Add support for private names
[WebKit-https.git] / Source / JavaScriptCore / llint / LLIntSlowPaths.cpp
1 /*
2  * Copyright (C) 2011, 2012 Apple Inc. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
14  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
17  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
18  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
19  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
20  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
21  * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
23  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 
24  */
25
26 #include "config.h"
27 #include "LLIntSlowPaths.h"
28
29 #if ENABLE(LLINT)
30
31 #include "Arguments.h"
32 #include "CallFrame.h"
33 #include "CommonSlowPaths.h"
34 #include "GetterSetter.h"
35 #include "HostCallReturnValue.h"
36 #include "Interpreter.h"
37 #include "JIT.h"
38 #include "JITDriver.h"
39 #include "JSActivation.h"
40 #include "JSGlobalObjectFunctions.h"
41 #include "JSPropertyNameIterator.h"
42 #include "JSStaticScopeObject.h"
43 #include "JSString.h"
44 #include "JSValue.h"
45 #include "LLIntCommon.h"
46 #include "LLIntExceptions.h"
47 #include "LowLevelInterpreter.h"
48 #include "Operations.h"
49
50 namespace JSC { namespace LLInt {
51
52 #define LLINT_BEGIN_NO_SET_PC() \
53     JSGlobalData& globalData = exec->globalData();      \
54     NativeCallFrameTracer tracer(&globalData, exec)
55
56 #define LLINT_SET_PC_FOR_STUBS() \
57     exec->setCurrentVPC(pc + 1)
58
59 #define LLINT_BEGIN()                           \
60     LLINT_BEGIN_NO_SET_PC();                    \
61     LLINT_SET_PC_FOR_STUBS()
62
63 #define LLINT_OP(index) (exec->uncheckedR(pc[index].u.operand))
64 #define LLINT_OP_C(index) (exec->r(pc[index].u.operand))
65
66 #define LLINT_RETURN_TWO(first, second) do {       \
67         return encodeResult(first, second);        \
68     } while (false)
69
70 #define LLINT_END_IMPL() LLINT_RETURN_TWO(pc, exec)
71
72 #define LLINT_THROW(exceptionToThrow) do {                        \
73         globalData.exception = (exceptionToThrow);                \
74         pc = returnToThrow(exec, pc);                             \
75         LLINT_END_IMPL();                                         \
76     } while (false)
77
78 #define LLINT_CHECK_EXCEPTION() do {                    \
79         if (UNLIKELY(globalData.exception)) {           \
80             pc = returnToThrow(exec, pc);               \
81             LLINT_END_IMPL();                           \
82         }                                               \
83     } while (false)
84
85 #define LLINT_END() do {                        \
86         LLINT_CHECK_EXCEPTION();                \
87         LLINT_END_IMPL();                       \
88     } while (false)
89
90 #define LLINT_BRANCH(opcode, condition) do {                      \
91         bool __b_condition = (condition);                         \
92         LLINT_CHECK_EXCEPTION();                                  \
93         if (__b_condition)                                        \
94             pc += pc[OPCODE_LENGTH(opcode) - 1].u.operand;        \
95         else                                                      \
96             pc += OPCODE_LENGTH(opcode);                          \
97         LLINT_END_IMPL();                                         \
98     } while (false)
99
100 #define LLINT_RETURN(value) do {                \
101         JSValue __r_returnValue = (value);      \
102         LLINT_CHECK_EXCEPTION();                \
103         LLINT_OP(1) = __r_returnValue;          \
104         LLINT_END_IMPL();                       \
105     } while (false)
106
107 #if ENABLE(VALUE_PROFILER)
108 #define LLINT_RETURN_PROFILED(opcode, value) do {               \
109         JSValue __rp_returnValue = (value);                     \
110         LLINT_CHECK_EXCEPTION();                                \
111         LLINT_OP(1) = __rp_returnValue;                         \
112         pc[OPCODE_LENGTH(opcode) - 1].u.profile->m_buckets[0] = \
113             JSValue::encode(__rp_returnValue);                  \
114         LLINT_END_IMPL();                                       \
115     } while (false)
116 #else // ENABLE(VALUE_PROFILER)
117 #define LLINT_RETURN_PROFILED(opcode, value) LLINT_RETURN(value)
118 #endif // ENABLE(VALUE_PROFILER)
119
120 #define LLINT_CALL_END_IMPL(exec, callTarget) LLINT_RETURN_TWO((callTarget), (exec))
121
122 #define LLINT_CALL_THROW(exec, pc, exceptionToThrow) do {               \
123         ExecState* __ct_exec = (exec);                                  \
124         Instruction* __ct_pc = (pc);                                    \
125         globalData.exception = (exceptionToThrow);                      \
126         LLINT_CALL_END_IMPL(__ct_exec, callToThrow(__ct_exec, __ct_pc)); \
127     } while (false)
128
129 #define LLINT_CALL_CHECK_EXCEPTION(exec, pc) do {                       \
130         ExecState* __cce_exec = (exec);                                 \
131         Instruction* __cce_pc = (pc);                                   \
132         if (UNLIKELY(globalData.exception))                              \
133             LLINT_CALL_END_IMPL(__cce_exec, callToThrow(__cce_exec, __cce_pc)); \
134     } while (false)
135
136 #define LLINT_CALL_RETURN(exec, pc, callTarget) do {                    \
137         ExecState* __cr_exec = (exec);                                  \
138         Instruction* __cr_pc = (pc);                                    \
139         void* __cr_callTarget = (callTarget);                           \
140         LLINT_CALL_CHECK_EXCEPTION(__cr_exec->callerFrame(), __cr_pc);  \
141         LLINT_CALL_END_IMPL(__cr_exec, __cr_callTarget);                \
142     } while (false)
143
144 extern "C" SlowPathReturnType llint_trace_operand(ExecState* exec, Instruction* pc, int fromWhere, int operand)
145 {
146     LLINT_BEGIN();
147     dataLog("%p / %p: executing bc#%zu, op#%u: Trace(%d): %d: %d\n",
148             exec->codeBlock(),
149             exec,
150             static_cast<intptr_t>(pc - exec->codeBlock()->instructions().begin()),
151             exec->globalData().interpreter->getOpcodeID(pc[0].u.opcode),
152             fromWhere,
153             operand,
154             pc[operand].u.operand);
155     LLINT_END();
156 }
157
158 extern "C" SlowPathReturnType llint_trace_value(ExecState* exec, Instruction* pc, int fromWhere, int operand)
159 {
160     JSValue value = LLINT_OP_C(operand).jsValue();
161     union {
162         struct {
163             uint32_t tag;
164             uint32_t payload;
165         } bits;
166         EncodedJSValue asValue;
167     } u;
168     u.asValue = JSValue::encode(value);
169     dataLog("%p / %p: executing bc#%zu, op#%u: Trace(%d): %d: %d: %08x:%08x: %s\n",
170             exec->codeBlock(),
171             exec,
172             static_cast<intptr_t>(pc - exec->codeBlock()->instructions().begin()),
173             exec->globalData().interpreter->getOpcodeID(pc[0].u.opcode),
174             fromWhere,
175             operand,
176             pc[operand].u.operand,
177             u.bits.tag,
178             u.bits.payload,
179             value.description());
180     LLINT_END_IMPL();
181 }
182
183 LLINT_SLOW_PATH_DECL(trace_prologue)
184 {
185     dataLog("%p / %p: in prologue.\n", exec->codeBlock(), exec);
186     LLINT_END_IMPL();
187 }
188
189 static void traceFunctionPrologue(ExecState* exec, const char* comment, CodeSpecializationKind kind)
190 {
191     JSFunction* callee = jsCast<JSFunction*>(exec->callee());
192     FunctionExecutable* executable = callee->jsExecutable();
193     CodeBlock* codeBlock = &executable->generatedBytecodeFor(kind);
194     dataLog("%p / %p: in %s of function %p, executable %p; numVars = %u, numParameters = %u, numCalleeRegisters = %u, caller = %p.\n",
195             codeBlock, exec, comment, callee, executable,
196             codeBlock->m_numVars, codeBlock->numParameters(), codeBlock->m_numCalleeRegisters,
197             exec->callerFrame());
198 }
199
200 LLINT_SLOW_PATH_DECL(trace_prologue_function_for_call)
201 {
202     traceFunctionPrologue(exec, "call prologue", CodeForCall);
203     LLINT_END_IMPL();
204 }
205
206 LLINT_SLOW_PATH_DECL(trace_prologue_function_for_construct)
207 {
208     traceFunctionPrologue(exec, "construct prologue", CodeForConstruct);
209     LLINT_END_IMPL();
210 }
211
212 LLINT_SLOW_PATH_DECL(trace_arityCheck_for_call)
213 {
214     traceFunctionPrologue(exec, "call arity check", CodeForCall);
215     LLINT_END_IMPL();
216 }
217
218 LLINT_SLOW_PATH_DECL(trace_arityCheck_for_construct)
219 {
220     traceFunctionPrologue(exec, "construct arity check", CodeForConstruct);
221     LLINT_END_IMPL();
222 }
223
224 LLINT_SLOW_PATH_DECL(trace)
225 {
226     dataLog("%p / %p: executing bc#%zu, %s, scope %p\n",
227             exec->codeBlock(),
228             exec,
229             static_cast<intptr_t>(pc - exec->codeBlock()->instructions().begin()),
230             opcodeNames[exec->globalData().interpreter->getOpcodeID(pc[0].u.opcode)],
231             exec->scopeChain());
232     if (exec->globalData().interpreter->getOpcodeID(pc[0].u.opcode) == op_ret) {
233         dataLog("Will be returning to %p\n", exec->returnPC().value());
234         dataLog("The new cfr will be %p\n", exec->callerFrame());
235     }
236     LLINT_END_IMPL();
237 }
238
239 LLINT_SLOW_PATH_DECL(special_trace)
240 {
241     dataLog("%p / %p: executing special case bc#%zu, op#%u, return PC is %p\n",
242             exec->codeBlock(),
243             exec,
244             static_cast<intptr_t>(pc - exec->codeBlock()->instructions().begin()),
245             exec->globalData().interpreter->getOpcodeID(pc[0].u.opcode),
246             exec->returnPC().value());
247     LLINT_END_IMPL();
248 }
249
250 inline bool shouldJIT(ExecState* exec)
251 {
252     // You can modify this to turn off JITting without rebuilding the world.
