Make SegmentedVector Noncopyable
[WebKit-https.git] / Source / JavaScriptCore / bytecompiler / NodesCodegen.cpp
1 /*
2 *  Copyright (C) 1999-2002 Harri Porten (porten@kde.org)
3 *  Copyright (C) 2001 Peter Kelly (pmk@post.com)
4 *  Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2012 Apple Inc. All rights reserved.
5 *  Copyright (C) 2007 Cameron Zwarich (cwzwarich@uwaterloo.ca)
6 *  Copyright (C) 2007 Maks Orlovich
7 *  Copyright (C) 2007 Eric Seidel <eric@webkit.org>
8  * Copyright (C) 2012 Igalia, S.L.
9 *
10 *  This library is free software; you can redistribute it and/or
11 *  modify it under the terms of the GNU Library General Public
12 *  License as published by the Free Software Foundation; either
13 *  version 2 of the License, or (at your option) any later version.
14 *
15 *  This library is distributed in the hope that it will be useful,
16 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
17 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
18 *  Library General Public License for more details.
19 *
20 *  You should have received a copy of the GNU Library General Public License
21 *  along with this library; see the file COPYING.LIB.  If not, write to
22 *  the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
23 *  Boston, MA 02110-1301, USA.
24 *
25 */
26
27 #include "config.h"
28 #include "Nodes.h"
29 #include "NodeConstructors.h"
30
31 #include "BytecodeGenerator.h"
32 #include "CallFrame.h"
33 #include "Debugger.h"
34 #include "JIT.h"
35 #include "JSFunction.h"
36 #include "JSGlobalObject.h"
37 #include "JSNameScope.h"
38 #include "LabelScope.h"
39 #include "Lexer.h"
40 #include "Operations.h"
41 #include "Parser.h"
42 #include "PropertyNameArray.h"
43 #include "RegExpCache.h"
44 #include "RegExpObject.h"
45 #include "SamplingTool.h"
46 #include <wtf/Assertions.h>
47 #include <wtf/RefCountedLeakCounter.h>
48 #include <wtf/Threading.h>
49
50 using namespace WTF;
51
52 namespace JSC {
53
54 /*
55     Details of the emitBytecode function.
56
57     Return value: The register holding the production's value.
58              dst: An optional parameter specifying the most efficient destination at
59                   which to store the production's value. The callee must honor dst.
60
61     The dst argument provides for a crude form of copy propagation. For example,
62
63         x = 1
64
65     becomes
66     
67         load r[x], 1
68     
69     instead of 
70
71         load r0, 1
72         mov r[x], r0
73     
74     because the assignment node, "x =", passes r[x] as dst to the number node, "1".
75 */
76
77 // ------------------------------ ThrowableExpressionData --------------------------------
78
79 RegisterID* ThrowableExpressionData::emitThrowReferenceError(BytecodeGenerator& generator, const String& message)
80 {
81     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
82     generator.emitThrowReferenceError(message);
83     return generator.newTemporary();
84 }
85
86 // ------------------------------ NullNode -------------------------------------
87
88 RegisterID* NullNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
89 {
90     if (dst == generator.ignoredResult())
91         return 0;
92     return generator.emitLoad(dst, jsNull());
93 }
94
95 // ------------------------------ BooleanNode ----------------------------------
96
97 RegisterID* BooleanNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
98 {
99     if (dst == generator.ignoredResult())
100         return 0;
101     return generator.emitLoad(dst, m_value);
102 }
103
104 // ------------------------------ NumberNode -----------------------------------
105
106 RegisterID* NumberNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
107 {
108     if (dst == generator.ignoredResult())
109         return 0;
110     return generator.emitLoad(dst, m_value);
111 }
112
113 // ------------------------------ StringNode -----------------------------------
114
115 RegisterID* StringNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
116 {
117     if (dst == generator.ignoredResult())
118         return 0;
119     return generator.emitLoad(dst, m_value);
120 }
121
122 // ------------------------------ RegExpNode -----------------------------------
123
124 RegisterID* RegExpNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
125 {
126     if (dst == generator.ignoredResult())
127         return 0;
128     return generator.emitNewRegExp(generator.finalDestination(dst), RegExp::create(*generator.globalData(), m_pattern.string(), regExpFlags(m_flags.string())));
129 }
130
131 // ------------------------------ ThisNode -------------------------------------
132
133 RegisterID* ThisNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
134 {
135     if (dst == generator.ignoredResult())
136         return 0;
137     return generator.moveToDestinationIfNeeded(dst, generator.thisRegister());
138 }
139
140 // ------------------------------ ResolveNode ----------------------------------
141
142 bool ResolveNode::isPure(BytecodeGenerator& generator) const
143 {
144     return generator.resolve(m_ident).isStatic();
145 }
146
147 RegisterID* ResolveNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
148 {
149     ResolveResult resolveResult = generator.resolve(m_ident);
150     if (RegisterID* local = resolveResult.local()) {
151         if (dst == generator.ignoredResult())
152             return 0;
153         return generator.moveToDestinationIfNeeded(dst, local);
154     }
155     
156     generator.emitExpressionInfo(m_startOffset + m_ident.length(), m_ident.length(), 0);
157     return generator.emitResolve(generator.finalDestination(dst), resolveResult, m_ident);
158 }
159
160 // ------------------------------ ArrayNode ------------------------------------
161
162 RegisterID* ArrayNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
163 {
164     // FIXME: Should we put all of this code into emitNewArray?
165
166     unsigned length = 0;
167     ElementNode* firstPutElement;
168     for (firstPutElement = m_element; firstPutElement; firstPutElement = firstPutElement->next()) {
169         if (firstPutElement->elision())
170             break;
171         ++length;
172     }
173
174     if (!firstPutElement && !m_elision)
175         return generator.emitNewArray(generator.finalDestination(dst), m_element, length);
176
177     RefPtr<RegisterID> array = generator.emitNewArray(generator.tempDestination(dst), m_element, length);
178
179     for (ElementNode* n = firstPutElement; n; n = n->next()) {
180         RegisterID* value = generator.emitNode(n->value());
181         length += n->elision();
182         generator.emitPutByIndex(array.get(), length++, value);
183     }
184
185     if (m_elision) {
186         RegisterID* value = generator.emitLoad(0, jsNumber(m_elision + length));
187         generator.emitPutById(array.get(), generator.propertyNames().length, value);
188     }
189
190     return generator.moveToDestinationIfNeeded(dst, array.get());
191 }
192
193 bool ArrayNode::isSimpleArray() const
194 {
195     if (m_elision || m_optional)
196         return false;
197     for (ElementNode* ptr = m_element; ptr; ptr = ptr->next()) {
198         if (ptr->elision())
199             return false;
200     }
201     return true;
202 }
203
204 ArgumentListNode* ArrayNode::toArgumentList(JSGlobalData* globalData, int lineNumber, int columnNumber) const
205 {
206     ASSERT(!m_elision && !m_optional);
207     ElementNode* ptr = m_element;
208     if (!ptr)
209         return 0;
210     JSTokenLocation location;
211     location.line = lineNumber;
212     location.column = columnNumber;
213     ArgumentListNode* head = new (globalData) ArgumentListNode(location, ptr->value());
214     ArgumentListNode* tail = head;
215     ptr = ptr->next();
216     for (; ptr; ptr = ptr->next()) {
217         ASSERT(!ptr->elision());
218         tail = new (globalData) ArgumentListNode(location, tail, ptr->value());
219     }
220     return head;
221 }
222
223 // ------------------------------ ObjectLiteralNode ----------------------------
224
225 RegisterID* ObjectLiteralNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
226 {
227      if (!m_list) {
228          if (dst == generator.ignoredResult())
229              return 0;
230          return generator.emitNewObject(generator.finalDestination(dst));
231      }
232      return generator.emitNode(dst, m_list);
233 }
234
235 // ------------------------------ PropertyListNode -----------------------------
236
237 RegisterID* PropertyListNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
238 {
239     RefPtr<RegisterID> newObj = generator.tempDestination(dst);
240     
241     generator.emitNewObject(newObj.get());
242     
243     // Fast case: this loop just handles regular value properties.
244     PropertyListNode* p = this;
245     for (; p && p->m_node->m_type == PropertyNode::Constant; p = p->m_next)
246         generator.emitDirectPutById(newObj.get(), p->m_node->name(), generator.emitNode(p->m_node->m_assign));
247
248     // Were there any get/set properties?
249     if (p) {
250         typedef std::pair<PropertyNode*, PropertyNode*> GetterSetterPair;
251         typedef HashMap<StringImpl*, GetterSetterPair> GetterSetterMap;
252         GetterSetterMap map;
253
254         // Build a map, pairing get/set values together.
255         for (PropertyListNode* q = p; q; q = q->m_next) {
256             PropertyNode* node = q->m_node;
257             if (node->m_type == PropertyNode::Constant)
258                 continue;
259
260             GetterSetterPair pair(node, static_cast<PropertyNode*>(0));
261             GetterSetterMap::AddResult result = map.add(node->name().impl(), pair);
262             if (!result.isNewEntry)
263                 result.iterator->value.second = node;
264         }
265
266         // Iterate over the remaining properties in the list.
267         for (; p; p = p->m_next) {
268             PropertyNode* node = p->m_node;
269             RegisterID* value = generator.emitNode(node->m_assign);
270
271             // Handle regular values.
272             if (node->m_type == PropertyNode::Constant) {
273                 generator.emitDirectPutById(newObj.get(), node->name(), value);
274                 continue;
275             }
276
277             // This is a get/set property, find its entry in the map.
278             ASSERT(node->m_type == PropertyNode::Getter || node->m_type == PropertyNode::Setter);
279             GetterSetterMap::iterator it = map.find(node->name().impl());
280             ASSERT(it != map.end());
281             GetterSetterPair& pair = it->value;
282
283             // Was this already generated as a part of its partner?
284             if (pair.second == node)
285                 continue;
286     
287             // Generate the paired node now.
288             RefPtr<RegisterID> getterReg;
289             RefPtr<RegisterID> setterReg;
290
291             if (node->m_type == PropertyNode::Getter) {
292                 getterReg = value;
293                 if (pair.second) {
294                     ASSERT(pair.second->m_type == PropertyNode::Setter);
295                     setterReg = generator.emitNode(pair.second->m_assign);
296                 } else {
297                     setterReg = generator.newTemporary();
298                     generator.emitLoad(setterReg.get(), jsUndefined());
299                 }
300             } else {
301                 ASSERT(node->m_type == PropertyNode::Setter);
302                 setterReg = value;
303                 if (pair.second) {
304                     ASSERT(pair.second->m_type == PropertyNode::Getter);
305                     getterReg = generator.emitNode(pair.second->m_assign);
306                 } else {
307                     getterReg = generator.newTemporary();
308                     generator.emitLoad(getterReg.get(), jsUndefined());
309                 }
310             }
311
312             generator.emitPutGetterSetter(newObj.get(), node->name(), getterReg.get(), setterReg.get());
313         }
314     }
315
316     return generator.moveToDestinationIfNeeded(dst, newObj.get());
317 }
318
319 // ------------------------------ BracketAccessorNode --------------------------------
320
321 RegisterID* BracketAccessorNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
322 {
323     if (m_base->isResolveNode() 
324         && generator.willResolveToArguments(static_cast<ResolveNode*>(m_base)->identifier())
325         && !generator.symbolTable().slowArguments()) {
326         RegisterID* property = generator.emitNode(m_subscript);
327         generator.emitExpressionInfo(divot(), startOffset(), endOffset());    
328         return generator.emitGetArgumentByVal(generator.finalDestination(dst), generator.uncheckedRegisterForArguments(), property);
329     }
330
331     RefPtr<RegisterID> base = generator.emitNodeForLeftHandSide(m_base, m_subscriptHasAssignments, m_subscript->isPure(generator));
332     RegisterID* property = generator.emitNode(m_subscript);
333     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
334     return generator.emitGetByVal(generator.finalDestination(dst), base.get(), property);
335 }
336
337 // ------------------------------ DotAccessorNode --------------------------------
338
339 RegisterID* DotAccessorNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
340 {
341     if (m_ident == generator.propertyNames().length) {
342         if (!m_base->isResolveNode())
343             goto nonArgumentsPath;
344         ResolveNode* resolveNode = static_cast<ResolveNode*>(m_base);
345         if (!generator.willResolveToArguments(resolveNode->identifier()))
346             goto nonArgumentsPath;
347         generator.emitExpressionInfo(divot(), startOffset(), endOffset());    
348         return generator.emitGetArgumentsLength(generator.finalDestination(dst), generator.uncheckedRegisterForArguments());
349     }
350
351 nonArgumentsPath:
352     RegisterID* base = generator.emitNode(m_base);
353     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
354     return generator.emitGetById(generator.finalDestination(dst), base, m_ident);
355 }
356
357 // ------------------------------ ArgumentListNode -----------------------------
358
359 RegisterID* ArgumentListNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
360 {
361     ASSERT(m_expr);
362     return generator.emitNode(dst, m_expr);
363 }
364
365 // ------------------------------ NewExprNode ----------------------------------
366
367 RegisterID* NewExprNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
368 {
369     ExpectedFunction expectedFunction;
370     if (m_expr->isResolveNode())
371         expectedFunction = generator.expectedFunctionForIdentifier(static_cast<ResolveNode*>(m_expr)->identifier());
372     else
373         expectedFunction = NoExpectedFunction;
374     RefPtr<RegisterID> func = generator.emitNode(m_expr);
375     CallArguments callArguments(generator, m_args);
376     return generator.emitConstruct(generator.finalDestinationOrIgnored(dst), func.get(), expectedFunction, callArguments, divot(), startOffset(), endOffset());
377 }
378
379 inline CallArguments::CallArguments(BytecodeGenerator& generator, ArgumentsNode* argumentsNode)
380     : m_argumentsNode(argumentsNode)
381 {
382     if (generator.shouldEmitProfileHooks())
383         m_profileHookRegister = generator.newTemporary();
384
385     size_t argumentCountIncludingThis = 1; // 'this' register.
