Context Navigation

Nodes.cpp@ 39533

Visit:

Last change on this file since 39533 was 39533, checked in by [email protected], 16 years ago

[jsfunfuzz] Computed exception offset wrong when first instruction is attempt to resolve deleted eval
<https://bugs.webkit.org/show_bug.cgi?id=23062>

Reviewed by Gavin Barraclough.

This was caused by the expression information for the initial resolve of
eval not being emitted. If this resolve was the first instruction that
could throw an exception the information search would fail leading to an
assertion failure. If it was not the first throwable opcode the wrong
expression information would used.

Fix is simply to emit the expression info.

Property svn:eol-style set to native

File size: 93.0 KB

Line
1	/*
2	* Copyright (C) 1999-2002 Harri Porten ([email protected])
3	* Copyright (C) 2001 Peter Kelly ([email protected])
4	* Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Apple Inc. All rights reserved.
5	* Copyright (C) 2007 Cameron Zwarich ([email protected])
6	* Copyright (C) 2007 Maks Orlovich
7	* Copyright (C) 2007 Eric Seidel <[email protected]>
8	*
9	* This library is free software; you can redistribute it and/or
10	* modify it under the terms of the GNU Library General Public
11	* License as published by the Free Software Foundation; either
12	* version 2 of the License, or (at your option) any later version.
13	*
14	* This library is distributed in the hope that it will be useful,
15	* but WITHOUT ANY WARRANTY; without even the implied warranty of
16	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17	* Library General Public License for more details.
18	*
19	* You should have received a copy of the GNU Library General Public License
20	* along with this library; see the file COPYING.LIB. If not, write to
21	* the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
22	* Boston, MA 02110-1301, USA.
23	*
24	*/
25
26	#include "config.h"
27	#include "Nodes.h"
28
29	#include "BytecodeGenerator.h"
30	#include "CallFrame.h"
31	#include "JSGlobalObject.h"
32	#include "JSStaticScopeObject.h"
33	#include "LabelScope.h"
34	#include "Parser.h"
35	#include "PropertyNameArray.h"
36	#include "RegExpObject.h"
37	#include "SamplingTool.h"
38	#include "Debugger.h"
39	#include "Lexer.h"
40	#include "Operations.h"
41	#include <math.h>
42	#include <wtf/Assertions.h>
43	#include <wtf/HashCountedSet.h>
44	#include <wtf/HashSet.h>
45	#include <wtf/MathExtras.h>
46	#include <wtf/RefCountedLeakCounter.h>
47	#include <wtf/Threading.h>
48
49	using namespace WTF;
50
51	namespace JSC {
52
53	static void substitute(UString& string, const UString& substring) JSC_FAST_CALL;
54
55	// ------------------------------ NodeReleaser --------------------------------
56
57	class NodeReleaser : Noncopyable {
58	public:
59	// Call this function inside the destructor of a class derived from Node.
60	// This will traverse the tree below this node, destroying all of those nodes,
61	// but without relying on recursion.
62	static void releaseAllNodes(ParserRefCounted* root);
63
64	// Call this on each node in a the releaseNodes virtual function.
65	// It gives the node to the NodeReleaser, which will then release the
66	// node later at the end of the releaseAllNodes process.
67	template <typename T> void release(RefPtr<T>& node) { if (node) adopt(node.release()); }
68	void release(RefPtr<FunctionBodyNode>& node) { if (node) adoptFunctionBodyNode(node); }
69
70	private:
71	NodeReleaser() { }
72	~NodeReleaser() { }
73
74	void adopt(PassRefPtr<ParserRefCounted>);
75	void adoptFunctionBodyNode(RefPtr<FunctionBodyNode>&);
76
77	typedef Vector<RefPtr<ParserRefCounted> > NodeReleaseVector;
78	OwnPtr<NodeReleaseVector> m_vector;
79	};
80
81	void NodeReleaser::releaseAllNodes(ParserRefCounted* root)
82	{
83	ASSERT(root);
84	NodeReleaser releaser;
85	root->releaseNodes(releaser);
86	if (!releaser.m_vector)
87	return;
88	// Note: The call to release.m_vector->size() is intentionally inside
89	// the loop, since calls to releaseNodes are expected to increase the size.
90	for (size_t i = 0; i < releaser.m_vector->size(); ++i) {
91	ParserRefCounted* node = (*releaser.m_vector)[i].get();
92	if (node->hasOneRef())
93	node->releaseNodes(releaser);
94	}
95	}
96
97	void NodeReleaser::adopt(PassRefPtr<ParserRefCounted> node)
98	{
99	ASSERT(node);
100	if (!node->hasOneRef())
101	return;
102	if (!m_vector)
103	m_vector.set(new NodeReleaseVector);
104	m_vector->append(node);
105	}
106
107	void NodeReleaser::adoptFunctionBodyNode(RefPtr<FunctionBodyNode>& functionBodyNode)
108	{
109	// This sidesteps a problem where if you assign a PassRefPtr<FunctionBodyNode>
110	// to a PassRefPtr<Node> we leave the two reference counts (FunctionBodyNode
111	// and ParserRefCounted) unbalanced. It would be nice to fix this problem in
112	// a cleaner way -- perhaps we could remove the FunctionBodyNode reference
113	// count at some point.
114	RefPtr<Node> node = functionBodyNode;
115	functionBodyNode = 0;
116	adopt(node.release());
117	}
118
119	// ------------------------------ ParserRefCounted -----------------------------------------
120
121	#ifndef NDEBUG
122	static RefCountedLeakCounter parserRefCountedCounter("JSC::Node");
123	#endif
124
125	ParserRefCounted::ParserRefCounted(JSGlobalData* globalData)
126	: m_globalData(globalData)
127	{
128	#ifndef NDEBUG
129	parserRefCountedCounter.increment();
130	#endif
131	if (!m_globalData->newParserObjects)
132	m_globalData->newParserObjects = new HashSet<ParserRefCounted*>;
133	m_globalData->newParserObjects->add(this);
134	ASSERT(m_globalData->newParserObjects->contains(this));
135	}
136
137	ParserRefCounted::~ParserRefCounted()
138	{
139	#ifndef NDEBUG
140	parserRefCountedCounter.decrement();
141	#endif
142	}
143
144	void ParserRefCounted::releaseNodes(NodeReleaser&)
145	{
146	}
147
148	void ParserRefCounted::ref()
149	{
150	// bumping from 0 to 1 is just removing from the new nodes set
151	if (m_globalData->newParserObjects) {
152	HashSet<ParserRefCounted*>::iterator it = m_globalData->newParserObjects->find(this);
153	if (it != m_globalData->newParserObjects->end()) {
154	m_globalData->newParserObjects->remove(it);
155	ASSERT(!m_globalData->parserObjectExtraRefCounts \|\| !m_globalData->parserObjectExtraRefCounts->contains(this));
156	return;
157	}
158	}
159
160	ASSERT(!m_globalData->newParserObjects \|\| !m_globalData->newParserObjects->contains(this));
161
162	if (!m_globalData->parserObjectExtraRefCounts)
163	m_globalData->parserObjectExtraRefCounts = new HashCountedSet<ParserRefCounted*>;
164	m_globalData->parserObjectExtraRefCounts->add(this);
165	}
166
167	void ParserRefCounted::deref()
168	{
169	ASSERT(!m_globalData->newParserObjects \|\| !m_globalData->newParserObjects->contains(this));
170
171	if (!m_globalData->parserObjectExtraRefCounts) {
172	delete this;
173	return;
174	}
175
176	HashCountedSet<ParserRefCounted*>::iterator it = m_globalData->parserObjectExtraRefCounts->find(this);
177	if (it == m_globalData->parserObjectExtraRefCounts->end())
178	delete this;
179	else
180	m_globalData->parserObjectExtraRefCounts->remove(it);
181	}
182
183	bool ParserRefCounted::hasOneRef()
184	{
185	if (m_globalData->newParserObjects && m_globalData->newParserObjects->contains(this)) {
186	ASSERT(!m_globalData->parserObjectExtraRefCounts \|\| !m_globalData->parserObjectExtraRefCounts->contains(this));
187	return false;
188	}
189
190	ASSERT(!m_globalData->newParserObjects \|\| !m_globalData->newParserObjects->contains(this));
191
192	if (!m_globalData->parserObjectExtraRefCounts)
193	return true;
194
195	return !m_globalData->parserObjectExtraRefCounts->contains(this);
196	}
197
198	void ParserRefCounted::deleteNewObjects(JSGlobalData* globalData)
199	{
200	if (!globalData->newParserObjects)
201	return;
202
203	#ifndef NDEBUG
204	HashSet<ParserRefCounted*>::iterator end = globalData->newParserObjects->end();
205	for (HashSet<ParserRefCounted*>::iterator it = globalData->newParserObjects->begin(); it != end; ++it)
206	ASSERT(!globalData->parserObjectExtraRefCounts \|\| !globalData->parserObjectExtraRefCounts->contains(*it));
207	#endif
208	deleteAllValues(*globalData->newParserObjects);
209	delete globalData->newParserObjects;
210	globalData->newParserObjects = 0;
211	}
212
213	// ------------------------------ Node --------------------------------
214
215	Node::Node(JSGlobalData* globalData)
216	: ParserRefCounted(globalData)
217	{
218	m_line = globalData->lexer->lineNo();
219	}
220
221	// ------------------------------ ThrowableExpressionData --------------------------------
222
223	static void substitute(UString& string, const UString& substring)
224	{
225	int position = string.find("%s");
226	ASSERT(position != -1);
227	UString newString = string.substr(0, position);
228	newString.append(substring);
229	newString.append(string.substr(position + 2));
230	string = newString;
231	}
232
233	RegisterID* ThrowableExpressionData::emitThrowError(BytecodeGenerator& generator, ErrorType e, const char* msg)
234	{
235	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
236	RegisterID* exception = generator.emitNewError(generator.newTemporary(), e, jsString(generator.globalData(), msg));
237	generator.emitThrow(exception);
238	return exception;
239	}
240
241	RegisterID* ThrowableExpressionData::emitThrowError(BytecodeGenerator& generator, ErrorType e, const char* msg, const Identifier& label)
242	{
243	UString message = msg;
244	substitute(message, label.ustring());
245	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
246	RegisterID* exception = generator.emitNewError(generator.newTemporary(), e, jsString(generator.globalData(), message));
247	generator.emitThrow(exception);
248	return exception;
249	}
250
251	// ------------------------------ StatementNode --------------------------------
252
253	StatementNode::StatementNode(JSGlobalData* globalData)
254	: Node(globalData)
255	, m_lastLine(-1)
256	{
257	}
258
259	void StatementNode::setLoc(int firstLine, int lastLine)
260	{
261	m_line = firstLine;
262	m_lastLine = lastLine;
263	}
264
265	// ------------------------------ SourceElements --------------------------------
266
267	void SourceElements::append(PassRefPtr<StatementNode> statement)
268	{
269	if (statement->isEmptyStatement())
270	return;
271
272	m_statements.append(statement);
273	}
274
275	// ------------------------------ NullNode -------------------------------------
276
277	RegisterID* NullNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
278	{
279	if (dst == generator.ignoredResult())
280	return 0;
281	return generator.emitLoad(dst, jsNull());
282	}
283
284	// ------------------------------ BooleanNode ----------------------------------
285
286	RegisterID* BooleanNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
287	{
288	if (dst == generator.ignoredResult())
289	return 0;
290	return generator.emitLoad(dst, m_value);
291	}
292
293	// ------------------------------ NumberNode -----------------------------------
294
295	RegisterID* NumberNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
296	{
297	if (dst == generator.ignoredResult())
298	return 0;
299	return generator.emitLoad(dst, m_double);
300	}
301
302	// ------------------------------ StringNode -----------------------------------
303
304	RegisterID* StringNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
305	{
306	if (dst == generator.ignoredResult())
307	return 0;
308	return generator.emitLoad(dst, m_value);
309	}
310
311	// ------------------------------ RegExpNode -----------------------------------
312
313	RegisterID* RegExpNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
314	{
315	RefPtr<RegExp> regExp = RegExp::create(generator.globalData(), m_pattern, m_flags);
316	if (!regExp->isValid())
317	return emitThrowError(generator, SyntaxError, ("Invalid regular expression: " + UString(regExp->errorMessage())).UTF8String().c_str());
318	if (dst == generator.ignoredResult())
319	return 0;
320	return generator.emitNewRegExp(generator.finalDestination(dst), regExp.get());
321	}
322
323	// ------------------------------ ThisNode -------------------------------------
324
325	RegisterID* ThisNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
326	{
327	if (dst == generator.ignoredResult())
328	return 0;
329	return generator.moveToDestinationIfNeeded(dst, generator.thisRegister());
330	}
331
332	// ------------------------------ ResolveNode ----------------------------------
333
334	bool ResolveNode::isPure(BytecodeGenerator& generator) const
335	{
336	return generator.isLocal(m_ident);
337	}
338
339	RegisterID* ResolveNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
340	{
341	if (RegisterID* local = generator.registerFor(m_ident)) {
342	if (dst == generator.ignoredResult())
343	return 0;
344	return generator.moveToDestinationIfNeeded(dst, local);
345	}
346
347	generator.emitExpressionInfo(m_startOffset + m_ident.size(), m_ident.size(), 0);
348	return generator.emitResolve(generator.finalDestination(dst), m_ident);
349	}
350
351	// ------------------------------ ElementNode ------------------------------------
352
353	ElementNode::~ElementNode()
354	{
355	NodeReleaser::releaseAllNodes(this);
356	}
357
358	void ElementNode::releaseNodes(NodeReleaser& releaser)
359	{
360	releaser.release(m_next);
361	releaser.release(m_node);
362	}
363
364	// ------------------------------ ArrayNode ------------------------------------
365
366	ArrayNode::~ArrayNode()
367	{
368	NodeReleaser::releaseAllNodes(this);
369	}
370
371	void ArrayNode::releaseNodes(NodeReleaser& releaser)
372	{
373	releaser.release(m_element);
374	}
375
376	RegisterID* ArrayNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
377	{
378	// FIXME: Should we put all of this code into emitNewArray?
