Bug Summary

File:var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Realm-inl.h
Warning:line 71, column 31
Called C++ object pointer is uninitialized

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name Interpreter.cpp -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=cplusplus -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -analyzer-config-compatibility-mode=true -mrelocation-model pic -pic-level 2 -fhalf-no-semantic-interposition -mframe-pointer=all -relaxed-aliasing -ffp-contract=off -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fdebug-compilation-dir=/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/js/src -fcoverage-compilation-dir=/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/js/src -resource-dir /usr/lib/llvm-20/lib/clang/20 -include /var/lib/jenkins/workspace/firefox-scan-build/config/gcc_hidden.h -include /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/mozilla-config.h -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/stl_wrappers -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/system_wrappers -U _FORTIFY_SOURCE -D _FORTIFY_SOURCE=2 -D _GLIBCXX_ASSERTIONS -D DEBUG=1 -D WASM_SUPPORTS_HUGE_MEMORY -D JS_CACHEIR_SPEW -D JS_STRUCTURED_SPEW -D JS_HAS_CTYPES -D FFI_BUILDING -D EXPORT_JS_API -D MOZ_HAS_MOZGLUE -D MOZ_SUPPORT_LEAKCHECKING -I /var/lib/jenkins/workspace/firefox-scan-build/js/src -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/js/src -I /var/lib/jenkins/workspace/firefox-scan-build/intl/icu_capi/bindings/c -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/js/src/ctypes/libffi/include -I /var/lib/jenkins/workspace/firefox-scan-build/js/src/ctypes/libffi/src/x86 -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/nspr -I /var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/nss -D MOZILLA_CLIENT -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../include/c++/14 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../include/x86_64-linux-gnu/c++/14 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../include/c++/14/backward -internal-isystem /usr/lib/llvm-20/lib/clang/20/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -O3 -Wno-error=tautological-type-limit-compare -Wno-invalid-offsetof -Wno-range-loop-analysis -Wno-deprecated-anon-enum-enum-conversion -Wno-deprecated-enum-enum-conversion -Wno-deprecated-this-capture -Wno-inline-new-delete -Wno-error=deprecated-declarations -Wno-error=array-bounds -Wno-error=free-nonheap-object -Wno-error=atomic-alignment -Wno-error=deprecated-builtins -Wno-psabi -Wno-error=builtin-macro-redefined -Wno-vla-cxx-extension -Wno-unknown-warning-option -fdeprecated-macro -ferror-limit 19 -fstrict-flex-arrays=1 -stack-protector 2 -fstack-clash-protection -ftrivial-auto-var-init=pattern -fno-rtti -fgnuc-version=4.2.1 -fskip-odr-check-in-gmf -fno-sized-deallocation -fno-aligned-allocation -vectorize-loops -vectorize-slp -analyzer-checker optin.performance.Padding -analyzer-output=html -analyzer-config stable-report-filename=true -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/scan-build-2025-01-20-090804-167946-1 -x c++ /var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp

/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp

1/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*-
2 * vim: set ts=8 sts=2 et sw=2 tw=80:
3 * This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7/*
8 * JavaScript bytecode interpreter.
9 */
10
11#include "vm/Interpreter-inl.h"
12
13#include "mozilla/DebugOnly.h"
14#include "mozilla/FloatingPoint.h"
15#include "mozilla/Maybe.h"
16#include "mozilla/ScopeExit.h"
17#include "mozilla/Sprintf.h"
18#include "mozilla/TimeStamp.h"
19
20#include <string.h>
21
22#include "jsapi.h"
23#include "jsnum.h"
24
25#include "builtin/Array.h"
26#include "builtin/Eval.h"
27#include "builtin/ModuleObject.h"
28#include "builtin/Object.h"
29#include "builtin/Promise.h"
30#include "gc/GC.h"
31#include "jit/BaselineJIT.h"
32#include "jit/Jit.h"
33#include "jit/JitRuntime.h"
34#include "js/EnvironmentChain.h" // JS::SupportUnscopables
35#include "js/experimental/JitInfo.h" // JSJitInfo
36#include "js/friend/ErrorMessages.h" // js::GetErrorMessage, JSMSG_*
37#include "js/friend/StackLimits.h" // js::AutoCheckRecursionLimit
38#include "js/friend/WindowProxy.h" // js::IsWindowProxy
39#include "js/Printer.h"
40#include "proxy/DeadObjectProxy.h"
41#include "util/StringBuilder.h"
42#include "vm/AsyncFunction.h"
43#include "vm/AsyncIteration.h"
44#include "vm/BigIntType.h"
45#include "vm/BytecodeUtil.h" // JSDVG_SEARCH_STACK
46#ifdef ENABLE_EXPLICIT_RESOURCE_MANAGEMENT1
47# include "vm/ErrorObject.h"
48#endif
49#include "vm/EqualityOperations.h" // js::StrictlyEqual
50#include "vm/GeneratorObject.h"
51#include "vm/Iteration.h"
52#include "vm/JSContext.h"
53#include "vm/JSFunction.h"
54#include "vm/JSObject.h"
55#include "vm/JSScript.h"
56#include "vm/Opcodes.h"
57#include "vm/PIC.h"
58#include "vm/PlainObject.h" // js::PlainObject
59#include "vm/Scope.h"
60#include "vm/Shape.h"
61#include "vm/SharedStencil.h" // GCThingIndex
62#include "vm/StringType.h"
63#include "vm/ThrowMsgKind.h" // ThrowMsgKind
64#include "vm/TypeofEqOperand.h" // TypeofEqOperand
65#ifdef ENABLE_EXPLICIT_RESOURCE_MANAGEMENT1
66# include "vm/UsingHint.h"
67#endif
68#ifdef ENABLE_RECORD_TUPLE
69# include "vm/RecordType.h"
70# include "vm/TupleType.h"
71#endif
72
73#include "builtin/Boolean-inl.h"
74#include "debugger/DebugAPI-inl.h"
75#include "vm/ArgumentsObject-inl.h"
76#ifdef ENABLE_EXPLICIT_RESOURCE_MANAGEMENT1
77# include "vm/DisposableRecord-inl.h"
78#endif
79#include "vm/EnvironmentObject-inl.h"
80#include "vm/GeckoProfiler-inl.h"
81#include "vm/JSScript-inl.h"
82#include "vm/NativeObject-inl.h"
83#include "vm/ObjectOperations-inl.h"
84#include "vm/PlainObject-inl.h" // js::CopyInitializerObject, js::CreateThis
85#include "vm/Probes-inl.h"
86#include "vm/Stack-inl.h"
87
88using namespace js;
89
90using mozilla::DebugOnly;
91using mozilla::NumberEqualsInt32;
92
93template <bool Eq>
94static MOZ_ALWAYS_INLINEinline bool LooseEqualityOp(JSContext* cx,
95 InterpreterRegs& regs) {
96 HandleValue rval = regs.stackHandleAt(-1);
97 HandleValue lval = regs.stackHandleAt(-2);
98 bool cond;
99 if (!LooselyEqual(cx, lval, rval, &cond)) {
100 return false;
101 }
102 cond = (cond == Eq);
103 regs.sp--;
104 regs.sp[-1].setBoolean(cond);
105 return true;
106}
107
108JSObject* js::BoxNonStrictThis(JSContext* cx, HandleValue thisv) {
109 MOZ_ASSERT(!thisv.isMagic())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!thisv.isMagic())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!thisv.isMagic()))), 0))) { do
{ } while (false); MOZ_ReportAssertionFailure("!thisv.isMagic()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 109); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!thisv.isMagic()"
")"); do { *((volatile int*)__null) = 109; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
110
111 if (thisv.isNullOrUndefined()) {
112 return cx->global()->lexicalEnvironment().thisObject();
113 }
114
115 if (thisv.isObject()) {
116 return &thisv.toObject();
117 }
118
119 return PrimitiveToObject(cx, thisv);
120}
121
122static bool IsNSVOLexicalEnvironment(JSObject* env) {
123 return env->is<LexicalEnvironmentObject>() &&
124 env->as<LexicalEnvironmentObject>()
125 .enclosingEnvironment()
126 .is<NonSyntacticVariablesObject>();
127}
128
129bool js::GetFunctionThis(JSContext* cx, AbstractFramePtr frame,
130 MutableHandleValue res) {
131 MOZ_ASSERT(frame.isFunctionFrame())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(frame.isFunctionFrame())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(frame.isFunctionFrame()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("frame.isFunctionFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 131); AnnotateMozCrashReason("MOZ_ASSERT" "(" "frame.isFunctionFrame()"
")"); do { *((volatile int*)__null) = 131; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
132 MOZ_ASSERT(!frame.callee()->isArrow())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!frame.callee()->isArrow())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!frame.callee()->isArrow(
)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!frame.callee()->isArrow()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 132); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!frame.callee()->isArrow()"
")"); do { *((volatile int*)__null) = 132; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
133
134 if (frame.thisArgument().isObject() || frame.callee()->strict()) {
135 res.set(frame.thisArgument());
136 return true;
137 }
138
139 MOZ_ASSERT(!frame.callee()->isSelfHostedBuiltin(),do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!frame.callee()->isSelfHostedBuiltin())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(!frame.callee()->isSelfHostedBuiltin()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("!frame.callee()->isSelfHostedBuiltin()"
" (" "Self-hosted builtins must be strict" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 140); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!frame.callee()->isSelfHostedBuiltin()"
") (" "Self-hosted builtins must be strict" ")"); do { *((volatile
int*)__null) = 140; __attribute__((nomerge)) ::abort(); } while
(false); } } while (false)
140 "Self-hosted builtins must be strict")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!frame.callee()->isSelfHostedBuiltin())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(!frame.callee()->isSelfHostedBuiltin()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("!frame.callee()->isSelfHostedBuiltin()"
" (" "Self-hosted builtins must be strict" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 140); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!frame.callee()->isSelfHostedBuiltin()"
") (" "Self-hosted builtins must be strict" ")"); do { *((volatile
int*)__null) = 140; __attribute__((nomerge)) ::abort(); } while
(false); } } while (false);
141
142 RootedValue thisv(cx, frame.thisArgument());
143
144 // If there is a NSVO on environment chain, use it as basis for fallback
145 // global |this|. This gives a consistent definition of global lexical
146 // |this| between function and global contexts.
147 //
148 // NOTE: If only non-syntactic WithEnvironments are on the chain, we use the
149 // global lexical |this| value. This is for compatibility with the Subscript
150 // Loader.
151 if (frame.script()->hasNonSyntacticScope() && thisv.isNullOrUndefined()) {
152 JSObject* env = frame.environmentChain();
153 while (true) {
154 if (IsNSVOLexicalEnvironment(env) ||
155 env->is<GlobalLexicalEnvironmentObject>()) {
156 auto* obj = env->as<ExtensibleLexicalEnvironmentObject>().thisObject();
157 res.setObject(*obj);
158 return true;
159 }
160 if (!env->enclosingEnvironment()) {
161 // This can only happen in Debugger eval frames: in that case we
162 // don't always have a global lexical env, see EvaluateInEnv.
163 MOZ_ASSERT(env->is<GlobalObject>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(env->is<GlobalObject>())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(env->is<GlobalObject>
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("env->is<GlobalObject>()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 163); AnnotateMozCrashReason("MOZ_ASSERT" "(" "env->is<GlobalObject>()"
")"); do { *((volatile int*)__null) = 163; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
164 res.setObject(*GetThisObject(env));
165 return true;
166 }
167 env = env->enclosingEnvironment();
168 }
169 }
170
171 JSObject* obj = BoxNonStrictThis(cx, thisv);
172 if (!obj) {
173 return false;
174 }
175
176 res.setObject(*obj);
177 return true;
178}
179
180void js::GetNonSyntacticGlobalThis(JSContext* cx, HandleObject envChain,
181 MutableHandleValue res) {
182 JSObject* env = envChain;
183 while (true) {
184 if (env->is<ExtensibleLexicalEnvironmentObject>()) {
185 auto* obj = env->as<ExtensibleLexicalEnvironmentObject>().thisObject();
186 res.setObject(*obj);
187 return;
188 }
189 if (!env->enclosingEnvironment()) {
190 // This can only happen in Debugger eval frames: in that case we
191 // don't always have a global lexical env, see EvaluateInEnv.
192 MOZ_ASSERT(env->is<GlobalObject>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(env->is<GlobalObject>())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(env->is<GlobalObject>
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("env->is<GlobalObject>()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 192); AnnotateMozCrashReason("MOZ_ASSERT" "(" "env->is<GlobalObject>()"
")"); do { *((volatile int*)__null) = 192; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
193 res.setObject(*GetThisObject(env));
194 return;
195 }
196 env = env->enclosingEnvironment();
197 }
198}
199
200#ifdef DEBUG1
201static bool IsSelfHostedOrKnownBuiltinCtor(JSFunction* fun, JSContext* cx) {
202 if (fun->isSelfHostedOrIntrinsic()) {
203 return true;
204 }
205
206 // GetBuiltinConstructor in MapGroupBy
207 if (fun == cx->global()->maybeGetConstructor(JSProto_Map)) {
208 return true;
209 }
210
211 // GetBuiltinConstructor in intlFallbackSymbol
212 if (fun == cx->global()->maybeGetConstructor(JSProto_Symbol)) {
213 return true;
214 }
215
216 // ConstructorForTypedArray in MergeSortTypedArray
217 if (fun == cx->global()->maybeGetConstructor(JSProto_Int8Array) ||
218 fun == cx->global()->maybeGetConstructor(JSProto_Uint8Array) ||
219 fun == cx->global()->maybeGetConstructor(JSProto_Int16Array) ||
220 fun == cx->global()->maybeGetConstructor(JSProto_Uint16Array) ||
221 fun == cx->global()->maybeGetConstructor(JSProto_Int32Array) ||
222 fun == cx->global()->maybeGetConstructor(JSProto_Uint32Array) ||
223 fun == cx->global()->maybeGetConstructor(JSProto_Float32Array) ||
224 fun == cx->global()->maybeGetConstructor(JSProto_Float64Array) ||
225 fun == cx->global()->maybeGetConstructor(JSProto_Uint8ClampedArray) ||
226 fun == cx->global()->maybeGetConstructor(JSProto_BigInt64Array) ||
227 fun == cx->global()->maybeGetConstructor(JSProto_BigUint64Array)) {
228 return true;
229 }
230
231 return false;
232}
233#endif // DEBUG
234
235bool js::Debug_CheckSelfHosted(JSContext* cx, HandleValue funVal) {
236#ifdef DEBUG1
237 JSFunction* fun = &UncheckedUnwrap(&funVal.toObject())->as<JSFunction>();
238 MOZ_ASSERT(IsSelfHostedOrKnownBuiltinCtor(fun, cx),do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsSelfHostedOrKnownBuiltinCtor(fun, cx))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(IsSelfHostedOrKnownBuiltinCtor(fun, cx)))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("IsSelfHostedOrKnownBuiltinCtor(fun, cx)"
" (" "functions directly called inside self-hosted JS must be one of "
"selfhosted function, self-hosted intrinsic, or known built-in "
"constructor" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 241); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsSelfHostedOrKnownBuiltinCtor(fun, cx)"
") (" "functions directly called inside self-hosted JS must be one of "
"selfhosted function, self-hosted intrinsic, or known built-in "
"constructor" ")"); do { *((volatile int*)__null) = 241; __attribute__
((nomerge)) ::abort(); } while (false); } } while (false)
239 "functions directly called inside self-hosted JS must be one of "do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsSelfHostedOrKnownBuiltinCtor(fun, cx))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(IsSelfHostedOrKnownBuiltinCtor(fun, cx)))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("IsSelfHostedOrKnownBuiltinCtor(fun, cx)"
" (" "functions directly called inside self-hosted JS must be one of "
"selfhosted function, self-hosted intrinsic, or known built-in "
"constructor" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 241); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsSelfHostedOrKnownBuiltinCtor(fun, cx)"
") (" "functions directly called inside self-hosted JS must be one of "
"selfhosted function, self-hosted intrinsic, or known built-in "
"constructor" ")"); do { *((volatile int*)__null) = 241; __attribute__
((nomerge)) ::abort(); } while (false); } } while (false)
240 "selfhosted function, self-hosted intrinsic, or known built-in "do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsSelfHostedOrKnownBuiltinCtor(fun, cx))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(IsSelfHostedOrKnownBuiltinCtor(fun, cx)))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("IsSelfHostedOrKnownBuiltinCtor(fun, cx)"
" (" "functions directly called inside self-hosted JS must be one of "
"selfhosted function, self-hosted intrinsic, or known built-in "
"constructor" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 241); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsSelfHostedOrKnownBuiltinCtor(fun, cx)"
") (" "functions directly called inside self-hosted JS must be one of "
"selfhosted function, self-hosted intrinsic, or known built-in "
"constructor" ")"); do { *((volatile int*)__null) = 241; __attribute__
((nomerge)) ::abort(); } while (false); } } while (false)
241 "constructor")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsSelfHostedOrKnownBuiltinCtor(fun, cx))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(IsSelfHostedOrKnownBuiltinCtor(fun, cx)))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("IsSelfHostedOrKnownBuiltinCtor(fun, cx)"
" (" "functions directly called inside self-hosted JS must be one of "
"selfhosted function, self-hosted intrinsic, or known built-in "
"constructor" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 241); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsSelfHostedOrKnownBuiltinCtor(fun, cx)"
") (" "functions directly called inside self-hosted JS must be one of "
"selfhosted function, self-hosted intrinsic, or known built-in "
"constructor" ")"); do { *((volatile int*)__null) = 241; __attribute__
((nomerge)) ::abort(); } while (false); } } while (false);
242#else
243 MOZ_CRASH("self-hosted checks should only be done in Debug builds")do { do { } while (false); MOZ_ReportCrash("" "self-hosted checks should only be done in Debug builds"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 243); AnnotateMozCrashReason("MOZ_CRASH(" "self-hosted checks should only be done in Debug builds"
")"); do { *((volatile int*)__null) = 243; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
244#endif
245
246 // This is purely to police self-hosted code. There is no actual operation.
247 return true;
248}
249
250static inline bool GetLengthProperty(const Value& lval, MutableHandleValue vp) {
251 /* Optimize length accesses on strings, arrays, and arguments. */
252 if (lval.isString()) {
253 vp.setInt32(lval.toString()->length());
254 return true;
255 }
256 if (lval.isObject()) {
257 JSObject* obj = &lval.toObject();
258 if (obj->is<ArrayObject>()) {
259 vp.setNumber(obj->as<ArrayObject>().length());
260 return true;
261 }
262
263 if (obj->is<ArgumentsObject>()) {
264 ArgumentsObject* argsobj = &obj->as<ArgumentsObject>();
265 if (!argsobj->hasOverriddenLength()) {
266 uint32_t length = argsobj->initialLength();
267 MOZ_ASSERT(length < INT32_MAX)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(length < (2147483647))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(length < (2147483647)))),
0))) { do { } while (false); MOZ_ReportAssertionFailure("length < (2147483647)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 267); AnnotateMozCrashReason("MOZ_ASSERT" "(" "length < (2147483647)"
")"); do { *((volatile int*)__null) = 267; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
268 vp.setInt32(int32_t(length));
269 return true;
270 }
271 }
272 }
273
274 return false;
275}
276
277static inline bool GetPropertyOperation(JSContext* cx,
278 Handle<PropertyName*> name,
279 HandleValue lval,
280 MutableHandleValue vp) {
281 if (name == cx->names().length && ::GetLengthProperty(lval, vp)) {
282 return true;
283 }
284
285 return GetProperty(cx, lval, name, vp);
286}
287
288static inline bool GetNameOperation(JSContext* cx, HandleObject envChain,
289 Handle<PropertyName*> name, JSOp nextOp,
290 MutableHandleValue vp) {
291 /* Kludge to allow (typeof foo == "undefined") tests. */
292 if (IsTypeOfNameOp(nextOp)) {
293 return GetEnvironmentName<GetNameMode::TypeOf>(cx, envChain, name, vp);
294 }
295 return GetEnvironmentName<GetNameMode::Normal>(cx, envChain, name, vp);
296}
297
298bool js::GetImportOperation(JSContext* cx, HandleObject envChain,
299 HandleScript script, jsbytecode* pc,
300 MutableHandleValue vp) {
301 RootedObject env(cx), pobj(cx);
302 Rooted<PropertyName*> name(cx, script->getName(pc));
303 PropertyResult prop;
304
305 MOZ_ALWAYS_TRUE(LookupName(cx, name, envChain, &env, &pobj, &prop))do { if ((__builtin_expect(!!(LookupName(cx, name, envChain, &
env, &pobj, &prop)), 1))) { } else { do { do { } while
(false); MOZ_ReportCrash("" "LookupName(cx, name, envChain, &env, &pobj, &prop)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 305); AnnotateMozCrashReason("MOZ_CRASH(" "LookupName(cx, name, envChain, &env, &pobj, &prop)"
")"); do { *((volatile int*)__null) = 305; __attribute__((nomerge
)) ::abort(); } while (false); } while (false); } } while (false
);
306 MOZ_ASSERT(env && env->is<ModuleEnvironmentObject>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(env && env->is<ModuleEnvironmentObject
>())>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(env && env->is<ModuleEnvironmentObject
>()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("env && env->is<ModuleEnvironmentObject>()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 306); AnnotateMozCrashReason("MOZ_ASSERT" "(" "env && env->is<ModuleEnvironmentObject>()"
")"); do { *((volatile int*)__null) = 306; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
307 MOZ_ASSERT(env->as<ModuleEnvironmentObject>().hasImportBinding(name))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(env->as<ModuleEnvironmentObject>().hasImportBinding
(name))>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(env->as<ModuleEnvironmentObject>().hasImportBinding
(name)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("env->as<ModuleEnvironmentObject>().hasImportBinding(name)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 307); AnnotateMozCrashReason("MOZ_ASSERT" "(" "env->as<ModuleEnvironmentObject>().hasImportBinding(name)"
")"); do { *((volatile int*)__null) = 307; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
308 return FetchName<GetNameMode::Normal>(cx, env, pobj, name, prop, vp);
309}
310
311bool js::ReportIsNotFunction(JSContext* cx, HandleValue v, int numToSkip,
312 MaybeConstruct construct) {
313 unsigned error = construct ? JSMSG_NOT_CONSTRUCTOR : JSMSG_NOT_FUNCTION;
314 int spIndex = numToSkip >= 0 ? -(numToSkip + 1) : JSDVG_SEARCH_STACK1;
315
316 ReportValueError(cx, error, spIndex, v, nullptr);
317 return false;
318}
319
320JSObject* js::ValueToCallable(JSContext* cx, HandleValue v, int numToSkip,
321 MaybeConstruct construct) {
322 if (v.isObject() && v.toObject().isCallable()) {
323 return &v.toObject();
324 }
325
326 ReportIsNotFunction(cx, v, numToSkip, construct);
327 return nullptr;
328}
329
330static bool MaybeCreateThisForConstructor(JSContext* cx, const CallArgs& args) {
331 if (args.thisv().isObject()) {
332 return true;
333 }
334
335 RootedFunction callee(cx, &args.callee().as<JSFunction>());
336 RootedObject newTarget(cx, &args.newTarget().toObject());
337
338 MOZ_ASSERT(callee->hasBytecode())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(callee->hasBytecode())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(callee->hasBytecode()))),
0))) { do { } while (false); MOZ_ReportAssertionFailure("callee->hasBytecode()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 338); AnnotateMozCrashReason("MOZ_ASSERT" "(" "callee->hasBytecode()"
")"); do { *((volatile int*)__null) = 338; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
339
340 if (!CreateThis(cx, callee, newTarget, GenericObject, args.mutableThisv())) {
341 return false;
342 }
343
344 // Ensure the callee still has a non-lazy script. We normally don't relazify
345 // in active compartments, but the .prototype lookup might have called the
346 // relazifyFunctions testing function that doesn't have this restriction.
347 return JSFunction::getOrCreateScript(cx, callee);
348}
349
350#ifdef ENABLE_RECORD_TUPLE
351static bool AddRecordSpreadOperation(JSContext* cx, HandleValue recHandle,
352 HandleValue spreadeeHandle) {
353 MOZ_ASSERT(recHandle.toExtendedPrimitive().is<RecordType>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(recHandle.toExtendedPrimitive().is<RecordType>
())>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(recHandle.toExtendedPrimitive().is<RecordType>
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("recHandle.toExtendedPrimitive().is<RecordType>()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 353); AnnotateMozCrashReason("MOZ_ASSERT" "(" "recHandle.toExtendedPrimitive().is<RecordType>()"
")"); do { *((volatile int*)__null) = 353; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
354 RecordType* rec = &recHandle.toExtendedPrimitive().as<RecordType>();
355
356 RootedObject obj(cx, ToObjectOrGetObjectPayload(cx, spreadeeHandle));
357
358 RootedIdVector keys(cx);
359 if (!GetPropertyKeys(cx, obj, JSITER_OWNONLY0x8 | JSITER_SYMBOLS0x20, &keys)) {
360 return false;
361 }
362
363 size_t len = keys.length();
364 RootedId propKey(cx);
365 RootedValue propValue(cx);
366 for (size_t i = 0; i < len; i++) {
367 propKey.set(keys[i]);
368
369 // Step 4.c.ii.1.
370 if (MOZ_UNLIKELY(!GetProperty(cx, obj, obj, propKey, &propValue))(__builtin_expect(!!(!GetProperty(cx, obj, obj, propKey, &
propValue)), 0))) {
371 return false;
372 }
373
374 if (MOZ_UNLIKELY(!rec->initializeNextProperty(cx, propKey, propValue))(__builtin_expect(!!(!rec->initializeNextProperty(cx, propKey
, propValue)), 0))) {
375 return false;
376 }
377 }
378
379 return true;
380}
381#endif
382
383InterpreterFrame* InvokeState::pushInterpreterFrame(JSContext* cx) {
384 return cx->interpreterStack().pushInvokeFrame(cx, args_, construct_);
385}
386
387InterpreterFrame* ExecuteState::pushInterpreterFrame(JSContext* cx) {
388 return cx->interpreterStack().pushExecuteFrame(cx, script_, envChain_,
389 evalInFrame_);
390}
391
392InterpreterFrame* RunState::pushInterpreterFrame(JSContext* cx) {
393 if (isInvoke()) {
394 return asInvoke()->pushInterpreterFrame(cx);
395 }
396 return asExecute()->pushInterpreterFrame(cx);
397}
398
399static MOZ_ALWAYS_INLINEinline bool MaybeEnterInterpreterTrampoline(JSContext* cx,
400 RunState& state) {
401#ifdef NIGHTLY_BUILD1
402 if (jit::JitOptions.emitInterpreterEntryTrampoline &&
403 cx->runtime()->hasJitRuntime()) {
404 js::jit::JitRuntime* jitRuntime = cx->runtime()->jitRuntime();
405 JSScript* script = state.script();
406
407 uint8_t* codeRaw = nullptr;
408 auto p = jitRuntime->getInterpreterEntryMap()->lookup(script);
409 if (p) {
410 codeRaw = p->value().raw();
411 } else {
412 js::jit::JitCode* code =
413 jitRuntime->generateEntryTrampolineForScript(cx, script);
414 if (!code) {
415 ReportOutOfMemory(cx);
416 return false;
417 }
418
419 js::jit::EntryTrampoline entry(cx, code);
420 if (!jitRuntime->getInterpreterEntryMap()->put(script, entry)) {
421 ReportOutOfMemory(cx);
422 return false;
423 }
424 codeRaw = code->raw();
425 }
426
427 MOZ_ASSERT(codeRaw, "Should have a valid trampoline here.")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(codeRaw)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(codeRaw))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("codeRaw" " (" "Should have a valid trampoline here."
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 427); AnnotateMozCrashReason("MOZ_ASSERT" "(" "codeRaw" ") ("
"Should have a valid trampoline here." ")"); do { *((volatile
int*)__null) = 427; __attribute__((nomerge)) ::abort(); } while
(false); } } while (false);
428 // The C++ entry thunk is located at the vmInterpreterEntryOffset offset.
429 codeRaw += jitRuntime->vmInterpreterEntryOffset();
430 return js::jit::EnterInterpreterEntryTrampoline(codeRaw, cx, &state);
431 }
432#endif
433 return Interpret(cx, state);
434}
435
436static void AssertExceptionResult(JSContext* cx) {
437 // If this assertion fails, a JSNative or code in the VM returned false
438 // without throwing an exception or calling JS::ReportUncatchableException.
439 MOZ_ASSERT(cx->isExceptionPending() || cx->isPropagatingForcedReturn() ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->isExceptionPending() || cx->isPropagatingForcedReturn
() || cx->hadUncatchableException())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(cx->isExceptionPending() ||
cx->isPropagatingForcedReturn() || cx->hadUncatchableException
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("cx->isExceptionPending() || cx->isPropagatingForcedReturn() || cx->hadUncatchableException()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 440); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->isExceptionPending() || cx->isPropagatingForcedReturn() || cx->hadUncatchableException()"
")"); do { *((volatile int*)__null) = 440; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
440 cx->hadUncatchableException())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->isExceptionPending() || cx->isPropagatingForcedReturn
() || cx->hadUncatchableException())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(cx->isExceptionPending() ||
cx->isPropagatingForcedReturn() || cx->hadUncatchableException
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("cx->isExceptionPending() || cx->isPropagatingForcedReturn() || cx->hadUncatchableException()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 440); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->isExceptionPending() || cx->isPropagatingForcedReturn() || cx->hadUncatchableException()"
")"); do { *((volatile int*)__null) = 440; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
441}
442
443// MSVC with PGO inlines a lot of functions in RunScript, resulting in large
444// stack frames and stack overflow issues, see bug 1167883. Turn off PGO to
445// avoid this.
446#ifdef _MSC_VER
447# pragma optimize("g", off)
448#endif
449bool js::RunScript(JSContext* cx, RunState& state) {
450 AutoCheckRecursionLimit recursion(cx);
451 if (!recursion.check(cx)) {
452 return false;
453 }
454
455 MOZ_ASSERT_IF(cx->runtime()->hasJitRuntime(),do { if (cx->runtime()->hasJitRuntime()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(!cx->
runtime()->jitRuntime()->disallowArbitraryCode())>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(!cx->runtime()->jitRuntime()->disallowArbitraryCode
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!cx->runtime()->jitRuntime()->disallowArbitraryCode()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 456); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cx->runtime()->jitRuntime()->disallowArbitraryCode()"
")"); do { *((volatile int*)__null) = 456; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
456 !cx->runtime()->jitRuntime()->disallowArbitraryCode())do { if (cx->runtime()->hasJitRuntime()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(!cx->
runtime()->jitRuntime()->disallowArbitraryCode())>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(!cx->runtime()->jitRuntime()->disallowArbitraryCode
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!cx->runtime()->jitRuntime()->disallowArbitraryCode()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 456); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cx->runtime()->jitRuntime()->disallowArbitraryCode()"
")"); do { *((volatile int*)__null) = 456; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
457
458 // Since any script can conceivably GC, make sure it's safe to do so.
459 cx->verifyIsSafeToGC();
460
461 // Don't run script while suppressing GC to not confuse JIT code that assumes
462 // some new objects will be allocated in the nursery.
463 MOZ_ASSERT(!cx->suppressGC)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!cx->suppressGC)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!cx->suppressGC))), 0))) {
do { } while (false); MOZ_ReportAssertionFailure("!cx->suppressGC"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 463); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cx->suppressGC"
")"); do { *((volatile int*)__null) = 463; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
464
465 MOZ_ASSERT(cx->realm() == state.script()->realm())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->realm() == state.script()->realm())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(cx->realm() == state.script()->realm()))), 0))) { do
{ } while (false); MOZ_ReportAssertionFailure("cx->realm() == state.script()->realm()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 465); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->realm() == state.script()->realm()"
")"); do { *((volatile int*)__null) = 465; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
466
467 MOZ_DIAGNOSTIC_ASSERT(cx->realm()->isSystem() ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->realm()->isSystem() || cx->runtime()->
allowContentJS())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(cx->realm()->isSystem(
) || cx->runtime()->allowContentJS()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("cx->realm()->isSystem() || cx->runtime()->allowContentJS()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 468); AnnotateMozCrashReason("MOZ_DIAGNOSTIC_ASSERT" "(" "cx->realm()->isSystem() || cx->runtime()->allowContentJS()"
")"); do { *((volatile int*)__null) = 468; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
468 cx->runtime()->allowContentJS())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->realm()->isSystem() || cx->runtime()->
allowContentJS())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(cx->realm()->isSystem(
) || cx->runtime()->allowContentJS()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("cx->realm()->isSystem() || cx->runtime()->allowContentJS()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 468); AnnotateMozCrashReason("MOZ_DIAGNOSTIC_ASSERT" "(" "cx->realm()->isSystem() || cx->runtime()->allowContentJS()"
")"); do { *((volatile int*)__null) = 468; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
469
470 if (!DebugAPI::checkNoExecute(cx, state.script())) {
471 return false;
472 }
473
474 GeckoProfilerEntryMarker marker(cx, state.script());
475
476 bool measuringTime = !cx->isMeasuringExecutionTime();
477 mozilla::TimeStamp startTime;
478 if (measuringTime) {
479 cx->setIsMeasuringExecutionTime(true);
480 cx->setIsExecuting(true);
481 startTime = mozilla::TimeStamp::Now();
482 }
483 auto timerEnd = mozilla::MakeScopeExit([&]() {
484 if (measuringTime) {
485 mozilla::TimeDuration delta = mozilla::TimeStamp::Now() - startTime;
486 cx->realm()->timers.executionTime += delta;
487 cx->setIsMeasuringExecutionTime(false);
488 cx->setIsExecuting(false);
489 }
490 });
491
492 jit::EnterJitStatus status = jit::MaybeEnterJit(cx, state);
493 switch (status) {
494 case jit::EnterJitStatus::Error:
495 return false;
496 case jit::EnterJitStatus::Ok:
497 return true;
498 case jit::EnterJitStatus::NotEntered:
499 break;
500 }
501
502 bool ok = MaybeEnterInterpreterTrampoline(cx, state);
503 if (!ok) {
504 AssertExceptionResult(cx);
505 }
506 return ok;
507}
508#ifdef _MSC_VER
509# pragma optimize("", on)
510#endif
511
512STATIC_PRECONDITION_ASSUME(ubound(args.argv_) >= argc)
513MOZ_ALWAYS_INLINEinline bool CallJSNative(JSContext* cx, Native native,
514 CallReason reason, const CallArgs& args) {
515 AutoCheckRecursionLimit recursion(cx);
516 if (!recursion.check(cx)) {
517 return false;
518 }
519
520 NativeResumeMode resumeMode = DebugAPI::onNativeCall(cx, args, reason);
521 if (resumeMode != NativeResumeMode::Continue) {
522 return resumeMode == NativeResumeMode::Override;
523 }
524
525#ifdef DEBUG1
526 bool alreadyThrowing = cx->isExceptionPending();
527#endif
528 cx->check(args);
529 MOZ_ASSERT(!args.callee().is<ProxyObject>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!args.callee().is<ProxyObject>())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(!args.callee().is<ProxyObject>()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("!args.callee().is<ProxyObject>()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 529); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!args.callee().is<ProxyObject>()"
")"); do { *((volatile int*)__null) = 529; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
530
531 AutoRealm ar(cx, &args.callee());
532 bool ok = native(cx, args.length(), args.base());
533 if (ok) {
534 cx->check(args.rval());
535 MOZ_ASSERT_IF(!alreadyThrowing, !cx->isExceptionPending())do { if (!alreadyThrowing) { do { static_assert( mozilla::detail
::AssertionConditionType<decltype(!cx->isExceptionPending
())>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(!cx->isExceptionPending()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("!cx->isExceptionPending()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 535); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cx->isExceptionPending()"
")"); do { *((volatile int*)__null) = 535; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
536 } else {
537 AssertExceptionResult(cx);
538 }
539 return ok;
540}
541
542STATIC_PRECONDITION(ubound(args.argv_) >= argc)
543MOZ_ALWAYS_INLINEinline bool CallJSNativeConstructor(JSContext* cx, Native native,
544 const CallArgs& args) {
545#ifdef DEBUG1
546 RootedObject callee(cx, &args.callee());
547#endif
548
549 MOZ_ASSERT(args.thisv().isMagic())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.thisv().isMagic())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.thisv().isMagic()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("args.thisv().isMagic()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 549); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.thisv().isMagic()"
")"); do { *((volatile int*)__null) = 549; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
550 if (!CallJSNative(cx, native, CallReason::Call, args)) {
551 return false;
552 }
553
554 /*
555 * Native constructors must return non-primitive values on success.
556 * Although it is legal, if a constructor returns the callee, there is a
557 * 99.9999% chance it is a bug. If any valid code actually wants the
558 * constructor to return the callee, the assertion can be removed or
559 * (another) conjunct can be added to the antecedent.
560 *
561 * Exceptions:
562 * - (new Object(Object)) returns the callee.
563 * - The bound function construct hook can return an arbitrary object,
564 * including the callee.
565 *
566 * Also allow if this may be due to a debugger hook since fuzzing may let this
567 * happen.
568 */
569 MOZ_ASSERT(args.rval().isObject())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.rval().isObject())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.rval().isObject()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("args.rval().isObject()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 569); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.rval().isObject()"
")"); do { *((volatile int*)__null) = 569; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
570 MOZ_ASSERT_IF(!JS_IsNativeFunction(callee, obj_construct) &&do { if (!JS_IsNativeFunction(callee, obj_construct) &&
!callee->is<BoundFunctionObject>() && !cx->
realm()->debuggerObservesNativeCall()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(args.rval
() != ObjectValue(*callee))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.rval() != ObjectValue(*
callee)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("args.rval() != ObjectValue(*callee)", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 573); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.rval() != ObjectValue(*callee)"
")"); do { *((volatile int*)__null) = 573; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
571 !callee->is<BoundFunctionObject>() &&do { if (!JS_IsNativeFunction(callee, obj_construct) &&
!callee->is<BoundFunctionObject>() && !cx->
realm()->debuggerObservesNativeCall()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(args.rval
() != ObjectValue(*callee))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.rval() != ObjectValue(*
callee)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("args.rval() != ObjectValue(*callee)", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 573); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.rval() != ObjectValue(*callee)"
")"); do { *((volatile int*)__null) = 573; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
572 !cx->realm()->debuggerObservesNativeCall(),do { if (!JS_IsNativeFunction(callee, obj_construct) &&
!callee->is<BoundFunctionObject>() && !cx->
realm()->debuggerObservesNativeCall()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(args.rval
() != ObjectValue(*callee))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.rval() != ObjectValue(*
callee)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("args.rval() != ObjectValue(*callee)", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 573); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.rval() != ObjectValue(*callee)"
")"); do { *((volatile int*)__null) = 573; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
573 args.rval() != ObjectValue(*callee))do { if (!JS_IsNativeFunction(callee, obj_construct) &&
!callee->is<BoundFunctionObject>() && !cx->
realm()->debuggerObservesNativeCall()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(args.rval
() != ObjectValue(*callee))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.rval() != ObjectValue(*
callee)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("args.rval() != ObjectValue(*callee)", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 573); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.rval() != ObjectValue(*callee)"
")"); do { *((volatile int*)__null) = 573; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
574
575 return true;
576}
577
578/*
579 * Find a function reference and its 'this' value implicit first parameter
580 * under argc arguments on cx's stack, and call the function. Push missing
581 * required arguments, allocate declared local variables, and pop everything
582 * when done. Then push the return value.
583 *
584 * Note: This function DOES NOT call GetThisValue to munge |args.thisv()| if
585 * necessary. The caller (usually the interpreter) must have performed
586 * this step already!
587 */
588bool js::InternalCallOrConstruct(JSContext* cx, const CallArgs& args,
589 MaybeConstruct construct,
590 CallReason reason /* = CallReason::Call */) {
591 MOZ_ASSERT(args.length() <= ARGS_LENGTH_MAX)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.length() <= ARGS_LENGTH_MAX)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.length() <= ARGS_LENGTH_MAX
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"args.length() <= ARGS_LENGTH_MAX", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 591); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.length() <= ARGS_LENGTH_MAX"
")"); do { *((volatile int*)__null) = 591; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
592
593 unsigned skipForCallee = args.length() + 1 + (construct == CONSTRUCT);
594 if (args.calleev().isPrimitive()) {
595 return ReportIsNotFunction(cx, args.calleev(), skipForCallee, construct);
596 }
597
598 /* Invoke non-functions. */
599 if (MOZ_UNLIKELY(!args.callee().is<JSFunction>())(__builtin_expect(!!(!args.callee().is<JSFunction>()), 0
))) {
600 MOZ_ASSERT_IF(construct, !args.callee().isConstructor())do { if (construct) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(!args.callee().isConstructor())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!args.callee().isConstructor
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!args.callee().isConstructor()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 600); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!args.callee().isConstructor()"
")"); do { *((volatile int*)__null) = 600; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
601
602 if (!args.callee().isCallable()) {
603 return ReportIsNotFunction(cx, args.calleev(), skipForCallee, construct);
604 }
605
606 if (args.callee().is<ProxyObject>()) {
607 RootedObject proxy(cx, &args.callee());
608 return Proxy::call(cx, proxy, args);
609 }
610
611 JSNative call = args.callee().callHook();
612 MOZ_ASSERT(call, "isCallable without a callHook?")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(call)>::isValid, "invalid assertion condition"); if
((__builtin_expect(!!(!(!!(call))), 0))) { do { } while (false
); MOZ_ReportAssertionFailure("call" " (" "isCallable without a callHook?"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 612); AnnotateMozCrashReason("MOZ_ASSERT" "(" "call" ") (" "isCallable without a callHook?"
")"); do { *((volatile int*)__null) = 612; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
613
614 return CallJSNative(cx, call, reason, args);
615 }
616
617 /* Invoke native functions. */
618 RootedFunction fun(cx, &args.callee().as<JSFunction>());
619 if (fun->isNativeFun()) {
620 MOZ_ASSERT_IF(construct, !fun->isConstructor())do { if (construct) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(!fun->isConstructor())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!fun->isConstructor()))),
0))) { do { } while (false); MOZ_ReportAssertionFailure("!fun->isConstructor()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 620); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!fun->isConstructor()"
")"); do { *((volatile int*)__null) = 620; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
621 JSNative native = fun->native();
622 if (!construct && args.ignoresReturnValue() && fun->hasJitInfo()) {
623 const JSJitInfo* jitInfo = fun->jitInfo();
624 if (jitInfo->type() == JSJitInfo::IgnoresReturnValueNative) {
625 native = jitInfo->ignoresReturnValueMethod;
626 }
627 }
628 return CallJSNative(cx, native, reason, args);
629 }
630
631 // Self-hosted builtins are considered native by the onNativeCall hook.
632 if (fun->isSelfHostedBuiltin()) {
633 NativeResumeMode resumeMode = DebugAPI::onNativeCall(cx, args, reason);
634 if (resumeMode != NativeResumeMode::Continue) {
635 return resumeMode == NativeResumeMode::Override;
636 }
637 }
638
639 if (!JSFunction::getOrCreateScript(cx, fun)) {
640 return false;
641 }
642
643 /* Run function until JSOp::RetRval, JSOp::Return or error. */
644 InvokeState state(cx, args, construct);
645
646 // Create |this| if we're constructing. Switch to the callee's realm to
647 // ensure this object has the correct realm.
648 AutoRealm ar(cx, state.script());
649 if (construct && !MaybeCreateThisForConstructor(cx, args)) {
650 return false;
651 }
652
653 // Calling class constructors throws an error from the callee's realm.
654 if (construct != CONSTRUCT && fun->isClassConstructor()) {
655 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
656 JSMSG_CANT_CALL_CLASS_CONSTRUCTOR);
657 return false;
658 }
659
660 bool ok = RunScript(cx, state);
661
662 MOZ_ASSERT_IF(ok && construct, args.rval().isObject())do { if (ok && construct) { do { static_assert( mozilla
::detail::AssertionConditionType<decltype(args.rval().isObject
())>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(args.rval().isObject()))), 0))) { do { } while (false
); MOZ_ReportAssertionFailure("args.rval().isObject()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 662); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.rval().isObject()"
")"); do { *((volatile int*)__null) = 662; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
663 return ok;
664}
665
666// Returns true if the callee needs an outerized |this| object. Outerization
667// means passing the WindowProxy instead of the Window (a GlobalObject) because
668// we must never expose the Window to script. This returns false only for DOM
669// getters or setters.
670static bool CalleeNeedsOuterizedThisObject(const Value& callee) {
671 if (!callee.isObject() || !callee.toObject().is<JSFunction>()) {
672 return true;
673 }
674 JSFunction& fun = callee.toObject().as<JSFunction>();
675 if (!fun.isNativeFun() || !fun.hasJitInfo()) {
676 return true;
677 }
678 return fun.jitInfo()->needsOuterizedThisObject();
679}
680
681static bool InternalCall(JSContext* cx, const AnyInvokeArgs& args,
682 CallReason reason) {
683 MOZ_ASSERT(args.array() + args.length() == args.end(),do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.array() + args.length() == args.end())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(args.array() + args.length() == args.end()))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("args.array() + args.length() == args.end()"
" (" "must pass calling arguments to a calling attempt" ")",
"/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 684); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.array() + args.length() == args.end()"
") (" "must pass calling arguments to a calling attempt" ")"
); do { *((volatile int*)__null) = 684; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
684 "must pass calling arguments to a calling attempt")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.array() + args.length() == args.end())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(args.array() + args.length() == args.end()))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("args.array() + args.length() == args.end()"
" (" "must pass calling arguments to a calling attempt" ")",
"/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 684); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.array() + args.length() == args.end()"
") (" "must pass calling arguments to a calling attempt" ")"
); do { *((volatile int*)__null) = 684; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
685
686#ifdef DEBUG1
687 // The caller is responsible for calling GetThisObject if needed.
688 if (args.thisv().isObject()) {
689 JSObject* thisObj = &args.thisv().toObject();
690 MOZ_ASSERT_IF(CalleeNeedsOuterizedThisObject(args.calleev()),do { if (CalleeNeedsOuterizedThisObject(args.calleev())) { do
{ static_assert( mozilla::detail::AssertionConditionType<
decltype(GetThisObject(thisObj) == thisObj)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(GetThisObject(thisObj) == thisObj
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"GetThisObject(thisObj) == thisObj", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 691); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetThisObject(thisObj) == thisObj"
")"); do { *((volatile int*)__null) = 691; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
691 GetThisObject(thisObj) == thisObj)do { if (CalleeNeedsOuterizedThisObject(args.calleev())) { do
{ static_assert( mozilla::detail::AssertionConditionType<
decltype(GetThisObject(thisObj) == thisObj)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(GetThisObject(thisObj) == thisObj
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"GetThisObject(thisObj) == thisObj", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 691); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetThisObject(thisObj) == thisObj"
")"); do { *((volatile int*)__null) = 691; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
692 }
693#endif
694
695 return InternalCallOrConstruct(cx, args, NO_CONSTRUCT, reason);
696}
697
698bool js::CallFromStack(JSContext* cx, const CallArgs& args,
699 CallReason reason /* = CallReason::Call */) {
700 return InternalCall(cx, static_cast<const AnyInvokeArgs&>(args), reason);
701}
702
703// ES7 rev 0c1bd3004329336774cbc90de727cd0cf5f11e93
704// 7.3.12 Call.
705bool js::Call(JSContext* cx, HandleValue fval, HandleValue thisv,
706 const AnyInvokeArgs& args, MutableHandleValue rval,
707 CallReason reason) {
708 // Explicitly qualify these methods to bypass AnyInvokeArgs's deliberate
709 // shadowing.
710 args.CallArgs::setCallee(fval);
711 args.CallArgs::setThis(thisv);
712
713 if (thisv.isObject()) {
714 // If |this| is a global object, it might be a Window and in that case we
715 // usually have to pass the WindowProxy instead.
716 JSObject* thisObj = &thisv.toObject();
717 if (thisObj->is<GlobalObject>()) {
718 if (CalleeNeedsOuterizedThisObject(fval)) {
719 args.mutableThisv().setObject(*GetThisObject(thisObj));
720 }
721 } else {
722 // Fast path: we don't have to do anything if the object isn't a global.
723 MOZ_ASSERT(GetThisObject(thisObj) == thisObj)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(GetThisObject(thisObj) == thisObj)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(GetThisObject(thisObj) == thisObj
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"GetThisObject(thisObj) == thisObj", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 723); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetThisObject(thisObj) == thisObj"
")"); do { *((volatile int*)__null) = 723; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
724 }
725 }
726
727 if (!InternalCall(cx, args, reason)) {
728 return false;
729 }
730
731 rval.set(args.rval());
732 return true;
733}
734
735static bool InternalConstruct(JSContext* cx, const AnyConstructArgs& args,
736 CallReason reason = CallReason::Call) {
737 MOZ_ASSERT(args.array() + args.length() + 1 == args.end(),do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.array() + args.length() + 1 == args.end())>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(args.array() + args.length() + 1 == args.end()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("args.array() + args.length() + 1 == args.end()"
" (" "must pass constructing arguments to a construction attempt"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 738); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.array() + args.length() + 1 == args.end()"
") (" "must pass constructing arguments to a construction attempt"
")"); do { *((volatile int*)__null) = 738; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
738 "must pass constructing arguments to a construction attempt")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.array() + args.length() + 1 == args.end())>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(args.array() + args.length() + 1 == args.end()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("args.array() + args.length() + 1 == args.end()"
" (" "must pass constructing arguments to a construction attempt"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 738); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.array() + args.length() + 1 == args.end()"
") (" "must pass constructing arguments to a construction attempt"
")"); do { *((volatile int*)__null) = 738; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
739 MOZ_ASSERT(!FunctionClass.getConstruct())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!FunctionClass.getConstruct())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!FunctionClass.getConstruct(
)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!FunctionClass.getConstruct()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 739); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!FunctionClass.getConstruct()"
")"); do { *((volatile int*)__null) = 739; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
740 MOZ_ASSERT(!ExtendedFunctionClass.getConstruct())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!ExtendedFunctionClass.getConstruct())>::isValid,
"invalid assertion condition"); if ((__builtin_expect(!!(!(!
!(!ExtendedFunctionClass.getConstruct()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("!ExtendedFunctionClass.getConstruct()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 740); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!ExtendedFunctionClass.getConstruct()"
")"); do { *((volatile int*)__null) = 740; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
741
742 // Callers are responsible for enforcing these preconditions.
743 MOZ_ASSERT(IsConstructor(args.calleev()),do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsConstructor(args.calleev()))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(IsConstructor(args.calleev()
)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("IsConstructor(args.calleev())" " (" "trying to construct a value that isn't a constructor"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 744); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsConstructor(args.calleev())"
") (" "trying to construct a value that isn't a constructor"
")"); do { *((volatile int*)__null) = 744; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
744 "trying to construct a value that isn't a constructor")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsConstructor(args.calleev()))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(IsConstructor(args.calleev()
)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("IsConstructor(args.calleev())" " (" "trying to construct a value that isn't a constructor"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 744); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsConstructor(args.calleev())"
") (" "trying to construct a value that isn't a constructor"
")"); do { *((volatile int*)__null) = 744; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
745 MOZ_ASSERT(IsConstructor(args.CallArgs::newTarget()),do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsConstructor(args.CallArgs::newTarget()))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(IsConstructor(args.CallArgs::newTarget())))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("IsConstructor(args.CallArgs::newTarget())"
" (" "provided new.target value must be a constructor" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 746); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsConstructor(args.CallArgs::newTarget())"
") (" "provided new.target value must be a constructor" ")")
; do { *((volatile int*)__null) = 746; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
746 "provided new.target value must be a constructor")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsConstructor(args.CallArgs::newTarget()))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(IsConstructor(args.CallArgs::newTarget())))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("IsConstructor(args.CallArgs::newTarget())"
" (" "provided new.target value must be a constructor" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 746); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsConstructor(args.CallArgs::newTarget())"
") (" "provided new.target value must be a constructor" ")")
; do { *((volatile int*)__null) = 746; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
747
748 MOZ_ASSERT(args.thisv().isMagic(JS_IS_CONSTRUCTING) ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.thisv().isMagic(JS_IS_CONSTRUCTING) || args.thisv
().isObject())>::isValid, "invalid assertion condition"); if
((__builtin_expect(!!(!(!!(args.thisv().isMagic(JS_IS_CONSTRUCTING
) || args.thisv().isObject()))), 0))) { do { } while (false);
MOZ_ReportAssertionFailure("args.thisv().isMagic(JS_IS_CONSTRUCTING) || args.thisv().isObject()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 749); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.thisv().isMagic(JS_IS_CONSTRUCTING) || args.thisv().isObject()"
")"); do { *((volatile int*)__null) = 749; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
749 args.thisv().isObject())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.thisv().isMagic(JS_IS_CONSTRUCTING) || args.thisv
().isObject())>::isValid, "invalid assertion condition"); if
((__builtin_expect(!!(!(!!(args.thisv().isMagic(JS_IS_CONSTRUCTING
) || args.thisv().isObject()))), 0))) { do { } while (false);
MOZ_ReportAssertionFailure("args.thisv().isMagic(JS_IS_CONSTRUCTING) || args.thisv().isObject()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 749); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.thisv().isMagic(JS_IS_CONSTRUCTING) || args.thisv().isObject()"
")"); do { *((volatile int*)__null) = 749; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
750
751 JSObject& callee = args.callee();
752 if (callee.is<JSFunction>()) {
753 RootedFunction fun(cx, &callee.as<JSFunction>());
754
755 if (fun->isNativeFun()) {
756 return CallJSNativeConstructor(cx, fun->native(), args);
757 }
758
759 if (!InternalCallOrConstruct(cx, args, CONSTRUCT, reason)) {
760 return false;
761 }
762
763 MOZ_ASSERT(args.CallArgs::rval().isObject())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.CallArgs::rval().isObject())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.CallArgs::rval().isObject
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("args.CallArgs::rval().isObject()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 763); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.CallArgs::rval().isObject()"
")"); do { *((volatile int*)__null) = 763; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
764 return true;
765 }
766
767 if (callee.is<ProxyObject>()) {
768 RootedObject proxy(cx, &callee);
769 return Proxy::construct(cx, proxy, args);
770 }
771
772 JSNative construct = callee.constructHook();
773 MOZ_ASSERT(construct != nullptr, "IsConstructor without a construct hook?")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(construct != nullptr)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(construct != nullptr))), 0))
) { do { } while (false); MOZ_ReportAssertionFailure("construct != nullptr"
" (" "IsConstructor without a construct hook?" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 773); AnnotateMozCrashReason("MOZ_ASSERT" "(" "construct != nullptr"
") (" "IsConstructor without a construct hook?" ")"); do { *
((volatile int*)__null) = 773; __attribute__((nomerge)) ::abort
(); } while (false); } } while (false);
774
775 return CallJSNativeConstructor(cx, construct, args);
776}
777
778// Check that |callee|, the callee in a |new| expression, is a constructor.