386     if (argumentsNode) {
387         for (ArgumentListNode* node = argumentsNode->m_listNode; node; node = node->m_next)
388             ++argumentCountIncludingThis;
389     }
390
391     m_argv.grow(argumentCountIncludingThis);
392     for (int i = argumentCountIncludingThis - 1; i >= 0; --i) {
393         m_argv[i] = generator.newTemporary();
394         ASSERT(static_cast<size_t>(i) == m_argv.size() - 1 || m_argv[i]->index() == m_argv[i + 1]->index() + 1);
395     }
396 }
397
398 inline void CallArguments::newArgument(BytecodeGenerator& generator)
399 {
400     RefPtr<RegisterID> tmp = generator.newTemporary();
401     ASSERT(m_argv.isEmpty() || tmp->index() == m_argv.last()->index() + 1); // Calling convention assumes that all arguments are contiguous.
402     m_argv.append(tmp.release());
403 }
404
405 // ------------------------------ EvalFunctionCallNode ----------------------------------
406
407 RegisterID* EvalFunctionCallNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
408 {
409     RefPtr<RegisterID> func = generator.tempDestination(dst);
410     CallArguments callArguments(generator, m_args);
411     generator.emitExpressionInfo(divot() - startOffset() + 4, 4, 0);
412     generator.emitResolveWithThis(callArguments.thisRegister(), func.get(), generator.resolve(generator.propertyNames().eval), generator.propertyNames().eval);
413     return generator.emitCallEval(generator.finalDestination(dst, func.get()), func.get(), callArguments, divot(), startOffset(), endOffset());
414 }
415
416 // ------------------------------ FunctionCallValueNode ----------------------------------
417
418 RegisterID* FunctionCallValueNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
419 {
420     RefPtr<RegisterID> func = generator.emitNode(m_expr);
421     CallArguments callArguments(generator, m_args);
422     generator.emitLoad(callArguments.thisRegister(), jsUndefined());
423     return generator.emitCall(generator.finalDestinationOrIgnored(dst, func.get()), func.get(), NoExpectedFunction, callArguments, divot(), startOffset(), endOffset());
424 }
425
426 // ------------------------------ FunctionCallResolveNode ----------------------------------
427
428 RegisterID* FunctionCallResolveNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
429 {
430     ExpectedFunction expectedFunction = generator.expectedFunctionForIdentifier(m_ident);
431     ResolveResult resolveResult = generator.resolve(m_ident);
432
433     if (RegisterID* local = resolveResult.local()) {
434         RefPtr<RegisterID> func = generator.emitMove(generator.tempDestination(dst), local);
435         CallArguments callArguments(generator, m_args);
436         generator.emitLoad(callArguments.thisRegister(), jsUndefined());
437         // This passes NoExpectedFunction because we expect that if the function is in a
438         // local variable, then it's not one of our built-in constructors.
439         return generator.emitCall(generator.finalDestinationOrIgnored(dst, callArguments.thisRegister()), func.get(), NoExpectedFunction, callArguments, divot(), startOffset(), endOffset());
440     }
441
442     if (resolveResult.isStatic()) {
443         RefPtr<RegisterID> func = generator.newTemporary();
444         CallArguments callArguments(generator, m_args);
445         generator.emitGetStaticVar(func.get(), resolveResult, m_ident);
446         generator.emitLoad(callArguments.thisRegister(), jsUndefined());
447         return generator.emitCall(generator.finalDestinationOrIgnored(dst, func.get()), func.get(), expectedFunction, callArguments, divot(), startOffset(), endOffset());
448     }
449
450     RefPtr<RegisterID> func = generator.newTemporary();
451     CallArguments callArguments(generator, m_args);
452     int identifierStart = divot() - startOffset();
453
454     generator.emitExpressionInfo(identifierStart + m_ident.length(), m_ident.length(), 0);
455     generator.emitResolveWithThis(callArguments.thisRegister(), func.get(), resolveResult, m_ident);
456     return generator.emitCall(generator.finalDestinationOrIgnored(dst, func.get()), func.get(), expectedFunction, callArguments, divot(), startOffset(), endOffset());
457 }
458
459 // ------------------------------ FunctionCallBracketNode ----------------------------------
460
461 RegisterID* FunctionCallBracketNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
462 {
463     RefPtr<RegisterID> base = generator.emitNode(m_base);
464     RegisterID* property = generator.emitNode(m_subscript);
465     generator.emitExpressionInfo(divot() - m_subexpressionDivotOffset, startOffset() - m_subexpressionDivotOffset, m_subexpressionEndOffset);
466     RefPtr<RegisterID> function = generator.emitGetByVal(generator.tempDestination(dst), base.get(), property);
467     CallArguments callArguments(generator, m_args);
468     generator.emitMove(callArguments.thisRegister(), base.get());
469     return generator.emitCall(generator.finalDestinationOrIgnored(dst, function.get()), function.get(), NoExpectedFunction, callArguments, divot(), startOffset(), endOffset());
470 }
471
472 // ------------------------------ FunctionCallDotNode ----------------------------------
473
474 RegisterID* FunctionCallDotNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
475 {
476     RefPtr<RegisterID> function = generator.tempDestination(dst);
477     CallArguments callArguments(generator, m_args);
478     generator.emitNode(callArguments.thisRegister(), m_base);
479     generator.emitExpressionInfo(divot() - m_subexpressionDivotOffset, startOffset() - m_subexpressionDivotOffset, m_subexpressionEndOffset);
480     generator.emitGetById(function.get(), callArguments.thisRegister(), m_ident);
481     return generator.emitCall(generator.finalDestinationOrIgnored(dst, function.get()), function.get(), NoExpectedFunction, callArguments, divot(), startOffset(), endOffset());
482 }
483
484 RegisterID* CallFunctionCallDotNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
485 {
486     RefPtr<Label> realCall = generator.newLabel();
487     RefPtr<Label> end = generator.newLabel();
488     RefPtr<RegisterID> base = generator.emitNode(m_base);
489     generator.emitExpressionInfo(divot() - m_subexpressionDivotOffset, startOffset() - m_subexpressionDivotOffset, m_subexpressionEndOffset);
490     RefPtr<RegisterID> function = generator.emitGetById(generator.tempDestination(dst), base.get(), m_ident);
491     RefPtr<RegisterID> finalDestinationOrIgnored = generator.finalDestinationOrIgnored(dst, function.get());
492     generator.emitJumpIfNotFunctionCall(function.get(), realCall.get());
493     {
494         if (m_args->m_listNode && m_args->m_listNode->m_expr) {
495             ArgumentListNode* oldList = m_args->m_listNode;
496             m_args->m_listNode = m_args->m_listNode->m_next;
497
498             RefPtr<RegisterID> realFunction = generator.emitMove(generator.tempDestination(dst), base.get());
499             CallArguments callArguments(generator, m_args);
500             generator.emitNode(callArguments.thisRegister(), oldList->m_expr);
501             generator.emitCall(finalDestinationOrIgnored.get(), realFunction.get(), NoExpectedFunction, callArguments, divot(), startOffset(), endOffset());
502             generator.emitJump(end.get());
503
504             m_args->m_listNode = oldList;
505         } else {
506             RefPtr<RegisterID> realFunction = generator.emitMove(generator.tempDestination(dst), base.get());
507             CallArguments callArguments(generator, m_args);
508             generator.emitLoad(callArguments.thisRegister(), jsUndefined());
509             generator.emitCall(finalDestinationOrIgnored.get(), realFunction.get(), NoExpectedFunction, callArguments, divot(), startOffset(), endOffset());
510             generator.emitJump(end.get());
511         }
512     }
513     generator.emitLabel(realCall.get());
514     {
515         CallArguments callArguments(generator, m_args);
516         generator.emitMove(callArguments.thisRegister(), base.get());
517         generator.emitCall(finalDestinationOrIgnored.get(), function.get(), NoExpectedFunction, callArguments, divot(), startOffset(), endOffset());
518     }
519     generator.emitLabel(end.get());
520     return finalDestinationOrIgnored.get();
521 }
522
523 static bool areTrivialApplyArguments(ArgumentsNode* args)
524 {
525     return !args->m_listNode || !args->m_listNode->m_expr || !args->m_listNode->m_next
526         || (!args->m_listNode->m_next->m_next && args->m_listNode->m_next->m_expr->isSimpleArray());
527 }
528
529 RegisterID* ApplyFunctionCallDotNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
530 {
531     // A few simple cases can be trivially handled as ordinary function calls.
532     // function.apply(), function.apply(arg) -> identical to function.call
533     // function.apply(thisArg, [arg0, arg1, ...]) -> can be trivially coerced into function.call(thisArg, arg0, arg1, ...) and saves object allocation
534     bool mayBeCall = areTrivialApplyArguments(m_args);
535
536     RefPtr<Label> realCall = generator.newLabel();
537     RefPtr<Label> end = generator.newLabel();
538     RefPtr<RegisterID> base = generator.emitNode(m_base);
539     generator.emitExpressionInfo(divot() - m_subexpressionDivotOffset, startOffset() - m_subexpressionDivotOffset, m_subexpressionEndOffset);
540     RefPtr<RegisterID> function = generator.emitGetById(generator.tempDestination(dst), base.get(), m_ident);
541     RefPtr<RegisterID> finalDestinationOrIgnored = generator.finalDestinationOrIgnored(dst, function.get());
542     generator.emitJumpIfNotFunctionApply(function.get(), realCall.get());
543     {
544         if (mayBeCall) {
545             if (m_args->m_listNode && m_args->m_listNode->m_expr) {
546                 ArgumentListNode* oldList = m_args->m_listNode;
547                 if (m_args->m_listNode->m_next) {
548                     ASSERT(m_args->m_listNode->m_next->m_expr->isSimpleArray());
549                     ASSERT(!m_args->m_listNode->m_next->m_next);
550                     m_args->m_listNode = static_cast<ArrayNode*>(m_args->m_listNode->m_next->m_expr)->toArgumentList(generator.globalData(), 0, 0);
551                     RefPtr<RegisterID> realFunction = generator.emitMove(generator.tempDestination(dst), base.get());
552                     CallArguments callArguments(generator, m_args);
553                     generator.emitNode(callArguments.thisRegister(), oldList->m_expr);
554                     generator.emitCall(finalDestinationOrIgnored.get(), realFunction.get(), NoExpectedFunction, callArguments, divot(), startOffset(), endOffset());
555                 } else {
556                     m_args->m_listNode = m_args->m_listNode->m_next;
557                     RefPtr<RegisterID> realFunction = generator.emitMove(generator.tempDestination(dst), base.get());
558                     CallArguments callArguments(generator, m_args);
559                     generator.emitNode(callArguments.thisRegister(), oldList->m_expr);
560                     generator.emitCall(finalDestinationOrIgnored.get(), realFunction.get(), NoExpectedFunction, callArguments, divot(), startOffset(), endOffset());
561                 }
562                 m_args->m_listNode = oldList;
563             } else {
564                 RefPtr<RegisterID> realFunction = generator.emitMove(generator.tempDestination(dst), base.get());
565                 CallArguments callArguments(generator, m_args);
566                 generator.emitLoad(callArguments.thisRegister(), jsUndefined());
567                 generator.emitCall(finalDestinationOrIgnored.get(), realFunction.get(), NoExpectedFunction, callArguments, divot(), startOffset(), endOffset());
568             }
569         } else {
570             ASSERT(m_args->m_listNode && m_args->m_listNode->m_next);
571             RefPtr<RegisterID> profileHookRegister;
572             if (generator.shouldEmitProfileHooks())
573                 profileHookRegister = generator.newTemporary();
574             RefPtr<RegisterID> realFunction = generator.emitMove(generator.tempDestination(dst), base.get());
575             RefPtr<RegisterID> thisRegister = generator.emitNode(m_args->m_listNode->m_expr);
576             RefPtr<RegisterID> argsRegister;
577             ArgumentListNode* args = m_args->m_listNode->m_next;
578             if (args->m_expr->isResolveNode() && generator.willResolveToArguments(static_cast<ResolveNode*>(args->m_expr)->identifier()))
579                 argsRegister = generator.uncheckedRegisterForArguments();
580             else
581                 argsRegister = generator.emitNode(args->m_expr);
582
583             // Function.prototype.apply ignores extra arguments, but we still
584             // need to evaluate them for side effects.