253     return exec->globalData().canUseJIT();
254 }
255
256 // Returns true if we should try to OSR.
257 inline bool jitCompileAndSetHeuristics(CodeBlock* codeBlock, ExecState* exec)
258 {
259     if (!codeBlock->checkIfJITThresholdReached()) {
260 #if ENABLE(JIT_VERBOSE_OSR)
261         dataLog("    JIT threshold should be lifted.\n");
262 #endif
263         return false;
264     }
265         
266     CodeBlock::JITCompilationResult result = codeBlock->jitCompile(exec);
267     switch (result) {
268     case CodeBlock::AlreadyCompiled:
269 #if ENABLE(JIT_VERBOSE_OSR)
270         dataLog("    Code was already compiled.\n");
271 #endif
272         codeBlock->jitSoon();
273         return true;
274     case CodeBlock::CouldNotCompile:
275 #if ENABLE(JIT_VERBOSE_OSR)
276         dataLog("    JIT compilation failed.\n");
277 #endif
278         codeBlock->dontJITAnytimeSoon();
279         return false;
280     case CodeBlock::CompiledSuccessfully:
281 #if ENABLE(JIT_VERBOSE_OSR)
282         dataLog("    JIT compilation successful.\n");
283 #endif
284         codeBlock->jitSoon();
285         return true;
286     }
287     ASSERT_NOT_REACHED();
288     return false;
289 }
290
291 enum EntryKind { Prologue, ArityCheck };
292 static SlowPathReturnType entryOSR(ExecState* exec, Instruction* pc, CodeBlock* codeBlock, const char *name, EntryKind kind)
293 {
294 #if ENABLE(JIT_VERBOSE_OSR)
295     dataLog("%p: Entered %s with executeCounter = %d\n", codeBlock, name, codeBlock->llintExecuteCounter());
296 #endif
297     
298     if (!shouldJIT(exec)) {
299         codeBlock->dontJITAnytimeSoon();
300         LLINT_RETURN_TWO(0, exec);
301     }
302     if (!jitCompileAndSetHeuristics(codeBlock, exec))
303         LLINT_RETURN_TWO(0, exec);
304     
305     if (kind == Prologue)
306         LLINT_RETURN_TWO(codeBlock->getJITCode().executableAddressAtOffset(0), exec);
307     ASSERT(kind == ArityCheck);
308     LLINT_RETURN_TWO(codeBlock->getJITCodeWithArityCheck().executableAddress(), exec);
309 }
310
311 LLINT_SLOW_PATH_DECL(entry_osr)
312 {
313     return entryOSR(exec, pc, exec->codeBlock(), "entry_osr", Prologue);
314 }
315
316 LLINT_SLOW_PATH_DECL(entry_osr_function_for_call)
317 {
318     return entryOSR(exec, pc, &jsCast<JSFunction*>(exec->callee())->jsExecutable()->generatedBytecodeFor(CodeForCall), "entry_osr_function_for_call", Prologue);
319 }
320
321 LLINT_SLOW_PATH_DECL(entry_osr_function_for_construct)
322 {
323     return entryOSR(exec, pc, &jsCast<JSFunction*>(exec->callee())->jsExecutable()->generatedBytecodeFor(CodeForConstruct), "entry_osr_function_for_construct", Prologue);
324 }
325
326 LLINT_SLOW_PATH_DECL(entry_osr_function_for_call_arityCheck)
327 {
328     return entryOSR(exec, pc, &jsCast<JSFunction*>(exec->callee())->jsExecutable()->generatedBytecodeFor(CodeForCall), "entry_osr_function_for_call_arityCheck", ArityCheck);
329 }
330
331 LLINT_SLOW_PATH_DECL(entry_osr_function_for_construct_arityCheck)
332 {
333     return entryOSR(exec, pc, &jsCast<JSFunction*>(exec->callee())->jsExecutable()->generatedBytecodeFor(CodeForConstruct), "entry_osr_function_for_construct_arityCheck", ArityCheck);
334 }
335
336 LLINT_SLOW_PATH_DECL(loop_osr)
337 {
338     CodeBlock* codeBlock = exec->codeBlock();
339     
340 #if ENABLE(JIT_VERBOSE_OSR)
341     dataLog("%p: Entered loop_osr with executeCounter = %d\n", codeBlock, codeBlock->llintExecuteCounter());
342 #endif
343     
344     if (!shouldJIT(exec)) {
345         codeBlock->dontJITAnytimeSoon();
346         LLINT_RETURN_TWO(0, exec);
347     }
348     
349     if (!jitCompileAndSetHeuristics(codeBlock, exec))
350         LLINT_RETURN_TWO(0, exec);
351     
352     ASSERT(codeBlock->getJITType() == JITCode::BaselineJIT);
353     
354     Vector<BytecodeAndMachineOffset> map;
355     codeBlock->jitCodeMap()->decode(map);
356     BytecodeAndMachineOffset* mapping = binarySearch<BytecodeAndMachineOffset, unsigned, BytecodeAndMachineOffset::getBytecodeIndex>(map.begin(), map.size(), pc - codeBlock->instructions().begin());
357     ASSERT(mapping);
358     ASSERT(mapping->m_bytecodeIndex == static_cast<unsigned>(pc - codeBlock->instructions().begin()));
359     
360     void* jumpTarget = codeBlock->getJITCode().executableAddressAtOffset(mapping->m_machineCodeOffset);
361     ASSERT(jumpTarget);
362     
363     LLINT_RETURN_TWO(jumpTarget, exec);
364 }
365
366 LLINT_SLOW_PATH_DECL(replace)
367 {
368     CodeBlock* codeBlock = exec->codeBlock();
369     
370 #if ENABLE(JIT_VERBOSE_OSR)
371     dataLog("%p: Entered replace with executeCounter = %d\n", codeBlock, codeBlock->llintExecuteCounter());
372 #endif
373     
374     if (shouldJIT(exec))
375         jitCompileAndSetHeuristics(codeBlock, exec);
376     else
377         codeBlock->dontJITAnytimeSoon();
378     LLINT_END_IMPL();
379 }
380
381 LLINT_SLOW_PATH_DECL(register_file_check)
382 {
383     LLINT_BEGIN();
384 #if LLINT_SLOW_PATH_TRACING
385     dataLog("Checking stack height with exec = %p.\n", exec);
386     dataLog("CodeBlock = %p.\n", exec->codeBlock());
387     dataLog("Num callee registers = %u.\n", exec->codeBlock()->m_numCalleeRegisters);
388     dataLog("Num vars = %u.\n", exec->codeBlock()->m_numVars);
389     dataLog("Current end is at %p.\n", exec->globalData().interpreter->registerFile().end());
390 #endif
391     ASSERT(&exec->registers()[exec->codeBlock()->m_numCalleeRegisters] > exec->globalData().interpreter->registerFile().end());
392     if (UNLIKELY(!globalData.interpreter->registerFile().grow(&exec->registers()[exec->codeBlock()->m_numCalleeRegisters]))) {
393         ReturnAddressPtr returnPC = exec->returnPC();
394         exec = exec->callerFrame();
395         globalData.exception = createStackOverflowError(exec);
396         interpreterThrowInCaller(exec, returnPC);
397         pc = returnToThrowForThrownException(exec);
398     }
399     LLINT_END_IMPL();
400 }
401
402 LLINT_SLOW_PATH_DECL(slow_path_call_arityCheck)
403 {
404     LLINT_BEGIN();
405     ExecState* newExec = CommonSlowPaths::arityCheckFor(exec, &globalData.interpreter->registerFile(), CodeForCall);
406     if (!newExec) {
407         ReturnAddressPtr returnPC = exec->returnPC();
408         exec = exec->callerFrame();
409         globalData.exception = createStackOverflowError(exec);
410         interpreterThrowInCaller(exec, returnPC);
411         LLINT_RETURN_TWO(bitwise_cast<void*>(static_cast<uintptr_t>(1)), exec);
412     }
413     LLINT_RETURN_TWO(0, newExec);
414 }
415
416 LLINT_SLOW_PATH_DECL(slow_path_construct_arityCheck)
417 {
418     LLINT_BEGIN();