779static bool StackCheckIsConstructorCalleeNewTarget(JSContext* cx,
780 HandleValue callee,
781 HandleValue newTarget) {
782 // Calls from the stack could have any old non-constructor callee.
783 if (!IsConstructor(callee)) {
784 ReportValueError(cx, JSMSG_NOT_CONSTRUCTOR, JSDVG_SEARCH_STACK1, callee,
785 nullptr);
786 return false;
787 }
788
789 // The new.target has already been vetted by previous calls, or is the callee.
790 // We can just assert that it's a constructor.
791 MOZ_ASSERT(IsConstructor(newTarget))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsConstructor(newTarget))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(IsConstructor(newTarget)))),
0))) { do { } while (false); MOZ_ReportAssertionFailure("IsConstructor(newTarget)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 791); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsConstructor(newTarget)"
")"); do { *((volatile int*)__null) = 791; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
792
793 return true;
794}
795
796bool js::ConstructFromStack(JSContext* cx, const CallArgs& args,
797 CallReason reason /* CallReason::Call */) {
798 if (!StackCheckIsConstructorCalleeNewTarget(cx, args.calleev(),
799 args.newTarget())) {
800 return false;
801 }
802
803 return InternalConstruct(cx, static_cast<const AnyConstructArgs&>(args),
804 reason);
805}
806
807bool js::Construct(JSContext* cx, HandleValue fval,
808 const AnyConstructArgs& args, HandleValue newTarget,
809 MutableHandleObject objp) {
810 MOZ_ASSERT(args.thisv().isMagic(JS_IS_CONSTRUCTING))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.thisv().isMagic(JS_IS_CONSTRUCTING))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(args.thisv().isMagic(JS_IS_CONSTRUCTING)))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("args.thisv().isMagic(JS_IS_CONSTRUCTING)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 810); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.thisv().isMagic(JS_IS_CONSTRUCTING)"
")"); do { *((volatile int*)__null) = 810; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
811
812 // Explicitly qualify to bypass AnyConstructArgs's deliberate shadowing.
813 args.CallArgs::setCallee(fval);
814 args.CallArgs::newTarget().set(newTarget);
815
816 if (!InternalConstruct(cx, args)) {
817 return false;
818 }
819
820 MOZ_ASSERT(args.CallArgs::rval().isObject())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.CallArgs::rval().isObject())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.CallArgs::rval().isObject
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("args.CallArgs::rval().isObject()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 820); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.CallArgs::rval().isObject()"
")"); do { *((volatile int*)__null) = 820; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
821 objp.set(&args.CallArgs::rval().toObject());
822 return true;
823}
824
825bool js::InternalConstructWithProvidedThis(JSContext* cx, HandleValue fval,
826 HandleValue thisv,
827 const AnyConstructArgs& args,
828 HandleValue newTarget,
829 MutableHandleValue rval) {
830 args.CallArgs::setCallee(fval);
831
832 MOZ_ASSERT(thisv.isObject())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(thisv.isObject())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(thisv.isObject()))), 0))) { do
{ } while (false); MOZ_ReportAssertionFailure("thisv.isObject()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 832); AnnotateMozCrashReason("MOZ_ASSERT" "(" "thisv.isObject()"
")"); do { *((volatile int*)__null) = 832; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
833 args.CallArgs::setThis(thisv);
834
835 args.CallArgs::newTarget().set(newTarget);
836
837 if (!InternalConstruct(cx, args)) {
838 return false;
839 }
840
841 rval.set(args.CallArgs::rval());
842 return true;
843}
844
845bool js::CallGetter(JSContext* cx, HandleValue thisv, HandleValue getter,
846 MutableHandleValue rval) {
847 FixedInvokeArgs<0> args(cx);
848
849 return Call(cx, getter, thisv, args, rval, CallReason::Getter);
850}
851
852bool js::CallSetter(JSContext* cx, HandleValue thisv, HandleValue setter,
853 HandleValue v) {
854 FixedInvokeArgs<1> args(cx);
855 args[0].set(v);
856
857 RootedValue ignored(cx);
858 return Call(cx, setter, thisv, args, &ignored, CallReason::Setter);
859}
860
861bool js::ExecuteKernel(JSContext* cx, HandleScript script,
862 HandleObject envChainArg, AbstractFramePtr evalInFrame,
863 MutableHandleValue result) {
864 MOZ_ASSERT_IF(script->isGlobalCode(),do { if (script->isGlobalCode()) { do { static_assert( mozilla
::detail::AssertionConditionType<decltype(envChainArg->
is<GlobalLexicalEnvironmentObject>() || !IsSyntacticEnvironment
(envChainArg))>::isValid, "invalid assertion condition"); if
((__builtin_expect(!!(!(!!(envChainArg->is<GlobalLexicalEnvironmentObject
>() || !IsSyntacticEnvironment(envChainArg)))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("envChainArg->is<GlobalLexicalEnvironmentObject>() || !IsSyntacticEnvironment(envChainArg)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 866); AnnotateMozCrashReason("MOZ_ASSERT" "(" "envChainArg->is<GlobalLexicalEnvironmentObject>() || !IsSyntacticEnvironment(envChainArg)"
")"); do { *((volatile int*)__null) = 866; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
865 envChainArg->is<GlobalLexicalEnvironmentObject>() ||do { if (script->isGlobalCode()) { do { static_assert( mozilla
::detail::AssertionConditionType<decltype(envChainArg->
is<GlobalLexicalEnvironmentObject>() || !IsSyntacticEnvironment
(envChainArg))>::isValid, "invalid assertion condition"); if
((__builtin_expect(!!(!(!!(envChainArg->is<GlobalLexicalEnvironmentObject
>() || !IsSyntacticEnvironment(envChainArg)))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("envChainArg->is<GlobalLexicalEnvironmentObject>() || !IsSyntacticEnvironment(envChainArg)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 866); AnnotateMozCrashReason("MOZ_ASSERT" "(" "envChainArg->is<GlobalLexicalEnvironmentObject>() || !IsSyntacticEnvironment(envChainArg)"
")"); do { *((volatile int*)__null) = 866; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
866 !IsSyntacticEnvironment(envChainArg))do { if (script->isGlobalCode()) { do { static_assert( mozilla
::detail::AssertionConditionType<decltype(envChainArg->
is<GlobalLexicalEnvironmentObject>() || !IsSyntacticEnvironment
(envChainArg))>::isValid, "invalid assertion condition"); if
((__builtin_expect(!!(!(!!(envChainArg->is<GlobalLexicalEnvironmentObject
>() || !IsSyntacticEnvironment(envChainArg)))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("envChainArg->is<GlobalLexicalEnvironmentObject>() || !IsSyntacticEnvironment(envChainArg)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 866); AnnotateMozCrashReason("MOZ_ASSERT" "(" "envChainArg->is<GlobalLexicalEnvironmentObject>() || !IsSyntacticEnvironment(envChainArg)"
")"); do { *((volatile int*)__null) = 866; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
867#ifdef DEBUG1
868 RootedObject terminatingEnv(cx, envChainArg);
869 while (IsSyntacticEnvironment(terminatingEnv)) {
870 terminatingEnv = terminatingEnv->enclosingEnvironment();
871 }
872 MOZ_ASSERT(terminatingEnv->is<GlobalObject>() ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(terminatingEnv->is<GlobalObject>() || script
->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(terminatingEnv->is<GlobalObject
>() || script->hasNonSyntacticScope()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("terminatingEnv->is<GlobalObject>() || script->hasNonSyntacticScope()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 873); AnnotateMozCrashReason("MOZ_ASSERT" "(" "terminatingEnv->is<GlobalObject>() || script->hasNonSyntacticScope()"
")"); do { *((volatile int*)__null) = 873; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
873 script->hasNonSyntacticScope())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(terminatingEnv->is<GlobalObject>() || script
->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(terminatingEnv->is<GlobalObject
>() || script->hasNonSyntacticScope()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("terminatingEnv->is<GlobalObject>() || script->hasNonSyntacticScope()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 873); AnnotateMozCrashReason("MOZ_ASSERT" "(" "terminatingEnv->is<GlobalObject>() || script->hasNonSyntacticScope()"
")"); do { *((volatile int*)__null) = 873; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
874#endif
875
876 if (script->treatAsRunOnce()) {
877 if (script->hasRunOnce()) {
878 JS_ReportErrorASCII(cx,
879 "Trying to execute a run-once script multiple times");
880 return false;
881 }
882
883 script->setHasRunOnce();
884 }
885
886 if (script->isEmpty()) {
887 result.setUndefined();
888 return true;
889 }
890
891 probes::StartExecution(script);
892 ExecuteState state(cx, script, envChainArg, evalInFrame, result);
893 bool ok = RunScript(cx, state);
894 probes::StopExecution(script);
895
896 return ok;
897}
898
899bool js::Execute(JSContext* cx, HandleScript script, HandleObject envChain,
900 MutableHandleValue rval) {
901 /* The env chain is something we control, so we know it can't
902 have any outer objects on it. */
903 MOZ_ASSERT(!IsWindowProxy(envChain))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!IsWindowProxy(envChain))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!IsWindowProxy(envChain)))),
0))) { do { } while (false); MOZ_ReportAssertionFailure("!IsWindowProxy(envChain)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 903); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!IsWindowProxy(envChain)"
")"); do { *((volatile int*)__null) = 903; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
904
905 if (script->isModule()) {
906 MOZ_RELEASE_ASSERT(do { static_assert( mozilla::detail::AssertionConditionType<
decltype(envChain == script->module()->environment())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(envChain == script->module()->environment())))
, 0))) { do { } while (false); MOZ_ReportAssertionFailure("envChain == script->module()->environment()"
" (" "Module scripts can only be executed in the module's environment"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 908); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "envChain == script->module()->environment()"
") (" "Module scripts can only be executed in the module's environment"
")"); do { *((volatile int*)__null) = 908; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
907 envChain == script->module()->environment(),do { static_assert( mozilla::detail::AssertionConditionType<
decltype(envChain == script->module()->environment())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(envChain == script->module()->environment())))
, 0))) { do { } while (false); MOZ_ReportAssertionFailure("envChain == script->module()->environment()"
" (" "Module scripts can only be executed in the module's environment"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 908); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "envChain == script->module()->environment()"
") (" "Module scripts can only be executed in the module's environment"
")"); do { *((volatile int*)__null) = 908; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
908 "Module scripts can only be executed in the module's environment")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(envChain == script->module()->environment())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(envChain == script->module()->environment())))
, 0))) { do { } while (false); MOZ_ReportAssertionFailure("envChain == script->module()->environment()"
" (" "Module scripts can only be executed in the module's environment"
")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 908); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "envChain == script->module()->environment()"
") (" "Module scripts can only be executed in the module's environment"
")"); do { *((volatile int*)__null) = 908; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
909 } else {
910 MOZ_RELEASE_ASSERT(do { static_assert( mozilla::detail::AssertionConditionType<
decltype(envChain->is<GlobalLexicalEnvironmentObject>
() || script->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(envChain->is<GlobalLexicalEnvironmentObject
>() || script->hasNonSyntacticScope()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
" (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 914); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
") (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")"); do { *((volatile int*)__null) =
914; __attribute__((nomerge)) ::abort(); } while (false); } }
while (false)
911 envChain->is<GlobalLexicalEnvironmentObject>() ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(envChain->is<GlobalLexicalEnvironmentObject>
() || script->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(envChain->is<GlobalLexicalEnvironmentObject
>() || script->hasNonSyntacticScope()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
" (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 914); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
") (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")"); do { *((volatile int*)__null) =
914; __attribute__((nomerge)) ::abort(); } while (false); } }
while (false)
912 script->hasNonSyntacticScope(),do { static_assert( mozilla::detail::AssertionConditionType<
decltype(envChain->is<GlobalLexicalEnvironmentObject>
() || script->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(envChain->is<GlobalLexicalEnvironmentObject
>() || script->hasNonSyntacticScope()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
" (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 914); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
") (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")"); do { *((volatile int*)__null) =
914; __attribute__((nomerge)) ::abort(); } while (false); } }
while (false)
913 "Only global scripts with non-syntactic envs can be executed with "do { static_assert( mozilla::detail::AssertionConditionType<
decltype(envChain->is<GlobalLexicalEnvironmentObject>
() || script->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(envChain->is<GlobalLexicalEnvironmentObject
>() || script->hasNonSyntacticScope()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
" (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 914); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
") (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")"); do { *((volatile int*)__null) =
914; __attribute__((nomerge)) ::abort(); } while (false); } }
while (false)
914 "interesting envchains")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(envChain->is<GlobalLexicalEnvironmentObject>
() || script->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(envChain->is<GlobalLexicalEnvironmentObject
>() || script->hasNonSyntacticScope()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
" (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 914); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "envChain->is<GlobalLexicalEnvironmentObject>() || script->hasNonSyntacticScope()"
") (" "Only global scripts with non-syntactic envs can be executed with "
"interesting envchains" ")"); do { *((volatile int*)__null) =
914; __attribute__((nomerge)) ::abort(); } while (false); } }
while (false);
915 }
916
917 /* Ensure the env chain is all same-compartment and terminates in a global. */
918#ifdef DEBUG1
919 JSObject* s = envChain;
920 do {
921 cx->check(s);
922 MOZ_ASSERT_IF(!s->enclosingEnvironment(), s->is<GlobalObject>())do { if (!s->enclosingEnvironment()) { do { static_assert(
mozilla::detail::AssertionConditionType<decltype(s->is
<GlobalObject>())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(s->is<GlobalObject>
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("s->is<GlobalObject>()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 922); AnnotateMozCrashReason("MOZ_ASSERT" "(" "s->is<GlobalObject>()"
")"); do { *((volatile int*)__null) = 922; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
923 } while ((s = s->enclosingEnvironment()));
924#endif
925
926 return ExecuteKernel(cx, script, envChain, NullFramePtr() /* evalInFrame */,
927 rval);
928}
929
930/*
931 * ES6 (4-25-16) 12.10.4 InstanceofOperator
932 */
933bool js::InstanceofOperator(JSContext* cx, HandleObject obj, HandleValue v,
934 bool* bp) {
935 /* Step 1. is handled by caller. */
936
937 /* Step 2. */
938 RootedValue hasInstance(cx);
939 RootedId id(cx, PropertyKey::Symbol(cx->wellKnownSymbols().hasInstance));
940 if (!GetProperty(cx, obj, obj, id, &hasInstance)) {
941 return false;
942 }
943
944 if (!hasInstance.isNullOrUndefined()) {
945 if (!IsCallable(hasInstance)) {
946 return ReportIsNotFunction(cx, hasInstance);
947 }
948
949 /* Step 3. */
950 RootedValue rval(cx);
951 if (!Call(cx, hasInstance, obj, v, &rval)) {
952 return false;
953 }
954 *bp = ToBoolean(rval);
955 return true;
956 }
957
958 /* Step 4. */
959 if (!obj->isCallable()) {
960 RootedValue val(cx, ObjectValue(*obj));
961 return ReportIsNotFunction(cx, val);
962 }
963
964 /* Step 5. */
965 return OrdinaryHasInstance(cx, obj, v, bp);
966}
967
968JSType js::TypeOfObject(JSObject* obj) {
969#ifdef ENABLE_RECORD_TUPLE
970 MOZ_ASSERT(!js::IsExtendedPrimitive(*obj))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!js::IsExtendedPrimitive(*obj))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!js::IsExtendedPrimitive(*obj
)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!js::IsExtendedPrimitive(*obj)", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 970); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!js::IsExtendedPrimitive(*obj)"
")"); do { *((volatile int*)__null) = 970; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
971#endif
972
973 AutoUnsafeCallWithABI unsafe;
974 if (EmulatesUndefined(obj)) {
975 return JSTYPE_UNDEFINED;
976 }
977 if (obj->isCallable()) {
978 return JSTYPE_FUNCTION;
979 }
980 return JSTYPE_OBJECT;
981}
982
983#ifdef ENABLE_RECORD_TUPLE
984JSType TypeOfExtendedPrimitive(JSObject* obj) {
985 MOZ_ASSERT(js::IsExtendedPrimitive(*obj))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(js::IsExtendedPrimitive(*obj))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(js::IsExtendedPrimitive(*obj
)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("js::IsExtendedPrimitive(*obj)", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 985); AnnotateMozCrashReason("MOZ_ASSERT" "(" "js::IsExtendedPrimitive(*obj)"
")"); do { *((volatile int*)__null) = 985; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
986
987 if (obj->is<RecordType>()) {
988 return JSTYPE_RECORD;
989 }
990 if (obj->is<TupleType>()) {
991 return JSTYPE_TUPLE;
992 }
993 MOZ_CRASH("Unknown ExtendedPrimitive")do { do { } while (false); MOZ_ReportCrash("" "Unknown ExtendedPrimitive"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 993); AnnotateMozCrashReason("MOZ_CRASH(" "Unknown ExtendedPrimitive"
")"); do { *((volatile int*)__null) = 993; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
994}
995#endif
996
997JSType js::TypeOfValue(const Value& v) {
998 switch (v.type()) {
999 case ValueType::Double:
1000 case ValueType::Int32:
1001 return JSTYPE_NUMBER;
1002 case ValueType::String:
1003 return JSTYPE_STRING;
1004 case ValueType::Null:
1005 return JSTYPE_OBJECT;
1006 case ValueType::Undefined:
1007 return JSTYPE_UNDEFINED;
1008 case ValueType::Object:
1009 return TypeOfObject(&v.toObject());
1010#ifdef ENABLE_RECORD_TUPLE
1011 case ValueType::ExtendedPrimitive:
1012 return TypeOfExtendedPrimitive(&v.toExtendedPrimitive());
1013#endif
1014 case ValueType::Boolean:
1015 return JSTYPE_BOOLEAN;
1016 case ValueType::BigInt:
1017 return JSTYPE_BIGINT;
1018 case ValueType::Symbol:
1019 return JSTYPE_SYMBOL;
1020 case ValueType::Magic:
1021 case ValueType::PrivateGCThing:
1022 break;
1023 }
1024
1025 ReportBadValueTypeAndCrash(v);
1026}
1027
1028bool js::CheckClassHeritageOperation(JSContext* cx, HandleValue heritage) {
1029 if (IsConstructor(heritage)) {
1030 return true;
1031 }
1032
1033 if (heritage.isNull()) {
1034 return true;
1035 }
1036
1037 if (heritage.isObject()) {
1038 ReportIsNotFunction(cx, heritage, 0, CONSTRUCT);
1039 return false;
1040 }
1041
1042 ReportValueError(cx, JSMSG_BAD_HERITAGE, -1, heritage, nullptr,
1043 "not an object or null");
1044 return false;
1045}
1046
1047PlainObject* js::ObjectWithProtoOperation(JSContext* cx, HandleValue val) {
1048 if (!val.isObjectOrNull()) {
1049 ReportValueError(cx, JSMSG_NOT_OBJORNULL, -1, val, nullptr);
1050 return nullptr;
1051 }
1052
1053 RootedObject proto(cx, val.toObjectOrNull());
1054 return NewPlainObjectWithProto(cx, proto);
1055}
1056
1057JSObject* js::FunWithProtoOperation(JSContext* cx, HandleFunction fun,
1058 HandleObject parent, HandleObject proto) {
1059 return CloneFunctionReuseScript(cx, fun, parent, proto);
1060}
1061
1062/*
1063 * Enter the new with environment using an object at sp[-1] and associate the
1064 * depth of the with block with sp + stackIndex.
1065 */
1066bool js::EnterWithOperation(JSContext* cx, AbstractFramePtr frame,
1067 HandleValue val, Handle<WithScope*> scope) {
1068 RootedObject obj(cx);
1069 if (val.isObject()) {
1070 obj = &val.toObject();
1071 } else {
1072 obj = ToObject(cx, val);
1073 if (!obj) {
1074 return false;
1075 }
1076 }
1077
1078 RootedObject envChain(cx, frame.environmentChain());
1079 WithEnvironmentObject* withobj = WithEnvironmentObject::create(
1080 cx, obj, envChain, scope, JS::SupportUnscopables::Yes);
1081 if (!withobj) {
1082 return false;
1083 }
1084
1085 frame.pushOnEnvironmentChain(*withobj);
1086 return true;
1087}
1088
1089static void PopEnvironment(JSContext* cx, EnvironmentIter& ei) {
1090 switch (ei.scope().kind()) {
1091 case ScopeKind::Lexical:
1092 case ScopeKind::SimpleCatch:
1093 case ScopeKind::Catch:
1094 case ScopeKind::NamedLambda:
1095 case ScopeKind::StrictNamedLambda:
1096 case ScopeKind::FunctionLexical:
1097 case ScopeKind::ClassBody:
1098 if (MOZ_UNLIKELY(cx->realm()->isDebuggee())(__builtin_expect(!!(cx->realm()->isDebuggee()), 0))) {
1099 DebugEnvironments::onPopLexical(cx, ei);
1100 }
1101 if (ei.scope().hasEnvironment()) {
1102 ei.initialFrame()
1103 .popOffEnvironmentChain<ScopedLexicalEnvironmentObject>();
1104 }
1105 break;
1106 case ScopeKind::With:
1107 if (MOZ_UNLIKELY(cx->realm()->isDebuggee())(__builtin_expect(!!(cx->realm()->isDebuggee()), 0))) {
1108 DebugEnvironments::onPopWith(ei.initialFrame());
1109 }
1110 ei.initialFrame().popOffEnvironmentChain<WithEnvironmentObject>();
1111 break;
1112 case ScopeKind::Function:
1113 if (MOZ_UNLIKELY(cx->realm()->isDebuggee())(__builtin_expect(!!(cx->realm()->isDebuggee()), 0))) {
1114 DebugEnvironments::onPopCall(cx, ei.initialFrame());
1115 }
1116 if (ei.scope().hasEnvironment()) {
1117 ei.initialFrame().popOffEnvironmentChain<CallObject>();
1118 }
1119 break;
1120 case ScopeKind::FunctionBodyVar:
1121 case ScopeKind::StrictEval:
1122 if (MOZ_UNLIKELY(cx->realm()->isDebuggee())(__builtin_expect(!!(cx->realm()->isDebuggee()), 0))) {
1123 DebugEnvironments::onPopVar(cx, ei);
1124 }
1125 if (ei.scope().hasEnvironment()) {
1126 ei.initialFrame().popOffEnvironmentChain<VarEnvironmentObject>();
1127 }
1128 break;
1129 case ScopeKind::Module:
1130 if (MOZ_UNLIKELY(cx->realm()->isDebuggee())(__builtin_expect(!!(cx->realm()->isDebuggee()), 0))) {
1131 DebugEnvironments::onPopModule(cx, ei);
1132 }
1133 break;
1134 case ScopeKind::Eval:
1135 case ScopeKind::Global:
1136 case ScopeKind::NonSyntactic:
1137 break;
1138 case ScopeKind::WasmInstance:
1139 case ScopeKind::WasmFunction:
1140 MOZ_CRASH("wasm is not interpreted")do { do { } while (false); MOZ_ReportCrash("" "wasm is not interpreted"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1140); AnnotateMozCrashReason("MOZ_CRASH(" "wasm is not interpreted"
")"); do { *((volatile int*)__null) = 1140; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
1141 break;
1142 }
1143}
1144
1145// Unwind environment chain and iterator to match the env corresponding to
1146// the given bytecode position.
1147void js::UnwindEnvironment(JSContext* cx, EnvironmentIter& ei, jsbytecode* pc) {
1148 if (!ei.withinInitialFrame()) {
1149 return;
1150 }
1151
1152 Rooted<Scope*> scope(cx, ei.initialFrame().script()->innermostScope(pc));
1153
1154#ifdef DEBUG1
1155 // A frame's environment chain cannot be unwound to anything enclosing the
1156 // body scope of a script. This includes the parameter defaults
1157 // environment and the decl env object. These environments, once pushed
1158 // onto the environment chain, are expected to be there for the duration
1159 // of the frame.
1160 //
1161 // Attempting to unwind to the parameter defaults code in a script is a
1162 // bug; that section of code has no try-catch blocks.
1163 JSScript* script = ei.initialFrame().script();
1164 for (uint32_t i = 0; i < script->bodyScopeIndex(); i++) {
1165 MOZ_ASSERT(scope != script->getScope(GCThingIndex(i)))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(scope != script->getScope(GCThingIndex(i)))>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(scope != script->getScope(GCThingIndex(i))))), 0)
)) { do { } while (false); MOZ_ReportAssertionFailure("scope != script->getScope(GCThingIndex(i))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1165); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope != script->getScope(GCThingIndex(i))"
")"); do { *((volatile int*)__null) = 1165; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1166 }
1167#endif
1168
1169 for (; ei.maybeScope() != scope; ei++) {
1170 PopEnvironment(cx, ei);
1171 }
1172}
1173
1174// Unwind all environments. This is needed because block scopes may cover the
1175// first bytecode at a script's main(). e.g.,
1176//
1177// function f() { { let i = 0; } }
1178//
1179// will have no pc location distinguishing the first block scope from the
1180// outermost function scope.
1181void js::UnwindAllEnvironmentsInFrame(JSContext* cx, EnvironmentIter& ei) {
1182 for (; ei.withinInitialFrame(); ei++) {
1183 PopEnvironment(cx, ei);
1184 }
1185}
1186
1187// Compute the pc needed to unwind the environment to the beginning of a try
1188// block. We cannot unwind to *after* the JSOp::Try, because that might be the
1189// first opcode of an inner scope, with the same problem as above. e.g.,
1190//
1191// try { { let x; } }
1192//
1193// will have no pc location distinguishing the try block scope from the inner
1194// let block scope.
1195jsbytecode* js::UnwindEnvironmentToTryPc(JSScript* script, const TryNote* tn) {
1196 jsbytecode* pc = script->offsetToPC(tn->start);
1197 if (tn->kind() == TryNoteKind::Catch || tn->kind() == TryNoteKind::Finally) {
1198 pc -= JSOpLength_Try;
1199 MOZ_ASSERT(JSOp(*pc) == JSOp::Try)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(JSOp(*pc) == JSOp::Try)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(JSOp(*pc) == JSOp::Try))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("JSOp(*pc) == JSOp::Try"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1199); AnnotateMozCrashReason("MOZ_ASSERT" "(" "JSOp(*pc) == JSOp::Try"
")"); do { *((volatile int*)__null) = 1199; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1200 } else if (tn->kind() == TryNoteKind::Destructuring) {
1201 pc -= JSOpLength_TryDestructuring;
1202 MOZ_ASSERT(JSOp(*pc) == JSOp::TryDestructuring)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(JSOp(*pc) == JSOp::TryDestructuring)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(JSOp(*pc) == JSOp::TryDestructuring
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"JSOp(*pc) == JSOp::TryDestructuring", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1202); AnnotateMozCrashReason("MOZ_ASSERT" "(" "JSOp(*pc) == JSOp::TryDestructuring"
")"); do { *((volatile int*)__null) = 1202; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1203 }
1204 return pc;
1205}
1206
1207static void SettleOnTryNote(JSContext* cx, const TryNote* tn,
1208 EnvironmentIter& ei, InterpreterRegs& regs) {
1209 // Unwind the environment to the beginning of the JSOp::Try.
1210 UnwindEnvironment(cx, ei, UnwindEnvironmentToTryPc(regs.fp()->script(), tn));
1211
1212 // Set pc to the first bytecode after the the try note to point
1213 // to the beginning of catch or finally.
1214 regs.pc = regs.fp()->script()->offsetToPC(tn->start + tn->length);
1215 regs.sp = regs.spForStackDepth(tn->stackDepth);
1216}
1217
1218class InterpreterTryNoteFilter {
1219 const InterpreterRegs& regs_;
1220
1221 public:
1222 explicit InterpreterTryNoteFilter(const InterpreterRegs& regs)
1223 : regs_(regs) {}
1224 bool operator()(const TryNote* note) {
1225 return note->stackDepth <= regs_.stackDepth();
1226 }
1227};
1228
1229class TryNoteIterInterpreter : public TryNoteIter<InterpreterTryNoteFilter> {
1230 public:
1231 TryNoteIterInterpreter(JSContext* cx, const InterpreterRegs& regs)
1232 : TryNoteIter(cx, regs.fp()->script(), regs.pc,
1233 InterpreterTryNoteFilter(regs)) {}
1234};
1235
1236static void UnwindIteratorsForUncatchableException(
1237 JSContext* cx, const InterpreterRegs& regs) {
1238 // c.f. the regular (catchable) TryNoteIterInterpreter loop in
1239 // ProcessTryNotes.
1240 for (TryNoteIterInterpreter tni(cx, regs); !tni.done(); ++tni) {
1241 const TryNote* tn = *tni;
1242 switch (tn->kind()) {
1243 case TryNoteKind::ForIn: {
1244 Value* sp = regs.spForStackDepth(tn->stackDepth);
1245 UnwindIteratorForUncatchableException(&sp[-1].toObject());
1246 break;
1247 }
1248 default:
1249 break;
1250 }
1251 }
1252}
1253
1254enum HandleErrorContinuation {
1255 SuccessfulReturnContinuation,
1256 ErrorReturnContinuation,
1257 CatchContinuation,
1258 FinallyContinuation
1259};
1260
1261static HandleErrorContinuation ProcessTryNotes(JSContext* cx,
1262 EnvironmentIter& ei,
1263 InterpreterRegs& regs) {
1264 for (TryNoteIterInterpreter tni(cx, regs); !tni.done(); ++tni) {
1265 const TryNote* tn = *tni;
1266
1267 switch (tn->kind()) {
1268 case TryNoteKind::Catch:
1269 /* Catch cannot intercept the closing of a generator. */
1270 if (cx->isClosingGenerator()) {
1271 break;
1272 }
1273
1274 SettleOnTryNote(cx, tn, ei, regs);
1275 return CatchContinuation;
1276
1277 case TryNoteKind::Finally:
1278 SettleOnTryNote(cx, tn, ei, regs);
1279 return FinallyContinuation;
1280
1281 case TryNoteKind::ForIn: {
1282 /* This is similar to JSOp::EndIter in the interpreter loop. */
1283 MOZ_ASSERT(tn->stackDepth <= regs.stackDepth())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(tn->stackDepth <= regs.stackDepth())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(tn->stackDepth <= regs.stackDepth()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("tn->stackDepth <= regs.stackDepth()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1283); AnnotateMozCrashReason("MOZ_ASSERT" "(" "tn->stackDepth <= regs.stackDepth()"
")"); do { *((volatile int*)__null) = 1283; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1284 Value* sp = regs.spForStackDepth(tn->stackDepth);
1285 JSObject* obj = &sp[-1].toObject();
1286 CloseIterator(obj);
1287 break;
1288 }
1289
1290 case TryNoteKind::Destructuring: {
1291 // Whether the destructuring iterator is done is at the top of the
1292 // stack. The iterator object is second from the top.
1293 MOZ_ASSERT(tn->stackDepth > 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(tn->stackDepth > 1)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(tn->stackDepth > 1))),
0))) { do { } while (false); MOZ_ReportAssertionFailure("tn->stackDepth > 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1293); AnnotateMozCrashReason("MOZ_ASSERT" "(" "tn->stackDepth > 1"
")"); do { *((volatile int*)__null) = 1293; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1294 Value* sp = regs.spForStackDepth(tn->stackDepth);
1295 RootedValue doneValue(cx, sp[-1]);
1296 MOZ_RELEASE_ASSERT(!doneValue.isMagic())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!doneValue.isMagic())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!doneValue.isMagic()))), 0))
) { do { } while (false); MOZ_ReportAssertionFailure("!doneValue.isMagic()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1296); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "!doneValue.isMagic()"
")"); do { *((volatile int*)__null) = 1296; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1297 bool done = ToBoolean(doneValue);
1298 if (!done) {
1299 RootedObject iterObject(cx, &sp[-2].toObject());
1300 if (!IteratorCloseForException(cx, iterObject)) {
1301 SettleOnTryNote(cx, tn, ei, regs);
1302 return ErrorReturnContinuation;
1303 }
1304 }
1305 break;
1306 }
1307
1308 case TryNoteKind::ForOf:
1309 case TryNoteKind::Loop:
1310 break;
1311
1312 // TryNoteKind::ForOfIterClose is handled internally by the try note
1313 // iterator.
1314 default:
1315 MOZ_CRASH("Invalid try note")do { do { } while (false); MOZ_ReportCrash("" "Invalid try note"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1315); AnnotateMozCrashReason("MOZ_CRASH(" "Invalid try note"
")"); do { *((volatile int*)__null) = 1315; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
1316 }
1317 }
1318
1319 return SuccessfulReturnContinuation;
1320}
1321
1322bool js::HandleClosingGeneratorReturn(JSContext* cx, AbstractFramePtr frame,
1323 bool ok) {
1324 /*
1325 * Propagate the exception or error to the caller unless the exception
1326 * is an asynchronous return from a generator.
1327 */
1328 if (cx->isClosingGenerator()) {
1329 cx->clearPendingException();
1330 ok = true;
1331 auto* genObj = GetGeneratorObjectForFrame(cx, frame);
1332 genObj->setClosed(cx);
1333 }
1334 return ok;
1335}
1336
1337static HandleErrorContinuation HandleError(JSContext* cx,
1338 InterpreterRegs& regs) {
1339 MOZ_ASSERT(regs.fp()->script()->containsPC(regs.pc))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(regs.fp()->script()->containsPC(regs.pc))>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(regs.fp()->script()->containsPC(regs.pc)))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("regs.fp()->script()->containsPC(regs.pc)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1339); AnnotateMozCrashReason("MOZ_ASSERT" "(" "regs.fp()->script()->containsPC(regs.pc)"
")"); do { *((volatile int*)__null) = 1339; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1340 MOZ_ASSERT(cx->realm() == regs.fp()->script()->realm())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->realm() == regs.fp()->script()->realm()
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(cx->realm() == regs.fp()->script()->realm()
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"cx->realm() == regs.fp()->script()->realm()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1340); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->realm() == regs.fp()->script()->realm()"
")"); do { *((volatile int*)__null) = 1340; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1341
1342 if (regs.fp()->script()->hasScriptCounts()) {
1343 PCCounts* counts = regs.fp()->script()->getThrowCounts(regs.pc);
1344 // If we failed to allocate, then skip the increment and continue to
1345 // handle the exception.
1346 if (counts) {
1347 counts->numExec()++;
1348 }
1349 }
1350
1351 EnvironmentIter ei(cx, regs.fp(), regs.pc);
1352 bool ok = false;
1353
1354again:
1355 if (cx->isExceptionPending()) {
1356 /* Call debugger throw hooks. */
1357 if (!cx->isClosingGenerator()) {
1358 if (!DebugAPI::onExceptionUnwind(cx, regs.fp())) {
1359 if (!cx->isExceptionPending()) {
1360 goto again;
1361 }
1362 }
1363 // Ensure that the debugger hasn't returned 'true' while clearing the
1364 // exception state.
1365 MOZ_ASSERT(cx->isExceptionPending())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->isExceptionPending())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(cx->isExceptionPending())
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("cx->isExceptionPending()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1365); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->isExceptionPending()"
")"); do { *((volatile int*)__null) = 1365; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1366 }
1367
1368 HandleErrorContinuation res = ProcessTryNotes(cx, ei, regs);
1369 switch (res) {
1370 case SuccessfulReturnContinuation:
1371 break;
1372 case ErrorReturnContinuation:
1373 goto again;
1374 case CatchContinuation:
1375 case FinallyContinuation:
1376 // No need to increment the PCCounts number of execution here, as
1377 // the interpreter increments any PCCounts if present.
1378 MOZ_ASSERT_IF(regs.fp()->script()->hasScriptCounts(),do { if (regs.fp()->script()->hasScriptCounts()) { do {
static_assert( mozilla::detail::AssertionConditionType<decltype
(regs.fp()->script()->maybeGetPCCounts(regs.pc))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(regs.fp()->script()->maybeGetPCCounts(regs.pc)))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("regs.fp()->script()->maybeGetPCCounts(regs.pc)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1379); AnnotateMozCrashReason("MOZ_ASSERT" "(" "regs.fp()->script()->maybeGetPCCounts(regs.pc)"
")"); do { *((volatile int*)__null) = 1379; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
1379 regs.fp()->script()->maybeGetPCCounts(regs.pc))do { if (regs.fp()->script()->hasScriptCounts()) { do {
static_assert( mozilla::detail::AssertionConditionType<decltype
(regs.fp()->script()->maybeGetPCCounts(regs.pc))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(regs.fp()->script()->maybeGetPCCounts(regs.pc)))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("regs.fp()->script()->maybeGetPCCounts(regs.pc)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1379); AnnotateMozCrashReason("MOZ_ASSERT" "(" "regs.fp()->script()->maybeGetPCCounts(regs.pc)"
")"); do { *((volatile int*)__null) = 1379; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
1380 return res;
1381 }
1382
1383 ok = HandleClosingGeneratorReturn(cx, regs.fp(), ok);
1384 } else {
1385 UnwindIteratorsForUncatchableException(cx, regs);
1386
1387 // We may be propagating a forced return from a debugger hook function.
1388 if (MOZ_UNLIKELY(cx->isPropagatingForcedReturn())(__builtin_expect(!!(cx->isPropagatingForcedReturn()), 0))) {
1389 cx->clearPropagatingForcedReturn();
1390 ok = true;
1391 }
1392 }
1393
1394 ok = DebugAPI::onLeaveFrame(cx, regs.fp(), regs.pc, ok);
1395
1396 // After this point, we will pop the frame regardless. Settle the frame on
1397 // the end of the script.
1398 regs.setToEndOfScript();
1399
1400 return ok ? SuccessfulReturnContinuation : ErrorReturnContinuation;
1401}
1402
1403#define REGS(activation.regs()) (activation.regs())
1404#define PUSH_COPY(v)do { *(activation.regs()).sp++ = (v); cx->debugOnlyCheck((
activation.regs()).sp[-1]); } while (0) \
1405 do { \
1406 *REGS(activation.regs()).sp++ = (v); \
1407 cx->debugOnlyCheck(REGS(activation.regs()).sp[-1]); \
1408 } while (0)
1409#define PUSH_COPY_SKIP_CHECK(v)*(activation.regs()).sp++ = (v) *REGS(activation.regs()).sp++ = (v)
1410#define PUSH_NULL()(activation.regs()).sp++->setNull() REGS(activation.regs()).sp++->setNull()
1411#define PUSH_UNDEFINED()(activation.regs()).sp++->setUndefined() REGS(activation.regs()).sp++->setUndefined()
1412#define PUSH_BOOLEAN(b)(activation.regs()).sp++->setBoolean(b) REGS(activation.regs()).sp++->setBoolean(b)
1413#define PUSH_DOUBLE(d)(activation.regs()).sp++->setDouble(d) REGS(activation.regs()).sp++->setDouble(d)
1414#define PUSH_INT32(i)(activation.regs()).sp++->setInt32(i) REGS(activation.regs()).sp++->setInt32(i)
1415#define PUSH_SYMBOL(s)(activation.regs()).sp++->setSymbol(s) REGS(activation.regs()).sp++->setSymbol(s)
1416#define PUSH_BIGINT(b)(activation.regs()).sp++->setBigInt(b) REGS(activation.regs()).sp++->setBigInt(b)
1417#define PUSH_STRING(s)do { (activation.regs()).sp++->setString(s); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0) \
1418 do { \
1419 REGS(activation.regs()).sp++->setString(s); \
1420 cx->debugOnlyCheck(REGS(activation.regs()).sp[-1]); \
1421 } while (0)
1422#define PUSH_OBJECT(obj)do { (activation.regs()).sp++->setObject(obj); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0) \
1423 do { \
1424 REGS(activation.regs()).sp++->setObject(obj); \
1425 cx->debugOnlyCheck(REGS(activation.regs()).sp[-1]); \
1426 } while (0)
1427#define PUSH_OBJECT_OR_NULL(obj)do { (activation.regs()).sp++->setObjectOrNull(obj); cx->
debugOnlyCheck((activation.regs()).sp[-1]); } while (0) \
1428 do { \
1429 REGS(activation.regs()).sp++->setObjectOrNull(obj); \
1430 cx->debugOnlyCheck(REGS(activation.regs()).sp[-1]); \
1431 } while (0)
1432#ifdef ENABLE_RECORD_TUPLE
1433# define PUSH_EXTENDED_PRIMITIVE(obj) \
1434 do { \
1435 REGS(activation.regs()).sp++->setExtendedPrimitive(obj); \
1436 cx->debugOnlyCheck(REGS(activation.regs()).sp[-1]); \
1437 } while (0)
1438#endif
1439#define PUSH_MAGIC(magic)(activation.regs()).sp++->setMagic(magic) REGS(activation.regs()).sp++->setMagic(magic)
1440#define POP_COPY_TO(v)(v) = *--(activation.regs()).sp (v) = *--REGS(activation.regs()).sp
1441#define POP_RETURN_VALUE()(activation.regs()).fp()->setReturnValue(*--(activation.regs
()).sp) REGS(activation.regs()).fp()->setReturnValue(*--REGS(activation.regs()).sp)
1442
1443/*
1444 * Same for JSOp::SetName and JSOp::SetProp, which differ only slightly but
1445 * remain distinct for the decompiler.
1446 */
1447static_assert(JSOpLength_SetName == JSOpLength_SetProp);
1448
1449/* See TRY_BRANCH_AFTER_COND. */
1450static_assert(JSOpLength_JumpIfTrue == JSOpLength_JumpIfFalse);
1451static_assert(uint8_t(JSOp::JumpIfTrue) == uint8_t(JSOp::JumpIfFalse) + 1);
1452
1453/*
1454 * Compute the implicit |this| value used by a call expression with an
1455 * unqualified name reference. The environment the binding was found on is
1456 * passed as argument, env.
1457 *
1458 * The implicit |this| is |undefined| for all environment types except
1459 * WithEnvironmentObject. This is the case for |with(...) {...}| expressions or
1460 * if the embedding uses a non-syntactic WithEnvironmentObject.
1461 *
1462 * NOTE: A non-syntactic WithEnvironmentObject may have a corresponding
1463 * extensible LexicalEnviornmentObject, but it will not be considered as an
1464 * implicit |this|. This is for compatibility with the Gecko subscript loader.
1465 */
1466static inline Value ComputeImplicitThis(JSObject* env) {
1467 // Fast-path for GlobalObject
1468 if (env->is<GlobalObject>()) {
1469 return UndefinedValue();
1470 }
1471
1472 // WithEnvironmentObjects have an actual implicit |this|
1473 if (env->is<WithEnvironmentObject>()) {
1474 auto* thisObject = env->as<WithEnvironmentObject>().withThis();
1475 return ObjectValue(*thisObject);
1476 }
1477
1478 // Debugger environments need special casing, as despite being
1479 // non-syntactic, they wrap syntactic environments and should not be
1480 // treated like other embedding-specific non-syntactic environments.
1481 if (env->is<DebugEnvironmentProxy>()) {
1482 return ComputeImplicitThis(&env->as<DebugEnvironmentProxy>().environment());
1483 }
1484
1485 MOZ_ASSERT(env->is<EnvironmentObject>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(env->is<EnvironmentObject>())>::isValid,
"invalid assertion condition"); if ((__builtin_expect(!!(!(!
!(env->is<EnvironmentObject>()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("env->is<EnvironmentObject>()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1485); AnnotateMozCrashReason("MOZ_ASSERT" "(" "env->is<EnvironmentObject>()"
")"); do { *((volatile int*)__null) = 1485; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1486 return UndefinedValue();
1487}
1488
1489// BigInt proposal 3.2.4 Abstract Relational Comparison
1490// Returns Nothing when at least one operand is a NaN, or when
1491// ToNumeric or StringToBigInt can't interpret a string as a numeric
1492// value. (These cases correspond to a NaN result in the spec.)
1493// Otherwise, return a boolean to indicate whether lhs is less than
1494// rhs. The operands must be primitives; the caller is responsible for
1495// evaluating them in the correct order.
1496static MOZ_ALWAYS_INLINEinline bool LessThanImpl(JSContext* cx,
1497 MutableHandleValue lhs,
1498 MutableHandleValue rhs,
1499 mozilla::Maybe<bool>& res) {
1500 // Steps 1 and 2 are performed by the caller.
1501
1502 // Step 3.
1503 if (lhs.isString() && rhs.isString()) {
1504 JSString* l = lhs.toString();
1505 JSString* r = rhs.toString();
1506 int32_t result;
1507 if (!CompareStrings(cx, l, r, &result)) {
1508 return false;
1509 }
1510 res = mozilla::Some(result < 0);
1511 return true;
1512 }
1513
1514 // Step 4a.
1515 if (lhs.isBigInt() && rhs.isString()) {
1516 return BigInt::lessThan(cx, lhs, rhs, res);
1517 }
1518
1519 // Step 4b.
1520 if (lhs.isString() && rhs.isBigInt()) {
1521 return BigInt::lessThan(cx, lhs, rhs, res);
1522 }
1523
1524 // Steps 4c and 4d.
1525 if (!ToNumeric(cx, lhs) || !ToNumeric(cx, rhs)) {
1526 return false;
1527 }
1528
1529 // Steps 4e-j.
1530 if (lhs.isBigInt() || rhs.isBigInt()) {
1531 return BigInt::lessThan(cx, lhs, rhs, res);
1532 }
1533
1534 // Step 4e for Number operands.
1535 MOZ_ASSERT(lhs.isNumber() && rhs.isNumber())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(lhs.isNumber() && rhs.isNumber())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(lhs.isNumber() && rhs.isNumber()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("lhs.isNumber() && rhs.isNumber()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1535); AnnotateMozCrashReason("MOZ_ASSERT" "(" "lhs.isNumber() && rhs.isNumber()"
")"); do { *((volatile int*)__null) = 1535; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1536 double lhsNum = lhs.toNumber();
1537 double rhsNum = rhs.toNumber();
1538
1539 if (std::isnan(lhsNum) || std::isnan(rhsNum)) {
1540 res = mozilla::Maybe<bool>(mozilla::Nothing());
1541 return true;
1542 }
1543
1544 res = mozilla::Some(lhsNum < rhsNum);
1545 return true;
1546}
1547
1548static MOZ_ALWAYS_INLINEinline bool LessThanOperation(JSContext* cx,
1549 MutableHandleValue lhs,
1550 MutableHandleValue rhs,
1551 bool* res) {
1552 if (lhs.isInt32() && rhs.isInt32()) {
1553 *res = lhs.toInt32() < rhs.toInt32();
1554 return true;
1555 }
1556
1557 if (!ToPrimitive(cx, JSTYPE_NUMBER, lhs)) {
1558 return false;
1559 }
1560
1561 if (!ToPrimitive(cx, JSTYPE_NUMBER, rhs)) {
1562 return false;
1563 }
1564
1565 mozilla::Maybe<bool> tmpResult;
1566 if (!LessThanImpl(cx, lhs, rhs, tmpResult)) {
1567 return false;
1568 }
1569 *res = tmpResult.valueOr(false);
1570 return true;
1571}
1572
1573static MOZ_ALWAYS_INLINEinline bool LessThanOrEqualOperation(JSContext* cx,
1574 MutableHandleValue lhs,
1575 MutableHandleValue rhs,
1576 bool* res) {
1577 if (lhs.isInt32() && rhs.isInt32()) {
1578 *res = lhs.toInt32() <= rhs.toInt32();
1579 return true;
1580 }
1581
1582 if (!ToPrimitive(cx, JSTYPE_NUMBER, lhs)) {
1583 return false;
1584 }
1585
1586 if (!ToPrimitive(cx, JSTYPE_NUMBER, rhs)) {
1587 return false;
1588 }
1589
1590 mozilla::Maybe<bool> tmpResult;
1591 if (!LessThanImpl(cx, rhs, lhs, tmpResult)) {
1592 return false;
1593 }
1594 *res = !tmpResult.valueOr(true);
1595 return true;
1596}
1597
1598static MOZ_ALWAYS_INLINEinline bool GreaterThanOperation(JSContext* cx,
1599 MutableHandleValue lhs,
1600 MutableHandleValue rhs,
1601 bool* res) {
1602 if (lhs.isInt32() && rhs.isInt32()) {
1603 *res = lhs.toInt32() > rhs.toInt32();
1604 return true;
1605 }
1606
1607 if (!ToPrimitive(cx, JSTYPE_NUMBER, lhs)) {
1608 return false;
1609 }
1610
1611 if (!ToPrimitive(cx, JSTYPE_NUMBER, rhs)) {
1612 return false;
1613 }
1614
1615 mozilla::Maybe<bool> tmpResult;
1616 if (!LessThanImpl(cx, rhs, lhs, tmpResult)) {
1617 return false;
1618 }
1619 *res = tmpResult.valueOr(false);
1620 return true;
1621}
1622
1623static MOZ_ALWAYS_INLINEinline bool GreaterThanOrEqualOperation(
1624 JSContext* cx, MutableHandleValue lhs, MutableHandleValue rhs, bool* res) {
1625 if (lhs.isInt32() && rhs.isInt32()) {
1626 *res = lhs.toInt32() >= rhs.toInt32();
1627 return true;
1628 }
1629
1630 if (!ToPrimitive(cx, JSTYPE_NUMBER, lhs)) {
1631 return false;
1632 }
1633
1634 if (!ToPrimitive(cx, JSTYPE_NUMBER, rhs)) {
1635 return false;
1636 }
1637
1638 mozilla::Maybe<bool> tmpResult;
1639 if (!LessThanImpl(cx, lhs, rhs, tmpResult)) {
1640 return false;
1641 }
1642 *res = !tmpResult.valueOr(true);
1643 return true;
1644}
1645
1646static MOZ_ALWAYS_INLINEinline bool SetObjectElementOperation(
1647 JSContext* cx, HandleObject obj, HandleId id, HandleValue value,
1648 HandleValue receiver, bool strict) {
1649 ObjectOpResult result;
1650 return SetProperty(cx, obj, id, value, receiver, result) &&
1651 result.checkStrictModeError(cx, obj, id, strict);
1652}
1653
1654void js::ReportInNotObjectError(JSContext* cx, HandleValue lref,
1655 HandleValue rref) {
1656 auto uniqueCharsFromString = [](JSContext* cx,
1657 HandleValue ref) -> UniqueChars {
1658 static const size_t MaxStringLength = 16;
1659 RootedString str(cx, ref.toString());
1660 if (str->length() > MaxStringLength) {
1661 JSStringBuilder buf(cx);
1662 if (!buf.appendSubstring(str, 0, MaxStringLength)) {
1663 return nullptr;
1664 }
1665 if (!buf.append("...")) {
1666 return nullptr;
1667 }
1668 str = buf.finishString();
1669 if (!str) {
1670 return nullptr;
1671 }
1672 }
1673 return QuoteString(cx, str, '"');
1674 };
1675
1676 if (lref.isString() && rref.isString()) {
1677 UniqueChars lbytes = uniqueCharsFromString(cx, lref);
1678 if (!lbytes) {
1679 return;
1680 }
1681 UniqueChars rbytes = uniqueCharsFromString(cx, rref);
1682 if (!rbytes) {
1683 return;
1684 }
1685 JS_ReportErrorNumberUTF8(cx, GetErrorMessage, nullptr, JSMSG_IN_STRING,
1686 lbytes.get(), rbytes.get());
1687 return;
1688 }
1689
1690 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_IN_NOT_OBJECT,
1691 InformalValueTypeName(rref));
1692}
1693
1694#ifdef ENABLE_EXPLICIT_RESOURCE_MANAGEMENT1
1695// Explicit Resource Management Proposal
1696// 7.5.6 GetDisposeMethod ( V, hint )
1697// https://arai-a.github.io/ecma262-compare/?pr=3000&id=sec-getdisposemethod
1698// Steps 1.b.ii.1.a-f
1699bool js::SyncDisposalClosure(JSContext* cx, unsigned argc, JS::Value* vp) {
1700 JS::CallArgs args = CallArgsFromVp(argc, vp);
1701
1702 JS::Rooted<JSFunction*> callee(cx, &args.callee().as<JSFunction>());
1703
1704 JS::Rooted<JS::Value> method(
1705 cx, callee->getExtendedSlot(uint8_t(SyncDisposalClosureSlots::Method)));
1706
1707 // Step 1.b.ii.1.a. Let O be the this value.
1708 JS::Rooted<JS::Value> O(cx, args.thisv());
1709
1710 // Step 1.b.ii.1.b. Let promiseCapability be !
1711 // NewPromiseCapability(%Promise%).
1712 JSObject* createPromise = JS::NewPromiseObject(cx, nullptr);
1713 if (!createPromise) {
1714 return false;
1715 }
1716 JS::Rooted<PromiseObject*> promiseCapability(
1717 cx, &createPromise->as<PromiseObject>());
1718
1719 // Step 1.b.ii.1.c. Let result be Completion(Call(method, O)).
1720 JS::Rooted<JS::Value> rval(cx);
1721 bool result = Call(cx, method, O, &rval);
1722
1723 // Step 1.b.ii.1.d. IfAbruptRejectPromise(result, promiseCapability).
1724 if (!result) {
1725 return AbruptRejectPromise(cx, args, promiseCapability, nullptr);
1726 }
1727
1728 // Step 1.b.ii.1.e. Perform ? Call(promiseCapability.[[Resolve]], undefined, «
1729 // undefined »).
1730 if (!JS::ResolvePromise(cx, promiseCapability, JS::UndefinedHandleValue)) {
1731 return false;
1732 }
1733
1734 // Step 1.b.ii.1.f. Return promiseCapability.[[Promise]].
1735 args.rval().set(JS::ObjectValue(*promiseCapability));
1736 return true;
1737}
1738
1739// Explicit Resource Management Proposal
1740// https://arai-a.github.io/ecma262-compare/?pr=3000&id=sec-disposeresources
1741// Steps 3.e.iii.1.c-e.
1742ErrorObject* js::CreateSuppressedError(JSContext* cx,
1743 JS::Handle<JS::Value> error,
1744 JS::Handle<JS::Value> suppressed) {
1745 // Step 3.e.iii.1.c. Let error be a newly created SuppressedError object.
1746 JS_ReportErrorNumberUTF8(cx, GetErrorMessage, nullptr,
1747 JSMSG_ERROR_WAS_SUPPRESSED);
1748
1749 if (cx->isThrowingOutOfMemory()) {
1750 return nullptr;
1751 }
1752
1753 JS::Rooted<JS::Value> thrownSuppressed(cx);
1754
1755 if (!cx->getPendingException(&thrownSuppressed)) {
1756 return nullptr;
1757 }
1758
1759 if (!thrownSuppressed.isObject() ||
1760 !thrownSuppressed.toObject().is<ErrorObject>()) {
1761 return nullptr;
1762 }
1763
1764 cx->clearPendingException();
1765
1766 JS::Rooted<ErrorObject*> errorObj(
1767 cx, &thrownSuppressed.toObject().as<ErrorObject>());
1768
1769 // Step 3.e.iii.1.d. Perform
1770 // CreateNonEnumerableDataPropertyOrThrow(error, "error", result).