585             while ((args = args->m_next))
586                 generator.emitNode(args->m_expr);
587
588             generator.emitCallVarargs(finalDestinationOrIgnored.get(), realFunction.get(), thisRegister.get(), argsRegister.get(), generator.newTemporary(), profileHookRegister.get(), divot(), startOffset(), endOffset());
589         }
590         generator.emitJump(end.get());
591     }
592     generator.emitLabel(realCall.get());
593     {
594         CallArguments callArguments(generator, m_args);
595         generator.emitMove(callArguments.thisRegister(), base.get());
596         generator.emitCall(finalDestinationOrIgnored.get(), function.get(), NoExpectedFunction, callArguments, divot(), startOffset(), endOffset());
597     }
598     generator.emitLabel(end.get());
599     return finalDestinationOrIgnored.get();
600 }
601
602 // ------------------------------ PostfixNode ----------------------------------
603
604 static RegisterID* emitPreIncOrDec(BytecodeGenerator& generator, RegisterID* srcDst, Operator oper)
605 {
606     return (oper == OpPlusPlus) ? generator.emitPreInc(srcDst) : generator.emitPreDec(srcDst);
607 }
608
609 static RegisterID* emitPostIncOrDec(BytecodeGenerator& generator, RegisterID* dst, RegisterID* srcDst, Operator oper)
610 {
611     if (srcDst == dst)
612         return generator.emitToJSNumber(dst, srcDst);
613     return (oper == OpPlusPlus) ? generator.emitPostInc(dst, srcDst) : generator.emitPostDec(dst, srcDst);
614 }
615
616 RegisterID* PostfixNode::emitResolve(BytecodeGenerator& generator, RegisterID* dst)
617 {
618     ASSERT(m_expr->isResolveNode());
619     ResolveNode* resolve = static_cast<ResolveNode*>(m_expr);
620     const Identifier& ident = resolve->identifier();
621
622     ResolveResult resolveResult = generator.resolve(ident);
623
624     if (RegisterID* local = resolveResult.local()) {
625         if (resolveResult.isReadOnly()) {
626             generator.emitReadOnlyExceptionIfNeeded();
627             return generator.emitToJSNumber(generator.finalDestination(dst), local);
628         }
629         if (dst == generator.ignoredResult())
630             return emitPreIncOrDec(generator, local, m_operator);
631         return emitPostIncOrDec(generator, generator.finalDestination(dst), local, m_operator);
632     }
633
634     if (resolveResult.isStatic() && !resolveResult.isReadOnly()) {
635         RefPtr<RegisterID> value = generator.emitGetStaticVar(generator.newTemporary(), resolveResult, ident);
636         RegisterID* oldValue;
637         if (dst == generator.ignoredResult()) {
638             oldValue = 0;
639             emitPreIncOrDec(generator, value.get(), m_operator);
640         } else
641             oldValue = emitPostIncOrDec(generator, generator.finalDestination(dst), value.get(), m_operator);
642         generator.emitPutStaticVar(resolveResult, ident, value.get());
643         return oldValue;
644     }
645
646     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
647     RefPtr<RegisterID> value = generator.newTemporary();
648     NonlocalResolveInfo resolveInfo;
649     RefPtr<RegisterID> base = generator.emitResolveWithBaseForPut(generator.newTemporary(), value.get(), resolveResult, ident, resolveInfo);
650     RegisterID* oldValue;
651     if (dst == generator.ignoredResult()) {
652         oldValue = 0;
653         emitPreIncOrDec(generator, value.get(), m_operator);
654     } else
655         oldValue = emitPostIncOrDec(generator, generator.finalDestination(dst), value.get(), m_operator);
656     generator.emitPutToBase(base.get(), ident, value.get(), resolveInfo);
657     return oldValue;
658 }
659
660 RegisterID* PostfixNode::emitBracket(BytecodeGenerator& generator, RegisterID* dst)
661 {
662     ASSERT(m_expr->isBracketAccessorNode());
663     BracketAccessorNode* bracketAccessor = static_cast<BracketAccessorNode*>(m_expr);
664     ExpressionNode* baseNode = bracketAccessor->base();
665     ExpressionNode* subscript = bracketAccessor->subscript();
666
667     RefPtr<RegisterID> base = generator.emitNodeForLeftHandSide(baseNode, bracketAccessor->subscriptHasAssignments(), subscript->isPure(generator));
668     RefPtr<RegisterID> property = generator.emitNode(subscript);
669
670     generator.emitExpressionInfo(bracketAccessor->divot(), bracketAccessor->startOffset(), bracketAccessor->endOffset());
671     RefPtr<RegisterID> value = generator.emitGetByVal(generator.newTemporary(), base.get(), property.get());
672     if (dst == generator.ignoredResult()) {
673         emitPreIncOrDec(generator, value.get(), m_operator);
674         generator.emitExpressionInfo(divot(), startOffset(), endOffset());
675         generator.emitPutByVal(base.get(), property.get(), value.get());
676         return 0;
677     }
678     RegisterID* oldValue = emitPostIncOrDec(generator, generator.tempDestination(dst), value.get(), m_operator);
679     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
680     generator.emitPutByVal(base.get(), property.get(), value.get());
681     return generator.moveToDestinationIfNeeded(dst, oldValue);
682 }
683
684 RegisterID* PostfixNode::emitDot(BytecodeGenerator& generator, RegisterID* dst)
685 {
686     ASSERT(m_expr->isDotAccessorNode());
687     DotAccessorNode* dotAccessor = static_cast<DotAccessorNode*>(m_expr);
688     ExpressionNode* baseNode = dotAccessor->base();
689     const Identifier& ident = dotAccessor->identifier();
690
691     RefPtr<RegisterID> base = generator.emitNode(baseNode);
692
693     generator.emitExpressionInfo(dotAccessor->divot(), dotAccessor->startOffset(), dotAccessor->endOffset());
694     RefPtr<RegisterID> value = generator.emitGetById(generator.newTemporary(), base.get(), ident);
695     if (dst == generator.ignoredResult()) {
696         emitPreIncOrDec(generator, value.get(), m_operator);
697         generator.emitExpressionInfo(divot(), startOffset(), endOffset());
698         generator.emitPutById(base.get(), ident, value.get());
699         return 0;
700     }
701     RegisterID* oldValue = emitPostIncOrDec(generator, generator.tempDestination(dst), value.get(), m_operator);
702     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
703     generator.emitPutById(base.get(), ident, value.get());
704     return generator.moveToDestinationIfNeeded(dst, oldValue);
705 }
706
707 RegisterID* PostfixNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
708 {
709     if (m_expr->isResolveNode())
710         return emitResolve(generator, dst);
711
712     if (m_expr->isBracketAccessorNode())
713         return emitBracket(generator, dst);
714
715     if (m_expr->isDotAccessorNode())
716         return emitDot(generator, dst);
717
718     return emitThrowReferenceError(generator, m_operator == OpPlusPlus
719         ? "Postfix ++ operator applied to value that is not a reference."
720         : "Postfix -- operator applied to value that is not a reference.");
721 }
722
723 // ------------------------------ DeleteResolveNode -----------------------------------
724
725 RegisterID* DeleteResolveNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
726 {
727     ResolveResult resolveResult = generator.resolve(m_ident);
728     if (resolveResult.isRegister())
729         return generator.emitLoad(generator.finalDestination(dst), false);
730
731     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
732     RegisterID* base = generator.emitResolveBase(generator.tempDestination(dst), resolveResult, m_ident);
733     return generator.emitDeleteById(generator.finalDestination(dst, base), base, m_ident);
734 }
735
736 // ------------------------------ DeleteBracketNode -----------------------------------
737
738 RegisterID* DeleteBracketNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
739 {
740     RefPtr<RegisterID> r0 = generator.emitNode(m_base);
741     RegisterID* r1 = generator.emitNode(m_subscript);
742
743     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
744     return generator.emitDeleteByVal(generator.finalDestination(dst), r0.get(), r1);
745 }
746
747 // ------------------------------ DeleteDotNode -----------------------------------
748
749 RegisterID* DeleteDotNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
750 {
751     RegisterID* r0 = generator.emitNode(m_base);
752
753     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
754     return generator.emitDeleteById(generator.finalDestination(dst), r0, m_ident);
755 }
756
757 // ------------------------------ DeleteValueNode -----------------------------------
758
759 RegisterID* DeleteValueNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
760 {
761     generator.emitNode(generator.ignoredResult(), m_expr);
762
763     // delete on a non-location expression ignores the value and returns true
764     return generator.emitLoad(generator.finalDestination(dst), true);
765 }
766
767 // ------------------------------ VoidNode -------------------------------------
768
769 RegisterID* VoidNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
770 {
771     if (dst == generator.ignoredResult()) {
772         generator.emitNode(generator.ignoredResult(), m_expr);
773         return 0;
774     }
775     RefPtr<RegisterID> r0 = generator.emitNode(m_expr);
776     return generator.emitLoad(dst, jsUndefined());
777 }
778
779 // ------------------------------ TypeOfValueNode -----------------------------------
780
781 RegisterID* TypeOfResolveNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
782 {
783     ResolveResult resolveResult = generator.resolve(m_ident);
784     if (RegisterID* local = resolveResult.local()) {
785         if (dst == generator.ignoredResult())
786             return 0;
787         return generator.emitTypeOf(generator.finalDestination(dst), local);
788     }
789
790     if (resolveResult.isStatic()) {
791         RefPtr<RegisterID> scratch = generator.emitGetStaticVar(generator.tempDestination(dst), resolveResult, m_ident);
792         return generator.emitTypeOf(generator.finalDestination(dst, scratch.get()), scratch.get());
793     }
794
795     RefPtr<RegisterID> scratch = generator.emitResolveBase(generator.tempDestination(dst), resolveResult, m_ident);
796     generator.emitGetById(scratch.get(), scratch.get(), m_ident);
797     if (dst == generator.ignoredResult())
798         return 0;
799     return generator.emitTypeOf(generator.finalDestination(dst, scratch.get()), scratch.get());
800 }
801
802 // ------------------------------ TypeOfValueNode -----------------------------------
803
804 RegisterID* TypeOfValueNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
805 {
806     if (dst == generator.ignoredResult()) {
807         generator.emitNode(generator.ignoredResult(), m_expr);
808         return 0;
809     }
810     RefPtr<RegisterID> src = generator.emitNode(m_expr);
811     return generator.emitTypeOf(generator.finalDestination(dst), src.get());
812 }
813
814 // ------------------------------ PrefixNode ----------------------------------
815
816 RegisterID* PrefixNode::emitResolve(BytecodeGenerator& generator, RegisterID* dst)
817 {
818     ASSERT(m_expr->isResolveNode());
819     ResolveNode* resolve = static_cast<ResolveNode*>(m_expr);
820     const Identifier& ident = resolve->identifier();
821
822     ResolveResult resolveResult = generator.resolve(ident);
823     if (RegisterID* local = resolveResult.local()) {
824         if (resolveResult.isReadOnly()) {
825             generator.emitReadOnlyExceptionIfNeeded();
826             if (dst == generator.ignoredResult())
827                 return generator.emitToJSNumber(generator.newTemporary(), local);
828             RefPtr<RegisterID> r0 = generator.emitLoad(generator.tempDestination(dst), (m_operator == OpPlusPlus) ? 1.0 : -1.0);