419     ExecState* newExec = CommonSlowPaths::arityCheckFor(exec, &globalData.interpreter->registerFile(), CodeForConstruct);
420     if (!newExec) {
421         ReturnAddressPtr returnPC = exec->returnPC();
422         exec = exec->callerFrame();
423         globalData.exception = createStackOverflowError(exec);
424         interpreterThrowInCaller(exec, returnPC);
425         LLINT_RETURN_TWO(bitwise_cast<void*>(static_cast<uintptr_t>(1)), exec);
426     }
427     LLINT_RETURN_TWO(0, newExec);
428 }
429
430 LLINT_SLOW_PATH_DECL(slow_path_create_activation)
431 {
432     LLINT_BEGIN();
433 #if LLINT_SLOW_PATH_TRACING
434     dataLog("Creating an activation, exec = %p!\n", exec);
435 #endif
436     JSActivation* activation = JSActivation::create(globalData, exec, static_cast<FunctionExecutable*>(exec->codeBlock()->ownerExecutable()));
437     exec->setScopeChain(exec->scopeChain()->push(activation));
438     LLINT_RETURN(JSValue(activation));
439 }
440
441 LLINT_SLOW_PATH_DECL(slow_path_create_arguments)
442 {
443     LLINT_BEGIN();
444     JSValue arguments = JSValue(Arguments::create(globalData, exec));
445     LLINT_CHECK_EXCEPTION();
446     exec->uncheckedR(pc[1].u.operand) = arguments;
447     exec->uncheckedR(unmodifiedArgumentsRegister(pc[1].u.operand)) = arguments;
448     LLINT_END();
449 }
450
451 LLINT_SLOW_PATH_DECL(slow_path_create_this)
452 {
453     LLINT_BEGIN();
454     JSFunction* constructor = jsCast<JSFunction*>(exec->callee());
455     
456 #if !ASSERT_DISABLED
457     ConstructData constructData;
458     ASSERT(constructor->methodTable()->getConstructData(constructor, constructData) == ConstructTypeJS);
459 #endif
460     
461     Structure* structure = constructor->cachedInheritorID(exec);
462     LLINT_RETURN(constructEmptyObject(exec, structure));
463 }
464
465 LLINT_SLOW_PATH_DECL(slow_path_convert_this)
466 {
467     LLINT_BEGIN();
468     JSValue v1 = LLINT_OP(1).jsValue();
469     ASSERT(v1.isPrimitive());
470     LLINT_RETURN(v1.toThisObject(exec));
471 }
472
473 LLINT_SLOW_PATH_DECL(slow_path_new_object)
474 {
475     LLINT_BEGIN();
476     LLINT_RETURN(constructEmptyObject(exec));
477 }
478
479 LLINT_SLOW_PATH_DECL(slow_path_new_array)
480 {
481     LLINT_BEGIN();
482     LLINT_RETURN(constructArray(exec, bitwise_cast<JSValue*>(&LLINT_OP(2)), pc[3].u.operand));
483 }
484
485 LLINT_SLOW_PATH_DECL(slow_path_new_array_buffer)
486 {
487     LLINT_BEGIN();
488     LLINT_RETURN(constructArray(exec, exec->codeBlock()->constantBuffer(pc[2].u.operand), pc[3].u.operand));
489 }
490
491 LLINT_SLOW_PATH_DECL(slow_path_new_regexp)
492 {
493     LLINT_BEGIN();
494     RegExp* regExp = exec->codeBlock()->regexp(pc[2].u.operand);
495     if (!regExp->isValid())
496         LLINT_THROW(createSyntaxError(exec, "Invalid flag supplied to RegExp constructor."));
497     LLINT_RETURN(RegExpObject::create(globalData, exec->lexicalGlobalObject(), exec->lexicalGlobalObject()->regExpStructure(), regExp));
498 }
499
500 LLINT_SLOW_PATH_DECL(slow_path_not)
501 {
502     LLINT_BEGIN();
503     LLINT_RETURN(jsBoolean(!LLINT_OP_C(2).jsValue().toBoolean()));
504 }
505
506 LLINT_SLOW_PATH_DECL(slow_path_eq)
507 {
508     LLINT_BEGIN();
509     LLINT_RETURN(jsBoolean(JSValue::equal(exec, LLINT_OP_C(2).jsValue(), LLINT_OP_C(3).jsValue())));
510 }
511
512 LLINT_SLOW_PATH_DECL(slow_path_neq)
513 {
514     LLINT_BEGIN();
515     LLINT_RETURN(jsBoolean(!JSValue::equal(exec, LLINT_OP_C(2).jsValue(), LLINT_OP_C(3).jsValue())));
516 }
517
518 LLINT_SLOW_PATH_DECL(slow_path_stricteq)
519 {
520     LLINT_BEGIN();
521     LLINT_RETURN(jsBoolean(JSValue::strictEqual(exec, LLINT_OP_C(2).jsValue(), LLINT_OP_C(3).jsValue())));
522 }
523
524 LLINT_SLOW_PATH_DECL(slow_path_nstricteq)
525 {
526     LLINT_BEGIN();
527     LLINT_RETURN(jsBoolean(!JSValue::strictEqual(exec, LLINT_OP_C(2).jsValue(), LLINT_OP_C(3).jsValue())));
528 }
529
530 LLINT_SLOW_PATH_DECL(slow_path_less)
531 {
532     LLINT_BEGIN();
533     LLINT_RETURN(jsBoolean(jsLess<true>(exec, LLINT_OP_C(2).jsValue(), LLINT_OP_C(3).jsValue())));
534 }
535
536 LLINT_SLOW_PATH_DECL(slow_path_lesseq)
537 {
538     LLINT_BEGIN();
539     LLINT_RETURN(jsBoolean(jsLessEq<true>(exec, LLINT_OP_C(2).jsValue(), LLINT_OP_C(3).jsValue())));
540 }
541
542 LLINT_SLOW_PATH_DECL(slow_path_greater)
543 {
544     LLINT_BEGIN();
545     LLINT_RETURN(jsBoolean(jsLess<false>(exec, LLINT_OP_C(3).jsValue(), LLINT_OP_C(2).jsValue())));
546 }
547
548 LLINT_SLOW_PATH_DECL(slow_path_greatereq)
549 {
550     LLINT_BEGIN();
551     LLINT_RETURN(jsBoolean(jsLessEq<false>(exec, LLINT_OP_C(3).jsValue(), LLINT_OP_C(2).jsValue())));
552 }
553
554 LLINT_SLOW_PATH_DECL(slow_path_pre_inc)
555 {
556     LLINT_BEGIN();
557     LLINT_RETURN(jsNumber(LLINT_OP(1).jsValue().toNumber(exec) + 1));
558 }
559
560 LLINT_SLOW_PATH_DECL(slow_path_pre_dec)
561 {
562     LLINT_BEGIN();
563     LLINT_RETURN(jsNumber(LLINT_OP(1).jsValue().toNumber(exec) - 1));
564 }
565
566 LLINT_SLOW_PATH_DECL(slow_path_post_inc)
567 {
568     LLINT_BEGIN();
569     double result = LLINT_OP(2).jsValue().toNumber(exec);
570     LLINT_OP(2) = jsNumber(result + 1);
571     LLINT_RETURN(jsNumber(result));
572 }
573
574 LLINT_SLOW_PATH_DECL(slow_path_post_dec)
575 {
576     LLINT_BEGIN();
577     double result = LLINT_OP(2).jsValue().toNumber(exec);
578     LLINT_OP(2) = jsNumber(result - 1);
579     LLINT_RETURN(jsNumber(result));
580 }
581
582 LLINT_SLOW_PATH_DECL(slow_path_to_jsnumber)
583 {
584     LLINT_BEGIN();
585     LLINT_RETURN(jsNumber(LLINT_OP_C(2).jsValue().toNumber(exec)));
586 }
587
588 LLINT_SLOW_PATH_DECL(slow_path_negate)
589 {
590     LLINT_BEGIN();
591     LLINT_RETURN(jsNumber(-LLINT_OP_C(2).jsValue().toNumber(exec)));
592 }
593
594 LLINT_SLOW_PATH_DECL(slow_path_add)
595 {
596     LLINT_BEGIN();
597     JSValue v1 = LLINT_OP_C(2).jsValue();
598     JSValue v2 = LLINT_OP_C(3).jsValue();
599     
600 #if LLINT_SLOW_PATH_TRACING
601     dataLog("Trying to add %s", v1.description());
602     dataLog(" to %s.\n", v2.description());
603 #endif
604     
605     if (v1.isString() && !v2.isObject())
606         LLINT_RETURN(jsString(exec, asString(v1), v2.toString(exec)));
607     
608     if (v1.isNumber() && v2.isNumber())
609         LLINT_RETURN(jsNumber(v1.asNumber() + v2.asNumber()));
610     
611     LLINT_RETURN(jsAddSlowCase(exec, v1, v2));
612 }
613
614 LLINT_SLOW_PATH_DECL(slow_path_mul)
615 {
616     LLINT_BEGIN();
617     LLINT_RETURN(jsNumber(LLINT_OP_C(2).jsValue().toNumber(exec) * LLINT_OP_C(3).jsValue().toNumber(exec)));
618 }
619
620 LLINT_SLOW_PATH_DECL(slow_path_sub)
621 {
622     LLINT_BEGIN();
623     LLINT_RETURN(jsNumber(LLINT_OP_C(2).jsValue().toNumber(exec) - LLINT_OP_C(3).jsValue().toNumber(exec)));