1771 if (!NativeDefineDataProperty(cx, errorObj, cx->names().error, error, 0)) {
1772 return nullptr;
1773 }
1774
1775 // Step 3.e.iii.1.e. Perform
1776 // CreateNonEnumerableDataPropertyOrThrow(error, "suppressed",
1777 // suppressed).
1778 if (!NativeDefineDataProperty(cx, errorObj, cx->names().suppressed,
1779 suppressed, 0)) {
1780 return nullptr;
1781 }
1782
1783 // TODO: Improve the capturing of stack and error messages (Bug 1906150)
1784
1785 return errorObj;
1786}
1787
1788// Explicit Resource Management Proposal
1789// 7.5.4 AddDisposableResource ( disposeCapability, V, hint [ , method ] )
1790// https://arai-a.github.io/ecma262-compare/?pr=3000&id=sec-adddisposableresource
1791// Step 3
1792bool js::AddDisposableResourceToCapability(JSContext* cx,
1793 JS::Handle<JSObject*> env,
1794 JS::Handle<JS::Value> val,
1795 JS::Handle<JS::Value> method,
1796 bool needsClosure, UsingHint hint) {
1797 JS::Rooted<ArrayObject*> disposeCapability(
1798 cx,
1799 env->as<DisposableEnvironmentObject>().getOrCreateDisposeCapability(cx));
1800 if (!disposeCapability) {
1801 return false;
1802 }
1803
1804 JS::Rooted<JS::Value> disposeMethod(cx);
1805
1806 if (needsClosure) {
1807 JS::Handle<PropertyName*> funName = cx->names().empty_;
1808 JSFunction* asyncWrapper =
1809 NewNativeFunction(cx, SyncDisposalClosure, 0, funName,
1810 gc::AllocKind::FUNCTION_EXTENDED, GenericObject);
1811
1812 if (!asyncWrapper) {
1813 return false;
1814 }
1815 asyncWrapper->initExtendedSlot(uint8_t(SyncDisposalClosureSlots::Method),
1816 method);
1817 disposeMethod.set(JS::ObjectValue(*asyncWrapper));
1818 } else {
1819 disposeMethod.set(method);
1820 }
1821
1822 DisposableRecordObject* disposableRecord =
1823 DisposableRecordObject::create(cx, val, disposeMethod, hint);
1824 if (!disposableRecord) {
1825 return false;
1826 }
1827
1828 return NewbornArrayPush(cx, disposeCapability,
1829 JS::ObjectValue(*disposableRecord));
1830}
1831#endif
1832
1833bool MOZ_NEVER_INLINE__attribute__((noinline)) JS_HAZ_JSNATIVE_CALLER js::Interpret(JSContext* cx,
1834 RunState& state) {
1835/*
1836 * Define macros for an interpreter loop. Opcode dispatch is done by
1837 * indirect goto (aka a threaded interpreter), which is technically
1838 * non-standard but is supported by all of our supported compilers.
1839 */
1840#define INTERPRETER_LOOP()
1841#define CASE(OP)label_OP: label_##OP:
1842#define DEFAULT()label_default: \
1843 label_default:
1844#define DISPATCH_TO(OP)goto* addresses[(OP)] goto* addresses[(OP)]
1845
1846#define LABEL(X)(&&label_X) (&&label_##X)
1847
1848 // Use addresses instead of offsets to optimize for runtime speed over
1849 // load-time relocation overhead.
1850 static const void* const addresses[EnableInterruptsPseudoOpcode + 1] = {
1851#define OPCODE_LABEL(op, ...) LABEL(op)(&&label_op),
1852 FOR_EACH_OPCODE(OPCODE_LABEL)OPCODE_LABEL(Undefined, undefined, "", 1, 0, 1, JOF_BYTE) OPCODE_LABEL
(Null, null, "null", 1, 0, 1, JOF_BYTE) OPCODE_LABEL(False, false_
, "false", 1, 0, 1, JOF_BYTE) OPCODE_LABEL(True, true_, "true"
, 1, 0, 1, JOF_BYTE) OPCODE_LABEL(Int32, int32, __null, 5, 0,
1, JOF_INT32) OPCODE_LABEL(Zero, zero, "0", 1, 0, 1, JOF_BYTE
) OPCODE_LABEL(One, one, "1", 1, 0, 1, JOF_BYTE) OPCODE_LABEL
(Int8, int8, __null, 2, 0, 1, JOF_INT8) OPCODE_LABEL(Uint16, uint16
, __null, 3, 0, 1, JOF_UINT16) OPCODE_LABEL(Uint24, uint24, __null
, 4, 0, 1, JOF_UINT24) OPCODE_LABEL(Double, double_, __null, 9
, 0, 1, JOF_DOUBLE) OPCODE_LABEL(BigInt, big_int, __null, 5, 0
, 1, JOF_BIGINT) OPCODE_LABEL(String, string, __null, 5, 0, 1
, JOF_STRING) OPCODE_LABEL(Symbol, symbol, __null, 2, 0, 1, JOF_UINT8
) OPCODE_LABEL(Void, void_, __null, 1, 1, 1, JOF_BYTE) OPCODE_LABEL
(Typeof, typeof_, __null, 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL
(TypeofExpr, typeof_expr, __null, 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL
(TypeofEq, typeof_eq, __null, 2, 1, 1, JOF_UINT8|JOF_IC) OPCODE_LABEL
(Pos, pos, "+ ", 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Neg, neg
, "- ", 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(BitNot, bit_not
, "~", 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Not, not_, "!",
1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(BitOr, bit_or, "|", 1
, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(BitXor, bit_xor, "^", 1
, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(BitAnd, bit_and, "&"
, 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Eq, eq, "==", 1, 2, 1
, JOF_BYTE|JOF_IC) OPCODE_LABEL(Ne, ne, "!=", 1, 2, 1, JOF_BYTE
|JOF_IC) OPCODE_LABEL(StrictEq, strict_eq, "===", 1, 2, 1, JOF_BYTE
|JOF_IC) OPCODE_LABEL(StrictNe, strict_ne, "!==", 1, 2, 1, JOF_BYTE
|JOF_IC) OPCODE_LABEL(Lt, lt, "<", 1, 2, 1, JOF_BYTE|JOF_IC
) OPCODE_LABEL(Gt, gt, ">", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL
(Le, le, "<=", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Ge, ge
, ">=", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Instanceof,
instanceof, "instanceof", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL
(In, in_, "in", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Lsh, lsh
, "<<", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Rsh, rsh
, ">>", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Ursh, ursh
, ">>>", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Add,
add, "+", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Sub, sub, "-"
, 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Inc, inc, __null, 1,
1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(Dec, dec, __null, 1, 1, 1
, JOF_BYTE|JOF_IC) OPCODE_LABEL(Mul, mul, "*", 1, 2, 1, JOF_BYTE
|JOF_IC) OPCODE_LABEL(Div, div, "/", 1, 2, 1, JOF_BYTE|JOF_IC
) OPCODE_LABEL(Mod, mod, "%", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL
(Pow, pow, "**", 1, 2, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(NopIsAssignOp
, nop_is_assign_op, __null, 1, 0, 0, JOF_BYTE) OPCODE_LABEL(ToPropertyKey
, to_property_key, __null, 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL
(ToNumeric, to_numeric, __null, 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL
(ToString, to_string, __null, 1, 1, 1, JOF_BYTE) OPCODE_LABEL
(IsNullOrUndefined, is_null_or_undefined, __null, 1, 1, 2, JOF_BYTE
) OPCODE_LABEL(GlobalThis, global_this, __null, 1, 0, 1, JOF_BYTE
) OPCODE_LABEL(NonSyntacticGlobalThis, non_syntactic_global_this
, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL(NewTarget, new_target
, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL(DynamicImport, dynamic_import
, __null, 1, 2, 1, JOF_BYTE) OPCODE_LABEL(ImportMeta, import_meta
, __null, 1, 0, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(NewInit, new_init
, __null, 1, 0, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(NewObject, new_object
, __null, 5, 0, 1, JOF_SHAPE|JOF_IC) OPCODE_LABEL(Object, object
, __null, 5, 0, 1, JOF_OBJECT) OPCODE_LABEL(ObjWithProto, obj_with_proto
, __null, 1, 1, 1, JOF_BYTE) OPCODE_LABEL(InitProp, init_prop
, __null, 5, 2, 1, JOF_ATOM|JOF_PROPINIT|JOF_IC) OPCODE_LABEL
(InitHiddenProp, init_hidden_prop, __null, 5, 2, 1, JOF_ATOM|
JOF_PROPINIT|JOF_IC) OPCODE_LABEL(InitLockedProp, init_locked_prop
, __null, 5, 2, 1, JOF_ATOM|JOF_PROPINIT|JOF_IC) OPCODE_LABEL
(InitElem, init_elem, __null, 1, 3, 1, JOF_BYTE|JOF_PROPINIT|
JOF_IC) OPCODE_LABEL(InitHiddenElem, init_hidden_elem, __null
, 1, 3, 1, JOF_BYTE|JOF_PROPINIT|JOF_IC) OPCODE_LABEL(InitLockedElem
, init_locked_elem, __null, 1, 3, 1, JOF_BYTE|JOF_PROPINIT|JOF_IC
) OPCODE_LABEL(InitPropGetter, init_prop_getter, __null, 5, 2
, 1, JOF_ATOM|JOF_PROPINIT) OPCODE_LABEL(InitHiddenPropGetter
, init_hidden_prop_getter, __null, 5, 2, 1, JOF_ATOM|JOF_PROPINIT
) OPCODE_LABEL(InitElemGetter, init_elem_getter, __null, 1, 3
, 1, JOF_BYTE|JOF_PROPINIT) OPCODE_LABEL(InitHiddenElemGetter
, init_hidden_elem_getter, __null, 1, 3, 1, JOF_BYTE|JOF_PROPINIT
) OPCODE_LABEL(InitPropSetter, init_prop_setter, __null, 5, 2
, 1, JOF_ATOM|JOF_PROPINIT) OPCODE_LABEL(InitHiddenPropSetter
, init_hidden_prop_setter, __null, 5, 2, 1, JOF_ATOM|JOF_PROPINIT
) OPCODE_LABEL(InitElemSetter, init_elem_setter, __null, 1, 3
, 1, JOF_BYTE|JOF_PROPINIT) OPCODE_LABEL(InitHiddenElemSetter
, init_hidden_elem_setter, __null, 1, 3, 1, JOF_BYTE|JOF_PROPINIT
) OPCODE_LABEL(GetProp, get_prop, __null, 5, 1, 1, JOF_ATOM|JOF_IC
) OPCODE_LABEL(GetElem, get_elem, __null, 1, 2, 1, JOF_BYTE|JOF_IC
) OPCODE_LABEL(SetProp, set_prop, __null, 5, 2, 1, JOF_ATOM|JOF_PROPSET
|JOF_CHECKSLOPPY|JOF_IC) OPCODE_LABEL(StrictSetProp, strict_set_prop
, __null, 5, 2, 1, JOF_ATOM|JOF_PROPSET|JOF_CHECKSTRICT|JOF_IC
) OPCODE_LABEL(SetElem, set_elem, __null, 1, 3, 1, JOF_BYTE|JOF_PROPSET
|JOF_CHECKSLOPPY|JOF_IC) OPCODE_LABEL(StrictSetElem, strict_set_elem
, __null, 1, 3, 1, JOF_BYTE|JOF_PROPSET|JOF_CHECKSTRICT|JOF_IC
) OPCODE_LABEL(DelProp, del_prop, __null, 5, 1, 1, JOF_ATOM|JOF_CHECKSLOPPY
) OPCODE_LABEL(StrictDelProp, strict_del_prop, __null, 5, 1, 1
, JOF_ATOM|JOF_CHECKSTRICT) OPCODE_LABEL(DelElem, del_elem, __null
, 1, 2, 1, JOF_BYTE|JOF_CHECKSLOPPY) OPCODE_LABEL(StrictDelElem
, strict_del_elem, __null, 1, 2, 1, JOF_BYTE|JOF_CHECKSTRICT)
OPCODE_LABEL(HasOwn, has_own, __null, 1, 2, 1, JOF_BYTE|JOF_IC
) OPCODE_LABEL(CheckPrivateField, check_private_field, __null
, 3, 2, 3, JOF_TWO_UINT8|JOF_CHECKSTRICT|JOF_IC) OPCODE_LABEL
(NewPrivateName, new_private_name, __null, 5, 0, 1, JOF_ATOM)
OPCODE_LABEL(SuperBase, super_base, __null, 1, 1, 1, JOF_BYTE
) OPCODE_LABEL(GetPropSuper, get_prop_super, __null, 5, 2, 1,
JOF_ATOM|JOF_IC) OPCODE_LABEL(GetElemSuper, get_elem_super, __null
, 1, 3, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(SetPropSuper, set_prop_super
, __null, 5, 3, 1, JOF_ATOM|JOF_PROPSET|JOF_CHECKSLOPPY) OPCODE_LABEL
(StrictSetPropSuper, strict_set_prop_super, __null, 5, 3, 1, JOF_ATOM
|JOF_PROPSET|JOF_CHECKSTRICT) OPCODE_LABEL(SetElemSuper, set_elem_super
, __null, 1, 4, 1, JOF_BYTE|JOF_PROPSET|JOF_CHECKSLOPPY) OPCODE_LABEL
(StrictSetElemSuper, strict_set_elem_super, __null, 1, 4, 1, JOF_BYTE
|JOF_PROPSET|JOF_CHECKSTRICT) OPCODE_LABEL(Iter, iter, __null
, 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(MoreIter, more_iter,
__null, 1, 1, 2, JOF_BYTE) OPCODE_LABEL(IsNoIter, is_no_iter
, __null, 1, 1, 2, JOF_BYTE) OPCODE_LABEL(EndIter, end_iter, __null
, 1, 2, 0, JOF_BYTE) OPCODE_LABEL(CloseIter, close_iter, __null
, 2, 1, 0, JOF_UINT8|JOF_IC) OPCODE_LABEL(OptimizeGetIterator
, optimize_get_iterator, __null, 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL
(CheckIsObj, check_is_obj, __null, 2, 1, 1, JOF_UINT8) OPCODE_LABEL
(CheckObjCoercible, check_obj_coercible, __null, 1, 1, 1, JOF_BYTE
) OPCODE_LABEL(ToAsyncIter, to_async_iter, __null, 1, 2, 1, JOF_BYTE
) OPCODE_LABEL(MutateProto, mutate_proto, __null, 1, 2, 1, JOF_BYTE
) OPCODE_LABEL(NewArray, new_array, __null, 5, 0, 1, JOF_UINT32
|JOF_IC) OPCODE_LABEL(InitElemArray, init_elem_array, __null,
5, 2, 1, JOF_UINT32|JOF_PROPINIT) OPCODE_LABEL(InitElemInc, init_elem_inc
, __null, 1, 3, 2, JOF_BYTE|JOF_PROPINIT|JOF_IC) OPCODE_LABEL
(Hole, hole, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL(RegExp, reg_exp
, __null, 5, 0, 1, JOF_REGEXP) OPCODE_LABEL(Lambda, lambda, __null
, 5, 0, 1, JOF_OBJECT|JOF_USES_ENV|JOF_IC) OPCODE_LABEL(SetFunName
, set_fun_name, __null, 2, 2, 1, JOF_UINT8) OPCODE_LABEL(InitHomeObject
, init_home_object, __null, 1, 2, 1, JOF_BYTE) OPCODE_LABEL(CheckClassHeritage
, check_class_heritage, __null, 1, 1, 1, JOF_BYTE) OPCODE_LABEL
(FunWithProto, fun_with_proto, __null, 5, 1, 1, JOF_OBJECT|JOF_USES_ENV
) OPCODE_LABEL(BuiltinObject, builtin_object, __null, 2, 0, 1
, JOF_UINT8|JOF_IC) OPCODE_LABEL(Call, call, __null, 3, -1, 1
, JOF_ARGC|JOF_INVOKE|JOF_IC) OPCODE_LABEL(CallContent, call_content
, __null, 3, -1, 1, JOF_ARGC|JOF_INVOKE|JOF_IC) OPCODE_LABEL(
CallIter, call_iter, __null, 3, -1, 1, JOF_ARGC|JOF_INVOKE|JOF_IC
) OPCODE_LABEL(CallContentIter, call_content_iter, __null, 3,
-1, 1, JOF_ARGC|JOF_INVOKE|JOF_IC) OPCODE_LABEL(CallIgnoresRv
, call_ignores_rv, __null, 3, -1, 1, JOF_ARGC|JOF_INVOKE|JOF_IC
) OPCODE_LABEL(SpreadCall, spread_call, __null, 1, 3, 1, JOF_BYTE
|JOF_INVOKE|JOF_SPREAD|JOF_IC) OPCODE_LABEL(OptimizeSpreadCall
, optimize_spread_call, __null, 1, 1, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL
(Eval, eval, __null, 3, -1, 1, JOF_ARGC|JOF_INVOKE|JOF_CHECKSLOPPY
|JOF_IC) OPCODE_LABEL(SpreadEval, spread_eval, __null, 1, 3, 1
, JOF_BYTE|JOF_INVOKE|JOF_SPREAD|JOF_CHECKSLOPPY|JOF_IC) OPCODE_LABEL
(StrictEval, strict_eval, __null, 3, -1, 1, JOF_ARGC|JOF_INVOKE
|JOF_CHECKSTRICT|JOF_IC) OPCODE_LABEL(StrictSpreadEval, strict_spread_eval
, __null, 1, 3, 1, JOF_BYTE|JOF_INVOKE|JOF_SPREAD|JOF_CHECKSTRICT
|JOF_IC) OPCODE_LABEL(ImplicitThis, implicit_this, "", 1, 1, 1
, JOF_BYTE) OPCODE_LABEL(CallSiteObj, call_site_obj, __null, 5
, 0, 1, JOF_OBJECT) OPCODE_LABEL(IsConstructing, is_constructing
, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL(New, new_, __null, 3
, -1, 1, JOF_ARGC|JOF_INVOKE|JOF_CONSTRUCT|JOF_IC) OPCODE_LABEL
(NewContent, new_content, __null, 3, -1, 1, JOF_ARGC|JOF_INVOKE
|JOF_CONSTRUCT|JOF_IC) OPCODE_LABEL(SuperCall, super_call, __null
, 3, -1, 1, JOF_ARGC|JOF_INVOKE|JOF_CONSTRUCT|JOF_IC) OPCODE_LABEL
(SpreadNew, spread_new, __null, 1, 4, 1, JOF_BYTE|JOF_INVOKE|
JOF_CONSTRUCT|JOF_SPREAD|JOF_IC) OPCODE_LABEL(SpreadSuperCall
, spread_super_call, __null, 1, 4, 1, JOF_BYTE|JOF_INVOKE|JOF_CONSTRUCT
|JOF_SPREAD|JOF_IC) OPCODE_LABEL(SuperFun, super_fun, __null,
1, 1, 1, JOF_BYTE) OPCODE_LABEL(CheckThisReinit, check_this_reinit
, __null, 1, 1, 1, JOF_BYTE) OPCODE_LABEL(Generator, generator
, __null, 1, 0, 1, JOF_BYTE|JOF_USES_ENV) OPCODE_LABEL(InitialYield
, initial_yield, __null, 4, 1, 3, JOF_RESUMEINDEX) OPCODE_LABEL
(AfterYield, after_yield, __null, 5, 0, 0, JOF_ICINDEX) OPCODE_LABEL
(FinalYieldRval, final_yield_rval, __null, 1, 1, 0, JOF_BYTE)
OPCODE_LABEL(Yield, yield, __null, 4, 2, 3, JOF_RESUMEINDEX)
OPCODE_LABEL(IsGenClosing, is_gen_closing, __null, 1, 1, 2, JOF_BYTE
) OPCODE_LABEL(AsyncAwait, async_await, __null, 1, 2, 1, JOF_BYTE
) OPCODE_LABEL(AsyncResolve, async_resolve, __null, 1, 2, 1, JOF_BYTE
) OPCODE_LABEL(AsyncReject, async_reject, __null, 1, 3, 1, JOF_BYTE
) OPCODE_LABEL(Await, await, __null, 4, 2, 3, JOF_RESUMEINDEX
) OPCODE_LABEL(CanSkipAwait, can_skip_await, __null, 1, 1, 2,
JOF_BYTE) OPCODE_LABEL(MaybeExtractAwaitValue, maybe_extract_await_value
, __null, 1, 2, 2, JOF_BYTE) OPCODE_LABEL(ResumeKind, resume_kind
, __null, 2, 0, 1, JOF_UINT8) OPCODE_LABEL(CheckResumeKind, check_resume_kind
, __null, 1, 3, 1, JOF_BYTE) OPCODE_LABEL(Resume, resume, __null
, 1, 3, 1, JOF_BYTE|JOF_INVOKE) OPCODE_LABEL(JumpTarget, jump_target
, __null, 5, 0, 0, JOF_ICINDEX) OPCODE_LABEL(LoopHead, loop_head
, __null, 6, 0, 0, JOF_LOOPHEAD) OPCODE_LABEL(Goto, goto_, __null
, 5, 0, 0, JOF_JUMP) OPCODE_LABEL(JumpIfFalse, jump_if_false,
__null, 5, 1, 0, JOF_JUMP|JOF_IC) OPCODE_LABEL(JumpIfTrue, jump_if_true
, __null, 5, 1, 0, JOF_JUMP|JOF_IC) OPCODE_LABEL(And, and_, __null
, 5, 1, 1, JOF_JUMP|JOF_IC) OPCODE_LABEL(Or, or_, __null, 5, 1
, 1, JOF_JUMP|JOF_IC) OPCODE_LABEL(Coalesce, coalesce, __null
, 5, 1, 1, JOF_JUMP) OPCODE_LABEL(Case, case_, __null, 5, 2, 1
, JOF_JUMP) OPCODE_LABEL(Default, default_, __null, 5, 1, 0, JOF_JUMP
) OPCODE_LABEL(TableSwitch, table_switch, __null, 16, 1, 0, JOF_TABLESWITCH
) OPCODE_LABEL(Return, return_, __null, 1, 1, 0, JOF_BYTE) OPCODE_LABEL
(GetRval, get_rval, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL(SetRval
, set_rval, __null, 1, 1, 0, JOF_BYTE) OPCODE_LABEL(RetRval, ret_rval
, __null, 1, 0, 0, JOF_BYTE) OPCODE_LABEL(CheckReturn, check_return
, __null, 1, 1, 1, JOF_BYTE) OPCODE_LABEL(Throw, throw_, __null
, 1, 1, 0, JOF_BYTE) OPCODE_LABEL(ThrowWithStack, throw_with_stack
, __null, 1, 2, 0, JOF_BYTE) OPCODE_LABEL(CreateSuppressedError
, create_suppressed_error, __null, 1, 2, 1, JOF_BYTE) OPCODE_LABEL
(ThrowMsg, throw_msg, __null, 2, 0, 0, JOF_UINT8) OPCODE_LABEL
(ThrowSetConst, throw_set_const, __null, 5, 0, 0, JOF_ATOM) OPCODE_LABEL
(Try, try_, __null, 1, 0, 0, JOF_BYTE) OPCODE_LABEL(TryDestructuring
, try_destructuring, __null, 1, 0, 0, JOF_BYTE) OPCODE_LABEL(
Exception, exception, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL
(ExceptionAndStack, exception_and_stack, __null, 1, 0, 2, JOF_BYTE
) OPCODE_LABEL(Finally, finally, __null, 1, 0, 0, JOF_BYTE) OPCODE_LABEL
(Uninitialized, uninitialized, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL
(InitLexical, init_lexical, __null, 4, 1, 1, JOF_LOCAL) OPCODE_LABEL
(InitGLexical, init_g_lexical, __null, 5, 1, 1, JOF_ATOM|JOF_PROPINIT
|JOF_GNAME|JOF_IC) OPCODE_LABEL(InitAliasedLexical, init_aliased_lexical
, __null, 5, 1, 1, JOF_ENVCOORD|JOF_PROPINIT) OPCODE_LABEL(CheckLexical
, check_lexical, __null, 4, 1, 1, JOF_LOCAL) OPCODE_LABEL(CheckAliasedLexical
, check_aliased_lexical, __null, 5, 1, 1, JOF_ENVCOORD) OPCODE_LABEL
(CheckThis, check_this, __null, 1, 1, 1, JOF_BYTE) OPCODE_LABEL
(BindUnqualifiedGName, bind_unqualified_g_name, __null, 5, 0,
1, JOF_ATOM|JOF_GNAME|JOF_IC) OPCODE_LABEL(BindUnqualifiedName
, bind_unqualified_name, __null, 5, 0, 1, JOF_ATOM|JOF_IC|JOF_USES_ENV
) OPCODE_LABEL(BindName, bind_name, __null, 5, 0, 1, JOF_ATOM
|JOF_IC|JOF_USES_ENV) OPCODE_LABEL(GetName, get_name, __null,
5, 0, 1, JOF_ATOM|JOF_IC|JOF_USES_ENV) OPCODE_LABEL(GetGName
, get_g_name, __null, 5, 0, 1, JOF_ATOM|JOF_GNAME|JOF_IC) OPCODE_LABEL
(GetArg, get_arg, __null, 3, 0, 1, JOF_QARG) OPCODE_LABEL(GetFrameArg
, get_frame_arg, __null, 3, 0, 1, JOF_QARG) OPCODE_LABEL(GetLocal
, get_local, __null, 4, 0, 1, JOF_LOCAL) OPCODE_LABEL(ArgumentsLength
, arguments_length, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL(GetActualArg
, get_actual_arg, __null, 1, 1, 1, JOF_BYTE) OPCODE_LABEL(GetAliasedVar
, get_aliased_var, __null, 5, 0, 1, JOF_ENVCOORD|JOF_USES_ENV
) OPCODE_LABEL(GetAliasedDebugVar, get_aliased_debug_var, __null
, 5, 0, 1, JOF_DEBUGCOORD) OPCODE_LABEL(GetImport, get_import
, __null, 5, 0, 1, JOF_ATOM|JOF_IC) OPCODE_LABEL(GetBoundName
, get_bound_name, __null, 5, 1, 1, JOF_ATOM|JOF_IC) OPCODE_LABEL
(GetIntrinsic, get_intrinsic, __null, 5, 0, 1, JOF_ATOM|JOF_IC
) OPCODE_LABEL(Callee, callee, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL
(EnvCallee, env_callee, __null, 2, 0, 1, JOF_UINT8) OPCODE_LABEL
(SetName, set_name, __null, 5, 2, 1, JOF_ATOM|JOF_PROPSET|JOF_CHECKSLOPPY
|JOF_IC|JOF_USES_ENV) OPCODE_LABEL(StrictSetName, strict_set_name
, __null, 5, 2, 1, JOF_ATOM|JOF_PROPSET|JOF_CHECKSTRICT|JOF_IC
|JOF_USES_ENV) OPCODE_LABEL(SetGName, set_g_name, __null, 5, 2
, 1, JOF_ATOM|JOF_PROPSET|JOF_GNAME|JOF_CHECKSLOPPY|JOF_IC) OPCODE_LABEL
(StrictSetGName, strict_set_g_name, __null, 5, 2, 1, JOF_ATOM
|JOF_PROPSET|JOF_GNAME|JOF_CHECKSTRICT|JOF_IC) OPCODE_LABEL(SetArg
, set_arg, __null, 3, 1, 1, JOF_QARG) OPCODE_LABEL(SetLocal, set_local
, __null, 4, 1, 1, JOF_LOCAL) OPCODE_LABEL(SetAliasedVar, set_aliased_var
, __null, 5, 1, 1, JOF_ENVCOORD|JOF_PROPSET|JOF_USES_ENV) OPCODE_LABEL
(SetIntrinsic, set_intrinsic, __null, 5, 1, 1, JOF_ATOM) OPCODE_LABEL
(PushLexicalEnv, push_lexical_env, __null, 5, 0, 0, JOF_SCOPE
|JOF_USES_ENV) OPCODE_LABEL(PopLexicalEnv, pop_lexical_env, __null
, 1, 0, 0, JOF_BYTE|JOF_USES_ENV) OPCODE_LABEL(DebugLeaveLexicalEnv
, debug_leave_lexical_env, __null, 1, 0, 0, JOF_BYTE) OPCODE_LABEL
(RecreateLexicalEnv, recreate_lexical_env, __null, 5, 0, 0, JOF_SCOPE
) OPCODE_LABEL(FreshenLexicalEnv, freshen_lexical_env, __null
, 5, 0, 0, JOF_SCOPE) OPCODE_LABEL(PushClassBodyEnv, push_class_body_env
, __null, 5, 0, 0, JOF_SCOPE) OPCODE_LABEL(PushVarEnv, push_var_env
, __null, 5, 0, 0, JOF_SCOPE|JOF_USES_ENV) OPCODE_LABEL(EnterWith
, enter_with, __null, 5, 1, 0, JOF_SCOPE) OPCODE_LABEL(LeaveWith
, leave_with, __null, 1, 0, 0, JOF_BYTE) OPCODE_LABEL(AddDisposable
, add_disposable, __null, 2, 3, 0, JOF_UINT8|JOF_USES_ENV) OPCODE_LABEL
(TakeDisposeCapability, take_dispose_capability, __null, 1, 0
, 1, JOF_BYTE|JOF_USES_ENV) OPCODE_LABEL(BindVar, bind_var, __null
, 1, 0, 1, JOF_BYTE|JOF_USES_ENV) OPCODE_LABEL(GlobalOrEvalDeclInstantiation
, global_or_eval_decl_instantiation, __null, 5, 0, 0, JOF_GCTHING
|JOF_USES_ENV) OPCODE_LABEL(DelName, del_name, __null, 5, 0, 1
, JOF_ATOM|JOF_CHECKSLOPPY|JOF_USES_ENV) OPCODE_LABEL(Arguments
, arguments, __null, 1, 0, 1, JOF_BYTE|JOF_USES_ENV) OPCODE_LABEL
(Rest, rest, __null, 1, 0, 1, JOF_BYTE|JOF_IC) OPCODE_LABEL(FunctionThis
, function_this, __null, 1, 0, 1, JOF_BYTE) OPCODE_LABEL(Pop,
pop, __null, 1, 1, 0, JOF_BYTE) OPCODE_LABEL(PopN, pop_n, __null
, 3, -1, 0, JOF_UINT16) OPCODE_LABEL(Dup, dup, __null, 1, 1, 2
, JOF_BYTE) OPCODE_LABEL(Dup2, dup2, __null, 1, 2, 4, JOF_BYTE
) OPCODE_LABEL(DupAt, dup_at, __null, 4, 0, 1, JOF_UINT24) OPCODE_LABEL
(Swap, swap, __null, 1, 2, 2, JOF_BYTE) OPCODE_LABEL(Pick, pick
, __null, 2, 0, 0, JOF_UINT8) OPCODE_LABEL(Unpick, unpick, __null
, 2, 0, 0, JOF_UINT8) OPCODE_LABEL(Nop, nop, __null, 1, 0, 0,
JOF_BYTE) OPCODE_LABEL(Lineno, lineno, __null, 5, 0, 0, JOF_UINT32
) OPCODE_LABEL(NopDestructuring, nop_destructuring, __null, 1
, 0, 0, JOF_BYTE) OPCODE_LABEL(ForceInterpreter, force_interpreter
, __null, 1, 0, 0, JOF_BYTE) OPCODE_LABEL(DebugCheckSelfHosted
, debug_check_self_hosted, __null, 1, 1, 1, JOF_BYTE) OPCODE_LABEL
(Debugger, debugger, __null, 1, 0, 0, JOF_BYTE)
1853#undef OPCODE_LABEL
1854#define TRAILING_LABEL(v) \
1855 ((v) == EnableInterruptsPseudoOpcode ? LABEL(EnableInterruptsPseudoOpcode)(&&label_EnableInterruptsPseudoOpcode) \
1856 : LABEL(default)(&&label_default)),
1857 FOR_EACH_TRAILING_UNUSED_OPCODE(TRAILING_LABEL)TRAILING_LABEL(240) TRAILING_LABEL(241) TRAILING_LABEL(242) TRAILING_LABEL
(243) TRAILING_LABEL(244) TRAILING_LABEL(245) TRAILING_LABEL(
246) TRAILING_LABEL(247) TRAILING_LABEL(248) TRAILING_LABEL(249
) TRAILING_LABEL(250) TRAILING_LABEL(251) TRAILING_LABEL(252)
TRAILING_LABEL(253) TRAILING_LABEL(254) TRAILING_LABEL(255)
1858#undef TRAILING_LABEL
1859 };
1860
1861 /*
1862 * Increment REGS.pc by N, load the opcode at that position,
1863 * and jump to the code to execute it.
1864 *
1865 * When Debugger puts a script in single-step mode, all js::Interpret
1866 * invocations that might be presently running that script must have
1867 * interrupts enabled. It's not practical to simply check
1868 * script->stepModeEnabled() at each point some callee could have changed
1869 * it, because there are so many places js::Interpret could possibly cause
1870 * JavaScript to run: each place an object might be coerced to a primitive
1871 * or a number, for example. So instead, we expose a simple mechanism to
1872 * let Debugger tweak the affected js::Interpret frames when an onStep
1873 * handler is added: calling activation.enableInterruptsUnconditionally()
1874 * will enable interrupts, and activation.opMask() is or'd with the opcode
1875 * to implement a simple alternate dispatch.
1876 */
1877#define ADVANCE_AND_DISPATCH(N)do { (activation.regs()).pc += (N); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0) \
1878 JS_BEGIN_MACROdo { \
1879 REGS(activation.regs()).pc += (N); \
1880 SANITY_CHECKS()do { js::gc::MaybeVerifyBarriers(cx); } while (0); \
1881 DISPATCH_TO(*REGS.pc | activation.opMask())goto* addresses[(*(activation.regs()).pc | activation.opMask(
))]; \
1882 JS_END_MACRO} while (0)
1883
1884 /*
1885 * Shorthand for the common sequence at the end of a fixed-size opcode.
1886 */
1887#define END_CASE(OP)do { (activation.regs()).pc += (JSOpLength_OP); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0); ADVANCE_AND_DISPATCH(JSOpLength_##OP)do { (activation.regs()).pc += (JSOpLength_##OP); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
1888
1889 /*
1890 * Prepare to call a user-supplied branch handler, and abort the script
1891 * if it returns false.
1892 */
1893#define CHECK_BRANCH()do { if (!CheckForInterrupt(cx)) goto error; } while (0) \
1894 JS_BEGIN_MACROdo { \
1895 if (!CheckForInterrupt(cx)) goto error; \
1896 JS_END_MACRO} while (0)
1897
1898 /*
1899 * This is a simple wrapper around ADVANCE_AND_DISPATCH which also does
1900 * a CHECK_BRANCH() if n is not positive, which possibly indicates that it
1901 * is the backedge of a loop.
1902 */
1903#define BRANCH(n)do { int32_t nlen = (n); if (nlen <= 0) do { if (!CheckForInterrupt
(cx)) goto error; } while (0); do { (activation.regs()).pc +=
(nlen); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto
* addresses[(*(activation.regs()).pc | activation.opMask())];
} while (0); } while (0) \
1904 JS_BEGIN_MACROdo { \
1905 int32_t nlen = (n); \
1906 if (nlen <= 0) CHECK_BRANCH()do { if (!CheckForInterrupt(cx)) goto error; } while (0); \
1907 ADVANCE_AND_DISPATCH(nlen)do { (activation.regs()).pc += (nlen); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0); \
1908 JS_END_MACRO} while (0)
1909
1910 /*
1911 * Initialize code coverage vectors.
1912 */
1913#define INIT_COVERAGE()do { if (!script->hasScriptCounts()) { if (cx->realm()->
collectCoverageForDebug()) { if (!script->initScriptCounts
(cx)) goto error; } } } while (0) \
1914 JS_BEGIN_MACROdo { \
1915 if (!script->hasScriptCounts()) { \
1916 if (cx->realm()->collectCoverageForDebug()) { \
1917 if (!script->initScriptCounts(cx)) goto error; \
1918 } \
1919 } \
1920 JS_END_MACRO} while (0)
1921
1922 /*
1923 * Increment the code coverage counter associated with the given pc.
1924 */
1925#define COUNT_COVERAGE_PC(PC)do { if (script->hasScriptCounts()) { PCCounts* counts = script
->maybeGetPCCounts(PC); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(counts)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(counts))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1925); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 1925; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0) \
1926 JS_BEGIN_MACROdo { \
1927 if (script->hasScriptCounts()) { \
1928 PCCounts* counts = script->maybeGetPCCounts(PC); \
1929 MOZ_ASSERT(counts)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(counts)>::isValid, "invalid assertion condition")
; if ((__builtin_expect(!!(!(!!(counts))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1929); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 1929; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); \
1930 counts->numExec()++; \
1931 } \
1932 JS_END_MACRO} while (0)
1933
1934#define COUNT_COVERAGE_MAIN()do { jsbytecode* main = script->main(); if (!BytecodeIsJumpTarget
(JSOp(*main))) do { if (script->hasScriptCounts()) { PCCounts
* counts = script->maybeGetPCCounts(main); do { static_assert
( mozilla::detail::AssertionConditionType<decltype(counts)
>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(counts))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1934); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 1934; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0); } while (0) \
1935 JS_BEGIN_MACROdo { \
1936 jsbytecode* main = script->main(); \
1937 if (!BytecodeIsJumpTarget(JSOp(*main))) COUNT_COVERAGE_PC(main)do { if (script->hasScriptCounts()) { PCCounts* counts = script
->maybeGetPCCounts(main); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(counts)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(counts))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1937); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 1937; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0); \
1938 JS_END_MACRO} while (0)
1939
1940#define COUNT_COVERAGE()do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc
)))>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc)))
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1940); AnnotateMozCrashReason("MOZ_ASSERT" "(" "BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
")"); do { *((volatile int*)__null) = 1940; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); do { if (script
->hasScriptCounts()) { PCCounts* counts = script->maybeGetPCCounts
((activation.regs()).pc); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(counts)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(counts))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1940); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 1940; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0); } while (0) \
1941 JS_BEGIN_MACROdo { \
1942 MOZ_ASSERT(BytecodeIsJumpTarget(JSOp(*REGS.pc)))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc)))
>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc)))
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1942); AnnotateMozCrashReason("MOZ_ASSERT" "(" "BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
")"); do { *((volatile int*)__null) = 1942; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); \
1943 COUNT_COVERAGE_PC(REGS.pc)do { if (script->hasScriptCounts()) { PCCounts* counts = script
->maybeGetPCCounts((activation.regs()).pc); do { static_assert
( mozilla::detail::AssertionConditionType<decltype(counts)
>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(counts))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1943); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 1943; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0); \
1944 JS_END_MACRO} while (0)
1945
1946#define SET_SCRIPT(s)do { script = (s); do { static_assert( mozilla::detail::AssertionConditionType
<decltype(cx->realm() == script->realm())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(cx->realm() == script->realm()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("cx->realm() == script->realm()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1946); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->realm() == script->realm()"
")"); do { *((volatile int*)__null) = 1946; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); if (DebugAPI
::hasAnyBreakpointsOrStepMode(script) || script->hasScriptCounts
()) activation.enableInterruptsUnconditionally(); } while (0) \
1947 JS_BEGIN_MACROdo { \
1948 script = (s); \
1949 MOZ_ASSERT(cx->realm() == script->realm())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->realm() == script->realm())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(cx->realm() == script->
realm()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("cx->realm() == script->realm()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1949); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->realm() == script->realm()"
")"); do { *((volatile int*)__null) = 1949; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); \
1950 if (DebugAPI::hasAnyBreakpointsOrStepMode(script) || \
1951 script->hasScriptCounts()) \
1952 activation.enableInterruptsUnconditionally(); \
1953 JS_END_MACRO} while (0)
1954
1955#define SANITY_CHECKS()do { js::gc::MaybeVerifyBarriers(cx); } while (0) \
1956 JS_BEGIN_MACROdo { \
1957 js::gc::MaybeVerifyBarriers(cx); \
1958 JS_END_MACRO} while (0)
1959
1960// Verify that an uninitialized lexical is followed by a correct check op.
1961#ifdef DEBUG1
1962# define ASSERT_UNINITIALIZED_ALIASED_LEXICAL(val)do { if (IsUninitializedLexical(val)) { JSOp next = JSOp(*GetNextPc
((activation.regs()).pc)); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(next == JSOp::CheckThis ||
next == JSOp::CheckReturn || next == JSOp::CheckThisReinit ||
next == JSOp::CheckAliasedLexical)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(next == JSOp::CheckThis || next
== JSOp::CheckReturn || next == JSOp::CheckThisReinit || next
== JSOp::CheckAliasedLexical))), 0))) { do { } while (false)
; MOZ_ReportAssertionFailure("next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1962); AnnotateMozCrashReason("MOZ_ASSERT" "(" "next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
")"); do { *((volatile int*)__null) = 1962; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
0) \
1963 JS_BEGIN_MACROdo { \
1964 if (IsUninitializedLexical(val)) { \
1965 JSOp next = JSOp(*GetNextPc(REGS(activation.regs()).pc)); \
1966 MOZ_ASSERT(next == JSOp::CheckThis || next == JSOp::CheckReturn || \do { static_assert( mozilla::detail::AssertionConditionType<
decltype(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1968); AnnotateMozCrashReason("MOZ_ASSERT" "(" "next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
")"); do { *((volatile int*)__null) = 1968; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
1967 next == JSOp::CheckThisReinit || \do { static_assert( mozilla::detail::AssertionConditionType<
decltype(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1968); AnnotateMozCrashReason("MOZ_ASSERT" "(" "next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
")"); do { *((volatile int*)__null) = 1968; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
1968 next == JSOp::CheckAliasedLexical)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1968); AnnotateMozCrashReason("MOZ_ASSERT" "(" "next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
")"); do { *((volatile int*)__null) = 1968; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); \
1969 } \
1970 JS_END_MACRO} while (0)
1971#else
1972# define ASSERT_UNINITIALIZED_ALIASED_LEXICAL(val)do { if (IsUninitializedLexical(val)) { JSOp next = JSOp(*GetNextPc
((activation.regs()).pc)); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(next == JSOp::CheckThis ||
next == JSOp::CheckReturn || next == JSOp::CheckThisReinit ||
next == JSOp::CheckAliasedLexical)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(next == JSOp::CheckThis || next
== JSOp::CheckReturn || next == JSOp::CheckThisReinit || next
== JSOp::CheckAliasedLexical))), 0))) { do { } while (false)
; MOZ_ReportAssertionFailure("next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1972); AnnotateMozCrashReason("MOZ_ASSERT" "(" "next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
")"); do { *((volatile int*)__null) = 1972; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
0) \
1973 JS_BEGIN_MACROdo { \
1974 /* nothing */ \
1975 JS_END_MACRO} while (0)
1976#endif
1977
1978 gc::MaybeVerifyBarriers(cx, true);
1979
1980 InterpreterFrame* entryFrame = state.pushInterpreterFrame(cx);
1981 if (!entryFrame) {
1982 return false;
1983 }
1984
1985 InterpreterActivation activation(state, cx, entryFrame);
1986
1987 /* The script is used frequently, so keep a local copy. */
1988 RootedScript script(cx);
1989 SET_SCRIPT(REGS.fp()->script())do { script = ((activation.regs()).fp()->script()); do { static_assert
( mozilla::detail::AssertionConditionType<decltype(cx->
realm() == script->realm())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(cx->realm() == script->
realm()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("cx->realm() == script->realm()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 1989); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->realm() == script->realm()"
")"); do { *((volatile int*)__null) = 1989; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); if (DebugAPI
::hasAnyBreakpointsOrStepMode(script) || script->hasScriptCounts
()) activation.enableInterruptsUnconditionally(); } while (0);
1990
1991 /*
1992 * Pool of rooters for use in this interpreter frame. References to these
1993 * are used for local variables within interpreter cases. This avoids
1994 * creating new rooters each time an interpreter case is entered, and also
1995 * correctness pitfalls due to incorrect compilation of destructor calls
1996 * around computed gotos.
1997 */
1998 RootedTuple<Value, Value, JSObject*, JSObject*, JSFunction*, JSAtom*,
1999 PropertyName*, PropertyKey, JSScript*, Scope*>
2000 roots(cx);
2001 RootedField<Value, 0> rootValue0(roots);
2002 RootedField<Value, 1> rootValue1(roots);
2003 RootedField<JSObject*, 2> rootObject0(roots);
2004 RootedField<JSObject*, 3> rootObject1(roots);
2005 RootedField<JSFunction*> rootFunction0(roots);
2006 RootedField<JSAtom*> rootAtom0(roots);
2007 RootedField<PropertyName*> rootName0(roots);
2008 RootedField<PropertyKey> rootId0(roots);
2009 RootedField<JSScript*> rootScript0(roots);
2010 RootedField<Scope*> rootScope0(roots);
2011
2012 DebugOnly<uint32_t> blockDepth;
2013
2014 /* State communicated between non-local jumps: */
2015 bool interpReturnOK;
2016 bool frameHalfInitialized;
2017
2018 if (!activation.entryFrame()->prologue(cx)) {
2019 goto prologue_error;
2020 }
2021
2022 if (!DebugAPI::onEnterFrame(cx, activation.entryFrame())) {
2023 goto error;
2024 }
2025
2026 // Increment the coverage for the main entry point.
2027 INIT_COVERAGE()do { if (!script->hasScriptCounts()) { if (cx->realm()->
collectCoverageForDebug()) { if (!script->initScriptCounts
(cx)) goto error; } } } while (0);
2028 COUNT_COVERAGE_MAIN()do { jsbytecode* main = script->main(); if (!BytecodeIsJumpTarget
(JSOp(*main))) do { if (script->hasScriptCounts()) { PCCounts
* counts = script->maybeGetPCCounts(main); do { static_assert
( mozilla::detail::AssertionConditionType<decltype(counts)
>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(counts))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2028); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 2028; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0); } while (0);
2029
2030 // Enter the interpreter loop starting at the current pc.
2031 ADVANCE_AND_DISPATCH(0)do { (activation.regs()).pc += (0); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0);
2032
2033 INTERPRETER_LOOP() {
2034 CASE(EnableInterruptsPseudoOpcode)label_EnableInterruptsPseudoOpcode: {
2035 bool moreInterrupts = false;
2036 jsbytecode op = *REGS(activation.regs()).pc;
2037
2038 if (!script->hasScriptCounts() &&
2039 cx->realm()->collectCoverageForDebug()) {
2040 if (!script->initScriptCounts(cx)) {
2041 goto error;
2042 }
2043 }
2044
2045 if (script->isDebuggee()) {
2046 if (DebugAPI::stepModeEnabled(script)) {
2047 if (!DebugAPI::onSingleStep(cx)) {
2048 goto error;
2049 }
2050 moreInterrupts = true;
2051 }
2052
2053 if (DebugAPI::hasAnyBreakpointsOrStepMode(script)) {
2054 moreInterrupts = true;
2055 }
2056
2057 if (DebugAPI::hasBreakpointsAt(script, REGS(activation.regs()).pc)) {
2058 if (!DebugAPI::onTrap(cx)) {
2059 goto error;
2060 }
2061 }
2062 }
2063
2064 MOZ_ASSERT(activation.opMask() == EnableInterruptsPseudoOpcode)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(activation.opMask() == EnableInterruptsPseudoOpcode)
>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(activation.opMask() == EnableInterruptsPseudoOpcode)
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("activation.opMask() == EnableInterruptsPseudoOpcode"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2064); AnnotateMozCrashReason("MOZ_ASSERT" "(" "activation.opMask() == EnableInterruptsPseudoOpcode"
")"); do { *((volatile int*)__null) = 2064; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2065 if (!moreInterrupts) {
2066 activation.clearInterruptsMask();
2067 }
2068
2069 /* Commence executing the actual opcode. */
2070 SANITY_CHECKS()do { js::gc::MaybeVerifyBarriers(cx); } while (0);
2071 DISPATCH_TO(op)goto* addresses[(op)];
2072 }
2073
2074 /* Various 1-byte no-ops. */
2075 CASE(Nop)label_Nop:
2076 CASE(Try)label_Try:
2077 CASE(NopDestructuring)label_NopDestructuring:
2078 CASE(NopIsAssignOp)label_NopIsAssignOp:
2079 CASE(TryDestructuring)label_TryDestructuring: {
2080 MOZ_ASSERT(GetBytecodeLength(REGS.pc) == 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(GetBytecodeLength((activation.regs()).pc) == 1)>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(GetBytecodeLength((activation.regs()).pc) == 1))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("GetBytecodeLength((activation.regs()).pc) == 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2080); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetBytecodeLength((activation.regs()).pc) == 1"
")"); do { *((volatile int*)__null) = 2080; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2081 ADVANCE_AND_DISPATCH(1)do { (activation.regs()).pc += (1); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0);
2082 }
2083
2084 CASE(JumpTarget)label_JumpTarget:
2085 COUNT_COVERAGE()do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc
)))>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc)))
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2085); AnnotateMozCrashReason("MOZ_ASSERT" "(" "BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
")"); do { *((volatile int*)__null) = 2085; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); do { if (script
->hasScriptCounts()) { PCCounts* counts = script->maybeGetPCCounts
((activation.regs()).pc); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(counts)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(counts))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2085); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 2085; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0); } while (0);
2086 END_CASE(JumpTarget)do { (activation.regs()).pc += (JSOpLength_JumpTarget); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2087
2088 CASE(LoopHead)label_LoopHead: {
2089 COUNT_COVERAGE()do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc
)))>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc)))
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2089); AnnotateMozCrashReason("MOZ_ASSERT" "(" "BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
")"); do { *((volatile int*)__null) = 2089; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); do { if (script
->hasScriptCounts()) { PCCounts* counts = script->maybeGetPCCounts
((activation.regs()).pc); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(counts)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(counts))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2089); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 2089; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0); } while (0);
2090
2091 // Attempt on-stack replacement into the Baseline Interpreter.
2092 if (jit::IsBaselineInterpreterEnabled()) {
2093 script->incWarmUpCounter();
2094
2095 jit::MethodStatus status =
2096 jit::CanEnterBaselineInterpreterAtBranch(cx, REGS(activation.regs()).fp());
2097 if (status == jit::Method_Error) {
2098 goto error;
2099 }
2100 if (status == jit::Method_Compiled) {
2101 bool wasProfiler = REGS(activation.regs()).fp()->hasPushedGeckoProfilerFrame();
2102
2103 jit::JitExecStatus maybeOsr;
2104 {
2105 GeckoProfilerBaselineOSRMarker osr(cx, wasProfiler);
2106 maybeOsr =
2107 jit::EnterBaselineInterpreterAtBranch(cx, REGS(activation.regs()).fp(), REGS(activation.regs()).pc);
2108 }
2109
2110 // We failed to call into baseline at all, so treat as an error.
2111 if (maybeOsr == jit::JitExec_Aborted) {
2112 goto error;
2113 }
2114
2115 interpReturnOK = (maybeOsr == jit::JitExec_Ok);
2116
2117 // Pop the profiler frame pushed by the interpreter. (The compiled
2118 // version of the function popped a copy of the frame pushed by the
2119 // OSR trampoline.)
2120 if (wasProfiler) {
2121 cx->geckoProfiler().exit(cx, script);
2122 }
2123
2124 if (activation.entryFrame() != REGS(activation.regs()).fp()) {
2125 goto jit_return_pop_frame;
2126 }
2127 goto leave_on_safe_point;
2128 }
2129 }
2130 }
2131 END_CASE(LoopHead)do { (activation.regs()).pc += (JSOpLength_LoopHead); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2132
2133 CASE(Lineno)label_Lineno:
2134 END_CASE(Lineno)do { (activation.regs()).pc += (JSOpLength_Lineno); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2135
2136 CASE(ForceInterpreter)label_ForceInterpreter: {
2137 // Ensure pattern matching still works.