829             generator.emitBinaryOp(op_add, r0.get(), local, r0.get(), OperandTypes());
830             return generator.moveToDestinationIfNeeded(dst, r0.get());
831         }
832         emitPreIncOrDec(generator, local, m_operator);
833         return generator.moveToDestinationIfNeeded(dst, local);
834     }
835
836     if (resolveResult.isStatic() && !resolveResult.isReadOnly()) {
837         RefPtr<RegisterID> propDst = generator.emitGetStaticVar(generator.tempDestination(dst), resolveResult, ident);
838         emitPreIncOrDec(generator, propDst.get(), m_operator);
839         generator.emitPutStaticVar(resolveResult, ident, propDst.get());
840         return generator.moveToDestinationIfNeeded(dst, propDst.get());
841     }
842
843     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
844     RefPtr<RegisterID> propDst = generator.tempDestination(dst);
845     NonlocalResolveInfo resolveVerifier;
846     RefPtr<RegisterID> base = generator.emitResolveWithBaseForPut(generator.newTemporary(), propDst.get(), resolveResult, ident, resolveVerifier);
847     emitPreIncOrDec(generator, propDst.get(), m_operator);
848     generator.emitPutToBase(base.get(), ident, propDst.get(), resolveVerifier);
849     return generator.moveToDestinationIfNeeded(dst, propDst.get());
850 }
851
852 RegisterID* PrefixNode::emitBracket(BytecodeGenerator& generator, RegisterID* dst)
853 {
854     ASSERT(m_expr->isBracketAccessorNode());
855     BracketAccessorNode* bracketAccessor = static_cast<BracketAccessorNode*>(m_expr);
856     ExpressionNode* baseNode = bracketAccessor->base();
857     ExpressionNode* subscript = bracketAccessor->subscript();
858
859     RefPtr<RegisterID> base = generator.emitNodeForLeftHandSide(baseNode, bracketAccessor->subscriptHasAssignments(), subscript->isPure(generator));
860     RefPtr<RegisterID> property = generator.emitNode(subscript);
861     RefPtr<RegisterID> propDst = generator.tempDestination(dst);
862
863     generator.emitExpressionInfo(bracketAccessor->divot(), bracketAccessor->startOffset(), bracketAccessor->endOffset());
864     RegisterID* value = generator.emitGetByVal(propDst.get(), base.get(), property.get());
865     emitPreIncOrDec(generator, value, m_operator);
866     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
867     generator.emitPutByVal(base.get(), property.get(), value);
868     return generator.moveToDestinationIfNeeded(dst, propDst.get());
869 }
870
871 RegisterID* PrefixNode::emitDot(BytecodeGenerator& generator, RegisterID* dst)
872 {
873     ASSERT(m_expr->isDotAccessorNode());
874     DotAccessorNode* dotAccessor = static_cast<DotAccessorNode*>(m_expr);
875     ExpressionNode* baseNode = dotAccessor->base();
876     const Identifier& ident = dotAccessor->identifier();
877
878     RefPtr<RegisterID> base = generator.emitNode(baseNode);
879     RefPtr<RegisterID> propDst = generator.tempDestination(dst);
880
881     generator.emitExpressionInfo(dotAccessor->divot(), dotAccessor->startOffset(), dotAccessor->endOffset());
882     RegisterID* value = generator.emitGetById(propDst.get(), base.get(), ident);
883     emitPreIncOrDec(generator, value, m_operator);
884     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
885     generator.emitPutById(base.get(), ident, value);
886     return generator.moveToDestinationIfNeeded(dst, propDst.get());
887 }
888
889 RegisterID* PrefixNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
890 {
891     if (m_expr->isResolveNode())
892         return emitResolve(generator, dst);
893
894     if (m_expr->isBracketAccessorNode())
895         return emitBracket(generator, dst);
896
897     if (m_expr->isDotAccessorNode())
898         return emitDot(generator, dst);
899
900     return emitThrowReferenceError(generator, m_operator == OpPlusPlus
901         ? "Prefix ++ operator applied to value that is not a reference."
902         : "Prefix -- operator applied to value that is not a reference.");
903 }
904
905 // ------------------------------ Unary Operation Nodes -----------------------------------
906
907 RegisterID* UnaryOpNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
908 {
909     RegisterID* src = generator.emitNode(m_expr);
910     return generator.emitUnaryOp(opcodeID(), generator.finalDestination(dst), src);
911 }
912
913 // ------------------------------ BitwiseNotNode -----------------------------------
914  
915 RegisterID* BitwiseNotNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
916 {
917     RefPtr<RegisterID> src2 = generator.emitLoad(generator.newTemporary(), jsNumber(-1));
918     RegisterID* src1 = generator.emitNode(m_expr);
919     return generator.emitBinaryOp(op_bitxor, generator.finalDestination(dst, src1), src1, src2.get(), OperandTypes(m_expr->resultDescriptor(), ResultType::numberTypeIsInt32()));
920 }
921  
922 // ------------------------------ LogicalNotNode -----------------------------------
923
924 void LogicalNotNode::emitBytecodeInConditionContext(BytecodeGenerator& generator, Label* trueTarget, Label* falseTarget, bool fallThroughMeansTrue)
925 {
926     ASSERT(expr()->hasConditionContextCodegen());
927
928     // reverse the true and false targets
929     generator.emitNodeInConditionContext(expr(), falseTarget, trueTarget, !fallThroughMeansTrue);
930 }
931
932
933 // ------------------------------ Binary Operation Nodes -----------------------------------
934
935 // BinaryOpNode::emitStrcat:
936 //
937 // This node generates an op_strcat operation.  This opcode can handle concatenation of three or
938 // more values, where we can determine a set of separate op_add operations would be operating on
939 // string values.
940 //
941 // This function expects to be operating on a graph of AST nodes looking something like this:
942 //
943 //     (a)...     (b)
944 //          \   /
945 //           (+)     (c)
946 //              \   /
947 //      [d]     ((+))
948 //         \    /
949 //          [+=]
950 //
951 // The assignment operation is optional, if it exists the register holding the value on the
952 // lefthand side of the assignment should be passing as the optional 'lhs' argument.
953 //
954 // The method should be called on the node at the root of the tree of regular binary add
955 // operations (marked in the diagram with a double set of parentheses).  This node must
956 // be performing a string concatenation (determined by statically detecting that at least
957 // one child must be a string).  
958 //
959 // Since the minimum number of values being concatenated together is expected to be 3, if
960 // a lhs to a concatenating assignment is not provided then the  root add should have at
961 // least one left child that is also an add that can be determined to be operating on strings.
962 //
963 RegisterID* BinaryOpNode::emitStrcat(BytecodeGenerator& generator, RegisterID* dst, RegisterID* lhs, ReadModifyResolveNode* emitExpressionInfoForMe)
964 {
965     ASSERT(isAdd());
966     ASSERT(resultDescriptor().definitelyIsString());
967
968     // Create a list of expressions for all the adds in the tree of nodes we can convert into
969     // a string concatenation.  The rightmost node (c) is added first.  The rightmost node is
970     // added first, and the leftmost child is never added, so the vector produced for the
971     // example above will be [ c, b ].
972     Vector<ExpressionNode*, 16> reverseExpressionList;
973     reverseExpressionList.append(m_expr2);
974
975     // Examine the left child of the add.  So long as this is a string add, add its right-child
976     // to the list, and keep processing along the left fork.
977     ExpressionNode* leftMostAddChild = m_expr1;
978     while (leftMostAddChild->isAdd() && leftMostAddChild->resultDescriptor().definitelyIsString()) {
979         reverseExpressionList.append(static_cast<AddNode*>(leftMostAddChild)->m_expr2);
980         leftMostAddChild = static_cast<AddNode*>(leftMostAddChild)->m_expr1;
981     }
982
983     Vector<RefPtr<RegisterID>, 16> temporaryRegisters;
984
985     // If there is an assignment, allocate a temporary to hold the lhs after conversion.
986     // We could possibly avoid this (the lhs is converted last anyway, we could let the
987     // op_strcat node handle its conversion if required).
988     if (lhs)
989         temporaryRegisters.append(generator.newTemporary());
990
991     // Emit code for the leftmost node ((a) in the example).
992     temporaryRegisters.append(generator.newTemporary());
993     RegisterID* leftMostAddChildTempRegister = temporaryRegisters.last().get();
994     generator.emitNode(leftMostAddChildTempRegister, leftMostAddChild);
995
996     // Note on ordering of conversions:
997     //
998     // We maintain the same ordering of conversions as we would see if the concatenations
999     // was performed as a sequence of adds (otherwise this optimization could change
1000     // behaviour should an object have been provided a valueOf or toString method).
1001     //
1002     // Considering the above example, the sequnce of execution is:
1003     //     * evaluate operand (a)
1004     //     * evaluate operand (b)
1005     //     * convert (a) to primitive   <-  (this would be triggered by the first add)
1006     //     * convert (b) to primitive   <-  (ditto)
1007     //     * evaluate operand (c)
1008     //     * convert (c) to primitive   <-  (this would be triggered by the second add)
1009     // And optionally, if there is an assignment:
1010     //     * convert (d) to primitive   <-  (this would be triggered by the assigning addition)
1011     //
1012     // As such we do not plant an op to convert the leftmost child now.  Instead, use
1013     // 'leftMostAddChildTempRegister' as a flag to trigger generation of the conversion
1014     // once the second node has been generated.  However, if the leftmost child is an
1015     // immediate we can trivially determine that no conversion will be required.
1016     // If this is the case
1017     if (leftMostAddChild->isString())
1018         leftMostAddChildTempRegister = 0;
1019
1020     while (reverseExpressionList.size()) {
1021         ExpressionNode* node = reverseExpressionList.last();
1022         reverseExpressionList.removeLast();
1023
1024         // Emit the code for the current node.
1025         temporaryRegisters.append(generator.newTemporary());
1026         generator.emitNode(temporaryRegisters.last().get(), node);
1027
1028         // On the first iteration of this loop, when we first reach this point we have just
1029         // generated the second node, which means it is time to convert the leftmost operand.
1030         if (leftMostAddChildTempRegister) {
1031             generator.emitToPrimitive(leftMostAddChildTempRegister, leftMostAddChildTempRegister);
1032             leftMostAddChildTempRegister = 0; // Only do this once.
1033         }
1034         // Plant a conversion for this node, if necessary.
1035         if (!node->isString())
1036             generator.emitToPrimitive(temporaryRegisters.last().get(), temporaryRegisters.last().get());
1037     }
1038     ASSERT(temporaryRegisters.size() >= 3);
1039
1040     // Certain read-modify nodes require expression info to be emitted *after* m_right has been generated.
1041     // If this is required the node is passed as 'emitExpressionInfoForMe'; do so now.
1042     if (emitExpressionInfoForMe)
1043         generator.emitExpressionInfo(emitExpressionInfoForMe->divot(), emitExpressionInfoForMe->startOffset(), emitExpressionInfoForMe->endOffset());
1044
1045     // If there is an assignment convert the lhs now.  This will also copy lhs to
1046     // the temporary register we allocated for it.
