018
1019/*
1020 * Some() creates a Maybe<T> value containing the provided T value. If T has a
1021 * move constructor, it's used to make this as efficient as possible.
1022 *
1023 * Some() selects the type of Maybe it returns by removing any const, volatile,
1024 * or reference qualifiers from the type of the value you pass to it. This gives
1025 * it more intuitive behavior when used in expressions, but it also means that
1026 * if you need to construct a Maybe value that holds a const, volatile, or
1027 * reference value, you need to use emplace() instead.
1028 */
1029template <typename T, typename U>
1030constexpr Maybe<U> Some(T&& aValue) {
1031 return {std::forward<T>(aValue), typename Maybe<U>::SomeGuard{}};
1032}
1033
1034template <typename T>
1035constexpr Maybe<T&> SomeRef(T& aValue) {
1036 Maybe<T&> value;
1037 value.emplace(aValue);
1038 return value;
1039}
1040
1041template <typename T>
1042constexpr Maybe<T&> ToMaybeRef(T* const aPtr) {
1043 return aPtr ? SomeRef(*aPtr) : Nothing{};
1044}
1045
1046template <typename T>
1047Maybe<std::remove_cv_t<std::remove_reference_t<T>>> ToMaybe(T* aPtr) {
1048 if (aPtr) {
1049 return Some(*aPtr);
1050 }
1051 return Nothing();
1052}
1053
1054/*
1055 * Two Maybe<T> values are equal if
1056 * - both are Nothing, or
1057 * - both are Some, and the values they contain are equal.
1058 */
1059template <typename T>
1060constexpr bool operator==(const Maybe<T>& aLHS, const Maybe<T>& aRHS) {
1061 static_assert(!std::is_reference_v<T>,
1062 "operator== is not defined for Maybe<T&>, compare values or "
1063 "addresses explicitly instead");
1064 if (aLHS.isNothing() != aRHS.isNothing()) {
1065 return false;
1066 }
1067 return aLHS.isNothing() || *aLHS == *aRHS;
1068}
1069
1070template <typename T>
1071constexpr bool operator!=(const Maybe<T>& aLHS, const Maybe<T>& aRHS) {
1072 return !(aLHS == aRHS);
1073}
1074
1075/*
1076 * We support comparison to Nothing to allow reasonable expressions like:
1077 * if (maybeValue == Nothing()) { ... }
1078 */
1079template <typename T>
1080constexpr bool operator==(const Maybe<T>& aLHS, const Nothing& aRHS) {
1081 return aLHS.isNothing();
1082}
1083
1084template <typename T>
1085constexpr bool operator!=(const Maybe<T>& aLHS, const Nothing& aRHS) {
1086 return !(aLHS == aRHS);
1087}
1088
1089template <typename T>
1090constexpr bool operator==(const Nothing& aLHS, const Maybe<T>& aRHS) {
1091 return aRHS.isNothing();
1092}
1093
1094template <typename T>
1095constexpr bool operator!=(const Nothing& aLHS, const Maybe<T>& aRHS) {
1096 return !(aLHS == aRHS);
1097}
1098
1099/*
1100 * Maybe<T> values are ordered in the same way T values are ordered, except that
1101 * Nothing comes before anything else.
1102 */
1103template <typename T>
1104constexpr bool operator<(const Maybe<T>& aLHS, const Maybe<T>& aRHS) {
1105 if (aLHS.isNothing()) {
1106 return aRHS.isSome();
1107 }
1108 if (aRHS.isNothing()) {
1109 return false;
1110 }
1111 return *aLHS < *aRHS;
1112}
1113
1114template <typename T>
1115constexpr bool operator>(const Maybe<T>& aLHS, const Maybe<T>& aRHS) {
1116 return !(aLHS < aRHS || aLHS == aRHS);
1117}
1118
1119template <typename T>
1120constexpr bool operator<=(const Maybe<T>& aLHS, const Maybe<T>& aRHS) {
1121 return aLHS < aRHS || aLHS == aRHS;
1122}
1123
1124template <typename T>
1125constexpr bool operator>=(const Maybe<T>& aLHS, const Maybe<T>& aRHS) {
1126 return !(aLHS < aRHS);
1127}
1128
1129template <typename T>
1130inline void ImplCycleCollectionTraverse(
1131 nsCycleCollectionTraversalCallback& aCallback, mozilla::Maybe<T>& aField,
1132 const char* aName, uint32_t aFlags = 0) {
1133 if (aField) {
1134 ImplCycleCollectionTraverse(aCallback, aField.ref(), aName, aFlags);
1135 }
1136}
1137
1138template <typename T>
1139inline void ImplCycleCollectionUnlink(mozilla::Maybe<T>& aField) {
1140 if (aField) {
1141 ImplCycleCollectionUnlink(aField.ref());
1142 }
1143}
1144
1145} // namespace mozilla
1146
1147#endif /* mozilla_Maybe_h */

/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/MaybeStorageBase.h

1/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2/* vim: set ts=8 sts=2 et sw=2 tw=80: */
3/* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7/* Internal storage class used e.g. by Maybe and Result. This file doesn't
8 * contain any public declarations. */
9
10#ifndef mfbt_MaybeStorageBase_h
11#define mfbt_MaybeStorageBase_h
12
13#include <type_traits>
14#include <utility>
15
16namespace mozilla::detail {
17
18template <typename T>
19constexpr bool IsTriviallyDestructibleAndCopyable =
20 std::is_trivially_destructible_v<T> &&
21 (std::is_trivially_copy_constructible_v<T> ||
22 !std::is_copy_constructible_v<T>);