2138 MOZ_ASSERT(script->hasForceInterpreterOp())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(script->hasForceInterpreterOp())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(script->hasForceInterpreterOp
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("script->hasForceInterpreterOp()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2138); AnnotateMozCrashReason("MOZ_ASSERT" "(" "script->hasForceInterpreterOp()"
")"); do { *((volatile int*)__null) = 2138; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2139 }
2140 END_CASE(ForceInterpreter)do { (activation.regs()).pc += (JSOpLength_ForceInterpreter);
do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2141
2142 CASE(Undefined)label_Undefined: { PUSH_UNDEFINED()(activation.regs()).sp++->setUndefined(); }
2143 END_CASE(Undefined)do { (activation.regs()).pc += (JSOpLength_Undefined); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2144
2145 CASE(Pop)label_Pop: { REGS(activation.regs()).sp--; }
2146 END_CASE(Pop)do { (activation.regs()).pc += (JSOpLength_Pop); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2147
2148 CASE(PopN)label_PopN: {
2149 MOZ_ASSERT(GET_UINT16(REGS.pc) <= REGS.stackDepth())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(GET_UINT16((activation.regs()).pc) <= (activation
.regs()).stackDepth())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(GET_UINT16((activation.regs(
)).pc) <= (activation.regs()).stackDepth()))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("GET_UINT16((activation.regs()).pc) <= (activation.regs()).stackDepth()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2149); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GET_UINT16((activation.regs()).pc) <= (activation.regs()).stackDepth()"
")"); do { *((volatile int*)__null) = 2149; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2150 REGS(activation.regs()).sp -= GET_UINT16(REGS(activation.regs()).pc);
2151 }
2152 END_CASE(PopN)do { (activation.regs()).pc += (JSOpLength_PopN); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2153
2154 CASE(DupAt)label_DupAt: {
2155 MOZ_ASSERT(GET_UINT24(REGS.pc) < REGS.stackDepth())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(GET_UINT24((activation.regs()).pc) < (activation.
regs()).stackDepth())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(GET_UINT24((activation.regs(
)).pc) < (activation.regs()).stackDepth()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("GET_UINT24((activation.regs()).pc) < (activation.regs()).stackDepth()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2155); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GET_UINT24((activation.regs()).pc) < (activation.regs()).stackDepth()"
")"); do { *((volatile int*)__null) = 2155; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2156 unsigned i = GET_UINT24(REGS(activation.regs()).pc);
2157 const Value& rref = REGS(activation.regs()).sp[-int(i + 1)];
2158 PUSH_COPY(rref)do { *(activation.regs()).sp++ = (rref); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
2159 }
2160 END_CASE(DupAt)do { (activation.regs()).pc += (JSOpLength_DupAt); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2161
2162 CASE(SetRval)label_SetRval: { POP_RETURN_VALUE()(activation.regs()).fp()->setReturnValue(*--(activation.regs
()).sp); }
2163 END_CASE(SetRval)do { (activation.regs()).pc += (JSOpLength_SetRval); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2164
2165 CASE(GetRval)label_GetRval: { PUSH_COPY(REGS.fp()->returnValue())do { *(activation.regs()).sp++ = ((activation.regs()).fp()->
returnValue()); cx->debugOnlyCheck((activation.regs()).sp[
-1]); } while (0); }
2166 END_CASE(GetRval)do { (activation.regs()).pc += (JSOpLength_GetRval); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2167
2168 CASE(EnterWith)label_EnterWith: {
2169 ReservedRooted<Value> val(&rootValue0, REGS(activation.regs()).sp[-1]);
2170 REGS(activation.regs()).sp--;
2171 ReservedRooted<Scope*> scope(&rootScope0, script->getScope(REGS(activation.regs()).pc));
2172
2173 if (!EnterWithOperation(cx, REGS(activation.regs()).fp(), val, scope.as<WithScope>())) {
2174 goto error;
2175 }
2176 }
2177 END_CASE(EnterWith)do { (activation.regs()).pc += (JSOpLength_EnterWith); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2178
2179 CASE(LeaveWith)label_LeaveWith: {
2180 REGS(activation.regs()).fp()->popOffEnvironmentChain<WithEnvironmentObject>();
2181 }
2182 END_CASE(LeaveWith)do { (activation.regs()).pc += (JSOpLength_LeaveWith); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2183
2184#ifdef ENABLE_EXPLICIT_RESOURCE_MANAGEMENT1
2185 CASE(AddDisposable)label_AddDisposable: {
2186 ReservedRooted<JSObject*> env(&rootObject0,
2187 REGS(activation.regs()).fp()->environmentChain());
2188
2189 ReservedRooted<JS::Value> needsClosure(&rootValue0);
2190 POP_COPY_TO(needsClosure)(needsClosure) = *--(activation.regs()).sp;
2191
2192 ReservedRooted<JS::Value> method(&rootValue1);
2193 POP_COPY_TO(method)(method) = *--(activation.regs()).sp;
2194
2195 JS::Rooted<JS::Value> val(cx);
2196 POP_COPY_TO(val)(val) = *--(activation.regs()).sp;
2197
2198 UsingHint hint = UsingHint(GET_UINT8(REGS(activation.regs()).pc));
2199
2200 if (!AddDisposableResourceToCapability(cx, env, val, method,
2201 needsClosure.toBoolean(), hint)) {
2202 goto error;
2203 }
2204 }
2205 END_CASE(AddDisposable)do { (activation.regs()).pc += (JSOpLength_AddDisposable); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2206
2207 CASE(TakeDisposeCapability)label_TakeDisposeCapability: {
2208 ReservedRooted<JSObject*> env(&rootObject0,
2209 REGS(activation.regs()).fp()->environmentChain());
2210 JS::Value maybeDisposables =
2211 env->as<DisposableEnvironmentObject>().getDisposables();
2212
2213 MOZ_ASSERT(maybeDisposables.isObject() || maybeDisposables.isUndefined())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(maybeDisposables.isObject() || maybeDisposables.isUndefined
())>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(maybeDisposables.isObject() || maybeDisposables.isUndefined
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("maybeDisposables.isObject() || maybeDisposables.isUndefined()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2213); AnnotateMozCrashReason("MOZ_ASSERT" "(" "maybeDisposables.isObject() || maybeDisposables.isUndefined()"
")"); do { *((volatile int*)__null) = 2213; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2214
2215 if (maybeDisposables.isUndefined()) {
2216 PUSH_UNDEFINED()(activation.regs()).sp++->setUndefined();
2217 } else {
2218 PUSH_OBJECT(maybeDisposables.toObject())do { (activation.regs()).sp++->setObject(maybeDisposables.
toObject()); cx->debugOnlyCheck((activation.regs()).sp[-1]
); } while (0);
2219 env->as<DisposableEnvironmentObject>().clearDisposables();
2220 }
2221 }
2222 END_CASE(TakeDisposeCapability)do { (activation.regs()).pc += (JSOpLength_TakeDisposeCapability
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2223
2224 CASE(CreateSuppressedError)label_CreateSuppressedError: {
2225 ReservedRooted<JS::Value> error(&rootValue0);
2226 ReservedRooted<JS::Value> suppressed(&rootValue1);
2227 POP_COPY_TO(suppressed)(suppressed) = *--(activation.regs()).sp;
2228 POP_COPY_TO(error)(error) = *--(activation.regs()).sp;
2229 ErrorObject* errorObj = CreateSuppressedError(cx, error, suppressed);
2230 if (!errorObj) {
2231 goto error;
2232 }
2233 PUSH_OBJECT(*errorObj)do { (activation.regs()).sp++->setObject(*errorObj); cx->
debugOnlyCheck((activation.regs()).sp[-1]); } while (0);
2234 }
2235 END_CASE(CreateSuppressedError)do { (activation.regs()).pc += (JSOpLength_CreateSuppressedError
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2236#endif
2237
2238 CASE(Return)label_Return: {
2239 POP_RETURN_VALUE()(activation.regs()).fp()->setReturnValue(*--(activation.regs
()).sp);
2240 /* FALL THROUGH */
2241 }
2242 CASE(RetRval)label_RetRval: {
2243 /*
2244 * When the inlined frame exits with an exception or an error, ok will be
2245 * false after the inline_return label.
2246 */
2247 CHECK_BRANCH()do { if (!CheckForInterrupt(cx)) goto error; } while (0);
2248
2249 successful_return_continuation:
2250 interpReturnOK = true;
2251
2252 return_continuation:
2253 frameHalfInitialized = false;
2254
2255 prologue_return_continuation:
2256
2257 if (activation.entryFrame() != REGS(activation.regs()).fp()) {
2258 // Stop the engine. (No details about which engine exactly, could be
2259 // interpreter, Baseline or IonMonkey.)
2260 if (MOZ_LIKELY(!frameHalfInitialized)(__builtin_expect(!!(!frameHalfInitialized), 1))) {
2261 interpReturnOK =
2262 DebugAPI::onLeaveFrame(cx, REGS(activation.regs()).fp(), REGS(activation.regs()).pc, interpReturnOK);
2263
2264 REGS(activation.regs()).fp()->epilogue(cx, REGS(activation.regs()).pc);
2265 }
2266
2267 jit_return_pop_frame:
2268
2269 activation.popInlineFrame(REGS(activation.regs()).fp());
2270 {
2271 JSScript* callerScript = REGS(activation.regs()).fp()->script();
2272 if (cx->realm() != callerScript->realm()) {
2273 cx->leaveRealm(callerScript->realm());
2274 }
2275 SET_SCRIPT(callerScript)do { script = (callerScript); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(cx->realm() == script
->realm())>::isValid, "invalid assertion condition"); if
((__builtin_expect(!!(!(!!(cx->realm() == script->realm
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("cx->realm() == script->realm()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2275); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->realm() == script->realm()"
")"); do { *((volatile int*)__null) = 2275; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); if (DebugAPI
::hasAnyBreakpointsOrStepMode(script) || script->hasScriptCounts
()) activation.enableInterruptsUnconditionally(); } while (0);
2276 }
2277
2278 jit_return:
2279
2280 MOZ_ASSERT(IsInvokePC(REGS.pc))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsInvokePC((activation.regs()).pc))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(IsInvokePC((activation.regs(
)).pc)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("IsInvokePC((activation.regs()).pc)", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2280); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsInvokePC((activation.regs()).pc)"
")"); do { *((volatile int*)__null) = 2280; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2281 MOZ_ASSERT(cx->realm() == script->realm())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->realm() == script->realm())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(cx->realm() == script->
realm()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("cx->realm() == script->realm()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2281); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->realm() == script->realm()"
")"); do { *((volatile int*)__null) = 2281; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2282
2283 /* Resume execution in the calling frame. */
2284 if (MOZ_LIKELY(interpReturnOK)(__builtin_expect(!!(interpReturnOK), 1))) {
2285 if (JSOp(*REGS(activation.regs()).pc) == JSOp::Resume) {
2286 ADVANCE_AND_DISPATCH(JSOpLength_Resume)do { (activation.regs()).pc += (JSOpLength_Resume); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2287 }
2288
2289 MOZ_ASSERT(GetBytecodeLength(REGS.pc) == JSOpLength_Call)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(GetBytecodeLength((activation.regs()).pc) == JSOpLength_Call
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(GetBytecodeLength((activation.regs()).pc) == JSOpLength_Call
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"GetBytecodeLength((activation.regs()).pc) == JSOpLength_Call"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2289); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetBytecodeLength((activation.regs()).pc) == JSOpLength_Call"
")"); do { *((volatile int*)__null) = 2289; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2290 ADVANCE_AND_DISPATCH(JSOpLength_Call)do { (activation.regs()).pc += (JSOpLength_Call); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2291 }
2292
2293 goto error;
2294 } else {
2295 // Stack should be empty for the outer frame, unless we executed the
2296 // first |await| expression in an async function.
2297 MOZ_ASSERT(REGS.stackDepth() == 0 ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() == 0 || (JSOp(*(activation
.regs()).pc) == JSOp::Await && !(activation.regs()).fp
()->isResumedGenerator()))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!((activation.regs()).stackDepth
() == 0 || (JSOp(*(activation.regs()).pc) == JSOp::Await &&
!(activation.regs()).fp()->isResumedGenerator())))), 0)))
{ do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() == 0 || (JSOp(*(activation.regs()).pc) == JSOp::Await && !(activation.regs()).fp()->isResumedGenerator())"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2299); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() == 0 || (JSOp(*(activation.regs()).pc) == JSOp::Await && !(activation.regs()).fp()->isResumedGenerator())"
")"); do { *((volatile int*)__null) = 2299; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
2298 (JSOp(*REGS.pc) == JSOp::Await &&do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() == 0 || (JSOp(*(activation
.regs()).pc) == JSOp::Await && !(activation.regs()).fp
()->isResumedGenerator()))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!((activation.regs()).stackDepth
() == 0 || (JSOp(*(activation.regs()).pc) == JSOp::Await &&
!(activation.regs()).fp()->isResumedGenerator())))), 0)))
{ do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() == 0 || (JSOp(*(activation.regs()).pc) == JSOp::Await && !(activation.regs()).fp()->isResumedGenerator())"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2299); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() == 0 || (JSOp(*(activation.regs()).pc) == JSOp::Await && !(activation.regs()).fp()->isResumedGenerator())"
")"); do { *((volatile int*)__null) = 2299; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
2299 !REGS.fp()->isResumedGenerator()))do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() == 0 || (JSOp(*(activation
.regs()).pc) == JSOp::Await && !(activation.regs()).fp
()->isResumedGenerator()))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!((activation.regs()).stackDepth
() == 0 || (JSOp(*(activation.regs()).pc) == JSOp::Await &&
!(activation.regs()).fp()->isResumedGenerator())))), 0)))
{ do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() == 0 || (JSOp(*(activation.regs()).pc) == JSOp::Await && !(activation.regs()).fp()->isResumedGenerator())"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2299); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() == 0 || (JSOp(*(activation.regs()).pc) == JSOp::Await && !(activation.regs()).fp()->isResumedGenerator())"
")"); do { *((volatile int*)__null) = 2299; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2300 }
2301 goto exit;
2302 }
2303
2304 CASE(Default)label_Default: {
2305 REGS(activation.regs()).sp--;
2306 /* FALL THROUGH */
2307 }
2308 CASE(Goto)label_Goto: { BRANCH(GET_JUMP_OFFSET(REGS.pc))do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc))
; if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0); }
2309
2310 CASE(JumpIfFalse)label_JumpIfFalse: {
2311 bool cond = ToBoolean(REGS(activation.regs()).stackHandleAt(-1));
2312 REGS(activation.regs()).sp--;
2313 if (!cond) {
2314 BRANCH(GET_JUMP_OFFSET(REGS.pc))do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc))
; if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0);
2315 }
2316 }
2317 END_CASE(JumpIfFalse)do { (activation.regs()).pc += (JSOpLength_JumpIfFalse); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2318
2319 CASE(JumpIfTrue)label_JumpIfTrue: {
2320 bool cond = ToBoolean(REGS(activation.regs()).stackHandleAt(-1));
2321 REGS(activation.regs()).sp--;
2322 if (cond) {
2323 BRANCH(GET_JUMP_OFFSET(REGS.pc))do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc))
; if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0);
2324 }
2325 }
2326 END_CASE(JumpIfTrue)do { (activation.regs()).pc += (JSOpLength_JumpIfTrue); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2327
2328 CASE(Or)label_Or: {
2329 bool cond = ToBoolean(REGS(activation.regs()).stackHandleAt(-1));
2330 if (cond) {
2331 ADVANCE_AND_DISPATCH(GET_JUMP_OFFSET(REGS.pc))do { (activation.regs()).pc += (GET_JUMP_OFFSET((activation.regs
()).pc)); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto
* addresses[(*(activation.regs()).pc | activation.opMask())];
} while (0);
2332 }
2333 }
2334 END_CASE(Or)do { (activation.regs()).pc += (JSOpLength_Or); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2335
2336 CASE(Coalesce)label_Coalesce: {
2337 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-1);
2338 bool cond = !res.isNullOrUndefined();
2339 if (cond) {
2340 ADVANCE_AND_DISPATCH(GET_JUMP_OFFSET(REGS.pc))do { (activation.regs()).pc += (GET_JUMP_OFFSET((activation.regs
()).pc)); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto
* addresses[(*(activation.regs()).pc | activation.opMask())];
} while (0);
2341 }
2342 }
2343 END_CASE(Coalesce)do { (activation.regs()).pc += (JSOpLength_Coalesce); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2344
2345 CASE(And)label_And: {
2346 bool cond = ToBoolean(REGS(activation.regs()).stackHandleAt(-1));
2347 if (!cond) {
2348 ADVANCE_AND_DISPATCH(GET_JUMP_OFFSET(REGS.pc))do { (activation.regs()).pc += (GET_JUMP_OFFSET((activation.regs
()).pc)); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto
* addresses[(*(activation.regs()).pc | activation.opMask())];
} while (0);
2349 }
2350 }
2351 END_CASE(And)do { (activation.regs()).pc += (JSOpLength_And); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2352
2353#define FETCH_ELEMENT_ID(n, id)do { if (!ToPropertyKey(cx, (activation.regs()).stackHandleAt
(n), &(id))) goto error; } while (0) \
2354 JS_BEGIN_MACROdo { \
2355 if (!ToPropertyKey(cx, REGS(activation.regs()).stackHandleAt(n), &(id))) goto error; \
2356 JS_END_MACRO} while (0)
2357
2358#define TRY_BRANCH_AFTER_COND(cond, spdec)do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(GetBytecodeLength((activation.regs()).pc) == 1)>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(GetBytecodeLength((activation.regs()).pc) == 1))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("GetBytecodeLength((activation.regs()).pc) == 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2358); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetBytecodeLength((activation.regs()).pc) == 1"
")"); do { *((volatile int*)__null) = 2358; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); unsigned diff_
= (unsigned)GET_UINT8((activation.regs()).pc) - (unsigned)JSOp
::JumpIfFalse; if (diff_ <= 1) { (activation.regs()).sp -=
(spdec); if ((cond) == (diff_ != 0)) { ++(activation.regs())
.pc; do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs())
.pc)); if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto
error; } while (0); do { (activation.regs()).pc += (nlen); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
); } while (0); } do { (activation.regs()).pc += (1 + JSOpLength_JumpIfFalse
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
); } } while (0) \
2359 JS_BEGIN_MACROdo { \
2360 MOZ_ASSERT(GetBytecodeLength(REGS.pc) == 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(GetBytecodeLength((activation.regs()).pc) == 1)>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(GetBytecodeLength((activation.regs()).pc) == 1))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("GetBytecodeLength((activation.regs()).pc) == 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2360); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetBytecodeLength((activation.regs()).pc) == 1"
")"); do { *((volatile int*)__null) = 2360; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); \
2361 unsigned diff_ = \
2362 (unsigned)GET_UINT8(REGS(activation.regs()).pc) - (unsigned)JSOp::JumpIfFalse; \
2363 if (diff_ <= 1) { \
2364 REGS(activation.regs()).sp -= (spdec); \
2365 if ((cond) == (diff_ != 0)) { \
2366 ++REGS(activation.regs()).pc; \
2367 BRANCH(GET_JUMP_OFFSET(REGS.pc))do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc))
; if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0); \
2368 } \
2369 ADVANCE_AND_DISPATCH(1 + JSOpLength_JumpIfFalse)do { (activation.regs()).pc += (1 + JSOpLength_JumpIfFalse); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
); \
2370 } \
2371 JS_END_MACRO} while (0)
2372
2373 CASE(In)label_In: {
2374 HandleValue rref = REGS(activation.regs()).stackHandleAt(-1);
2375 if (!rref.isObject()) {
2376 HandleValue lref = REGS(activation.regs()).stackHandleAt(-2);
2377 ReportInNotObjectError(cx, lref, rref);
2378 goto error;
2379 }
2380 bool found;
2381 {
2382 ReservedRooted<JSObject*> obj(&rootObject0, &rref.toObject());
2383 ReservedRooted<jsid> id(&rootId0);
2384 FETCH_ELEMENT_ID(-2, id)do { if (!ToPropertyKey(cx, (activation.regs()).stackHandleAt
(-2), &(id))) goto error; } while (0);
2385 if (!HasProperty(cx, obj, id, &found)) {
2386 goto error;
2387 }
2388 }
2389 TRY_BRANCH_AFTER_COND(found, 2)do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(GetBytecodeLength((activation.regs()).pc) == 1)>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(GetBytecodeLength((activation.regs()).pc) == 1))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("GetBytecodeLength((activation.regs()).pc) == 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2389); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetBytecodeLength((activation.regs()).pc) == 1"
")"); do { *((volatile int*)__null) = 2389; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); unsigned diff_
= (unsigned)GET_UINT8((activation.regs()).pc) - (unsigned)JSOp
::JumpIfFalse; if (diff_ <= 1) { (activation.regs()).sp -=
(2); if ((found) == (diff_ != 0)) { ++(activation.regs()).pc
; do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc
)); if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0); } do { (activation.regs()).pc += (1 + JSOpLength_JumpIfFalse
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
); } } while (0);
2390 REGS(activation.regs()).sp--;
2391 REGS(activation.regs()).sp[-1].setBoolean(found);
2392 }
2393 END_CASE(In)do { (activation.regs()).pc += (JSOpLength_In); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2394
2395 CASE(HasOwn)label_HasOwn: {
2396 HandleValue val = REGS(activation.regs()).stackHandleAt(-1);
2397 HandleValue idval = REGS(activation.regs()).stackHandleAt(-2);
2398
2399 bool found;
2400 if (!HasOwnProperty(cx, val, idval, &found)) {
2401 goto error;
2402 }
2403
2404 REGS(activation.regs()).sp--;
2405 REGS(activation.regs()).sp[-1].setBoolean(found);
2406 }
2407 END_CASE(HasOwn)do { (activation.regs()).pc += (JSOpLength_HasOwn); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2408
2409 CASE(CheckPrivateField)label_CheckPrivateField: {
2410 /* Load the object being initialized into lval/val. */
2411 HandleValue val = REGS(activation.regs()).stackHandleAt(-2);
2412 HandleValue idval = REGS(activation.regs()).stackHandleAt(-1);
2413
2414 bool result = false;
2415 if (!CheckPrivateFieldOperation(cx, REGS(activation.regs()).pc, val, idval, &result)) {
2416 goto error;
2417 }
2418
2419 PUSH_BOOLEAN(result)(activation.regs()).sp++->setBoolean(result);
2420 }
2421 END_CASE(CheckPrivateField)do { (activation.regs()).pc += (JSOpLength_CheckPrivateField)
; do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2422
2423 CASE(NewPrivateName)label_NewPrivateName: {
2424 ReservedRooted<JSAtom*> name(&rootAtom0, script->getAtom(REGS(activation.regs()).pc));
2425
2426 auto* symbol = NewPrivateName(cx, name);
2427 if (!symbol) {
2428 goto error;
2429 }
2430
2431 PUSH_SYMBOL(symbol)(activation.regs()).sp++->setSymbol(symbol);
2432 }
2433 END_CASE(NewPrivateName)do { (activation.regs()).pc += (JSOpLength_NewPrivateName); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2434
2435 CASE(IsNullOrUndefined)label_IsNullOrUndefined: {
2436 bool b = REGS(activation.regs()).sp[-1].isNullOrUndefined();
2437 PUSH_BOOLEAN(b)(activation.regs()).sp++->setBoolean(b);
2438 }
2439 END_CASE(IsNullOrUndefined)do { (activation.regs()).pc += (JSOpLength_IsNullOrUndefined)
; do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2440
2441 CASE(Iter)label_Iter: {
2442 MOZ_ASSERT(REGS.stackDepth() >= 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 1)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 1))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2442); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 1"
")"); do { *((volatile int*)__null) = 2442; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2443 HandleValue val = REGS(activation.regs()).stackHandleAt(-1);
2444 JSObject* iter = ValueToIterator(cx, val);
2445 if (!iter) {
2446 goto error;
2447 }
2448 REGS(activation.regs()).sp[-1].setObject(*iter);
2449 }
2450 END_CASE(Iter)do { (activation.regs()).pc += (JSOpLength_Iter); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2451
2452 CASE(MoreIter)label_MoreIter: {
2453 MOZ_ASSERT(REGS.stackDepth() >= 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 1)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 1))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2453); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 1"
")"); do { *((volatile int*)__null) = 2453; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2454 MOZ_ASSERT(REGS.sp[-1].isObject())do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).sp[-1].isObject())>::isValid,
"invalid assertion condition"); if ((__builtin_expect(!!(!(!
!((activation.regs()).sp[-1].isObject()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("(activation.regs()).sp[-1].isObject()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2454); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).sp[-1].isObject()"
")"); do { *((volatile int*)__null) = 2454; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2455 Value v = IteratorMore(&REGS(activation.regs()).sp[-1].toObject());
2456 PUSH_COPY(v)do { *(activation.regs()).sp++ = (v); cx->debugOnlyCheck((
activation.regs()).sp[-1]); } while (0);
2457 }
2458 END_CASE(MoreIter)do { (activation.regs()).pc += (JSOpLength_MoreIter); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2459
2460 CASE(IsNoIter)label_IsNoIter: {
2461 bool b = REGS(activation.regs()).sp[-1].isMagic(JS_NO_ITER_VALUE);
2462 PUSH_BOOLEAN(b)(activation.regs()).sp++->setBoolean(b);
2463 }
2464 END_CASE(IsNoIter)do { (activation.regs()).pc += (JSOpLength_IsNoIter); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2465
2466 CASE(EndIter)label_EndIter: {
2467 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2467); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 2467; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2468 CloseIterator(&REGS(activation.regs()).sp[-2].toObject());
2469 REGS(activation.regs()).sp -= 2;
2470 }
2471 END_CASE(EndIter)do { (activation.regs()).pc += (JSOpLength_EndIter); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2472
2473 CASE(CloseIter)label_CloseIter: {
2474 ReservedRooted<JSObject*> iter(&rootObject0, &REGS(activation.regs()).sp[-1].toObject());
2475 CompletionKind kind = CompletionKind(GET_UINT8(REGS(activation.regs()).pc));
2476 if (!CloseIterOperation(cx, iter, kind)) {
2477 goto error;
2478 }
2479 REGS(activation.regs()).sp--;
2480 }
2481 END_CASE(CloseIter)do { (activation.regs()).pc += (JSOpLength_CloseIter); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2482
2483 CASE(OptimizeGetIterator)label_OptimizeGetIterator: {
2484 ReservedRooted<Value> val(&rootValue0, REGS(activation.regs()).sp[-1]);
2485 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
2486 bool result;
2487 if (!OptimizeGetIterator(cx, val, &result)) {
2488 goto error;
2489 }
2490 rval.setBoolean(result);
2491 }
2492 END_CASE(OptimizeGetIterator)do { (activation.regs()).pc += (JSOpLength_OptimizeGetIterator
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2493
2494 CASE(IsGenClosing)label_IsGenClosing: {
2495 bool b = REGS(activation.regs()).sp[-1].isMagic(JS_GENERATOR_CLOSING);
2496 PUSH_BOOLEAN(b)(activation.regs()).sp++->setBoolean(b);
2497 }
2498 END_CASE(IsGenClosing)do { (activation.regs()).pc += (JSOpLength_IsGenClosing); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2499
2500 CASE(Dup)label_Dup: {
2501 MOZ_ASSERT(REGS.stackDepth() >= 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 1)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 1))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2501); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 1"
")"); do { *((volatile int*)__null) = 2501; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2502 const Value& rref = REGS(activation.regs()).sp[-1];
2503 PUSH_COPY(rref)do { *(activation.regs()).sp++ = (rref); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
2504 }
2505 END_CASE(Dup)do { (activation.regs()).pc += (JSOpLength_Dup); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2506
2507 CASE(Dup2)label_Dup2: {
2508 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2508); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 2508; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2509 const Value& lref = REGS(activation.regs()).sp[-2];
2510 const Value& rref = REGS(activation.regs()).sp[-1];
2511 PUSH_COPY(lref)do { *(activation.regs()).sp++ = (lref); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
2512 PUSH_COPY(rref)do { *(activation.regs()).sp++ = (rref); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
2513 }
2514 END_CASE(Dup2)do { (activation.regs()).pc += (JSOpLength_Dup2); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2515
2516 CASE(Swap)label_Swap: {
2517 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2517); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 2517; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2518 Value& lref = REGS(activation.regs()).sp[-2];
2519 Value& rref = REGS(activation.regs()).sp[-1];
2520 lref.swap(rref);
2521 }
2522 END_CASE(Swap)do { (activation.regs()).pc += (JSOpLength_Swap); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2523
2524 CASE(Pick)label_Pick: {
2525 unsigned i = GET_UINT8(REGS(activation.regs()).pc);
2526 MOZ_ASSERT(REGS.stackDepth() >= i + 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= i + 1)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= i + 1))), 0))) { do
{ } while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= i + 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2526); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= i + 1"
")"); do { *((volatile int*)__null) = 2526; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2527 Value lval = REGS(activation.regs()).sp[-int(i + 1)];
2528 memmove(REGS(activation.regs()).sp - (i + 1), REGS(activation.regs()).sp - i, sizeof(Value) * i);
2529 REGS(activation.regs()).sp[-1] = lval;
2530 }
2531 END_CASE(Pick)do { (activation.regs()).pc += (JSOpLength_Pick); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2532
2533 CASE(Unpick)label_Unpick: {
2534 int i = GET_UINT8(REGS(activation.regs()).pc);
2535 MOZ_ASSERT(REGS.stackDepth() >= unsigned(i) + 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= unsigned(i) +
1)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).stackDepth() >= unsigned(i) +
1))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("(activation.regs()).stackDepth() >= unsigned(i) + 1", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2535); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= unsigned(i) + 1"
")"); do { *((volatile int*)__null) = 2535; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2536 Value lval = REGS(activation.regs()).sp[-1];
2537 memmove(REGS(activation.regs()).sp - i, REGS(activation.regs()).sp - (i + 1), sizeof(Value) * i);
2538 REGS(activation.regs()).sp[-(i + 1)] = lval;
2539 }
2540 END_CASE(Unpick)do { (activation.regs()).pc += (JSOpLength_Unpick); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2541
2542 CASE(BindUnqualifiedGName)label_BindUnqualifiedGName:
2543 CASE(BindUnqualifiedName)label_BindUnqualifiedName: {
2544 JSOp op = JSOp(*REGS(activation.regs()).pc);
2545 ReservedRooted<JSObject*> envChain(&rootObject0);
2546 if (op == JSOp::BindUnqualifiedName) {
2547 envChain.set(REGS(activation.regs()).fp()->environmentChain());
2548 } else {
2549 MOZ_ASSERT(!script->hasNonSyntacticScope())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!script->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!script->hasNonSyntacticScope
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!script->hasNonSyntacticScope()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2549); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!script->hasNonSyntacticScope()"
")"); do { *((volatile int*)__null) = 2549; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2550 envChain.set(&REGS(activation.regs()).fp()->global().lexicalEnvironment());
2551 }
2552 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
2553
2554 // Assigning to an undeclared name adds a property to the global object.
2555 JSObject* env = LookupNameUnqualified(cx, name, envChain);
2556 if (!env) {
2557 goto error;
2558 }
2559
2560 PUSH_OBJECT(*env)do { (activation.regs()).sp++->setObject(*env); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
2561
2562 static_assert(
2563 JSOpLength_BindUnqualifiedName == JSOpLength_BindUnqualifiedGName,
2564 "We're sharing the END_CASE so the lengths better match");
2565 }
2566 END_CASE(BindUnqualifiedName)do { (activation.regs()).pc += (JSOpLength_BindUnqualifiedName
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2567
2568 CASE(BindName)label_BindName: {
2569 auto envChain = REGS(activation.regs()).fp()->environmentChain();
2570 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
2571
2572 JSObject* env = LookupNameWithGlobalDefault(cx, name, envChain);
2573 if (!env) {
2574 goto error;
2575 }
2576
2577 PUSH_OBJECT(*env)do { (activation.regs()).sp++->setObject(*env); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
2578 }
2579 END_CASE(BindName)do { (activation.regs()).pc += (JSOpLength_BindName); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2580
2581 CASE(BindVar)label_BindVar: {
2582 JSObject* varObj = BindVarOperation(cx, REGS(activation.regs()).fp()->environmentChain());
2583 PUSH_OBJECT(*varObj)do { (activation.regs()).sp++->setObject(*varObj); cx->
debugOnlyCheck((activation.regs()).sp[-1]); } while (0);
2584 }
2585 END_CASE(BindVar)do { (activation.regs()).pc += (JSOpLength_BindVar); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2586
2587 CASE(BitOr)label_BitOr: {
2588 MutableHandleValue lhs = REGS(activation.regs()).stackHandleAt(-2);
2589 MutableHandleValue rhs = REGS(activation.regs()).stackHandleAt(-1);
2590 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2591 if (!BitOrOperation(cx, lhs, rhs, res)) {
2592 goto error;
2593 }
2594 REGS(activation.regs()).sp--;
2595 }
2596 END_CASE(BitOr)do { (activation.regs()).pc += (JSOpLength_BitOr); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2597
2598 CASE(BitXor)label_BitXor: {
2599 MutableHandleValue lhs = REGS(activation.regs()).stackHandleAt(-2);
2600 MutableHandleValue rhs = REGS(activation.regs()).stackHandleAt(-1);
2601 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2602 if (!BitXorOperation(cx, lhs, rhs, res)) {
2603 goto error;
2604 }
2605 REGS(activation.regs()).sp--;
2606 }
2607 END_CASE(BitXor)do { (activation.regs()).pc += (JSOpLength_BitXor); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2608
2609 CASE(BitAnd)label_BitAnd: {
2610 MutableHandleValue lhs = REGS(activation.regs()).stackHandleAt(-2);
2611 MutableHandleValue rhs = REGS(activation.regs()).stackHandleAt(-1);
2612 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2613 if (!BitAndOperation(cx, lhs, rhs, res)) {
2614 goto error;
2615 }
2616 REGS(activation.regs()).sp--;
2617 }
2618 END_CASE(BitAnd)do { (activation.regs()).pc += (JSOpLength_BitAnd); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2619
2620 CASE(Eq)label_Eq: {
2621 if (!LooseEqualityOp<true>(cx, REGS(activation.regs()))) {
2622 goto error;
2623 }
2624 }
2625 END_CASE(Eq)do { (activation.regs()).pc += (JSOpLength_Eq); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2626
2627 CASE(Ne)label_Ne: {
2628 if (!LooseEqualityOp<false>(cx, REGS(activation.regs()))) {
2629 goto error;
2630 }
2631 }
2632 END_CASE(Ne)do { (activation.regs()).pc += (JSOpLength_Ne); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2633
2634#define STRICT_EQUALITY_OP(OP, COND) \
2635 JS_BEGIN_MACROdo { \
2636 HandleValue lval = REGS(activation.regs()).stackHandleAt(-2); \
2637 HandleValue rval = REGS(activation.regs()).stackHandleAt(-1); \
2638 bool equal; \
2639 if (!js::StrictlyEqual(cx, lval, rval, &equal)) { \
2640 goto error; \
2641 } \
2642 (COND) = equal OP true; \
2643 REGS(activation.regs()).sp--; \
2644 JS_END_MACRO} while (0)
2645
2646 CASE(StrictEq)label_StrictEq: {
2647 bool cond;
2648 STRICT_EQUALITY_OP(==, cond);
2649 REGS(activation.regs()).sp[-1].setBoolean(cond);
2650 }
2651 END_CASE(StrictEq)do { (activation.regs()).pc += (JSOpLength_StrictEq); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2652
2653 CASE(StrictNe)label_StrictNe: {
2654 bool cond;
2655 STRICT_EQUALITY_OP(!=, cond);
2656 REGS(activation.regs()).sp[-1].setBoolean(cond);
2657 }
2658 END_CASE(StrictNe)do { (activation.regs()).pc += (JSOpLength_StrictNe); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2659
2660#undef STRICT_EQUALITY_OP
2661
2662 CASE(Case)label_Case: {
2663 bool cond = REGS(activation.regs()).sp[-1].toBoolean();
2664 REGS(activation.regs()).sp--;
2665 if (cond) {
2666 REGS(activation.regs()).sp--;
2667 BRANCH(GET_JUMP_OFFSET(REGS.pc))do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc))
; if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0);
2668 }
2669 }
2670 END_CASE(Case)do { (activation.regs()).pc += (JSOpLength_Case); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2671
2672 CASE(Lt)label_Lt: {
2673 bool cond;
2674 MutableHandleValue lval = REGS(activation.regs()).stackHandleAt(-2);
2675 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
2676 if (!LessThanOperation(cx, lval, rval, &cond)) {
2677 goto error;
2678 }
2679 TRY_BRANCH_AFTER_COND(cond, 2)do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(GetBytecodeLength((activation.regs()).pc) == 1)>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(GetBytecodeLength((activation.regs()).pc) == 1))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("GetBytecodeLength((activation.regs()).pc) == 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2679); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetBytecodeLength((activation.regs()).pc) == 1"
")"); do { *((volatile int*)__null) = 2679; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); unsigned diff_
= (unsigned)GET_UINT8((activation.regs()).pc) - (unsigned)JSOp
::JumpIfFalse; if (diff_ <= 1) { (activation.regs()).sp -=
(2); if ((cond) == (diff_ != 0)) { ++(activation.regs()).pc;
do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc)
); if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0); } do { (activation.regs()).pc += (1 + JSOpLength_JumpIfFalse
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
); } } while (0);
2680 REGS(activation.regs()).sp[-2].setBoolean(cond);
2681 REGS(activation.regs()).sp--;
2682 }
2683 END_CASE(Lt)do { (activation.regs()).pc += (JSOpLength_Lt); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2684
2685 CASE(Le)label_Le: {
2686 bool cond;
2687 MutableHandleValue lval = REGS(activation.regs()).stackHandleAt(-2);
2688 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
2689 if (!LessThanOrEqualOperation(cx, lval, rval, &cond)) {
2690 goto error;
2691 }
2692 TRY_BRANCH_AFTER_COND(cond, 2)do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(GetBytecodeLength((activation.regs()).pc) == 1)>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(GetBytecodeLength((activation.regs()).pc) == 1))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("GetBytecodeLength((activation.regs()).pc) == 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2692); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetBytecodeLength((activation.regs()).pc) == 1"
")"); do { *((volatile int*)__null) = 2692; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); unsigned diff_
= (unsigned)GET_UINT8((activation.regs()).pc) - (unsigned)JSOp
::JumpIfFalse; if (diff_ <= 1) { (activation.regs()).sp -=
(2); if ((cond) == (diff_ != 0)) { ++(activation.regs()).pc;
do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc)
); if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0); } do { (activation.regs()).pc += (1 + JSOpLength_JumpIfFalse
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
); } } while (0);
2693 REGS(activation.regs()).sp[-2].setBoolean(cond);
2694 REGS(activation.regs()).sp--;
2695 }
2696 END_CASE(Le)do { (activation.regs()).pc += (JSOpLength_Le); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2697
2698 CASE(Gt)label_Gt: {
2699 bool cond;
2700 MutableHandleValue lval = REGS(activation.regs()).stackHandleAt(-2);
2701 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
2702 if (!GreaterThanOperation(cx, lval, rval, &cond)) {
2703 goto error;
2704 }
2705 TRY_BRANCH_AFTER_COND(cond, 2)do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(GetBytecodeLength((activation.regs()).pc) == 1)>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(GetBytecodeLength((activation.regs()).pc) == 1))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("GetBytecodeLength((activation.regs()).pc) == 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2705); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetBytecodeLength((activation.regs()).pc) == 1"
")"); do { *((volatile int*)__null) = 2705; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); unsigned diff_
= (unsigned)GET_UINT8((activation.regs()).pc) - (unsigned)JSOp
::JumpIfFalse; if (diff_ <= 1) { (activation.regs()).sp -=
(2); if ((cond) == (diff_ != 0)) { ++(activation.regs()).pc;
do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc)
); if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0); } do { (activation.regs()).pc += (1 + JSOpLength_JumpIfFalse
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
); } } while (0);
2706 REGS(activation.regs()).sp[-2].setBoolean(cond);
2707 REGS(activation.regs()).sp--;
2708 }
2709 END_CASE(Gt)do { (activation.regs()).pc += (JSOpLength_Gt); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2710
2711 CASE(Ge)label_Ge: {
2712 bool cond;
2713 MutableHandleValue lval = REGS(activation.regs()).stackHandleAt(-2);
2714 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
2715 if (!GreaterThanOrEqualOperation(cx, lval, rval, &cond)) {
2716 goto error;
2717 }
2718 TRY_BRANCH_AFTER_COND(cond, 2)do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(GetBytecodeLength((activation.regs()).pc) == 1)>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(GetBytecodeLength((activation.regs()).pc) == 1))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("GetBytecodeLength((activation.regs()).pc) == 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2718); AnnotateMozCrashReason("MOZ_ASSERT" "(" "GetBytecodeLength((activation.regs()).pc) == 1"
")"); do { *((volatile int*)__null) = 2718; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); unsigned diff_
= (unsigned)GET_UINT8((activation.regs()).pc) - (unsigned)JSOp
::JumpIfFalse; if (diff_ <= 1) { (activation.regs()).sp -=
(2); if ((cond) == (diff_ != 0)) { ++(activation.regs()).pc;
do { int32_t nlen = (GET_JUMP_OFFSET((activation.regs()).pc)
); if (nlen <= 0) do { if (!CheckForInterrupt(cx)) goto error
; } while (0); do { (activation.regs()).pc += (nlen); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
} while (0); } do { (activation.regs()).pc += (1 + JSOpLength_JumpIfFalse
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
); } } while (0);
2719 REGS(activation.regs()).sp[-2].setBoolean(cond);
2720 REGS(activation.regs()).sp--;
2721 }
2722 END_CASE(Ge)do { (activation.regs()).pc += (JSOpLength_Ge); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2723
2724 CASE(Lsh)label_Lsh: {
2725 MutableHandleValue lhs = REGS(activation.regs()).stackHandleAt(-2);
2726 MutableHandleValue rhs = REGS(activation.regs()).stackHandleAt(-1);
2727 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2728 if (!BitLshOperation(cx, lhs, rhs, res)) {
2729 goto error;
2730 }
2731 REGS(activation.regs()).sp--;
2732 }
2733 END_CASE(Lsh)do { (activation.regs()).pc += (JSOpLength_Lsh); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2734
2735 CASE(Rsh)label_Rsh: {
2736 MutableHandleValue lhs = REGS(activation.regs()).stackHandleAt(-2);
2737 MutableHandleValue rhs = REGS(activation.regs()).stackHandleAt(-1);
2738 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2739 if (!BitRshOperation(cx, lhs, rhs, res)) {
2740 goto error;
2741 }
2742 REGS(activation.regs()).sp--;
2743 }
2744 END_CASE(Rsh)do { (activation.regs()).pc += (JSOpLength_Rsh); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2745
2746 CASE(Ursh)label_Ursh: {
2747 MutableHandleValue lhs = REGS(activation.regs()).stackHandleAt(-2);
2748 MutableHandleValue rhs = REGS(activation.regs()).stackHandleAt(-1);
2749 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2750 if (!UrshOperation(cx, lhs, rhs, res)) {
2751 goto error;
2752 }
2753 REGS(activation.regs()).sp--;
2754 }
2755 END_CASE(Ursh)do { (activation.regs()).pc += (JSOpLength_Ursh); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2756
2757 CASE(Add)label_Add: {
2758 MutableHandleValue lval = REGS(activation.regs()).stackHandleAt(-2);
2759 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
2760 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2761 if (!AddOperation(cx, lval, rval, res)) {
2762 goto error;
2763 }
2764 REGS(activation.regs()).sp--;
2765 }
2766 END_CASE(Add)do { (activation.regs()).pc += (JSOpLength_Add); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2767
2768 CASE(Sub)label_Sub: {
2769 ReservedRooted<Value> lval(&rootValue0, REGS(activation.regs()).sp[-2]);
2770 ReservedRooted<Value> rval(&rootValue1, REGS(activation.regs()).sp[-1]);
2771 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2772 if (!SubOperation(cx, &lval, &rval, res)) {
2773 goto error;
2774 }
2775 REGS(activation.regs()).sp--;
2776 }
2777 END_CASE(Sub)do { (activation.regs()).pc += (JSOpLength_Sub); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2778
2779 CASE(Mul)label_Mul: {
2780 ReservedRooted<Value> lval(&rootValue0, REGS(activation.regs()).sp[-2]);
2781 ReservedRooted<Value> rval(&rootValue1, REGS(activation.regs()).sp[-1]);
2782 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2783 if (!MulOperation(cx, &lval, &rval, res)) {
2784 goto error;
2785 }
2786 REGS(activation.regs()).sp--;
2787 }
2788 END_CASE(Mul)do { (activation.regs()).pc += (JSOpLength_Mul); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2789
2790 CASE(Div)label_Div: {
2791 ReservedRooted<Value> lval(&rootValue0, REGS(activation.regs()).sp[-2]);
2792 ReservedRooted<Value> rval(&rootValue1, REGS(activation.regs()).sp[-1]);
2793 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2794 if (!DivOperation(cx, &lval, &rval, res)) {
2795 goto error;
2796 }
2797 REGS(activation.regs()).sp--;
2798 }
2799 END_CASE(Div)do { (activation.regs()).pc += (JSOpLength_Div); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2800
2801 CASE(Mod)label_Mod: {
2802 ReservedRooted<Value> lval(&rootValue0, REGS(activation.regs()).sp[-2]);
2803 ReservedRooted<Value> rval(&rootValue1, REGS(activation.regs()).sp[-1]);
2804 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2805 if (!ModOperation(cx, &lval, &rval, res)) {
2806 goto error;
2807 }
2808 REGS(activation.regs()).sp--;
2809 }
2810 END_CASE(Mod)do { (activation.regs()).pc += (JSOpLength_Mod); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2811
2812 CASE(Pow)label_Pow: {
2813 ReservedRooted<Value> lval(&rootValue0, REGS(activation.regs()).sp[-2]);
2814 ReservedRooted<Value> rval(&rootValue1, REGS(activation.regs()).sp[-1]);
2815 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
2816 if (!PowOperation(cx, &lval, &rval, res)) {
2817 goto error;
2818 }
2819 REGS(activation.regs()).sp--;
2820 }
2821 END_CASE(Pow)do { (activation.regs()).pc += (JSOpLength_Pow); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2822
2823 CASE(Not)label_Not: {
2824 bool cond = ToBoolean(REGS(activation.regs()).stackHandleAt(-1));
2825 REGS(activation.regs()).sp--;
2826 PUSH_BOOLEAN(!cond)(activation.regs()).sp++->setBoolean(!cond);
2827 }
2828 END_CASE(Not)do { (activation.regs()).pc += (JSOpLength_Not); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2829
2830 CASE(BitNot)label_BitNot: {
2831 MutableHandleValue val = REGS(activation.regs()).stackHandleAt(-1);
2832 if (!BitNotOperation(cx, val, val)) {
2833 goto error;
2834 }
2835 }
2836 END_CASE(BitNot)do { (activation.regs()).pc += (JSOpLength_BitNot); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2837
2838 CASE(Neg)label_Neg: {
2839 MutableHandleValue val = REGS(activation.regs()).stackHandleAt(-1);
2840 if (!NegOperation(cx, val, val)) {
2841 goto error;
2842 }
2843 }
2844 END_CASE(Neg)do { (activation.regs()).pc += (JSOpLength_Neg); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2845
2846 CASE(Pos)label_Pos: {
2847 if (!ToNumber(cx, REGS(activation.regs()).stackHandleAt(-1))) {
2848 goto error;
2849 }
2850 }
2851 END_CASE(Pos)do { (activation.regs()).pc += (JSOpLength_Pos); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2852
2853 CASE(DelName)label_DelName: {
2854 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
2855 HandleObject envChain = REGS(activation.regs()).fp()->environmentChain();
2856
2857 PUSH_BOOLEAN(true)(activation.regs()).sp++->setBoolean(true);
2858 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-1);
2859 if (!DeleteNameOperation(cx, name, envChain, res)) {
2860 goto error;
2861 }
2862 }
2863 END_CASE(DelName)do { (activation.regs()).pc += (JSOpLength_DelName); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2864
2865 CASE(DelProp)label_DelProp:
2866 CASE(StrictDelProp)label_StrictDelProp: {
2867 static_assert(JSOpLength_DelProp == JSOpLength_StrictDelProp,
2868 "delprop and strictdelprop must be the same size");
2869 HandleValue val = REGS(activation.regs()).stackHandleAt(-1);
2870 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
2871 bool res = false;
2872 if (JSOp(*REGS(activation.regs()).pc) == JSOp::StrictDelProp) {
2873 if (!DelPropOperation<true>(cx, val, name, &res)) {
2874 goto error;
2875 }
2876 } else {
2877 if (!DelPropOperation<false>(cx, val, name, &res)) {
2878 goto error;
2879 }
2880 }
2881 REGS(activation.regs()).sp[-1].setBoolean(res);
2882 }
2883 END_CASE(DelProp)do { (activation.regs()).pc += (JSOpLength_DelProp); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2884
2885 CASE(DelElem)label_DelElem:
2886 CASE(StrictDelElem)label_StrictDelElem: {
2887 static_assert(JSOpLength_DelElem == JSOpLength_StrictDelElem,
2888 "delelem and strictdelelem must be the same size");
2889 HandleValue val = REGS(activation.regs()).stackHandleAt(-2);
2890 HandleValue propval = REGS(activation.regs()).stackHandleAt(-1);
2891 bool res = false;
2892 if (JSOp(*REGS(activation.regs()).pc) == JSOp::StrictDelElem) {
2893 if (!DelElemOperation<true>(cx, val, propval, &res)) {
2894 goto error;
2895 }
2896 } else {
2897 if (!DelElemOperation<false>(cx, val, propval, &res)) {
2898 goto error;
2899 }
2900 }
2901 REGS(activation.regs()).sp[-2].setBoolean(res);
2902 REGS(activation.regs()).sp--;
2903 }
2904 END_CASE(DelElem)do { (activation.regs()).pc += (JSOpLength_DelElem); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2905
2906 CASE(ToPropertyKey)label_ToPropertyKey: {
2907 ReservedRooted<Value> idval(&rootValue1, REGS(activation.regs()).sp[-1]);
2908 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-1);
2909 if (!ToPropertyKeyOperation(cx, idval, res)) {
2910 goto error;
2911 }
2912 }
2913 END_CASE(ToPropertyKey)do { (activation.regs()).pc += (JSOpLength_ToPropertyKey); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2914
2915 CASE(TypeofExpr)label_TypeofExpr:
2916 CASE(Typeof)label_Typeof: {