379
380	unsigned length = 0;
381	ElementNode* firstPutElement;
382	for (firstPutElement = m_element.get(); firstPutElement; firstPutElement = firstPutElement->next()) {
383	if (firstPutElement->elision())
384	break;
385	++length;
386	}
387
388	if (!firstPutElement && !m_elision)
389	return generator.emitNewArray(generator.finalDestination(dst), m_element.get());
390
391	RefPtr<RegisterID> array = generator.emitNewArray(generator.tempDestination(dst), m_element.get());
392
393	for (ElementNode* n = firstPutElement; n; n = n->next()) {
394	RegisterID* value = generator.emitNode(n->value());
395	length += n->elision();
396	generator.emitPutByIndex(array.get(), length++, value);
397	}
398
399	if (m_elision) {
400	RegisterID* value = generator.emitLoad(0, jsNumber(generator.globalData(), m_elision + length));
401	generator.emitPutById(array.get(), generator.propertyNames().length, value);
402	}
403
404	return generator.moveToDestinationIfNeeded(dst, array.get());
405	}
406
407	// ------------------------------ PropertyNode ----------------------------
408
409	PropertyNode::~PropertyNode()
410	{
411	NodeReleaser::releaseAllNodes(this);
412	}
413
414	void PropertyNode::releaseNodes(NodeReleaser& releaser)
415	{
416	releaser.release(m_assign);
417	}
418
419	// ------------------------------ ObjectLiteralNode ----------------------------
420
421	ObjectLiteralNode::~ObjectLiteralNode()
422	{
423	NodeReleaser::releaseAllNodes(this);
424	}
425
426	void ObjectLiteralNode::releaseNodes(NodeReleaser& releaser)
427	{
428	releaser.release(m_list);
429	}
430
431	RegisterID* ObjectLiteralNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
432	{
433	if (!m_list) {
434	if (dst == generator.ignoredResult())
435	return 0;
436	return generator.emitNewObject(generator.finalDestination(dst));
437	}
438	return generator.emitNode(dst, m_list.get());
439	}
440
441	// ------------------------------ PropertyListNode -----------------------------
442
443	PropertyListNode::~PropertyListNode()
444	{
445	NodeReleaser::releaseAllNodes(this);
446	}
447
448	void PropertyListNode::releaseNodes(NodeReleaser& releaser)
449	{
450	releaser.release(m_node);
451	releaser.release(m_next);
452	}
453
454	RegisterID* PropertyListNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
455	{
456	RefPtr<RegisterID> newObj = generator.tempDestination(dst);
457
458	generator.emitNewObject(newObj.get());
459
460	for (PropertyListNode* p = this; p; p = p->m_next.get()) {
461	RegisterID* value = generator.emitNode(p->m_node->m_assign.get());
462
463	switch (p->m_node->m_type) {
464	case PropertyNode::Constant: {
465	generator.emitPutById(newObj.get(), p->m_node->name(), value);
466	break;
467	}
468	case PropertyNode::Getter: {
469	generator.emitPutGetter(newObj.get(), p->m_node->name(), value);
470	break;
471	}
472	case PropertyNode::Setter: {
473	generator.emitPutSetter(newObj.get(), p->m_node->name(), value);
474	break;
475	}
476	default:
477	ASSERT_NOT_REACHED();
478	}
479	}
480
481	return generator.moveToDestinationIfNeeded(dst, newObj.get());
482	}
483
484	// ------------------------------ BracketAccessorNode --------------------------------
485
486	BracketAccessorNode::~BracketAccessorNode()
487	{
488	NodeReleaser::releaseAllNodes(this);
489	}
490
491	void BracketAccessorNode::releaseNodes(NodeReleaser& releaser)
492	{
493	releaser.release(m_base);
494	releaser.release(m_subscript);
495	}
496
497	RegisterID* BracketAccessorNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
498	{
499	RefPtr<RegisterID> base = generator.emitNodeForLeftHandSide(m_base.get(), m_subscriptHasAssignments, m_subscript->isPure(generator));
500	RegisterID* property = generator.emitNode(m_subscript.get());
501	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
502	return generator.emitGetByVal(generator.finalDestination(dst), base.get(), property);
503	}
504
505	// ------------------------------ DotAccessorNode --------------------------------
506
507	DotAccessorNode::~DotAccessorNode()
508	{
509	NodeReleaser::releaseAllNodes(this);
510	}
511
512	void DotAccessorNode::releaseNodes(NodeReleaser& releaser)
513	{
514	releaser.release(m_base);
515	}
516
517	RegisterID* DotAccessorNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
518	{
519	RegisterID* base = generator.emitNode(m_base.get());
520	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
521	return generator.emitGetById(generator.finalDestination(dst), base, m_ident);
522	}
523
524	// ------------------------------ ArgumentListNode -----------------------------
525
526	ArgumentListNode::~ArgumentListNode()
527	{
528	NodeReleaser::releaseAllNodes(this);
529	}
530
531	void ArgumentListNode::releaseNodes(NodeReleaser& releaser)
532	{
533	releaser.release(m_next);
534	releaser.release(m_expr);
535	}
536
537	RegisterID* ArgumentListNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
538	{
539	ASSERT(m_expr);
540	return generator.emitNode(dst, m_expr.get());
541	}
542
543	// ------------------------------ ArgumentsNode -----------------------------
544
545	ArgumentsNode::~ArgumentsNode()
546	{
547	NodeReleaser::releaseAllNodes(this);
548	}
549
550	void ArgumentsNode::releaseNodes(NodeReleaser& releaser)
551	{
552	releaser.release(m_listNode);
553	}
554
555	// ------------------------------ NewExprNode ----------------------------------
556
557	NewExprNode::~NewExprNode()
558	{
559	NodeReleaser::releaseAllNodes(this);
560	}
561
562	void NewExprNode::releaseNodes(NodeReleaser& releaser)
563	{
564	releaser.release(m_expr);
565	releaser.release(m_args);
566	}
567
568	RegisterID* NewExprNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
569	{
570	RefPtr<RegisterID> func = generator.emitNode(m_expr.get());
571	return generator.emitConstruct(generator.finalDestination(dst), func.get(), m_args.get(), divot(), startOffset(), endOffset());
572	}
573
574	// ------------------------------ EvalFunctionCallNode ----------------------------------
575
576	EvalFunctionCallNode::~EvalFunctionCallNode()
577	{
578	NodeReleaser::releaseAllNodes(this);
579	}
580
581	void EvalFunctionCallNode::releaseNodes(NodeReleaser& releaser)
582	{
583	releaser.release(m_args);
584	}
585
586	RegisterID* EvalFunctionCallNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
587	{
588	RefPtr<RegisterID> func = generator.tempDestination(dst);
589	RefPtr<RegisterID> thisRegister = generator.newTemporary();
590	generator.emitExpressionInfo(divot() - startOffset() + 4, 4, 0);
591	generator.emitResolveWithBase(thisRegister.get(), func.get(), generator.propertyNames().eval);
592	return generator.emitCallEval(generator.finalDestination(dst, func.get()), func.get(), thisRegister.get(), m_args.get(), divot(), startOffset(), endOffset());
593	}
594
595	// ------------------------------ FunctionCallValueNode ----------------------------------
596
597	FunctionCallValueNode::~FunctionCallValueNode()
598	{
599	NodeReleaser::releaseAllNodes(this);
600	}
601
602	void FunctionCallValueNode::releaseNodes(NodeReleaser& releaser)
603	{
604	releaser.release(m_expr);
605	releaser.release(m_args);
606	}
607
608	RegisterID* FunctionCallValueNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
609	{
610	RefPtr<RegisterID> func = generator.emitNode(m_expr.get());
611	RefPtr<RegisterID> thisRegister = generator.emitLoad(generator.newTemporary(), jsNull());
612	return generator.emitCall(generator.finalDestination(dst, func.get()), func.get(), thisRegister.get(), m_args.get(), divot(), startOffset(), endOffset());
613	}
614
615	// ------------------------------ FunctionCallResolveNode ----------------------------------
616
617	FunctionCallResolveNode::~FunctionCallResolveNode()
618	{
619	NodeReleaser::releaseAllNodes(this);
620	}
621
622	void FunctionCallResolveNode::releaseNodes(NodeReleaser& releaser)
623	{
624	releaser.release(m_args);
625	}
626
627	RegisterID* FunctionCallResolveNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
628	{
629	if (RefPtr<RegisterID> local = generator.registerFor(m_ident)) {
630	RefPtr<RegisterID> thisRegister = generator.emitLoad(generator.newTemporary(), jsNull());
631	return generator.emitCall(generator.finalDestination(dst, thisRegister.get()), local.get(), thisRegister.get(), m_args.get(), divot(), startOffset(), endOffset());
632	}
633
634	int index = 0;
635	size_t depth = 0;
636	JSObject* globalObject = 0;
637	if (generator.findScopedProperty(m_ident, index, depth, false, globalObject) && index != missingSymbolMarker()) {
638	RefPtr<RegisterID> func = generator.emitGetScopedVar(generator.newTemporary(), depth, index, globalObject);
639	RefPtr<RegisterID> thisRegister = generator.emitLoad(generator.newTemporary(), jsNull());
640	return generator.emitCall(generator.finalDestination(dst, func.get()), func.get(), thisRegister.get(), m_args.get(), divot(), startOffset(), endOffset());
641	}
642
643	RefPtr<RegisterID> func = generator.tempDestination(dst);
644	RefPtr<RegisterID> thisRegister = generator.newTemporary();
645	int identifierStart = divot() - startOffset();
646	generator.emitExpressionInfo(identifierStart + m_ident.size(), m_ident.size(), 0);
647	generator.emitResolveFunction(thisRegister.get(), func.get(), m_ident);
648	return generator.emitCall(generator.finalDestination(dst, func.get()), func.get(), thisRegister.get(), m_args.get(), divot(), startOffset(), endOffset());
649	}
650
651	// ------------------------------ FunctionCallBracketNode ----------------------------------
652
653	FunctionCallBracketNode::~FunctionCallBracketNode()
654	{
655	NodeReleaser::releaseAllNodes(this);
656	}
657
658	void FunctionCallBracketNode::releaseNodes(NodeReleaser& releaser)
659	{
660	releaser.release(m_base);
661	releaser.release(m_subscript);
662	releaser.release(m_args);
663	}
664
665	RegisterID* FunctionCallBracketNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
666	{
667	RefPtr<RegisterID> base = generator.emitNode(m_base.get());
668	RegisterID* property = generator.emitNode(m_subscript.get());
669	generator.emitExpressionInfo(divot() - m_subexpressionDivotOffset, startOffset() - m_subexpressionDivotOffset, m_subexpressionEndOffset);
670	RefPtr<RegisterID> function = generator.emitGetByVal(generator.tempDestination(dst), base.get(), property);
671	RefPtr<RegisterID> thisRegister = generator.emitMove(generator.newTemporary(), base.get());
672	return generator.emitCall(generator.finalDestination(dst, function.get()), function.get(), thisRegister.get(), m_args.get(), divot(), startOffset(), endOffset());
673	}
674
675	// ------------------------------ FunctionCallDotNode ----------------------------------
676
677	FunctionCallDotNode::~FunctionCallDotNode()
678	{
679	NodeReleaser::releaseAllNodes(this);
680	}
681
682	void FunctionCallDotNode::releaseNodes(NodeReleaser& releaser)
683	{
684	releaser.release(m_base);
685	releaser.release(m_args);
686	}
687
688	RegisterID* FunctionCallDotNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
689	{
690	RefPtr<RegisterID> base = generator.emitNode(m_base.get());
691	generator.emitExpressionInfo(divot() - m_subexpressionDivotOffset, startOffset() - m_subexpressionDivotOffset, m_subexpressionEndOffset);
692	RefPtr<RegisterID> function = generator.emitGetById(generator.tempDestination(dst), base.get(), m_ident);
693	RefPtr<RegisterID> thisRegister = generator.emitMove(generator.newTemporary(), base.get());
694	return generator.emitCall(generator.finalDestination(dst, function.get()), function.get(), thisRegister.get(), m_args.get(), divot(), startOffset(), endOffset());
695	}
696
697	// ------------------------------ PostfixResolveNode ----------------------------------
698
699	static RegisterID* emitPreIncOrDec(BytecodeGenerator& generator, RegisterID* srcDst, Operator oper)
700	{
701	return (oper == OpPlusPlus) ? generator.emitPreInc(srcDst) : generator.emitPreDec(srcDst);
702	}
703
704	static RegisterID* emitPostIncOrDec(BytecodeGenerator& generator, RegisterID* dst, RegisterID* srcDst, Operator oper)
705	{
706	return (oper == OpPlusPlus) ? generator.emitPostInc(dst, srcDst) : generator.emitPostDec(dst, srcDst);
707	}
708
709	RegisterID* PostfixResolveNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
710	{
711	if (RegisterID* local = generator.registerFor(m_ident)) {
712	if (generator.isLocalConstant(m_ident)) {
713	if (dst == generator.ignoredResult())
714	return 0;
715	return generator.emitToJSNumber(generator.finalDestination(dst), local);
716	}
717
718	if (dst == generator.ignoredResult())