23
24template <typename T, bool TriviallyDestructibleAndCopyable =
25 IsTriviallyDestructibleAndCopyable<T>>
26struct MaybeStorageBase;
27
28template <typename T>
29struct MaybeStorageBase<T, false> {
30 protected:
31 using NonConstT = std::remove_const_t<T>;
32
33 union Union {
34 Union() {}
8
Returning without writing to 'this->val.cx_'
35 explicit Union(const T& aVal) : val{aVal} {}
36 template <typename U,
37 typename = std::enable_if_t<std::is_move_constructible_v<U>>>
38 explicit Union(U&& aVal) : val{std::forward<U>(aVal)} {}
39 template <typename... Args>
40 explicit Union(std::in_place_t, Args&&... aArgs)
41 : val{std::forward<Args>(aArgs)...} {}
42
43 ~Union() {}
23
Calling '~AutoRealm'
44
45 NonConstT val;
46 } mStorage;
47
48 public:
49 MaybeStorageBase() = default;
7
Calling default constructor for 'Union'
9
Returning from default constructor for 'Union'
10
Returning without writing to 'this->mStorage.val.cx_'
50 explicit MaybeStorageBase(const T& aVal) : mStorage{aVal} {}
51 explicit MaybeStorageBase(T&& aVal) : mStorage{std::move(aVal)} {}
52 template <typename... Args>
53 explicit MaybeStorageBase(std::in_place_t, Args&&... aArgs)
54 : mStorage{std::in_place, std::forward<Args>(aArgs)...} {}
55
56 const T* addr() const { return &mStorage.val; }
57 T* addr() { return &mStorage.val; }
58};
59
60template <typename T>
61struct MaybeStorageBase<T, true> {
62 protected:
63 using NonConstT = std::remove_const_t<T>;
64
65 union Union {
66 constexpr Union() : dummy() {}
67 constexpr explicit Union(const T& aVal) : val{aVal} {}
68 constexpr explicit Union(T&& aVal) : val{std::move(aVal)} {}
69 template <typename... Args>
70 constexpr explicit Union(std::in_place_t, Args&&... aArgs)
71 : val{std::forward<Args>(aArgs)...} {}
72
73 NonConstT val;
74 char dummy;
75 } mStorage;
76
77 public:
78 constexpr MaybeStorageBase() = default;
79 constexpr explicit MaybeStorageBase(const T& aVal) : mStorage{aVal} {}
80 constexpr explicit MaybeStorageBase(T&& aVal) : mStorage{std::move(aVal)} {}
81
82 template <typename... Args>
83 constexpr explicit MaybeStorageBase(std::in_place_t, Args&&... aArgs)
84 : mStorage{std::in_place, std::forward<Args>(aArgs)...} {}
85
86 constexpr const T* addr() const { return &mStorage.val; }
87 constexpr T* addr() { return &mStorage.val; }
88};
89
90} // namespace mozilla::detail
91
92#endif

/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Realm-inl.h

1/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*-
2 * vim: set ts=8 sts=2 et sw=2 tw=80:
3 * This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7#ifndef vm_Realm_inl_h
8#define vm_Realm_inl_h
9
10#include "vm/Realm.h"
11
12#include "gc/Barrier.h"
13#include "gc/Marking.h"
14#include "vm/GlobalObject.h"
15
16#include "vm/JSContext-inl.h"
17
18inline void JS::Realm::initGlobal(js::GlobalObject& global) {
19 MOZ_ASSERT(global.realm() == this)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(global.realm() == this)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(global.realm() == this))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("global.realm() == this"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Realm-inl.h"
, 19); AnnotateMozCrashReason("MOZ_ASSERT" "(" "global.realm() == this"
")"); do { *((volatile int*)__null) = 19; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
20 MOZ_ASSERT(!global_)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!global_)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!global_))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("!global_", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Realm-inl.h"
, 20); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!global_" ")"
); do { *((volatile int*)__null) = 20; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
21 global_.set(&global);
22}
23
24js::GlobalObject* JS::Realm::maybeGlobal() const {
25 MOZ_ASSERT_IF(global_, global_->realm() == this)do { if (global_) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(global_->realm() == this)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(global_->realm() == this)
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("global_->realm() == this"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Realm-inl.h"
, 25); AnnotateMozCrashReason("MOZ_ASSERT" "(" "global_->realm() == this"
")"); do { *((volatile int*)__null) = 25; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
26 return global_;
27}
28
29inline bool JS::Realm::hasLiveGlobal() const {
30 // The global is swept by traceWeakGlobalEdge when we start sweeping a zone
31 // group. This frees the GlobalObjectData, so the realm must live at least as
32 // long as the global.