2917 REGS(activation.regs()).sp[-1].setString(TypeOfOperation(REGS(activation.regs()).sp[-1], cx->runtime()));
2918 }
2919 END_CASE(Typeof)do { (activation.regs()).pc += (JSOpLength_Typeof); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2920
2921 CASE(TypeofEq)label_TypeofEq: {
2922 auto operand = TypeofEqOperand::fromRawValue(GET_UINT8(REGS(activation.regs()).pc));
2923 bool result = js::TypeOfValue(REGS(activation.regs()).sp[-1]) == operand.type();
2924 if (operand.compareOp() == JSOp::Ne) {
2925 result = !result;
2926 }
2927 REGS(activation.regs()).sp[-1].setBoolean(result);
2928 }
2929 END_CASE(TypeofEq)do { (activation.regs()).pc += (JSOpLength_TypeofEq); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2930
2931 CASE(Void)label_Void: { REGS(activation.regs()).sp[-1].setUndefined(); }
2932 END_CASE(Void)do { (activation.regs()).pc += (JSOpLength_Void); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
2933
2934 CASE(FunctionThis)label_FunctionThis: {
2935 PUSH_NULL()(activation.regs()).sp++->setNull();
2936 if (!GetFunctionThis(cx, REGS(activation.regs()).fp(), REGS(activation.regs()).stackHandleAt(-1))) {
2937 goto error;
2938 }
2939 }
2940 END_CASE(FunctionThis)do { (activation.regs()).pc += (JSOpLength_FunctionThis); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2941
2942 CASE(GlobalThis)label_GlobalThis: {
2943 MOZ_ASSERT(!script->hasNonSyntacticScope())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!script->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!script->hasNonSyntacticScope
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!script->hasNonSyntacticScope()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2943); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!script->hasNonSyntacticScope()"
")"); do { *((volatile int*)__null) = 2943; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
2944 PUSH_OBJECT(*cx->global()->lexicalEnvironment().thisObject())do { (activation.regs()).sp++->setObject(*cx->global()->
lexicalEnvironment().thisObject()); cx->debugOnlyCheck((activation
.regs()).sp[-1]); } while (0);
2945 }
2946 END_CASE(GlobalThis)do { (activation.regs()).pc += (JSOpLength_GlobalThis); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2947
2948 CASE(NonSyntacticGlobalThis)label_NonSyntacticGlobalThis: {
2949 PUSH_NULL()(activation.regs()).sp++->setNull();
2950 GetNonSyntacticGlobalThis(cx, REGS(activation.regs()).fp()->environmentChain(),
2951 REGS(activation.regs()).stackHandleAt(-1));
2952 }
2953 END_CASE(NonSyntacticGlobalThis)do { (activation.regs()).pc += (JSOpLength_NonSyntacticGlobalThis
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2954
2955 CASE(CheckIsObj)label_CheckIsObj: {
2956 if (!REGS(activation.regs()).sp[-1].isObject()) {
2957 MOZ_ALWAYS_FALSE(do { if ((__builtin_expect(!!(!(ThrowCheckIsObject(cx, CheckIsObjectKind
(GET_UINT8((activation.regs()).pc))))), 1))) { } else { do { do
{ } while (false); MOZ_ReportCrash("" "!(ThrowCheckIsObject(cx, CheckIsObjectKind(GET_UINT8((activation.regs()).pc))))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2958); AnnotateMozCrashReason("MOZ_CRASH(" "!(ThrowCheckIsObject(cx, CheckIsObjectKind(GET_UINT8((activation.regs()).pc))))"
")"); do { *((volatile int*)__null) = 2958; __attribute__((nomerge
)) ::abort(); } while (false); } while (false); } } while (false
)
2958 ThrowCheckIsObject(cx, CheckIsObjectKind(GET_UINT8(REGS.pc))))do { if ((__builtin_expect(!!(!(ThrowCheckIsObject(cx, CheckIsObjectKind
(GET_UINT8((activation.regs()).pc))))), 1))) { } else { do { do
{ } while (false); MOZ_ReportCrash("" "!(ThrowCheckIsObject(cx, CheckIsObjectKind(GET_UINT8((activation.regs()).pc))))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2958); AnnotateMozCrashReason("MOZ_CRASH(" "!(ThrowCheckIsObject(cx, CheckIsObjectKind(GET_UINT8((activation.regs()).pc))))"
")"); do { *((volatile int*)__null) = 2958; __attribute__((nomerge
)) ::abort(); } while (false); } while (false); } } while (false
);
2959 goto error;
2960 }
2961 }
2962 END_CASE(CheckIsObj)do { (activation.regs()).pc += (JSOpLength_CheckIsObj); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2963
2964 CASE(CheckThis)label_CheckThis: {
2965 if (REGS(activation.regs()).sp[-1].isMagic(JS_UNINITIALIZED_LEXICAL)) {
2966 MOZ_ALWAYS_FALSE(ThrowUninitializedThis(cx))do { if ((__builtin_expect(!!(!(ThrowUninitializedThis(cx))),
1))) { } else { do { do { } while (false); MOZ_ReportCrash(""
"!(ThrowUninitializedThis(cx))", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2966); AnnotateMozCrashReason("MOZ_CRASH(" "!(ThrowUninitializedThis(cx))"
")"); do { *((volatile int*)__null) = 2966; __attribute__((nomerge
)) ::abort(); } while (false); } while (false); } } while (false
);
2967 goto error;
2968 }
2969 }
2970 END_CASE(CheckThis)do { (activation.regs()).pc += (JSOpLength_CheckThis); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
2971
2972 CASE(CheckThisReinit)label_CheckThisReinit: {
2973 if (!REGS(activation.regs()).sp[-1].isMagic(JS_UNINITIALIZED_LEXICAL)) {
2974 MOZ_ALWAYS_FALSE(ThrowInitializedThis(cx))do { if ((__builtin_expect(!!(!(ThrowInitializedThis(cx))), 1
))) { } else { do { do { } while (false); MOZ_ReportCrash("" "!(ThrowInitializedThis(cx))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 2974); AnnotateMozCrashReason("MOZ_CRASH(" "!(ThrowInitializedThis(cx))"
")"); do { *((volatile int*)__null) = 2974; __attribute__((nomerge
)) ::abort(); } while (false); } while (false); } } while (false
);
2975 goto error;
2976 }
2977 }
2978 END_CASE(CheckThisReinit)do { (activation.regs()).pc += (JSOpLength_CheckThisReinit); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2979
2980 CASE(CheckReturn)label_CheckReturn: {
2981 ReservedRooted<Value> thisv(&rootValue0, REGS(activation.regs()).sp[-1]);
2982 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
2983 if (!REGS(activation.regs()).fp()->checkReturn(cx, thisv, rval)) {
2984 goto error;
2985 }
2986 }
2987 END_CASE(CheckReturn)do { (activation.regs()).pc += (JSOpLength_CheckReturn); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
2988
2989 CASE(GetProp)label_GetProp: {
2990 ReservedRooted<Value> lval(&rootValue0, REGS(activation.regs()).sp[-1]);
2991 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-1);
2992 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
2993 if (!GetPropertyOperation(cx, name, lval, res)) {
2994 goto error;
2995 }
2996 cx->debugOnlyCheck(res);
2997 }
2998 END_CASE(GetProp)do { (activation.regs()).pc += (JSOpLength_GetProp); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
2999
3000 CASE(GetPropSuper)label_GetPropSuper: {
3001 ReservedRooted<Value> receiver(&rootValue0, REGS(activation.regs()).sp[-2]);
3002 HandleValue lval = REGS(activation.regs()).stackHandleAt(-1);
3003 MOZ_ASSERT(lval.isObjectOrNull())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(lval.isObjectOrNull())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(lval.isObjectOrNull()))), 0)
)) { do { } while (false); MOZ_ReportAssertionFailure("lval.isObjectOrNull()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3003); AnnotateMozCrashReason("MOZ_ASSERT" "(" "lval.isObjectOrNull()"
")"); do { *((volatile int*)__null) = 3003; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3004 MutableHandleValue rref = REGS(activation.regs()).stackHandleAt(-2);
3005 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
3006
3007 ReservedRooted<JSObject*> obj(&rootObject0);
3008 obj = ToObjectFromStackForPropertyAccess(cx, lval, -1, name);
3009 if (!obj) {
3010 goto error;
3011 }
3012
3013 if (!GetProperty(cx, obj, receiver, name, rref)) {
3014 goto error;
3015 }
3016
3017 cx->debugOnlyCheck(rref);
3018
3019 REGS(activation.regs()).sp--;
3020 }
3021 END_CASE(GetPropSuper)do { (activation.regs()).pc += (JSOpLength_GetPropSuper); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3022
3023 CASE(GetBoundName)label_GetBoundName: {
3024 ReservedRooted<JSObject*> env(&rootObject0, &REGS(activation.regs()).sp[-1].toObject());
3025 ReservedRooted<jsid> id(&rootId0, NameToId(script->getName(REGS(activation.regs()).pc)));
3026 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
3027 if (!GetNameBoundInEnvironment(cx, env, id, rval)) {
3028 goto error;
3029 }
3030 cx->debugOnlyCheck(rval);
3031 }
3032 END_CASE(GetBoundName)do { (activation.regs()).pc += (JSOpLength_GetBoundName); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3033
3034 CASE(SetIntrinsic)label_SetIntrinsic: {
3035 HandleValue value = REGS(activation.regs()).stackHandleAt(-1);
3036
3037 if (!SetIntrinsicOperation(cx, script, REGS(activation.regs()).pc, value)) {
3038 goto error;
3039 }
3040 }
3041 END_CASE(SetIntrinsic)do { (activation.regs()).pc += (JSOpLength_SetIntrinsic); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3042
3043 CASE(SetGName)label_SetGName:
3044 CASE(StrictSetGName)label_StrictSetGName:
3045 CASE(SetName)label_SetName:
3046 CASE(StrictSetName)label_StrictSetName: {
3047 static_assert(JSOpLength_SetName == JSOpLength_StrictSetName,
3048 "setname and strictsetname must be the same size");
3049 static_assert(JSOpLength_SetGName == JSOpLength_StrictSetGName,
3050 "setgname and strictsetgname must be the same size");
3051 static_assert(JSOpLength_SetName == JSOpLength_SetGName,
3052 "We're sharing the END_CASE so the lengths better match");
3053
3054 ReservedRooted<JSObject*> env(&rootObject0, &REGS(activation.regs()).sp[-2].toObject());
3055 HandleValue value = REGS(activation.regs()).stackHandleAt(-1);
3056
3057 if (!SetNameOperation(cx, script, REGS(activation.regs()).pc, env, value)) {
3058 goto error;
3059 }
3060
3061 REGS(activation.regs()).sp[-2] = REGS(activation.regs()).sp[-1];
3062 REGS(activation.regs()).sp--;
3063 }
3064 END_CASE(SetName)do { (activation.regs()).pc += (JSOpLength_SetName); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3065
3066 CASE(SetProp)label_SetProp:
3067 CASE(StrictSetProp)label_StrictSetProp: {
3068 static_assert(JSOpLength_SetProp == JSOpLength_StrictSetProp,
3069 "setprop and strictsetprop must be the same size");
3070 int lvalIndex = -2;
3071 HandleValue lval = REGS(activation.regs()).stackHandleAt(lvalIndex);
3072 HandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
3073
3074 ReservedRooted<jsid> id(&rootId0, NameToId(script->getName(REGS(activation.regs()).pc)));
3075
3076 bool strict = JSOp(*REGS(activation.regs()).pc) == JSOp::StrictSetProp;
3077
3078 ReservedRooted<JSObject*> obj(&rootObject0);
3079 obj = ToObjectFromStackForPropertyAccess(cx, lval, lvalIndex, id);
3080 if (!obj) {
3081 goto error;
3082 }
3083
3084 if (!SetObjectElementOperation(cx, obj, id, rval, lval, strict)) {
3085 goto error;
3086 }
3087
3088 REGS(activation.regs()).sp[-2] = REGS(activation.regs()).sp[-1];
3089 REGS(activation.regs()).sp--;
3090 }
3091 END_CASE(SetProp)do { (activation.regs()).pc += (JSOpLength_SetProp); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3092
3093 CASE(SetPropSuper)label_SetPropSuper:
3094 CASE(StrictSetPropSuper)label_StrictSetPropSuper: {
3095 static_assert(
3096 JSOpLength_SetPropSuper == JSOpLength_StrictSetPropSuper,
3097 "setprop-super and strictsetprop-super must be the same size");
3098
3099 HandleValue receiver = REGS(activation.regs()).stackHandleAt(-3);
3100 HandleValue lval = REGS(activation.regs()).stackHandleAt(-2);
3101 MOZ_ASSERT(lval.isObjectOrNull())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(lval.isObjectOrNull())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(lval.isObjectOrNull()))), 0)
)) { do { } while (false); MOZ_ReportAssertionFailure("lval.isObjectOrNull()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3101); AnnotateMozCrashReason("MOZ_ASSERT" "(" "lval.isObjectOrNull()"
")"); do { *((volatile int*)__null) = 3101; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3102 HandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
3103 ReservedRooted<jsid> id(&rootId0, NameToId(script->getName(REGS(activation.regs()).pc)));
3104
3105 bool strict = JSOp(*REGS(activation.regs()).pc) == JSOp::StrictSetPropSuper;
3106
3107 ReservedRooted<JSObject*> obj(&rootObject0);
3108 obj = ToObjectFromStackForPropertyAccess(cx, lval, -2, id);
3109 if (!obj) {
3110 goto error;
3111 }
3112
3113 if (!SetObjectElementOperation(cx, obj, id, rval, receiver, strict)) {
3114 goto error;
3115 }
3116
3117 REGS(activation.regs()).sp[-3] = REGS(activation.regs()).sp[-1];
3118 REGS(activation.regs()).sp -= 2;
3119 }
3120 END_CASE(SetPropSuper)do { (activation.regs()).pc += (JSOpLength_SetPropSuper); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3121
3122 CASE(GetElem)label_GetElem: {
3123 int lvalIndex = -2;
3124 ReservedRooted<Value> lval(&rootValue0, REGS(activation.regs()).sp[lvalIndex]);
3125 HandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
3126 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-2);
3127
3128 if (!GetElementOperationWithStackIndex(cx, lval, lvalIndex, rval, res)) {
3129 goto error;
3130 }
3131
3132 REGS(activation.regs()).sp--;
3133 }
3134 END_CASE(GetElem)do { (activation.regs()).pc += (JSOpLength_GetElem); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3135
3136 CASE(GetElemSuper)label_GetElemSuper: {
3137 ReservedRooted<Value> receiver(&rootValue0, REGS(activation.regs()).sp[-3]);
3138 HandleValue index = REGS(activation.regs()).stackHandleAt(-2);
3139 HandleValue lval = REGS(activation.regs()).stackHandleAt(-1);
3140 MOZ_ASSERT(lval.isObjectOrNull())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(lval.isObjectOrNull())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(lval.isObjectOrNull()))), 0)
)) { do { } while (false); MOZ_ReportAssertionFailure("lval.isObjectOrNull()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3140); AnnotateMozCrashReason("MOZ_ASSERT" "(" "lval.isObjectOrNull()"
")"); do { *((volatile int*)__null) = 3140; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3141
3142 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-3);
3143
3144 ReservedRooted<JSObject*> obj(&rootObject0);
3145 obj = ToObjectFromStackForPropertyAccess(cx, lval, -1, index);
3146 if (!obj) {
3147 goto error;
3148 }
3149
3150 if (!GetObjectElementOperation(cx, JSOp(*REGS(activation.regs()).pc), obj, receiver, index,
3151 res)) {
3152 goto error;
3153 }
3154
3155 REGS(activation.regs()).sp -= 2;
3156 }
3157 END_CASE(GetElemSuper)do { (activation.regs()).pc += (JSOpLength_GetElemSuper); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3158
3159 CASE(SetElem)label_SetElem:
3160 CASE(StrictSetElem)label_StrictSetElem: {
3161 static_assert(JSOpLength_SetElem == JSOpLength_StrictSetElem,
3162 "setelem and strictsetelem must be the same size");
3163 int receiverIndex = -3;
3164 HandleValue receiver = REGS(activation.regs()).stackHandleAt(receiverIndex);
3165 HandleValue value = REGS(activation.regs()).stackHandleAt(-1);
3166
3167 ReservedRooted<JSObject*> obj(&rootObject0);
3168 obj = ToObjectFromStackForPropertyAccess(cx, receiver, receiverIndex,
3169 REGS(activation.regs()).stackHandleAt(-2));
3170 if (!obj) {
3171 goto error;
3172 }
3173
3174 ReservedRooted<jsid> id(&rootId0);
3175 FETCH_ELEMENT_ID(-2, id)do { if (!ToPropertyKey(cx, (activation.regs()).stackHandleAt
(-2), &(id))) goto error; } while (0);
3176
3177 if (!SetObjectElementOperation(cx, obj, id, value, receiver,
3178 JSOp(*REGS(activation.regs()).pc) == JSOp::StrictSetElem)) {
3179 goto error;
3180 }
3181 REGS(activation.regs()).sp[-3] = value;
3182 REGS(activation.regs()).sp -= 2;
3183 }
3184 END_CASE(SetElem)do { (activation.regs()).pc += (JSOpLength_SetElem); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3185
3186 CASE(SetElemSuper)label_SetElemSuper:
3187 CASE(StrictSetElemSuper)label_StrictSetElemSuper: {
3188 static_assert(
3189 JSOpLength_SetElemSuper == JSOpLength_StrictSetElemSuper,
3190 "setelem-super and strictsetelem-super must be the same size");
3191
3192 HandleValue receiver = REGS(activation.regs()).stackHandleAt(-4);
3193 HandleValue lval = REGS(activation.regs()).stackHandleAt(-2);
3194 MOZ_ASSERT(lval.isObjectOrNull())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(lval.isObjectOrNull())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(lval.isObjectOrNull()))), 0)
)) { do { } while (false); MOZ_ReportAssertionFailure("lval.isObjectOrNull()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3194); AnnotateMozCrashReason("MOZ_ASSERT" "(" "lval.isObjectOrNull()"
")"); do { *((volatile int*)__null) = 3194; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3195 HandleValue value = REGS(activation.regs()).stackHandleAt(-1);
3196
3197 ReservedRooted<JSObject*> obj(&rootObject0);
3198 obj = ToObjectFromStackForPropertyAccess(cx, lval, -2,
3199 REGS(activation.regs()).stackHandleAt(-3));
3200 if (!obj) {
3201 goto error;
3202 }
3203
3204 ReservedRooted<jsid> id(&rootId0);
3205 FETCH_ELEMENT_ID(-3, id)do { if (!ToPropertyKey(cx, (activation.regs()).stackHandleAt
(-3), &(id))) goto error; } while (0);
3206
3207 bool strict = JSOp(*REGS(activation.regs()).pc) == JSOp::StrictSetElemSuper;
3208 if (!SetObjectElementOperation(cx, obj, id, value, receiver, strict)) {
3209 goto error;
3210 }
3211 REGS(activation.regs()).sp[-4] = value;
3212 REGS(activation.regs()).sp -= 3;
3213 }
3214 END_CASE(SetElemSuper)do { (activation.regs()).pc += (JSOpLength_SetElemSuper); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3215
3216 CASE(Eval)label_Eval:
3217 CASE(StrictEval)label_StrictEval: {
3218 static_assert(JSOpLength_Eval == JSOpLength_StrictEval,
3219 "eval and stricteval must be the same size");
3220
3221 CallArgs args = CallArgsFromSp(GET_ARGC(REGS(activation.regs()).pc), REGS(activation.regs()).sp);
3222 if (cx->global()->valueIsEval(args.calleev())) {
3223 if (!DirectEval(cx, args.get(0), args.rval())) {
3224 goto error;
3225 }
3226 } else {
3227 if (!CallFromStack(cx, args, CallReason::Call)) {
3228 goto error;
3229 }
3230 }
3231
3232 REGS(activation.regs()).sp = args.spAfterCall();
3233 }
3234 END_CASE(Eval)do { (activation.regs()).pc += (JSOpLength_Eval); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3235
3236 CASE(SpreadNew)label_SpreadNew:
3237 CASE(SpreadCall)label_SpreadCall:
3238 CASE(SpreadSuperCall)label_SpreadSuperCall: {
3239 if (REGS(activation.regs()).fp()->hasPushedGeckoProfilerFrame()) {
3240 cx->geckoProfiler().updatePC(cx, script, REGS(activation.regs()).pc);
3241 }
3242 /* FALL THROUGH */
3243 }
3244
3245 CASE(SpreadEval)label_SpreadEval:
3246 CASE(StrictSpreadEval)label_StrictSpreadEval: {
3247 static_assert(JSOpLength_SpreadEval == JSOpLength_StrictSpreadEval,
3248 "spreadeval and strictspreadeval must be the same size");
3249 bool construct = JSOp(*REGS(activation.regs()).pc) == JSOp::SpreadNew ||
3250 JSOp(*REGS(activation.regs()).pc) == JSOp::SpreadSuperCall;
3251
3252 MOZ_ASSERT(REGS.stackDepth() >= 3u + construct)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 3u + construct
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).stackDepth() >= 3u + construct
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"(activation.regs()).stackDepth() >= 3u + construct", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3252); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 3u + construct"
")"); do { *((volatile int*)__null) = 3252; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3253
3254 HandleValue callee = REGS(activation.regs()).stackHandleAt(-3 - construct);
3255 HandleValue thisv = REGS(activation.regs()).stackHandleAt(-2 - construct);
3256 HandleValue arr = REGS(activation.regs()).stackHandleAt(-1 - construct);
3257 MutableHandleValue ret = REGS(activation.regs()).stackHandleAt(-3 - construct);
3258
3259 ReservedRooted<Value> newTarget(&rootValue0);
3260 if (construct) {
3261 newTarget = REGS(activation.regs()).sp[-1];
3262 } else {
3263 newTarget = NullValue();
3264 }
3265
3266 if (!SpreadCallOperation(cx, script, REGS(activation.regs()).pc, thisv, callee, arr,
3267 newTarget, ret)) {
3268 goto error;
3269 }
3270
3271 REGS(activation.regs()).sp -= 2 + construct;
3272 }
3273 END_CASE(SpreadCall)do { (activation.regs()).pc += (JSOpLength_SpreadCall); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3274
3275 CASE(New)label_New:
3276 CASE(NewContent)label_NewContent:
3277 CASE(Call)label_Call:
3278 CASE(CallContent)label_CallContent:
3279 CASE(CallIgnoresRv)label_CallIgnoresRv:
3280 CASE(CallIter)label_CallIter:
3281 CASE(CallContentIter)label_CallContentIter:
3282 CASE(SuperCall)label_SuperCall: {
3283 static_assert(JSOpLength_Call == JSOpLength_New,
3284 "call and new must be the same size");
3285 static_assert(JSOpLength_Call == JSOpLength_CallContent,
3286 "call and call-content must be the same size");
3287 static_assert(JSOpLength_Call == JSOpLength_CallIgnoresRv,
3288 "call and call-ignores-rv must be the same size");
3289 static_assert(JSOpLength_Call == JSOpLength_CallIter,
3290 "call and calliter must be the same size");
3291 static_assert(JSOpLength_Call == JSOpLength_CallContentIter,
3292 "call and call-content-iter must be the same size");
3293 static_assert(JSOpLength_Call == JSOpLength_SuperCall,
3294 "call and supercall must be the same size");
3295
3296 if (REGS(activation.regs()).fp()->hasPushedGeckoProfilerFrame()) {
3297 cx->geckoProfiler().updatePC(cx, script, REGS(activation.regs()).pc);
3298 }
3299
3300 JSOp op = JSOp(*REGS(activation.regs()).pc);
3301 MaybeConstruct construct = MaybeConstruct(
3302 op == JSOp::New || op == JSOp::NewContent || op == JSOp::SuperCall);
3303 bool ignoresReturnValue = op == JSOp::CallIgnoresRv;
3304 unsigned argStackSlots = GET_ARGC(REGS(activation.regs()).pc) + construct;
3305
3306 MOZ_ASSERT(REGS.stackDepth() >= 2u + GET_ARGC(REGS.pc))do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2u + GET_ARGC
((activation.regs()).pc))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!((activation.regs()).stackDepth
() >= 2u + GET_ARGC((activation.regs()).pc)))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2u + GET_ARGC((activation.regs()).pc)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3306); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2u + GET_ARGC((activation.regs()).pc)"
")"); do { *((volatile int*)__null) = 3306; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3307 CallArgs args =
3308 CallArgsFromSp(argStackSlots, REGS(activation.regs()).sp, construct, ignoresReturnValue);
3309
3310 JSFunction* maybeFun;
3311 bool isFunction = IsFunctionObject(args.calleev(), &maybeFun);
3312
3313 // Use the slow path if the callee is not an interpreted function, if we
3314 // have to throw an exception, or if we might have to invoke the
3315 // OnNativeCall hook for a self-hosted builtin.
3316 if (!isFunction || !maybeFun->isInterpreted() ||
3317 (construct && !maybeFun->isConstructor()) ||
3318 (!construct && maybeFun->isClassConstructor()) ||
3319 cx->realm()->debuggerObservesNativeCall()) {
3320 if (construct) {
3321 CallReason reason = op == JSOp::NewContent ? CallReason::CallContent
3322 : CallReason::Call;
3323 if (!ConstructFromStack(cx, args, reason)) {
3324 goto error;
3325 }
3326 } else {
3327 if ((op == JSOp::CallIter || op == JSOp::CallContentIter) &&
3328 args.calleev().isPrimitive()) {
3329 MOZ_ASSERT(args.length() == 0, "thisv must be on top of the stack")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(args.length() == 0)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(args.length() == 0))), 0))) {
do { } while (false); MOZ_ReportAssertionFailure("args.length() == 0"
" (" "thisv must be on top of the stack" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3329); AnnotateMozCrashReason("MOZ_ASSERT" "(" "args.length() == 0"
") (" "thisv must be on top of the stack" ")"); do { *((volatile
int*)__null) = 3329; __attribute__((nomerge)) ::abort(); } while
(false); } } while (false);
3330 ReportValueError(cx, JSMSG_NOT_ITERABLE, -1, args.thisv(), nullptr);
3331 goto error;
3332 }
3333
3334 CallReason reason =
3335 (op == JSOp::CallContent || op == JSOp::CallContentIter)
3336 ? CallReason::CallContent
3337 : CallReason::Call;
3338 if (!CallFromStack(cx, args, reason)) {
3339 goto error;
3340 }
3341 }
3342 Value* newsp = args.spAfterCall();
3343 REGS(activation.regs()).sp = newsp;
3344 ADVANCE_AND_DISPATCH(JSOpLength_Call)do { (activation.regs()).pc += (JSOpLength_Call); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3345 }
3346
3347 {
3348 MOZ_ASSERT(maybeFun)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(maybeFun)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(maybeFun))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("maybeFun", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3348); AnnotateMozCrashReason("MOZ_ASSERT" "(" "maybeFun" ")"
); do { *((volatile int*)__null) = 3348; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3349 ReservedRooted<JSFunction*> fun(&rootFunction0, maybeFun);
3350 ReservedRooted<JSScript*> funScript(
3351 &rootScript0, JSFunction::getOrCreateScript(cx, fun));
3352 if (!funScript) {
3353 goto error;
3354 }
3355
3356 // Enter the callee's realm if this is a cross-realm call. Use
3357 // MakeScopeExit to leave this realm on all error/JIT-return paths
3358 // below.
3359 const bool isCrossRealm = cx->realm() != funScript->realm();
3360 if (isCrossRealm) {
3361 cx->enterRealmOf(funScript);
3362 }
3363 auto leaveRealmGuard =
3364 mozilla::MakeScopeExit([isCrossRealm, cx, &script] {
3365 if (isCrossRealm) {
3366 cx->leaveRealm(script->realm());
3367 }
3368 });
3369
3370 if (construct && !MaybeCreateThisForConstructor(cx, args)) {
3371 goto error;
3372 }
3373
3374 {
3375 InvokeState state(cx, args, construct);
3376
3377 jit::EnterJitStatus status = jit::MaybeEnterJit(cx, state);
3378 switch (status) {
3379 case jit::EnterJitStatus::Error:
3380 goto error;
3381 case jit::EnterJitStatus::Ok:
3382 interpReturnOK = true;
3383 CHECK_BRANCH()do { if (!CheckForInterrupt(cx)) goto error; } while (0);
3384 REGS(activation.regs()).sp = args.spAfterCall();
3385 goto jit_return;
3386 case jit::EnterJitStatus::NotEntered:
3387 break;
3388 }
3389
3390#ifdef NIGHTLY_BUILD1
3391 // If entry trampolines are enabled, call back into
3392 // MaybeEnterInterpreterTrampoline so we can generate an
3393 // entry trampoline for the new frame.
3394 if (jit::JitOptions.emitInterpreterEntryTrampoline) {
3395 if (MaybeEnterInterpreterTrampoline(cx, state)) {
3396 interpReturnOK = true;
3397 CHECK_BRANCH()do { if (!CheckForInterrupt(cx)) goto error; } while (0);
3398 REGS(activation.regs()).sp = args.spAfterCall();
3399 goto jit_return;
3400 }
3401 goto error;
3402 }
3403#endif
3404 }
3405
3406 funScript = fun->nonLazyScript();
3407
3408 if (!activation.pushInlineFrame(args, funScript, construct)) {
3409 goto error;
3410 }
3411 leaveRealmGuard.release(); // We leave the callee's realm when we
3412 // call popInlineFrame.
3413 }
3414
3415 SET_SCRIPT(REGS.fp()->script())do { script = ((activation.regs()).fp()->script()); do { static_assert
( mozilla::detail::AssertionConditionType<decltype(cx->
realm() == script->realm())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(cx->realm() == script->
realm()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("cx->realm() == script->realm()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3415); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->realm() == script->realm()"
")"); do { *((volatile int*)__null) = 3415; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); if (DebugAPI
::hasAnyBreakpointsOrStepMode(script) || script->hasScriptCounts
()) activation.enableInterruptsUnconditionally(); } while (0);
3416
3417 if (!REGS(activation.regs()).fp()->prologue(cx)) {
3418 goto prologue_error;
3419 }
3420
3421 if (!DebugAPI::onEnterFrame(cx, REGS(activation.regs()).fp())) {
3422 goto error;
3423 }
3424
3425 // Increment the coverage for the main entry point.
3426 INIT_COVERAGE()do { if (!script->hasScriptCounts()) { if (cx->realm()->
collectCoverageForDebug()) { if (!script->initScriptCounts
(cx)) goto error; } } } while (0);
3427 COUNT_COVERAGE_MAIN()do { jsbytecode* main = script->main(); if (!BytecodeIsJumpTarget
(JSOp(*main))) do { if (script->hasScriptCounts()) { PCCounts
* counts = script->maybeGetPCCounts(main); do { static_assert
( mozilla::detail::AssertionConditionType<decltype(counts)
>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(counts))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3427); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 3427; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0); } while (0);
3428
3429 /* Load first op and dispatch it (safe since JSOp::RetRval). */
3430 ADVANCE_AND_DISPATCH(0)do { (activation.regs()).pc += (0); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0);
3431 }
3432
3433 CASE(OptimizeSpreadCall)label_OptimizeSpreadCall: {
3434 ReservedRooted<Value> val(&rootValue0, REGS(activation.regs()).sp[-1]);
3435 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
3436
3437 if (!OptimizeSpreadCall(cx, val, rval)) {
3438 goto error;
3439 }
3440 }
3441 END_CASE(OptimizeSpreadCall)do { (activation.regs()).pc += (JSOpLength_OptimizeSpreadCall
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3442
3443 CASE(ThrowMsg)label_ThrowMsg: {
3444 MOZ_ALWAYS_FALSE(ThrowMsgOperation(cx, GET_UINT8(REGS.pc)))do { if ((__builtin_expect(!!(!(ThrowMsgOperation(cx, GET_UINT8
((activation.regs()).pc)))), 1))) { } else { do { do { } while
(false); MOZ_ReportCrash("" "!(ThrowMsgOperation(cx, GET_UINT8((activation.regs()).pc)))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3444); AnnotateMozCrashReason("MOZ_CRASH(" "!(ThrowMsgOperation(cx, GET_UINT8((activation.regs()).pc)))"
")"); do { *((volatile int*)__null) = 3444; __attribute__((nomerge
)) ::abort(); } while (false); } while (false); } } while (false
);
3445 goto error;
3446 }
3447 END_CASE(ThrowMsg)do { (activation.regs()).pc += (JSOpLength_ThrowMsg); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3448
3449 CASE(ImplicitThis)label_ImplicitThis: {
3450 Value thisv = ComputeImplicitThis(&REGS(activation.regs()).sp[-1].toObject());
3451 REGS(activation.regs()).sp[-1] = thisv;
3452 }
3453 END_CASE(ImplicitThis)do { (activation.regs()).pc += (JSOpLength_ImplicitThis); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3454
3455 CASE(GetGName)label_GetGName: {
3456 ReservedRooted<Value> rval(&rootValue0);
3457 ReservedRooted<JSObject*> env(&rootObject0,
3458 &cx->global()->lexicalEnvironment());
3459 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
3460 MOZ_ASSERT(!script->hasNonSyntacticScope())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!script->hasNonSyntacticScope())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!script->hasNonSyntacticScope
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!script->hasNonSyntacticScope()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3460); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!script->hasNonSyntacticScope()"
")"); do { *((volatile int*)__null) = 3460; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3461 if (!GetNameOperation(cx, env, name, JSOp(REGS(activation.regs()).pc[JSOpLength_GetGName]),
3462 &rval)) {
3463 goto error;
3464 }
3465
3466 PUSH_COPY(rval)do { *(activation.regs()).sp++ = (rval); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3467 }
3468 END_CASE(GetGName)do { (activation.regs()).pc += (JSOpLength_GetGName); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3469
3470 CASE(GetName)label_GetName: {
3471 ReservedRooted<Value> rval(&rootValue0);
3472 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
3473 if (!GetNameOperation(cx, REGS(activation.regs()).fp()->environmentChain(), name,
3474 JSOp(REGS(activation.regs()).pc[JSOpLength_GetName]), &rval)) {
3475 goto error;
3476 }
3477
3478 PUSH_COPY(rval)do { *(activation.regs()).sp++ = (rval); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3479 }
3480 END_CASE(GetName)do { (activation.regs()).pc += (JSOpLength_GetName); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3481
3482 CASE(GetImport)label_GetImport: {
3483 PUSH_NULL()(activation.regs()).sp++->setNull();
3484 MutableHandleValue rval = REGS(activation.regs()).stackHandleAt(-1);
3485 HandleObject envChain = REGS(activation.regs()).fp()->environmentChain();
3486 if (!GetImportOperation(cx, envChain, script, REGS(activation.regs()).pc, rval)) {
3487 goto error;
3488 }
3489 }
3490 END_CASE(GetImport)do { (activation.regs()).pc += (JSOpLength_GetImport); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3491
3492 CASE(GetIntrinsic)label_GetIntrinsic: {
3493 ReservedRooted<Value> rval(&rootValue0);
3494 if (!GetIntrinsicOperation(cx, script, REGS(activation.regs()).pc, &rval)) {
3495 goto error;
3496 }
3497
3498 PUSH_COPY(rval)do { *(activation.regs()).sp++ = (rval); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3499 }
3500 END_CASE(GetIntrinsic)do { (activation.regs()).pc += (JSOpLength_GetIntrinsic); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3501
3502 CASE(Uint16)label_Uint16: { PUSH_INT32((int32_t)GET_UINT16(REGS.pc))(activation.regs()).sp++->setInt32((int32_t)GET_UINT16((activation
.regs()).pc)); }
3503 END_CASE(Uint16)do { (activation.regs()).pc += (JSOpLength_Uint16); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3504
3505 CASE(Uint24)label_Uint24: { PUSH_INT32((int32_t)GET_UINT24(REGS.pc))(activation.regs()).sp++->setInt32((int32_t)GET_UINT24((activation
.regs()).pc)); }
3506 END_CASE(Uint24)do { (activation.regs()).pc += (JSOpLength_Uint24); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3507
3508 CASE(Int8)label_Int8: { PUSH_INT32(GET_INT8(REGS.pc))(activation.regs()).sp++->setInt32(GET_INT8((activation.regs
()).pc)); }
3509 END_CASE(Int8)do { (activation.regs()).pc += (JSOpLength_Int8); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3510
3511 CASE(Int32)label_Int32: { PUSH_INT32(GET_INT32(REGS.pc))(activation.regs()).sp++->setInt32(GET_INT32((activation.regs
()).pc)); }
3512 END_CASE(Int32)do { (activation.regs()).pc += (JSOpLength_Int32); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3513
3514 CASE(Double)label_Double: { PUSH_COPY(GET_INLINE_VALUE(REGS.pc))do { *(activation.regs()).sp++ = (GET_INLINE_VALUE((activation
.regs()).pc)); cx->debugOnlyCheck((activation.regs()).sp[-
1]); } while (0); }
3515 END_CASE(Double)do { (activation.regs()).pc += (JSOpLength_Double); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3516
3517 CASE(String)label_String: { PUSH_STRING(script->getString(REGS.pc))do { (activation.regs()).sp++->setString(script->getString
((activation.regs()).pc)); cx->debugOnlyCheck((activation.
regs()).sp[-1]); } while (0); }
3518 END_CASE(String)do { (activation.regs()).pc += (JSOpLength_String); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3519
3520 CASE(ToString)label_ToString: {
3521 MutableHandleValue oper = REGS(activation.regs()).stackHandleAt(-1);
3522
3523 if (!oper.isString()) {
3524 JSString* operString = ToString<CanGC>(cx, oper);
3525 if (!operString) {
3526 goto error;
3527 }
3528 oper.setString(operString);
3529 }
3530 }
3531 END_CASE(ToString)do { (activation.regs()).pc += (JSOpLength_ToString); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3532
3533 CASE(Symbol)label_Symbol: {
3534 PUSH_SYMBOL(cx->wellKnownSymbols().get(GET_UINT8(REGS.pc)))(activation.regs()).sp++->setSymbol(cx->wellKnownSymbols
().get(GET_UINT8((activation.regs()).pc)));
3535 }
3536 END_CASE(Symbol)do { (activation.regs()).pc += (JSOpLength_Symbol); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3537
3538 CASE(Object)label_Object: {
3539 MOZ_ASSERT(script->treatAsRunOnce())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(script->treatAsRunOnce())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(script->treatAsRunOnce())
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("script->treatAsRunOnce()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3539); AnnotateMozCrashReason("MOZ_ASSERT" "(" "script->treatAsRunOnce()"
")"); do { *((volatile int*)__null) = 3539; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3540 PUSH_OBJECT(*script->getObject(REGS.pc))do { (activation.regs()).sp++->setObject(*script->getObject
((activation.regs()).pc)); cx->debugOnlyCheck((activation.
regs()).sp[-1]); } while (0);
3541 }
3542 END_CASE(Object)do { (activation.regs()).pc += (JSOpLength_Object); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3543
3544 CASE(CallSiteObj)label_CallSiteObj: {
3545 JSObject* cso = script->getObject(REGS(activation.regs()).pc);
3546 MOZ_ASSERT(!cso->as<ArrayObject>().isExtensible())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!cso->as<ArrayObject>().isExtensible())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(!cso->as<ArrayObject>().isExtensible()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("!cso->as<ArrayObject>().isExtensible()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3546); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cso->as<ArrayObject>().isExtensible()"
")"); do { *((volatile int*)__null) = 3546; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3547 MOZ_ASSERT(cso->as<ArrayObject>().containsPure(cx->names().raw))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cso->as<ArrayObject>().containsPure(cx->
names().raw))>::isValid, "invalid assertion condition"); if
((__builtin_expect(!!(!(!!(cso->as<ArrayObject>().containsPure
(cx->names().raw)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("cso->as<ArrayObject>().containsPure(cx->names().raw)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3547); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cso->as<ArrayObject>().containsPure(cx->names().raw)"
")"); do { *((volatile int*)__null) = 3547; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3548 PUSH_OBJECT(*cso)do { (activation.regs()).sp++->setObject(*cso); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3549 }
3550 END_CASE(CallSiteObj)do { (activation.regs()).pc += (JSOpLength_CallSiteObj); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3551
3552 CASE(RegExp)label_RegExp: {
3553 /*
3554 * Push a regexp object cloned from the regexp literal object mapped by
3555 * the bytecode at pc.
3556 */
3557 ReservedRooted<JSObject*> re(&rootObject0, script->getRegExp(REGS(activation.regs()).pc));
3558 JSObject* obj = CloneRegExpObject(cx, re.as<RegExpObject>());
3559 if (!obj) {
3560 goto error;
3561 }
3562 PUSH_OBJECT(*obj)do { (activation.regs()).sp++->setObject(*obj); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3563 }
3564 END_CASE(RegExp)do { (activation.regs()).pc += (JSOpLength_RegExp); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3565
3566 CASE(Zero)label_Zero: { PUSH_INT32(0)(activation.regs()).sp++->setInt32(0); }
3567 END_CASE(Zero)do { (activation.regs()).pc += (JSOpLength_Zero); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3568
3569 CASE(One)label_One: { PUSH_INT32(1)(activation.regs()).sp++->setInt32(1); }
3570 END_CASE(One)do { (activation.regs()).pc += (JSOpLength_One); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3571
3572 CASE(Null)label_Null: { PUSH_NULL()(activation.regs()).sp++->setNull(); }
3573 END_CASE(Null)do { (activation.regs()).pc += (JSOpLength_Null); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3574
3575 CASE(False)label_False: { PUSH_BOOLEAN(false)(activation.regs()).sp++->setBoolean(false); }
3576 END_CASE(False)do { (activation.regs()).pc += (JSOpLength_False); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3577
3578 CASE(True)label_True: { PUSH_BOOLEAN(true)(activation.regs()).sp++->setBoolean(true); }
3579 END_CASE(True)do { (activation.regs()).pc += (JSOpLength_True); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3580
3581 CASE(TableSwitch)label_TableSwitch: {
3582 jsbytecode* pc2 = REGS(activation.regs()).pc;
3583 int32_t len = GET_JUMP_OFFSET(pc2);
3584
3585 /*
3586 * ECMAv2+ forbids conversion of discriminant, so we will skip to the
3587 * default case if the discriminant isn't already an int jsval. (This
3588 * opcode is emitted only for dense int-domain switches.)
3589 */
3590 const Value& rref = *--REGS(activation.regs()).sp;
3591 int32_t i;
3592 if (rref.isInt32()) {
3593 i = rref.toInt32();
3594 } else {
3595 /* Use mozilla::NumberEqualsInt32 to treat -0 (double) as 0. */
3596 if (!rref.isDouble() || !NumberEqualsInt32(rref.toDouble(), &i)) {
3597 ADVANCE_AND_DISPATCH(len)do { (activation.regs()).pc += (len); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0);
3598 }
3599 }
3600
3601 pc2 += JUMP_OFFSET_LEN;
3602 int32_t low = GET_JUMP_OFFSET(pc2);
3603 pc2 += JUMP_OFFSET_LEN;
3604 int32_t high = GET_JUMP_OFFSET(pc2);
3605
3606 i = uint32_t(i) - uint32_t(low);
3607 if (uint32_t(i) < uint32_t(high - low + 1)) {
3608 len = script->tableSwitchCaseOffset(REGS(activation.regs()).pc, uint32_t(i)) -
3609 script->pcToOffset(REGS(activation.regs()).pc);
3610 }
3611 ADVANCE_AND_DISPATCH(len)do { (activation.regs()).pc += (len); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0);
3612 }
3613
3614 CASE(Arguments)label_Arguments: {
3615 MOZ_ASSERT(script->needsArgsObj())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(script->needsArgsObj())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(script->needsArgsObj())))
, 0))) { do { } while (false); MOZ_ReportAssertionFailure("script->needsArgsObj()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3615); AnnotateMozCrashReason("MOZ_ASSERT" "(" "script->needsArgsObj()"
")"); do { *((volatile int*)__null) = 3615; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3616 ArgumentsObject* obj = ArgumentsObject::createExpected(cx, REGS(activation.regs()).fp());
3617 if (!obj) {
3618 goto error;
3619 }
3620 PUSH_COPY(ObjectValue(*obj))do { *(activation.regs()).sp++ = (ObjectValue(*obj)); cx->
debugOnlyCheck((activation.regs()).sp[-1]); } while (0);
3621 }
3622 END_CASE(Arguments)do { (activation.regs()).pc += (JSOpLength_Arguments); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3623
3624 CASE(Rest)label_Rest: {
3625 ReservedRooted<JSObject*> rest(&rootObject0,
3626 REGS(activation.regs()).fp()->createRestParameter(cx));
3627 if (!rest) {
3628 goto error;
3629 }
3630 PUSH_COPY(ObjectValue(*rest))do { *(activation.regs()).sp++ = (ObjectValue(*rest)); cx->
debugOnlyCheck((activation.regs()).sp[-1]); } while (0);
3631 }
3632 END_CASE(Rest)do { (activation.regs()).pc += (JSOpLength_Rest); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3633
3634 CASE(GetAliasedVar)label_GetAliasedVar: {
3635 EnvironmentCoordinate ec = EnvironmentCoordinate(REGS(activation.regs()).pc);
3636 ReservedRooted<Value> val(
3637 &rootValue0, REGS(activation.regs()).fp()->aliasedEnvironment(ec).aliasedBinding(ec));
3638
3639 ASSERT_UNINITIALIZED_ALIASED_LEXICAL(val)do { if (IsUninitializedLexical(val)) { JSOp next = JSOp(*GetNextPc
((activation.regs()).pc)); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(next == JSOp::CheckThis ||
next == JSOp::CheckReturn || next == JSOp::CheckThisReinit ||
next == JSOp::CheckAliasedLexical)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(next == JSOp::CheckThis || next
== JSOp::CheckReturn || next == JSOp::CheckThisReinit || next
== JSOp::CheckAliasedLexical))), 0))) { do { } while (false)
; MOZ_ReportAssertionFailure("next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3639); AnnotateMozCrashReason("MOZ_ASSERT" "(" "next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
")"); do { *((volatile int*)__null) = 3639; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
0);
3640
3641 PUSH_COPY(val)do { *(activation.regs()).sp++ = (val); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3642 }
3643 END_CASE(GetAliasedVar)do { (activation.regs()).pc += (JSOpLength_GetAliasedVar); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3644
3645 CASE(GetAliasedDebugVar)label_GetAliasedDebugVar: {
3646 EnvironmentCoordinate ec = EnvironmentCoordinate(REGS(activation.regs()).pc);
3647 ReservedRooted<Value> val(
3648 &rootValue0,
3649 REGS(activation.regs()).fp()->aliasedEnvironmentMaybeDebug(ec).aliasedBinding(ec));
3650
3651 ASSERT_UNINITIALIZED_ALIASED_LEXICAL(val)do { if (IsUninitializedLexical(val)) { JSOp next = JSOp(*GetNextPc
((activation.regs()).pc)); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(next == JSOp::CheckThis ||
next == JSOp::CheckReturn || next == JSOp::CheckThisReinit ||
next == JSOp::CheckAliasedLexical)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(next == JSOp::CheckThis || next
== JSOp::CheckReturn || next == JSOp::CheckThisReinit || next
== JSOp::CheckAliasedLexical))), 0))) { do { } while (false)
; MOZ_ReportAssertionFailure("next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3651); AnnotateMozCrashReason("MOZ_ASSERT" "(" "next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckAliasedLexical"
")"); do { *((volatile int*)__null) = 3651; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
0);
3652
3653 PUSH_COPY(val)do { *(activation.regs()).sp++ = (val); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3654 }
3655 END_CASE(GetAliasedVar)do { (activation.regs()).pc += (JSOpLength_GetAliasedVar); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3656
3657 CASE(SetAliasedVar)label_SetAliasedVar: {
3658 EnvironmentCoordinate ec = EnvironmentCoordinate(REGS(activation.regs()).pc);
3659 EnvironmentObject& obj = REGS(activation.regs()).fp()->aliasedEnvironment(ec);
3660 MOZ_ASSERT(!IsUninitializedLexical(obj.aliasedBinding(ec)))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!IsUninitializedLexical(obj.aliasedBinding(ec)))>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(!IsUninitializedLexical(obj.aliasedBinding(ec))))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("!IsUninitializedLexical(obj.aliasedBinding(ec))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3660); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!IsUninitializedLexical(obj.aliasedBinding(ec))"
")"); do { *((volatile int*)__null) = 3660; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3661 obj.setAliasedBinding(ec, REGS(activation.regs()).sp[-1]);
3662 }
3663 END_CASE(SetAliasedVar)do { (activation.regs()).pc += (JSOpLength_SetAliasedVar); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3664
3665 CASE(ThrowSetConst)label_ThrowSetConst: {
3666 ReportRuntimeLexicalError(cx, JSMSG_BAD_CONST_ASSIGN, script, REGS(activation.regs()).pc);
3667 goto error;
3668 }
3669 END_CASE(ThrowSetConst)do { (activation.regs()).pc += (JSOpLength_ThrowSetConst); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3670
3671 CASE(CheckLexical)label_CheckLexical: {
3672 if (REGS(activation.regs()).sp[-1].isMagic(JS_UNINITIALIZED_LEXICAL)) {
3673 ReportRuntimeLexicalError(cx, JSMSG_UNINITIALIZED_LEXICAL, script,
3674 REGS(activation.regs()).pc);
3675 goto error;
3676 }
3677 }
3678 END_CASE(CheckLexical)do { (activation.regs()).pc += (JSOpLength_CheckLexical); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3679
3680 CASE(CheckAliasedLexical)label_CheckAliasedLexical: {
3681 if (REGS(activation.regs()).sp[-1].isMagic(JS_UNINITIALIZED_LEXICAL)) {
3682 ReportRuntimeLexicalError(cx, JSMSG_UNINITIALIZED_LEXICAL, script,
3683 REGS(activation.regs()).pc);
3684 goto error;
3685 }
3686 }
3687 END_CASE(CheckAliasedLexical)do { (activation.regs()).pc += (JSOpLength_CheckAliasedLexical
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3688
3689 CASE(InitLexical)label_InitLexical: {
3690 uint32_t i = GET_LOCALNO(REGS(activation.regs()).pc);
3691 REGS(activation.regs()).fp()->unaliasedLocal(i) = REGS(activation.regs()).sp[-1];
3692 }
3693 END_CASE(InitLexical)do { (activation.regs()).pc += (JSOpLength_InitLexical); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3694
3695 CASE(InitAliasedLexical)label_InitAliasedLexical: {
3696 EnvironmentCoordinate ec = EnvironmentCoordinate(REGS(activation.regs()).pc);
3697 EnvironmentObject& obj = REGS(activation.regs()).fp()->aliasedEnvironment(ec);
3698 obj.setAliasedBinding(ec, REGS(activation.regs()).sp[-1]);
3699 }
3700 END_CASE(InitAliasedLexical)do { (activation.regs()).pc += (JSOpLength_InitAliasedLexical
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3701
3702 CASE(InitGLexical)label_InitGLexical: {
3703 ExtensibleLexicalEnvironmentObject* lexicalEnv;
3704 if (script->hasNonSyntacticScope()) {
3705 lexicalEnv = &REGS(activation.regs()).fp()->extensibleLexicalEnvironment();
3706 } else {
3707 lexicalEnv = &cx->global()->lexicalEnvironment();
3708 }
3709 HandleValue value = REGS(activation.regs()).stackHandleAt(-1);
3710 InitGlobalLexicalOperation(cx, lexicalEnv, script, REGS(activation.regs()).pc, value);
3711 }
3712 END_CASE(InitGLexical)do { (activation.regs()).pc += (JSOpLength_InitGLexical); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3713
3714 CASE(Uninitialized)label_Uninitialized: { PUSH_MAGIC(JS_UNINITIALIZED_LEXICAL)(activation.regs()).sp++->setMagic(JS_UNINITIALIZED_LEXICAL
); }
3715 END_CASE(Uninitialized)do { (activation.regs()).pc += (JSOpLength_Uninitialized); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3716
3717 CASE(GetArg)label_GetArg: {
3718 unsigned i = GET_ARGNO(REGS(activation.regs()).pc);
3719 if (script->argsObjAliasesFormals()) {
3720 PUSH_COPY(REGS.fp()->argsObj().arg(i))do { *(activation.regs()).sp++ = ((activation.regs()).fp()->
argsObj().arg(i)); cx->debugOnlyCheck((activation.regs()).
sp[-1]); } while (0);
3721 } else {
3722 PUSH_COPY(REGS.fp()->unaliasedFormal(i))do { *(activation.regs()).sp++ = ((activation.regs()).fp()->
unaliasedFormal(i)); cx->debugOnlyCheck((activation.regs()
).sp[-1]); } while (0);
3723 }
3724 }
3725 END_CASE(GetArg)do { (activation.regs()).pc += (JSOpLength_GetArg); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3726
3727 CASE(GetFrameArg)label_GetFrameArg: {
3728 uint32_t i = GET_ARGNO(REGS(activation.regs()).pc);
3729 PUSH_COPY(REGS.fp()->unaliasedFormal(i, DONT_CHECK_ALIASING))do { *(activation.regs()).sp++ = ((activation.regs()).fp()->
unaliasedFormal(i, DONT_CHECK_ALIASING)); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3730 }
3731 END_CASE(GetFrameArg)do { (activation.regs()).pc += (JSOpLength_GetFrameArg); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3732
3733 CASE(SetArg)label_SetArg: {
3734 unsigned i = GET_ARGNO(REGS(activation.regs()).pc);
3735 if (script->argsObjAliasesFormals()) {
3736 REGS(activation.regs()).fp()->argsObj().setArg(i, REGS(activation.regs()).sp[-1]);
3737 } else {
3738 REGS(activation.regs()).fp()->unaliasedFormal(i) = REGS(activation.regs()).sp[-1];
3739 }
3740 }
3741 END_CASE(SetArg)do { (activation.regs()).pc += (JSOpLength_SetArg); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3742
3743 CASE(GetLocal)label_GetLocal: {
3744 uint32_t i = GET_LOCALNO(REGS(activation.regs()).pc);
3745 PUSH_COPY_SKIP_CHECK(REGS.fp()->unaliasedLocal(i))*(activation.regs()).sp++ = ((activation.regs()).fp()->unaliasedLocal
(i));
3746
3747#ifdef DEBUG1
3748 if (IsUninitializedLexical(REGS(activation.regs()).sp[-1])) {
3749 JSOp next = JSOp(*GetNextPc(REGS(activation.regs()).pc));
3750 MOZ_ASSERT(next == JSOp::CheckThis || next == JSOp::CheckReturn ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckLexical
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckLexical
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckLexical"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3751); AnnotateMozCrashReason("MOZ_ASSERT" "(" "next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckLexical"
")"); do { *((volatile int*)__null) = 3751; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
3751 next == JSOp::CheckThisReinit || next == JSOp::CheckLexical)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckLexical
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(next == JSOp::CheckThis || next == JSOp::CheckReturn
|| next == JSOp::CheckThisReinit || next == JSOp::CheckLexical
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckLexical"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3751); AnnotateMozCrashReason("MOZ_ASSERT" "(" "next == JSOp::CheckThis || next == JSOp::CheckReturn || next == JSOp::CheckThisReinit || next == JSOp::CheckLexical"
")"); do { *((volatile int*)__null) = 3751; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3752 }
3753
3754 /*
3755 * Skip the same-compartment assertion if the local will be immediately
3756 * popped. We do not guarantee sync for dead locals when coming in from
3757 * the method JIT, and a GetLocal followed by Pop is not considered to
3758 * be a use of the variable.
3759 */
3760 if (JSOp(REGS(activation.regs()).pc[JSOpLength_GetLocal]) != JSOp::Pop) {
3761 cx->debugOnlyCheck(REGS(activation.regs()).sp[-1]);
3762 }
3763#endif
3764 }
3765 END_CASE(GetLocal)do { (activation.regs()).pc += (JSOpLength_GetLocal); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3766
3767 CASE(SetLocal)label_SetLocal: {
3768 uint32_t i = GET_LOCALNO(REGS(activation.regs()).pc);
3769
3770 MOZ_ASSERT(!IsUninitializedLexical(REGS.fp()->unaliasedLocal(i)))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!IsUninitializedLexical((activation.regs()).fp()->
unaliasedLocal(i)))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!IsUninitializedLexical((activation
.regs()).fp()->unaliasedLocal(i))))), 0))) { do { } while (
false); MOZ_ReportAssertionFailure("!IsUninitializedLexical((activation.regs()).fp()->unaliasedLocal(i))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3770); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!IsUninitializedLexical((activation.regs()).fp()->unaliasedLocal(i))"
")"); do { *((volatile int*)__null) = 3770; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3771
3772 REGS(activation.regs()).fp()->unaliasedLocal(i) = REGS(activation.regs()).sp[-1];
3773 }
3774 END_CASE(SetLocal)do { (activation.regs()).pc += (JSOpLength_SetLocal); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3775
3776 CASE(ArgumentsLength)label_ArgumentsLength: {
3777 MOZ_ASSERT(!script->needsArgsObj())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!script->needsArgsObj())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!script->needsArgsObj()))
), 0))) { do { } while (false); MOZ_ReportAssertionFailure("!script->needsArgsObj()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3777); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!script->needsArgsObj()"
")"); do { *((volatile int*)__null) = 3777; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3778 PUSH_INT32(REGS.fp()->numActualArgs())(activation.regs()).sp++->setInt32((activation.regs()).fp(
)->numActualArgs());
3779 }
3780 END_CASE(ArgumentsLength)do { (activation.regs()).pc += (JSOpLength_ArgumentsLength); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3781
3782 CASE(GetActualArg)label_GetActualArg: {
3783 MOZ_ASSERT(!script->needsArgsObj())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!script->needsArgsObj())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!script->needsArgsObj()))
), 0))) { do { } while (false); MOZ_ReportAssertionFailure("!script->needsArgsObj()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3783); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!script->needsArgsObj()"
")"); do { *((volatile int*)__null) = 3783; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3784 uint32_t index = REGS(activation.regs()).sp[-1].toInt32();
3785 REGS(activation.regs()).sp[-1] = REGS(activation.regs()).fp()->unaliasedActual(index);
3786 }
3787 END_CASE(GetActualArg)do { (activation.regs()).pc += (JSOpLength_GetActualArg); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3788
3789 CASE(GlobalOrEvalDeclInstantiation)label_GlobalOrEvalDeclInstantiation: {
3790 GCThingIndex lastFun = GET_GCTHING_INDEX(REGS(activation.regs()).pc);
3791 HandleObject env = REGS(activation.regs()).fp()->environmentChain();
3792 if (!GlobalOrEvalDeclInstantiation(cx, env, script, lastFun)) {
3793 goto error;
3794 }
3795 }
3796 END_CASE(GlobalOrEvalDeclInstantiation)do { (activation.regs()).pc += (JSOpLength_GlobalOrEvalDeclInstantiation
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3797
3798 CASE(Lambda)label_Lambda: {
3799 /* Load the specified function object literal. */
3800 ReservedRooted<JSFunction*> fun(&rootFunction0,
3801 script->getFunction(REGS(activation.regs()).pc));
3802 JSObject* obj = Lambda(cx, fun, REGS(activation.regs()).fp()->environmentChain());
3803 if (!obj) {
3804 goto error;
3805 }
3806
3807 MOZ_ASSERT(obj->staticPrototype())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(obj->staticPrototype())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(obj->staticPrototype())))
, 0))) { do { } while (false); MOZ_ReportAssertionFailure("obj->staticPrototype()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3807); AnnotateMozCrashReason("MOZ_ASSERT" "(" "obj->staticPrototype()"
")"); do { *((volatile int*)__null) = 3807; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3808 PUSH_OBJECT(*obj)do { (activation.regs()).sp++->setObject(*obj); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3809 }
3810 END_CASE(Lambda)do { (activation.regs()).pc += (JSOpLength_Lambda); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3811
3812 CASE(ToAsyncIter)label_ToAsyncIter: {
3813 ReservedRooted<Value> nextMethod(&rootValue0, REGS(activation.regs()).sp[-1]);
3814 ReservedRooted<JSObject*> iter(&rootObject1, &REGS(activation.regs()).sp[-2].toObject());
3815 JSObject* asyncIter = CreateAsyncFromSyncIterator(cx, iter, nextMethod);
3816 if (!asyncIter) {
3817 goto error;
3818 }
3819
3820 REGS(activation.regs()).sp--;
3821 REGS(activation.regs()).sp[-1].setObject(*asyncIter);
3822 }
3823 END_CASE(ToAsyncIter)do { (activation.regs()).pc += (JSOpLength_ToAsyncIter); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3824
3825 CASE(CanSkipAwait)label_CanSkipAwait: {
3826 ReservedRooted<Value> val(&rootValue0, REGS(activation.regs()).sp[-1]);
3827 bool canSkip;
3828 if (!CanSkipAwait(cx, val, &canSkip)) {
3829 goto error;
3830 }
3831
3832 PUSH_BOOLEAN(canSkip)(activation.regs()).sp++->setBoolean(canSkip);
3833 }
3834 END_CASE(CanSkipAwait)do { (activation.regs()).pc += (JSOpLength_CanSkipAwait); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3835
3836 CASE(MaybeExtractAwaitValue)label_MaybeExtractAwaitValue: {
3837 MutableHandleValue val = REGS(activation.regs()).stackHandleAt(-2);
3838 ReservedRooted<Value> canSkip(&rootValue0, REGS(activation.regs()).sp[-1]);
3839
3840 if (canSkip.toBoolean()) {
3841 if (!ExtractAwaitValue(cx, val, val)) {
3842 goto error;
3843 }
3844 }
3845 }
3846 END_CASE(MaybeExtractAwaitValue)do { (activation.regs()).pc += (JSOpLength_MaybeExtractAwaitValue
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3847
3848 CASE(AsyncAwait)label_AsyncAwait: {
3849 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3849); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 3849; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3850 ReservedRooted<JSObject*> gen(&rootObject1, &REGS(activation.regs()).sp[-1].toObject());
3851 ReservedRooted<Value> value(&rootValue0, REGS(activation.regs()).sp[-2]);
3852 JSObject* promise =
3853 AsyncFunctionAwait(cx, gen.as<AsyncFunctionGeneratorObject>(), value);
3854 if (!promise) {
3855 goto error;
3856 }
3857
3858 REGS(activation.regs()).sp--;
3859 REGS(activation.regs()).sp[-1].setObject(*promise);
3860 }
3861 END_CASE(AsyncAwait)do { (activation.regs()).pc += (JSOpLength_AsyncAwait); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3862
3863 CASE(AsyncResolve)label_AsyncResolve: {
3864 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3864); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 3864; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3865 ReservedRooted<JSObject*> gen(&rootObject1, &REGS(activation.regs()).sp[-1].toObject());
3866 ReservedRooted<Value> value(&rootValue0, REGS(activation.regs()).sp[-2]);
3867 JSObject* promise = AsyncFunctionResolve(
3868 cx, gen.as<AsyncFunctionGeneratorObject>(), value);
3869 if (!promise) {
3870 goto error;
3871 }
3872
3873 REGS(activation.regs()).sp--;
3874 REGS(activation.regs()).sp[-1].setObject(*promise);
3875 }
3876 END_CASE(AsyncResolve)do { (activation.regs()).pc += (JSOpLength_AsyncResolve); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3877
3878 CASE(AsyncReject)label_AsyncReject: {
3879 MOZ_ASSERT(REGS.stackDepth() >= 3)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 3)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 3))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 3"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3879); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 3"
")"); do { *((volatile int*)__null) = 3879; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3880 ReservedRooted<JSObject*> gen(&rootObject1, &REGS(activation.regs()).sp[-1].toObject());
3881 ReservedRooted<Value> stack(&rootValue0, REGS(activation.regs()).sp[-2]);
3882 ReservedRooted<Value> reason(&rootValue1, REGS(activation.regs()).sp[-3]);
3883 JSObject* promise = AsyncFunctionReject(
3884 cx, gen.as<AsyncFunctionGeneratorObject>(), reason, stack);
3885 if (!promise) {
3886 goto error;
3887 }
3888
3889 REGS(activation.regs()).sp -= 2;
3890 REGS(activation.regs()).sp[-1].setObject(*promise);
3891 }
3892 END_CASE(AsyncReject)do { (activation.regs()).pc += (JSOpLength_AsyncReject); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3893
3894 CASE(SetFunName)label_SetFunName: {
3895 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3895); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 3895; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3896 FunctionPrefixKind prefixKind = FunctionPrefixKind(GET_UINT8(REGS(activation.regs()).pc));
3897 ReservedRooted<Value> name(&rootValue0, REGS(activation.regs()).sp[-1]);
3898 ReservedRooted<JSFunction*> fun(&rootFunction0,
3899 &REGS(activation.regs()).sp[-2].toObject().as<JSFunction>());
3900 if (!SetFunctionName(cx, fun, name, prefixKind)) {
3901 goto error;
3902 }
3903
3904 REGS(activation.regs()).sp--;
3905 }
3906 END_CASE(SetFunName)do { (activation.regs()).pc += (JSOpLength_SetFunName); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3907
3908 CASE(Callee)label_Callee: {
3909 MOZ_ASSERT(REGS.fp()->isFunctionFrame())do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).fp()->isFunctionFrame())>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isFunctionFrame()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isFunctionFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3909); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isFunctionFrame()"
")"); do { *((volatile int*)__null) = 3909; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3910 PUSH_COPY(REGS.fp()->calleev())do { *(activation.regs()).sp++ = ((activation.regs()).fp()->
calleev()); cx->debugOnlyCheck((activation.regs()).sp[-1])
; } while (0);
3911 }
3912 END_CASE(Callee)do { (activation.regs()).pc += (JSOpLength_Callee); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3913
3914 CASE(InitPropGetter)label_InitPropGetter:
3915 CASE(InitHiddenPropGetter)label_InitHiddenPropGetter:
3916 CASE(InitPropSetter)label_InitPropSetter:
3917 CASE(InitHiddenPropSetter)label_InitHiddenPropSetter: {
3918 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3918); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 3918; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3919
3920 ReservedRooted<JSObject*> obj(&rootObject0, &REGS(activation.regs()).sp[-2].toObject());
3921 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
3922 ReservedRooted<JSObject*> val(&rootObject1, &REGS(activation.regs()).sp[-1].toObject());
3923
3924 if (!InitPropGetterSetterOperation(cx, REGS(activation.regs()).pc, obj, name, val)) {
3925 goto error;
3926 }
3927
3928 REGS(activation.regs()).sp--;
3929 }
3930 END_CASE(InitPropGetter)do { (activation.regs()).pc += (JSOpLength_InitPropGetter); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3931
3932 CASE(InitElemGetter)label_InitElemGetter:
3933 CASE(InitHiddenElemGetter)label_InitHiddenElemGetter:
3934 CASE(InitElemSetter)label_InitElemSetter:
3935 CASE(InitHiddenElemSetter)label_InitHiddenElemSetter: {
3936 MOZ_ASSERT(REGS.stackDepth() >= 3)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 3)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 3))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 3"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3936); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 3"
")"); do { *((volatile int*)__null) = 3936; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3937
3938 ReservedRooted<JSObject*> obj(&rootObject0, &REGS(activation.regs()).sp[-3].toObject());
3939 ReservedRooted<Value> idval(&rootValue0, REGS(activation.regs()).sp[-2]);
3940 ReservedRooted<JSObject*> val(&rootObject1, &REGS(activation.regs()).sp[-1].toObject());
3941
3942 if (!InitElemGetterSetterOperation(cx, REGS(activation.regs()).pc, obj, idval, val)) {
3943 goto error;
3944 }
3945
3946 REGS(activation.regs()).sp -= 2;
3947 }
3948 END_CASE(InitElemGetter)do { (activation.regs()).pc += (JSOpLength_InitElemGetter); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3949
3950 CASE(Hole)label_Hole: { PUSH_MAGIC(JS_ELEMENTS_HOLE)(activation.regs()).sp++->setMagic(JS_ELEMENTS_HOLE); }
3951 END_CASE(Hole)do { (activation.regs()).pc += (JSOpLength_Hole); do { js::gc
::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
3952
3953 CASE(NewInit)label_NewInit: {
3954 JSObject* obj = NewObjectOperation(cx, script, REGS(activation.regs()).pc);
3955
3956 if (!obj) {
3957 goto error;
3958 }
3959 PUSH_OBJECT(*obj)do { (activation.regs()).sp++->setObject(*obj); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3960 }
3961 END_CASE(NewInit)do { (activation.regs()).pc += (JSOpLength_NewInit); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
3962
3963 CASE(NewArray)label_NewArray: {
3964 uint32_t length = GET_UINT32(REGS(activation.regs()).pc);
3965 ArrayObject* obj = NewArrayOperation(cx, length);
3966 if (!obj) {
3967 goto error;
3968 }
3969 PUSH_OBJECT(*obj)do { (activation.regs()).sp++->setObject(*obj); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3970 }
3971 END_CASE(NewArray)do { (activation.regs()).pc += (JSOpLength_NewArray); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3972
3973 CASE(NewObject)label_NewObject: {
3974 JSObject* obj = NewObjectOperation(cx, script, REGS(activation.regs()).pc);
3975 if (!obj) {
3976 goto error;
3977 }
3978 PUSH_OBJECT(*obj)do { (activation.regs()).sp++->setObject(*obj); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
3979 }
3980 END_CASE(NewObject)do { (activation.regs()).pc += (JSOpLength_NewObject); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
3981
3982 CASE(MutateProto)label_MutateProto: {
3983 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3983); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 3983; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3984
3985 if (REGS(activation.regs()).sp[-1].isObjectOrNull()) {
3986 ReservedRooted<JSObject*> newProto(&rootObject1,
3987 REGS(activation.regs()).sp[-1].toObjectOrNull());
3988 ReservedRooted<JSObject*> obj(&rootObject0, &REGS(activation.regs()).sp[-2].toObject());
3989 MOZ_ASSERT(obj->is<PlainObject>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(obj->is<PlainObject>())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(obj->is<PlainObject>
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("obj->is<PlainObject>()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 3989); AnnotateMozCrashReason("MOZ_ASSERT" "(" "obj->is<PlainObject>()"
")"); do { *((volatile int*)__null) = 3989; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
3990
3991 if (!SetPrototype(cx, obj, newProto)) {
3992 goto error;
3993 }
3994 }
3995
3996 REGS(activation.regs()).sp--;
3997 }
3998 END_CASE(MutateProto)do { (activation.regs()).pc += (JSOpLength_MutateProto); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
3999
4000 CASE(InitProp)label_InitProp:
4001 CASE(InitLockedProp)label_InitLockedProp:
4002 CASE(InitHiddenProp)label_InitHiddenProp: {
4003 static_assert(JSOpLength_InitProp == JSOpLength_InitLockedProp,
4004 "initprop and initlockedprop must be the same size");
4005 static_assert(JSOpLength_InitProp == JSOpLength_InitHiddenProp,
4006 "initprop and inithiddenprop must be the same size");
4007 /* Load the property's initial value into rval. */
4008 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4008); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 4008; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4009 ReservedRooted<Value> rval(&rootValue0, REGS(activation.regs()).sp[-1]);
4010
4011 /* Load the object being initialized into lval/obj. */
4012 ReservedRooted<JSObject*> obj(&rootObject0, &REGS(activation.regs()).sp[-2].toObject());
4013
4014 ReservedRooted<PropertyName*> name(&rootName0, script->getName(REGS(activation.regs()).pc));
4015
4016 if (!InitPropertyOperation(cx, REGS(activation.regs()).pc, obj, name, rval)) {
4017 goto error;
4018 }
4019
4020 REGS(activation.regs()).sp--;
4021 }
4022 END_CASE(InitProp)do { (activation.regs()).pc += (JSOpLength_InitProp); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4023
4024 CASE(InitElem)label_InitElem:
4025 CASE(InitHiddenElem)label_InitHiddenElem:
4026 CASE(InitLockedElem)label_InitLockedElem: {
4027 MOZ_ASSERT(REGS.stackDepth() >= 3)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 3)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 3))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 3"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4027); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 3"
")"); do { *((volatile int*)__null) = 4027; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4028 HandleValue val = REGS(activation.regs()).stackHandleAt(-1);
4029 HandleValue id = REGS(activation.regs()).stackHandleAt(-2);
4030
4031 ReservedRooted<JSObject*> obj(&rootObject0, &REGS(activation.regs()).sp[-3].toObject());
4032
4033 if (!InitElemOperation(cx, REGS(activation.regs()).pc, obj, id, val)) {
4034 goto error;
4035 }
4036
4037 REGS(activation.regs()).sp -= 2;
4038 }
4039 END_CASE(InitElem)do { (activation.regs()).pc += (JSOpLength_InitElem); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4040
4041 CASE(InitElemArray)label_InitElemArray: {
4042 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4042); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 4042; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4043 HandleValue val = REGS(activation.regs()).stackHandleAt(-1);
4044 ReservedRooted<JSObject*> obj(&rootObject0, &REGS(activation.regs()).sp[-2].toObject());
4045
4046 InitElemArrayOperation(cx, REGS(activation.regs()).pc, obj.as<ArrayObject>(), val);
4047 REGS(activation.regs()).sp--;
4048 }
4049 END_CASE(InitElemArray)do { (activation.regs()).pc += (JSOpLength_InitElemArray); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4050
4051 CASE(InitElemInc)label_InitElemInc: {
4052 MOZ_ASSERT(REGS.stackDepth() >= 3)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 3)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 3))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 3"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4052); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 3"
")"); do { *((volatile int*)__null) = 4052; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4053 HandleValue val = REGS(activation.regs()).stackHandleAt(-1);
4054
4055 ReservedRooted<JSObject*> obj(&rootObject0, &REGS(activation.regs()).sp[-3].toObject());
4056
4057 uint32_t index = REGS(activation.regs()).sp[-2].toInt32();
4058 if (!InitElemIncOperation(cx, obj.as<ArrayObject>(), index, val)) {
4059 goto error;
4060 }
4061
4062 REGS(activation.regs()).sp[-2].setInt32(index + 1);
4063 REGS(activation.regs()).sp--;
4064 }
4065 END_CASE(InitElemInc)do { (activation.regs()).pc += (JSOpLength_InitElemInc); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4066
4067#ifdef ENABLE_RECORD_TUPLE
4068 CASE(InitRecord)label_InitRecord: {
4069 uint32_t length = GET_UINT32(REGS(activation.regs()).pc);
4070 RecordType* rec = RecordType::createUninitialized(cx, length);
4071 if (!rec) {
4072 goto error;
4073 }
4074 PUSH_EXTENDED_PRIMITIVE(*rec);
4075 }
4076 END_CASE(InitRecord)do { (activation.regs()).pc += (JSOpLength_InitRecord); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4077
4078 CASE(AddRecordProperty)label_AddRecordProperty: {
4079 MOZ_ASSERT(REGS.stackDepth() >= 3)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 3)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 3))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 3"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4079); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 3"
")"); do { *((volatile int*)__null) = 4079; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4080
4081 ReservedRooted<JSObject*> rec(&rootObject0,
4082 &REGS(activation.regs()).sp[-3].toExtendedPrimitive());
4083 MOZ_ASSERT(rec->is<RecordType>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(rec->is<RecordType>())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(rec->is<RecordType>
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("rec->is<RecordType>()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4083); AnnotateMozCrashReason("MOZ_ASSERT" "(" "rec->is<RecordType>()"
")"); do { *((volatile int*)__null) = 4083; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4084
4085 ReservedRooted<Value> key(&rootValue0, REGS(activation.regs()).sp[-2]);
4086 ReservedRooted<jsid> id(&rootId0);
4087 if (!JS_ValueToId(cx, key, &id)) {
4088 goto error;
4089 }
4090 if (!rec->as<RecordType>().initializeNextProperty(
4091 cx, id, REGS(activation.regs()).stackHandleAt(-1))) {
4092 goto error;
4093 }
4094
4095 REGS(activation.regs()).sp -= 2;
4096 }
4097 END_CASE(AddRecordProperty)do { (activation.regs()).pc += (JSOpLength_AddRecordProperty)
; do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4098
4099 CASE(AddRecordSpread)label_AddRecordSpread: {
4100 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4100); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 4100; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4101
4102 if (!AddRecordSpreadOperation(cx, REGS(activation.regs()).stackHandleAt(-2),
4103 REGS(activation.regs()).stackHandleAt(-1))) {
4104 goto error;
4105 }
4106 REGS(activation.regs()).sp--;
4107 }
4108 END_CASE(AddRecordSpread)do { (activation.regs()).pc += (JSOpLength_AddRecordSpread); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4109
4110 CASE(FinishRecord)label_FinishRecord: {
4111 MOZ_ASSERT(REGS.stackDepth() >= 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 1)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 1))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4111); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 1"
")"); do { *((volatile int*)__null) = 4111; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4112 RecordType* rec = &REGS(activation.regs()).sp[-1].toExtendedPrimitive().as<RecordType>();
4113 if (!rec->finishInitialization(cx)) {
4114 goto error;
4115 }
4116 }
4117 END_CASE(FinishRecord)do { (activation.regs()).pc += (JSOpLength_FinishRecord); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4118
4119 CASE(InitTuple)label_InitTuple: {
4120 uint32_t length = GET_UINT32(REGS(activation.regs()).pc);
4121 TupleType* tup = TupleType::createUninitialized(cx, length);
4122 if (!tup) {
4123 goto error;
4124 }
4125 PUSH_EXTENDED_PRIMITIVE(*tup);
4126 }
4127 END_CASE(InitTuple)do { (activation.regs()).pc += (JSOpLength_InitTuple); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4128
4129 CASE(AddTupleElement)label_AddTupleElement: {
4130 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4130); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 4130; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4131
4132 ReservedRooted<JSObject*> tup(&rootObject0,
4133 &REGS(activation.regs()).sp[-2].toExtendedPrimitive());
4134 HandleValue val = REGS(activation.regs()).stackHandleAt(-1);
4135
4136 if (!tup->as<TupleType>().initializeNextElement(cx, val)) {
4137 goto error;
4138 }
4139
4140 REGS(activation.regs()).sp--;
4141 }
4142 END_CASE(AddTupleElement)do { (activation.regs()).pc += (JSOpLength_AddTupleElement); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4143
4144 CASE(FinishTuple)label_FinishTuple: {
4145 MOZ_ASSERT(REGS.stackDepth() >= 1)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 1)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 1))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 1"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4145); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 1"
")"); do { *((volatile int*)__null) = 4145; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4146 TupleType& tup = REGS(activation.regs()).sp[-1].toExtendedPrimitive().as<TupleType>();
4147 tup.finishInitialization(cx);
4148 }
4149 END_CASE(FinishTuple)do { (activation.regs()).pc += (JSOpLength_FinishTuple); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4150#endif
4151
4152 CASE(Exception)label_Exception: {
4153 PUSH_NULL()(activation.regs()).sp++->setNull();
4154 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-1);
4155 if (!GetAndClearException(cx, res)) {
4156 goto error;
4157 }
4158 }
4159 END_CASE(Exception)do { (activation.regs()).pc += (JSOpLength_Exception); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4160
4161 CASE(ExceptionAndStack)label_ExceptionAndStack: {
4162 ReservedRooted<Value> stack(&rootValue0);
4163 if (!cx->getPendingExceptionStack(&stack)) {
4164 goto error;
4165 }
4166 PUSH_NULL()(activation.regs()).sp++->setNull();
4167 MutableHandleValue res = REGS(activation.regs()).stackHandleAt(-1);
4168 if (!GetAndClearException(cx, res)) {
4169 goto error;
4170 }
4171 PUSH_COPY(stack)do { *(activation.regs()).sp++ = (stack); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
4172 }
4173 END_CASE(ExceptionAndStack)do { (activation.regs()).pc += (JSOpLength_ExceptionAndStack)
; do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4174
4175 CASE(Finally)label_Finally: { CHECK_BRANCH()do { if (!CheckForInterrupt(cx)) goto error; } while (0); }
4176 END_CASE(Finally)do { (activation.regs()).pc += (JSOpLength_Finally); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
4177
4178 CASE(Throw)label_Throw: {
4179 CHECK_BRANCH()do { if (!CheckForInterrupt(cx)) goto error; } while (0);
4180 ReservedRooted<Value> v(&rootValue0);
4181 POP_COPY_TO(v)(v) = *--(activation.regs()).sp;
4182 MOZ_ALWAYS_FALSE(ThrowOperation(cx, v))do { if ((__builtin_expect(!!(!(ThrowOperation(cx, v))), 1)))
{ } else { do { do { } while (false); MOZ_ReportCrash("" "!(ThrowOperation(cx, v))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4182); AnnotateMozCrashReason("MOZ_CRASH(" "!(ThrowOperation(cx, v))"
")"); do { *((volatile int*)__null) = 4182; __attribute__((nomerge
)) ::abort(); } while (false); } while (false); } } while (false
);
4183 /* let the code at error try to catch the exception. */
4184 goto error;
4185 }
4186
4187 CASE(ThrowWithStack)label_ThrowWithStack: {
4188 CHECK_BRANCH()do { if (!CheckForInterrupt(cx)) goto error; } while (0);
4189 ReservedRooted<Value> v(&rootValue0);
4190 ReservedRooted<Value> stack(&rootValue1);
4191 POP_COPY_TO(stack)(stack) = *--(activation.regs()).sp;
4192 POP_COPY_TO(v)(v) = *--(activation.regs()).sp;
4193 MOZ_ALWAYS_FALSE(ThrowWithStackOperation(cx, v, stack))do { if ((__builtin_expect(!!(!(ThrowWithStackOperation(cx, v
, stack))), 1))) { } else { do { do { } while (false); MOZ_ReportCrash
("" "!(ThrowWithStackOperation(cx, v, stack))", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4193); AnnotateMozCrashReason("MOZ_CRASH(" "!(ThrowWithStackOperation(cx, v, stack))"
")"); do { *((volatile int*)__null) = 4193; __attribute__((nomerge
)) ::abort(); } while (false); } while (false); } } while (false
);
4194 /* let the code at error try to catch the exception. */
4195 goto error;
4196 }
4197
4198 CASE(Instanceof)label_Instanceof: {
4199 ReservedRooted<Value> rref(&rootValue0, REGS(activation.regs()).sp[-1]);
4200 if (HandleValue(rref).isPrimitive()) {
4201 ReportValueError(cx, JSMSG_BAD_INSTANCEOF_RHS, -1, rref, nullptr);
4202 goto error;
4203 }
4204 ReservedRooted<JSObject*> obj(&rootObject0, &rref.toObject());
4205 bool cond = false;
4206 if (!InstanceofOperator(cx, obj, REGS(activation.regs()).stackHandleAt(-2), &cond)) {
4207 goto error;
4208 }
4209 REGS(activation.regs()).sp--;
4210 REGS(activation.regs()).sp[-1].setBoolean(cond);
4211 }
4212 END_CASE(Instanceof)do { (activation.regs()).pc += (JSOpLength_Instanceof); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4213
4214 CASE(Debugger)label_Debugger: {
4215 if (!DebugAPI::onDebuggerStatement(cx, REGS(activation.regs()).fp())) {
4216 goto error;
4217 }
4218 }
4219 END_CASE(Debugger)do { (activation.regs()).pc += (JSOpLength_Debugger); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4220
4221 CASE(PushLexicalEnv)label_PushLexicalEnv: {
4222 ReservedRooted<Scope*> scope(&rootScope0, script->getScope(REGS(activation.regs()).pc));
4223
4224 // Create block environment and push on scope chain.
4225 if (!REGS(activation.regs()).fp()->pushLexicalEnvironment(cx, scope.as<LexicalScope>())) {
4226 goto error;
4227 }
4228 }
4229 END_CASE(PushLexicalEnv)do { (activation.regs()).pc += (JSOpLength_PushLexicalEnv); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4230
4231 CASE(PopLexicalEnv)label_PopLexicalEnv: {
4232#ifdef DEBUG1
4233 Scope* scope = script->lookupScope(REGS(activation.regs()).pc);
4234 MOZ_ASSERT(scope)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(scope)>::isValid, "invalid assertion condition");
if ((__builtin_expect(!!(!(!!(scope))), 0))) { do { } while (
false); MOZ_ReportAssertionFailure("scope", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4234); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope" ")")
; do { *((volatile int*)__null) = 4234; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4235 MOZ_ASSERT(scope->is<LexicalScope>() || scope->is<ClassBodyScope>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(scope->is<LexicalScope>() || scope->is<
ClassBodyScope>())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(scope->is<LexicalScope
>() || scope->is<ClassBodyScope>()))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("scope->is<LexicalScope>() || scope->is<ClassBodyScope>()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4235); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope->is<LexicalScope>() || scope->is<ClassBodyScope>()"
")"); do { *((volatile int*)__null) = 4235; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4236 MOZ_ASSERT_IF(scope->is<LexicalScope>(),do { if (scope->is<LexicalScope>()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(scope->
as<LexicalScope>().hasEnvironment())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(scope->as<LexicalScope
>().hasEnvironment()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("scope->as<LexicalScope>().hasEnvironment()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4237); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope->as<LexicalScope>().hasEnvironment()"
")"); do { *((volatile int*)__null) = 4237; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
4237 scope->as<LexicalScope>().hasEnvironment())do { if (scope->is<LexicalScope>()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(scope->
as<LexicalScope>().hasEnvironment())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(scope->as<LexicalScope
>().hasEnvironment()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("scope->as<LexicalScope>().hasEnvironment()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4237); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope->as<LexicalScope>().hasEnvironment()"
")"); do { *((volatile int*)__null) = 4237; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4238 MOZ_ASSERT_IF(scope->is<ClassBodyScope>(),do { if (scope->is<ClassBodyScope>()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(scope->
as<ClassBodyScope>().hasEnvironment())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(scope->as<ClassBodyScope
>().hasEnvironment()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("scope->as<ClassBodyScope>().hasEnvironment()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4239); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope->as<ClassBodyScope>().hasEnvironment()"
")"); do { *((volatile int*)__null) = 4239; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
4239 scope->as<ClassBodyScope>().hasEnvironment())do { if (scope->is<ClassBodyScope>()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(scope->
as<ClassBodyScope>().hasEnvironment())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(scope->as<ClassBodyScope
>().hasEnvironment()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("scope->as<ClassBodyScope>().hasEnvironment()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4239); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope->as<ClassBodyScope>().hasEnvironment()"
")"); do { *((volatile int*)__null) = 4239; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4240#endif
4241
4242 if (MOZ_UNLIKELY(cx->realm()->isDebuggee())(__builtin_expect(!!(cx->realm()->isDebuggee()), 0))) {
4243 DebugEnvironments::onPopLexical(cx, REGS(activation.regs()).fp(), REGS(activation.regs()).pc);
4244 }
4245
4246 // Pop block from scope chain.
4247 REGS(activation.regs()).fp()->popOffEnvironmentChain<LexicalEnvironmentObject>();
4248 }
4249 END_CASE(PopLexicalEnv)do { (activation.regs()).pc += (JSOpLength_PopLexicalEnv); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4250
4251 CASE(DebugLeaveLexicalEnv)label_DebugLeaveLexicalEnv: {
4252#ifdef DEBUG1
4253 Scope* scope = script->lookupScope(REGS(activation.regs()).pc);
4254 MOZ_ASSERT(scope)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(scope)>::isValid, "invalid assertion condition");
if ((__builtin_expect(!!(!(!!(scope))), 0))) { do { } while (
false); MOZ_ReportAssertionFailure("scope", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4254); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope" ")")
; do { *((volatile int*)__null) = 4254; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4255 MOZ_ASSERT(scope->is<LexicalScope>() || scope->is<ClassBodyScope>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(scope->is<LexicalScope>() || scope->is<
ClassBodyScope>())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(scope->is<LexicalScope
>() || scope->is<ClassBodyScope>()))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("scope->is<LexicalScope>() || scope->is<ClassBodyScope>()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4255); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope->is<LexicalScope>() || scope->is<ClassBodyScope>()"
")"); do { *((volatile int*)__null) = 4255; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4256 MOZ_ASSERT_IF(scope->is<LexicalScope>(),do { if (scope->is<LexicalScope>()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(!scope->
as<LexicalScope>().hasEnvironment())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!scope->as<LexicalScope
>().hasEnvironment()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!scope->as<LexicalScope>().hasEnvironment()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4257); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!scope->as<LexicalScope>().hasEnvironment()"
")"); do { *((volatile int*)__null) = 4257; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
4257 !scope->as<LexicalScope>().hasEnvironment())do { if (scope->is<LexicalScope>()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(!scope->
as<LexicalScope>().hasEnvironment())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!scope->as<LexicalScope
>().hasEnvironment()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!scope->as<LexicalScope>().hasEnvironment()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4257); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!scope->as<LexicalScope>().hasEnvironment()"
")"); do { *((volatile int*)__null) = 4257; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4258 MOZ_ASSERT_IF(scope->is<ClassBodyScope>(),do { if (scope->is<ClassBodyScope>()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(!scope->
as<ClassBodyScope>().hasEnvironment())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!scope->as<ClassBodyScope
>().hasEnvironment()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!scope->as<ClassBodyScope>().hasEnvironment()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4259); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!scope->as<ClassBodyScope>().hasEnvironment()"
")"); do { *((volatile int*)__null) = 4259; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
4259 !scope->as<ClassBodyScope>().hasEnvironment())do { if (scope->is<ClassBodyScope>()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(!scope->
as<ClassBodyScope>().hasEnvironment())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!scope->as<ClassBodyScope
>().hasEnvironment()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!scope->as<ClassBodyScope>().hasEnvironment()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4259); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!scope->as<ClassBodyScope>().hasEnvironment()"
")"); do { *((volatile int*)__null) = 4259; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4260#endif
4261 // FIXME: This opcode should not be necessary. The debugger shouldn't
4262 // need help from bytecode to do its job. See bug 927782.
4263
4264 if (MOZ_UNLIKELY(cx->realm()->isDebuggee())(__builtin_expect(!!(cx->realm()->isDebuggee()), 0))) {
4265 DebugEnvironments::onPopLexical(cx, REGS(activation.regs()).fp(), REGS(activation.regs()).pc);
4266 }
4267 }
4268 END_CASE(DebugLeaveLexicalEnv)do { (activation.regs()).pc += (JSOpLength_DebugLeaveLexicalEnv
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4269
4270 CASE(FreshenLexicalEnv)label_FreshenLexicalEnv: {
4271#ifdef DEBUG1
4272 Scope* scope = script->getScope(REGS(activation.regs()).pc);
4273 auto envChain = REGS(activation.regs()).fp()->environmentChain();
4274 auto* envScope = &envChain->as<BlockLexicalEnvironmentObject>().scope();
4275 MOZ_ASSERT(scope == envScope)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(scope == envScope)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(scope == envScope))), 0))) {
do { } while (false); MOZ_ReportAssertionFailure("scope == envScope"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4275); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope == envScope"
")"); do { *((volatile int*)__null) = 4275; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4276#endif
4277
4278 if (!REGS(activation.regs()).fp()->freshenLexicalEnvironment(cx, REGS(activation.regs()).pc)) {
4279 goto error;
4280 }
4281 }
4282 END_CASE(FreshenLexicalEnv)do { (activation.regs()).pc += (JSOpLength_FreshenLexicalEnv)
; do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4283
4284 CASE(RecreateLexicalEnv)label_RecreateLexicalEnv: {
4285#ifdef DEBUG1
4286 Scope* scope = script->getScope(REGS(activation.regs()).pc);
4287 auto envChain = REGS(activation.regs()).fp()->environmentChain();
4288 auto* envScope = &envChain->as<BlockLexicalEnvironmentObject>().scope();
4289 MOZ_ASSERT(scope == envScope)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(scope == envScope)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(scope == envScope))), 0))) {
do { } while (false); MOZ_ReportAssertionFailure("scope == envScope"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4289); AnnotateMozCrashReason("MOZ_ASSERT" "(" "scope == envScope"
")"); do { *((volatile int*)__null) = 4289; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4290#endif
4291
4292 if (!REGS(activation.regs()).fp()->recreateLexicalEnvironment(cx, REGS(activation.regs()).pc)) {
4293 goto error;
4294 }
4295 }
4296 END_CASE(RecreateLexicalEnv)do { (activation.regs()).pc += (JSOpLength_RecreateLexicalEnv
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4297
4298 CASE(PushClassBodyEnv)label_PushClassBodyEnv: {
4299 ReservedRooted<Scope*> scope(&rootScope0, script->getScope(REGS(activation.regs()).pc));
4300
4301 if (!REGS(activation.regs()).fp()->pushClassBodyEnvironment(cx,
4302 scope.as<ClassBodyScope>())) {
4303 goto error;
4304 }
4305 }
4306 END_CASE(PushClassBodyEnv)do { (activation.regs()).pc += (JSOpLength_PushClassBodyEnv);
do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4307
4308 CASE(PushVarEnv)label_PushVarEnv: {
4309 ReservedRooted<Scope*> scope(&rootScope0, script->getScope(REGS(activation.regs()).pc));
4310
4311 if (!REGS(activation.regs()).fp()->pushVarEnvironment(cx, scope)) {
4312 goto error;
4313 }
4314 }
4315 END_CASE(PushVarEnv)do { (activation.regs()).pc += (JSOpLength_PushVarEnv); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4316
4317 CASE(Generator)label_Generator: {
4318 MOZ_ASSERT(!cx->isExceptionPending())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!cx->isExceptionPending())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!cx->isExceptionPending()
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"!cx->isExceptionPending()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4318); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cx->isExceptionPending()"
")"); do { *((volatile int*)__null) = 4318; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4319 MOZ_ASSERT(REGS.stackDepth() == 0)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() == 0)>::isValid,
"invalid assertion condition"); if ((__builtin_expect(!!(!(!
!((activation.regs()).stackDepth() == 0))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() == 0"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4319); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() == 0"
")"); do { *((volatile int*)__null) = 4319; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4320 JSObject* obj = AbstractGeneratorObject::createFromFrame(cx, REGS(activation.regs()).fp());
4321 if (!obj) {
4322 goto error;
4323 }
4324 PUSH_OBJECT(*obj)do { (activation.regs()).sp++->setObject(*obj); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
4325 }
4326 END_CASE(Generator)do { (activation.regs()).pc += (JSOpLength_Generator); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4327
4328 CASE(InitialYield)label_InitialYield: {
4329 MOZ_ASSERT(!cx->isExceptionPending())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!cx->isExceptionPending())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!cx->isExceptionPending()
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"!cx->isExceptionPending()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4329); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cx->isExceptionPending()"
")"); do { *((volatile int*)__null) = 4329; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4330 MOZ_ASSERT_IF(script->isModule() && script->isAsync(),do { if (script->isModule() && script->isAsync(
)) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype((activation.regs()).fp()->isModuleFrame())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isModuleFrame()))), 0))
) { do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isModuleFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4331); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isModuleFrame()"
")"); do { *((volatile int*)__null) = 4331; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
4331 REGS.fp()->isModuleFrame())do { if (script->isModule() && script->isAsync(
)) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype((activation.regs()).fp()->isModuleFrame())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isModuleFrame()))), 0))
) { do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isModuleFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4331); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isModuleFrame()"
")"); do { *((volatile int*)__null) = 4331; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4332 MOZ_ASSERT_IF(!script->isModule() && script->isAsync(),do { if (!script->isModule() && script->isAsync
()) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype((activation.regs()).fp()->isFunctionFrame())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isFunctionFrame()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isFunctionFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4333); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isFunctionFrame()"
")"); do { *((volatile int*)__null) = 4333; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
4333 REGS.fp()->isFunctionFrame())do { if (!script->isModule() && script->isAsync
()) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype((activation.regs()).fp()->isFunctionFrame())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isFunctionFrame()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isFunctionFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4333); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isFunctionFrame()"
")"); do { *((volatile int*)__null) = 4333; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4334 ReservedRooted<JSObject*> obj(&rootObject0, &REGS(activation.regs()).sp[-1].toObject());
4335 POP_RETURN_VALUE()(activation.regs()).fp()->setReturnValue(*--(activation.regs
()).sp);
4336 MOZ_ASSERT(REGS.stackDepth() == 0)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() == 0)>::isValid,
"invalid assertion condition"); if ((__builtin_expect(!!(!(!
!((activation.regs()).stackDepth() == 0))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() == 0"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4336); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() == 0"
")"); do { *((volatile int*)__null) = 4336; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4337 if (!AbstractGeneratorObject::suspend(cx, obj, REGS(activation.regs()).fp(), REGS(activation.regs()).pc,
4338 script->nfixed())) {
4339 goto error;
4340 }
4341 goto successful_return_continuation;
4342 }
4343
4344 CASE(Yield)label_Yield:
4345 CASE(Await)label_Await: {
4346 MOZ_ASSERT(!cx->isExceptionPending())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!cx->isExceptionPending())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!cx->isExceptionPending()
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"!cx->isExceptionPending()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4346); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cx->isExceptionPending()"
")"); do { *((volatile int*)__null) = 4346; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4347 MOZ_ASSERT_IF(script->isModule() && script->isAsync(),do { if (script->isModule() && script->isAsync(
)) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype((activation.regs()).fp()->isModuleFrame())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isModuleFrame()))), 0))
) { do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isModuleFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4348); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isModuleFrame()"
")"); do { *((volatile int*)__null) = 4348; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
4348 REGS.fp()->isModuleFrame())do { if (script->isModule() && script->isAsync(
)) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype((activation.regs()).fp()->isModuleFrame())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isModuleFrame()))), 0))
) { do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isModuleFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4348); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isModuleFrame()"
")"); do { *((volatile int*)__null) = 4348; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4349 MOZ_ASSERT_IF(!script->isModule() && script->isAsync(),do { if (!script->isModule() && script->isAsync
()) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype((activation.regs()).fp()->isFunctionFrame())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isFunctionFrame()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isFunctionFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4350); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isFunctionFrame()"
")"); do { *((volatile int*)__null) = 4350; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
4350 REGS.fp()->isFunctionFrame())do { if (!script->isModule() && script->isAsync
()) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype((activation.regs()).fp()->isFunctionFrame())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isFunctionFrame()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isFunctionFrame()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4350); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isFunctionFrame()"
")"); do { *((volatile int*)__null) = 4350; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4351 ReservedRooted<JSObject*> obj(&rootObject0, &REGS(activation.regs()).sp[-1].toObject());
4352 if (!AbstractGeneratorObject::suspend(
4353 cx, obj, REGS(activation.regs()).fp(), REGS(activation.regs()).pc,
4354 script->nfixed() + REGS(activation.regs()).stackDepth() - 2)) {
4355 goto error;
4356 }
4357
4358 REGS(activation.regs()).sp--;
4359 POP_RETURN_VALUE()(activation.regs()).fp()->setReturnValue(*--(activation.regs
()).sp);
4360
4361 goto successful_return_continuation;
4362 }
4363
4364 CASE(ResumeKind)label_ResumeKind: {
4365 GeneratorResumeKind resumeKind = ResumeKindFromPC(REGS(activation.regs()).pc);
4366 PUSH_INT32(int32_t(resumeKind))(activation.regs()).sp++->setInt32(int32_t(resumeKind));
4367 }
4368 END_CASE(ResumeKind)do { (activation.regs()).pc += (JSOpLength_ResumeKind); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4369
4370 CASE(CheckResumeKind)label_CheckResumeKind: {
4371 int32_t kindInt = REGS(activation.regs()).sp[-1].toInt32();
4372 GeneratorResumeKind resumeKind = IntToResumeKind(kindInt);
4373 if (MOZ_UNLIKELY(resumeKind != GeneratorResumeKind::Next)(__builtin_expect(!!(resumeKind != GeneratorResumeKind::Next)
, 0))) {
4374 ReservedRooted<Value> val(&rootValue0, REGS(activation.regs()).sp[-3]);
4375 Rooted<AbstractGeneratorObject*> gen(
4376 cx, &REGS(activation.regs()).sp[-2].toObject().as<AbstractGeneratorObject>());
4377 MOZ_ALWAYS_FALSE(GeneratorThrowOrReturn(cx, activation.regs().fp(), gen,do { if ((__builtin_expect(!!(!(GeneratorThrowOrReturn(cx, activation
.regs().fp(), gen, val, resumeKind))), 1))) { } else { do { do
{ } while (false); MOZ_ReportCrash("" "!(GeneratorThrowOrReturn(cx, activation.regs().fp(), gen, val, resumeKind))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4378); AnnotateMozCrashReason("MOZ_CRASH(" "!(GeneratorThrowOrReturn(cx, activation.regs().fp(), gen, val, resumeKind))"
")"); do { *((volatile int*)__null) = 4378; __attribute__((nomerge
)) ::abort(); } while (false); } while (false); } } while (false
)
4378 val, resumeKind))do { if ((__builtin_expect(!!(!(GeneratorThrowOrReturn(cx, activation
.regs().fp(), gen, val, resumeKind))), 1))) { } else { do { do
{ } while (false); MOZ_ReportCrash("" "!(GeneratorThrowOrReturn(cx, activation.regs().fp(), gen, val, resumeKind))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4378); AnnotateMozCrashReason("MOZ_CRASH(" "!(GeneratorThrowOrReturn(cx, activation.regs().fp(), gen, val, resumeKind))"
")"); do { *((volatile int*)__null) = 4378; __attribute__((nomerge
)) ::abort(); } while (false); } while (false); } } while (false
);
4379 goto error;
4380 }
4381 REGS(activation.regs()).sp -= 2;
4382 }
4383 END_CASE(CheckResumeKind)do { (activation.regs()).pc += (JSOpLength_CheckResumeKind); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4384
4385 CASE(Resume)label_Resume: {
4386 {
4387 Rooted<AbstractGeneratorObject*> gen(
4388 cx, &REGS(activation.regs()).sp[-3].toObject().as<AbstractGeneratorObject>());
4389 ReservedRooted<Value> val(&rootValue0, REGS(activation.regs()).sp[-2]);
4390 ReservedRooted<Value> resumeKindVal(&rootValue1, REGS(activation.regs()).sp[-1]);
4391
4392 // popInlineFrame expects there to be an additional value on the stack
4393 // to pop off, so leave "gen" on the stack.
4394 REGS(activation.regs()).sp -= 1;
4395
4396 if (!AbstractGeneratorObject::resume(cx, activation, gen, val,
4397 resumeKindVal)) {
4398 goto error;
4399 }
4400
4401 JSScript* generatorScript = REGS(activation.regs()).fp()->script();
4402 if (cx->realm() != generatorScript->realm()) {
4403 cx->enterRealmOf(generatorScript);
4404 }
4405 SET_SCRIPT(generatorScript)do { script = (generatorScript); do { static_assert( mozilla::
detail::AssertionConditionType<decltype(cx->realm() == script
->realm())>::isValid, "invalid assertion condition"); if
((__builtin_expect(!!(!(!!(cx->realm() == script->realm
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("cx->realm() == script->realm()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4405); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->realm() == script->realm()"
")"); do { *((volatile int*)__null) = 4405; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); if (DebugAPI
::hasAnyBreakpointsOrStepMode(script) || script->hasScriptCounts
()) activation.enableInterruptsUnconditionally(); } while (0);
4406
4407 if (!probes::EnterScript(cx, generatorScript,
4408 generatorScript->function(), REGS(activation.regs()).fp())) {
4409 goto error;
4410 }
4411
4412 if (!DebugAPI::onResumeFrame(cx, REGS(activation.regs()).fp())) {
4413 MOZ_ASSERT_IF(cx->isPropagatingForcedReturn(), gen->isClosed())do { if (cx->isPropagatingForcedReturn()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(gen->
isClosed())>::isValid, "invalid assertion condition"); if (
(__builtin_expect(!!(!(!!(gen->isClosed()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("gen->isClosed()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4413); AnnotateMozCrashReason("MOZ_ASSERT" "(" "gen->isClosed()"
")"); do { *((volatile int*)__null) = 4413; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4414 goto error;
4415 }
4416 }
4417 ADVANCE_AND_DISPATCH(0)do { (activation.regs()).pc += (0); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0);
4418 }
4419
4420 CASE(AfterYield)label_AfterYield: {
4421 // AbstractGeneratorObject::resume takes care of setting the frame's
4422 // debuggee flag.
4423 MOZ_ASSERT_IF(REGS.fp()->script()->isDebuggee(), REGS.fp()->isDebuggee())do { if ((activation.regs()).fp()->script()->isDebuggee
()) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype((activation.regs()).fp()->isDebuggee())>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!((activation.regs()).fp()->isDebuggee()))), 0))) {
do { } while (false); MOZ_ReportAssertionFailure("(activation.regs()).fp()->isDebuggee()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4423); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).fp()->isDebuggee()"
")"); do { *((volatile int*)__null) = 4423; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
4424 COUNT_COVERAGE()do { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc
)))>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc)))
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4424); AnnotateMozCrashReason("MOZ_ASSERT" "(" "BytecodeIsJumpTarget(JSOp(*(activation.regs()).pc))"
")"); do { *((volatile int*)__null) = 4424; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); do { if (script
->hasScriptCounts()) { PCCounts* counts = script->maybeGetPCCounts
((activation.regs()).pc); do { static_assert( mozilla::detail
::AssertionConditionType<decltype(counts)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(counts))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("counts", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4424); AnnotateMozCrashReason("MOZ_ASSERT" "(" "counts" ")"
); do { *((volatile int*)__null) = 4424; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); counts->
numExec()++; } } while (0); } while (0);
4425 }
4426 END_CASE(AfterYield)do { (activation.regs()).pc += (JSOpLength_AfterYield); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4427
4428 CASE(FinalYieldRval)label_FinalYieldRval: {
4429 ReservedRooted<JSObject*> gen(&rootObject0, &REGS(activation.regs()).sp[-1].toObject());
4430 REGS(activation.regs()).sp--;
4431 AbstractGeneratorObject::finalSuspend(cx, gen);
4432 goto successful_return_continuation;
4433 }
4434
4435 CASE(CheckClassHeritage)label_CheckClassHeritage: {
4436 HandleValue heritage = REGS(activation.regs()).stackHandleAt(-1);
4437
4438 if (!CheckClassHeritageOperation(cx, heritage)) {
4439 goto error;
4440 }
4441 }
4442 END_CASE(CheckClassHeritage)do { (activation.regs()).pc += (JSOpLength_CheckClassHeritage
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4443
4444 CASE(BuiltinObject)label_BuiltinObject: {
4445 auto kind = BuiltinObjectKind(GET_UINT8(REGS(activation.regs()).pc));
4446 JSObject* builtin = BuiltinObjectOperation(cx, kind);
4447 if (!builtin) {
4448 goto error;
4449 }
4450 PUSH_OBJECT(*builtin)do { (activation.regs()).sp++->setObject(*builtin); cx->
debugOnlyCheck((activation.regs()).sp[-1]); } while (0);
4451 }
4452 END_CASE(BuiltinObject)do { (activation.regs()).pc += (JSOpLength_BuiltinObject); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4453
4454 CASE(FunWithProto)label_FunWithProto: {
4455 ReservedRooted<JSObject*> proto(&rootObject1, &REGS(activation.regs()).sp[-1].toObject());
4456
4457 /* Load the specified function object literal. */
4458 ReservedRooted<JSFunction*> fun(&rootFunction0,
4459 script->getFunction(REGS(activation.regs()).pc));
4460
4461 JSObject* obj =
4462 FunWithProtoOperation(cx, fun, REGS(activation.regs()).fp()->environmentChain(), proto);
4463 if (!obj) {
4464 goto error;
4465 }
4466
4467 REGS(activation.regs()).sp[-1].setObject(*obj);
4468 }
4469 END_CASE(FunWithProto)do { (activation.regs()).pc += (JSOpLength_FunWithProto); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4470
4471 CASE(ObjWithProto)label_ObjWithProto: {
4472 JSObject* obj = ObjectWithProtoOperation(cx, REGS(activation.regs()).stackHandleAt(-1));
4473 if (!obj) {
4474 goto error;
4475 }
4476
4477 REGS(activation.regs()).sp[-1].setObject(*obj);
4478 }
4479 END_CASE(ObjWithProto)do { (activation.regs()).pc += (JSOpLength_ObjWithProto); do {
js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4480
4481 CASE(InitHomeObject)label_InitHomeObject: {
4482 MOZ_ASSERT(REGS.stackDepth() >= 2)do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).stackDepth() >= 2)>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!((activation.regs()).stackDepth() >= 2))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("(activation.regs()).stackDepth() >= 2"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4482); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).stackDepth() >= 2"
")"); do { *((volatile int*)__null) = 4482; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4483
4484 /* Load the function to be initialized */
4485 JSFunction* func = &REGS(activation.regs()).sp[-2].toObject().as<JSFunction>();
4486 MOZ_ASSERT(func->allowSuperProperty())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(func->allowSuperProperty())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(func->allowSuperProperty(
)))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("func->allowSuperProperty()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4486); AnnotateMozCrashReason("MOZ_ASSERT" "(" "func->allowSuperProperty()"
")"); do { *((volatile int*)__null) = 4486; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4487
4488 /* Load the home object */
4489 JSObject* obj = &REGS(activation.regs()).sp[-1].toObject();
4490 MOZ_ASSERT(obj->is<PlainObject>() || obj->is<JSFunction>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(obj->is<PlainObject>() || obj->is<JSFunction
>())>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(obj->is<PlainObject>() || obj->is<JSFunction
>()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("obj->is<PlainObject>() || obj->is<JSFunction>()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4490); AnnotateMozCrashReason("MOZ_ASSERT" "(" "obj->is<PlainObject>() || obj->is<JSFunction>()"
")"); do { *((volatile int*)__null) = 4490; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4491
4492 func->setExtendedSlot(FunctionExtended::METHOD_HOMEOBJECT_SLOT,
4493 ObjectValue(*obj));
4494 REGS(activation.regs()).sp--;
4495 }
4496 END_CASE(InitHomeObject)do { (activation.regs()).pc += (JSOpLength_InitHomeObject); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4497
4498 CASE(SuperBase)label_SuperBase: {
4499 JSFunction& superEnvFunc = REGS(activation.regs()).sp[-1].toObject().as<JSFunction>();
4500 MOZ_ASSERT(superEnvFunc.allowSuperProperty())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(superEnvFunc.allowSuperProperty())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(superEnvFunc.allowSuperProperty
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("superEnvFunc.allowSuperProperty()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4500); AnnotateMozCrashReason("MOZ_ASSERT" "(" "superEnvFunc.allowSuperProperty()"
")"); do { *((volatile int*)__null) = 4500; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4501 MOZ_ASSERT(superEnvFunc.baseScript()->needsHomeObject())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(superEnvFunc.baseScript()->needsHomeObject())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(superEnvFunc.baseScript()->needsHomeObject()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("superEnvFunc.baseScript()->needsHomeObject()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4501); AnnotateMozCrashReason("MOZ_ASSERT" "(" "superEnvFunc.baseScript()->needsHomeObject()"
")"); do { *((volatile int*)__null) = 4501; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4502 const Value& homeObjVal = superEnvFunc.getExtendedSlot(
4503 FunctionExtended::METHOD_HOMEOBJECT_SLOT);
4504
4505 JSObject* homeObj = &homeObjVal.toObject();
4506 JSObject* superBase = HomeObjectSuperBase(homeObj);
4507
4508 REGS(activation.regs()).sp[-1].setObjectOrNull(superBase);
4509 }
4510 END_CASE(SuperBase)do { (activation.regs()).pc += (JSOpLength_SuperBase); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4511
4512 CASE(NewTarget)label_NewTarget: {
4513 PUSH_COPY(REGS.fp()->newTarget())do { *(activation.regs()).sp++ = ((activation.regs()).fp()->
newTarget()); cx->debugOnlyCheck((activation.regs()).sp[-1
]); } while (0);
4514 MOZ_ASSERT(REGS.sp[-1].isObject() || REGS.sp[-1].isUndefined())do { static_assert( mozilla::detail::AssertionConditionType<
decltype((activation.regs()).sp[-1].isObject() || (activation
.regs()).sp[-1].isUndefined())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!((activation.regs()).sp[-1].isObject
() || (activation.regs()).sp[-1].isUndefined()))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("(activation.regs()).sp[-1].isObject() || (activation.regs()).sp[-1].isUndefined()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4514); AnnotateMozCrashReason("MOZ_ASSERT" "(" "(activation.regs()).sp[-1].isObject() || (activation.regs()).sp[-1].isUndefined()"
")"); do { *((volatile int*)__null) = 4514; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4515 }
4516 END_CASE(NewTarget)do { (activation.regs()).pc += (JSOpLength_NewTarget); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4517
4518 CASE(ImportMeta)label_ImportMeta: {
4519 JSObject* metaObject = ImportMetaOperation(cx, script);
4520 if (!metaObject) {
4521 goto error;
4522 }
4523
4524 PUSH_OBJECT(*metaObject)do { (activation.regs()).sp++->setObject(*metaObject); cx->
debugOnlyCheck((activation.regs()).sp[-1]); } while (0);
4525 }
4526 END_CASE(ImportMeta)do { (activation.regs()).pc += (JSOpLength_ImportMeta); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4527
4528 CASE(DynamicImport)label_DynamicImport: {
4529 ReservedRooted<Value> options(&rootValue0, REGS(activation.regs()).sp[-1]);
4530 REGS(activation.regs()).sp--;
4531
4532 ReservedRooted<Value> specifier(&rootValue1);
4533 POP_COPY_TO(specifier)(specifier) = *--(activation.regs()).sp;
4534
4535 JSObject* promise =
4536 StartDynamicModuleImport(cx, script, specifier, options);
4537 if (!promise) goto error;
4538
4539 PUSH_OBJECT(*promise)do { (activation.regs()).sp++->setObject(*promise); cx->
debugOnlyCheck((activation.regs()).sp[-1]); } while (0);
4540 }
4541 END_CASE(DynamicImport)do { (activation.regs()).pc += (JSOpLength_DynamicImport); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4542
4543 CASE(EnvCallee)label_EnvCallee: {
4544 uint8_t numHops = GET_UINT8(REGS(activation.regs()).pc);
4545 JSObject* env = &REGS(activation.regs()).fp()->environmentChain()->as<EnvironmentObject>();
4546 for (unsigned i = 0; i < numHops; i++) {
4547 env = &env->as<EnvironmentObject>().enclosingEnvironment();
4548 }
4549 PUSH_OBJECT(env->as<CallObject>().callee())do { (activation.regs()).sp++->setObject(env->as<CallObject
>().callee()); cx->debugOnlyCheck((activation.regs()).sp
[-1]); } while (0);
4550 }
4551 END_CASE(EnvCallee)do { (activation.regs()).pc += (JSOpLength_EnvCallee); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4552
4553 CASE(SuperFun)label_SuperFun: {
4554 JSObject* superEnvFunc = &REGS(activation.regs()).sp[-1].toObject();
4555 JSObject* superFun = SuperFunOperation(superEnvFunc);
4556 REGS(activation.regs()).sp[-1].setObjectOrNull(superFun);
4557 }
4558 END_CASE(SuperFun)do { (activation.regs()).pc += (JSOpLength_SuperFun); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4559
4560 CASE(CheckObjCoercible)label_CheckObjCoercible: {
4561 ReservedRooted<Value> checkVal(&rootValue0, REGS(activation.regs()).sp[-1]);
4562 if (checkVal.isNullOrUndefined()) {
4563 MOZ_ALWAYS_FALSE(ThrowObjectCoercible(cx, checkVal))do { if ((__builtin_expect(!!(!(ThrowObjectCoercible(cx, checkVal
))), 1))) { } else { do { do { } while (false); MOZ_ReportCrash
("" "!(ThrowObjectCoercible(cx, checkVal))", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4563); AnnotateMozCrashReason("MOZ_CRASH(" "!(ThrowObjectCoercible(cx, checkVal))"
")"); do { *((volatile int*)__null) = 4563; __attribute__((nomerge
)) ::abort(); } while (false); } while (false); } } while (false
);
4564 goto error;
4565 }
4566 }
4567 END_CASE(CheckObjCoercible)do { (activation.regs()).pc += (JSOpLength_CheckObjCoercible)
; do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4568
4569 CASE(DebugCheckSelfHosted)label_DebugCheckSelfHosted: {
4570#ifdef DEBUG1
4571 ReservedRooted<Value> checkVal(&rootValue0, REGS(activation.regs()).sp[-1]);
4572 if (!Debug_CheckSelfHosted(cx, checkVal)) {
4573 goto error;
4574 }
4575#endif
4576 }
4577 END_CASE(DebugCheckSelfHosted)do { (activation.regs()).pc += (JSOpLength_DebugCheckSelfHosted
); do { js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4578
4579 CASE(IsConstructing)label_IsConstructing: { PUSH_MAGIC(JS_IS_CONSTRUCTING)(activation.regs()).sp++->setMagic(JS_IS_CONSTRUCTING); }
4580 END_CASE(IsConstructing)do { (activation.regs()).pc += (JSOpLength_IsConstructing); do
{ js::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses
[(*(activation.regs()).pc | activation.opMask())]; } while (0
);
4581
4582 CASE(Inc)label_Inc: {
4583 MutableHandleValue val = REGS(activation.regs()).stackHandleAt(-1);
4584 if (!IncOperation(cx, val, val)) {
4585 goto error;
4586 }
4587 }
4588 END_CASE(Inc)do { (activation.regs()).pc += (JSOpLength_Inc); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
4589
4590 CASE(Dec)label_Dec: {
4591 MutableHandleValue val = REGS(activation.regs()).stackHandleAt(-1);
4592 if (!DecOperation(cx, val, val)) {
4593 goto error;
4594 }
4595 }
4596 END_CASE(Dec)do { (activation.regs()).pc += (JSOpLength_Dec); do { js::gc::
MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(activation
.regs()).pc | activation.opMask())]; } while (0);
4597
4598 CASE(ToNumeric)label_ToNumeric: {
4599 if (!ToNumeric(cx, REGS(activation.regs()).stackHandleAt(-1))) {
4600 goto error;
4601 }
4602 }
4603 END_CASE(ToNumeric)do { (activation.regs()).pc += (JSOpLength_ToNumeric); do { js
::gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(
*(activation.regs()).pc | activation.opMask())]; } while (0);
4604
4605 CASE(BigInt)label_BigInt: { PUSH_BIGINT(script->getBigInt(REGS.pc))(activation.regs()).sp++->setBigInt(script->getBigInt((
activation.regs()).pc)); }
4606 END_CASE(BigInt)do { (activation.regs()).pc += (JSOpLength_BigInt); do { js::
gc::MaybeVerifyBarriers(cx); } while (0); goto* addresses[(*(
activation.regs()).pc | activation.opMask())]; } while (0);
4607
4608 DEFAULT()label_default: {
4609 char numBuf[12];
4610 SprintfLiteral(numBuf, "%d", *REGS(activation.regs()).pc);
4611 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
4612 JSMSG_BAD_BYTECODE, numBuf);
4613 goto error;
4614 }
4615
4616 } /* interpreter loop */
4617
4618 MOZ_CRASH("Interpreter loop exited via fallthrough")do { do { } while (false); MOZ_ReportCrash("" "Interpreter loop exited via fallthrough"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4618); AnnotateMozCrashReason("MOZ_CRASH(" "Interpreter loop exited via fallthrough"
")"); do { *((volatile int*)__null) = 4618; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
4619
4620error:
4621 switch (HandleError(cx, REGS(activation.regs()))) {
4622 case SuccessfulReturnContinuation:
4623 goto successful_return_continuation;
4624
4625 case ErrorReturnContinuation:
4626 interpReturnOK = false;
4627 goto return_continuation;
4628
4629 case CatchContinuation:
4630 ADVANCE_AND_DISPATCH(0)do { (activation.regs()).pc += (0); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0);
4631
4632 case FinallyContinuation: {
4633 /*
4634 * Push (exception, stack, true) triple for finally to indicate that we
4635 * should rethrow the exception.