719	return emitPreIncOrDec(generator, local, m_operator);
720	return emitPostIncOrDec(generator, generator.finalDestination(dst), local, m_operator);
721	}
722
723	int index = 0;
724	size_t depth = 0;
725	JSObject* globalObject = 0;
726	if (generator.findScopedProperty(m_ident, index, depth, true, globalObject) && index != missingSymbolMarker()) {
727	RefPtr<RegisterID> value = generator.emitGetScopedVar(generator.newTemporary(), depth, index, globalObject);
728	RegisterID* oldValue;
729	if (dst == generator.ignoredResult()) {
730	oldValue = 0;
731	emitPreIncOrDec(generator, value.get(), m_operator);
732	} else {
733	oldValue = emitPostIncOrDec(generator, generator.finalDestination(dst), value.get(), m_operator);
734	}
735	generator.emitPutScopedVar(depth, index, value.get(), globalObject);
736	return oldValue;
737	}
738
739	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
740	RefPtr<RegisterID> value = generator.newTemporary();
741	RefPtr<RegisterID> base = generator.emitResolveWithBase(generator.newTemporary(), value.get(), m_ident);
742	RegisterID* oldValue;
743	if (dst == generator.ignoredResult()) {
744	oldValue = 0;
745	emitPreIncOrDec(generator, value.get(), m_operator);
746	} else {
747	oldValue = emitPostIncOrDec(generator, generator.finalDestination(dst), value.get(), m_operator);
748	}
749	generator.emitPutById(base.get(), m_ident, value.get());
750	return oldValue;
751	}
752
753	// ------------------------------ PostfixBracketNode ----------------------------------
754
755	PostfixBracketNode::~PostfixBracketNode()
756	{
757	NodeReleaser::releaseAllNodes(this);
758	}
759
760	void PostfixBracketNode::releaseNodes(NodeReleaser& releaser)
761	{
762	releaser.release(m_base);
763	releaser.release(m_subscript);
764	}
765
766	RegisterID* PostfixBracketNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
767	{
768	RefPtr<RegisterID> base = generator.emitNode(m_base.get());
769	RefPtr<RegisterID> property = generator.emitNode(m_subscript.get());
770
771	generator.emitExpressionInfo(divot() - m_subexpressionDivotOffset, startOffset() - m_subexpressionDivotOffset, m_subexpressionEndOffset);
772	RefPtr<RegisterID> value = generator.emitGetByVal(generator.newTemporary(), base.get(), property.get());
773	RegisterID* oldValue;
774	if (dst == generator.ignoredResult()) {
775	oldValue = 0;
776	if (m_operator == OpPlusPlus)
777	generator.emitPreInc(value.get());
778	else
779	generator.emitPreDec(value.get());
780	} else {
781	oldValue = (m_operator == OpPlusPlus) ? generator.emitPostInc(generator.finalDestination(dst), value.get()) : generator.emitPostDec(generator.finalDestination(dst), value.get());
782	}
783	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
784	generator.emitPutByVal(base.get(), property.get(), value.get());
785	return oldValue;
786	}
787
788	// ------------------------------ PostfixDotNode ----------------------------------
789
790	PostfixDotNode::~PostfixDotNode()
791	{
792	NodeReleaser::releaseAllNodes(this);
793	}
794
795	void PostfixDotNode::releaseNodes(NodeReleaser& releaser)
796	{
797	releaser.release(m_base);
798	}
799
800	RegisterID* PostfixDotNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
801	{
802	RefPtr<RegisterID> base = generator.emitNode(m_base.get());
803
804	generator.emitExpressionInfo(divot() - m_subexpressionDivotOffset, startOffset() - m_subexpressionDivotOffset, m_subexpressionEndOffset);
805	RefPtr<RegisterID> value = generator.emitGetById(generator.newTemporary(), base.get(), m_ident);
806	RegisterID* oldValue;
807	if (dst == generator.ignoredResult()) {
808	oldValue = 0;
809	if (m_operator == OpPlusPlus)
810	generator.emitPreInc(value.get());
811	else
812	generator.emitPreDec(value.get());
813	} else {
814	oldValue = (m_operator == OpPlusPlus) ? generator.emitPostInc(generator.finalDestination(dst), value.get()) : generator.emitPostDec(generator.finalDestination(dst), value.get());
815	}
816	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
817	generator.emitPutById(base.get(), m_ident, value.get());
818	return oldValue;
819	}
820
821	// ------------------------------ PostfixErrorNode -----------------------------------
822
823	PostfixErrorNode::~PostfixErrorNode()
824	{
825	NodeReleaser::releaseAllNodes(this);
826	}
827
828	void PostfixErrorNode::releaseNodes(NodeReleaser& releaser)
829	{
830	releaser.release(m_expr);
831	}
832
833	RegisterID* PostfixErrorNode::emitBytecode(BytecodeGenerator& generator, RegisterID*)
834	{
835	return emitThrowError(generator, ReferenceError, m_operator == OpPlusPlus ? "Postfix ++ operator applied to value that is not a reference." : "Postfix -- operator applied to value that is not a reference.");
836	}
837
838	// ------------------------------ DeleteResolveNode -----------------------------------
839
840	RegisterID* DeleteResolveNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
841	{
842	if (generator.registerFor(m_ident))
843	return generator.emitUnexpectedLoad(generator.finalDestination(dst), false);
844
845	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
846	RegisterID* base = generator.emitResolveBase(generator.tempDestination(dst), m_ident);
847	return generator.emitDeleteById(generator.finalDestination(dst, base), base, m_ident);
848	}
849
850	// ------------------------------ DeleteBracketNode -----------------------------------
851
852	DeleteBracketNode::~DeleteBracketNode()
853	{
854	NodeReleaser::releaseAllNodes(this);
855	}
856
857	void DeleteBracketNode::releaseNodes(NodeReleaser& releaser)
858	{
859	releaser.release(m_base);
860	releaser.release(m_subscript);
861	}
862
863	RegisterID* DeleteBracketNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
864	{
865	RefPtr<RegisterID> r0 = generator.emitNode(m_base.get());
866	RegisterID* r1 = generator.emitNode(m_subscript.get());
867
868	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
869	return generator.emitDeleteByVal(generator.finalDestination(dst), r0.get(), r1);
870	}
871
872	// ------------------------------ DeleteDotNode -----------------------------------
873
874	DeleteDotNode::~DeleteDotNode()
875	{
876	NodeReleaser::releaseAllNodes(this);
877	}
878
879	void DeleteDotNode::releaseNodes(NodeReleaser& releaser)
880	{
881	releaser.release(m_base);
882	}
883
884	RegisterID* DeleteDotNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
885	{
886	RegisterID* r0 = generator.emitNode(m_base.get());
887
888	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
889	return generator.emitDeleteById(generator.finalDestination(dst), r0, m_ident);
890	}
891
892	// ------------------------------ DeleteValueNode -----------------------------------
893
894	DeleteValueNode::~DeleteValueNode()
895	{
896	NodeReleaser::releaseAllNodes(this);
897	}
898
899	void DeleteValueNode::releaseNodes(NodeReleaser& releaser)
900	{
901	releaser.release(m_expr);
902	}
903
904	RegisterID* DeleteValueNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
905	{
906	generator.emitNode(generator.ignoredResult(), m_expr.get());
907
908	// delete on a non-location expression ignores the value and returns true
909	return generator.emitUnexpectedLoad(generator.finalDestination(dst), true);
910	}
911
912	// ------------------------------ VoidNode -------------------------------------
913
914	VoidNode::~VoidNode()
915	{
916	NodeReleaser::releaseAllNodes(this);
917	}
918
919	void VoidNode::releaseNodes(NodeReleaser& releaser)
920	{
921	releaser.release(m_expr);
922	}
923
924	RegisterID* VoidNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
925	{
926	if (dst == generator.ignoredResult()) {
927	generator.emitNode(generator.ignoredResult(), m_expr.get());
928	return 0;
929	}
930	RefPtr<RegisterID> r0 = generator.emitNode(m_expr.get());
931	return generator.emitLoad(dst, jsUndefined());
932	}
933
934	// ------------------------------ TypeOfValueNode -----------------------------------
935
936	RegisterID* TypeOfResolveNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
937	{
938	if (RegisterID* local = generator.registerFor(m_ident)) {
939	if (dst == generator.ignoredResult())
940	return 0;
941	return generator.emitTypeOf(generator.finalDestination(dst), local);
942	}
943
944	RefPtr<RegisterID> scratch = generator.emitResolveBase(generator.tempDestination(dst), m_ident);
945	generator.emitGetById(scratch.get(), scratch.get(), m_ident);
946	if (dst == generator.ignoredResult())
947	return 0;
948	return generator.emitTypeOf(generator.finalDestination(dst, scratch.get()), scratch.get());
949	}
950
951	// ------------------------------ TypeOfValueNode -----------------------------------
952
953	TypeOfValueNode::~TypeOfValueNode()
954	{
955	NodeReleaser::releaseAllNodes(this);
956	}
957
958	void TypeOfValueNode::releaseNodes(NodeReleaser& releaser)
959	{
960	releaser.release(m_expr);
961	}
962
963	RegisterID* TypeOfValueNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
964	{
965	if (dst == generator.ignoredResult()) {
966	generator.emitNode(generator.ignoredResult(), m_expr.get());
967	return 0;
968	}
969	RefPtr<RegisterID> src = generator.emitNode(m_expr.get());
970	return generator.emitTypeOf(generator.finalDestination(dst), src.get());
971	}
972
973	// ------------------------------ PrefixResolveNode ----------------------------------
974
975	RegisterID* PrefixResolveNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
976	{
977	if (RegisterID* local = generator.registerFor(m_ident)) {
978	if (generator.isLocalConstant(m_ident)) {
979	if (dst == generator.ignoredResult())
980	return 0;
981	RefPtr<RegisterID> r0 = generator.emitUnexpectedLoad(generator.finalDestination(dst), (m_operator == OpPlusPlus) ? 1.0 : -1.0);
982	return generator.emitBinaryOp(op_add, r0.get(), local, r0.get(), OperandTypes());
983	}
984
985	emitPreIncOrDec(generator, local, m_operator);
986	return generator.moveToDestinationIfNeeded(dst, local);
987	}
988
989	int index = 0;
990	size_t depth = 0;
991	JSObject* globalObject = 0;
992	if (generator.findScopedProperty(m_ident, index, depth, false, globalObject) && index != missingSymbolMarker()) {
993	RefPtr<RegisterID> propDst = generator.emitGetScopedVar(generator.tempDestination(dst), depth, index, globalObject);
994	emitPreIncOrDec(generator, propDst.get(), m_operator);
995	generator.emitPutScopedVar(depth, index, propDst.get(), globalObject);
996	return generator.moveToDestinationIfNeeded(dst, propDst.get());
997	}
998
999	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1000	RefPtr<RegisterID> propDst = generator.tempDestination(dst);
1001	RefPtr<RegisterID> base = generator.emitResolveWithBase(generator.newTemporary(), propDst.get(), m_ident);
1002	emitPreIncOrDec(generator, propDst.get(), m_operator);
1003	generator.emitPutById(base.get(), m_ident, propDst.get());
1004	return generator.moveToDestinationIfNeeded(dst, propDst.get());
1005	}
1006
1007	// ------------------------------ PrefixBracketNode ----------------------------------
1008
1009	PrefixBracketNode::~PrefixBracketNode()
1010	{
1011	NodeReleaser::releaseAllNodes(this);
1012	}
1013
1014	void PrefixBracketNode::releaseNodes(NodeReleaser& releaser)
1015	{
1016	releaser.release(m_base);
1017	releaser.release(m_subscript);
1018	}
1019
1020	RegisterID* PrefixBracketNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1021	{
1022	RefPtr<RegisterID> base = generator.emitNode(m_base.get());
1023	RefPtr<RegisterID> property = generator.emitNode(m_subscript.get());
1024	RefPtr<RegisterID> propDst = generator.tempDestination(dst);
1025
1026	generator.emitExpressionInfo(divot() + m_subexpressionDivotOffset, m_subexpressionStartOffset, endOffset() - m_subexpressionDivotOffset);
1027	RegisterID* value = generator.emitGetByVal(propDst.get(), base.get(), property.get());
1028	if (m_operator == OpPlusPlus)
1029	generator.emitPreInc(value);
1030	else
1031	generator.emitPreDec(value);
1032	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1033	generator.emitPutByVal(base.get(), property.get(), value);
1034	return generator.moveToDestinationIfNeeded(dst, propDst.get());
1035	}
1036
1037	// ------------------------------ PrefixDotNode ----------------------------------
1038
1039	PrefixDotNode::~PrefixDotNode()
1040	{
1041	NodeReleaser::releaseAllNodes(this);
1042	}
1043
1044	void PrefixDotNode::releaseNodes(NodeReleaser& releaser)
1045	{
1046	releaser.release(m_base);
1047	}
1048
1049	RegisterID* PrefixDotNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1050	{