624 }
625
626 LLINT_SLOW_PATH_DECL(slow_path_div)
627 {
628     LLINT_BEGIN();
629     LLINT_RETURN(jsNumber(LLINT_OP_C(2).jsValue().toNumber(exec) / LLINT_OP_C(3).jsValue().toNumber(exec)));
630 }
631
632 LLINT_SLOW_PATH_DECL(slow_path_mod)
633 {
634     LLINT_BEGIN();
635     LLINT_RETURN(jsNumber(fmod(LLINT_OP_C(2).jsValue().toNumber(exec), LLINT_OP_C(3).jsValue().toNumber(exec))));
636 }
637
638 LLINT_SLOW_PATH_DECL(slow_path_lshift)
639 {
640     LLINT_BEGIN();
641     LLINT_RETURN(jsNumber(LLINT_OP_C(2).jsValue().toInt32(exec) << (LLINT_OP_C(3).jsValue().toUInt32(exec) & 31)));
642 }
643
644 LLINT_SLOW_PATH_DECL(slow_path_rshift)
645 {
646     LLINT_BEGIN();
647     LLINT_RETURN(jsNumber(LLINT_OP_C(2).jsValue().toInt32(exec) >> (LLINT_OP_C(3).jsValue().toUInt32(exec) & 31)));
648 }
649
650 LLINT_SLOW_PATH_DECL(slow_path_urshift)
651 {
652     LLINT_BEGIN();
653     LLINT_RETURN(jsNumber(LLINT_OP_C(2).jsValue().toUInt32(exec) >> (LLINT_OP_C(3).jsValue().toUInt32(exec) & 31)));
654 }
655
656 LLINT_SLOW_PATH_DECL(slow_path_bitand)
657 {
658     LLINT_BEGIN();
659     LLINT_RETURN(jsNumber(LLINT_OP_C(2).jsValue().toInt32(exec) & LLINT_OP_C(3).jsValue().toInt32(exec)));
660 }
661
662 LLINT_SLOW_PATH_DECL(slow_path_bitor)
663 {
664     LLINT_BEGIN();
665     LLINT_RETURN(jsNumber(LLINT_OP_C(2).jsValue().toInt32(exec) | LLINT_OP_C(3).jsValue().toInt32(exec)));
666 }
667
668 LLINT_SLOW_PATH_DECL(slow_path_bitxor)
669 {
670     LLINT_BEGIN();
671     LLINT_RETURN(jsNumber(LLINT_OP_C(2).jsValue().toInt32(exec) ^ LLINT_OP_C(3).jsValue().toInt32(exec)));
672 }
673
674 LLINT_SLOW_PATH_DECL(slow_path_check_has_instance)
675 {
676     LLINT_BEGIN();
677     JSValue baseVal = LLINT_OP_C(1).jsValue();
678 #ifndef NDEBUG
679     TypeInfo typeInfo(UnspecifiedType);
680     ASSERT(!baseVal.isObject()
681            || !(typeInfo = asObject(baseVal)->structure()->typeInfo()).implementsHasInstance());
682 #endif
683     LLINT_THROW(createInvalidParamError(exec, "instanceof", baseVal));
684 }
685
686 LLINT_SLOW_PATH_DECL(slow_path_instanceof)
687 {
688     LLINT_BEGIN();
689     LLINT_RETURN(jsBoolean(CommonSlowPaths::opInstanceOfSlow(exec, LLINT_OP_C(2).jsValue(), LLINT_OP_C(3).jsValue(), LLINT_OP_C(4).jsValue())));
690 }
691
692 LLINT_SLOW_PATH_DECL(slow_path_typeof)
693 {
694     LLINT_BEGIN();
695     LLINT_RETURN(jsTypeStringForValue(exec, LLINT_OP_C(2).jsValue()));
696 }
697
698 LLINT_SLOW_PATH_DECL(slow_path_is_object)
699 {
700     LLINT_BEGIN();
701     LLINT_RETURN(jsBoolean(jsIsObjectType(LLINT_OP_C(2).jsValue())));
702 }
703
704 LLINT_SLOW_PATH_DECL(slow_path_is_function)
705 {
706     LLINT_BEGIN();
707     LLINT_RETURN(jsBoolean(jsIsFunctionType(LLINT_OP_C(2).jsValue())));
708 }
709
710 LLINT_SLOW_PATH_DECL(slow_path_in)
711 {
712     LLINT_BEGIN();
713     LLINT_RETURN(jsBoolean(CommonSlowPaths::opIn(exec, LLINT_OP_C(2).jsValue(), LLINT_OP_C(3).jsValue())));
714 }
715
716 LLINT_SLOW_PATH_DECL(slow_path_resolve)
717 {
718     LLINT_BEGIN();
719     LLINT_RETURN_PROFILED(op_resolve, CommonSlowPaths::opResolve(exec, exec->codeBlock()->identifier(pc[2].u.operand)));
720 }
721
722 LLINT_SLOW_PATH_DECL(slow_path_resolve_skip)
723 {
724     LLINT_BEGIN();
725     LLINT_RETURN_PROFILED(
726         op_resolve_skip,
727         CommonSlowPaths::opResolveSkip(
728             exec,
729             exec->codeBlock()->identifier(pc[2].u.operand),
730             pc[3].u.operand));
731 }
732
733 static JSValue resolveGlobal(ExecState* exec, Instruction* pc)
734 {
735     CodeBlock* codeBlock = exec->codeBlock();
736     JSGlobalObject* globalObject = codeBlock->globalObject();
737     ASSERT(globalObject->isGlobalObject());
738     int property = pc[2].u.operand;
739     Structure* structure = pc[3].u.structure.get();
740     
741     ASSERT_UNUSED(structure, structure != globalObject->structure());
742     
743     Identifier& ident = codeBlock->identifier(property);
744     PropertySlot slot(globalObject);
745     
746     if (globalObject->getPropertySlot(exec, ident, slot)) {
747         JSValue result = slot.getValue(exec, ident);
748         if (slot.isCacheableValue() && !globalObject->structure()->isUncacheableDictionary()
749             && slot.slotBase() == globalObject) {
750             pc[3].u.structure.set(
751                 exec->globalData(), codeBlock->ownerExecutable(), globalObject->structure());
752             pc[4] = slot.cachedOffset();
753         }
754         
755         return result;
756     }
757     
758     exec->globalData().exception = createUndefinedVariableError(exec, ident);
759     return JSValue();
760 }
761
762 LLINT_SLOW_PATH_DECL(slow_path_resolve_global)
763 {
764     LLINT_BEGIN();
765     LLINT_RETURN_PROFILED(op_resolve_global, resolveGlobal(exec, pc));
766 }
767
768 LLINT_SLOW_PATH_DECL(slow_path_resolve_global_dynamic)
769 {
770     LLINT_BEGIN();
771     LLINT_RETURN_PROFILED(op_resolve_global_dynamic, resolveGlobal(exec, pc));
772 }
773
774 LLINT_SLOW_PATH_DECL(slow_path_resolve_for_resolve_global_dynamic)
775 {
776     LLINT_BEGIN();
777     LLINT_RETURN_PROFILED(op_resolve_global_dynamic, CommonSlowPaths::opResolve(exec, exec->codeBlock()->identifier(pc[2].u.operand)));
778 }
779
780 LLINT_SLOW_PATH_DECL(slow_path_resolve_base)
781 {
782     LLINT_BEGIN();
783     Identifier& ident = exec->codeBlock()->identifier(pc[2].u.operand);
784     if (pc[3].u.operand) {
785         JSValue base = JSC::resolveBase(exec, ident, exec->scopeChain(), true);
786         if (!base)
787             LLINT_THROW(createErrorForInvalidGlobalAssignment(exec, ident.ustring()));
788         LLINT_RETURN(base);
789     }
790     
791     LLINT_RETURN_PROFILED(op_resolve_base, JSC::resolveBase(exec, ident, exec->scopeChain(), false));
792 }
793
794 LLINT_SLOW_PATH_DECL(slow_path_ensure_property_exists)
795 {
796     LLINT_BEGIN();
797     JSObject* object = asObject(LLINT_OP(1).jsValue());
798     PropertySlot slot(object);
799     Identifier& ident = exec->codeBlock()->identifier(pc[2].u.operand);
800     if (!object->getPropertySlot(exec, ident, slot))
801         LLINT_THROW(createErrorForInvalidGlobalAssignment(exec, ident.ustring()));
802     LLINT_END();
803 }
804
805 LLINT_SLOW_PATH_DECL(slow_path_resolve_with_base)
806 {
807     LLINT_BEGIN();
808     JSValue result = CommonSlowPaths::opResolveWithBase(exec, exec->codeBlock()->identifier(pc[3].u.operand), LLINT_OP(1));
809     LLINT_CHECK_EXCEPTION();
810     LLINT_OP(2) = result;
811     // FIXME: technically should have profiling, but we don't do it because the DFG won't use it.