4636 */
4637 ReservedRooted<Value> exception(&rootValue0);
4638 ReservedRooted<Value> exceptionStack(&rootValue1);
4639 if (!cx->getPendingException(&exception) ||
4640 !cx->getPendingExceptionStack(&exceptionStack)) {
4641 interpReturnOK = false;
4642 goto return_continuation;
4643 }
4644 PUSH_COPY(exception)do { *(activation.regs()).sp++ = (exception); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
4645 PUSH_COPY(exceptionStack)do { *(activation.regs()).sp++ = (exceptionStack); cx->debugOnlyCheck
((activation.regs()).sp[-1]); } while (0);
4646 PUSH_BOOLEAN(true)(activation.regs()).sp++->setBoolean(true);
4647 cx->clearPendingException();
4648 }
4649 ADVANCE_AND_DISPATCH(0)do { (activation.regs()).pc += (0); do { js::gc::MaybeVerifyBarriers
(cx); } while (0); goto* addresses[(*(activation.regs()).pc |
activation.opMask())]; } while (0);
4650 }
4651
4652 MOZ_CRASH("Invalid HandleError continuation")do { do { } while (false); MOZ_ReportCrash("" "Invalid HandleError continuation"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4652); AnnotateMozCrashReason("MOZ_CRASH(" "Invalid HandleError continuation"
")"); do { *((volatile int*)__null) = 4652; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
4653
4654exit:
4655 if (MOZ_LIKELY(!frameHalfInitialized)(__builtin_expect(!!(!frameHalfInitialized), 1))) {
4656 interpReturnOK =
4657 DebugAPI::onLeaveFrame(cx, REGS(activation.regs()).fp(), REGS(activation.regs()).pc, interpReturnOK);
4658
4659 REGS(activation.regs()).fp()->epilogue(cx, REGS(activation.regs()).pc);
4660 }
4661
4662 gc::MaybeVerifyBarriers(cx, true);
4663
4664 /*
4665 * This path is used when it's guaranteed the method can be finished
4666 * inside the JIT.
4667 */
4668leave_on_safe_point:
4669
4670 if (interpReturnOK) {
4671 state.setReturnValue(activation.entryFrame()->returnValue());
4672 }
4673
4674 return interpReturnOK;
4675
4676prologue_error:
4677 interpReturnOK = false;
4678 frameHalfInitialized = true;
4679 goto prologue_return_continuation;
4680}
4681
4682bool js::ThrowOperation(JSContext* cx, HandleValue v) {
4683 MOZ_ASSERT(!cx->isExceptionPending())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!cx->isExceptionPending())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!cx->isExceptionPending()
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"!cx->isExceptionPending()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4683); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cx->isExceptionPending()"
")"); do { *((volatile int*)__null) = 4683; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4684 cx->setPendingException(v, ShouldCaptureStack::Maybe);
4685 return false;
4686}
4687
4688bool js::ThrowWithStackOperation(JSContext* cx, HandleValue v,
4689 HandleValue stack) {
4690 MOZ_ASSERT(!cx->isExceptionPending())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!cx->isExceptionPending())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!cx->isExceptionPending()
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"!cx->isExceptionPending()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4690); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!cx->isExceptionPending()"
")"); do { *((volatile int*)__null) = 4690; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4691 MOZ_ASSERT(stack.isObjectOrNull())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(stack.isObjectOrNull())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(stack.isObjectOrNull()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("stack.isObjectOrNull()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4691); AnnotateMozCrashReason("MOZ_ASSERT" "(" "stack.isObjectOrNull()"
")"); do { *((volatile int*)__null) = 4691; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4692
4693 // Use a normal throw when no stack was recorded.
4694 if (!stack.isObject()) {
4695 return ThrowOperation(cx, v);
4696 }
4697
4698 MOZ_ASSERT(UncheckedUnwrap(&stack.toObject())->is<SavedFrame>() ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(UncheckedUnwrap(&stack.toObject())->is<SavedFrame
>() || IsDeadProxyObject(&stack.toObject()))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(UncheckedUnwrap(&stack.toObject())->is<SavedFrame
>() || IsDeadProxyObject(&stack.toObject())))), 0))) {
do { } while (false); MOZ_ReportAssertionFailure("UncheckedUnwrap(&stack.toObject())->is<SavedFrame>() || IsDeadProxyObject(&stack.toObject())"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4699); AnnotateMozCrashReason("MOZ_ASSERT" "(" "UncheckedUnwrap(&stack.toObject())->is<SavedFrame>() || IsDeadProxyObject(&stack.toObject())"
")"); do { *((volatile int*)__null) = 4699; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
4699 IsDeadProxyObject(&stack.toObject()))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(UncheckedUnwrap(&stack.toObject())->is<SavedFrame
>() || IsDeadProxyObject(&stack.toObject()))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(UncheckedUnwrap(&stack.toObject())->is<SavedFrame
>() || IsDeadProxyObject(&stack.toObject())))), 0))) {
do { } while (false); MOZ_ReportAssertionFailure("UncheckedUnwrap(&stack.toObject())->is<SavedFrame>() || IsDeadProxyObject(&stack.toObject())"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4699); AnnotateMozCrashReason("MOZ_ASSERT" "(" "UncheckedUnwrap(&stack.toObject())->is<SavedFrame>() || IsDeadProxyObject(&stack.toObject())"
")"); do { *((volatile int*)__null) = 4699; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4700
4701 Rooted<SavedFrame*> stackObj(cx,
4702 stack.toObject().maybeUnwrapIf<SavedFrame>());
4703 cx->setPendingException(v, stackObj);
4704 return false;
4705}
4706
4707bool js::GetPendingExceptionStack(JSContext* cx, MutableHandleValue vp) {
4708 MOZ_ASSERT(cx->isExceptionPending())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->isExceptionPending())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(cx->isExceptionPending())
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("cx->isExceptionPending()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4708); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->isExceptionPending()"
")"); do { *((volatile int*)__null) = 4708; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4709 return cx->getPendingExceptionStack(vp);
4710}
4711
4712bool js::GetProperty(JSContext* cx, HandleValue v, Handle<PropertyName*> name,
4713 MutableHandleValue vp) {
4714 if (name == cx->names().length) {
4715 // Fast path for strings, arrays and arguments.
4716 if (::GetLengthProperty(v, vp)) {
4717 return true;
4718 }
4719 }
4720
4721 // Optimize common cases like (2).toString() or "foo".valueOf() to not
4722 // create a wrapper object.
4723 if (v.isPrimitive() && !v.isNullOrUndefined()) {
4724 JSObject* proto;
4725
4726 switch (v.type()) {
4727 case ValueType::Double:
4728 case ValueType::Int32:
4729 proto = GlobalObject::getOrCreateNumberPrototype(cx, cx->global());
4730 break;
4731 case ValueType::Boolean:
4732 proto = GlobalObject::getOrCreateBooleanPrototype(cx, cx->global());
4733 break;
4734 case ValueType::String:
4735 proto = GlobalObject::getOrCreateStringPrototype(cx, cx->global());
4736 break;
4737 case ValueType::Symbol:
4738 proto = GlobalObject::getOrCreateSymbolPrototype(cx, cx->global());
4739 break;
4740 case ValueType::BigInt:
4741 proto = GlobalObject::getOrCreateBigIntPrototype(cx, cx->global());
4742 break;
4743#ifdef ENABLE_RECORD_TUPLE
4744 case ValueType::ExtendedPrimitive: {
4745 RootedObject obj(cx, &v.toExtendedPrimitive());
4746 RootedId id(cx, NameToId(name));
4747 return ExtendedPrimitiveGetProperty(cx, obj, v, id, vp);
4748 }
4749#endif
4750 case ValueType::Undefined:
4751 case ValueType::Null:
4752 case ValueType::Magic:
4753 case ValueType::PrivateGCThing:
4754 case ValueType::Object:
4755 MOZ_CRASH("unexpected type")do { do { } while (false); MOZ_ReportCrash("" "unexpected type"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4755); AnnotateMozCrashReason("MOZ_CRASH(" "unexpected type"
")"); do { *((volatile int*)__null) = 4755; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
4756 }
4757
4758 if (!proto) {
4759 return false;
4760 }
4761
4762 if (GetPropertyPure(cx, proto, NameToId(name), vp.address())) {
4763 return true;
4764 }
4765 }
4766
4767 RootedValue receiver(cx, v);
4768 RootedObject obj(
4769 cx, ToObjectFromStackForPropertyAccess(cx, v, JSDVG_SEARCH_STACK1, name));
4770 if (!obj) {
4771 return false;
4772 }
4773
4774 return GetProperty(cx, obj, receiver, name, vp);
4775}
4776
4777JSObject* js::Lambda(JSContext* cx, HandleFunction fun, HandleObject parent) {
4778 JSFunction* clone;
4779 if (fun->isNativeFun()) {
4780 MOZ_ASSERT(IsAsmJSModule(fun))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsAsmJSModule(fun))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(IsAsmJSModule(fun)))), 0))) {
do { } while (false); MOZ_ReportAssertionFailure("IsAsmJSModule(fun)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4780); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsAsmJSModule(fun)"
")"); do { *((volatile int*)__null) = 4780; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4781 clone = CloneAsmJSModuleFunction(cx, fun);
4782 } else {
4783 RootedObject proto(cx, fun->staticPrototype());
4784 clone = CloneFunctionReuseScript(cx, fun, parent, proto);
4785 }
4786 if (!clone) {
4787 return nullptr;
4788 }
4789
4790 MOZ_ASSERT(fun->global() == clone->global())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(fun->global() == clone->global())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(fun->global() == clone->global()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("fun->global() == clone->global()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 4790); AnnotateMozCrashReason("MOZ_ASSERT" "(" "fun->global() == clone->global()"
")"); do { *((volatile int*)__null) = 4790; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
4791 return clone;
4792}
4793
4794JSObject* js::BindVarOperation(JSContext* cx, JSObject* envChain) {
4795 // Note: BindVarOperation has an unused cx argument because the JIT callVM
4796 // machinery requires this.
4797 return &GetVariablesObject(envChain);
4798}
4799
4800JSObject* js::ImportMetaOperation(JSContext* cx, HandleScript script) {
4801 RootedObject module(cx, GetModuleObjectForScript(script));
4802 return GetOrCreateModuleMetaObject(cx, module);
4803}
4804
4805JSObject* js::BuiltinObjectOperation(JSContext* cx, BuiltinObjectKind kind) {
4806 return GetOrCreateBuiltinObject(cx, kind);
4807}
4808
4809bool js::ThrowMsgOperation(JSContext* cx, const unsigned throwMsgKind) {
4810 auto errorNum = ThrowMsgKindToErrNum(ThrowMsgKind(throwMsgKind));
4811 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, errorNum);
4812 return false;
4813}
4814
4815bool js::GetAndClearExceptionAndStack(JSContext* cx, MutableHandleValue res,
4816 MutableHandle<SavedFrame*> stack) {
4817 if (!cx->getPendingException(res)) {
4818 return false;
4819 }
4820 stack.set(cx->getPendingExceptionStack());
4821 cx->clearPendingException();
4822
4823 // Allow interrupting deeply nested exception handling.
4824 return CheckForInterrupt(cx);
4825}
4826
4827bool js::GetAndClearException(JSContext* cx, MutableHandleValue res) {
4828 Rooted<SavedFrame*> stack(cx);
4829 return GetAndClearExceptionAndStack(cx, res, &stack);
4830}
4831
4832template <bool strict>
4833bool js::DelPropOperation(JSContext* cx, HandleValue val,
4834 Handle<PropertyName*> name, bool* res) {
4835 const int valIndex = -1;
4836 RootedObject obj(cx,
4837 ToObjectFromStackForPropertyAccess(cx, val, valIndex, name));
4838 if (!obj) {
4839 return false;
4840 }
4841
4842 RootedId id(cx, NameToId(name));
4843 ObjectOpResult result;
4844 if (!DeleteProperty(cx, obj, id, result)) {
4845 return false;
4846 }
4847
4848 if (strict) {
4849 if (!result) {
4850 return result.reportError(cx, obj, id);
4851 }
4852 *res = true;
4853 } else {
4854 *res = result.ok();
4855 }
4856 return true;
4857}
4858
4859template bool js::DelPropOperation<true>(JSContext* cx, HandleValue val,
4860 Handle<PropertyName*> name, bool* res);
4861template bool js::DelPropOperation<false>(JSContext* cx, HandleValue val,
4862 Handle<PropertyName*> name,
4863 bool* res);
4864
4865template <bool strict>
4866bool js::DelElemOperation(JSContext* cx, HandleValue val, HandleValue index,
4867 bool* res) {
4868 const int valIndex = -2;
4869 RootedObject obj(
4870 cx, ToObjectFromStackForPropertyAccess(cx, val, valIndex, index));
4871 if (!obj) {
4872 return false;
4873 }
4874
4875 RootedId id(cx);
4876 if (!ToPropertyKey(cx, index, &id)) {
4877 return false;
4878 }
4879 ObjectOpResult result;
4880 if (!DeleteProperty(cx, obj, id, result)) {
4881 return false;
4882 }
4883
4884 if (strict) {
4885 if (!result) {
4886 return result.reportError(cx, obj, id);
4887 }
4888 *res = true;
4889 } else {
4890 *res = result.ok();
4891 }
4892 return true;
4893}
4894
4895template bool js::DelElemOperation<true>(JSContext*, HandleValue, HandleValue,
4896 bool*);
4897template bool js::DelElemOperation<false>(JSContext*, HandleValue, HandleValue,
4898 bool*);
4899
4900bool js::SetObjectElement(JSContext* cx, HandleObject obj, HandleValue index,
4901 HandleValue value, bool strict) {
4902 RootedId id(cx);
4903 if (!ToPropertyKey(cx, index, &id)) {
4904 return false;
4905 }
4906 RootedValue receiver(cx, ObjectValue(*obj));
4907 return SetObjectElementOperation(cx, obj, id, value, receiver, strict);
4908}
4909
4910bool js::SetObjectElementWithReceiver(JSContext* cx, HandleObject obj,
4911 HandleValue index, HandleValue value,
4912 HandleValue receiver, bool strict) {
4913 RootedId id(cx);
4914 if (!ToPropertyKey(cx, index, &id)) {
4915 return false;
4916 }
4917 return SetObjectElementOperation(cx, obj, id, value, receiver, strict);
4918}
4919
4920bool js::AddValues(JSContext* cx, MutableHandleValue lhs,
4921 MutableHandleValue rhs, MutableHandleValue res) {
4922 return AddOperation(cx, lhs, rhs, res);
4923}
4924
4925bool js::SubValues(JSContext* cx, MutableHandleValue lhs,
4926 MutableHandleValue rhs, MutableHandleValue res) {
4927 return SubOperation(cx, lhs, rhs, res);
4928}
4929
4930bool js::MulValues(JSContext* cx, MutableHandleValue lhs,
4931 MutableHandleValue rhs, MutableHandleValue res) {
4932 return MulOperation(cx, lhs, rhs, res);
4933}
4934
4935bool js::DivValues(JSContext* cx, MutableHandleValue lhs,
4936 MutableHandleValue rhs, MutableHandleValue res) {
4937 return DivOperation(cx, lhs, rhs, res);
4938}
4939
4940bool js::ModValues(JSContext* cx, MutableHandleValue lhs,
4941 MutableHandleValue rhs, MutableHandleValue res) {
4942 return ModOperation(cx, lhs, rhs, res);
4943}
4944
4945bool js::PowValues(JSContext* cx, MutableHandleValue lhs,
4946 MutableHandleValue rhs, MutableHandleValue res) {
4947 return PowOperation(cx, lhs, rhs, res);
4948}
4949
4950bool js::BitNot(JSContext* cx, MutableHandleValue in, MutableHandleValue res) {
4951 return BitNotOperation(cx, in, res);
4952}
4953
4954bool js::BitXor(JSContext* cx, MutableHandleValue lhs, MutableHandleValue rhs,
4955 MutableHandleValue res) {
4956 return BitXorOperation(cx, lhs, rhs, res);
4957}
4958
4959bool js::BitOr(JSContext* cx, MutableHandleValue lhs, MutableHandleValue rhs,
4960 MutableHandleValue res) {
4961 return BitOrOperation(cx, lhs, rhs, res);
4962}
4963
4964bool js::BitAnd(JSContext* cx, MutableHandleValue lhs, MutableHandleValue rhs,
4965 MutableHandleValue res) {
4966 return BitAndOperation(cx, lhs, rhs, res);
4967}
4968
4969bool js::BitLsh(JSContext* cx, MutableHandleValue lhs, MutableHandleValue rhs,
4970 MutableHandleValue res) {
4971 return BitLshOperation(cx, lhs, rhs, res);
4972}
4973
4974bool js::BitRsh(JSContext* cx, MutableHandleValue lhs, MutableHandleValue rhs,
4975 MutableHandleValue res) {
4976 return BitRshOperation(cx, lhs, rhs, res);
4977}
4978
4979bool js::UrshValues(JSContext* cx, MutableHandleValue lhs,
4980 MutableHandleValue rhs, MutableHandleValue res) {
4981 return UrshOperation(cx, lhs, rhs, res);
4982}
4983
4984bool js::LessThan(JSContext* cx, MutableHandleValue lhs, MutableHandleValue rhs,
4985 bool* res) {
4986 return LessThanOperation(cx, lhs, rhs, res);
4987}
4988
4989bool js::LessThanOrEqual(JSContext* cx, MutableHandleValue lhs,
4990 MutableHandleValue rhs, bool* res) {
4991 return LessThanOrEqualOperation(cx, lhs, rhs, res);
4992}
4993
4994bool js::GreaterThan(JSContext* cx, MutableHandleValue lhs,
4995 MutableHandleValue rhs, bool* res) {
4996 return GreaterThanOperation(cx, lhs, rhs, res);
4997}
4998
4999bool js::GreaterThanOrEqual(JSContext* cx, MutableHandleValue lhs,
5000 MutableHandleValue rhs, bool* res) {
5001 return GreaterThanOrEqualOperation(cx, lhs, rhs, res);
5002}
5003
5004bool js::DeleteNameOperation(JSContext* cx, Handle<PropertyName*> name,
5005 HandleObject envChain, MutableHandleValue res) {
5006 RootedObject env(cx), pobj(cx);
5007 PropertyResult prop;
5008 if (!LookupName(cx, name, envChain, &env, &pobj, &prop)) {
5009 return false;
5010 }
5011
5012 if (!env) {
5013 // Return true for non-existent names.
5014 res.setBoolean(true);
5015 return true;
5016 }
5017
5018 ObjectOpResult result;
5019 RootedId id(cx, NameToId(name));
5020 if (!DeleteProperty(cx, env, id, result)) {
5021 return false;
5022 }
5023
5024 bool status = result.ok();
5025 res.setBoolean(status);
5026
5027 return true;
5028}
5029
5030void js::ImplicitThisOperation(JSContext* cx, HandleObject env,
5031 MutableHandleValue res) {
5032 // Note: ImplicitThisOperation has an unused cx argument because the JIT
5033 // callVM machinery requires this.
5034 res.set(ComputeImplicitThis(env));
5035}
5036
5037unsigned js::GetInitDataPropAttrs(JSOp op) {
5038 switch (op) {
5039 case JSOp::InitProp:
5040 case JSOp::InitElem:
5041 return JSPROP_ENUMERATE;
5042 case JSOp::InitLockedProp:
5043 case JSOp::InitLockedElem:
5044 return JSPROP_PERMANENT | JSPROP_READONLY;
5045 case JSOp::InitHiddenProp:
5046 case JSOp::InitHiddenElem:
5047 // Non-enumerable, but writable and configurable
5048 return 0;
5049 default:;
5050 }
5051 MOZ_CRASH("Unknown data initprop")do { do { } while (false); MOZ_ReportCrash("" "Unknown data initprop"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5051); AnnotateMozCrashReason("MOZ_CRASH(" "Unknown data initprop"
")"); do { *((volatile int*)__null) = 5051; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
5052}
5053
5054static bool InitGetterSetterOperation(JSContext* cx, jsbytecode* pc,
5055 HandleObject obj, HandleId id,
5056 HandleObject val) {
5057 MOZ_ASSERT(val->isCallable())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(val->isCallable())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(val->isCallable()))), 0))
) { do { } while (false); MOZ_ReportAssertionFailure("val->isCallable()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5057); AnnotateMozCrashReason("MOZ_ASSERT" "(" "val->isCallable()"
")"); do { *((volatile int*)__null) = 5057; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5058
5059 JSOp op = JSOp(*pc);
5060
5061 unsigned attrs = 0;
5062 if (!IsHiddenInitOp(op)) {
5063 attrs |= JSPROP_ENUMERATE;
5064 }
5065
5066 if (op == JSOp::InitPropGetter || op == JSOp::InitElemGetter ||
5067 op == JSOp::InitHiddenPropGetter || op == JSOp::InitHiddenElemGetter) {
5068 return DefineAccessorProperty(cx, obj, id, val, nullptr, attrs);
5069 }
5070
5071 MOZ_ASSERT(op == JSOp::InitPropSetter || op == JSOp::InitElemSetter ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(op == JSOp::InitPropSetter || op == JSOp::InitElemSetter
|| op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(op == JSOp::InitPropSetter || op == JSOp::InitElemSetter
|| op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"op == JSOp::InitPropSetter || op == JSOp::InitElemSetter || op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5073); AnnotateMozCrashReason("MOZ_ASSERT" "(" "op == JSOp::InitPropSetter || op == JSOp::InitElemSetter || op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter"
")"); do { *((volatile int*)__null) = 5073; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
5072 op == JSOp::InitHiddenPropSetter ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(op == JSOp::InitPropSetter || op == JSOp::InitElemSetter
|| op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(op == JSOp::InitPropSetter || op == JSOp::InitElemSetter
|| op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"op == JSOp::InitPropSetter || op == JSOp::InitElemSetter || op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5073); AnnotateMozCrashReason("MOZ_ASSERT" "(" "op == JSOp::InitPropSetter || op == JSOp::InitElemSetter || op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter"
")"); do { *((volatile int*)__null) = 5073; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
5073 op == JSOp::InitHiddenElemSetter)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(op == JSOp::InitPropSetter || op == JSOp::InitElemSetter
|| op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(op == JSOp::InitPropSetter || op == JSOp::InitElemSetter
|| op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"op == JSOp::InitPropSetter || op == JSOp::InitElemSetter || op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5073); AnnotateMozCrashReason("MOZ_ASSERT" "(" "op == JSOp::InitPropSetter || op == JSOp::InitElemSetter || op == JSOp::InitHiddenPropSetter || op == JSOp::InitHiddenElemSetter"
")"); do { *((volatile int*)__null) = 5073; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5074 return DefineAccessorProperty(cx, obj, id, nullptr, val, attrs);
5075}
5076
5077bool js::InitPropGetterSetterOperation(JSContext* cx, jsbytecode* pc,
5078 HandleObject obj,
5079 Handle<PropertyName*> name,
5080 HandleObject val) {
5081 RootedId id(cx, NameToId(name));
5082 return InitGetterSetterOperation(cx, pc, obj, id, val);
5083}
5084
5085bool js::InitElemGetterSetterOperation(JSContext* cx, jsbytecode* pc,
5086 HandleObject obj, HandleValue idval,
5087 HandleObject val) {
5088 RootedId id(cx);
5089 if (!ToPropertyKey(cx, idval, &id)) {
5090 return false;
5091 }
5092
5093 return InitGetterSetterOperation(cx, pc, obj, id, val);
5094}
5095
5096bool js::SpreadCallOperation(JSContext* cx, HandleScript script, jsbytecode* pc,
5097 HandleValue thisv, HandleValue callee,
5098 HandleValue arr, HandleValue newTarget,
5099 MutableHandleValue res) {
5100 Rooted<ArrayObject*> aobj(cx, &arr.toObject().as<ArrayObject>());
5101 uint32_t length = aobj->length();
5102 JSOp op = JSOp(*pc);
5103 bool constructing = op == JSOp::SpreadNew || op == JSOp::SpreadSuperCall;
5104
5105 // {Construct,Invoke}Args::init does this too, but this gives us a better
5106 // error message.
5107 if (length > ARGS_LENGTH_MAX) {
5108 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
5109 constructing ? JSMSG_TOO_MANY_CON_SPREADARGS
5110 : JSMSG_TOO_MANY_FUN_SPREADARGS);
5111 return false;
5112 }
5113
5114 // Do our own checks for the callee being a function, as Invoke uses the
5115 // expression decompiler to decompile the callee stack operand based on
5116 // the number of arguments. Spread operations have the callee at sp - 3
5117 // when not constructing, and sp - 4 when constructing.
5118 if (callee.isPrimitive()) {
5119 return ReportIsNotFunction(cx, callee, 2 + constructing,
5120 constructing ? CONSTRUCT : NO_CONSTRUCT);
5121 }
5122
5123 if (!callee.toObject().isCallable()) {
5124 return ReportIsNotFunction(cx, callee, 2 + constructing,
5125 constructing ? CONSTRUCT : NO_CONSTRUCT);
5126 }
5127
5128 // The object must be an array with dense elements and no holes. Baseline's
5129 // optimized spread call stubs rely on this.
5130 MOZ_ASSERT(IsPackedArray(aobj))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsPackedArray(aobj))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(IsPackedArray(aobj)))), 0)))
{ do { } while (false); MOZ_ReportAssertionFailure("IsPackedArray(aobj)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5130); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsPackedArray(aobj)"
")"); do { *((volatile int*)__null) = 5130; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5131
5132 if (constructing) {
5133 if (!StackCheckIsConstructorCalleeNewTarget(cx, callee, newTarget)) {
5134 return false;
5135 }
5136
5137 ConstructArgs cargs(cx);
5138 if (!cargs.init(cx, length)) {
5139 return false;
5140 }
5141
5142 if (!GetElements(cx, aobj, length, cargs.array())) {
5143 return false;
5144 }
5145
5146 RootedObject obj(cx);
5147 if (!Construct(cx, callee, cargs, newTarget, &obj)) {
5148 return false;
5149 }
5150 res.setObject(*obj);
5151 } else {
5152 InvokeArgs args(cx);
5153 if (!args.init(cx, length)) {
5154 return false;
5155 }
5156
5157 if (!GetElements(cx, aobj, length, args.array())) {
5158 return false;
5159 }
5160
5161 if ((op == JSOp::SpreadEval || op == JSOp::StrictSpreadEval) &&
5162 cx->global()->valueIsEval(callee)) {
5163 if (!DirectEval(cx, args.get(0), res)) {
5164 return false;
5165 }
5166 } else {
5167 MOZ_ASSERT(op == JSOp::SpreadCall || op == JSOp::SpreadEval ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(op == JSOp::SpreadCall || op == JSOp::SpreadEval || op
== JSOp::StrictSpreadEval)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(op == JSOp::SpreadCall || op
== JSOp::SpreadEval || op == JSOp::StrictSpreadEval))), 0)))
{ do { } while (false); MOZ_ReportAssertionFailure("op == JSOp::SpreadCall || op == JSOp::SpreadEval || op == JSOp::StrictSpreadEval"
" (" "bad spread opcode" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5169); AnnotateMozCrashReason("MOZ_ASSERT" "(" "op == JSOp::SpreadCall || op == JSOp::SpreadEval || op == JSOp::StrictSpreadEval"
") (" "bad spread opcode" ")"); do { *((volatile int*)__null
) = 5169; __attribute__((nomerge)) ::abort(); } while (false)
; } } while (false)
5168 op == JSOp::StrictSpreadEval,do { static_assert( mozilla::detail::AssertionConditionType<
decltype(op == JSOp::SpreadCall || op == JSOp::SpreadEval || op
== JSOp::StrictSpreadEval)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(op == JSOp::SpreadCall || op
== JSOp::SpreadEval || op == JSOp::StrictSpreadEval))), 0)))
{ do { } while (false); MOZ_ReportAssertionFailure("op == JSOp::SpreadCall || op == JSOp::SpreadEval || op == JSOp::StrictSpreadEval"
" (" "bad spread opcode" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5169); AnnotateMozCrashReason("MOZ_ASSERT" "(" "op == JSOp::SpreadCall || op == JSOp::SpreadEval || op == JSOp::StrictSpreadEval"
") (" "bad spread opcode" ")"); do { *((volatile int*)__null
) = 5169; __attribute__((nomerge)) ::abort(); } while (false)
; } } while (false)
5169 "bad spread opcode")do { static_assert( mozilla::detail::AssertionConditionType<
decltype(op == JSOp::SpreadCall || op == JSOp::SpreadEval || op
== JSOp::StrictSpreadEval)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(op == JSOp::SpreadCall || op
== JSOp::SpreadEval || op == JSOp::StrictSpreadEval))), 0)))
{ do { } while (false); MOZ_ReportAssertionFailure("op == JSOp::SpreadCall || op == JSOp::SpreadEval || op == JSOp::StrictSpreadEval"
" (" "bad spread opcode" ")", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5169); AnnotateMozCrashReason("MOZ_ASSERT" "(" "op == JSOp::SpreadCall || op == JSOp::SpreadEval || op == JSOp::StrictSpreadEval"
") (" "bad spread opcode" ")"); do { *((volatile int*)__null
) = 5169; __attribute__((nomerge)) ::abort(); } while (false)
; } } while (false);
5170
5171 if (!Call(cx, callee, thisv, args, res)) {
5172 return false;
5173 }
5174 }
5175 }
5176
5177 return true;
5178}
5179
5180static bool OptimizeArrayIteration(JSContext* cx, HandleObject obj,
5181 bool* optimized) {
5182 *optimized = false;
5183
5184 // Optimize spread call by skipping spread operation when following
5185 // conditions are met:
5186 // * the argument is an array
5187 // * the array has no hole
5188 // * array[@@iterator] is not modified
5189 // * the array's prototype is Array.prototype
5190 // * Array.prototype[@@iterator] is not modified
5191 // * %ArrayIteratorPrototype%.next is not modified
5192 // * %ArrayIteratorPrototype%.return is not defined
5193 // * return is nowhere on the proto chain
5194 if (!IsPackedArray(obj)) {
5195 return true;
5196 }
5197
5198 ForOfPIC::Chain* stubChain = ForOfPIC::getOrCreate(cx);
5199 if (!stubChain) {
5200 return false;
5201 }
5202
5203 if (!stubChain->tryOptimizeArray(cx, obj.as<ArrayObject>(), optimized)) {
5204 return false;
5205 }
5206
5207 return true;
5208}
5209
5210static bool OptimizeArgumentsSpreadCall(JSContext* cx, HandleObject obj,
5211 MutableHandleValue result) {
5212 MOZ_ASSERT(result.isUndefined())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(result.isUndefined())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(result.isUndefined()))), 0))
) { do { } while (false); MOZ_ReportAssertionFailure("result.isUndefined()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5212); AnnotateMozCrashReason("MOZ_ASSERT" "(" "result.isUndefined()"
")"); do { *((volatile int*)__null) = 5212; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5213
5214 // Optimize spread call by skipping the spread operation when the following
5215 // conditions are met:
5216 // * the argument is an arguments object
5217 // * the arguments object has no deleted elements
5218 // * arguments.length is not overridden
5219 // * arguments[@@iterator] is not overridden
5220 // * %ArrayIteratorPrototype%.next is not modified
5221
5222 if (!obj->is<ArgumentsObject>()) {
5223 return true;
5224 }
5225
5226 Handle<ArgumentsObject*> args = obj.as<ArgumentsObject>();
5227 if (args->hasOverriddenElement() || args->hasOverriddenLength() ||
5228 args->hasOverriddenIterator()) {
5229 return true;
5230 }
5231
5232 ForOfPIC::Chain* stubChain = ForOfPIC::getOrCreate(cx);
5233 if (!stubChain) {
5234 return false;
5235 }
5236
5237 bool optimized;
5238 if (!stubChain->tryOptimizeArrayIteratorNext(cx, &optimized)) {
5239 return false;
5240 }
5241 if (!optimized) {
5242 return true;
5243 }
5244
5245 auto* array = ArrayFromArgumentsObject(cx, args);
5246 if (!array) {
5247 return false;
5248 }
5249
5250 result.setObject(*array);
5251 return true;
5252}
5253
5254bool js::OptimizeSpreadCall(JSContext* cx, HandleValue arg,
5255 MutableHandleValue result) {
5256 // This function returns |undefined| if the spread operation can't be
5257 // optimized.
5258 result.setUndefined();
5259
5260 if (!arg.isObject()) {
5261 return true;
5262 }
5263
5264 RootedObject obj(cx, &arg.toObject());
5265 bool optimized;
5266 if (!OptimizeArrayIteration(cx, obj, &optimized)) {
5267 return false;
5268 }
5269 if (optimized) {
5270 result.setObject(*obj);
5271 return true;
5272 }
5273
5274 if (!OptimizeArgumentsSpreadCall(cx, obj, result)) {
5275 return false;
5276 }
5277 if (result.isObject()) {
5278 return true;
5279 }
5280
5281 MOZ_ASSERT(result.isUndefined())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(result.isUndefined())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(result.isUndefined()))), 0))
) { do { } while (false); MOZ_ReportAssertionFailure("result.isUndefined()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5281); AnnotateMozCrashReason("MOZ_ASSERT" "(" "result.isUndefined()"
")"); do { *((volatile int*)__null) = 5281; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5282 return true;
5283}
5284
5285bool js::OptimizeGetIterator(JSContext* cx, HandleValue arg, bool* result) {
5286 // This function returns |false| if the iteration can't be optimized.
5287 *result = false;
5288
5289 if (!arg.isObject()) {
5290 return true;
5291 }
5292
5293 RootedObject obj(cx, &arg.toObject());
5294
5295 bool optimized;
5296 if (!OptimizeArrayIteration(cx, obj, &optimized)) {
5297 return false;
5298 }
5299
5300 if (optimized) {
5301 *result = true;
5302 return true;
5303 }
5304
5305 MOZ_ASSERT(!*result)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!*result)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!*result))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("!*result", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5305); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!*result" ")"
); do { *((volatile int*)__null) = 5305; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5306 return true;
5307}
5308
5309ArrayObject* js::ArrayFromArgumentsObject(JSContext* cx,
5310 Handle<ArgumentsObject*> args) {
5311 MOZ_ASSERT(!args->hasOverriddenLength())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!args->hasOverriddenLength())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!args->hasOverriddenLength
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!args->hasOverriddenLength()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5311); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!args->hasOverriddenLength()"
")"); do { *((volatile int*)__null) = 5311; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5312 MOZ_ASSERT(!args->hasOverriddenElement())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!args->hasOverriddenElement())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!args->hasOverriddenElement
()))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("!args->hasOverriddenElement()", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5312); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!args->hasOverriddenElement()"
")"); do { *((volatile int*)__null) = 5312; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5313
5314 uint32_t length = args->initialLength();
5315 auto* array = NewDenseFullyAllocatedArray(cx, length);
5316 if (!array) {
5317 return nullptr;
5318 }
5319 array->setDenseInitializedLength(length);
5320
5321 for (uint32_t index = 0; index < length; index++) {
5322 const Value& v = args->element(index);
5323 array->initDenseElement(index, v);
5324 }
5325
5326 return array;
5327}
5328
5329JSObject* js::NewObjectOperation(JSContext* cx, HandleScript script,
5330 const jsbytecode* pc) {
5331 if (JSOp(*pc) == JSOp::NewObject) {
5332 Rooted<SharedShape*> shape(cx, script->getShape(pc));
5333 return PlainObject::createWithShape(cx, shape);
5334 }
5335
5336 MOZ_ASSERT(JSOp(*pc) == JSOp::NewInit)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(JSOp(*pc) == JSOp::NewInit)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(JSOp(*pc) == JSOp::NewInit))
), 0))) { do { } while (false); MOZ_ReportAssertionFailure("JSOp(*pc) == JSOp::NewInit"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5336); AnnotateMozCrashReason("MOZ_ASSERT" "(" "JSOp(*pc) == JSOp::NewInit"
")"); do { *((volatile int*)__null) = 5336; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5337 return NewPlainObject(cx);
5338}
5339
5340JSObject* js::NewPlainObjectBaselineFallback(JSContext* cx,
5341 Handle<SharedShape*> shape,
5342 gc::AllocKind allocKind,
5343 gc::AllocSite* site) {
5344 MOZ_ASSERT(shape->getObjectClass() == &PlainObject::class_)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(shape->getObjectClass() == &PlainObject::class_
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(shape->getObjectClass() == &PlainObject::class_
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"shape->getObjectClass() == &PlainObject::class_", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5344); AnnotateMozCrashReason("MOZ_ASSERT" "(" "shape->getObjectClass() == &PlainObject::class_"
")"); do { *((volatile int*)__null) = 5344; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5345
5346 mozilla::Maybe<AutoRealm> ar;
5347 if (cx->realm() != shape->realm()) {
5348 MOZ_ASSERT(cx->compartment() == shape->compartment())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->compartment() == shape->compartment())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(cx->compartment() == shape->compartment()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("cx->compartment() == shape->compartment()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5348); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->compartment() == shape->compartment()"
")"); do { *((volatile int*)__null) = 5348; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5349 ar.emplace(cx, shape);
5350 }
5351
5352 gc::Heap initialHeap = site->initialHeap();
5353 return NativeObject::create<PlainObject>(cx, allocKind, initialHeap, shape,
5354 site);
5355}
5356
5357JSObject* js::NewPlainObjectOptimizedFallback(JSContext* cx,
5358 Handle<SharedShape*> shape,
5359 gc::AllocKind allocKind,
5360 gc::Heap initialHeap) {
5361 MOZ_ASSERT(shape->getObjectClass() == &PlainObject::class_)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(shape->getObjectClass() == &PlainObject::class_
)>::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(shape->getObjectClass() == &PlainObject::class_
))), 0))) { do { } while (false); MOZ_ReportAssertionFailure(
"shape->getObjectClass() == &PlainObject::class_", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5361); AnnotateMozCrashReason("MOZ_ASSERT" "(" "shape->getObjectClass() == &PlainObject::class_"
")"); do { *((volatile int*)__null) = 5361; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1
Assuming the condition is false
2
Taking false branch
3
Loop condition is false. Exiting loop
5362
5363 mozilla::Maybe<AutoRealm> ar;
4
Calling defaulted default constructor for 'Maybe<js::AutoRealm>'
15
Returning from default constructor for 'Maybe<js::AutoRealm>'
5364 if (cx->realm() != shape->realm()) {
16
Assuming the condition is false
17
Taking false branch
5365 MOZ_ASSERT(cx->compartment() == shape->compartment())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(cx->compartment() == shape->compartment())>
::isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(cx->compartment() == shape->compartment()))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("cx->compartment() == shape->compartment()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5365); AnnotateMozCrashReason("MOZ_ASSERT" "(" "cx->compartment() == shape->compartment()"
")"); do { *((volatile int*)__null) = 5365; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5366 ar.emplace(cx, shape);
5367 }
5368
5369 gc::AllocSite* site = cx->zone()->optimizedAllocSite();
5370 return NativeObject::create<PlainObject>(cx, allocKind, initialHeap, shape,
5371 site);
18
Calling implicit destructor for 'Maybe<js::AutoRealm>'
19
Calling '~MaybeStorage'
5372}
5373
5374ArrayObject* js::NewArrayOperation(
5375 JSContext* cx, uint32_t length,
5376 NewObjectKind newKind /* = GenericObject */) {
5377 return NewDenseFullyAllocatedArray(cx, length, newKind);
5378}
5379
5380ArrayObject* js::NewArrayObjectBaselineFallback(JSContext* cx, uint32_t length,
5381 gc::AllocKind allocKind,
5382 gc::AllocSite* site) {
5383 NewObjectKind newKind =
5384 site->initialHeap() == gc::Heap::Tenured ? TenuredObject : GenericObject;
5385 ArrayObject* array = NewDenseFullyAllocatedArray(cx, length, newKind, site);
5386 // It's important that we allocate an object with the alloc kind we were
5387 // expecting so that a new arena gets allocated if the current arena for that
5388 // kind is full.
5389 MOZ_ASSERT_IF(array && array->isTenured(),do { if (array && array->isTenured()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(array->
asTenured().getAllocKind() == allocKind)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(array->asTenured().getAllocKind
() == allocKind))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("array->asTenured().getAllocKind() == allocKind", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5390); AnnotateMozCrashReason("MOZ_ASSERT" "(" "array->asTenured().getAllocKind() == allocKind"
")"); do { *((volatile int*)__null) = 5390; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
5390 array->asTenured().getAllocKind() == allocKind)do { if (array && array->isTenured()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(array->
asTenured().getAllocKind() == allocKind)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(array->asTenured().getAllocKind
() == allocKind))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("array->asTenured().getAllocKind() == allocKind", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5390); AnnotateMozCrashReason("MOZ_ASSERT" "(" "array->asTenured().getAllocKind() == allocKind"
")"); do { *((volatile int*)__null) = 5390; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
5391 return array;
5392}
5393
5394ArrayObject* js::NewArrayObjectOptimizedFallback(JSContext* cx, uint32_t length,
5395 gc::AllocKind allocKind,
5396 NewObjectKind newKind) {
5397 gc::AllocSite* site = cx->zone()->optimizedAllocSite();
5398 ArrayObject* array = NewDenseFullyAllocatedArray(cx, length, newKind, site);
5399 // It's important that we allocate an object with the alloc kind we were
5400 // expecting so that a new arena gets allocated if the current arena for that
5401 // kind is full.
5402 MOZ_ASSERT_IF(array && array->isTenured(),do { if (array && array->isTenured()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(array->
asTenured().getAllocKind() == allocKind)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(array->asTenured().getAllocKind
() == allocKind))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("array->asTenured().getAllocKind() == allocKind", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5403); AnnotateMozCrashReason("MOZ_ASSERT" "(" "array->asTenured().getAllocKind() == allocKind"
")"); do { *((volatile int*)__null) = 5403; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false)
5403 array->asTenured().getAllocKind() == allocKind)do { if (array && array->isTenured()) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(array->
asTenured().getAllocKind() == allocKind)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(array->asTenured().getAllocKind
() == allocKind))), 0))) { do { } while (false); MOZ_ReportAssertionFailure
("array->asTenured().getAllocKind() == allocKind", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5403); AnnotateMozCrashReason("MOZ_ASSERT" "(" "array->asTenured().getAllocKind() == allocKind"
")"); do { *((volatile int*)__null) = 5403; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
5404 return array;
5405}
5406
5407void js::ReportRuntimeLexicalError(JSContext* cx, unsigned errorNumber,
5408 HandleId id) {
5409 MOZ_ASSERT(errorNumber == JSMSG_UNINITIALIZED_LEXICAL ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(errorNumber == JSMSG_UNINITIALIZED_LEXICAL || errorNumber
== JSMSG_BAD_CONST_ASSIGN)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(errorNumber == JSMSG_UNINITIALIZED_LEXICAL
|| errorNumber == JSMSG_BAD_CONST_ASSIGN))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("errorNumber == JSMSG_UNINITIALIZED_LEXICAL || errorNumber == JSMSG_BAD_CONST_ASSIGN"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5410); AnnotateMozCrashReason("MOZ_ASSERT" "(" "errorNumber == JSMSG_UNINITIALIZED_LEXICAL || errorNumber == JSMSG_BAD_CONST_ASSIGN"
")"); do { *((volatile int*)__null) = 5410; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
5410 errorNumber == JSMSG_BAD_CONST_ASSIGN)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(errorNumber == JSMSG_UNINITIALIZED_LEXICAL || errorNumber
== JSMSG_BAD_CONST_ASSIGN)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(errorNumber == JSMSG_UNINITIALIZED_LEXICAL
|| errorNumber == JSMSG_BAD_CONST_ASSIGN))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("errorNumber == JSMSG_UNINITIALIZED_LEXICAL || errorNumber == JSMSG_BAD_CONST_ASSIGN"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5410); AnnotateMozCrashReason("MOZ_ASSERT" "(" "errorNumber == JSMSG_UNINITIALIZED_LEXICAL || errorNumber == JSMSG_BAD_CONST_ASSIGN"
")"); do { *((volatile int*)__null) = 5410; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5411 if (UniqueChars printable =
5412 IdToPrintableUTF8(cx, id, IdToPrintableBehavior::IdIsIdentifier)) {
5413 JS_ReportErrorNumberUTF8(cx, GetErrorMessage, nullptr, errorNumber,
5414 printable.get());
5415 }
5416}
5417
5418void js::ReportRuntimeLexicalError(JSContext* cx, unsigned errorNumber,
5419 Handle<PropertyName*> name) {
5420 RootedId id(cx, NameToId(name));
5421 ReportRuntimeLexicalError(cx, errorNumber, id);
5422}
5423
5424void js::ReportRuntimeLexicalError(JSContext* cx, unsigned errorNumber,
5425 HandleScript script, jsbytecode* pc) {
5426 JSOp op = JSOp(*pc);
5427 MOZ_ASSERT(op == JSOp::CheckLexical || op == JSOp::CheckAliasedLexical ||do { static_assert( mozilla::detail::AssertionConditionType<
decltype(op == JSOp::CheckLexical || op == JSOp::CheckAliasedLexical
|| op == JSOp::ThrowSetConst || op == JSOp::GetImport)>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(op == JSOp::CheckLexical || op == JSOp::CheckAliasedLexical
|| op == JSOp::ThrowSetConst || op == JSOp::GetImport))), 0)
)) { do { } while (false); MOZ_ReportAssertionFailure("op == JSOp::CheckLexical || op == JSOp::CheckAliasedLexical || op == JSOp::ThrowSetConst || op == JSOp::GetImport"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5428); AnnotateMozCrashReason("MOZ_ASSERT" "(" "op == JSOp::CheckLexical || op == JSOp::CheckAliasedLexical || op == JSOp::ThrowSetConst || op == JSOp::GetImport"
")"); do { *((volatile int*)__null) = 5428; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false)
5428 op == JSOp::ThrowSetConst || op == JSOp::GetImport)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(op == JSOp::CheckLexical || op == JSOp::CheckAliasedLexical
|| op == JSOp::ThrowSetConst || op == JSOp::GetImport)>::
isValid, "invalid assertion condition"); if ((__builtin_expect
(!!(!(!!(op == JSOp::CheckLexical || op == JSOp::CheckAliasedLexical
|| op == JSOp::ThrowSetConst || op == JSOp::GetImport))), 0)
)) { do { } while (false); MOZ_ReportAssertionFailure("op == JSOp::CheckLexical || op == JSOp::CheckAliasedLexical || op == JSOp::ThrowSetConst || op == JSOp::GetImport"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5428); AnnotateMozCrashReason("MOZ_ASSERT" "(" "op == JSOp::CheckLexical || op == JSOp::CheckAliasedLexical || op == JSOp::ThrowSetConst || op == JSOp::GetImport"
")"); do { *((volatile int*)__null) = 5428; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5429
5430 Rooted<PropertyName*> name(cx);
5431 if (IsLocalOp(op)) {
5432 name = FrameSlotName(script, pc)->asPropertyName();
5433 } else if (IsAliasedVarOp(op)) {
5434 name = EnvironmentCoordinateNameSlow(script, pc);
5435 } else {
5436 MOZ_ASSERT(IsAtomOp(op))do { static_assert( mozilla::detail::AssertionConditionType<
decltype(IsAtomOp(op))>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(IsAtomOp(op)))), 0))) { do {
} while (false); MOZ_ReportAssertionFailure("IsAtomOp(op)", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5436); AnnotateMozCrashReason("MOZ_ASSERT" "(" "IsAtomOp(op)"
")"); do { *((volatile int*)__null) = 5436; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5437 name = script->getName(pc);
5438 }
5439
5440 ReportRuntimeLexicalError(cx, errorNumber, name);
5441}
5442
5443bool js::ThrowCheckIsObject(JSContext* cx, CheckIsObjectKind kind) {
5444 switch (kind) {
5445 case CheckIsObjectKind::IteratorNext:
5446 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
5447 JSMSG_ITER_METHOD_RETURNED_PRIMITIVE, "next");
5448 break;
5449 case CheckIsObjectKind::IteratorReturn:
5450 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
5451 JSMSG_ITER_METHOD_RETURNED_PRIMITIVE, "return");
5452 break;
5453 case CheckIsObjectKind::IteratorThrow:
5454 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
5455 JSMSG_ITER_METHOD_RETURNED_PRIMITIVE, "throw");
5456 break;
5457 case CheckIsObjectKind::GetIterator:
5458 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
5459 JSMSG_GET_ITER_RETURNED_PRIMITIVE);
5460 break;
5461 case CheckIsObjectKind::GetAsyncIterator:
5462 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
5463 JSMSG_GET_ASYNC_ITER_RETURNED_PRIMITIVE);
5464 break;
5465#ifdef ENABLE_DECORATORS
5466 case CheckIsObjectKind::DecoratorReturn:
5467 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
5468 JSMSG_DECORATOR_INVALID_RETURN_TYPE);
5469 break;
5470#endif
5471#ifdef ENABLE_EXPLICIT_RESOURCE_MANAGEMENT1
5472 case CheckIsObjectKind::Disposable:
5473 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
5474 JSMSG_DISPOSABLE_NOT_OBJ);
5475 break;
5476#endif
5477 default:
5478 MOZ_CRASH("Unknown kind")do { do { } while (false); MOZ_ReportCrash("" "Unknown kind",
"/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5478); AnnotateMozCrashReason("MOZ_CRASH(" "Unknown kind" ")"
); do { *((volatile int*)__null) = 5478; __attribute__((nomerge
)) ::abort(); } while (false); } while (false);
5479 }
5480 return false;
5481}
5482
5483bool js::ThrowUninitializedThis(JSContext* cx) {
5484 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
5485 JSMSG_UNINITIALIZED_THIS);
5486 return false;
5487}
5488
5489bool js::ThrowInitializedThis(JSContext* cx) {
5490 JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_REINIT_THIS);
5491 return false;
5492}
5493
5494bool js::ThrowObjectCoercible(JSContext* cx, HandleValue value) {
5495 MOZ_ASSERT(value.isNullOrUndefined())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(value.isNullOrUndefined())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(value.isNullOrUndefined())))
, 0))) { do { } while (false); MOZ_ReportAssertionFailure("value.isNullOrUndefined()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5495); AnnotateMozCrashReason("MOZ_ASSERT" "(" "value.isNullOrUndefined()"
")"); do { *((volatile int*)__null) = 5495; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5496 ReportIsNullOrUndefinedForPropertyAccess(cx, value, JSDVG_SEARCH_STACK1);
5497 return false;
5498}
5499
5500bool js::SetPropertySuper(JSContext* cx, HandleValue lval, HandleValue receiver,
5501 Handle<PropertyName*> name, HandleValue rval,
5502 bool strict) {
5503 MOZ_ASSERT(lval.isObjectOrNull())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(lval.isObjectOrNull())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(lval.isObjectOrNull()))), 0)
)) { do { } while (false); MOZ_ReportAssertionFailure("lval.isObjectOrNull()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5503); AnnotateMozCrashReason("MOZ_ASSERT" "(" "lval.isObjectOrNull()"
")"); do { *((volatile int*)__null) = 5503; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5504
5505 RootedObject obj(cx, ToObjectFromStackForPropertyAccess(
5506 cx, lval, JSDVG_SEARCH_STACK1, name));
5507 if (!obj) {
5508 return false;
5509 }
5510
5511 RootedId id(cx, NameToId(name));
5512 return SetObjectElementOperation(cx, obj, id, rval, receiver, strict);
5513}
5514
5515bool js::SetElementSuper(JSContext* cx, HandleValue lval, HandleValue receiver,
5516 HandleValue index, HandleValue rval, bool strict) {
5517 MOZ_ASSERT(lval.isObjectOrNull())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(lval.isObjectOrNull())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(lval.isObjectOrNull()))), 0)
)) { do { } while (false); MOZ_ReportAssertionFailure("lval.isObjectOrNull()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5517); AnnotateMozCrashReason("MOZ_ASSERT" "(" "lval.isObjectOrNull()"
")"); do { *((volatile int*)__null) = 5517; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5518
5519 RootedObject obj(cx, ToObjectFromStackForPropertyAccess(
5520 cx, lval, JSDVG_SEARCH_STACK1, index));
5521 if (!obj) {
5522 return false;
5523 }
5524
5525 return SetObjectElementWithReceiver(cx, obj, index, rval, receiver, strict);
5526}
5527
5528bool js::LoadAliasedDebugVar(JSContext* cx, JSObject* env, jsbytecode* pc,
5529 MutableHandleValue result) {
5530 EnvironmentCoordinate ec(pc);
5531
5532 for (unsigned i = ec.hops(); i; i--) {
5533 if (env->is<EnvironmentObject>()) {
5534 env = &env->as<EnvironmentObject>().enclosingEnvironment();
5535 } else {
5536 MOZ_ASSERT(env->is<DebugEnvironmentProxy>())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(env->is<DebugEnvironmentProxy>())>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(env->is<DebugEnvironmentProxy>()))), 0))) { do { }
while (false); MOZ_ReportAssertionFailure("env->is<DebugEnvironmentProxy>()"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Interpreter.cpp"
, 5536); AnnotateMozCrashReason("MOZ_ASSERT" "(" "env->is<DebugEnvironmentProxy>()"
")"); do { *((volatile int*)__null) = 5536; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
5537 env = &env->as<DebugEnvironmentProxy>().enclosingEnvironment();
5538 }
5539 }
5540
5541 EnvironmentObject& finalEnv =
5542 env->is<EnvironmentObject>()
5543 ? env->as<EnvironmentObject>()
5544 : env->as<DebugEnvironmentProxy>().environment();
5545
5546 result.set(finalEnv.aliasedBinding(ec));
5547 return true;
5548}
5549
5550// https://tc39.es/ecma262/#sec-iteratorclose
5551bool js::CloseIterOperation(JSContext* cx, HandleObject iter,
5552 CompletionKind kind) {
5553 // Steps 1-2 are implicit.