1051	RefPtr<RegisterID> base = generator.emitNode(m_base.get());
1052	RefPtr<RegisterID> propDst = generator.tempDestination(dst);
1053
1054	generator.emitExpressionInfo(divot() + m_subexpressionDivotOffset, m_subexpressionStartOffset, endOffset() - m_subexpressionDivotOffset);
1055	RegisterID* value = generator.emitGetById(propDst.get(), base.get(), m_ident);
1056	if (m_operator == OpPlusPlus)
1057	generator.emitPreInc(value);
1058	else
1059	generator.emitPreDec(value);
1060	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1061	generator.emitPutById(base.get(), m_ident, value);
1062	return generator.moveToDestinationIfNeeded(dst, propDst.get());
1063	}
1064
1065	// ------------------------------ PrefixErrorNode -----------------------------------
1066
1067	PrefixErrorNode::~PrefixErrorNode()
1068	{
1069	NodeReleaser::releaseAllNodes(this);
1070	}
1071
1072	void PrefixErrorNode::releaseNodes(NodeReleaser& releaser)
1073	{
1074	releaser.release(m_expr);
1075	}
1076
1077	RegisterID* PrefixErrorNode::emitBytecode(BytecodeGenerator& generator, RegisterID*)
1078	{
1079	return emitThrowError(generator, ReferenceError, m_operator == OpPlusPlus ? "Prefix ++ operator applied to value that is not a reference." : "Prefix -- operator applied to value that is not a reference.");
1080	}
1081
1082	// ------------------------------ Unary Operation Nodes -----------------------------------
1083
1084	UnaryOpNode::~UnaryOpNode()
1085	{
1086	NodeReleaser::releaseAllNodes(this);
1087	}
1088
1089	void UnaryOpNode::releaseNodes(NodeReleaser& releaser)
1090	{
1091	releaser.release(m_expr);
1092	}
1093
1094	RegisterID* UnaryOpNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1095	{
1096	RegisterID* src = generator.emitNode(m_expr.get());
1097	return generator.emitUnaryOp(opcodeID(), generator.finalDestination(dst), src);
1098	}
1099
1100	// ------------------------------ Binary Operation Nodes -----------------------------------
1101
1102	BinaryOpNode::~BinaryOpNode()
1103	{
1104	NodeReleaser::releaseAllNodes(this);
1105	}
1106
1107	void BinaryOpNode::releaseNodes(NodeReleaser& releaser)
1108	{
1109	releaser.release(m_expr1);
1110	releaser.release(m_expr2);
1111	}
1112
1113	RegisterID* BinaryOpNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1114	{
1115	OpcodeID opcodeID = this->opcodeID();
1116	if (opcodeID == op_neq) {
1117	if (m_expr1->isNull() \|\| m_expr2->isNull()) {
1118	RefPtr<RegisterID> src = generator.tempDestination(dst);
1119	generator.emitNode(src.get(), m_expr1->isNull() ? m_expr2.get() : m_expr1.get());
1120	return generator.emitUnaryOp(op_neq_null, generator.finalDestination(dst, src.get()), src.get());
1121	}
1122	}
1123
1124	RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(m_expr1.get(), m_rightHasAssignments, m_expr2->isPure(generator));
1125	RegisterID* src2 = generator.emitNode(m_expr2.get());
1126	return generator.emitBinaryOp(opcodeID, generator.finalDestination(dst, src1.get()), src1.get(), src2, OperandTypes(m_expr1->resultDescriptor(), m_expr2->resultDescriptor()));
1127	}
1128
1129	RegisterID* EqualNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1130	{
1131	if (m_expr1->isNull() \|\| m_expr2->isNull()) {
1132	RefPtr<RegisterID> src = generator.tempDestination(dst);
1133	generator.emitNode(src.get(), m_expr1->isNull() ? m_expr2.get() : m_expr1.get());
1134	return generator.emitUnaryOp(op_eq_null, generator.finalDestination(dst, src.get()), src.get());
1135	}
1136
1137	RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(m_expr1.get(), m_rightHasAssignments, m_expr2->isPure(generator));
1138	RegisterID* src2 = generator.emitNode(m_expr2.get());
1139	return generator.emitEqualityOp(op_eq, generator.finalDestination(dst, src1.get()), src1.get(), src2);
1140	}
1141
1142	RegisterID* StrictEqualNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1143	{
1144	RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(m_expr1.get(), m_rightHasAssignments, m_expr2->isPure(generator));
1145	RegisterID* src2 = generator.emitNode(m_expr2.get());
1146	return generator.emitEqualityOp(op_stricteq, generator.finalDestination(dst, src1.get()), src1.get(), src2);
1147	}
1148
1149	RegisterID* ReverseBinaryOpNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1150	{
1151	RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(m_expr1.get(), m_rightHasAssignments, m_expr2->isPure(generator));
1152	RegisterID* src2 = generator.emitNode(m_expr2.get());
1153	return generator.emitBinaryOp(opcodeID(), generator.finalDestination(dst, src1.get()), src2, src1.get(), OperandTypes(m_expr2->resultDescriptor(), m_expr1->resultDescriptor()));
1154	}
1155
1156	RegisterID* ThrowableBinaryOpNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1157	{
1158	RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(m_expr1.get(), m_rightHasAssignments, m_expr2->isPure(generator));
1159	RegisterID* src2 = generator.emitNode(m_expr2.get());
1160	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1161	return generator.emitBinaryOp(opcodeID(), generator.finalDestination(dst, src1.get()), src1.get(), src2, OperandTypes(m_expr1->resultDescriptor(), m_expr2->resultDescriptor()));
1162	}
1163
1164	RegisterID* InstanceOfNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1165	{
1166	RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(m_expr1.get(), m_rightHasAssignments, m_expr2->isPure(generator));
1167	RefPtr<RegisterID> src2 = generator.emitNode(m_expr2.get());
1168
1169	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1170	generator.emitGetByIdExceptionInfo(op_instanceof);
1171	RegisterID* src2Prototype = generator.emitGetById(generator.newTemporary(), src2.get(), generator.globalData()->propertyNames->prototype);
1172
1173	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1174	return generator.emitInstanceOf(generator.finalDestination(dst, src1.get()), src1.get(), src2.get(), src2Prototype);
1175	}
1176
1177	// ------------------------------ LogicalOpNode ----------------------------
1178
1179	LogicalOpNode::~LogicalOpNode()
1180	{
1181	NodeReleaser::releaseAllNodes(this);
1182	}
1183
1184	void LogicalOpNode::releaseNodes(NodeReleaser& releaser)
1185	{
1186	releaser.release(m_expr1);
1187	releaser.release(m_expr2);
1188	}
1189
1190	RegisterID* LogicalOpNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1191	{
1192	RefPtr<RegisterID> temp = generator.tempDestination(dst);
1193	RefPtr<Label> target = generator.newLabel();
1194
1195	generator.emitNode(temp.get(), m_expr1.get());
1196	if (m_operator == OpLogicalAnd)
1197	generator.emitJumpIfFalse(temp.get(), target.get());
1198	else
1199	generator.emitJumpIfTrue(temp.get(), target.get());
1200	generator.emitNode(temp.get(), m_expr2.get());
1201	generator.emitLabel(target.get());
1202
1203	return generator.moveToDestinationIfNeeded(dst, temp.get());
1204	}
1205
1206	// ------------------------------ ConditionalNode ------------------------------
1207
1208	ConditionalNode::~ConditionalNode()
1209	{
1210	NodeReleaser::releaseAllNodes(this);
1211	}
1212
1213	void ConditionalNode::releaseNodes(NodeReleaser& releaser)
1214	{
1215	releaser.release(m_logical);
1216	releaser.release(m_expr1);
1217	releaser.release(m_expr2);
1218	}
1219
1220	RegisterID* ConditionalNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1221	{
1222	RefPtr<RegisterID> newDst = generator.finalDestination(dst);
1223	RefPtr<Label> beforeElse = generator.newLabel();
1224	RefPtr<Label> afterElse = generator.newLabel();
1225
1226	RegisterID* cond = generator.emitNode(m_logical.get());
1227	generator.emitJumpIfFalse(cond, beforeElse.get());
1228
1229	generator.emitNode(newDst.get(), m_expr1.get());
1230	generator.emitJump(afterElse.get());
1231
1232	generator.emitLabel(beforeElse.get());
1233	generator.emitNode(newDst.get(), m_expr2.get());
1234
1235	generator.emitLabel(afterElse.get());
1236
1237	return newDst.get();
1238	}
1239
1240	// ------------------------------ ReadModifyResolveNode -----------------------------------
1241
1242	ReadModifyResolveNode::~ReadModifyResolveNode()
1243	{
1244	NodeReleaser::releaseAllNodes(this);
1245	}
1246
1247	void ReadModifyResolveNode::releaseNodes(NodeReleaser& releaser)
1248	{
1249	releaser.release(m_right);
1250	}
1251
1252	// FIXME: should this be moved to be a method on BytecodeGenerator?
1253	static ALWAYS_INLINE RegisterID* emitReadModifyAssignment(BytecodeGenerator& generator, RegisterID* dst, RegisterID* src1, RegisterID* src2, Operator oper, OperandTypes types)
1254	{
1255	OpcodeID opcodeID;
1256	switch (oper) {
1257	case OpMultEq:
1258	opcodeID = op_mul;
1259	break;
1260	case OpDivEq:
1261	opcodeID = op_div;
1262	break;
1263	case OpPlusEq:
1264	opcodeID = op_add;
1265	break;
1266	case OpMinusEq:
1267	opcodeID = op_sub;
1268	break;
1269	case OpLShift:
1270	opcodeID = op_lshift;
1271	break;
1272	case OpRShift:
1273	opcodeID = op_rshift;
1274	break;
1275	case OpURShift:
1276	opcodeID = op_urshift;
1277	break;
1278	case OpAndEq:
1279	opcodeID = op_bitand;
1280	break;
1281	case OpXOrEq:
1282	opcodeID = op_bitxor;
1283	break;
1284	case OpOrEq:
1285	opcodeID = op_bitor;
1286	break;
1287	case OpModEq:
1288	opcodeID = op_mod;
1289	break;
1290	default:
1291	ASSERT_NOT_REACHED();
1292	return dst;
1293	}
1294
1295	return generator.emitBinaryOp(opcodeID, dst, src1, src2, types);
1296	}
1297
1298	RegisterID* ReadModifyResolveNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1299	{
1300	if (RegisterID* local = generator.registerFor(m_ident)) {
1301	if (generator.isLocalConstant(m_ident)) {
1302	RegisterID* src2 = generator.emitNode(m_right.get());
1303	return emitReadModifyAssignment(generator, generator.finalDestination(dst), local, src2, m_operator, OperandTypes(ResultType::unknown(), m_right->resultDescriptor()));
1304	}
1305
1306	if (generator.leftHandSideNeedsCopy(m_rightHasAssignments, m_right->isPure(generator))) {
1307	RefPtr<RegisterID> result = generator.newTemporary();
1308	generator.emitMove(result.get(), local);
1309	RegisterID* src2 = generator.emitNode(m_right.get());
1310	emitReadModifyAssignment(generator, result.get(), result.get(), src2, m_operator, OperandTypes(ResultType::unknown(), m_right->resultDescriptor()));
1311	generator.emitMove(local, result.get());
1312	return generator.moveToDestinationIfNeeded(dst, result.get());
1313	}
1314
1315	RegisterID* src2 = generator.emitNode(m_right.get());
1316	RegisterID* result = emitReadModifyAssignment(generator, local, local, src2, m_operator, OperandTypes(ResultType::unknown(), m_right->resultDescriptor()));
1317	return generator.moveToDestinationIfNeeded(dst, result);
1318	}
1319
1320	int index = 0;
1321	size_t depth = 0;
1322	JSObject* globalObject = 0;
1323	if (generator.findScopedProperty(m_ident, index, depth, true, globalObject) && index != missingSymbolMarker()) {
1324	RefPtr<RegisterID> src1 = generator.emitGetScopedVar(generator.tempDestination(dst), depth, index, globalObject);
1325	RegisterID* src2 = generator.emitNode(m_right.get());
1326	RegisterID* result = emitReadModifyAssignment(generator, generator.finalDestination(dst, src1.get()), src1.get(), src2, m_operator, OperandTypes(ResultType::unknown(), m_right->resultDescriptor()));
1327	generator.emitPutScopedVar(depth, index, result, globalObject);
1328	return result;
1329	}
1330
1331	RefPtr<RegisterID> src1 = generator.tempDestination(dst);
1332	generator.emitExpressionInfo(divot() - startOffset() + m_ident.size(), m_ident.size(), 0);
1333	RefPtr<RegisterID> base = generator.emitResolveWithBase(generator.newTemporary(), src1.get(), m_ident);
1334	RegisterID* src2 = generator.emitNode(m_right.get());
1335	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1336	RegisterID* result = emitReadModifyAssignment(generator, generator.finalDestination(dst, src1.get()), src1.get(), src2, m_operator, OperandTypes(ResultType::unknown(), m_right->resultDescriptor()));
1337	return generator.emitPutById(base.get(), m_ident, result);
1338	}
1339
1340	// ------------------------------ AssignResolveNode -----------------------------------
1341
1342	AssignResolveNode::~AssignResolveNode()
1343	{
1344	NodeReleaser::releaseAllNodes(this);
1345	}
1346
1347	void AssignResolveNode::releaseNodes(NodeReleaser& releaser)
1348	{
1349	releaser.release(m_right);
1350	}
1351
1352	RegisterID* AssignResolveNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1353	{
1354	if (RegisterID* local = generator.registerFor(m_ident)) {
1355	if (generator.isLocalConstant(m_ident))