812     LLINT_END();
813 }
814
815 LLINT_SLOW_PATH_DECL(slow_path_resolve_with_this)
816 {
817     LLINT_BEGIN();
818     JSValue result = CommonSlowPaths::opResolveWithThis(exec, exec->codeBlock()->identifier(pc[3].u.operand), LLINT_OP(1));
819     LLINT_CHECK_EXCEPTION();
820     LLINT_OP(2) = result;
821     // FIXME: technically should have profiling, but we don't do it because the DFG won't use it.
822     LLINT_END();
823 }
824
825 LLINT_SLOW_PATH_DECL(slow_path_get_by_id)
826 {
827     LLINT_BEGIN();
828     CodeBlock* codeBlock = exec->codeBlock();
829     Identifier& ident = codeBlock->identifier(pc[3].u.operand);
830     JSValue baseValue = LLINT_OP_C(2).jsValue();
831     PropertySlot slot(baseValue);
832
833     JSValue result = baseValue.get(exec, ident, slot);
834     LLINT_CHECK_EXCEPTION();
835     LLINT_OP(1) = result;
836
837     if (baseValue.isCell()
838         && slot.isCacheable()
839         && slot.slotBase() == baseValue
840         && slot.cachedPropertyType() == PropertySlot::Value) {
841         
842         JSCell* baseCell = baseValue.asCell();
843         Structure* structure = baseCell->structure();
844         
845         if (!structure->isUncacheableDictionary()
846             && !structure->typeInfo().prohibitsPropertyCaching()) {
847             pc[4].u.structure.set(
848                 globalData, codeBlock->ownerExecutable(), structure);
849             pc[5].u.operand = slot.cachedOffset() * sizeof(JSValue);
850         }
851     }
852
853 #if ENABLE(VALUE_PROFILER)    
854     pc[OPCODE_LENGTH(op_get_by_id) - 1].u.profile->m_buckets[0] = JSValue::encode(result);
855 #endif
856     LLINT_END();
857 }
858
859 LLINT_SLOW_PATH_DECL(slow_path_get_arguments_length)
860 {
861     LLINT_BEGIN();
862     CodeBlock* codeBlock = exec->codeBlock();
863     Identifier& ident = codeBlock->identifier(pc[3].u.operand);
864     JSValue baseValue = LLINT_OP(2).jsValue();
865     PropertySlot slot(baseValue);
866     LLINT_RETURN(baseValue.get(exec, ident, slot));
867 }
868
869 LLINT_SLOW_PATH_DECL(slow_path_put_by_id)
870 {
871     LLINT_BEGIN();
872     CodeBlock* codeBlock = exec->codeBlock();
873     Identifier& ident = codeBlock->identifier(pc[2].u.operand);
874     
875     JSValue baseValue = LLINT_OP_C(1).jsValue();
876     PutPropertySlot slot(codeBlock->isStrictMode());
877     if (pc[8].u.operand)
878         asObject(baseValue)->putDirect(globalData, ident, LLINT_OP_C(3).jsValue(), slot);
879     else
880         baseValue.put(exec, ident, LLINT_OP_C(3).jsValue(), slot);
881     LLINT_CHECK_EXCEPTION();
882     
883     if (baseValue.isCell()
884         && slot.isCacheable()) {
885         
886         JSCell* baseCell = baseValue.asCell();
887         Structure* structure = baseCell->structure();
888         
889         if (!structure->isUncacheableDictionary()
890             && !structure->typeInfo().prohibitsPropertyCaching()
891             && baseCell == slot.base()) {
892             
893             if (slot.type() == PutPropertySlot::NewProperty) {
894                 if (!structure->isDictionary() && structure->previousID()->propertyStorageCapacity() == structure->propertyStorageCapacity()) {
895                     // This is needed because some of the methods we call
896                     // below may GC.
897                     pc[0].u.opcode = bitwise_cast<void*>(&llint_op_put_by_id);
898
899                     normalizePrototypeChain(exec, baseCell);
900                     
901                     ASSERT(structure->previousID()->isObject());
902                     pc[4].u.structure.set(
903                         globalData, codeBlock->ownerExecutable(), structure->previousID());
904                     pc[5].u.operand = slot.cachedOffset() * sizeof(JSValue);
905                     pc[6].u.structure.set(
906                         globalData, codeBlock->ownerExecutable(), structure);
907                     StructureChain* chain = structure->prototypeChain(exec);
908                     ASSERT(chain);
909                     pc[7].u.structureChain.set(
910                         globalData, codeBlock->ownerExecutable(), chain);
911                     
912                     if (pc[8].u.operand)
913                         pc[0].u.opcode = bitwise_cast<void*>(&llint_op_put_by_id_transition_direct);
914                     else
915                         pc[0].u.opcode = bitwise_cast<void*>(&llint_op_put_by_id_transition_normal);
916                 }
917             } else {
918                 pc[0].u.opcode = bitwise_cast<void*>(&llint_op_put_by_id);
919                 pc[4].u.structure.set(
920                     globalData, codeBlock->ownerExecutable(), structure);
921                 pc[5].u.operand = slot.cachedOffset() * sizeof(JSValue);
922             }
923         }
924     }
925     
926     LLINT_END();
927 }
928
929 LLINT_SLOW_PATH_DECL(slow_path_del_by_id)
930 {
931     LLINT_BEGIN();
932     CodeBlock* codeBlock = exec->codeBlock();
933     JSObject* baseObject = LLINT_OP_C(2).jsValue().toObject(exec);
934     bool couldDelete = baseObject->methodTable()->deleteProperty(baseObject, exec, codeBlock->identifier(pc[3].u.operand));
935     LLINT_CHECK_EXCEPTION();
936     if (!couldDelete && codeBlock->isStrictMode())
937         LLINT_THROW(createTypeError(exec, "Unable to delete property."));
938     LLINT_RETURN(jsBoolean(couldDelete));
939 }
940
941 inline JSValue getByVal(ExecState* exec, JSValue baseValue, JSValue subscript)
942 {
943     if (LIKELY(baseValue.isCell() && subscript.isString())) {
944         if (JSValue result = baseValue.asCell()->fastGetOwnProperty(exec, asString(subscript)->value(exec)))
945             return result;
946     }
947     
948     if (subscript.isUInt32()) {
949         uint32_t i = subscript.asUInt32();
950         if (isJSString(baseValue) && asString(baseValue)->canGetIndex(i))
951             return asString(baseValue)->getIndex(exec, i);
952         
953         return baseValue.get(exec, i);
954     }
955
956     if (isName(subscript))
957         return baseValue.get(exec, jsCast<NameInstance*>(subscript.asCell())->privateName());
958     
959     Identifier property(exec, subscript.toString(exec)->value(exec));
960     return baseValue.get(exec, property);
961 }
962
963 LLINT_SLOW_PATH_DECL(slow_path_get_by_val)
964 {
965     LLINT_BEGIN();
966     LLINT_RETURN_PROFILED(op_get_by_val, getByVal(exec, LLINT_OP_C(2).jsValue(), LLINT_OP_C(3).jsValue()));
967 }
968
969 LLINT_SLOW_PATH_DECL(slow_path_get_argument_by_val)
970 {
971     LLINT_BEGIN();
972     JSValue arguments = LLINT_OP(2).jsValue();
973     if (!arguments) {
974         arguments = Arguments::create(globalData, exec);
975         LLINT_CHECK_EXCEPTION();
976         LLINT_OP(2) = arguments;
977         exec->uncheckedR(unmodifiedArgumentsRegister(pc[2].u.operand)) = arguments;
978     }
979     
980     LLINT_RETURN(getByVal(exec, arguments, LLINT_OP_C(3).jsValue()));
981 }
982
983 LLINT_SLOW_PATH_DECL(slow_path_get_by_pname)
984 {
985     LLINT_BEGIN();
986     LLINT_RETURN(getByVal(exec, LLINT_OP_C(2).jsValue(), LLINT_OP_C(3).jsValue()));
987 }
988
989 LLINT_SLOW_PATH_DECL(slow_path_put_by_val)
990 {
991     LLINT_BEGIN();
992     
993     JSValue baseValue = LLINT_OP_C(1).jsValue();
994     JSValue subscript = LLINT_OP_C(2).jsValue();
995     JSValue value = LLINT_OP_C(3).jsValue();
996     
997     if (LIKELY(subscript.isUInt32())) {
998         uint32_t i = subscript.asUInt32();
999         if (isJSArray(baseValue)) {
1000             JSArray* jsArray = asArray(baseValue);
1001             if (jsArray->canSetIndex(i))
1002                 jsArray->setIndex(globalData, i, value);
1003             else
1004                 JSArray::putByIndex(jsArray, exec, i, value, exec->codeBlock()->isStrictMode());
1005             LLINT_END();
1006         }
1007         baseValue.putByIndex(exec, i, value, exec->codeBlock()->isStrictMode());
1008         LLINT_END();
1009     }
1010
1011     if (isName(subscript)) {
1012         PutPropertySlot slot(exec->codeBlock()->isStrictMode());
1013         baseValue.put(exec, jsCast<NameInstance*>(subscript.asCell())->privateName(), value, slot);
1014         LLINT_END();
1015     }
1016
1017     Identifier property(exec, subscript.toString(exec)->value(exec));
1018     LLINT_CHECK_EXCEPTION();
1019     PutPropertySlot slot(exec->codeBlock()->isStrictMode());
1020     baseValue.put(exec, property, value, slot);
1021     LLINT_END();
1022 }
1023
1024 LLINT_SLOW_PATH_DECL(slow_path_del_by_val)
1025 {
1026     LLINT_BEGIN();
1027     JSValue baseValue = LLINT_OP_C(2).jsValue();
1028     JSObject* baseObject = baseValue.toObject(exec);
1029     
1030     JSValue subscript = LLINT_OP_C(3).jsValue();
1031     
1032     bool couldDelete;
1033     
1034     uint32_t i;
1035     if (subscript.getUInt32(i))
1036         couldDelete = baseObject->methodTable()->deletePropertyByIndex(baseObject, exec, i);
1037     else if (isName(subscript))
1038         couldDelete = baseObject->methodTable()->deleteProperty(baseObject, exec, jsCast<NameInstance*>(subscript.asCell())->privateName());
1039     else {
1040         LLINT_CHECK_EXCEPTION();
1041         Identifier property(exec, subscript.toString(exec)->value(exec));
1042         LLINT_CHECK_EXCEPTION();
1043         couldDelete = baseObject->methodTable()->deleteProperty(baseObject, exec, property);
1044     }
1045     
1046     if (!couldDelete && exec->codeBlock()->isStrictMode())
1047         LLINT_THROW(createTypeError(exec, "Unable to delete property."));
1048     
1049     LLINT_RETURN(jsBoolean(couldDelete));
1050 }
1051
1052 LLINT_SLOW_PATH_DECL(slow_path_put_by_index)
1053 {
1054     LLINT_BEGIN();
1055     JSValue arrayValue = LLINT_OP_C(1).jsValue();
1056     ASSERT(isJSArray(arrayValue));
1057     asArray(arrayValue)->putDirectIndex(exec, pc[2].u.operand, LLINT_OP_C(3).jsValue(), false);
1058     LLINT_END();
1059 }
1060
1061 LLINT_SLOW_PATH_DECL(slow_path_put_getter_setter)
1062 {
1063     LLINT_BEGIN();
1064     ASSERT(LLINT_OP(1).jsValue().isObject());
1065     JSObject* baseObj = asObject(LLINT_OP(1).jsValue());
1066     
1067     GetterSetter* accessor = GetterSetter::create(exec);
1068     LLINT_CHECK_EXCEPTION();
1069     
1070     JSValue getter = LLINT_OP(3).jsValue();
1071     JSValue setter = LLINT_OP(4).jsValue();
1072     ASSERT(getter.isObject() || getter.isUndefined());
1073     ASSERT(setter.isObject() || setter.isUndefined());
1074     ASSERT(getter.isObject() || setter.isObject());
1075     
1076     if (!getter.isUndefined())
1077         accessor->setGetter(globalData, asObject(getter));
1078     if (!setter.isUndefined())
1079         accessor->setSetter(globalData, asObject(setter));
1080     baseObj->putDirectAccessor(
1081         globalData,
1082         exec->codeBlock()->identifier(pc[2].u.operand),
1083         accessor, Accessor);
1084     LLINT_END();
1085 }
1086
1087 LLINT_SLOW_PATH_DECL(slow_path_jmp_scopes)
1088 {
1089     LLINT_BEGIN();
1090     unsigned count = pc[1].u.operand;
1091     ScopeChainNode* tmp = exec->scopeChain();
1092     while (count--)
1093         tmp = tmp->pop();
1094     exec->setScopeChain(tmp);
1095     pc += pc[2].u.operand;
1096     LLINT_END();
1097 }
1098
1099 LLINT_SLOW_PATH_DECL(slow_path_jtrue)
1100 {
1101     LLINT_BEGIN();
1102     LLINT_BRANCH(op_jtrue, LLINT_OP_C(1).jsValue().toBoolean());
1103 }
1104
1105 LLINT_SLOW_PATH_DECL(slow_path_jfalse)
1106 {
1107     LLINT_BEGIN();
1108     LLINT_BRANCH(op_jfalse, !LLINT_OP_C(1).jsValue().toBoolean());
1109 }
1110
1111 LLINT_SLOW_PATH_DECL(slow_path_jless)
1112 {
1113     LLINT_BEGIN();
1114     LLINT_BRANCH(op_jless, jsLess<true>(exec, LLINT_OP_C(1).jsValue(), LLINT_OP_C(2).jsValue()));
1115 }
1116
1117 LLINT_SLOW_PATH_DECL(slow_path_jnless)
1118 {
1119     LLINT_BEGIN();
1120     LLINT_BRANCH(op_jnless, !jsLess<true>(exec, LLINT_OP_C(1).jsValue(), LLINT_OP_C(2).jsValue()));
1121 }
1122
1123 LLINT_SLOW_PATH_DECL(slow_path_jgreater)
1124 {
1125     LLINT_BEGIN();
1126     LLINT_BRANCH(op_jgreater, jsLess<false>(exec, LLINT_OP_C(2).jsValue(), LLINT_OP_C(1).jsValue()));
1127 }
1128
1129 LLINT_SLOW_PATH_DECL(slow_path_jngreater)
1130 {
1131     LLINT_BEGIN();
1132     LLINT_BRANCH(op_jngreater, !jsLess<false>(exec, LLINT_OP_C(2).jsValue(), LLINT_OP_C(1).jsValue()));
1133 }
1134
1135 LLINT_SLOW_PATH_DECL(slow_path_jlesseq)
1136 {
1137     LLINT_BEGIN();
1138     LLINT_BRANCH(op_jlesseq, jsLessEq<true>(exec, LLINT_OP_C(1).jsValue(), LLINT_OP_C(2).jsValue()));
1139 }
1140
1141 LLINT_SLOW_PATH_DECL(slow_path_jnlesseq)
1142 {
1143     LLINT_BEGIN();
1144     LLINT_BRANCH(op_jnlesseq, !jsLessEq<true>(exec, LLINT_OP_C(1).jsValue(), LLINT_OP_C(2).jsValue()));
1145 }
1146
1147 LLINT_SLOW_PATH_DECL(slow_path_jgreatereq)
1148 {
1149     LLINT_BEGIN();
1150     LLINT_BRANCH(op_jgreatereq, jsLessEq<false>(exec, LLINT_OP_C(2).jsValue(), LLINT_OP_C(1).jsValue()));
1151 }
1152
1153 LLINT_SLOW_PATH_DECL(slow_path_jngreatereq)
1154 {
1155     LLINT_BEGIN();
1156     LLINT_BRANCH(op_jngreatereq, !jsLessEq<false>(exec, LLINT_OP_C(2).jsValue(), LLINT_OP_C(1).jsValue()));
1157 }
1158
1159 LLINT_SLOW_PATH_DECL(slow_path_switch_imm)
1160 {
1161     LLINT_BEGIN();
1162     JSValue scrutinee = LLINT_OP_C(3).jsValue();
1163     ASSERT(scrutinee.isDouble());
1164     double value = scrutinee.asDouble();
1165     int32_t intValue = static_cast<int32_t>(value);
1166     int defaultOffset = pc[2].u.operand;
1167     if (value == intValue) {
1168         CodeBlock* codeBlock = exec->codeBlock();
1169         pc += codeBlock->immediateSwitchJumpTable(pc[1].u.operand).offsetForValue(intValue, defaultOffset);
1170     } else
1171         pc += defaultOffset;
1172     LLINT_END();
1173 }
1174
1175 LLINT_SLOW_PATH_DECL(slow_path_switch_char)
1176 {
1177     LLINT_BEGIN();
1178     JSValue scrutinee = LLINT_OP_C(3).jsValue();
1179     ASSERT(scrutinee.isString());
1180     JSString* string = asString(scrutinee);
1181     ASSERT(string->length() == 1);
1182     int defaultOffset = pc[2].u.operand;
1183     StringImpl* impl = string->value(exec).impl();
1184     CodeBlock* codeBlock = exec->codeBlock();
1185     pc += codeBlock->characterSwitchJumpTable(pc[1].u.operand).offsetForValue((*impl)[0], defaultOffset);
1186     LLINT_END();
1187 }
1188
1189 LLINT_SLOW_PATH_DECL(slow_path_switch_string)
1190 {
1191     LLINT_BEGIN();
1192     JSValue scrutinee = LLINT_OP_C(3).jsValue();
1193     int defaultOffset = pc[2].u.operand;
1194     if (!scrutinee.isString())
1195         pc += defaultOffset;
1196     else {
1197         CodeBlock* codeBlock = exec->codeBlock();
1198         pc += codeBlock->stringSwitchJumpTable(pc[1].u.operand).offsetForValue(asString(scrutinee)->value(exec).impl(), defaultOffset);
1199     }
1200     LLINT_END();
1201 }
1202
1203 LLINT_SLOW_PATH_DECL(slow_path_new_func)
1204 {
1205     LLINT_BEGIN();
1206     CodeBlock* codeBlock = exec->codeBlock();
1207     ASSERT(codeBlock->codeType() != FunctionCode
1208            || !codeBlock->needsFullScopeChain()
1209            || exec->uncheckedR(codeBlock->activationRegister()).jsValue());
1210 #if LLINT_SLOW_PATH_TRACING
1211     dataLog("Creating function!\n");
1212 #endif
1213     LLINT_RETURN(codeBlock->functionDecl(pc[2].u.operand)->make(exec, exec->scopeChain()));
1214 }
1215
1216 LLINT_SLOW_PATH_DECL(slow_path_new_func_exp)
1217 {
1218     LLINT_BEGIN();
1219     CodeBlock* codeBlock = exec->codeBlock();
1220     FunctionExecutable* function = codeBlock->functionExpr(pc[2].u.operand);
1221     JSFunction* func = function->make(exec, exec->scopeChain());
1222     
1223     if (!function->name().isNull()) {
1224         JSStaticScopeObject* functionScopeObject = JSStaticScopeObject::create(exec, function->name(), func, ReadOnly | DontDelete);
1225         func->setScope(globalData, func->scope()->push(functionScopeObject));
1226     }
1227     
1228     LLINT_RETURN(func);
1229 }
1230
1231 static SlowPathReturnType handleHostCall(ExecState* execCallee, Instruction* pc, JSValue callee, CodeSpecializationKind kind)
1232 {
1233     ExecState* exec = execCallee->callerFrame();
1234     JSGlobalData& globalData = exec->globalData();
1235
1236     execCallee->setScopeChain(exec->scopeChain());
1237     execCallee->setCodeBlock(0);
1238     execCallee->clearReturnPC();
1239
1240     if (kind == CodeForCall) {
1241         CallData callData;
1242         CallType callType = getCallData(callee, callData);
1243     
1244         ASSERT(callType != CallTypeJS);
1245     
1246         if (callType == CallTypeHost) {
1247             NativeCallFrameTracer tracer(&globalData, execCallee);
1248             execCallee->setCallee(asObject(callee));
1249             globalData.hostCallReturnValue = JSValue::decode(callData.native.function(execCallee));
1250             
1251             LLINT_CALL_RETURN(execCallee, pc, reinterpret_cast<void*>(getHostCallReturnValue));
1252         }
1253         
1254 #if LLINT_SLOW_PATH_TRACING
1255         dataLog("Call callee is not a function: %s\n", callee.description());
1256 #endif
1257
1258         ASSERT(callType == CallTypeNone);
1259         LLINT_CALL_THROW(exec, pc, createNotAFunctionError(exec, callee));
1260     }
1261
1262     ASSERT(kind == CodeForConstruct);
1263     
1264     ConstructData constructData;
1265     ConstructType constructType = getConstructData(callee, constructData);
1266     
1267     ASSERT(constructType != ConstructTypeJS);
1268     
1269     if (constructType == ConstructTypeHost) {
1270         NativeCallFrameTracer tracer(&globalData, execCallee);
1271         execCallee->setCallee(asObject(callee));
1272         globalData.hostCallReturnValue = JSValue::decode(constructData.native.function(execCallee));
1273
1274         LLINT_CALL_RETURN(execCallee, pc, reinterpret_cast<void*>(getHostCallReturnValue));
1275     }
1276     
1277 #if LLINT_SLOW_PATH_TRACING
1278     dataLog("Constructor callee is not a function: %s\n", callee.description());
1279 #endif
1280
1281     ASSERT(constructType == ConstructTypeNone);
1282     LLINT_CALL_THROW(exec, pc, createNotAConstructorError(exec, callee));
1283 }
1284
1285 inline SlowPathReturnType setUpCall(ExecState* execCallee, Instruction* pc, CodeSpecializationKind kind, JSValue calleeAsValue, LLIntCallLinkInfo* callLinkInfo = 0)
1286 {
1287 #if LLINT_SLOW_PATH_TRACING
1288     dataLog("Performing call with recorded PC = %p\n", execCallee->callerFrame()->currentVPC());
1289 #endif
1290
1291     JSCell* calleeAsFunctionCell = getJSFunction(calleeAsValue);
1292     if (!calleeAsFunctionCell)
1293         return handleHostCall(execCallee, pc, calleeAsValue, kind);
1294     
1295     JSFunction* callee = jsCast<JSFunction*>(calleeAsFunctionCell);
1296     ScopeChainNode* scope = callee->scopeUnchecked();
1297     JSGlobalData& globalData = *scope->globalData;
1298     execCallee->setScopeChain(scope);
1299     ExecutableBase* executable = callee->executable();
1300     
1301     MacroAssemblerCodePtr codePtr;
1302     CodeBlock* codeBlock = 0;
1303     if (executable->isHostFunction())
1304         codePtr = executable->generatedJITCodeFor(kind).addressForCall();
1305     else {
1306         FunctionExecutable* functionExecutable = static_cast<FunctionExecutable*>(executable);
1307         JSObject* error = functionExecutable->compileFor(execCallee, callee->scope(), kind);
1308         if (error)
1309             LLINT_CALL_THROW(execCallee->callerFrame(), pc, error);
1310         codeBlock = &functionExecutable->generatedBytecodeFor(kind);
1311         ASSERT(codeBlock);
1312         if (execCallee->argumentCountIncludingThis() < static_cast<size_t>(codeBlock->numParameters()))
1313             codePtr = functionExecutable->generatedJITCodeWithArityCheckFor(kind);
1314         else
1315             codePtr = functionExecutable->generatedJITCodeFor(kind).addressForCall();
1316     }
1317     
1318     if (callLinkInfo) {
1319         if (callLinkInfo->isOnList())
1320             callLinkInfo->remove();
1321         ExecState* execCaller = execCallee->callerFrame();
1322         callLinkInfo->callee.set(globalData, execCaller->codeBlock()->ownerExecutable(), callee);
1323         callLinkInfo->lastSeenCallee.set(globalData, execCaller->codeBlock()->ownerExecutable(), callee);
1324         callLinkInfo->machineCodeTarget = codePtr;
1325         if (codeBlock)
1326             codeBlock->linkIncomingCall(callLinkInfo);
1327     }
1328     
1329     LLINT_CALL_RETURN(execCallee, pc, codePtr.executableAddress());
1330 }
1331
1332 inline SlowPathReturnType genericCall(ExecState* exec, Instruction* pc, CodeSpecializationKind kind)
1333 {
1334     // This needs to:
1335     // - Set up a call frame.
1336     // - Figure out what to call and compile it if necessary.
1337     // - If possible, link the call's inline cache.
1338     // - Return a tuple of machine code address to call and the new call frame.
1339     
1340     JSValue calleeAsValue = LLINT_OP_C(1).jsValue();
1341     
1342     ExecState* execCallee = exec + pc[3].u.operand;
1343     
1344     execCallee->setArgumentCountIncludingThis(pc[2].u.operand);
1345     execCallee->uncheckedR(RegisterFile::Callee) = calleeAsValue;
1346     execCallee->setCallerFrame(exec);
1347     
1348     ASSERT(pc[4].u.callLinkInfo);
1349     return setUpCall(execCallee, pc, kind, calleeAsValue, pc[4].u.callLinkInfo);
1350 }
1351
1352 LLINT_SLOW_PATH_DECL(slow_path_call)
1353 {
1354     LLINT_BEGIN_NO_SET_PC();
1355     return genericCall(exec, pc, CodeForCall);
1356 }
1357
1358 LLINT_SLOW_PATH_DECL(slow_path_construct)
1359 {
1360     LLINT_BEGIN_NO_SET_PC();
1361     return genericCall(exec, pc, CodeForConstruct);
1362 }
1363
1364 LLINT_SLOW_PATH_DECL(slow_path_call_varargs)
1365 {
1366     LLINT_BEGIN();
1367     // This needs to:
1368     // - Set up a call frame while respecting the variable arguments.
1369     // - Figure out what to call and compile it if necessary.
1370     // - Return a tuple of machine code address to call and the new call frame.
1371     
1372     JSValue calleeAsValue = LLINT_OP_C(1).jsValue();
1373     
1374     ExecState* execCallee = loadVarargs(
1375         exec, &globalData.interpreter->registerFile(),
1376         LLINT_OP_C(2).jsValue(), LLINT_OP_C(3).jsValue(), pc[4].u.operand);
1377     LLINT_CALL_CHECK_EXCEPTION(exec, pc);
1378     
1379     execCallee->uncheckedR(RegisterFile::Callee) = calleeAsValue;
1380     execCallee->setCallerFrame(exec);
1381     exec->setCurrentVPC(pc + OPCODE_LENGTH(op_call_varargs));
1382     
1383     return setUpCall(execCallee, pc, CodeForCall, calleeAsValue);
1384 }
1385
1386 LLINT_SLOW_PATH_DECL(slow_path_call_eval)
1387 {
1388     LLINT_BEGIN_NO_SET_PC();
1389     JSValue calleeAsValue = LLINT_OP(1).jsValue();
1390     
1391     ExecState* execCallee = exec + pc[3].u.operand;
1392     
1393     execCallee->setArgumentCountIncludingThis(pc[2].u.operand);
1394     execCallee->setCallerFrame(exec);
1395     execCallee->uncheckedR(RegisterFile::Callee) = calleeAsValue;
1396     execCallee->setScopeChain(exec->scopeChain());
1397     execCallee->setReturnPC(bitwise_cast<Instruction*>(&llint_generic_return_point));
1398     execCallee->setCodeBlock(0);
1399     exec->setCurrentVPC(pc + OPCODE_LENGTH(op_call_eval));
1400     
1401     if (!isHostFunction(calleeAsValue, globalFuncEval))
1402         return setUpCall(execCallee, pc, CodeForCall, calleeAsValue);
1403     
1404     globalData.hostCallReturnValue = eval(execCallee);
1405     LLINT_CALL_RETURN(execCallee, pc, reinterpret_cast<void*>(getHostCallReturnValue));
1406 }
1407
1408 LLINT_SLOW_PATH_DECL(slow_path_tear_off_activation)
1409 {
1410     LLINT_BEGIN();
1411     ASSERT(exec->codeBlock()->needsFullScopeChain());
1412     JSValue activationValue = LLINT_OP(1).jsValue();
1413     if (!activationValue) {
1414         if (JSValue v = exec->uncheckedR(unmodifiedArgumentsRegister(pc[2].u.operand)).jsValue()) {
1415             if (!exec->codeBlock()->isStrictMode())
1416                 asArguments(v)->tearOff(exec);
1417         }
1418         LLINT_END();
1419     }
1420     JSActivation* activation = asActivation(activationValue);
1421     activation->tearOff(globalData);
1422     if (JSValue v = exec->uncheckedR(unmodifiedArgumentsRegister(pc[2].u.operand)).jsValue())
1423         asArguments(v)->didTearOffActivation(globalData, activation);
1424     LLINT_END();
1425 }
1426
1427 LLINT_SLOW_PATH_DECL(slow_path_tear_off_arguments)
1428 {
1429     LLINT_BEGIN();
1430     ASSERT(exec->codeBlock()->usesArguments() && !exec->codeBlock()->needsFullScopeChain());
1431     asArguments(exec->uncheckedR(unmodifiedArgumentsRegister(pc[1].u.operand)).jsValue())->tearOff(exec);
1432     LLINT_END();
1433 }
1434
1435 LLINT_SLOW_PATH_DECL(slow_path_strcat)
1436 {
1437     LLINT_BEGIN();
1438     LLINT_RETURN(jsString(exec, &LLINT_OP(2), pc[3].u.operand));
1439 }
1440
1441 LLINT_SLOW_PATH_DECL(slow_path_to_primitive)
1442 {
1443     LLINT_BEGIN();
1444     LLINT_RETURN(LLINT_OP_C(2).jsValue().toPrimitive(exec));
1445 }
1446
1447 LLINT_SLOW_PATH_DECL(slow_path_get_pnames)
1448 {
1449     LLINT_BEGIN();
1450     JSValue v = LLINT_OP(2).jsValue();
1451     if (v.isUndefinedOrNull()) {
1452         pc += pc[5].u.operand;
1453         LLINT_END();
1454     }
1455     
1456     JSObject* o = v.toObject(exec);
1457     Structure* structure = o->structure();
1458     JSPropertyNameIterator* jsPropertyNameIterator = structure->enumerationCache();
1459     if (!jsPropertyNameIterator || jsPropertyNameIterator->cachedPrototypeChain() != structure->prototypeChain(exec))
1460         jsPropertyNameIterator = JSPropertyNameIterator::create(exec, o);
1461     
1462     LLINT_OP(1) = JSValue(jsPropertyNameIterator);
1463     LLINT_OP(2) = JSValue(o);
1464     LLINT_OP(3) = Register::withInt(0);
1465     LLINT_OP(4) = Register::withInt(jsPropertyNameIterator->size());
1466     
1467     pc += OPCODE_LENGTH(op_get_pnames);
1468     LLINT_END();
1469 }
1470
1471 LLINT_SLOW_PATH_DECL(slow_path_next_pname)
1472 {
1473     LLINT_BEGIN();
1474     JSObject* base = asObject(LLINT_OP(2).jsValue());
1475     JSString* property = asString(LLINT_OP(1).jsValue());
1476     if (base->hasProperty(exec, Identifier(exec, property->value(exec)))) {
1477         // Go to target.
1478         pc += pc[6].u.operand;
1479     } // Else, don't change the PC, so the interpreter will reloop.
1480     LLINT_END();
1481 }
1482
1483 LLINT_SLOW_PATH_DECL(slow_path_push_scope)
1484 {
1485     LLINT_BEGIN();
1486     JSValue v = LLINT_OP(1).jsValue();
1487     JSObject* o = v.toObject(exec);
1488     LLINT_CHECK_EXCEPTION();
1489     
1490     LLINT_OP(1) = o;
1491     exec->setScopeChain(exec->scopeChain()->push(o));
1492     
1493     LLINT_END();
1494 }
1495
1496 LLINT_SLOW_PATH_DECL(slow_path_pop_scope)
1497 {
1498     LLINT_BEGIN();
1499     exec->setScopeChain(exec->scopeChain()->pop());
1500     LLINT_END();
1501 }
1502
1503 LLINT_SLOW_PATH_DECL(slow_path_push_new_scope)
1504 {
1505     LLINT_BEGIN();
1506     CodeBlock* codeBlock = exec->codeBlock();
1507     JSObject* scope = JSStaticScopeObject::create(exec, codeBlock->identifier(pc[2].u.operand), LLINT_OP(3).jsValue(), DontDelete);
1508     exec->setScopeChain(exec->scopeChain()->push(scope));
1509     LLINT_RETURN(scope);
1510 }
1511
1512 LLINT_SLOW_PATH_DECL(slow_path_throw)
1513 {
1514     LLINT_BEGIN();
1515     LLINT_THROW(LLINT_OP_C(1).jsValue());
1516 }
1517
1518 LLINT_SLOW_PATH_DECL(slow_path_throw_reference_error)
1519 {
1520     LLINT_BEGIN();
1521     LLINT_THROW(createReferenceError(exec, LLINT_OP_C(1).jsValue().toString(exec)->value(exec)));
1522 }
1523
1524 LLINT_SLOW_PATH_DECL(slow_path_debug)
1525 {
1526     LLINT_BEGIN();
1527     int debugHookID = pc[1].u.operand;
1528     int firstLine = pc[2].u.operand;
1529     int lastLine = pc[3].u.operand;
1530     
1531     globalData.interpreter->debug(exec, static_cast<DebugHookID>(debugHookID), firstLine, lastLine);
1532     
1533     LLINT_END();
1534 }
1535
1536 LLINT_SLOW_PATH_DECL(slow_path_profile_will_call)
1537 {
1538     LLINT_BEGIN();
1539     (*Profiler::enabledProfilerReference())->willExecute(exec, LLINT_OP(1).jsValue());
1540     LLINT_END();
1541 }
1542
1543 LLINT_SLOW_PATH_DECL(slow_path_profile_did_call)
1544 {
1545     LLINT_BEGIN();
1546     (*Profiler::enabledProfilerReference())->didExecute(exec, LLINT_OP(1).jsValue());
1547     LLINT_END();
1548 }
1549
1550 LLINT_SLOW_PATH_DECL(throw_from_native_call)
1551 {
1552     LLINT_BEGIN();
1553     ASSERT(globalData.exception);
1554     LLINT_END();
1555 }
1556
1557 } } // namespace JSC::LLInt
1558
1559 #endif // ENABLE(LLINT)