5554
5555 // Step 3
5556 RootedValue returnMethod(cx);
5557 bool innerResult =
5558 GetProperty(cx, iter, iter, cx->names().return_, &returnMethod);
5559
5560 // Step 4
5561 RootedValue result(cx);
5562 if (innerResult) {
5563 // Step 4b
5564 if (returnMethod.isNullOrUndefined()) {
5565 return true;
5566 }
5567 // Step 4c
5568 if (IsCallable(returnMethod)) {
5569 RootedValue thisVal(cx, ObjectValue(*iter));
5570 innerResult = Call(cx, returnMethod, thisVal, &result);
5571 } else {
5572 innerResult = ReportIsNotFunction(cx, returnMethod);
5573 }
5574 }
5575
5576 // Step 5
5577 if (kind == CompletionKind::Throw) {
5578 // If we close an iterator while unwinding for an exception,
5579 // the initial exception takes priority over any exception thrown
5580 // while closing the iterator.
5581 if (cx->isExceptionPending()) {
5582 cx->clearPendingException();
5583 }
5584 return true;
5585 }
5586
5587 // Step 6
5588 if (!innerResult) {
5589 return false;
5590 }
5591
5592 // Step 7
5593 if (!result.isObject()) {
5594 return ThrowCheckIsObject(cx, CheckIsObjectKind::IteratorReturn);
5595 }
5596
5597 // Step 8
5598 return true;
5599}

/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h

1/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2/* vim: set ts=8 sts=2 et sw=2 tw=80: */
3/* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7/* A class for optional values and in-place lazy construction. */
8
9#ifndef mozilla_Maybe_h
10#define mozilla_Maybe_h
11
12#include <functional>
13#include <new> // for placement new
14#include <ostream>
15#include <type_traits>
16#include <utility>
17
18#include "mozilla/Alignment.h"
19#include "mozilla/Assertions.h"
20#include "mozilla/Attributes.h"
21#include "mozilla/MaybeStorageBase.h"
22#include "mozilla/MemoryChecking.h"
23#include "mozilla/OperatorNewExtensions.h"
24#include "mozilla/Poison.h"
25#include "mozilla/ThreadSafety.h"
26
27class nsCycleCollectionTraversalCallback;
28
29template <typename T>
30inline void CycleCollectionNoteChild(
31 nsCycleCollectionTraversalCallback& aCallback, T* aChild, const char* aName,
32 uint32_t aFlags);
33
34namespace mozilla {
35
36struct Nothing {};
37
38inline constexpr bool operator==(const Nothing&, const Nothing&) {
39 return true;
40}
41
42template <class T>
43class Maybe;
44
45namespace detail {
46
47// You would think that poisoning Maybe instances could just be a call
48// to mozWritePoison. Unfortunately, using a simple call to
49// mozWritePoison generates poor code on MSVC for small structures. The
50// generated code contains (always not-taken) branches and does a bunch
51// of setup for `rep stos{l,q}`, even though we know at compile time
52// exactly how many words we're poisoning. Instead, we're going to
53// force MSVC to generate the code we want via recursive templates.
54
55// Write the given poisonValue into p at offset*sizeof(uintptr_t).
56template <size_t offset>
57inline void WritePoisonAtOffset(void* p, const uintptr_t poisonValue) {
58 memcpy(static_cast<char*>(p) + offset * sizeof(poisonValue), &poisonValue,
59 sizeof(poisonValue));
60}
61
62template <size_t Offset, size_t NOffsets>
63struct InlinePoisoner {
64 static void poison(void* p, const uintptr_t poisonValue) {
65 WritePoisonAtOffset<Offset>(p, poisonValue);
66 InlinePoisoner<Offset + 1, NOffsets>::poison(p, poisonValue);
67 }
68};
69
70template <size_t N>
71struct InlinePoisoner<N, N> {
72 static void poison(void*, const uintptr_t) {
73 // All done!
74 }
75};
76
77// We can't generate inline code for large structures, though, because we'll
78// blow out recursive template instantiation limits, and the code would be
79// bloated to boot. So provide a fallback to the out-of-line poisoner.
80template <size_t ObjectSize>
81struct OutOfLinePoisoner {
82 static MOZ_NEVER_INLINE__attribute__((noinline)) void poison(void* p, const uintptr_t) {
83 mozWritePoison(p, ObjectSize);
84 }
85};
86
87template <typename T>
88inline void PoisonObject(T* p) {
89 const uintptr_t POISON = mozPoisonValue();
90 std::conditional_t<(sizeof(T) <= 8 * sizeof(POISON)),
91 InlinePoisoner<0, sizeof(T) / sizeof(POISON)>,
92 OutOfLinePoisoner<sizeof(T)>>::poison(p, POISON);
93}
94
95template <typename T>
96struct MaybePoisoner {
97 static const size_t N = sizeof(T);
98
99 static void poison(void* aPtr) {
100#ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED1
101 if (N >= sizeof(uintptr_t)) {
102 PoisonObject(static_cast<std::remove_cv_t<T>*>(aPtr));
103 }
104#endif
105 MOZ_MAKE_MEM_UNDEFINED(aPtr, N)do { } while (0);
106 }
107};
108
109template <typename T,
110 bool TriviallyDestructibleAndCopyable =
111 IsTriviallyDestructibleAndCopyable<T>,
112 bool Copyable = std::is_copy_constructible_v<T>,
113 bool Movable = std::is_move_constructible_v<T>>
114class Maybe_CopyMove_Enabler;
115
116#define MOZ_MAYBE_COPY_OPS() \
117 Maybe_CopyMove_Enabler(const Maybe_CopyMove_Enabler& aOther) { \
118 if (downcast(aOther).isSome()) { \
119 downcast(*this).emplace(*downcast(aOther)); \
120 } \
121 } \
122 \
123 Maybe_CopyMove_Enabler& operator=(const Maybe_CopyMove_Enabler& aOther) { \
124 return downcast(*this).template operator= <T>(downcast(aOther)); \
125 }
126
127#define MOZ_MAYBE_MOVE_OPS() \
128 constexpr Maybe_CopyMove_Enabler(Maybe_CopyMove_Enabler&& aOther) { \
129 if (downcast(aOther).isSome()) { \
130 downcast(*this).emplace(std::move(*downcast(aOther))); \
131 downcast(aOther).reset(); \
132 } \
133 } \
134 \
135 constexpr Maybe_CopyMove_Enabler& operator=( \
136 Maybe_CopyMove_Enabler&& aOther) { \
137 downcast(*this).template operator= <T>(std::move(downcast(aOther))); \
138 \
139 return *this; \
140 }
141
142#define MOZ_MAYBE_DOWNCAST() \
143 static constexpr Maybe<T>& downcast(Maybe_CopyMove_Enabler& aObj) { \
144 return static_cast<Maybe<T>&>(aObj); \
145 } \
146 static constexpr const Maybe<T>& downcast( \
147 const Maybe_CopyMove_Enabler& aObj) { \
148 return static_cast<const Maybe<T>&>(aObj); \
149 }
150
151template <typename T>
152class Maybe_CopyMove_Enabler<T, true, true, true> {
153 public:
154 Maybe_CopyMove_Enabler() = default;
155
156 Maybe_CopyMove_Enabler(const Maybe_CopyMove_Enabler&) = default;
157 Maybe_CopyMove_Enabler& operator=(const Maybe_CopyMove_Enabler&) = default;
158 constexpr Maybe_CopyMove_Enabler(Maybe_CopyMove_Enabler&& aOther) {
159 downcast(aOther).reset();
160 }
161 constexpr Maybe_CopyMove_Enabler& operator=(Maybe_CopyMove_Enabler&& aOther) {
162 downcast(aOther).reset();
163 return *this;
164 }
165
166 private:
167 MOZ_MAYBE_DOWNCAST()
168};
169
170template <typename T>
171class Maybe_CopyMove_Enabler<T, true, false, true> {
172 public:
173 Maybe_CopyMove_Enabler() = default;
174
175 Maybe_CopyMove_Enabler(const Maybe_CopyMove_Enabler&) = delete;
176 Maybe_CopyMove_Enabler& operator=(const Maybe_CopyMove_Enabler&) = delete;
177 constexpr Maybe_CopyMove_Enabler(Maybe_CopyMove_Enabler&& aOther) {
178 downcast(aOther).reset();
179 }
180 constexpr Maybe_CopyMove_Enabler& operator=(Maybe_CopyMove_Enabler&& aOther) {
181 downcast(aOther).reset();
182 return *this;
183 }
184
185 private:
186 MOZ_MAYBE_DOWNCAST()
187};
188
189template <typename T>
190class Maybe_CopyMove_Enabler<T, false, true, true> {
191 public:
192 Maybe_CopyMove_Enabler() = default;
193
194 MOZ_MAYBE_COPY_OPS()
195 MOZ_MAYBE_MOVE_OPS()
196
197 private:
198 MOZ_MAYBE_DOWNCAST()
199};
200
201template <typename T>
202class Maybe_CopyMove_Enabler<T, false, false, true> {
203 public:
204 Maybe_CopyMove_Enabler() = default;
205
206 Maybe_CopyMove_Enabler(const Maybe_CopyMove_Enabler&) = delete;
207 Maybe_CopyMove_Enabler& operator=(const Maybe_CopyMove_Enabler&) = delete;
208 MOZ_MAYBE_MOVE_OPS()
209
210 private:
211 MOZ_MAYBE_DOWNCAST()
212};
213
214template <typename T>
215class Maybe_CopyMove_Enabler<T, false, true, false> {
216 public:
217 Maybe_CopyMove_Enabler() = default;
218
219 MOZ_MAYBE_COPY_OPS()
220 Maybe_CopyMove_Enabler(Maybe_CopyMove_Enabler&&) = delete;
221 Maybe_CopyMove_Enabler& operator=(Maybe_CopyMove_Enabler&&) = delete;
222
223 private:
224 MOZ_MAYBE_DOWNCAST()
225};
226
227template <typename T, bool TriviallyDestructibleAndCopyable>
228class Maybe_CopyMove_Enabler<T, TriviallyDestructibleAndCopyable, false,
229 false> {
230 public:
231 Maybe_CopyMove_Enabler() = default;
232
233 Maybe_CopyMove_Enabler(const Maybe_CopyMove_Enabler&) = delete;
234 Maybe_CopyMove_Enabler& operator=(const Maybe_CopyMove_Enabler&) = delete;
235 Maybe_CopyMove_Enabler(Maybe_CopyMove_Enabler&&) = delete;
236 Maybe_CopyMove_Enabler& operator=(Maybe_CopyMove_Enabler&&) = delete;
237};
238
239#undef MOZ_MAYBE_COPY_OPS
240#undef MOZ_MAYBE_MOVE_OPS
241#undef MOZ_MAYBE_DOWNCAST
242
243template <typename T, bool TriviallyDestructibleAndCopyable =
244 IsTriviallyDestructibleAndCopyable<T>>
245struct MaybeStorage;
246
247template <typename T>
248struct MaybeStorage<T, false> : MaybeStorageBase<T> {
249 protected:
250 char mIsSome = false; // not bool -- guarantees minimal space consumption
251
252 constexpr MaybeStorage() = default;
6
Calling defaulted default constructor for 'MaybeStorageBase<js::AutoRealm, false>'
11
Returning from default constructor for 'MaybeStorageBase<js::AutoRealm, false>'
12
Returning without writing to 'this->mStorage.val.cx_'
253 explicit MaybeStorage(const T& aVal)
254 : MaybeStorageBase<T>{aVal}, mIsSome{true} {}
255 explicit MaybeStorage(T&& aVal)
256 : MaybeStorageBase<T>{std::move(aVal)}, mIsSome{true} {}
257
258 template <typename... Args>
259 explicit MaybeStorage(std::in_place_t, Args&&... aArgs)
260 : MaybeStorageBase<T>{std::in_place, std::forward<Args>(aArgs)...},
261 mIsSome{true} {}
262
263 public:
264 // Copy and move operations are no-ops, since copying is moving is implemented
265 // by Maybe_CopyMove_Enabler.
266
267 MaybeStorage(const MaybeStorage&) : MaybeStorageBase<T>{} {}
268 MaybeStorage& operator=(const MaybeStorage&) { return *this; }
269 MaybeStorage(MaybeStorage&&) : MaybeStorageBase<T>{} {}
270 MaybeStorage& operator=(MaybeStorage&&) { return *this; }
271
272 ~MaybeStorage() {
273 if (mIsSome
19.1
Field 'mIsSome' is 0
19.1
Field 'mIsSome' is 0
19.1
Field 'mIsSome' is 0
19.1
Field 'mIsSome' is 0
) {
20
Taking false branch
274 this->addr()->T::~T();
275 }
276 }
21
Calling implicit destructor for 'MaybeStorageBase<js::AutoRealm, false>'
22
Calling '~Union'
277};
278
279template <typename T>
280struct MaybeStorage<T, true> : MaybeStorageBase<T> {
281 protected:
282 char mIsSome = false; // not bool -- guarantees minimal space consumption
283
284 constexpr MaybeStorage() = default;
285 constexpr explicit MaybeStorage(const T& aVal)
286 : MaybeStorageBase<T>{aVal}, mIsSome{true} {}
287 constexpr explicit MaybeStorage(T&& aVal)
288 : MaybeStorageBase<T>{std::move(aVal)}, mIsSome{true} {}
289
290 template <typename... Args>
291 constexpr explicit MaybeStorage(std::in_place_t, Args&&... aArgs)
292 : MaybeStorageBase<T>{std::in_place, std::forward<Args>(aArgs)...},
293 mIsSome{true} {}
294};
295
296template <typename T>
297struct IsMaybeImpl : std::false_type {};
298
299template <typename T>
300struct IsMaybeImpl<Maybe<T>> : std::true_type {};
301
302template <typename T>
303using IsMaybe = IsMaybeImpl<std::decay_t<T>>;
304
305} // namespace detail
306
307template <typename T, typename U = typename std::remove_cv<
308 typename std::remove_reference<T>::type>::type>
309constexpr Maybe<U> Some(T&& aValue);
310
311/*
312 * Maybe is a container class which contains either zero or one elements. It
313 * serves two roles. It can represent values which are *semantically* optional,
314 * augmenting a type with an explicit 'Nothing' value. In this role, it provides
315 * methods that make it easy to work with values that may be missing, along with
316 * equality and comparison operators so that Maybe values can be stored in
317 * containers. Maybe values can be constructed conveniently in expressions using
318 * type inference, as follows:
319 *
320 * void doSomething(Maybe<Foo> aFoo) {
321 * if (aFoo) // Make sure that aFoo contains a value...
322 * aFoo->takeAction(); // and then use |aFoo->| to access it.
323 * } // |*aFoo| also works!
324 *
325 * doSomething(Nothing()); // Passes a Maybe<Foo> containing no value.
326 * doSomething(Some(Foo(100))); // Passes a Maybe<Foo> containing |Foo(100)|.
327 *
328 * You'll note that it's important to check whether a Maybe contains a value
329 * before using it, using conversion to bool, |isSome()|, or |isNothing()|. You
330 * can avoid these checks, and sometimes write more readable code, using
331 * |valueOr()|, |ptrOr()|, and |refOr()|, which allow you to retrieve the value
332 * in the Maybe and provide a default for the 'Nothing' case. You can also use
333 * |apply()| to call a function only if the Maybe holds a value, and |map()| to
334 * transform the value in the Maybe, returning another Maybe with a possibly
335 * different type.
336 *
337 * Maybe's other role is to support lazily constructing objects without using
338 * dynamic storage. A Maybe directly contains storage for a value, but it's
339 * empty by default. |emplace()|, as mentioned above, can be used to construct a
340 * value in Maybe's storage. The value a Maybe contains can be destroyed by
341 * calling |reset()|; this will happen automatically if a Maybe is destroyed
342 * while holding a value.
343 *
344 * It's a common idiom in C++ to use a pointer as a 'Maybe' type, with a null
345 * value meaning 'Nothing' and any other value meaning 'Some'. You can convert
346 * from such a pointer to a Maybe value using 'ToMaybe()'.
347 *
348 * Maybe is inspired by similar types in the standard library of many other
349 * languages (e.g. Haskell's Maybe and Rust's Option). In the C++ world it's
350 * very similar to std::optional, which was proposed for C++14 and originated in
351 * Boost. The most important differences between Maybe and std::optional are:
352 *
353 * - std::optional<T> may be compared with T. We deliberately forbid that.
354 * - std::optional has |valueOr()|, equivalent to Maybe's |valueOr()|, but
355 * lacks corresponding methods for |refOr()| and |ptrOr()|.
356 * - std::optional lacks |map()| and |apply()|, making it less suitable for
357 * functional-style code.
358 * - std::optional lacks many convenience functions that Maybe has. Most
359 * unfortunately, it lacks equivalents of the type-inferred constructor
360 * functions |Some()| and |Nothing()|.
361 */
362template <class T>
363class MOZ_INHERIT_TYPE_ANNOTATIONS_FROM_TEMPLATE_ARGS Maybe
364 : private detail::MaybeStorage<T>,
365 public detail::Maybe_CopyMove_Enabler<T> {
366 template <typename, bool, bool, bool>
367 friend class detail::Maybe_CopyMove_Enabler;
368
369 template <typename U, typename V>
370 friend constexpr Maybe<V> Some(U&& aValue);
371
372 struct SomeGuard {};
373
374 template <typename U>
375 constexpr Maybe(U&& aValue, SomeGuard)
376 : detail::MaybeStorage<T>{std::forward<U>(aValue)} {}
377
378 using detail::MaybeStorage<T>::mIsSome;
379 using detail::MaybeStorage<T>::mStorage;
380
381 void poisonData() { detail::MaybePoisoner<T>::poison(&mStorage.val); }
382
383 public:
384 using ValueType = T;
385
386 MOZ_ALLOW_TEMPORARY constexpr Maybe() = default;
5
Calling defaulted default constructor for 'MaybeStorage<js::AutoRealm, false>'
13
Returning from default constructor for 'MaybeStorage<js::AutoRealm, false>'
14
Returning without writing to 'this->mStorage.val.cx_'
387
388 MOZ_ALLOW_TEMPORARY MOZ_IMPLICIT constexpr Maybe(Nothing) : Maybe{} {}
389
390 template <typename... Args>
391 constexpr explicit Maybe(std::in_place_t, Args&&... aArgs)
392 : detail::MaybeStorage<T>{std::in_place, std::forward<Args>(aArgs)...} {}
393
394 /**
395 * Maybe<T> can be copy-constructed from a Maybe<U> if T is constructible from
396 * a const U&.
397 */
398 template <typename U,
399 std::enable_if_t<std::is_constructible_v<T, const U&>, bool> = true>
400 MOZ_IMPLICIT Maybe(const Maybe<U>& aOther) {
401 if (aOther.isSome()) {
402 emplace(*aOther);
403 }
404 }
405
406 template <typename U, std::enable_if_t<!std::is_constructible_v<T, const U&>,
407 bool> = true>
408 explicit Maybe(const Maybe<U>& aOther) = delete;
409
410 /**
411 * Maybe<T> can be move-constructed from a Maybe<U> if T is constructible from
412 * a U&&.
413 */
414 template <typename U,
415 std::enable_if_t<std::is_constructible_v<T, U&&>, bool> = true>
416 MOZ_IMPLICIT Maybe(Maybe<U>&& aOther) {
417 if (aOther.isSome()) {
418 emplace(std::move(*aOther));
419 aOther.reset();
420 }
421 }
422 template <typename U,
423 std::enable_if_t<!std::is_constructible_v<T, U&&>, bool> = true>
424 explicit Maybe(Maybe<U>&& aOther) = delete;
425
426 template <typename U,
427 std::enable_if_t<std::is_constructible_v<T, const U&>, bool> = true>
428 Maybe& operator=(const Maybe<U>& aOther) {
429 if (aOther.isSome()) {
430 if (mIsSome) {
431 ref() = aOther.ref();
432 } else {
433 emplace(*aOther);
434 }
435 } else {
436 reset();
437 }
438 return *this;
439 }
440
441 template <typename U, std::enable_if_t<!std::is_constructible_v<T, const U&>,
442 bool> = true>
443 Maybe& operator=(const Maybe<U>& aOther) = delete;
444
445 template <typename U,
446 std::enable_if_t<std::is_constructible_v<T, U&&>, bool> = true>
447 Maybe& operator=(Maybe<U>&& aOther) {
448 if (aOther.isSome()) {
449 if (mIsSome) {
450 ref() = std::move(aOther.ref());
451 } else {
452 emplace(std::move(*aOther));
453 }
454 aOther.reset();
455 } else {
456 reset();
457 }
458
459 return *this;
460 }
461
462 template <typename U,
463 std::enable_if_t<!std::is_constructible_v<T, U&&>, bool> = true>
464 Maybe& operator=(Maybe<U>&& aOther) = delete;
465
466 constexpr Maybe& operator=(Nothing) {
467 reset();
468 return *this;
469 }
470
471 /* Methods that check whether this Maybe contains a value */
472 constexpr explicit operator bool() const { return isSome(); }
473 constexpr bool isSome() const { return mIsSome; }
474 constexpr bool isNothing() const { return !mIsSome; }
475
476 /* Returns the contents of this Maybe<T> by value. Unsafe unless |isSome()|.
477 */
478 constexpr T value() const&;
479 constexpr T value() &&;
480 constexpr T value() const&&;
481
482 /**
483 * Move the contents of this Maybe<T> out of internal storage and return it
484 * without calling the destructor. The internal storage is also reset to
485 * avoid multiple calls. Unsafe unless |isSome()|.
486 */
487 constexpr T extract() {
488 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 488); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 488; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
489 T v = std::move(mStorage.val);
490 reset();
491 return v;
492 }
493
494 /**
495 * Returns the value (possibly |Nothing()|) by moving it out of this Maybe<T>
496 * and leaving |Nothing()| in its place.
497 */
498 Maybe<T> take() { return std::exchange(*this, Nothing()); }
499
500 /*
501 * Returns the contents of this Maybe<T> by value. If |isNothing()|, returns
502 * the default value provided.
503 *
504 * Note: If the value passed to aDefault is not the result of a trivial
505 * expression, but expensive to evaluate, e.g. |valueOr(ExpensiveFunction())|,
506 * use |valueOrFrom| instead, e.g.
507 * |valueOrFrom([arg] { return ExpensiveFunction(arg); })|. This ensures
508 * that the expensive expression is only evaluated when its result will
509 * actually be used.
510 */
511 template <typename V>
512 constexpr T valueOr(V&& aDefault) const {
513 if (isSome()) {
514 return ref();
515 }
516 return std::forward<V>(aDefault);
517 }
518
519 /*
520 * Returns the contents of this Maybe<T> by value. If |isNothing()|, returns
521 * the value returned from the function or functor provided.
522 */
523 template <typename F>
524 constexpr T valueOrFrom(F&& aFunc) const {
525 if (isSome()) {
526 return ref();
527 }
528 return aFunc();
529 }
530
531 /* Returns the contents of this Maybe<T> by pointer. Unsafe unless |isSome()|.
532 */
533 T* ptr();
534 constexpr const T* ptr() const;
535
536 /*
537 * Returns the contents of this Maybe<T> by pointer. If |isNothing()|,
538 * returns the default value provided.
539 */
540 T* ptrOr(T* aDefault) {
541 if (isSome()) {
542 return ptr();
543 }
544 return aDefault;
545 }
546
547 constexpr const T* ptrOr(const T* aDefault) const {
548 if (isSome()) {
549 return ptr();
550 }
551 return aDefault;
552 }
553
554 /*
555 * Returns the contents of this Maybe<T> by pointer. If |isNothing()|,
556 * returns the value returned from the function or functor provided.
557 */
558 template <typename F>
559 T* ptrOrFrom(F&& aFunc) {
560 if (isSome()) {
561 return ptr();
562 }
563 return aFunc();
564 }
565
566 template <typename F>
567 const T* ptrOrFrom(F&& aFunc) const {
568 if (isSome()) {
569 return ptr();
570 }
571 return aFunc();
572 }
573
574 constexpr T* operator->();
575 constexpr const T* operator->() const;
576
577 /* Returns the contents of this Maybe<T> by ref. Unsafe unless |isSome()|. */
578 constexpr T& ref() &;
579 constexpr const T& ref() const&;
580 constexpr T&& ref() &&;
581 constexpr const T&& ref() const&&;
582
583 /*
584 * Returns the contents of this Maybe<T> by ref. If |isNothing()|, returns
585 * the default value provided.
586 */
587 constexpr T& refOr(T& aDefault) {
588 if (isSome()) {
589 return ref();
590 }
591 return aDefault;
592 }
593
594 constexpr const T& refOr(const T& aDefault) const {
595 if (isSome()) {
596 return ref();
597 }
598 return aDefault;
599 }
600
601 /*
602 * Returns the contents of this Maybe<T> by ref. If |isNothing()|, returns the
603 * value returned from the function or functor provided.
604 */
605 template <typename F>
606 constexpr T& refOrFrom(F&& aFunc) {
607 if (isSome()) {
608 return ref();
609 }
610 return aFunc();
611 }
612
613 template <typename F>
614 constexpr const T& refOrFrom(F&& aFunc) const {
615 if (isSome()) {
616 return ref();
617 }
618 return aFunc();
619 }
620
621 constexpr T& operator*() &;
622 constexpr const T& operator*() const&;
623 constexpr T&& operator*() &&;
624 constexpr const T&& operator*() const&&;
625
626 /* If |isSome()|, runs the provided function or functor on the contents of
627 * this Maybe. */
628 template <typename Func>
629 constexpr Maybe& apply(Func&& aFunc) & {
630 if (isSome()) {
631 std::forward<Func>(aFunc)(ref());
632 }
633 return *this;
634 }
635
636 template <typename Func>
637 constexpr const Maybe& apply(Func&& aFunc) const& {
638 if (isSome()) {
639 std::forward<Func>(aFunc)(ref());
640 }
641 return *this;
642 }
643
644 template <typename Func>
645 constexpr Maybe& apply(Func&& aFunc) && {
646 if (isSome()) {
647 std::forward<Func>(aFunc)(extract());
648 }
649 return *this;
650 }
651
652 template <typename Func>
653 constexpr Maybe& apply(Func&& aFunc) const&& {
654 if (isSome()) {
655 std::forward<Func>(aFunc)(extract());
656 }
657 return *this;
658 }
659
660 /*
661 * If |isSome()|, runs the provided function and returns the result wrapped
662 * in a Maybe. If |isNothing()|, returns an empty Maybe value with the same
663 * value type as what the provided function would have returned.
664 */
665 template <typename Func>
666 constexpr auto map(Func&& aFunc) & {
667 if (isSome()) {
668 return Some(std::forward<Func>(aFunc)(ref()));
669 }
670 return Maybe<decltype(std::forward<Func>(aFunc)(ref()))>{};
671 }
672
673 template <typename Func>
674 constexpr auto map(Func&& aFunc) const& {
675 if (isSome()) {
676 return Some(std::forward<Func>(aFunc)(ref()));
677 }
678 return Maybe<decltype(std::forward<Func>(aFunc)(ref()))>{};
679 }
680
681 template <typename Func>
682 constexpr auto map(Func&& aFunc) && {
683 if (isSome()) {
684 return Some(std::forward<Func>(aFunc)(extract()));
685 }
686 return Maybe<decltype(std::forward<Func>(aFunc)(extract()))>{};
687 }
688
689 template <typename Func>
690 constexpr auto map(Func&& aFunc) const&& {
691 if (isSome()) {
692 return Some(std::forward<Func>(aFunc)(extract()));
693 }
694 return Maybe<decltype(std::forward<Func>(aFunc)(extract()))>{};
695 }
696
697 /*
698 * If |isSome()|, runs the provided function or functor on the contents of
699 * this Maybe and returns the result. Note that the provided function or
700 * functor must return a Maybe<U> of any type U.
701 * If |isNothing()|, returns an empty Maybe value with the same type as what
702 * the provided function would have returned.
703 */
704 template <typename Func>
705 constexpr auto andThen(Func&& aFunc) & {
706 static_assert(std::is_invocable_v<Func, T&>);
707 using U = std::invoke_result_t<Func, T&>;
708 static_assert(detail::IsMaybe<U>::value);
709 if (isSome()) {
710 return std::invoke(std::forward<Func>(aFunc), ref());
711 }
712 return std::remove_cv_t<std::remove_reference_t<U>>{};
713 }
714
715 template <typename Func>
716 constexpr auto andThen(Func&& aFunc) const& {
717 static_assert(std::is_invocable_v<Func, const T&>);
718 using U = std::invoke_result_t<Func, const T&>;
719 static_assert(detail::IsMaybe<U>::value);
720 if (isSome()) {
721 return std::invoke(std::forward<Func>(aFunc), ref());
722 }
723 return std::remove_cv_t<std::remove_reference_t<U>>{};
724 }
725
726 template <typename Func>
727 constexpr auto andThen(Func&& aFunc) && {
728 static_assert(std::is_invocable_v<Func, T&&>);
729 using U = std::invoke_result_t<Func, T&&>;
730 static_assert(detail::IsMaybe<U>::value);
731 if (isSome()) {
732 return std::invoke(std::forward<Func>(aFunc), extract());
733 }
734 return std::remove_cv_t<std::remove_reference_t<U>>{};
735 }
736
737 template <typename Func>
738 constexpr auto andThen(Func&& aFunc) const&& {
739 static_assert(std::is_invocable_v<Func, const T&&>);
740 using U = std::invoke_result_t<Func, const T&&>;
741 static_assert(detail::IsMaybe<U>::value);
742 if (isSome()) {
743 return std::invoke(std::forward<Func>(aFunc), extract());
744 }
745 return std::remove_cv_t<std::remove_reference_t<U>>{};
746 }
747
748 /*
749 * If |isNothing()|, runs the provided function or functor and returns its
750 * result. If |isSome()|, returns the contained value wrapped in a Maybe.
751 */
752 template <typename Func>
753 constexpr Maybe orElse(Func&& aFunc) & {
754 static_assert(std::is_invocable_v<Func>);
755 using U = std::invoke_result_t<Func>;
756 static_assert(
757 std::is_same_v<Maybe, std::remove_cv_t<std::remove_reference_t<U>>>);
758 if (isSome()) {
759 return *this;
760 }
761 return std::invoke(std::forward<Func>(aFunc));
762 }
763
764 template <typename Func>
765 constexpr Maybe orElse(Func&& aFunc) const& {
766 static_assert(std::is_invocable_v<Func>);
767 using U = std::invoke_result_t<Func>;
768 static_assert(
769 std::is_same_v<Maybe, std::remove_cv_t<std::remove_reference_t<U>>>);
770 if (isSome()) {
771 return *this;
772 }
773 return std::invoke(std::forward<Func>(aFunc));
774 }
775
776 template <typename Func>
777 constexpr Maybe orElse(Func&& aFunc) && {
778 static_assert(std::is_invocable_v<Func>);
779 using U = std::invoke_result_t<Func>;
780 static_assert(
781 std::is_same_v<Maybe, std::remove_cv_t<std::remove_reference_t<U>>>);
782 if (isSome()) {
783 return std::move(*this);
784 }
785 return std::invoke(std::forward<Func>(aFunc));
786 }
787
788 template <typename Func>
789 constexpr Maybe orElse(Func&& aFunc) const&& {
790 static_assert(std::is_invocable_v<Func>);
791 using U = std::invoke_result_t<Func>;
792 static_assert(
793 std::is_same_v<Maybe, std::remove_cv_t<std::remove_reference_t<U>>>);
794 if (isSome()) {
795 return std::move(*this);
796 }
797 return std::invoke(std::forward<Func>(aFunc));
798 }
799
800 /* If |isSome()|, empties this Maybe and destroys its contents. */
801 constexpr void reset() {
802 if (isSome()) {
803 if constexpr (!std::is_trivially_destructible_v<T>) {
804 /*
805 * Static analyzer gets confused if we have Maybe<MutexAutoLock>,
806 * so we suppress thread-safety warnings here
807 */
808 MOZ_PUSH_IGNORE_THREAD_SAFETYGCC diagnostic push GCC diagnostic ignored "-Wthread-safety"
809 ref().T::~T();
810 MOZ_POP_THREAD_SAFETYGCC diagnostic pop
811 poisonData();
812 }
813 mIsSome = false;
814 }
815 }
816
817 /*
818 * Constructs a T value in-place in this empty Maybe<T>'s storage. The
819 * arguments to |emplace()| are the parameters to T's constructor.
820 */
821 template <typename... Args>
822 constexpr void emplace(Args&&... aArgs);
823
824 template <typename U>
825 constexpr std::enable_if_t<std::is_same_v<T, U> &&
826 std::is_copy_constructible_v<U> &&
827 !std::is_move_constructible_v<U>>
828 emplace(U&& aArgs) {
829 emplace(aArgs);
830 }
831
832 friend std::ostream& operator<<(std::ostream& aStream,
833 const Maybe<T>& aMaybe) {
834 if (aMaybe) {
835 aStream << aMaybe.ref();
836 } else {
837 aStream << "<Nothing>";
838 }
839 return aStream;
840 }
841};
842
843template <typename T>
844class Maybe<T&> {
845 public:
846 constexpr Maybe() = default;
847 constexpr MOZ_IMPLICIT Maybe(Nothing) {}
848
849 void emplace(T& aRef) { mValue = &aRef; }
850
851 /* Methods that check whether this Maybe contains a value */
852 constexpr explicit operator bool() const { return isSome(); }
853 constexpr bool isSome() const { return mValue; }
854 constexpr bool isNothing() const { return !mValue; }
855
856 T& ref() const {
857 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 857); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 857; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
858 return *mValue;
859 }
860
861 T* operator->() const { return &ref(); }
862 T& operator*() const { return ref(); }
863
864 // Deliberately not defining value and ptr accessors, as these may be
865 // confusing on a reference-typed Maybe.
866
867 // XXX Should we define refOr?
868
869 void reset() { mValue = nullptr; }
870
871 template <typename Func>
872 const Maybe& apply(Func&& aFunc) const {
873 if (isSome()) {
874 std::forward<Func>(aFunc)(ref());
875 }
876 return *this;
877 }
878
879 template <typename Func>
880 auto map(Func&& aFunc) const {
881 Maybe<decltype(std::forward<Func>(aFunc)(ref()))> val;
882 if (isSome()) {
883 val.emplace(std::forward<Func>(aFunc)(ref()));
884 }
885 return val;
886 }
887
888 template <typename Func>
889 constexpr auto andThen(Func&& aFunc) const {
890 static_assert(std::is_invocable_v<Func, T&>);
891 using U = std::invoke_result_t<Func, T&>;
892 static_assert(detail::IsMaybe<U>::value);
893 if (isSome()) {
894 return std::invoke(std::forward<Func>(aFunc), ref());
895 }
896 return std::remove_cv_t<std::remove_reference_t<U>>{};
897 }
898
899 template <typename Func>
900 constexpr Maybe orElse(Func&& aFunc) const {
901 static_assert(std::is_invocable_v<Func>);
902 using U = std::invoke_result_t<Func>;
903 static_assert(
904 std::is_same_v<Maybe, std::remove_cv_t<std::remove_reference_t<U>>>);
905 if (isSome()) {
906 return *this;
907 }
908 return std::invoke(std::forward<Func>(aFunc));
909 }
910
911 bool refEquals(const Maybe<T&>& aOther) const {
912 return mValue == aOther.mValue;
913 }
914
915 bool refEquals(const T& aOther) const { return mValue == &aOther; }
916
917 private:
918 T* mValue = nullptr;
919};
920
921template <typename T>
922constexpr T Maybe<T>::value() const& {
923 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 923); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 923; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
924 return ref();
925}
926
927template <typename T>
928constexpr T Maybe<T>::value() && {
929 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 929); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 929; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
930 return std::move(ref());
931}
932
933template <typename T>
934constexpr T Maybe<T>::value() const&& {
935 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 935); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 935; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
936 return std::move(ref());
937}
938
939template <typename T>
940T* Maybe<T>::ptr() {
941 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 941); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 941; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
942 return &ref();
943}
944
945template <typename T>
946constexpr const T* Maybe<T>::ptr() const {
947 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 947); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 947; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
948 return &ref();
949}
950
951template <typename T>
952constexpr T* Maybe<T>::operator->() {
953 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 953); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 953; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
954 return ptr();
955}
956
957template <typename T>
958constexpr const T* Maybe<T>::operator->() const {
959 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 959); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 959; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
960 return ptr();
961}
962
963template <typename T>
964constexpr T& Maybe<T>::ref() & {
965 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 965); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 965; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
966 return mStorage.val;
967}
968
969template <typename T>
970constexpr const T& Maybe<T>::ref() const& {
971 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 971); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 971; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
972 return mStorage.val;
973}
974
975template <typename T>
976constexpr T&& Maybe<T>::ref() && {
977 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 977); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 977; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
978 return std::move(mStorage.val);
979}
980
981template <typename T>
982constexpr const T&& Maybe<T>::ref() const&& {
983 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 983); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 983; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
984 return std::move(mStorage.val);
985}
986
987template <typename T>
988constexpr T& Maybe<T>::operator*() & {
989 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 989); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 989; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
990 return ref();
991}
992
993template <typename T>
994constexpr const T& Maybe<T>::operator*() const& {
995 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 995); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 995; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
996 return ref();
997}
998
999template <typename T>
1000constexpr T&& Maybe<T>::operator*() && {
1001 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 1001); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 1001; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1002 return std::move(ref());
1003}
1004
1005template <typename T>
1006constexpr const T&& Maybe<T>::operator*() const&& {
1007 MOZ_RELEASE_ASSERT(isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 1007); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "isSome()"
")"); do { *((volatile int*)__null) = 1007; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1008 return std::move(ref());
1009}
1010
1011template <typename T>
1012template <typename... Args>
1013constexpr void Maybe<T>::emplace(Args&&... aArgs) {
1014 MOZ_RELEASE_ASSERT(!isSome())do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!isSome())>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!isSome()))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("!isSome()", "/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/Maybe.h"
, 1014); AnnotateMozCrashReason("MOZ_RELEASE_ASSERT" "(" "!isSome()"
")"); do { *((volatile int*)__null) = 1014; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
1015 ::new (KnownNotNull, &mStorage.val) T(std::forward<Args>(aArgs)...);
1016 mIsSome = true;
1017}
1018
1019/*
1020 * Some() creates a Maybe<T> value containing the provided T value. If T has a
1021 * move constructor, it's used to make this as efficient as possible.
1022 *
1023 * Some() selects the type of Maybe it returns by removing any const, volatile,
1024 * or reference qualifiers from the type of the value you pass to it. This gives
1025 * it more intuitive behavior when used in expressions, but it also means that
1026 * if you need to construct a Maybe value that holds a const, volatile, or
1027 * reference value, you need to use emplace() instead.
1028 */
1029template <typename T, typename U>
1030constexpr Maybe<U> Some(T&& aValue) {
1031 return {std::forward<T>(aValue), typename Maybe<U>::SomeGuard{}};
1032}
1033
1034template <typename T>
1035constexpr Maybe<T&> SomeRef(T& aValue) {
1036 Maybe<T&> value;
1037 value.emplace(aValue);
1038 return value;
1039}
1040
1041template <typename T>
1042constexpr Maybe<T&> ToMaybeRef(T* const aPtr) {
1043 return aPtr ? SomeRef(*aPtr) : Nothing{};
1044}
1045
1046template <typename T>
1047Maybe<std::remove_cv_t<std::remove_reference_t<T>>> ToMaybe(T* aPtr) {
1048 if (aPtr) {
1049 return Some(*aPtr);
1050 }
1051 return Nothing();
1052}
1053
1054/*
1055 * Two Maybe<T> values are equal if
1056 * - both are Nothing, or
1057 * - both are Some, and the values they contain are equal.
1058 */
1059template <typename T>
1060constexpr bool operator==(const Maybe<T>& aLHS, const Maybe<T>& aRHS) {
1061 static_assert(!std::is_reference_v<T>,
1062 "operator== is not defined for Maybe<T&>, compare values or "
1063 "addresses explicitly instead");
1064 if (aLHS.isNothing() != aRHS.isNothing()) {
1065 return false;
1066 }
1067 return aLHS.isNothing() || *aLHS == *aRHS;
1068}
1069
1070template <typename T>
1071constexpr bool operator!=(const Maybe<T>& aLHS, const Maybe<T>& aRHS) {
1072 return !(aLHS == aRHS);
1073}
1074
1075/*
1076 * We support comparison to Nothing to allow reasonable expressions like:
1077 * if (maybeValue == Nothing()) { ... }
1078 */
1079template <typename T>
1080constexpr bool operator==(const Maybe<T>& aLHS, const Nothing& aRHS) {
1081 return aLHS.isNothing();
1082}
1083
1084template <typename T>
1085constexpr bool operator!=(const Maybe<T>& aLHS, const Nothing& aRHS) {
1086 return !(aLHS == aRHS);
1087}
1088
1089template <typename T>
1090constexpr bool operator==(const Nothing& aLHS, const Maybe<T>& aRHS) {
1091 return aRHS.isNothing();
1092}
1093
1094template <typename T>
1095constexpr bool operator!=(const Nothing& aLHS, const Maybe<T>& aRHS) {
1096 return !(aLHS == aRHS);
1097}
1098
1099/*
1100 * Maybe<T> values are ordered in the same way T values are ordered, except that
1101 * Nothing comes before anything else.
1102 */
1103template <typename T>
1104constexpr bool operator<(const Maybe<T>& aLHS, const Maybe<T>& aRHS) {
1105 if (aLHS.isNothing()) {
1106 return aRHS.isSome();
1107 }
1108 if (aRHS.isNothing()) {
1109 return false;
1110 }
1111 return *aLHS < *aRHS;
1112}
1113
1114template <typename T>
1115constexpr bool operator>(const Maybe<T>& aLHS, const Maybe<T>& aRHS) {
1116 return !(aLHS < aRHS || aLHS == aRHS);
1117}
1118
1119template <typename T>
1120constexpr bool operator<=(const Maybe<T>& aLHS, const Maybe<T>& aRHS) {
1121 return aLHS < aRHS || aLHS == aRHS;
1122}
1123
1124template <typename T>
1125constexpr bool operator>=(const Maybe<T>& aLHS, const Maybe<T>& aRHS) {
1126 return !(aLHS < aRHS);
1127}
1128
1129template <typename T>
1130inline void ImplCycleCollectionTraverse(
1131 nsCycleCollectionTraversalCallback& aCallback, mozilla::Maybe<T>& aField,
1132 const char* aName, uint32_t aFlags = 0) {
1133 if (aField) {
1134 ImplCycleCollectionTraverse(aCallback, aField.ref(), aName, aFlags);
1135 }
1136}
1137
1138template <typename T>
1139inline void ImplCycleCollectionUnlink(mozilla::Maybe<T>& aField) {
1140 if (aField) {
1141 ImplCycleCollectionUnlink(aField.ref());
1142 }
1143}
1144
1145} // namespace mozilla
1146
1147#endif /* mozilla_Maybe_h */

/var/lib/jenkins/workspace/firefox-scan-build/obj-x86_64-pc-linux-gnu/dist/include/mozilla/MaybeStorageBase.h

1/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2/* vim: set ts=8 sts=2 et sw=2 tw=80: */
3/* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7/* Internal storage class used e.g. by Maybe and Result. This file doesn't
8 * contain any public declarations. */
9
10#ifndef mfbt_MaybeStorageBase_h
11#define mfbt_MaybeStorageBase_h
12
13#include <type_traits>
14#include <utility>
15
16namespace mozilla::detail {
17
18template <typename T>
19constexpr bool IsTriviallyDestructibleAndCopyable =
20 std::is_trivially_destructible_v<T> &&
21 (std::is_trivially_copy_constructible_v<T> ||
22 !std::is_copy_constructible_v<T>);
23
24template <typename T, bool TriviallyDestructibleAndCopyable =
25 IsTriviallyDestructibleAndCopyable<T>>
26struct MaybeStorageBase;
27
28template <typename T>
29struct MaybeStorageBase<T, false> {
30 protected:
31 using NonConstT = std::remove_const_t<T>;
32
33 union Union {
34 Union() {}
8
Returning without writing to 'this->val.cx_'
35 explicit Union(const T& aVal) : val{aVal} {}
36 template <typename U,
37 typename = std::enable_if_t<std::is_move_constructible_v<U>>>
38 explicit Union(U&& aVal) : val{std::forward<U>(aVal)} {}
39 template <typename... Args>
40 explicit Union(std::in_place_t, Args&&... aArgs)
41 : val{std::forward<Args>(aArgs)...} {}
42
43 ~Union() {}
23
Calling '~AutoRealm'
44
45 NonConstT val;
46 } mStorage;
47
48 public:
49 constexpr MaybeStorageBase() = default;
7
Calling default constructor for 'Union'
9
Returning from default constructor for 'Union'
10
Returning without writing to 'this->mStorage.val.cx_'
50 explicit MaybeStorageBase(const T& aVal) : mStorage{aVal} {}
51 explicit MaybeStorageBase(T&& aVal) : mStorage{std::move(aVal)} {}
52 template <typename... Args>
53 explicit MaybeStorageBase(std::in_place_t, Args&&... aArgs)
54 : mStorage{std::in_place, std::forward<Args>(aArgs)...} {}
55
56 const T* addr() const { return &mStorage.val; }
57 T* addr() { return &mStorage.val; }
58};
59
60template <typename T>
61struct MaybeStorageBase<T, true> {
62 protected:
63 using NonConstT = std::remove_const_t<T>;
64
65 union Union {
66 constexpr Union() : empty() {}
67 constexpr explicit Union(const T& aVal) : val{aVal} {}
68 constexpr explicit Union(T&& aVal) : val{std::move(aVal)} {}
69 template <typename... Args>
70 constexpr explicit Union(std::in_place_t, Args&&... aArgs)
71 : val{std::forward<Args>(aArgs)...} {}
72
73 NonConstT val;
74 char empty;
75 } mStorage;
76
77 public:
78 constexpr MaybeStorageBase() = default;
79 constexpr explicit MaybeStorageBase(const T& aVal) : mStorage{aVal} {}
80 constexpr explicit MaybeStorageBase(T&& aVal) : mStorage{std::move(aVal)} {}
81
82 template <typename... Args>
83 constexpr explicit MaybeStorageBase(std::in_place_t, Args&&... aArgs)
84 : mStorage{std::in_place, std::forward<Args>(aArgs)...} {}
85
86 constexpr const T* addr() const { return &mStorage.val; }
87 constexpr T* addr() { return &mStorage.val; }
88};
89
90} // namespace mozilla::detail
91
92#endif

/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Realm-inl.h

1/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*-
2 * vim: set ts=8 sts=2 et sw=2 tw=80:
3 * This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7#ifndef vm_Realm_inl_h
8#define vm_Realm_inl_h
9
10#include "vm/Realm.h"
11
12#include "gc/Barrier.h"
13#include "gc/Marking.h"
14#include "vm/GlobalObject.h"
15
16#include "vm/JSContext-inl.h"
17
18inline void JS::Realm::initGlobal(js::GlobalObject& global) {
19 MOZ_ASSERT(global.realm() == this)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(global.realm() == this)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(global.realm() == this))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("global.realm() == this"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Realm-inl.h"
, 19); AnnotateMozCrashReason("MOZ_ASSERT" "(" "global.realm() == this"
")"); do { *((volatile int*)__null) = 19; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
20 MOZ_ASSERT(!global_)do { static_assert( mozilla::detail::AssertionConditionType<
decltype(!global_)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(!global_))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("!global_", "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Realm-inl.h"
, 20); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!global_" ")"
); do { *((volatile int*)__null) = 20; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false);
21 global_.set(&global);
22}
23
24js::GlobalObject* JS::Realm::maybeGlobal() const {
25 MOZ_ASSERT_IF(global_, global_->realm() == this)do { if (global_) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(global_->realm() == this)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(global_->realm() == this)
)), 0))) { do { } while (false); MOZ_ReportAssertionFailure("global_->realm() == this"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Realm-inl.h"
, 25); AnnotateMozCrashReason("MOZ_ASSERT" "(" "global_->realm() == this"
")"); do { *((volatile int*)__null) = 25; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
26 return global_;
27}
28
29inline bool JS::Realm::hasLiveGlobal() const {
30 // The global is swept by traceWeakGlobalEdge when we start sweeping a zone
31 // group. This frees the GlobalObjectData, so the realm must live at least as
32 // long as the global.
33 MOZ_ASSERT_IF(global_, !js::gc::IsAboutToBeFinalized(global_))do { if (global_) { do { static_assert( mozilla::detail::AssertionConditionType
<decltype(!js::gc::IsAboutToBeFinalized(global_))>::isValid
, "invalid assertion condition"); if ((__builtin_expect(!!(!(
!!(!js::gc::IsAboutToBeFinalized(global_)))), 0))) { do { } while
(false); MOZ_ReportAssertionFailure("!js::gc::IsAboutToBeFinalized(global_)"
, "/var/lib/jenkins/workspace/firefox-scan-build/js/src/vm/Realm-inl.h"
, 33); AnnotateMozCrashReason("MOZ_ASSERT" "(" "!js::gc::IsAboutToBeFinalized(global_)"
")"); do { *((volatile int*)__null) = 33; __attribute__((nomerge
)) ::abort(); } while (false); } } while (false); } } while (
false);
34 return bool(global_);
35}
36
37inline bool JS::Realm::hasInitializedGlobal() const {
38 return hasLiveGlobal() && !initializingGlobal_;
39}
40
41inline bool JS::Realm::marked() const {
42 // The Realm survives in the following cases:
43 // - its global is live
44 // - it has been entered (to ensure we don't destroy the Realm while we're
45 // allocating its global)
46 // - it was allocated after the start of an incremental GC (as there may be
47 // pointers to it from other GC things)
48 return hasLiveGlobal() || hasBeenEnteredIgnoringJit() ||
49 allocatedDuringIncrementalGC_;
50}
51
52/* static */ inline js::ObjectRealm& js::ObjectRealm::get(const JSObject* obj) {
53 // Note: obj might be a CCW if we're accessing ObjectRealm::enumerators.
54 // CCWs here are fine because we always return the same ObjectRealm for a
55 // particular (CCW) object.
56 return obj->maybeCCWRealm()->objects_;
57}
58
59template <typename T>
60js::AutoRealm::AutoRealm(JSContext* cx, const T& target)
61 : cx_(cx), origin_(cx->realm()) {
62 cx_->enterRealmOf(target);
63}
64
65// Protected constructor that bypasses assertions in enterRealmOf.
66js::AutoRealm::AutoRealm(JSContext* cx, JS::Realm* target)
67 : cx_(cx), origin_(cx->realm()) {
68 cx_->enterRealm(target);
69}
70
71js::AutoRealm::~AutoRealm() { cx_->leaveRealm(origin_); }
24
Called C++ object pointer is uninitialized
72
73js::AutoFunctionOrCurrentRealm::AutoFunctionOrCurrentRealm(JSContext* cx,
74 HandleObject fun) {
75 JS::Realm* realm = JS::GetFunctionRealm(cx, fun);
76 if (!realm) {
77 cx->clearPendingException();
78 return;
79 }
80
81 // Enter the function's realm.
82 ar_.emplace(cx, realm);
83}
84
85js::AutoAllocInAtomsZone::AutoAllocInAtomsZone(JSContext* cx)
86 : cx_(cx), origin_(cx->realm()) {
87 cx_->enterAtomsZone();
88}
89
90js::AutoAllocInAtomsZone::~AutoAllocInAtomsZone() {
91 cx_->leaveAtomsZone(origin_);
92}
93
94js::AutoMaybeLeaveAtomsZone::AutoMaybeLeaveAtomsZone(JSContext* cx)
95 : cx_(cx), wasInAtomsZone_(cx->zone() && cx->zone()->isAtomsZone()) {
96 if (wasInAtomsZone_) {
97 cx_->leaveAtomsZone(nullptr);
98 }
99}
100
101js::AutoMaybeLeaveAtomsZone::~AutoMaybeLeaveAtomsZone() {
102 if (wasInAtomsZone_) {
103 cx_->enterAtomsZone();
104 }
105}
106
107js::AutoRealmUnchecked::AutoRealmUnchecked(JSContext* cx, JS::Realm* target)
108 : AutoRealm(cx, target) {}
109
110#endif /* vm_Realm_inl_h */