1356	return generator.emitNode(dst, m_right.get());
1357
1358	RegisterID* result = generator.emitNode(local, m_right.get());
1359	return generator.moveToDestinationIfNeeded(dst, result);
1360	}
1361
1362	int index = 0;
1363	size_t depth = 0;
1364	JSObject* globalObject = 0;
1365	if (generator.findScopedProperty(m_ident, index, depth, true, globalObject) && index != missingSymbolMarker()) {
1366	if (dst == generator.ignoredResult())
1367	dst = 0;
1368	RegisterID* value = generator.emitNode(dst, m_right.get());
1369	generator.emitPutScopedVar(depth, index, value, globalObject);
1370	return value;
1371	}
1372
1373	RefPtr<RegisterID> base = generator.emitResolveBase(generator.newTemporary(), m_ident);
1374	if (dst == generator.ignoredResult())
1375	dst = 0;
1376	RegisterID* value = generator.emitNode(dst, m_right.get());
1377	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1378	return generator.emitPutById(base.get(), m_ident, value);
1379	}
1380
1381	// ------------------------------ AssignDotNode -----------------------------------
1382
1383	AssignDotNode::~AssignDotNode()
1384	{
1385	NodeReleaser::releaseAllNodes(this);
1386	}
1387
1388	void AssignDotNode::releaseNodes(NodeReleaser& releaser)
1389	{
1390	releaser.release(m_base);
1391	releaser.release(m_right);
1392	}
1393
1394	RegisterID* AssignDotNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1395	{
1396	RefPtr<RegisterID> base = generator.emitNodeForLeftHandSide(m_base.get(), m_rightHasAssignments, m_right->isPure(generator));
1397	RefPtr<RegisterID> value = generator.destinationForAssignResult(dst);
1398	RegisterID* result = generator.emitNode(value.get(), m_right.get());
1399	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1400	generator.emitPutById(base.get(), m_ident, result);
1401	return generator.moveToDestinationIfNeeded(dst, result);
1402	}
1403
1404	// ------------------------------ ReadModifyDotNode -----------------------------------
1405
1406	ReadModifyDotNode::~ReadModifyDotNode()
1407	{
1408	NodeReleaser::releaseAllNodes(this);
1409	}
1410
1411	void ReadModifyDotNode::releaseNodes(NodeReleaser& releaser)
1412	{
1413	releaser.release(m_base);
1414	releaser.release(m_right);
1415	}
1416
1417	RegisterID* ReadModifyDotNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1418	{
1419	RefPtr<RegisterID> base = generator.emitNodeForLeftHandSide(m_base.get(), m_rightHasAssignments, m_right->isPure(generator));
1420
1421	generator.emitExpressionInfo(divot() - m_subexpressionDivotOffset, startOffset() - m_subexpressionDivotOffset, m_subexpressionEndOffset);
1422	RefPtr<RegisterID> value = generator.emitGetById(generator.tempDestination(dst), base.get(), m_ident);
1423	RegisterID* change = generator.emitNode(m_right.get());
1424	RegisterID* updatedValue = emitReadModifyAssignment(generator, generator.finalDestination(dst, value.get()), value.get(), change, m_operator, OperandTypes(ResultType::unknown(), m_right->resultDescriptor()));
1425
1426	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1427	return generator.emitPutById(base.get(), m_ident, updatedValue);
1428	}
1429
1430	// ------------------------------ AssignErrorNode -----------------------------------
1431
1432	AssignErrorNode::~AssignErrorNode()
1433	{
1434	NodeReleaser::releaseAllNodes(this);
1435	}
1436
1437	void AssignErrorNode::releaseNodes(NodeReleaser& releaser)
1438	{
1439	releaser.release(m_left);
1440	releaser.release(m_right);
1441	}
1442
1443	RegisterID* AssignErrorNode::emitBytecode(BytecodeGenerator& generator, RegisterID*)
1444	{
1445	return emitThrowError(generator, ReferenceError, "Left side of assignment is not a reference.");
1446	}
1447
1448	// ------------------------------ AssignBracketNode -----------------------------------
1449
1450	AssignBracketNode::~AssignBracketNode()
1451	{
1452	NodeReleaser::releaseAllNodes(this);
1453	}
1454
1455	void AssignBracketNode::releaseNodes(NodeReleaser& releaser)
1456	{
1457	releaser.release(m_base);
1458	releaser.release(m_subscript);
1459	releaser.release(m_right);
1460	}
1461
1462	RegisterID* AssignBracketNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1463	{
1464	RefPtr<RegisterID> base = generator.emitNodeForLeftHandSide(m_base.get(), m_subscriptHasAssignments \|\| m_rightHasAssignments, m_subscript->isPure(generator) && m_right->isPure(generator));
1465	RefPtr<RegisterID> property = generator.emitNodeForLeftHandSide(m_subscript.get(), m_rightHasAssignments, m_right->isPure(generator));
1466	RefPtr<RegisterID> value = generator.destinationForAssignResult(dst);
1467	RegisterID* result = generator.emitNode(value.get(), m_right.get());
1468
1469	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1470	generator.emitPutByVal(base.get(), property.get(), result);
1471	return generator.moveToDestinationIfNeeded(dst, result);
1472	}
1473
1474	// ------------------------------ ReadModifyBracketNode -----------------------------------
1475
1476	ReadModifyBracketNode::~ReadModifyBracketNode()
1477	{
1478	NodeReleaser::releaseAllNodes(this);
1479	}
1480
1481	void ReadModifyBracketNode::releaseNodes(NodeReleaser& releaser)
1482	{
1483	releaser.release(m_base);
1484	releaser.release(m_subscript);
1485	releaser.release(m_right);
1486	}
1487
1488	RegisterID* ReadModifyBracketNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1489	{
1490	RefPtr<RegisterID> base = generator.emitNodeForLeftHandSide(m_base.get(), m_subscriptHasAssignments \|\| m_rightHasAssignments, m_subscript->isPure(generator) && m_right->isPure(generator));
1491	RefPtr<RegisterID> property = generator.emitNodeForLeftHandSide(m_subscript.get(), m_rightHasAssignments, m_right->isPure(generator));
1492
1493	generator.emitExpressionInfo(divot() - m_subexpressionDivotOffset, startOffset() - m_subexpressionDivotOffset, m_subexpressionEndOffset);
1494	RefPtr<RegisterID> value = generator.emitGetByVal(generator.tempDestination(dst), base.get(), property.get());
1495	RegisterID* change = generator.emitNode(m_right.get());
1496	RegisterID* updatedValue = emitReadModifyAssignment(generator, generator.finalDestination(dst, value.get()), value.get(), change, m_operator, OperandTypes(ResultType::unknown(), m_right->resultDescriptor()));
1497
1498	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1499	generator.emitPutByVal(base.get(), property.get(), updatedValue);
1500
1501	return updatedValue;
1502	}
1503
1504	// ------------------------------ CommaNode ------------------------------------
1505
1506	CommaNode::~CommaNode()
1507	{
1508	NodeReleaser::releaseAllNodes(this);
1509	}
1510
1511	void CommaNode::releaseNodes(NodeReleaser& releaser)
1512	{
1513	releaser.release(m_expr1);
1514	releaser.release(m_expr2);
1515	}
1516
1517	RegisterID* CommaNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1518	{
1519	generator.emitNode(generator.ignoredResult(), m_expr1.get());
1520	return generator.emitNode(dst, m_expr2.get());
1521	}
1522
1523	// ------------------------------ ConstDeclNode ------------------------------------
1524
1525	ConstDeclNode::~ConstDeclNode()
1526	{
1527	NodeReleaser::releaseAllNodes(this);
1528	}
1529
1530	void ConstDeclNode::releaseNodes(NodeReleaser& releaser)
1531	{
1532	releaser.release(m_next);
1533	releaser.release(m_init);
1534	}
1535
1536	ConstDeclNode::ConstDeclNode(JSGlobalData* globalData, const Identifier& ident, ExpressionNode* init)
1537	: ExpressionNode(globalData)
1538	, m_ident(ident)
1539	, m_init(init)
1540	{
1541	}
1542
1543	RegisterID* ConstDeclNode::emitCodeSingle(BytecodeGenerator& generator)
1544	{
1545	if (RegisterID* local = generator.constRegisterFor(m_ident)) {
1546	if (!m_init)
1547	return local;
1548
1549	return generator.emitNode(local, m_init.get());
1550	}
1551
1552	// FIXME: While this code should only be hit in eval code, it will potentially
1553	// assign to the wrong base if m_ident exists in an intervening dynamic scope.
1554	RefPtr<RegisterID> base = generator.emitResolveBase(generator.newTemporary(), m_ident);
1555	RegisterID* value = m_init ? generator.emitNode(m_init.get()) : generator.emitLoad(0, jsUndefined());
1556	return generator.emitPutById(base.get(), m_ident, value);
1557	}
1558
1559	RegisterID* ConstDeclNode::emitBytecode(BytecodeGenerator& generator, RegisterID*)
1560	{
1561	RegisterID* result = 0;
1562	for (ConstDeclNode* n = this; n; n = n->m_next.get())
1563	result = n->emitCodeSingle(generator);
1564
1565	return result;
1566	}
1567
1568	// ------------------------------ ConstStatementNode -----------------------------
1569
1570	ConstStatementNode::~ConstStatementNode()
1571	{
1572	NodeReleaser::releaseAllNodes(this);
1573	}
1574
1575	void ConstStatementNode::releaseNodes(NodeReleaser& releaser)
1576	{
1577	releaser.release(m_next);
1578	}
1579
1580	RegisterID* ConstStatementNode::emitBytecode(BytecodeGenerator& generator, RegisterID*)
1581	{
1582	return generator.emitNode(m_next.get());
1583	}
1584
1585	// ------------------------------ Helper functions for handling Vectors of StatementNode -------------------------------
1586
1587	static inline RegisterID* statementListEmitCode(const StatementVector& statements, BytecodeGenerator& generator, RegisterID* dst)
1588	{
1589	StatementVector::const_iterator end = statements.end();
1590	for (StatementVector::const_iterator it = statements.begin(); it != end; ++it) {
1591	StatementNode* n = it->get();
1592	if (!n->isLoop())
1593	generator.emitDebugHook(WillExecuteStatement, n->firstLine(), n->lastLine());
1594	generator.emitNode(dst, n);
1595	}
1596	return 0;
1597	}
1598
1599	// ------------------------------ BlockNode ------------------------------------
1600
1601	BlockNode::~BlockNode()
1602	{
1603	NodeReleaser::releaseAllNodes(this);
1604	}
1605
1606	void BlockNode::releaseNodes(NodeReleaser& releaser)
1607	{
1608	size_t size = m_children.size();
1609	for (size_t i = 0; i < size; ++i)
1610	releaser.release(m_children[i]);
1611	}
1612
1613	BlockNode::BlockNode(JSGlobalData* globalData, SourceElements* children)
1614	: StatementNode(globalData)
1615	{
1616	if (children)
1617	children->releaseContentsIntoVector(m_children);
1618	}
1619
1620	RegisterID* BlockNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1621	{
1622	return statementListEmitCode(m_children, generator, dst);
1623	}
1624
1625	// ------------------------------ EmptyStatementNode ---------------------------
1626
1627	RegisterID* EmptyStatementNode::emitBytecode(BytecodeGenerator&, RegisterID* dst)
1628	{
1629	return dst;
1630	}
1631
1632	// ------------------------------ DebuggerStatementNode ---------------------------
1633
1634	RegisterID* DebuggerStatementNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1635	{
1636	generator.emitDebugHook(DidReachBreakpoint, firstLine(), lastLine());
1637	return dst;
1638	}
1639
1640	// ------------------------------ ExprStatementNode ----------------------------
1641
1642	RegisterID* ExprStatementNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1643	{
1644	ASSERT(m_expr);
1645	return generator.emitNode(dst, m_expr.get());
1646	}
1647
1648	// ------------------------------ VarStatementNode ----------------------------
1649
1650	VarStatementNode::~VarStatementNode()
1651	{
1652	NodeReleaser::releaseAllNodes(this);
1653	}
1654
1655	void VarStatementNode::releaseNodes(NodeReleaser& releaser)
1656	{
1657	releaser.release(m_expr);
1658	}
1659
1660	RegisterID* VarStatementNode::emitBytecode(BytecodeGenerator& generator, RegisterID*)
1661	{
1662	ASSERT(m_expr);
1663	return generator.emitNode(m_expr.get());
1664	}
1665
1666	// ------------------------------ IfNode ---------------------------------------
1667
1668	IfNode::~IfNode()
1669	{
1670	NodeReleaser::releaseAllNodes(this);
1671	}
1672
1673	void IfNode::releaseNodes(NodeReleaser& releaser)
1674	{
1675	releaser.release(m_condition);
1676	releaser.release(m_ifBlock);
1677	}
1678
1679	RegisterID* IfNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1680	{
1681	RefPtr<Label> afterThen = generator.newLabel();
1682
1683	RegisterID* cond = generator.emitNode(m_condition.get());
1684	generator.emitJumpIfFalse(cond, afterThen.get());
1685
1686	if (!m_ifBlock->isBlock())
1687	generator.emitDebugHook(WillExecuteStatement, m_ifBlock->firstLine(), m_ifBlock->lastLine());
1688
1689	generator.emitNode(dst, m_ifBlock.get());
1690	generator.emitLabel(afterThen.get());
1691
1692	// FIXME: This should return the last statement executed so that it can be returned as a Completion.