1047     if (lhs)
1048         generator.emitToPrimitive(temporaryRegisters[0].get(), lhs);
1049
1050     return generator.emitStrcat(generator.finalDestination(dst, temporaryRegisters[0].get()), temporaryRegisters[0].get(), temporaryRegisters.size());
1051 }
1052
1053 RegisterID* BinaryOpNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1054 {
1055     OpcodeID opcodeID = this->opcodeID();
1056
1057     if (opcodeID == op_add && m_expr1->isAdd() && m_expr1->resultDescriptor().definitelyIsString())
1058         return emitStrcat(generator, dst);
1059
1060     if (opcodeID == op_neq) {
1061         if (m_expr1->isNull() || m_expr2->isNull()) {
1062             RefPtr<RegisterID> src = generator.tempDestination(dst);
1063             generator.emitNode(src.get(), m_expr1->isNull() ? m_expr2 : m_expr1);
1064             return generator.emitUnaryOp(op_neq_null, generator.finalDestination(dst, src.get()), src.get());
1065         }
1066     }
1067
1068     ExpressionNode* left = m_expr1;
1069     ExpressionNode* right = m_expr2;
1070     if (opcodeID == op_neq || opcodeID == op_nstricteq) {
1071         if (left->isString())
1072             std::swap(left, right);
1073     }
1074
1075     RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(left, m_rightHasAssignments, right->isPure(generator));
1076     bool wasTypeof = generator.m_lastOpcodeID == op_typeof;
1077     RegisterID* src2 = generator.emitNode(right);
1078     if (wasTypeof && (opcodeID == op_neq || opcodeID == op_nstricteq)) {
1079         RefPtr<RegisterID> tmp = generator.tempDestination(dst);
1080         if (opcodeID == op_neq)
1081             generator.emitEqualityOp(op_eq, generator.finalDestination(tmp.get(), src1.get()), src1.get(), src2);
1082         else if (opcodeID == op_nstricteq)
1083             generator.emitEqualityOp(op_stricteq, generator.finalDestination(tmp.get(), src1.get()), src1.get(), src2);
1084         else
1085             RELEASE_ASSERT_NOT_REACHED();
1086         return generator.emitUnaryOp(op_not, generator.finalDestination(dst, tmp.get()), tmp.get());
1087     }
1088     return generator.emitBinaryOp(opcodeID, generator.finalDestination(dst, src1.get()), src1.get(), src2, OperandTypes(left->resultDescriptor(), right->resultDescriptor()));
1089 }
1090
1091 RegisterID* EqualNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1092 {
1093     if (m_expr1->isNull() || m_expr2->isNull()) {
1094         RefPtr<RegisterID> src = generator.tempDestination(dst);
1095         generator.emitNode(src.get(), m_expr1->isNull() ? m_expr2 : m_expr1);
1096         return generator.emitUnaryOp(op_eq_null, generator.finalDestination(dst, src.get()), src.get());
1097     }
1098
1099     ExpressionNode* left = m_expr1;
1100     ExpressionNode* right = m_expr2;
1101     if (left->isString())
1102         std::swap(left, right);
1103
1104     RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(left, m_rightHasAssignments, m_expr2->isPure(generator));
1105     RegisterID* src2 = generator.emitNode(right);
1106     return generator.emitEqualityOp(op_eq, generator.finalDestination(dst, src1.get()), src1.get(), src2);
1107 }
1108
1109 RegisterID* StrictEqualNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1110 {
1111     ExpressionNode* left = m_expr1;
1112     ExpressionNode* right = m_expr2;
1113     if (left->isString())
1114         std::swap(left, right);
1115
1116     RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(left, m_rightHasAssignments, m_expr2->isPure(generator));
1117     RegisterID* src2 = generator.emitNode(right);
1118     return generator.emitEqualityOp(op_stricteq, generator.finalDestination(dst, src1.get()), src1.get(), src2);
1119 }
1120
1121 RegisterID* ThrowableBinaryOpNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1122 {
1123     RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(m_expr1, m_rightHasAssignments, m_expr2->isPure(generator));
1124     RegisterID* src2 = generator.emitNode(m_expr2);
1125     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1126     return generator.emitBinaryOp(opcodeID(), generator.finalDestination(dst, src1.get()), src1.get(), src2, OperandTypes(m_expr1->resultDescriptor(), m_expr2->resultDescriptor()));
1127 }
1128
1129 RegisterID* InstanceOfNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1130 {
1131     RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(m_expr1, m_rightHasAssignments, m_expr2->isPure(generator));
1132     RefPtr<RegisterID> src2 = generator.emitNode(m_expr2);
1133     RefPtr<RegisterID> prototype = generator.newTemporary();
1134     RefPtr<RegisterID> dstReg = generator.finalDestination(dst, src1.get());
1135     RefPtr<Label> target = generator.newLabel();
1136
1137     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1138     generator.emitCheckHasInstance(dstReg.get(), src1.get(), src2.get(), target.get());
1139
1140     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1141     generator.emitGetById(prototype.get(), src2.get(), generator.globalData()->propertyNames->prototype);
1142
1143     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1144     RegisterID* result = generator.emitInstanceOf(dstReg.get(), src1.get(), prototype.get());
1145     generator.emitLabel(target.get());
1146     return result;
1147 }
1148
1149 // ------------------------------ LogicalOpNode ----------------------------
1150
1151 RegisterID* LogicalOpNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1152 {
1153     RefPtr<RegisterID> temp = generator.tempDestination(dst);
1154     RefPtr<Label> target = generator.newLabel();
1155     
1156     generator.emitNode(temp.get(), m_expr1);
1157     if (m_operator == OpLogicalAnd)
1158         generator.emitJumpIfFalse(temp.get(), target.get());
1159     else
1160         generator.emitJumpIfTrue(temp.get(), target.get());
1161     generator.emitNode(temp.get(), m_expr2);
1162     generator.emitLabel(target.get());
1163
1164     return generator.moveToDestinationIfNeeded(dst, temp.get());
1165 }
1166
1167 void LogicalOpNode::emitBytecodeInConditionContext(BytecodeGenerator& generator, Label* trueTarget, Label* falseTarget, bool fallThroughMeansTrue)
1168 {
1169     if (m_expr1->hasConditionContextCodegen()) {
1170         RefPtr<Label> afterExpr1 = generator.newLabel();
1171         if (m_operator == OpLogicalAnd)
1172             generator.emitNodeInConditionContext(m_expr1, afterExpr1.get(), falseTarget, true);
1173         else 
1174             generator.emitNodeInConditionContext(m_expr1, trueTarget, afterExpr1.get(), false);
1175         generator.emitLabel(afterExpr1.get());
1176     } else {
1177         RegisterID* temp = generator.emitNode(m_expr1);
1178         if (m_operator == OpLogicalAnd)
1179             generator.emitJumpIfFalse(temp, falseTarget);
1180         else
1181             generator.emitJumpIfTrue(temp, trueTarget);
1182     }
1183
1184     if (m_expr2->hasConditionContextCodegen())
1185         generator.emitNodeInConditionContext(m_expr2, trueTarget, falseTarget, fallThroughMeansTrue);
1186     else {
1187         RegisterID* temp = generator.emitNode(m_expr2);
1188         if (fallThroughMeansTrue)
1189             generator.emitJumpIfFalse(temp, falseTarget);
1190         else
1191             generator.emitJumpIfTrue(temp, trueTarget);
1192     }
1193 }
1194
1195 // ------------------------------ ConditionalNode ------------------------------
1196
1197 RegisterID* ConditionalNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1198 {
1199     RefPtr<RegisterID> newDst = generator.finalDestination(dst);
1200     RefPtr<Label> beforeElse = generator.newLabel();
1201     RefPtr<Label> afterElse = generator.newLabel();
1202
1203     if (m_logical->hasConditionContextCodegen()) {
1204         RefPtr<Label> beforeThen = generator.newLabel();
1205         generator.emitNodeInConditionContext(m_logical, beforeThen.get(), beforeElse.get(), true);
1206         generator.emitLabel(beforeThen.get());
1207     } else {
1208         RegisterID* cond = generator.emitNode(m_logical);
1209         generator.emitJumpIfFalse(cond, beforeElse.get());
1210     }
1211
1212     generator.emitNode(newDst.get(), m_expr1);
1213     generator.emitJump(afterElse.get());
1214
1215     generator.emitLabel(beforeElse.get());
1216     generator.emitNode(newDst.get(), m_expr2);
1217
1218     generator.emitLabel(afterElse.get());
1219
1220     return newDst.get();
1221 }
1222
1223 // ------------------------------ ReadModifyResolveNode -----------------------------------
1224
1225 // FIXME: should this be moved to be a method on BytecodeGenerator?
1226 static ALWAYS_INLINE RegisterID* emitReadModifyAssignment(BytecodeGenerator& generator, RegisterID* dst, RegisterID* src1, ExpressionNode* m_right, Operator oper, OperandTypes types, ReadModifyResolveNode* emitExpressionInfoForMe = 0)
1227 {
1228     OpcodeID opcodeID;
1229     switch (oper) {
1230         case OpMultEq:
1231             opcodeID = op_mul;
1232             break;
1233         case OpDivEq:
1234             opcodeID = op_div;
1235             break;
1236         case OpPlusEq:
1237             if (m_right->isAdd() && m_right->resultDescriptor().definitelyIsString())
1238                 return static_cast<AddNode*>(m_right)->emitStrcat(generator, dst, src1, emitExpressionInfoForMe);
1239             opcodeID = op_add;
1240             break;
1241         case OpMinusEq:
1242             opcodeID = op_sub;
1243             break;
1244         case OpLShift:
1245             opcodeID = op_lshift;
1246             break;
1247         case OpRShift:
1248             opcodeID = op_rshift;
1249             break;
1250         case OpURShift:
1251             opcodeID = op_urshift;
1252             break;
1253         case OpAndEq:
1254             opcodeID = op_bitand;
1255             break;
1256         case OpXOrEq:
1257             opcodeID = op_bitxor;
1258             break;
1259         case OpOrEq:
1260             opcodeID = op_bitor;
1261             break;
1262         case OpModEq:
1263             opcodeID = op_mod;
1264             break;
1265         default:
1266             RELEASE_ASSERT_NOT_REACHED();
1267             return dst;
1268     }
1269
1270     RegisterID* src2 = generator.emitNode(m_right);
1271
1272     // Certain read-modify nodes require expression info to be emitted *after* m_right has been generated.
1273     // If this is required the node is passed as 'emitExpressionInfoForMe'; do so now.
1274     if (emitExpressionInfoForMe)
1275         generator.emitExpressionInfo(emitExpressionInfoForMe->divot(), emitExpressionInfoForMe->startOffset(), emitExpressionInfoForMe->endOffset());
1276
1277     return generator.emitBinaryOp(opcodeID, dst, src1, src2, types);
1278 }
1279
1280 RegisterID* ReadModifyResolveNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1281 {
1282     ResolveResult resolveResult = generator.resolve(m_ident);
1283
1284     if (RegisterID *local = resolveResult.local()) {
1285         if (resolveResult.isReadOnly()) {
1286             generator.emitReadOnlyExceptionIfNeeded();
1287             return emitReadModifyAssignment(generator, generator.finalDestination(dst), local, m_right, m_operator, OperandTypes(ResultType::unknownType(), m_right->resultDescriptor()));
1288         }
1289         
1290         if (generator.leftHandSideNeedsCopy(m_rightHasAssignments, m_right->isPure(generator))) {
1291             RefPtr<RegisterID> result = generator.newTemporary();
1292             generator.emitMove(result.get(), local);
1293             emitReadModifyAssignment(generator, result.get(), result.get(), m_right, m_operator, OperandTypes(ResultType::unknownType(), m_right->resultDescriptor()));
1294             generator.emitMove(local, result.get());
1295             return generator.moveToDestinationIfNeeded(dst, result.get());
1296         }
1297         
1298         RegisterID* result = emitReadModifyAssignment(generator, local, local, m_right, m_operator, OperandTypes(ResultType::unknownType(), m_right->resultDescriptor()));
1299         return generator.moveToDestinationIfNeeded(dst, result);
1300     }
1301
1302     if (resolveResult.isStatic() && !resolveResult.isReadOnly()) {
1303         RefPtr<RegisterID> src1 = generator.emitGetStaticVar(generator.tempDestination(dst), resolveResult, m_ident);
1304         RegisterID* result = emitReadModifyAssignment(generator, generator.finalDestination(dst, src1.get()), src1.get(), m_right, m_operator, OperandTypes(ResultType::unknownType(), m_right->resultDescriptor()));
1305         generator.emitPutStaticVar(resolveResult, m_ident, result);
1306         return result;
1307     }
1308
1309     RefPtr<RegisterID> src1 = generator.tempDestination(dst);
1310     generator.emitExpressionInfo(divot() - startOffset() + m_ident.length(), m_ident.length(), 0);
1311     NonlocalResolveInfo resolveVerifier;
1312     RefPtr<RegisterID> base = generator.emitResolveWithBaseForPut(generator.newTemporary(), src1.get(), resolveResult, m_ident, resolveVerifier);
1313     RegisterID* result = emitReadModifyAssignment(generator, generator.finalDestination(dst, src1.get()), src1.get(), m_right, m_operator, OperandTypes(ResultType::unknownType(), m_right->resultDescriptor()), this);
1314     return generator.emitPutToBase(base.get(), m_ident, result, resolveVerifier);
1315 }
1316
1317 // ------------------------------ AssignResolveNode -----------------------------------
1318
1319 RegisterID* AssignResolveNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1320 {
1321     ResolveResult resolveResult = generator.resolve(m_ident);
1322
1323     if (RegisterID* local = resolveResult.local()) {
1324         if (resolveResult.isReadOnly()) {
1325             generator.emitReadOnlyExceptionIfNeeded();
1326             return generator.emitNode(dst, m_right);
1327         }
1328         RegisterID* result = generator.emitNode(local, m_right);
1329         return generator.moveToDestinationIfNeeded(dst, result);
1330     }
1331
1332     if (resolveResult.isStatic() && !resolveResult.isReadOnly()) {
1333         if (dst == generator.ignoredResult())
1334             dst = 0;
1335         RegisterID* value = generator.emitNode(dst, m_right);
1336         generator.emitPutStaticVar(resolveResult, m_ident, value);
1337         return value;
1338     }
1339
1340     NonlocalResolveInfo resolveVerifier;
1341     RefPtr<RegisterID> base = generator.emitResolveBaseForPut(generator.newTemporary(), resolveResult, m_ident, resolveVerifier);
1342     if (dst == generator.ignoredResult())
1343         dst = 0;
1344     RegisterID* value = generator.emitNode(dst, m_right);
1345     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1346     return generator.emitPutToBase(base.get(), m_ident, value, resolveVerifier);
1347 }
1348
1349 // ------------------------------ AssignDotNode -----------------------------------
1350
1351 RegisterID* AssignDotNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1352 {
1353     RefPtr<RegisterID> base = generator.emitNodeForLeftHandSide(m_base, m_rightHasAssignments, m_right->isPure(generator));
1354     RefPtr<RegisterID> value = generator.destinationForAssignResult(dst);
1355     RegisterID* result = generator.emitNode(value.get(), m_right);
1356     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1357     RegisterID* forwardResult = (dst == generator.ignoredResult()) ? result : generator.moveToDestinationIfNeeded(generator.tempDestination(result), result);
1358     generator.emitPutById(base.get(), m_ident, forwardResult);
1359     return generator.moveToDestinationIfNeeded(dst, forwardResult);
1360 }
1361
1362 // ------------------------------ ReadModifyDotNode -----------------------------------
1363
1364 RegisterID* ReadModifyDotNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1365 {
1366     RefPtr<RegisterID> base = generator.emitNodeForLeftHandSide(m_base, m_rightHasAssignments, m_right->isPure(generator));
1367
1368     generator.emitExpressionInfo(divot() - m_subexpressionDivotOffset, startOffset() - m_subexpressionDivotOffset, m_subexpressionEndOffset);
1369     RefPtr<RegisterID> value = generator.emitGetById(generator.tempDestination(dst), base.get(), m_ident);
1370     RegisterID* updatedValue = emitReadModifyAssignment(generator, generator.finalDestination(dst, value.get()), value.get(), m_right, m_operator, OperandTypes(ResultType::unknownType(), m_right->resultDescriptor()));
1371
1372     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1373     return generator.emitPutById(base.get(), m_ident, updatedValue);
1374 }
1375
1376 // ------------------------------ AssignErrorNode -----------------------------------
1377
1378 RegisterID* AssignErrorNode::emitBytecode(BytecodeGenerator& generator, RegisterID*)
1379 {
1380     return emitThrowReferenceError(generator, "Left side of assignment is not a reference.");
1381 }
1382
1383 // ------------------------------ AssignBracketNode -----------------------------------
1384
1385 RegisterID* AssignBracketNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1386 {
1387     RefPtr<RegisterID> base = generator.emitNodeForLeftHandSide(m_base, m_subscriptHasAssignments || m_rightHasAssignments, m_subscript->isPure(generator) && m_right->isPure(generator));
1388     RefPtr<RegisterID> property = generator.emitNodeForLeftHandSide(m_subscript, m_rightHasAssignments, m_right->isPure(generator));
1389     RefPtr<RegisterID> value = generator.destinationForAssignResult(dst);
1390     RegisterID* result = generator.emitNode(value.get(), m_right);
1391
1392     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1393     RegisterID* forwardResult = (dst == generator.ignoredResult()) ? result : generator.moveToDestinationIfNeeded(generator.tempDestination(result), result);
1394     generator.emitPutByVal(base.get(), property.get(), forwardResult);
1395     return generator.moveToDestinationIfNeeded(dst, forwardResult);
1396 }
1397
1398 // ------------------------------ ReadModifyBracketNode -----------------------------------
1399
1400 RegisterID* ReadModifyBracketNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1401 {
1402     RefPtr<RegisterID> base = generator.emitNodeForLeftHandSide(m_base, m_subscriptHasAssignments || m_rightHasAssignments, m_subscript->isPure(generator) && m_right->isPure(generator));
1403     RefPtr<RegisterID> property = generator.emitNodeForLeftHandSide(m_subscript, m_rightHasAssignments, m_right->isPure(generator));
1404
1405     generator.emitExpressionInfo(divot() - m_subexpressionDivotOffset, startOffset() - m_subexpressionDivotOffset, m_subexpressionEndOffset);
1406     RefPtr<RegisterID> value = generator.emitGetByVal(generator.tempDestination(dst), base.get(), property.get());
1407     RegisterID* updatedValue = emitReadModifyAssignment(generator, generator.finalDestination(dst, value.get()), value.get(), m_right, m_operator, OperandTypes(ResultType::unknownType(), m_right->resultDescriptor()));
1408
1409     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1410     generator.emitPutByVal(base.get(), property.get(), updatedValue);
1411
1412     return updatedValue;
1413 }
1414
1415 // ------------------------------ CommaNode ------------------------------------
1416
1417 RegisterID* CommaNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1418 {
1419     ASSERT(m_expressions.size() > 1);
1420     for (size_t i = 0; i < m_expressions.size() - 1; i++)
1421         generator.emitNode(generator.ignoredResult(), m_expressions[i]);
1422     return generator.emitNode(dst, m_expressions.last());
1423 }
1424
1425 // ------------------------------ ConstDeclNode ------------------------------------
1426
1427 RegisterID* ConstDeclNode::emitCodeSingle(BytecodeGenerator& generator)
1428 {
1429     ResolveResult resolveResult = generator.resolveConstDecl(m_ident);
1430
1431     // FIXME: This code does not match the behavior of const in Firefox.
1432     if (RegisterID* local = resolveResult.local()) {
1433         if (!m_init)
1434             return local;
1435
1436         return generator.emitNode(local, m_init);
1437     }
1438
1439     RefPtr<RegisterID> value = m_init ? generator.emitNode(m_init) : generator.emitLoad(0, jsUndefined());
1440
1441     if (generator.codeType() == GlobalCode)
1442         return generator.emitInitGlobalConst(m_ident, value.get());
1443
1444     if (generator.codeType() != EvalCode)
1445         return value.get();
1446
1447     // FIXME: This will result in incorrect assignment if m_ident exists in an intervening with scope.
1448     RefPtr<RegisterID> base = generator.emitResolveBase(generator.newTemporary(), resolveResult, m_ident);
1449     return generator.emitPutById(base.get(), m_ident, value.get());
1450 }
1451
1452 RegisterID* ConstDeclNode::emitBytecode(BytecodeGenerator& generator, RegisterID*)
1453 {
1454     RegisterID* result = 0;
1455     for (ConstDeclNode* n = this; n; n = n->m_next)
1456         result = n->emitCodeSingle(generator);
1457
1458     return result;
1459 }
1460
1461 // ------------------------------ ConstStatementNode -----------------------------
1462
1463 RegisterID* ConstStatementNode::emitBytecode(BytecodeGenerator& generator, RegisterID*)
1464 {
1465     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
1466     return generator.emitNode(m_next);
1467 }
1468
1469 // ------------------------------ SourceElements -------------------------------
1470
1471
1472 inline StatementNode* SourceElements::lastStatement() const
1473 {
1474     size_t size = m_statements.size();
1475     return size ? m_statements[size - 1] : 0;
1476 }
1477
1478 inline void SourceElements::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1479 {
1480     size_t size = m_statements.size();
1481     for (size_t i = 0; i < size; ++i)
1482         generator.emitNode(dst, m_statements[i]);
1483 }
1484
1485 // ------------------------------ BlockNode ------------------------------------
1486
1487 inline StatementNode* BlockNode::lastStatement() const
1488 {
1489     return m_statements ? m_statements->lastStatement() : 0;
1490 }
1491
1492 inline StatementNode* BlockNode::singleStatement() const
1493 {
1494     return m_statements ? m_statements->singleStatement() : 0;
1495 }
1496
1497 RegisterID* BlockNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1498 {
1499     if (m_statements)
1500         m_statements->emitBytecode(generator, dst);
1501     return 0;
1502 }
1503
1504 // ------------------------------ EmptyStatementNode ---------------------------
1505
1506 RegisterID* EmptyStatementNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1507 {
1508     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
1509     return dst;
1510 }
1511
1512 // ------------------------------ DebuggerStatementNode ---------------------------
1513
1514 RegisterID* DebuggerStatementNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1515 {
1516     generator.emitDebugHook(DidReachBreakpoint, firstLine(), lastLine(), column());
1517     return dst;
1518 }
1519
1520 // ------------------------------ ExprStatementNode ----------------------------
1521
1522 RegisterID* ExprStatementNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1523 {
1524     ASSERT(m_expr);
1525     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
1526     return generator.emitNode(dst, m_expr);
1527 }
1528
1529 // ------------------------------ VarStatementNode ----------------------------
1530
1531 RegisterID* VarStatementNode::emitBytecode(BytecodeGenerator& generator, RegisterID*)
1532 {
1533     ASSERT(m_expr);
1534     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
1535     return generator.emitNode(m_expr);
1536 }
1537
1538 // ------------------------------ IfNode ---------------------------------------
1539
1540 RegisterID* IfNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1541 {
1542     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
1543     
1544     RefPtr<Label> afterThen = generator.newLabel();
1545
1546     if (m_condition->hasConditionContextCodegen()) {
1547         RefPtr<Label> beforeThen = generator.newLabel();
1548         generator.emitNodeInConditionContext(m_condition, beforeThen.get(), afterThen.get(), true);
1549         generator.emitLabel(beforeThen.get());
1550     } else {
1551         RegisterID* cond = generator.emitNode(m_condition);
1552         generator.emitJumpIfFalse(cond, afterThen.get());
1553     }
1554
1555     generator.emitNode(dst, m_ifBlock);
1556     generator.emitLabel(afterThen.get());
1557
1558     // FIXME: This should return the last statement executed so that it can be returned as a Completion.
1559     return 0;
1560 }
1561
1562 // ------------------------------ IfElseNode ---------------------------------------
1563
1564 RegisterID* IfElseNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1565 {
1566     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
1567     
1568     RefPtr<Label> beforeElse = generator.newLabel();
1569     RefPtr<Label> afterElse = generator.newLabel();
1570
1571     if (m_condition->hasConditionContextCodegen()) {
1572         RefPtr<Label> beforeThen = generator.newLabel();
1573         generator.emitNodeInConditionContext(m_condition, beforeThen.get(), beforeElse.get(), true);
1574         generator.emitLabel(beforeThen.get());
1575     } else {
1576         RegisterID* cond = generator.emitNode(m_condition);
1577         generator.emitJumpIfFalse(cond, beforeElse.get());
1578     }
1579
1580     generator.emitNode(dst, m_ifBlock);
1581     generator.emitJump(afterElse.get());
1582
1583     generator.emitLabel(beforeElse.get());
1584
1585     generator.emitNode(dst, m_elseBlock);
1586
1587     generator.emitLabel(afterElse.get());
1588
1589     // FIXME: This should return the last statement executed so that it can be returned as a Completion.
1590     return 0;
1591 }
1592
1593 // ------------------------------ DoWhileNode ----------------------------------
1594
1595 RegisterID* DoWhileNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1596 {
1597     LabelScopePtr scope = generator.newLabelScope(LabelScope::Loop);
1598
1599     RefPtr<Label> topOfLoop = generator.newLabel();
1600     generator.emitLabel(topOfLoop.get());
1601     generator.emitLoopHint();
1602     generator.emitDebugHook(WillExecuteStatement, lastLine(), lastLine(), column());
1603
1604     RefPtr<RegisterID> result = generator.emitNode(dst, m_statement);
1605
1606     generator.emitLabel(scope->continueTarget());
1607     generator.emitDebugHook(WillExecuteStatement, lastLine(), lastLine(), column());
1608     if (m_expr->hasConditionContextCodegen())
1609         generator.emitNodeInConditionContext(m_expr, topOfLoop.get(), scope->breakTarget(), false);
1610     else {
1611         RegisterID* cond = generator.emitNode(m_expr);
1612         generator.emitJumpIfTrue(cond, topOfLoop.get());
1613     }
1614
1615     generator.emitLabel(scope->breakTarget());
1616     return result.get();
1617 }
1618
1619 // ------------------------------ WhileNode ------------------------------------
1620
1621 RegisterID* WhileNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1622 {
1623     LabelScopePtr scope = generator.newLabelScope(LabelScope::Loop);
1624     RefPtr<Label> topOfLoop = generator.newLabel();
1625
1626     generator.emitDebugHook(WillExecuteStatement, m_expr->lineNo(), m_expr->lineNo(), m_expr->columnNo());
1627     if (m_expr->hasConditionContextCodegen())
1628         generator.emitNodeInConditionContext(m_expr, topOfLoop.get(), scope->breakTarget(), true);
1629     else {
1630         RegisterID* cond = generator.emitNode(m_expr);
1631         generator.emitJumpIfFalse(cond, scope->breakTarget());
1632     }
1633
1634     generator.emitLabel(topOfLoop.get());
1635     generator.emitLoopHint();
1636     
1637     generator.emitNode(dst, m_statement);
1638
1639     generator.emitLabel(scope->continueTarget());
1640     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
1641
1642     if (m_expr->hasConditionContextCodegen())
1643         generator.emitNodeInConditionContext(m_expr, topOfLoop.get(), scope->breakTarget(), false);
1644     else {
1645         RegisterID* cond = generator.emitNode(m_expr);
1646         generator.emitJumpIfTrue(cond, topOfLoop.get());
1647     }
1648
1649     generator.emitLabel(scope->breakTarget());
1650     
1651     // FIXME: This should return the last statement executed so that it can be returned as a Completion
1652     return 0;
1653 }
1654
1655 // ------------------------------ ForNode --------------------------------------
1656
1657 RegisterID* ForNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1658 {
1659     LabelScopePtr scope = generator.newLabelScope(LabelScope::Loop);
1660
1661     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
1662
1663     if (m_expr1)
1664         generator.emitNode(generator.ignoredResult(), m_expr1);
1665     
1666     RefPtr<Label> topOfLoop = generator.newLabel();
1667     if (m_expr2) {
1668         if (m_expr2->hasConditionContextCodegen())
1669             generator.emitNodeInConditionContext(m_expr2, topOfLoop.get(), scope->breakTarget(), true);
1670         else {
1671             RegisterID* cond = generator.emitNode(m_expr2);
1672             generator.emitJumpIfFalse(cond, scope->breakTarget());
1673         }
1674     }
1675
1676     generator.emitLabel(topOfLoop.get());
1677     generator.emitLoopHint();
1678
1679     RefPtr<RegisterID> result = generator.emitNode(dst, m_statement);
1680
1681     generator.emitLabel(scope->continueTarget());
1682     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
1683     if (m_expr3)
1684         generator.emitNode(generator.ignoredResult(), m_expr3);
1685
1686     if (m_expr2) {
1687         if (m_expr2->hasConditionContextCodegen())
1688             generator.emitNodeInConditionContext(m_expr2, topOfLoop.get(), scope->breakTarget(), false);
1689         else {
1690             RegisterID* cond = generator.emitNode(m_expr2);
1691             generator.emitJumpIfTrue(cond, topOfLoop.get());
1692         }
1693     } else
1694         generator.emitJump(topOfLoop.get());
1695
1696     generator.emitLabel(scope->breakTarget());
1697     return result.get();
1698 }
1699
1700 // ------------------------------ ForInNode ------------------------------------
1701
1702 RegisterID* ForInNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1703 {
1704     LabelScopePtr scope = generator.newLabelScope(LabelScope::Loop);
1705
1706     if (!m_lexpr->isLocation())
1707         return emitThrowReferenceError(generator, "Left side of for-in statement is not a reference.");
1708
1709     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
1710
1711     if (m_init)
1712         generator.emitNode(generator.ignoredResult(), m_init);
1713
1714     RefPtr<RegisterID> base = generator.newTemporary();
1715     generator.emitNode(base.get(), m_expr);
1716     RefPtr<RegisterID> i = generator.newTemporary();
1717     RefPtr<RegisterID> size = generator.newTemporary();
1718     RefPtr<RegisterID> expectedSubscript;
1719     RefPtr<RegisterID> iter = generator.emitGetPropertyNames(generator.newTemporary(), base.get(), i.get(), size.get(), scope->breakTarget());
1720     generator.emitJump(scope->continueTarget());
1721
1722     RefPtr<Label> loopStart = generator.newLabel();
1723     generator.emitLabel(loopStart.get());
1724     generator.emitLoopHint();
1725
1726     RegisterID* propertyName;
1727     bool optimizedForinAccess = false;
1728     if (m_lexpr->isResolveNode()) {
1729         const Identifier& ident = static_cast<ResolveNode*>(m_lexpr)->identifier();
1730         ResolveResult resolveResult = generator.resolve(ident);
1731         propertyName = resolveResult.local();
1732         if (!propertyName) {
1733             propertyName = generator.newTemporary();
1734             RefPtr<RegisterID> protect = propertyName;
1735             NonlocalResolveInfo resolveVerifier;
1736             RegisterID* base = generator.emitResolveBaseForPut(generator.newTemporary(), resolveResult, ident, resolveVerifier);
1737
1738             generator.emitExpressionInfo(divot(), startOffset(), endOffset());
1739             generator.emitPutToBase(base, ident, propertyName, resolveVerifier);
1740         } else {
1741             expectedSubscript = generator.emitMove(generator.newTemporary(), propertyName);
1742             generator.pushOptimisedForIn(expectedSubscript.get(), iter.get(), i.get(), propertyName);
1743             optimizedForinAccess = true;
1744         }
1745     } else if (m_lexpr->isDotAccessorNode()) {
1746         DotAccessorNode* assignNode = static_cast<DotAccessorNode*>(m_lexpr);
1747         const Identifier& ident = assignNode->identifier();
1748         propertyName = generator.newTemporary();
1749         RefPtr<RegisterID> protect = propertyName;
1750         RegisterID* base = generator.emitNode(assignNode->base());
1751
1752         generator.emitExpressionInfo(assignNode->divot(), assignNode->startOffset(), assignNode->endOffset());
1753         generator.emitPutById(base, ident, propertyName);
1754     } else {
1755         ASSERT(m_lexpr->isBracketAccessorNode());
1756         BracketAccessorNode* assignNode = static_cast<BracketAccessorNode*>(m_lexpr);
1757         propertyName = generator.newTemporary();
1758         RefPtr<RegisterID> protect = propertyName;
1759         RefPtr<RegisterID> base = generator.emitNode(assignNode->base());
1760         RegisterID* subscript = generator.emitNode(assignNode->subscript());
1761         
1762         generator.emitExpressionInfo(assignNode->divot(), assignNode->startOffset(), assignNode->endOffset());
1763         generator.emitPutByVal(base.get(), subscript, propertyName);
1764     }   
1765
1766     generator.emitNode(dst, m_statement);
1767
1768     if (optimizedForinAccess)
1769         generator.popOptimisedForIn();
1770
1771     generator.emitLabel(scope->continueTarget());
1772     generator.emitNextPropertyName(propertyName, base.get(), i.get(), size.get(), iter.get(), loopStart.get());
1773     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
1774     generator.emitLabel(scope->breakTarget());
1775     return dst;
1776 }
1777
1778 // ------------------------------ ContinueNode ---------------------------------
1779
1780 // ECMA 12.7
1781 RegisterID* ContinueNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1782 {
1783     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
1784     
1785     LabelScope* scope = generator.continueTarget(m_ident);
1786     ASSERT(scope);
1787
1788     generator.emitJumpScopes(scope->continueTarget(), scope->scopeDepth());
1789     return dst;
1790 }
1791
1792 // ------------------------------ BreakNode ------------------------------------
1793
1794 // ECMA 12.8
1795 RegisterID* BreakNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1796 {
1797     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
1798     
1799     LabelScope* scope = generator.breakTarget(m_ident);
1800     ASSERT(scope);
1801
1802     generator.emitJumpScopes(scope->breakTarget(), scope->scopeDepth());
1803     return dst;
1804 }
1805
1806 // ------------------------------ ReturnNode -----------------------------------
1807
1808 RegisterID* ReturnNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1809 {
1810     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
1811     ASSERT(generator.codeType() == FunctionCode);
1812
1813     if (dst == generator.ignoredResult())
1814         dst = 0;
1815     RegisterID* r0 = m_value ? generator.emitNode(dst, m_value) : generator.emitLoad(dst, jsUndefined());
1816     RefPtr<RegisterID> returnRegister;
1817     if (generator.scopeDepth()) {
1818         RefPtr<Label> l0 = generator.newLabel();
1819         if (generator.hasFinaliser()) {
1820             returnRegister = generator.emitMove(generator.newTemporary(), r0);
1821             r0 = returnRegister.get();
1822         }
1823         generator.emitJumpScopes(l0.get(), 0);
1824         generator.emitLabel(l0.get());
1825     }
1826     generator.emitDebugHook(WillLeaveCallFrame, firstLine(), lastLine(), column());
1827     return generator.emitReturn(r0);
1828 }
1829
1830 // ------------------------------ WithNode -------------------------------------
1831
1832 RegisterID* WithNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1833 {
1834     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
1835
1836     RefPtr<RegisterID> scope = generator.emitNode(m_expr);
1837     generator.emitExpressionInfo(m_divot, m_expressionLength, 0);
1838     generator.emitPushWithScope(scope.get());
1839     RegisterID* result = generator.emitNode(dst, m_statement);
1840     generator.emitPopScope();
1841     return result;
1842 }
1843
1844 // ------------------------------ CaseClauseNode --------------------------------
1845
1846 inline void CaseClauseNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
1847 {
1848     if (m_statements)
1849         m_statements->emitBytecode(generator, dst);
1850 }
1851
1852 // ------------------------------ CaseBlockNode --------------------------------
1853
1854 enum SwitchKind { 
1855     SwitchUnset = 0,
1856     SwitchNumber = 1, 
1857     SwitchString = 2, 
1858     SwitchNeither = 3 
1859 };
1860
1861 static void processClauseList(ClauseListNode* list, Vector<ExpressionNode*, 8>& literalVector, SwitchKind& typeForTable, bool& singleCharacterSwitch, int32_t& min_num, int32_t& max_num)
1862 {
1863     for (; list; list = list->getNext()) {
1864         ExpressionNode* clauseExpression = list->getClause()->expr();
1865         literalVector.append(clauseExpression);
1866         if (clauseExpression->isNumber()) {
1867             double value = static_cast<NumberNode*>(clauseExpression)->value();
1868             int32_t intVal = static_cast<int32_t>(value);
1869             if ((typeForTable & ~SwitchNumber) || (intVal != value)) {
1870                 typeForTable = SwitchNeither;
1871                 break;
1872             }
1873             if (intVal < min_num)
1874                 min_num = intVal;
1875             if (intVal > max_num)
1876                 max_num = intVal;
1877             typeForTable = SwitchNumber;
1878             continue;
1879         }
1880         if (clauseExpression->isString()) {
1881             if (typeForTable & ~SwitchString) {
1882                 typeForTable = SwitchNeither;
1883                 break;
1884             }
1885             const String& value = static_cast<StringNode*>(clauseExpression)->value().string();
1886             if (singleCharacterSwitch &= value.length() == 1) {
1887                 int32_t intVal = value[0];
1888                 if (intVal < min_num)
1889                     min_num = intVal;
1890                 if (intVal > max_num)
1891                     max_num = intVal;
1892             }
1893             typeForTable = SwitchString;
1894             continue;
1895         }
1896         typeForTable = SwitchNeither;
1897         break;        
1898     }
1899 }
1900
1901 static inline size_t length(ClauseListNode* list1, ClauseListNode* list2)
1902 {
1903     size_t length = 0;
1904     for (ClauseListNode* node = list1; node; node = node->getNext())
1905         ++length;
1906     for (ClauseListNode* node = list2; node; node = node->getNext())
1907         ++length;
1908     return length;
1909 }
1910
1911 SwitchInfo::SwitchType CaseBlockNode::tryTableSwitch(Vector<ExpressionNode*, 8>& literalVector, int32_t& min_num, int32_t& max_num)
1912 {
1913     if (length(m_list1, m_list2) < s_tableSwitchMinimum)
1914         return SwitchInfo::SwitchNone;
1915
1916     SwitchKind typeForTable = SwitchUnset;
1917     bool singleCharacterSwitch = true;
1918     
1919     processClauseList(m_list1, literalVector, typeForTable, singleCharacterSwitch, min_num, max_num);
1920     processClauseList(m_list2, literalVector, typeForTable, singleCharacterSwitch, min_num, max_num);
1921     
1922     if (typeForTable == SwitchUnset || typeForTable == SwitchNeither)
1923         return SwitchInfo::SwitchNone;
1924     
1925     if (typeForTable == SwitchNumber) {
1926         int32_t range = max_num - min_num;
1927         if (min_num <= max_num && range <= 1000 && (range / literalVector.size()) < 10)
1928             return SwitchInfo::SwitchImmediate;
1929         return SwitchInfo::SwitchNone;
1930     } 
1931     
1932     ASSERT(typeForTable == SwitchString);
1933     
1934     if (singleCharacterSwitch) {
1935         int32_t range = max_num - min_num;
1936         if (min_num <= max_num && range <= 1000 && (range / literalVector.size()) < 10)
1937             return SwitchInfo::SwitchCharacter;
1938     }
1939
1940     return SwitchInfo::SwitchString;
1941 }
1942
1943 RegisterID* CaseBlockNode::emitBytecodeForBlock(BytecodeGenerator& generator, RegisterID* switchExpression, RegisterID* dst)
1944 {
1945     RefPtr<Label> defaultLabel;
1946     Vector<RefPtr<Label>, 8> labelVector;
1947     Vector<ExpressionNode*, 8> literalVector;
1948     int32_t min_num = std::numeric_limits<int32_t>::max();
1949     int32_t max_num = std::numeric_limits<int32_t>::min();
1950     SwitchInfo::SwitchType switchType = tryTableSwitch(literalVector, min_num, max_num);
1951
1952     if (switchType != SwitchInfo::SwitchNone) {
1953         // Prepare the various labels
1954         for (uint32_t i = 0; i < literalVector.size(); i++)
1955             labelVector.append(generator.newLabel());
1956         defaultLabel = generator.newLabel();
1957         generator.beginSwitch(switchExpression, switchType);
1958     } else {
1959         // Setup jumps
1960         for (ClauseListNode* list = m_list1; list; list = list->getNext()) {
1961             RefPtr<RegisterID> clauseVal = generator.newTemporary();
1962             generator.emitNode(clauseVal.get(), list->getClause()->expr());
1963             generator.emitBinaryOp(op_stricteq, clauseVal.get(), clauseVal.get(), switchExpression, OperandTypes());
1964             labelVector.append(generator.newLabel());
1965             generator.emitJumpIfTrue(clauseVal.get(), labelVector[labelVector.size() - 1].get());
1966         }
1967         
1968         for (ClauseListNode* list = m_list2; list; list = list->getNext()) {
1969             RefPtr<RegisterID> clauseVal = generator.newTemporary();
1970             generator.emitNode(clauseVal.get(), list->getClause()->expr());
1971             generator.emitBinaryOp(op_stricteq, clauseVal.get(), clauseVal.get(), switchExpression, OperandTypes());
1972             labelVector.append(generator.newLabel());
1973             generator.emitJumpIfTrue(clauseVal.get(), labelVector[labelVector.size() - 1].get());
1974         }
1975         defaultLabel = generator.newLabel();
1976         generator.emitJump(defaultLabel.get());
1977     }
1978
1979     RegisterID* result = 0;
1980
1981     size_t i = 0;
1982     for (ClauseListNode* list = m_list1; list; list = list->getNext()) {
1983         generator.emitLabel(labelVector[i++].get());
1984         list->getClause()->emitBytecode(generator, dst);
1985     }
1986
1987     if (m_defaultClause) {
1988         generator.emitLabel(defaultLabel.get());
1989         m_defaultClause->emitBytecode(generator, dst);
1990     }
1991
1992     for (ClauseListNode* list = m_list2; list; list = list->getNext()) {
1993         generator.emitLabel(labelVector[i++].get());
1994         list->getClause()->emitBytecode(generator, dst);
1995     }
1996     if (!m_defaultClause)
1997         generator.emitLabel(defaultLabel.get());
1998
1999     ASSERT(i == labelVector.size());
2000     if (switchType != SwitchInfo::SwitchNone) {
2001         ASSERT(labelVector.size() == literalVector.size());
2002         generator.endSwitch(labelVector.size(), labelVector.data(), literalVector.data(), defaultLabel.get(), min_num, max_num);
2003     }
2004     return result;
2005 }
2006
2007 // ------------------------------ SwitchNode -----------------------------------
2008
2009 RegisterID* SwitchNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
2010 {
2011     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
2012     
2013     LabelScopePtr scope = generator.newLabelScope(LabelScope::Switch);
2014
2015     RefPtr<RegisterID> r0 = generator.emitNode(m_expr);
2016     RegisterID* r1 = m_block->emitBytecodeForBlock(generator, r0.get(), dst);
2017
2018     generator.emitLabel(scope->breakTarget());
2019     return r1;
2020 }
2021
2022 // ------------------------------ LabelNode ------------------------------------
2023
2024 RegisterID* LabelNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
2025 {
2026     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
2027
2028     ASSERT(!generator.breakTarget(m_name));
2029
2030     LabelScopePtr scope = generator.newLabelScope(LabelScope::NamedLabel, &m_name);
2031     RegisterID* r0 = generator.emitNode(dst, m_statement);
2032
2033     generator.emitLabel(scope->breakTarget());
2034     return r0;
2035 }
2036
2037 // ------------------------------ ThrowNode ------------------------------------
2038
2039 RegisterID* ThrowNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
2040 {
2041     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
2042
2043     if (dst == generator.ignoredResult())
2044         dst = 0;
2045     RefPtr<RegisterID> expr = generator.emitNode(m_expr);
2046     generator.emitExpressionInfo(divot(), startOffset(), endOffset());
2047     generator.emitThrow(expr.get());
2048     return 0;
2049 }
2050
2051 // ------------------------------ TryNode --------------------------------------
2052
2053 RegisterID* TryNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
2054 {
2055     // NOTE: The catch and finally blocks must be labeled explicitly, so the
2056     // optimizer knows they may be jumped to from anywhere.
2057
2058     generator.emitDebugHook(WillExecuteStatement, firstLine(), lastLine(), column());
2059
2060     ASSERT(m_catchBlock || m_finallyBlock);
2061
2062     RefPtr<Label> tryStartLabel = generator.newLabel();
2063     generator.emitLabel(tryStartLabel.get());
2064     
2065     if (m_finallyBlock)
2066         generator.pushFinallyContext(m_finallyBlock);
2067     TryData* tryData = generator.pushTry(tryStartLabel.get());
2068
2069     generator.emitNode(dst, m_tryBlock);
2070
2071     if (m_catchBlock) {
2072         RefPtr<Label> catchEndLabel = generator.newLabel();
2073         
2074         // Normal path: jump over the catch block.
2075         generator.emitJump(catchEndLabel.get());
2076
2077         // Uncaught exception path: the catch block.
2078         RefPtr<Label> here = generator.emitLabel(generator.newLabel().get());
2079         RefPtr<RegisterID> exceptionRegister = generator.popTryAndEmitCatch(tryData, generator.newTemporary(), here.get());
2080         
2081         if (m_finallyBlock) {
2082             // If the catch block throws an exception and we have a finally block, then the finally
2083             // block should "catch" that exception.
2084             tryData = generator.pushTry(here.get());
2085         }
2086         
2087         generator.emitPushNameScope(m_exceptionIdent, exceptionRegister.get(), DontDelete);
2088         generator.emitNode(dst, m_catchBlock);
2089         generator.emitPopScope();
2090         generator.emitLabel(catchEndLabel.get());
2091     }
2092
2093     if (m_finallyBlock) {
2094         RefPtr<Label> preFinallyLabel = generator.emitLabel(generator.newLabel().get());
2095         
2096         generator.popFinallyContext();
2097
2098         RefPtr<Label> finallyEndLabel = generator.newLabel();
2099
2100         // Normal path: run the finally code, and jump to the end.
2101         generator.emitNode(dst, m_finallyBlock);
2102         generator.emitJump(finallyEndLabel.get());
2103
2104         // Uncaught exception path: invoke the finally block, then re-throw the exception.
2105         RefPtr<RegisterID> tempExceptionRegister = generator.popTryAndEmitCatch(tryData, generator.newTemporary(), preFinallyLabel.get());
2106         generator.emitNode(dst, m_finallyBlock);
2107         generator.emitThrow(tempExceptionRegister.get());
2108
2109         generator.emitLabel(finallyEndLabel.get());
2110     }
2111
2112     return dst;
2113 }
2114
2115 // ------------------------------ ScopeNode -----------------------------
2116
2117 inline void ScopeNode::emitStatementsBytecode(BytecodeGenerator& generator, RegisterID* dst)
2118 {
2119     if (m_statements)
2120         m_statements->emitBytecode(generator, dst);
2121 }
2122
2123 // ------------------------------ ProgramNode -----------------------------
2124
2125 RegisterID* ProgramNode::emitBytecode(BytecodeGenerator& generator, RegisterID*)
2126 {
2127     generator.emitDebugHook(WillExecuteProgram, firstLine(), lastLine(), column());
2128
2129     RefPtr<RegisterID> dstRegister = generator.newTemporary();
2130     generator.emitLoad(dstRegister.get(), jsUndefined());
2131     emitStatementsBytecode(generator, dstRegister.get());
2132
2133     generator.emitDebugHook(DidExecuteProgram, firstLine(), lastLine(), column());
2134     generator.emitEnd(dstRegister.get());
2135     return 0;
2136 }
2137
2138 // ------------------------------ EvalNode -----------------------------
2139
2140 RegisterID* EvalNode::emitBytecode(BytecodeGenerator& generator, RegisterID*)
2141 {
2142     generator.emitDebugHook(WillExecuteProgram, firstLine(), lastLine(), column());
2143
2144     RefPtr<RegisterID> dstRegister = generator.newTemporary();
2145     generator.emitLoad(dstRegister.get(), jsUndefined());
2146     emitStatementsBytecode(generator, dstRegister.get());
2147
2148     generator.emitDebugHook(DidExecuteProgram, firstLine(), lastLine(), column());
2149     generator.emitEnd(dstRegister.get());
2150     return 0;
2151 }
2152
2153 // ------------------------------ FunctionBodyNode -----------------------------
2154
2155 RegisterID* FunctionBodyNode::emitBytecode(BytecodeGenerator& generator, RegisterID*)
2156 {
2157     generator.emitDebugHook(DidEnterCallFrame, firstLine(), lastLine(), column());
2158     emitStatementsBytecode(generator, generator.ignoredResult());
2159
2160     StatementNode* singleStatement = this->singleStatement();
2161     ReturnNode* returnNode = 0;
2162
2163     // Check for a return statement at the end of a function composed of a single block.
2164     if (singleStatement && singleStatement->isBlock()) {
2165         StatementNode* lastStatementInBlock = static_cast<BlockNode*>(singleStatement)->lastStatement();
2166         if (lastStatementInBlock && lastStatementInBlock->isReturnNode())
2167             returnNode = static_cast<ReturnNode*>(lastStatementInBlock);
2168     }
2169
2170     // If there is no return we must automatically insert one.
2171     if (!returnNode) {
2172         RegisterID* r0 = generator.isConstructor() ? generator.thisRegister() : generator.emitLoad(0, jsUndefined());
2173         generator.emitDebugHook(WillLeaveCallFrame, firstLine(), lastLine(), column());
2174         generator.emitReturn(r0);
2175         return 0;
2176     }
2177
2178     // If there is a return statment, and it is the only statement in the function, check if this is a numeric compare.
2179     if (static_cast<BlockNode*>(singleStatement)->singleStatement()) {
2180         ExpressionNode* returnValueExpression = returnNode->value();
2181         if (returnValueExpression && returnValueExpression->isSubtract()) {
2182             ExpressionNode* lhsExpression = static_cast<SubNode*>(returnValueExpression)->lhs();
2183             ExpressionNode* rhsExpression = static_cast<SubNode*>(returnValueExpression)->rhs();
2184             if (lhsExpression->isResolveNode()
2185                 && rhsExpression->isResolveNode()
2186                 && generator.isArgumentNumber(static_cast<ResolveNode*>(lhsExpression)->identifier(), 0)
2187                 && generator.isArgumentNumber(static_cast<ResolveNode*>(rhsExpression)->identifier(), 1)) {
2188                 
2189                 generator.setIsNumericCompareFunction(true);
2190             }
2191         }
2192     }
2193
2194     return 0;
2195 }
2196
2197 // ------------------------------ FuncDeclNode ---------------------------------
2198
2199 RegisterID* FuncDeclNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
2200 {
2201     if (dst == generator.ignoredResult())
2202         dst = 0;
2203     return dst;
2204 }
2205
2206 // ------------------------------ FuncExprNode ---------------------------------
2207
2208 RegisterID* FuncExprNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
2209 {
2210     return generator.emitNewFunctionExpression(generator.finalDestination(dst), this);
2211 }
2212
2213 } // namespace JSC