33 MOZ_ASSERT_IF(global_, !js::gc::IsAboutToBeFinalized(global_))do { if (global_) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(!js::gc::IsAboutToBeFinalized(global_))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(!js::gc::IsAboutToBeFinalized(global_)))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("!js::gc::IsAboutToBeFinalized(global_)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Realm-inl.h"
, 33); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!js::gc::IsAboutToBeFinalized(global_)"
")"); do { *((volatile int*)__null) = 33; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
34 return bool(global_);
35}
36
37inline bool JS::Realm::hasInitializedGlobal() const {
38 return hasLiveGlobal() && !initializingGlobal_;
39}
40
41inline bool JS::Realm::marked() const {
42 // The Realm survives in the following cases:
43 // - its global is live
44 // - it has been entered (to ensure we don't destroy the Realm while we're
45 // allocating its global)
46 // - it was allocated after the start of an incremental GC (as there may be
47 // pointers to it from other GC things)
48 return hasLiveGlobal() || hasBeenEnteredIgnoringJit() ||
49 allocatedDuringIncrementalGC_;
50}
51
52/* static */ inline js::ObjectRealm& js::ObjectRealm::get(const JSObject* obj) {
53 // Note: obj might be a CCW if we're accessing ObjectRealm::enumerators.
54 // CCWs here are fine because we always return the same ObjectRealm for a
55 // particular (CCW) object.
56 return obj->maybeCCWRealm()->objects_;
57}
58
59template <typename T>
60js::AutoRealm::AutoRealm(JSContext* cx, const T& target)
61 : cx_(cx), origin_(cx->realm()) {
62 cx_->enterRealmOf(target);
63}
64
65// Protected constructor that bypasses assertions in enterRealmOf.
66js::AutoRealm::AutoRealm(JSContext* cx, JS::Realm* target)
67 : cx_(cx), origin_(cx->realm()) {
68 cx_->enterRealm(target);
69}
70
71js::AutoRealm::~AutoRealm() { cx_->leaveRealm(origin_); }
24
Called C++ object pointer is uninitialized
72
73js::AutoFunctionOrCurrentRealm::AutoFunctionOrCurrentRealm(JSContext* cx,
74 HandleObject fun) {
75 JS::Realm* realm = JS::GetFunctionRealm(cx, fun);
76 if (!realm) {
77 cx->clearPendingException();
78 return;
79 }
80
81 // Enter the function's realm.
82 ar_.emplace(cx, realm);
83}
84
85js::AutoAllocInAtomsZone::AutoAllocInAtomsZone(JSContext* cx)
86 : cx_(cx), origin_(cx->realm()) {
87 cx_->enterAtomsZone();
88}
89
90js::AutoAllocInAtomsZone::~AutoAllocInAtomsZone() {
91 cx_->leaveAtomsZone(origin_);
92}
93
94js::AutoMaybeLeaveAtomsZone::AutoMaybeLeaveAtomsZone(JSContext* cx)
95 : cx_(cx), wasInAtomsZone_(cx->zone() && cx->zone()->isAtomsZone()) {
96 if (wasInAtomsZone_) {
97 cx_->leaveAtomsZone(nullptr);
98 }
99}
100
101js::AutoMaybeLeaveAtomsZone::~AutoMaybeLeaveAtomsZone() {
102 if (wasInAtomsZone_) {
103 cx_->enterAtomsZone();
104 }
105}
106
107js::AutoRealmUnchecked::AutoRealmUnchecked(JSContext* cx, JS::Realm* target)
108 : AutoRealm(cx, target) {}
109
110#endif /* vm_Realm_inl_h */