1693	return 0;
1694	}
1695
1696	// ------------------------------ IfElseNode ---------------------------------------
1697
1698	IfElseNode::~IfElseNode()
1699	{
1700	NodeReleaser::releaseAllNodes(this);
1701	}
1702
1703	void IfElseNode::releaseNodes(NodeReleaser& releaser)
1704	{
1705	releaser.release(m_elseBlock);
1706	IfNode::releaseNodes(releaser);
1707	}
1708
1709	RegisterID* IfElseNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1710	{
1711	RefPtr<Label> beforeElse = generator.newLabel();
1712	RefPtr<Label> afterElse = generator.newLabel();
1713
1714	RegisterID* cond = generator.emitNode(m_condition.get());
1715	generator.emitJumpIfFalse(cond, beforeElse.get());
1716
1717	if (!m_ifBlock->isBlock())
1718	generator.emitDebugHook(WillExecuteStatement, m_ifBlock->firstLine(), m_ifBlock->lastLine());
1719
1720	generator.emitNode(dst, m_ifBlock.get());
1721	generator.emitJump(afterElse.get());
1722
1723	generator.emitLabel(beforeElse.get());
1724
1725	if (!m_elseBlock->isBlock())
1726	generator.emitDebugHook(WillExecuteStatement, m_elseBlock->firstLine(), m_elseBlock->lastLine());
1727
1728	generator.emitNode(dst, m_elseBlock.get());
1729
1730	generator.emitLabel(afterElse.get());
1731
1732	// FIXME: This should return the last statement executed so that it can be returned as a Completion.
1733	return 0;
1734	}
1735
1736	// ------------------------------ DoWhileNode ----------------------------------
1737
1738	DoWhileNode::~DoWhileNode()
1739	{
1740	NodeReleaser::releaseAllNodes(this);
1741	}
1742
1743	void DoWhileNode::releaseNodes(NodeReleaser& releaser)
1744	{
1745	releaser.release(m_statement);
1746	releaser.release(m_expr);
1747	}
1748
1749	RegisterID* DoWhileNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1750	{
1751	RefPtr<LabelScope> scope = generator.newLabelScope(LabelScope::Loop);
1752
1753	RefPtr<Label> topOfLoop = generator.newLabel();
1754	generator.emitLabel(topOfLoop.get());
1755
1756	generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine());
1757
1758	if (!m_statement->isBlock())
1759	generator.emitDebugHook(WillExecuteStatement, m_statement->firstLine(), m_statement->lastLine());
1760
1761	RefPtr<RegisterID> result = generator.emitNode(dst, m_statement.get());
1762
1763	generator.emitLabel(scope->continueTarget());
1764	generator.emitDebugHook(WillExecuteStatement, m_expr->lineNo(), m_expr->lineNo());
1765	RegisterID* cond = generator.emitNode(m_expr.get());
1766	generator.emitJumpIfTrue(cond, topOfLoop.get());
1767
1768	generator.emitLabel(scope->breakTarget());
1769	return result.get();
1770	}
1771
1772	// ------------------------------ WhileNode ------------------------------------
1773
1774	WhileNode::~WhileNode()
1775	{
1776	NodeReleaser::releaseAllNodes(this);
1777	}
1778
1779	void WhileNode::releaseNodes(NodeReleaser& releaser)
1780	{
1781	releaser.release(m_expr);
1782	releaser.release(m_statement);
1783	}
1784
1785	RegisterID* WhileNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1786	{
1787	RefPtr<LabelScope> scope = generator.newLabelScope(LabelScope::Loop);
1788
1789	generator.emitJump(scope->continueTarget());
1790
1791	RefPtr<Label> topOfLoop = generator.newLabel();
1792	generator.emitLabel(topOfLoop.get());
1793
1794	if (!m_statement->isBlock())
1795	generator.emitDebugHook(WillExecuteStatement, m_statement->firstLine(), m_statement->lastLine());
1796
1797	generator.emitNode(dst, m_statement.get());
1798
1799	generator.emitLabel(scope->continueTarget());
1800	generator.emitDebugHook(WillExecuteStatement, m_expr->lineNo(), m_expr->lineNo());
1801	RegisterID* cond = generator.emitNode(m_expr.get());
1802	generator.emitJumpIfTrue(cond, topOfLoop.get());
1803
1804	generator.emitLabel(scope->breakTarget());
1805
1806	// FIXME: This should return the last statement executed so that it can be returned as a Completion
1807	return 0;
1808	}
1809
1810	// ------------------------------ ForNode --------------------------------------
1811
1812	ForNode::~ForNode()
1813	{
1814	NodeReleaser::releaseAllNodes(this);
1815	}
1816
1817	void ForNode::releaseNodes(NodeReleaser& releaser)
1818	{
1819	releaser.release(m_expr1);
1820	releaser.release(m_expr2);
1821	releaser.release(m_expr3);
1822	releaser.release(m_statement);
1823	}
1824
1825	RegisterID* ForNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1826	{
1827	if (dst == generator.ignoredResult())
1828	dst = 0;
1829
1830	RefPtr<LabelScope> scope = generator.newLabelScope(LabelScope::Loop);
1831
1832	generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine());
1833
1834	if (m_expr1)
1835	generator.emitNode(generator.ignoredResult(), m_expr1.get());
1836
1837	RefPtr<Label> condition = generator.newLabel();
1838	generator.emitJump(condition.get());
1839
1840	RefPtr<Label> topOfLoop = generator.newLabel();
1841	generator.emitLabel(topOfLoop.get());
1842
1843	if (!m_statement->isBlock())
1844	generator.emitDebugHook(WillExecuteStatement, m_statement->firstLine(), m_statement->lastLine());
1845	RefPtr<RegisterID> result = generator.emitNode(dst, m_statement.get());
1846
1847	generator.emitLabel(scope->continueTarget());
1848	if (m_expr3)
1849	generator.emitNode(generator.ignoredResult(), m_expr3.get());
1850
1851	generator.emitLabel(condition.get());
1852	if (m_expr2) {
1853	RegisterID* cond = generator.emitNode(m_expr2.get());
1854	generator.emitJumpIfTrue(cond, topOfLoop.get());
1855	} else
1856	generator.emitJump(topOfLoop.get());
1857
1858	generator.emitLabel(scope->breakTarget());
1859	return result.get();
1860	}
1861
1862	// ------------------------------ ForInNode ------------------------------------
1863
1864	ForInNode::~ForInNode()
1865	{
1866	NodeReleaser::releaseAllNodes(this);
1867	}
1868
1869	void ForInNode::releaseNodes(NodeReleaser& releaser)
1870	{
1871	releaser.release(m_init);
1872	releaser.release(m_lexpr);
1873	releaser.release(m_expr);
1874	releaser.release(m_statement);
1875	}
1876
1877	ForInNode::ForInNode(JSGlobalData* globalData, ExpressionNode* l, ExpressionNode* expr, StatementNode* statement)
1878	: StatementNode(globalData)
1879	, m_init(0L)
1880	, m_lexpr(l)
1881	, m_expr(expr)
1882	, m_statement(statement)
1883	, m_identIsVarDecl(false)
1884	{
1885	}
1886
1887	ForInNode::ForInNode(JSGlobalData* globalData, const Identifier& ident, ExpressionNode* in, ExpressionNode* expr, StatementNode* statement, int divot, int startOffset, int endOffset)
1888	: StatementNode(globalData)
1889	, m_ident(ident)
1890	, m_lexpr(new ResolveNode(globalData, ident, divot - startOffset))
1891	, m_expr(expr)
1892	, m_statement(statement)
1893	, m_identIsVarDecl(true)
1894	{
1895	if (in) {
1896	AssignResolveNode* node = new AssignResolveNode(globalData, ident, in, true);
1897	node->setExceptionSourceCode(divot, divot - startOffset, endOffset - divot);
1898	m_init = node;
1899	}
1900	// for( var foo = bar in baz )
1901	}
1902
1903	RegisterID* ForInNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1904	{
1905	RefPtr<LabelScope> scope = generator.newLabelScope(LabelScope::Loop);
1906
1907	if (!m_lexpr->isLocation())
1908	return emitThrowError(generator, ReferenceError, "Left side of for-in statement is not a reference.");
1909
1910	RefPtr<Label> continueTarget = generator.newLabel();
1911
1912	generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine());
1913
1914	if (m_init)
1915	generator.emitNode(generator.ignoredResult(), m_init.get());
1916	RegisterID* forInBase = generator.emitNode(m_expr.get());
1917	RefPtr<RegisterID> iter = generator.emitGetPropertyNames(generator.newTemporary(), forInBase);
1918	generator.emitJump(scope->continueTarget());
1919
1920	RefPtr<Label> loopStart = generator.newLabel();
1921	generator.emitLabel(loopStart.get());
1922
1923	RegisterID* propertyName;
1924	if (m_lexpr->isResolveNode()) {
1925	const Identifier& ident = static_cast<ResolveNode*>(m_lexpr.get())->identifier();
1926	propertyName = generator.registerFor(ident);
1927	if (!propertyName) {
1928	propertyName = generator.newTemporary();
1929	RefPtr<RegisterID> protect = propertyName;
1930	RegisterID* base = generator.emitResolveBase(generator.newTemporary(), ident);
1931
1932	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1933	generator.emitPutById(base, ident, propertyName);
1934	}
1935	} else if (m_lexpr->isDotAccessorNode()) {
1936	DotAccessorNode* assignNode = static_cast<DotAccessorNode*>(m_lexpr.get());
1937	const Identifier& ident = assignNode->identifier();
1938	propertyName = generator.newTemporary();
1939	RefPtr<RegisterID> protect = propertyName;
1940	RegisterID* base = generator.emitNode(assignNode->base());
1941
1942	generator.emitExpressionInfo(assignNode->divot(), assignNode->startOffset(), assignNode->endOffset());
1943	generator.emitPutById(base, ident, propertyName);
1944	} else {
1945	ASSERT(m_lexpr->isBracketAccessorNode());
1946	BracketAccessorNode* assignNode = static_cast<BracketAccessorNode*>(m_lexpr.get());
1947	propertyName = generator.newTemporary();
1948	RefPtr<RegisterID> protect = propertyName;
1949	RefPtr<RegisterID> base = generator.emitNode(assignNode->base());
1950	RegisterID* subscript = generator.emitNode(assignNode->subscript());
1951
1952	generator.emitExpressionInfo(assignNode->divot(), assignNode->startOffset(), assignNode->endOffset());
1953	generator.emitPutByVal(base.get(), subscript, propertyName);
1954	}
1955
1956	if (!m_statement->isBlock())
1957	generator.emitDebugHook(WillExecuteStatement, m_statement->firstLine(), m_statement->lastLine());
1958	generator.emitNode(dst, m_statement.get());
1959
1960	generator.emitLabel(scope->continueTarget());
1961	generator.emitNextPropertyName(propertyName, iter.get(), loopStart.get());
1962	generator.emitLabel(scope->breakTarget());
1963	return dst;
1964	}
1965
1966	// ------------------------------ ContinueNode ---------------------------------
1967
1968	// ECMA 12.7
1969	RegisterID* ContinueNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1970	{
1971	LabelScope* scope = generator.continueTarget(m_ident);
1972
1973	if (!scope)
1974	return m_ident.isEmpty()
1975	? emitThrowError(generator, SyntaxError, "Invalid continue statement.")
1976	: emitThrowError(generator, SyntaxError, "Undefined label: '%s'.", m_ident);
1977
1978	generator.emitJumpScopes(scope->continueTarget(), scope->scopeDepth());
1979	return dst;
1980	}
1981
1982	// ------------------------------ BreakNode ------------------------------------
1983
1984	// ECMA 12.8
1985	RegisterID* BreakNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1986	{
1987	LabelScope* scope = generator.breakTarget(m_ident);
1988
1989	if (!scope)
1990	return m_ident.isEmpty()
1991	? emitThrowError(generator, SyntaxError, "Invalid break statement.")
1992	: emitThrowError(generator, SyntaxError, "Undefined label: '%s'.", m_ident);
1993
1994	generator.emitJumpScopes(scope->breakTarget(), scope->scopeDepth());
1995	return dst;
1996	}
1997
1998	// ------------------------------ ReturnNode -----------------------------------
1999
2000	ReturnNode::~ReturnNode()
2001	{
2002	NodeReleaser::releaseAllNodes(this);
2003	}
2004
2005	void ReturnNode::releaseNodes(NodeReleaser& releaser)
2006	{
2007	releaser.release(m_value);
2008	}
2009
2010	RegisterID* ReturnNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
2011	{
2012	if (generator.codeType() != FunctionCode)
2013	return emitThrowError(generator, SyntaxError, "Invalid return statement.");
2014
2015	if (dst == generator.ignoredResult())
2016	dst = 0;
2017	RegisterID* r0 = m_value ? generator.emitNode(dst, m_value.get()) : generator.emitLoad(dst, jsUndefined());
2018	if (generator.scopeDepth()) {
2019	RefPtr<Label> l0 = generator.newLabel();
2020	generator.emitJumpScopes(l0.get(), 0);
2021	generator.emitLabel(l0.get());
2022	}
2023	generator.emitDebugHook(WillLeaveCallFrame, firstLine(), lastLine());
2024	return generator.emitReturn(r0);
2025	}
2026
2027	// ------------------------------ WithNode -------------------------------------
2028
2029	WithNode::~WithNode()
2030	{
2031	NodeReleaser::releaseAllNodes(this);
2032	}
2033
2034	void WithNode::releaseNodes(NodeReleaser& releaser)
2035	{
2036	releaser.release(m_expr);
2037	releaser.release(m_statement);
2038	}
2039
2040	RegisterID* WithNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
2041	{
2042	RefPtr<RegisterID> scope = generator.newTemporary();
2043	generator.emitNode(scope.get(), m_expr.get()); // scope must be protected until popped
2044	generator.emitExpressionInfo(m_divot, m_expressionLength, 0);
2045	generator.emitPushScope(scope.get());
2046	RegisterID* result = generator.emitNode(dst, m_statement.get());
2047	generator.emitPopScope();
2048	return result;
2049	}
2050
2051	// ------------------------------ CaseClauseNode --------------------------------
2052
2053	CaseClauseNode::~CaseClauseNode()
2054	{
2055	NodeReleaser::releaseAllNodes(this);
2056	}
2057
2058	void CaseClauseNode::releaseNodes(NodeReleaser& releaser)
2059	{
2060	releaser.release(m_expr);
2061	}
2062
2063	// ------------------------------ ClauseListNode --------------------------------
2064
2065	ClauseListNode::~ClauseListNode()
2066	{
2067	NodeReleaser::releaseAllNodes(this);
2068	}
2069
2070	void ClauseListNode::releaseNodes(NodeReleaser& releaser)
2071	{
2072	releaser.release(m_clause);
2073	releaser.release(m_next);
2074	}
2075
2076	// ------------------------------ CaseBlockNode --------------------------------
2077
2078	CaseBlockNode::~CaseBlockNode()
2079	{
2080	NodeReleaser::releaseAllNodes(this);
2081	}
2082
2083	void CaseBlockNode::releaseNodes(NodeReleaser& releaser)
2084	{
2085	releaser.release(m_list1);
2086	releaser.release(m_defaultClause);
2087	releaser.release(m_list2);
2088	}
2089
2090	enum SwitchKind {
2091	SwitchUnset = 0,
2092	SwitchNumber = 1,
2093	SwitchString = 2,
2094	SwitchNeither = 3
2095	};
2096
2097	static void processClauseList(ClauseListNode* list, Vector<ExpressionNode*, 8>& literalVector, SwitchKind& typeForTable, bool& singleCharacterSwitch, int32_t& min_num, int32_t& max_num)
2098	{
2099	for (; list; list = list->getNext()) {
2100	ExpressionNode* clauseExpression = list->getClause()->expr();
2101	literalVector.append(clauseExpression);
2102	if (clauseExpression->isNumber()) {
2103	double value = static_cast<NumberNode*>(clauseExpression)->value();
2104	if ((typeForTable & ~SwitchNumber) \|\| !JSImmediate::from(value)) {
2105	typeForTable = SwitchNeither;
2106	break;
2107	}
2108	int32_t intVal = static_cast<int32_t>(value);
2109	ASSERT(intVal == value);
2110	if (intVal < min_num)
2111	min_num = intVal;
2112	if (intVal > max_num)
2113	max_num = intVal;
2114	typeForTable = SwitchNumber;
2115	continue;
2116	}
2117	if (clauseExpression->isString()) {
2118	if (typeForTable & ~SwitchString) {
2119	typeForTable = SwitchNeither;
2120	break;
2121	}
2122	const UString& value = static_cast<StringNode*>(clauseExpression)->value().ustring();
2123	if (singleCharacterSwitch &= value.size() == 1) {
2124	int32_t intVal = value.rep()->data()[0];
2125	if (intVal < min_num)
2126	min_num = intVal;
2127	if (intVal > max_num)
2128	max_num = intVal;
2129	}
2130	typeForTable = SwitchString;
2131	continue;
2132	}
2133	typeForTable = SwitchNeither;
2134	break;
2135	}
2136	}
2137
2138	SwitchInfo::SwitchType CaseBlockNode::tryOptimizedSwitch(Vector<ExpressionNode*, 8>& literalVector, int32_t& min_num, int32_t& max_num)
2139	{
2140	SwitchKind typeForTable = SwitchUnset;
2141	bool singleCharacterSwitch = true;
2142
2143	processClauseList(m_list1.get(), literalVector, typeForTable, singleCharacterSwitch, min_num, max_num);
2144	processClauseList(m_list2.get(), literalVector, typeForTable, singleCharacterSwitch, min_num, max_num);
2145
2146	if (typeForTable == SwitchUnset \|\| typeForTable == SwitchNeither)
2147	return SwitchInfo::SwitchNone;
2148
2149	if (typeForTable == SwitchNumber) {
2150	int32_t range = max_num - min_num;
2151	if (min_num <= max_num && range <= 1000 && (range / literalVector.size()) < 10)
2152	return SwitchInfo::SwitchImmediate;
2153	return SwitchInfo::SwitchNone;
2154	}
2155
2156	ASSERT(typeForTable == SwitchString);
2157
2158	if (singleCharacterSwitch) {
2159	int32_t range = max_num - min_num;
2160	if (min_num <= max_num && range <= 1000 && (range / literalVector.size()) < 10)
2161	return SwitchInfo::SwitchCharacter;
2162	}
2163
2164	return SwitchInfo::SwitchString;
2165	}
2166
2167	RegisterID* CaseBlockNode::emitBytecodeForBlock(BytecodeGenerator& generator, RegisterID* switchExpression, RegisterID* dst)
2168	{
2169	RefPtr<Label> defaultLabel;
2170	Vector<RefPtr<Label>, 8> labelVector;
2171	Vector<ExpressionNode*, 8> literalVector;
2172	int32_t min_num = std::numeric_limits<int32_t>::max();
2173	int32_t max_num = std::numeric_limits<int32_t>::min();
2174	SwitchInfo::SwitchType switchType = tryOptimizedSwitch(literalVector, min_num, max_num);
2175
2176	if (switchType != SwitchInfo::SwitchNone) {
2177	// Prepare the various labels
2178	for (uint32_t i = 0; i < literalVector.size(); i++)
2179	labelVector.append(generator.newLabel());
2180	defaultLabel = generator.newLabel();
2181	generator.beginSwitch(switchExpression, switchType);
2182	} else {
2183	// Setup jumps
2184	for (ClauseListNode* list = m_list1.get(); list; list = list->getNext()) {
2185	RefPtr<RegisterID> clauseVal = generator.newTemporary();
2186	generator.emitNode(clauseVal.get(), list->getClause()->expr());
2187	generator.emitBinaryOp(op_stricteq, clauseVal.get(), clauseVal.get(), switchExpression, OperandTypes());
2188	labelVector.append(generator.newLabel());
2189	generator.emitJumpIfTrue(clauseVal.get(), labelVector[labelVector.size() - 1].get());
2190	}
2191
2192	for (ClauseListNode* list = m_list2.get(); list; list = list->getNext()) {
2193	RefPtr<RegisterID> clauseVal = generator.newTemporary();
2194	generator.emitNode(clauseVal.get(), list->getClause()->expr());
2195	generator.emitBinaryOp(op_stricteq, clauseVal.get(), clauseVal.get(), switchExpression, OperandTypes());
2196	labelVector.append(generator.newLabel());
2197	generator.emitJumpIfTrue(clauseVal.get(), labelVector[labelVector.size() - 1].get());
2198	}
2199	defaultLabel = generator.newLabel();
2200	generator.emitJump(defaultLabel.get());
2201	}
2202
2203	RegisterID* result = 0;
2204
2205	size_t i = 0;
2206	for (ClauseListNode* list = m_list1.get(); list; list = list->getNext()) {
2207	generator.emitLabel(labelVector[i++].get());
2208	result = statementListEmitCode(list->getClause()->children(), generator, dst);
2209	}
2210
2211	if (m_defaultClause) {
2212	generator.emitLabel(defaultLabel.get());
2213	result = statementListEmitCode(m_defaultClause->children(), generator, dst);
2214	}
2215
2216	for (ClauseListNode* list = m_list2.get(); list; list = list->getNext()) {
2217	generator.emitLabel(labelVector[i++].get());
2218	result = statementListEmitCode(list->getClause()->children(), generator, dst);
2219	}
2220	if (!m_defaultClause)
2221	generator.emitLabel(defaultLabel.get());
2222
2223	ASSERT(i == labelVector.size());
2224	if (switchType != SwitchInfo::SwitchNone) {
2225	ASSERT(labelVector.size() == literalVector.size());
2226	generator.endSwitch(labelVector.size(), labelVector.data(), literalVector.data(), defaultLabel.get(), min_num, max_num);
2227	}
2228	return result;
2229	}
2230
2231	// ------------------------------ SwitchNode -----------------------------------
2232
2233	SwitchNode::~SwitchNode()
2234	{
2235	NodeReleaser::releaseAllNodes(this);
2236	}
2237
2238	void SwitchNode::releaseNodes(NodeReleaser& releaser)
2239	{
2240	releaser.release(m_expr);
2241	releaser.release(m_block);
2242	}
2243
2244	RegisterID* SwitchNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
2245	{
2246	RefPtr<LabelScope> scope = generator.newLabelScope(LabelScope::Switch);
2247
2248	RefPtr<RegisterID> r0 = generator.emitNode(m_expr.get());
2249	RegisterID* r1 = m_block->emitBytecodeForBlock(generator, r0.get(), dst);
2250
2251	generator.emitLabel(scope->breakTarget());
2252	return r1;
2253	}
2254
2255	// ------------------------------ LabelNode ------------------------------------
2256
2257	LabelNode::~LabelNode()
2258	{
2259	NodeReleaser::releaseAllNodes(this);
2260	}
2261
2262	void LabelNode::releaseNodes(NodeReleaser& releaser)
2263	{
2264	releaser.release(m_statement);
2265	}
2266
2267	RegisterID* LabelNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
2268	{
2269	if (generator.breakTarget(m_name))
2270	return emitThrowError(generator, SyntaxError, "Duplicate label: %s.", m_name);
2271
2272	RefPtr<LabelScope> scope = generator.newLabelScope(LabelScope::NamedLabel, &m_name);
2273	RegisterID* r0 = generator.emitNode(dst, m_statement.get());
2274
2275	generator.emitLabel(scope->breakTarget());
2276	return r0;
2277	}
2278
2279	// ------------------------------ ThrowNode ------------------------------------
2280
2281	ThrowNode::~ThrowNode()
2282	{
2283	NodeReleaser::releaseAllNodes(this);
2284	}
2285
2286	void ThrowNode::releaseNodes(NodeReleaser& releaser)
2287	{
2288	releaser.release(m_expr);
2289	}
2290
2291	RegisterID* ThrowNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
2292	{
2293	if (dst == generator.ignoredResult())
2294	dst = 0;
2295	RefPtr<RegisterID> expr = generator.emitNode(dst, m_expr.get());
2296	generator.emitExpressionInfo(divot(), startOffset(), endOffset());
2297	generator.emitThrow(expr.get());
2298	return dst;
2299	}
2300
2301	// ------------------------------ TryNode --------------------------------------
2302
2303	TryNode::~TryNode()
2304	{
2305	NodeReleaser::releaseAllNodes(this);
2306	}
2307
2308	void TryNode::releaseNodes(NodeReleaser& releaser)
2309	{
2310	releaser.release(m_tryBlock);
2311	releaser.release(m_catchBlock);
2312	releaser.release(m_finallyBlock);
2313	}
2314
2315	RegisterID* TryNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
2316	{
2317	RefPtr<Label> tryStartLabel = generator.newLabel();
2318	RefPtr<Label> tryEndLabel = generator.newLabel();
2319	RefPtr<Label> finallyStart;
2320	RefPtr<RegisterID> finallyReturnAddr;
2321	if (m_finallyBlock) {
2322	finallyStart = generator.newLabel();
2323	finallyReturnAddr = generator.newTemporary();
2324	generator.pushFinallyContext(finallyStart.get(), finallyReturnAddr.get());
2325	}
2326	generator.emitLabel(tryStartLabel.get());
2327	generator.emitNode(dst, m_tryBlock.get());
2328	generator.emitLabel(tryEndLabel.get());
2329
2330	if (m_catchBlock) {
2331	RefPtr<Label> handlerEndLabel = generator.newLabel();
2332	generator.emitJump(handlerEndLabel.get());
2333	RefPtr<RegisterID> exceptionRegister = generator.emitCatch(generator.newTemporary(), tryStartLabel.get(), tryEndLabel.get());
2334	generator.emitPushNewScope(exceptionRegister.get(), m_exceptionIdent, exceptionRegister.get());
2335	generator.emitNode(dst, m_catchBlock.get());
2336	generator.emitPopScope();
2337	generator.emitLabel(handlerEndLabel.get());
2338	}
2339
2340	if (m_finallyBlock) {
2341	generator.popFinallyContext();
2342	// there may be important registers live at the time we jump
2343	// to a finally block (such as for a return or throw) so we
2344	// ref the highest register ever used as a conservative
2345	// approach to not clobbering anything important
2346	RefPtr<RegisterID> highestUsedRegister = generator.highestUsedRegister();
2347	RefPtr<Label> finallyEndLabel = generator.newLabel();
2348	generator.emitJumpSubroutine(finallyReturnAddr.get(), finallyStart.get());
2349	// Use a label to record the subtle fact that sret will return to the
2350	// next instruction. sret is the only way to jump without an explicit label.
2351	generator.emitLabel(generator.newLabel().get());
2352	generator.emitJump(finallyEndLabel.get());
2353
2354	// Finally block for exception path
2355	RefPtr<RegisterID> tempExceptionRegister = generator.emitCatch(generator.newTemporary(), tryStartLabel.get(), generator.emitLabel(generator.newLabel().get()).get());
2356	generator.emitJumpSubroutine(finallyReturnAddr.get(), finallyStart.get());
2357	// Use a label to record the subtle fact that sret will return to the
2358	// next instruction. sret is the only way to jump without an explicit label.
2359	generator.emitLabel(generator.newLabel().get());
2360	generator.emitThrow(tempExceptionRegister.get());
2361
2362	// emit the finally block itself
2363	generator.emitLabel(finallyStart.get());
2364	generator.emitNode(dst, m_finallyBlock.get());
2365	generator.emitSubroutineReturn(finallyReturnAddr.get());
2366
2367	generator.emitLabel(finallyEndLabel.get());
2368	}
2369
2370	return dst;
2371	}
2372
2373	// ------------------------------ ParameterNode -----------------------------
2374
2375	ParameterNode::~ParameterNode()
2376	{
2377	NodeReleaser::releaseAllNodes(this);
2378	}
2379
2380	void ParameterNode::releaseNodes(NodeReleaser& releaser)
2381	{
2382	releaser.release(m_next);
2383	}
2384
2385	// -----------------------------ScopeNodeData ---------------------------
2386
2387	ScopeNodeData::ScopeNodeData(SourceElements* children, VarStack* varStack, FunctionStack* funcStack, int numConstants)
2388	: m_numConstants(numConstants)
2389	{
2390	if (varStack)
2391	m_varStack = *varStack;
2392	if (funcStack)
2393	m_functionStack = *funcStack;
2394	if (children)
2395	children->releaseContentsIntoVector(m_children);
2396	}
2397
2398	// ------------------------------ ScopeNode -----------------------------
2399
2400	ScopeNode::ScopeNode(JSGlobalData* globalData)
2401	: StatementNode(globalData)
2402	, m_features(NoFeatures)
2403	{
2404	#if ENABLE(OPCODE_SAMPLING)
2405	globalData->interpreter->sampler()->notifyOfScope(this);
2406	#endif
2407	}
2408
2409	ScopeNode::ScopeNode(JSGlobalData* globalData, const SourceCode& source, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, CodeFeatures features, int numConstants)
2410	: StatementNode(globalData)
2411	, m_data(new ScopeNodeData(children, varStack, funcStack, numConstants))
2412	, m_features(features)
2413	, m_source(source)
2414	{
2415	#if ENABLE(OPCODE_SAMPLING)
2416	globalData->interpreter->sampler()->notifyOfScope(this);
2417	#endif
2418	}
2419
2420	ScopeNode::~ScopeNode()
2421	{
2422	NodeReleaser::releaseAllNodes(this);
2423	}
2424
2425	void ScopeNode::releaseNodes(NodeReleaser& releaser)
2426	{
2427	if (!m_data)
2428	return;
2429	size_t size = m_data->m_children.size();
2430	for (size_t i = 0; i < size; ++i)
2431	releaser.release(m_data->m_children[i]);
2432	}
2433
2434	// ------------------------------ ProgramNode -----------------------------
2435
2436	ProgramNode::ProgramNode(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, const SourceCode& source, CodeFeatures features, int numConstants)
2437	: ScopeNode(globalData, source, children, varStack, funcStack, features, numConstants)
2438	{
2439	}
2440
2441	ProgramNode* ProgramNode::create(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, const SourceCode& source, CodeFeatures features, int numConstants)
2442	{
2443	return new ProgramNode(globalData, children, varStack, funcStack, source, features, numConstants);
2444	}
2445
2446	// ------------------------------ EvalNode -----------------------------
2447
2448	EvalNode::EvalNode(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, const SourceCode& source, CodeFeatures features, int numConstants)
2449	: ScopeNode(globalData, source, children, varStack, funcStack, features, numConstants)
2450	{
2451	}
2452
2453	RegisterID* EvalNode::emitBytecode(BytecodeGenerator& generator, RegisterID*)
2454	{
2455	generator.emitDebugHook(WillExecuteProgram, firstLine(), lastLine());
2456
2457	RefPtr<RegisterID> dstRegister = generator.newTemporary();
2458	generator.emitLoad(dstRegister.get(), jsUndefined());
2459	statementListEmitCode(children(), generator, dstRegister.get());
2460
2461	generator.emitDebugHook(DidExecuteProgram, firstLine(), lastLine());
2462	generator.emitEnd(dstRegister.get());
2463	return 0;
2464	}
2465
2466	void EvalNode::generateBytecode(ScopeChainNode* scopeChainNode)
2467	{
2468	ScopeChain scopeChain(scopeChainNode);
2469	JSGlobalObject* globalObject = scopeChain.globalObject();
2470
2471	m_code.set(new EvalCodeBlock(this, globalObject, source().provider()));
2472
2473	BytecodeGenerator generator(this, globalObject->debugger(), scopeChain, &m_code->symbolTable(), m_code.get());
2474	generator.generate();
2475
2476	// Eval code needs to hang on to its declaration stacks to keep declaration info alive until Interpreter::execute time,
2477	// so the entire ScopeNodeData cannot be destoyed.
2478	children().clear();
2479	}
2480
2481	EvalNode* EvalNode::create(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, const SourceCode& source, CodeFeatures features, int numConstants)
2482	{
2483	return new EvalNode(globalData, children, varStack, funcStack, source, features, numConstants);
2484	}
2485
2486	// ------------------------------ FunctionBodyNode -----------------------------
2487
2488	FunctionBodyNode::FunctionBodyNode(JSGlobalData* globalData)
2489	: ScopeNode(globalData)
2490	, m_parameters(0)
2491	, m_parameterCount(0)
2492	, m_refCount(0)
2493	{
2494	}
2495
2496	FunctionBodyNode::FunctionBodyNode(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, const SourceCode& sourceCode, CodeFeatures features, int numConstants)
2497	: ScopeNode(globalData, sourceCode, children, varStack, funcStack, features, numConstants)
2498	, m_parameters(0)
2499	, m_parameterCount(0)
2500	, m_refCount(0)
2501	{
2502	}
2503
2504	FunctionBodyNode::~FunctionBodyNode()
2505	{
2506	ASSERT(!m_refCount);
2507	fastFree(m_parameters);
2508	}
2509
2510	void FunctionBodyNode::finishParsing(const SourceCode& source, ParameterNode* firstParameter)
2511	{
2512	Vector<Identifier> parameters;
2513	for (ParameterNode* parameter = firstParameter; parameter; parameter = parameter->nextParam())
2514	parameters.append(parameter->ident());
2515	size_t count = parameters.size();
2516
2517	setSource(source);
2518	finishParsing(parameters.releaseBuffer(), count);
2519	}
2520
2521	void FunctionBodyNode::finishParsing(Identifier* parameters, size_t parameterCount)
2522	{
2523	ASSERT(!source().isNull());
2524	m_parameters = parameters;
2525	m_parameterCount = parameterCount;
2526	}
2527
2528	void FunctionBodyNode::mark()
2529	{
2530	if (m_code)
2531	m_code->mark();
2532	}
2533
2534	FunctionBodyNode* FunctionBodyNode::create(JSGlobalData* globalData)
2535	{
2536	return new FunctionBodyNode(globalData);
2537	}
2538
2539	FunctionBodyNode* FunctionBodyNode::create(JSGlobalData* globalData, SourceElements* children, VarStack* varStack, FunctionStack* funcStack, const SourceCode& sourceCode, CodeFeatures features, int numConstants)
2540	{
2541	return new FunctionBodyNode(globalData, children, varStack, funcStack, sourceCode, features, numConstants);
2542	}
2543
2544	void FunctionBodyNode::generateBytecode(ScopeChainNode* scopeChainNode)
2545	{
2546	// This branch is only necessary since you can still create a non-stub FunctionBodyNode by
2547	// calling Parser::parse<FunctionBodyNode>().
2548	if (!data())
2549	scopeChainNode->globalData->parser->reparse(scopeChainNode->globalData, this);
2550	ASSERT(data());
2551
2552	ScopeChain scopeChain(scopeChainNode);
2553	JSGlobalObject* globalObject = scopeChain.globalObject();
2554
2555	m_code.set(new CodeBlock(this, FunctionCode, source().provider(), source().startOffset()));
2556
2557	BytecodeGenerator generator(this, globalObject->debugger(), scopeChain, &m_code->symbolTable(), m_code.get());
2558	generator.generate();
2559
2560	destroyData();
2561	}
2562
2563	RegisterID* FunctionBodyNode::emitBytecode(BytecodeGenerator& generator, RegisterID*)
2564	{
2565	generator.emitDebugHook(DidEnterCallFrame, firstLine(), lastLine());
2566	statementListEmitCode(children(), generator, generator.ignoredResult());
2567	if (!children().size() \|\| !children().last()->isReturnNode()) {
2568	RegisterID* r0 = generator.emitLoad(0, jsUndefined());
2569	generator.emitDebugHook(WillLeaveCallFrame, firstLine(), lastLine());
2570	generator.emitReturn(r0);
2571	}
2572	return 0;
2573	}
2574
2575	RegisterID* ProgramNode::emitBytecode(BytecodeGenerator& generator, RegisterID*)
2576	{
2577	generator.emitDebugHook(WillExecuteProgram, firstLine(), lastLine());
2578
2579	RefPtr<RegisterID> dstRegister = generator.newTemporary();
2580	generator.emitLoad(dstRegister.get(), jsUndefined());
2581	statementListEmitCode(children(), generator, dstRegister.get());
2582
2583	generator.emitDebugHook(DidExecuteProgram, firstLine(), lastLine());
2584	generator.emitEnd(dstRegister.get());
2585	return 0;
2586	}
2587
2588	void ProgramNode::generateBytecode(ScopeChainNode* scopeChainNode)
2589	{
2590	ScopeChain scopeChain(scopeChainNode);
2591	JSGlobalObject* globalObject = scopeChain.globalObject();
2592
2593	m_code.set(new ProgramCodeBlock(this, GlobalCode, globalObject, source().provider()));
2594
2595	BytecodeGenerator generator(this, globalObject->debugger(), scopeChain, &globalObject->symbolTable(), m_code.get());
2596	generator.generate();
2597
2598	destroyData();
2599	}
2600
2601	UString FunctionBodyNode::paramString() const
2602	{
2603	UString s("");
2604	for (size_t pos = 0; pos < m_parameterCount; ++pos) {
2605	if (!s.isEmpty())
2606	s += ", ";
2607	s += parameters()[pos].ustring();
2608	}
2609
2610	return s;
2611	}
2612
2613	Identifier* FunctionBodyNode::copyParameters()
2614	{
2615	Identifier* parameters = static_cast<Identifier>(fastMalloc(m_parameterCount sizeof(Identifier)));
2616	VectorCopier<false, Identifier>::uninitializedCopy(m_parameters, m_parameters + m_parameterCount, parameters);
2617	return parameters;
2618	}
2619
2620	// ------------------------------ FuncDeclNode ---------------------------------
2621
2622	FuncDeclNode::~FuncDeclNode()
2623	{
2624	NodeReleaser::releaseAllNodes(this);
2625	}
2626
2627	void FuncDeclNode::releaseNodes(NodeReleaser& releaser)
2628	{
2629	releaser.release(m_parameter);
2630	releaser.release(m_body);
2631	}
2632
2633	JSFunction* FuncDeclNode::makeFunction(ExecState* exec, ScopeChainNode* scopeChain)
2634	{
2635	return new (exec) JSFunction(exec, m_ident, m_body.get(), scopeChain);
2636	}
2637
2638	RegisterID* FuncDeclNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
2639	{
2640	if (dst == generator.ignoredResult())
2641	dst = 0;
2642	return dst;
2643	}
2644
2645	// ------------------------------ FuncExprNode ---------------------------------
2646
2647	FuncExprNode::~FuncExprNode()
2648	{
2649	NodeReleaser::releaseAllNodes(this);
2650	}
2651
2652	void FuncExprNode::releaseNodes(NodeReleaser& releaser)
2653	{
2654	releaser.release(m_parameter);
2655	releaser.release(m_body);
2656	}
2657
2658	RegisterID* FuncExprNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
2659	{
2660	return generator.emitNewFunctionExpression(generator.finalDestination(dst), this);
2661	}
2662
2663	JSFunction* FuncExprNode::makeFunction(ExecState* exec, ScopeChainNode* scopeChain)
2664	{
2665	JSFunction* func = new (exec) JSFunction(exec, m_ident, m_body.get(), scopeChain);
2666
2667	/*
2668	The Identifier in a FunctionExpression can be referenced from inside
2669	the FunctionExpression's FunctionBody to allow the function to call
2670	itself recursively. However, unlike in a FunctionDeclaration, the
2671	Identifier in a FunctionExpression cannot be referenced from and
2672	does not affect the scope enclosing the FunctionExpression.
2673	*/
2674
2675	if (!m_ident.isNull()) {
2676	JSStaticScopeObject* functionScopeObject = new (exec) JSStaticScopeObject(exec, m_ident, func, ReadOnly \| DontDelete);
2677	func->scope().push(functionScopeObject);
2678	}
2679
2680	return func;
2681	}
2682
2683	} // namespace JSC

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: webkit/trunk/JavaScriptCore/parser/Nodes.cpp@ 39533

Download in other formats: