michael@0: /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*-
michael@0:  * vim: set ts=8 sts=4 et sw=4 tw=99:
michael@0:  * This Source Code Form is subject to the terms of the Mozilla Public
michael@0:  * License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0:  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0: 
michael@0: /* JS script descriptor. */
michael@0: 
michael@0: #ifndef jsscript_h
michael@0: #define jsscript_h
michael@0: 
michael@0: #include "mozilla/MemoryReporting.h"
michael@0: #include "mozilla/PodOperations.h"
michael@0: 
michael@0: #include "jsatom.h"
michael@0: #ifdef JS_THREADSAFE
michael@0: #include "jslock.h"
michael@0: #endif
michael@0: #include "jsobj.h"
michael@0: #include "jsopcode.h"
michael@0: #include "jstypes.h"
michael@0: 
michael@0: #include "gc/Barrier.h"
michael@0: #include "gc/Rooting.h"
michael@0: #include "jit/IonCode.h"
michael@0: #include "vm/Shape.h"
michael@0: 
michael@0: namespace JS {
michael@0: struct ScriptSourceInfo;
michael@0: }
michael@0: 
michael@0: namespace js {
michael@0: 
michael@0: namespace jit {
michael@0:     struct BaselineScript;
michael@0:     struct IonScriptCounts;
michael@0: }
michael@0: 
michael@0: # define ION_DISABLED_SCRIPT ((js::jit::IonScript *)0x1)
michael@0: # define ION_COMPILING_SCRIPT ((js::jit::IonScript *)0x2)
michael@0: 
michael@0: # define BASELINE_DISABLED_SCRIPT ((js::jit::BaselineScript *)0x1)
michael@0: 
michael@0: class BreakpointSite;
michael@0: class BindingIter;
michael@0: class LazyScript;
michael@0: class RegExpObject;
michael@0: struct SourceCompressionTask;
michael@0: class Shape;
michael@0: class WatchpointMap;
michael@0: class NestedScopeObject;
michael@0: 
michael@0: namespace frontend {
michael@0:     class BytecodeEmitter;
michael@0: }
michael@0: 
michael@0: }
michael@0: 
michael@0: /*
michael@0:  * Type of try note associated with each catch or finally block, and also with
michael@0:  * for-in and other kinds of loops. Non-for-in loops do not need these notes
michael@0:  * for exception unwinding, but storing their boundaries here is helpful for
michael@0:  * heuristics that need to know whether a given op is inside a loop.
michael@0:  */
michael@0: typedef enum JSTryNoteKind {
michael@0:     JSTRY_CATCH,
michael@0:     JSTRY_FINALLY,
michael@0:     JSTRY_ITER,
michael@0:     JSTRY_LOOP
michael@0: } JSTryNoteKind;
michael@0: 
michael@0: /*
michael@0:  * Exception handling record.
michael@0:  */
michael@0: struct JSTryNote {
michael@0:     uint8_t         kind;       /* one of JSTryNoteKind */
michael@0:     uint32_t        stackDepth; /* stack depth upon exception handler entry */
michael@0:     uint32_t        start;      /* start of the try statement or loop
michael@0:                                    relative to script->main */
michael@0:     uint32_t        length;     /* length of the try statement or loop */
michael@0: };
michael@0: 
michael@0: namespace js {
michael@0: 
michael@0: // A block scope has a range in bytecode: it is entered at some offset, and left
michael@0: // at some later offset.  Scopes can be nested.  Given an offset, the
michael@0: // BlockScopeNote containing that offset whose with the highest start value
michael@0: // indicates the block scope.  The block scope list is sorted by increasing
michael@0: // start value.
michael@0: //
michael@0: // It is possible to leave a scope nonlocally, for example via a "break"
michael@0: // statement, so there may be short bytecode ranges in a block scope in which we
michael@0: // are popping the block chain in preparation for a goto.  These exits are also
michael@0: // nested with respect to outer scopes.  The scopes in these exits are indicated
michael@0: // by the "index" field, just like any other block.  If a nonlocal exit pops the
michael@0: // last block scope, the index will be NoBlockScopeIndex.
michael@0: //
michael@0: struct BlockScopeNote {
michael@0:     static const uint32_t NoBlockScopeIndex = UINT32_MAX;
michael@0: 
michael@0:     uint32_t        index;      // Index of NestedScopeObject in the object
michael@0:                                 // array, or NoBlockScopeIndex if there is no
michael@0:                                 // block scope in this range.
michael@0:     uint32_t        start;      // Bytecode offset at which this scope starts,
michael@0:                                 // from script->main().
michael@0:     uint32_t        length;     // Bytecode length of scope.
michael@0:     uint32_t        parent;     // Index of parent block scope in notes, or UINT32_MAX.
michael@0: };
michael@0: 
michael@0: struct ConstArray {
michael@0:     js::HeapValue   *vector;    /* array of indexed constant values */
michael@0:     uint32_t        length;
michael@0: };
michael@0: 
michael@0: struct ObjectArray {
michael@0:     js::HeapPtrObject *vector;  // Array of indexed objects.
michael@0:     uint32_t        length;     // Count of indexed objects.
michael@0: };
michael@0: 
michael@0: struct TryNoteArray {
michael@0:     JSTryNote       *vector;    // Array of indexed try notes.
michael@0:     uint32_t        length;     // Count of indexed try notes.
michael@0: };
michael@0: 
michael@0: struct BlockScopeArray {
michael@0:     BlockScopeNote *vector;     // Array of indexed BlockScopeNote records.
michael@0:     uint32_t        length;     // Count of indexed try notes.
michael@0: };
michael@0: 
michael@0: class Binding
michael@0: {
michael@0:     // One JSScript stores one Binding per formal/variable so we use a
michael@0:     // packed-word representation.
michael@0:     uintptr_t bits_;
michael@0: 
michael@0:     static const uintptr_t KIND_MASK = 0x3;
michael@0:     static const uintptr_t ALIASED_BIT = 0x4;
michael@0:     static const uintptr_t NAME_MASK = ~(KIND_MASK | ALIASED_BIT);
michael@0: 
michael@0:   public:
michael@0:     // A "binding" is a formal, 'var', or 'const' declaration. A function's
michael@0:     // lexical scope is composed of these three kinds of bindings.
michael@0:     enum Kind { ARGUMENT, VARIABLE, CONSTANT };
michael@0: 
michael@0:     explicit Binding() : bits_(0) {}
michael@0: 
michael@0:     Binding(PropertyName *name, Kind kind, bool aliased) {
michael@0:         JS_STATIC_ASSERT(CONSTANT <= KIND_MASK);
michael@0:         JS_ASSERT((uintptr_t(name) & ~NAME_MASK) == 0);
michael@0:         JS_ASSERT((uintptr_t(kind) & ~KIND_MASK) == 0);
michael@0:         bits_ = uintptr_t(name) | uintptr_t(kind) | (aliased ? ALIASED_BIT : 0);
michael@0:     }
michael@0: 
michael@0:     PropertyName *name() const {
michael@0:         return (PropertyName *)(bits_ & NAME_MASK);
michael@0:     }
michael@0: 
michael@0:     Kind kind() const {
michael@0:         return Kind(bits_ & KIND_MASK);
michael@0:     }
michael@0: 
michael@0:     bool aliased() const {
michael@0:         return bool(bits_ & ALIASED_BIT);
michael@0:     }
michael@0: };
michael@0: 
michael@0: JS_STATIC_ASSERT(sizeof(Binding) == sizeof(uintptr_t));
michael@0: 
michael@0: class Bindings;
michael@0: typedef InternalHandle<Bindings *> InternalBindingsHandle;
michael@0: 
michael@0: /*
michael@0:  * Formal parameters and local variables are stored in a shape tree
michael@0:  * path encapsulated within this class.  This class represents bindings for
michael@0:  * both function and top-level scripts (the latter is needed to track names in
michael@0:  * strict mode eval code, to give such code its own lexical environment).
michael@0:  */
michael@0: class Bindings
michael@0: {
michael@0:     friend class BindingIter;
michael@0:     friend class AliasedFormalIter;
michael@0: 
michael@0:     HeapPtr<Shape> callObjShape_;
michael@0:     uintptr_t bindingArrayAndFlag_;
michael@0:     uint16_t numArgs_;
michael@0:     uint16_t numBlockScoped_;
michael@0:     uint32_t numVars_;
michael@0: 
michael@0:     /*
michael@0:      * During parsing, bindings are allocated out of a temporary LifoAlloc.
michael@0:      * After parsing, a JSScript object is created and the bindings are
michael@0:      * permanently transferred to it. On error paths, the JSScript object may
michael@0:      * end up with bindings that still point to the (new released) LifoAlloc
michael@0:      * memory. To avoid tracing these bindings during GC, we keep track of
michael@0:      * whether the bindings are temporary or permanent in the low bit of
michael@0:      * bindingArrayAndFlag_.
michael@0:      */
michael@0:     static const uintptr_t TEMPORARY_STORAGE_BIT = 0x1;
michael@0:     bool bindingArrayUsingTemporaryStorage() const {
michael@0:         return bindingArrayAndFlag_ & TEMPORARY_STORAGE_BIT;
michael@0:     }
michael@0: 
michael@0:   public:
michael@0: 
michael@0:     Binding *bindingArray() const {
michael@0:         return reinterpret_cast<Binding *>(bindingArrayAndFlag_ & ~TEMPORARY_STORAGE_BIT);
michael@0:     }
michael@0: 
michael@0:     inline Bindings();
michael@0: 
michael@0:     /*
michael@0:      * Initialize a Bindings with a pointer into temporary storage.
michael@0:      * bindingArray must have length numArgs+numVars. Before the temporary
michael@0:      * storage is release, switchToScriptStorage must be called, providing a
michael@0:      * pointer into the Binding array stored in script->data.
michael@0:      */
michael@0:     static bool initWithTemporaryStorage(ExclusiveContext *cx, InternalBindingsHandle self,
michael@0:                                          unsigned numArgs, uint32_t numVars,
michael@0:                                          Binding *bindingArray, unsigned numBlockScoped);
michael@0: 
michael@0:     // CompileScript parses and compiles one statement at a time, but the result
michael@0:     // is one Script object.  There will be no vars or bindings, because those
michael@0:     // go on the global, but there may be block-scoped locals, and the number of
michael@0:     // block-scoped locals may increase as we parse more expressions.  This
michael@0:     // helper updates the number of block scoped variables in a script as it is
michael@0:     // being parsed.
michael@0:     void updateNumBlockScoped(unsigned numBlockScoped) {
michael@0:         JS_ASSERT(!callObjShape_);
michael@0:         JS_ASSERT(numVars_ == 0);
michael@0:         JS_ASSERT(numBlockScoped < LOCALNO_LIMIT);
michael@0:         JS_ASSERT(numBlockScoped >= numBlockScoped_);
michael@0:         numBlockScoped_ = numBlockScoped;
michael@0:     }
michael@0: 
michael@0:     uint8_t *switchToScriptStorage(Binding *newStorage);
michael@0: 
michael@0:     /*
michael@0:      * Clone srcScript's bindings (as part of js::CloneScript). dstScriptData
michael@0:      * is the pointer to what will eventually be dstScript->data.
michael@0:      */
michael@0:     static bool clone(JSContext *cx, InternalBindingsHandle self, uint8_t *dstScriptData,
michael@0:                       HandleScript srcScript);
michael@0: 
michael@0:     unsigned numArgs() const { return numArgs_; }
michael@0:     uint32_t numVars() const { return numVars_; }
michael@0:     unsigned numBlockScoped() const { return numBlockScoped_; }
michael@0:     uint32_t numLocals() const { return numVars() + numBlockScoped(); }
michael@0: 
michael@0:     // Return the size of the bindingArray.
michael@0:     uint32_t count() const { return numArgs() + numVars(); }
michael@0: 
michael@0:     /* Return the initial shape of call objects created for this scope. */
michael@0:     Shape *callObjShape() const { return callObjShape_; }
michael@0: 
michael@0:     /* Convenience method to get the var index of 'arguments'. */
michael@0:     static uint32_t argumentsVarIndex(ExclusiveContext *cx, InternalBindingsHandle);
michael@0: 
michael@0:     /* Return whether the binding at bindingIndex is aliased. */
michael@0:     bool bindingIsAliased(uint32_t bindingIndex);
michael@0: 
michael@0:     /* Return whether this scope has any aliased bindings. */
michael@0:     bool hasAnyAliasedBindings() const {
michael@0:         if (!callObjShape_)
michael@0:             return false;
michael@0: 
michael@0:         return !callObjShape_->isEmptyShape();
michael@0:     }
michael@0: 
michael@0:     void trace(JSTracer *trc);
michael@0: };
michael@0: 
michael@0: template <>
michael@0: struct GCMethods<Bindings> {
michael@0:     static Bindings initial();
michael@0:     static ThingRootKind kind() { return THING_ROOT_BINDINGS; }
michael@0:     static bool poisoned(const Bindings &bindings) {
michael@0:         return IsPoisonedPtr(static_cast<Shape *>(bindings.callObjShape()));
michael@0:     }
michael@0: };
michael@0: 
michael@0: class ScriptCounts
michael@0: {
michael@0:     friend class ::JSScript;
michael@0:     friend struct ScriptAndCounts;
michael@0: 
michael@0:     /*
michael@0:      * This points to a single block that holds an array of PCCounts followed
michael@0:      * by an array of doubles.  Each element in the PCCounts array has a
michael@0:      * pointer into the array of doubles.
michael@0:      */
michael@0:     PCCounts *pcCountsVector;
michael@0: 
michael@0:     /* Information about any Ion compilations for the script. */
michael@0:     jit::IonScriptCounts *ionCounts;
michael@0: 
michael@0:  public:
michael@0:     ScriptCounts() : pcCountsVector(nullptr), ionCounts(nullptr) { }
michael@0: 
michael@0:     inline void destroy(FreeOp *fop);
michael@0: 
michael@0:     void set(js::ScriptCounts counts) {
michael@0:         pcCountsVector = counts.pcCountsVector;
michael@0:         ionCounts = counts.ionCounts;
michael@0:     }
michael@0: };
michael@0: 
michael@0: typedef HashMap<JSScript *,
michael@0:                 ScriptCounts,
michael@0:                 DefaultHasher<JSScript *>,
michael@0:                 SystemAllocPolicy> ScriptCountsMap;
michael@0: 
michael@0: class DebugScript
michael@0: {
michael@0:     friend class ::JSScript;
michael@0: 
michael@0:     /*
michael@0:      * When non-zero, compile script in single-step mode. The top bit is set and
michael@0:      * cleared by setStepMode, as used by JSD. The lower bits are a count,
michael@0:      * adjusted by changeStepModeCount, used by the Debugger object. Only
michael@0:      * when the bit is clear and the count is zero may we compile the script
michael@0:      * without single-step support.
michael@0:      */
michael@0:     uint32_t        stepMode;
michael@0: 
michael@0:     /* Number of breakpoint sites at opcodes in the script. */
michael@0:     uint32_t        numSites;
michael@0: 
michael@0:     /*
michael@0:      * Array with all breakpoints installed at opcodes in the script, indexed
michael@0:      * by the offset of the opcode into the script.
michael@0:      */
michael@0:     BreakpointSite  *breakpoints[1];
michael@0: };
michael@0: 
michael@0: typedef HashMap<JSScript *,
michael@0:                 DebugScript *,
michael@0:                 DefaultHasher<JSScript *>,
michael@0:                 SystemAllocPolicy> DebugScriptMap;
michael@0: 
michael@0: class ScriptSource;
michael@0: 
michael@0: class SourceDataCache
michael@0: {
michael@0:     typedef HashMap<ScriptSource *,
michael@0:                     const jschar *,
michael@0:                     DefaultHasher<ScriptSource *>,
michael@0:                     SystemAllocPolicy> Map;
michael@0: 
michael@0:   public:
michael@0:     // Hold an entry in the source data cache and prevent it from being purged on GC.
michael@0:     class AutoHoldEntry
michael@0:     {
michael@0:         SourceDataCache *cache_;
michael@0:         ScriptSource *source_;
michael@0:         const jschar *charsToFree_;
michael@0:       public:
michael@0:         explicit AutoHoldEntry();
michael@0:         ~AutoHoldEntry();
michael@0:       private:
michael@0:         void holdEntry(SourceDataCache *cache, ScriptSource *source);
michael@0:         void deferDelete(const jschar *chars);
michael@0:         ScriptSource *source() const { return source_; }
michael@0:         friend class SourceDataCache;
michael@0:     };
michael@0: 
michael@0:   private:
michael@0:     Map *map_;
michael@0:     AutoHoldEntry *holder_;
michael@0: 
michael@0:   public:
michael@0:     SourceDataCache() : map_(nullptr), holder_(nullptr) {}
michael@0: 
michael@0:     const jschar *lookup(ScriptSource *ss, AutoHoldEntry &asp);
michael@0:     bool put(ScriptSource *ss, const jschar *chars, AutoHoldEntry &asp);
michael@0: 
michael@0:     void purge();
michael@0: 
michael@0:     size_t sizeOfExcludingThis(mozilla::MallocSizeOf mallocSizeOf);
michael@0: 
michael@0:   private:
michael@0:     void holdEntry(AutoHoldEntry &holder, ScriptSource *ss);
michael@0:     void releaseEntry(AutoHoldEntry &holder);
michael@0: };
michael@0: 
michael@0: class ScriptSource
michael@0: {
michael@0:     friend class SourceCompressionTask;
michael@0: 
michael@0:     // A note on concurrency:
michael@0:     //
michael@0:     // The source may be compressed by a worker thread during parsing. (See
michael@0:     // SourceCompressionTask.) When compression is running in the background,
michael@0:     // ready() returns false. The compression thread touches the |data| union
michael@0:     // and |compressedLength_|. Therefore, it is not safe to read these members
michael@0:     // unless ready() is true. With that said, users of the public ScriptSource
michael@0:     // API should be fine.
michael@0: 
michael@0:     union {
michael@0:         // Before setSourceCopy or setSource are successfully called, this union
michael@0:         // has a nullptr pointer. When the script source is ready,
michael@0:         // compressedLength_ != 0 implies compressed holds the compressed data;
michael@0:         // otherwise, source holds the uncompressed source. There is a special
michael@0:         // pointer |emptySource| for source code for length 0.
michael@0:         //
michael@0:         // The only function allowed to malloc, realloc, or free the pointers in
michael@0:         // this union is adjustDataSize(). Don't do it elsewhere.
michael@0:         jschar *source;
michael@0:         unsigned char *compressed;
michael@0:     } data;
michael@0:     uint32_t refs;
michael@0:     uint32_t length_;
michael@0:     uint32_t compressedLength_;
michael@0:     char *filename_;
michael@0:     jschar *displayURL_;
michael@0:     jschar *sourceMapURL_;
michael@0:     JSPrincipals *originPrincipals_;
michael@0: 
michael@0:     // bytecode offset in caller script that generated this code.
michael@0:     // This is present for eval-ed code, as well as "new Function(...)"-introduced
michael@0:     // scripts.
michael@0:     uint32_t introductionOffset_;
michael@0: 
michael@0:     // If this ScriptSource was generated by a code-introduction mechanism such as |eval|
michael@0:     // or |new Function|, the debugger needs access to the "raw" filename of the top-level
michael@0:     // script that contains the eval-ing code.  To keep track of this, we must preserve
michael@0:     // the original outermost filename (of the original introducer script), so that instead
michael@0:     // of a filename of "foo.js line 30 > eval line 10 > Function", we can obtain the
michael@0:     // original raw filename of "foo.js".
michael@0:     char *introducerFilename_;
michael@0: 
michael@0:     // A string indicating how this source code was introduced into the system.
michael@0:     // This accessor returns one of the following values:
michael@0:     //      "eval" for code passed to |eval|.
michael@0:     //      "Function" for code passed to the |Function| constructor.
michael@0:     //      "Worker" for code loaded by calling the Web worker constructor&mdash;the worker's main script.
michael@0:     //      "importScripts" for code by calling |importScripts| in a web worker.
michael@0:     //      "handler" for code assigned to DOM elements' event handler IDL attributes.
michael@0:     //      "scriptElement" for code belonging to <script> elements.
michael@0:     //      undefined if the implementation doesn't know how the code was introduced.
michael@0:     // This is a constant, statically allocated C string, so does not need
michael@0:     // memory management.
michael@0:     const char *introductionType_;
michael@0: 
michael@0:     // True if we can call JSRuntime::sourceHook to load the source on
michael@0:     // demand. If sourceRetrievable_ and hasSourceData() are false, it is not
michael@0:     // possible to get source at all.
michael@0:     bool sourceRetrievable_:1;
michael@0:     bool argumentsNotIncluded_:1;
michael@0:     bool ready_:1;
michael@0:     bool hasIntroductionOffset_:1;
michael@0: 
michael@0:   public:
michael@0:     explicit ScriptSource()
michael@0:       : refs(0),
michael@0:         length_(0),
michael@0:         compressedLength_(0),
michael@0:         filename_(nullptr),
michael@0:         displayURL_(nullptr),
michael@0:         sourceMapURL_(nullptr),
michael@0:         originPrincipals_(nullptr),
michael@0:         introductionOffset_(0),
michael@0:         introducerFilename_(nullptr),
michael@0:         introductionType_(nullptr),
michael@0:         sourceRetrievable_(false),
michael@0:         argumentsNotIncluded_(false),
michael@0:         ready_(true),
michael@0:         hasIntroductionOffset_(false)
michael@0:     {
michael@0:         data.source = nullptr;
michael@0:     }
michael@0:     void incref() { refs++; }
michael@0:     void decref() {
michael@0:         JS_ASSERT(refs != 0);
michael@0:         if (--refs == 0)
michael@0:             destroy();
michael@0:     }
michael@0:     bool initFromOptions(ExclusiveContext *cx, const ReadOnlyCompileOptions &options);
michael@0:     bool setSourceCopy(ExclusiveContext *cx,
michael@0:                        JS::SourceBufferHolder &srcBuf,
michael@0:                        bool argumentsNotIncluded,
michael@0:                        SourceCompressionTask *tok);
michael@0:     void setSource(const jschar *src, size_t length);
michael@0:     bool ready() const { return ready_; }
michael@0:     void setSourceRetrievable() { sourceRetrievable_ = true; }
michael@0:     bool sourceRetrievable() const { return sourceRetrievable_; }
michael@0:     bool hasSourceData() const { return !ready() || !!data.source; }
michael@0:     uint32_t length() const {
michael@0:         JS_ASSERT(hasSourceData());
michael@0:         return length_;
michael@0:     }
michael@0:     bool argumentsNotIncluded() const {
michael@0:         JS_ASSERT(hasSourceData());
michael@0:         return argumentsNotIncluded_;
michael@0:     }
michael@0:     const jschar *chars(JSContext *cx, SourceDataCache::AutoHoldEntry &asp);
michael@0:     JSFlatString *substring(JSContext *cx, uint32_t start, uint32_t stop);
michael@0:     void addSizeOfIncludingThis(mozilla::MallocSizeOf mallocSizeOf,
michael@0:                                 JS::ScriptSourceInfo *info) const;
michael@0: 
michael@0:     // XDR handling
michael@0:     template <XDRMode mode>
michael@0:     bool performXDR(XDRState<mode> *xdr);
michael@0: 
michael@0:     bool setFilename(ExclusiveContext *cx, const char *filename);
michael@0:     const char *introducerFilename() const {
michael@0:         return introducerFilename_;
michael@0:     }
michael@0:     bool hasIntroductionType() const {
michael@0:         return introductionType_;
michael@0:     }
michael@0:     const char *introductionType() const {
michael@0:         JS_ASSERT(hasIntroductionType());
michael@0:         return introductionType_;
michael@0:     }
michael@0:     const char *filename() const {
michael@0:         return filename_;
michael@0:     }
michael@0: 
michael@0:     // Display URLs
michael@0:     bool setDisplayURL(ExclusiveContext *cx, const jschar *displayURL);
michael@0:     const jschar *displayURL();
michael@0:     bool hasDisplayURL() const { return displayURL_ != nullptr; }
michael@0: 
michael@0:     // Source maps
michael@0:     bool setSourceMapURL(ExclusiveContext *cx, const jschar *sourceMapURL);
michael@0:     const jschar *sourceMapURL();
michael@0:     bool hasSourceMapURL() const { return sourceMapURL_ != nullptr; }
michael@0: 
michael@0:     JSPrincipals *originPrincipals() const { return originPrincipals_; }
michael@0: 
michael@0:     bool hasIntroductionOffset() const { return hasIntroductionOffset_; }
michael@0:     uint32_t introductionOffset() const {
michael@0:         JS_ASSERT(hasIntroductionOffset());
michael@0:         return introductionOffset_;
michael@0:     }
michael@0:     void setIntroductionOffset(uint32_t offset) {
michael@0:         JS_ASSERT(!hasIntroductionOffset());
michael@0:         JS_ASSERT(offset <= (uint32_t)INT32_MAX);
michael@0:         introductionOffset_ = offset;
michael@0:         hasIntroductionOffset_ = true;
michael@0:     }
michael@0: 
michael@0:   private:
michael@0:     void destroy();
michael@0:     bool compressed() const { return compressedLength_ != 0; }
michael@0:     size_t computedSizeOfData() const {
michael@0:         return compressed() ? compressedLength_ : sizeof(jschar) * length_;
michael@0:     }
michael@0:     bool adjustDataSize(size_t nbytes);
michael@0:     const jschar *getOffThreadCompressionChars(ExclusiveContext *cx);
michael@0: };
michael@0: 
michael@0: class ScriptSourceHolder
michael@0: {
michael@0:     ScriptSource *ss;
michael@0:   public:
michael@0:     explicit ScriptSourceHolder(ScriptSource *ss)
michael@0:       : ss(ss)
michael@0:     {
michael@0:         ss->incref();
michael@0:     }
michael@0:     ~ScriptSourceHolder()
michael@0:     {
michael@0:         ss->decref();
michael@0:     }
michael@0: };
michael@0: 
michael@0: class ScriptSourceObject : public JSObject
michael@0: {
michael@0:   public:
michael@0:     static const Class class_;
michael@0: 
michael@0:     static void trace(JSTracer *trc, JSObject *obj);
michael@0:     static void finalize(FreeOp *fop, JSObject *obj);
michael@0:     static ScriptSourceObject *create(ExclusiveContext *cx, ScriptSource *source,
michael@0:                                       const ReadOnlyCompileOptions &options);
michael@0: 
michael@0:     ScriptSource *source() {
michael@0:         return static_cast<ScriptSource *>(getReservedSlot(SOURCE_SLOT).toPrivate());
michael@0:     }
michael@0: 
michael@0:     void setSource(ScriptSource *source);
michael@0: 
michael@0:     JSObject *element() const;
michael@0:     void initElement(HandleObject element);
michael@0:     const Value &elementAttributeName() const;
michael@0: 
michael@0:     JSScript *introductionScript() const {
michael@0:         void *untyped = getReservedSlot(INTRODUCTION_SCRIPT_SLOT).toPrivate();
michael@0:         return static_cast<JSScript *>(untyped);
michael@0:     }
michael@0:     void initIntroductionScript(JSScript *script);
michael@0: 
michael@0:   private:
michael@0:     static const uint32_t SOURCE_SLOT = 0;
michael@0:     static const uint32_t ELEMENT_SLOT = 1;
michael@0:     static const uint32_t ELEMENT_PROPERTY_SLOT = 2;
michael@0:     static const uint32_t INTRODUCTION_SCRIPT_SLOT = 3;
michael@0:     static const uint32_t RESERVED_SLOTS = 4;
michael@0: };
michael@0: 
michael@0: enum GeneratorKind { NotGenerator, LegacyGenerator, StarGenerator };
michael@0: 
michael@0: static inline unsigned
michael@0: GeneratorKindAsBits(GeneratorKind generatorKind) {
michael@0:     return static_cast<unsigned>(generatorKind);
michael@0: }
michael@0: 
michael@0: static inline GeneratorKind
michael@0: GeneratorKindFromBits(unsigned val) {
michael@0:     JS_ASSERT(val <= StarGenerator);
michael@0:     return static_cast<GeneratorKind>(val);
michael@0: }
michael@0: 
michael@0: /*
michael@0:  * NB: after a successful XDR_DECODE, XDRScript callers must do any required
michael@0:  * subsequent set-up of owning function or script object and then call
michael@0:  * js_CallNewScriptHook.
michael@0:  */
michael@0: template<XDRMode mode>
michael@0: bool
michael@0: XDRScript(XDRState<mode> *xdr, HandleObject enclosingScope, HandleScript enclosingScript,
michael@0:           HandleFunction fun, MutableHandleScript scriptp);
michael@0: 
michael@0: JSScript *
michael@0: CloneScript(JSContext *cx, HandleObject enclosingScope, HandleFunction fun, HandleScript script,
michael@0:             NewObjectKind newKind = GenericObject);
michael@0: 
michael@0: template<XDRMode mode>
michael@0: bool
michael@0: XDRLazyScript(XDRState<mode> *xdr, HandleObject enclosingScope, HandleScript enclosingScript,
michael@0:               HandleFunction fun, MutableHandle<LazyScript *> lazy);
michael@0: 
michael@0: /*
michael@0:  * Code any constant value.
michael@0:  */
michael@0: template<XDRMode mode>
michael@0: bool
michael@0: XDRScriptConst(XDRState<mode> *xdr, MutableHandleValue vp);
michael@0: 
michael@0: } /* namespace js */
michael@0: 
michael@0: class JSScript : public js::gc::BarrieredCell<JSScript>
michael@0: {
michael@0:     static const uint32_t stepFlagMask = 0x80000000U;
michael@0:     static const uint32_t stepCountMask = 0x7fffffffU;
michael@0: 
michael@0:     template <js::XDRMode mode>
michael@0:     friend
michael@0:     bool
michael@0:     js::XDRScript(js::XDRState<mode> *xdr, js::HandleObject enclosingScope, js::HandleScript enclosingScript,
michael@0:                   js::HandleFunction fun, js::MutableHandleScript scriptp);
michael@0: 
michael@0:     friend JSScript *
michael@0:     js::CloneScript(JSContext *cx, js::HandleObject enclosingScope, js::HandleFunction fun, js::HandleScript src,
michael@0:                     js::NewObjectKind newKind);
michael@0: 
michael@0:   public:
michael@0:     //
michael@0:     // We order fields according to their size in order to avoid wasting space
michael@0:     // for alignment.
michael@0:     //
michael@0: 
michael@0:     // Larger-than-word-sized fields.
michael@0: 
michael@0:   public:
michael@0:     js::Bindings    bindings;   /* names of top-level variables in this script
michael@0:                                    (and arguments if this is a function script) */
michael@0: 
michael@0:     bool hasAnyAliasedBindings() const {
michael@0:         return bindings.hasAnyAliasedBindings();
michael@0:     }
michael@0: 
michael@0:     js::Binding *bindingArray() const {
michael@0:         return bindings.bindingArray();
michael@0:     }
michael@0: 
michael@0:     unsigned numArgs() const {
michael@0:         return bindings.numArgs();
michael@0:     }
michael@0: 
michael@0:     js::Shape *callObjShape() const {
michael@0:         return bindings.callObjShape();
michael@0:     }
michael@0: 
michael@0:     // Word-sized fields.
michael@0: 
michael@0:   private:
michael@0:     jsbytecode      *code_;     /* bytecodes and their immediate operands */
michael@0:   public:
michael@0:     uint8_t         *data;      /* pointer to variable-length data array (see
michael@0:                                    comment above Create() for details) */
michael@0: 
michael@0:     js::HeapPtrAtom *atoms;     /* maps immediate index to literal struct */
michael@0: 
michael@0:     JSCompartment   *compartment_;
michael@0: 
michael@0:     /* Persistent type information retained across GCs. */
michael@0:     js::types::TypeScript *types;
michael@0: 
michael@0:   private:
michael@0:     // This script's ScriptSourceObject, or a CCW thereof.
michael@0:     //
michael@0:     // (When we clone a JSScript into a new compartment, we don't clone its
michael@0:     // source object. Instead, the clone refers to a wrapper.)
michael@0:     js::HeapPtrObject sourceObject_;
michael@0: 
michael@0:     js::HeapPtrFunction function_;
michael@0: 
michael@0:     // For callsite clones, which cannot have enclosing scopes, the original
michael@0:     // function; otherwise the enclosing scope
michael@0:     js::HeapPtrObject   enclosingScopeOrOriginalFunction_;
michael@0: 
michael@0:     /* Information attached by Baseline/Ion for sequential mode execution. */
michael@0:     js::jit::IonScript *ion;
michael@0:     js::jit::BaselineScript *baseline;
michael@0: 
michael@0:     /* Information attached by Ion for parallel mode execution */
michael@0:     js::jit::IonScript *parallelIon;
michael@0: 
michael@0:     /* Information used to re-lazify a lazily-parsed interpreted function. */
michael@0:     js::LazyScript *lazyScript;
michael@0: 
michael@0:     /*
michael@0:      * Pointer to either baseline->method()->raw() or ion->method()->raw(), or
michael@0:      * nullptr if there's no Baseline or Ion script.
michael@0:      */
michael@0:     uint8_t *baselineOrIonRaw;
michael@0:     uint8_t *baselineOrIonSkipArgCheck;
michael@0: 
michael@0:     // 32-bit fields.
michael@0: 
michael@0:     uint32_t        length_;    /* length of code vector */
michael@0:     uint32_t        dataSize_;  /* size of the used part of the data array */
michael@0: 
michael@0:     uint32_t        lineno_;    /* base line number of script */
michael@0:     uint32_t        column_;    /* base column of script, optionally set */
michael@0: 
michael@0:     uint32_t        mainOffset_;/* offset of main entry point from code, after
michael@0:                                    predef'ing prolog */
michael@0: 
michael@0:     uint32_t        natoms_;    /* length of atoms array */
michael@0:     uint32_t        nslots_;    /* vars plus maximum stack depth */
michael@0: 
michael@0:     /* Range of characters in scriptSource which contains this script's source. */
michael@0:     uint32_t        sourceStart_;
michael@0:     uint32_t        sourceEnd_;
michael@0: 
michael@0:     uint32_t        useCount;   /* Number of times the script has been called
michael@0:                                  * or has had backedges taken. When running in
michael@0:                                  * ion, also increased for any inlined scripts.
michael@0:                                  * Reset if the script's JIT code is forcibly
michael@0:                                  * discarded. */
michael@0: 
michael@0: #ifdef DEBUG
michael@0:     // Unique identifier within the compartment for this script, used for
michael@0:     // printing analysis information.
michael@0:     uint32_t        id_;
michael@0:     uint32_t        idpad;
michael@0: #endif
michael@0: 
michael@0:     // 16-bit fields.
michael@0: 
michael@0:     uint16_t        version;    /* JS version under which script was compiled */
michael@0: 
michael@0:     uint16_t        funLength_; /* ES6 function length */
michael@0: 
michael@0:     uint16_t        nTypeSets_; /* number of type sets used in this script for
michael@0:                                    dynamic type monitoring */
michael@0: 
michael@0:     uint16_t        staticLevel_;/* static level for display maintenance */
michael@0: 
michael@0:     // Bit fields.
michael@0: 
michael@0:   public:
michael@0:     // The kinds of the optional arrays.
michael@0:     enum ArrayKind {
michael@0:         CONSTS,
michael@0:         OBJECTS,
michael@0:         REGEXPS,
michael@0:         TRYNOTES,
michael@0:         BLOCK_SCOPES,
michael@0:         ARRAY_KIND_BITS
michael@0:     };
michael@0: 
michael@0:   private:
michael@0:     // The bits in this field indicate the presence/non-presence of several
michael@0:     // optional arrays in |data|.  See the comments above Create() for details.
michael@0:     uint8_t         hasArrayBits:ARRAY_KIND_BITS;
michael@0: 
michael@0:     // The GeneratorKind of the script.
michael@0:     uint8_t         generatorKindBits_:2;
michael@0: 
michael@0:     // 1-bit fields.
michael@0: 
michael@0:     // No need for result value of last expression statement.
michael@0:     bool noScriptRval_:1;
michael@0: 
michael@0:     // Can call getCallerFunction().
michael@0:     bool savedCallerFun_:1;
michael@0: 
michael@0:     // Code is in strict mode.
michael@0:     bool strict_:1;
michael@0: 
michael@0:     // Code has "use strict"; explicitly.
michael@0:     bool explicitUseStrict_:1;
michael@0: 
michael@0:     // See Parser::compileAndGo.
michael@0:     bool compileAndGo_:1;
michael@0: 
michael@0:     // see Parser::selfHostingMode.
michael@0:     bool selfHosted_:1;
michael@0: 
michael@0:     // See FunctionContextFlags.
michael@0:     bool bindingsAccessedDynamically_:1;
michael@0:     bool funHasExtensibleScope_:1;
michael@0:     bool funNeedsDeclEnvObject_:1;
michael@0: 
michael@0:     // True if any formalIsAliased(i).
michael@0:     bool funHasAnyAliasedFormal_:1;
michael@0: 
michael@0:     // Have warned about uses of undefined properties in this script.
michael@0:     bool warnedAboutUndefinedProp_:1;
michael@0: 
michael@0:     // Script has singleton objects.
michael@0:     bool hasSingletons_:1;
michael@0: 
michael@0:     // Script is a lambda to treat as running once.
michael@0:     bool treatAsRunOnce_:1;
michael@0: 
michael@0:     // If treatAsRunOnce, whether script has executed.
michael@0:     bool hasRunOnce_:1;
michael@0: 
michael@0:     // Script has been reused for a clone.
michael@0:     bool hasBeenCloned_:1;
michael@0: 
michael@0:     // Script has been inlined at least once, and can't be relazified.
michael@0:     bool hasBeenInlined_:1;
michael@0: 
michael@0:     // Script came from eval(), and is still active.
michael@0:     bool isActiveEval_:1;
michael@0: 
michael@0:     // Script came from eval(), and is in eval cache.
michael@0:     bool isCachedEval_:1;
michael@0: 
michael@0:     // Set for functions defined at the top level within an 'eval' script.
michael@0:     bool directlyInsideEval_:1;
michael@0: 
michael@0:     // Both 'arguments' and f.apply() are used. This is likely to be a wrapper.
michael@0:     bool usesArgumentsAndApply_:1;
michael@0: 
michael@0:     /* script is attempted to be cloned anew at each callsite. This is
michael@0:        temporarily needed for ParallelArray selfhosted code until type
michael@0:        information can be made context sensitive. See discussion in
michael@0:        bug 826148. */
michael@0:     bool shouldCloneAtCallsite_:1;
michael@0:     bool isCallsiteClone_:1; /* is a callsite clone; has a link to the original function */
michael@0:     bool shouldInline_:1;    /* hint to inline when possible */
michael@0: 
michael@0:     // IonMonkey compilation hints.
michael@0:     bool failedBoundsCheck_:1; /* script has had hoisted bounds checks fail */
michael@0:     bool failedShapeGuard_:1; /* script has had hoisted shape guard fail */
michael@0:     bool hadFrequentBailouts_:1;
michael@0:     bool uninlineable_:1;    /* explicitly marked as uninlineable */
michael@0: 
michael@0:     // Idempotent cache has triggered invalidation.
michael@0:     bool invalidatedIdempotentCache_:1;
michael@0: 
michael@0:     // If the generator was created implicitly via a generator expression,
michael@0:     // isGeneratorExp will be true.
michael@0:     bool isGeneratorExp_:1;
michael@0: 
michael@0:     // Script has an entry in JSCompartment::scriptCountsMap.
michael@0:     bool hasScriptCounts_:1;
michael@0: 
michael@0:     // Script has an entry in JSCompartment::debugScriptMap.
michael@0:     bool hasDebugScript_:1;
michael@0: 
michael@0:     // Freeze constraints for stack type sets have been generated.
michael@0:     bool hasFreezeConstraints_:1;
michael@0: 
michael@0:     /* See comments below. */
michael@0:     bool argsHasVarBinding_:1;
michael@0:     bool needsArgsAnalysis_:1;
michael@0:     bool needsArgsObj_:1;
michael@0: 
michael@0:     //
michael@0:     // End of fields.  Start methods.
michael@0:     //
michael@0: 
michael@0:   public:
michael@0:     static JSScript *Create(js::ExclusiveContext *cx,
michael@0:                             js::HandleObject enclosingScope, bool savedCallerFun,
michael@0:                             const JS::ReadOnlyCompileOptions &options, unsigned staticLevel,
michael@0:                             js::HandleObject sourceObject, uint32_t sourceStart,
michael@0:                             uint32_t sourceEnd);
michael@0: 
michael@0:     void initCompartment(js::ExclusiveContext *cx);
michael@0: 
michael@0:     // Three ways ways to initialize a JSScript. Callers of partiallyInit()
michael@0:     // and fullyInitTrivial() are responsible for notifying the debugger after
michael@0:     // successfully creating any kind (function or other) of new JSScript.
michael@0:     // However, callers of fullyInitFromEmitter() do not need to do this.
michael@0:     static bool partiallyInit(js::ExclusiveContext *cx, JS::Handle<JSScript*> script,
michael@0:                               uint32_t nconsts, uint32_t nobjects, uint32_t nregexps,
michael@0:                               uint32_t ntrynotes, uint32_t nblockscopes,
michael@0:                               uint32_t nTypeSets);
michael@0:     static bool fullyInitFromEmitter(js::ExclusiveContext *cx, JS::Handle<JSScript*> script,
michael@0:                                      js::frontend::BytecodeEmitter *bce);
michael@0:     // Initialize a no-op script.
michael@0:     static bool fullyInitTrivial(js::ExclusiveContext *cx, JS::Handle<JSScript*> script);
michael@0: 
michael@0:     inline JSPrincipals *principals();
michael@0: 
michael@0:     JSCompartment *compartment() const { return compartment_; }
michael@0: 
michael@0:     void setVersion(JSVersion v) { version = v; }
michael@0: 
michael@0:     // Script bytecode is immutable after creation.
michael@0:     jsbytecode *code() const {
michael@0:         return code_;
michael@0:     }
michael@0:     size_t length() const {
michael@0:         return length_;
michael@0:     }
michael@0: 
michael@0:     void setCode(jsbytecode *code) { code_ = code; }
michael@0:     void setLength(size_t length) { length_ = length; }
michael@0: 
michael@0:     jsbytecode *codeEnd() const { return code() + length(); }
michael@0: 
michael@0:     bool containsPC(const jsbytecode *pc) const {
michael@0:         return pc >= code() && pc < codeEnd();
michael@0:     }
michael@0: 
michael@0:     size_t pcToOffset(const jsbytecode *pc) const {
michael@0:         JS_ASSERT(containsPC(pc));
michael@0:         return size_t(pc - code());
michael@0:     }
michael@0: 
michael@0:     jsbytecode *offsetToPC(size_t offset) const {
michael@0:         JS_ASSERT(offset < length());
michael@0:         return code() + offset;
michael@0:     }
michael@0: 
michael@0:     size_t mainOffset() const {
michael@0:         return mainOffset_;
michael@0:     }
michael@0: 
michael@0:     size_t lineno() const {
michael@0:         return lineno_;
michael@0:     }
michael@0: 
michael@0:     size_t column() const {
michael@0:         return column_;
michael@0:     }
michael@0: 
michael@0:     void setColumn(size_t column) { column_ = column; }
michael@0: 
michael@0:     // The fixed part of a stack frame is comprised of vars (in function code)
michael@0:     // and block-scoped locals (in all kinds of code).
michael@0:     size_t nfixed() const {
michael@0:         return function_ ? bindings.numLocals() : bindings.numBlockScoped();
michael@0:     }
michael@0: 
michael@0:     // Number of fixed slots reserved for vars.  Only nonzero for function code.
michael@0:     size_t nfixedvars() const {
michael@0:         return function_ ? bindings.numVars() : 0;
michael@0:     }
michael@0: 
michael@0:     size_t nslots() const {
michael@0:         return nslots_;
michael@0:     }
michael@0: 
michael@0:     size_t staticLevel() const {
michael@0:         return staticLevel_;
michael@0:     }
michael@0: 
michael@0:     size_t nTypeSets() const {
michael@0:         return nTypeSets_;
michael@0:     }
michael@0: 
michael@0:     size_t funLength() const {
michael@0:         return funLength_;
michael@0:     }
michael@0: 
michael@0:     size_t sourceStart() const {
michael@0:         return sourceStart_;
michael@0:     }
michael@0: 
michael@0:     size_t sourceEnd() const {
michael@0:         return sourceEnd_;
michael@0:     }
michael@0: 
michael@0:     bool noScriptRval() const {
michael@0:         return noScriptRval_;
michael@0:     }
michael@0: 
michael@0:     bool savedCallerFun() const { return savedCallerFun_; }
michael@0: 
michael@0:     bool strict() const {
michael@0:         return strict_;
michael@0:     }
michael@0: 
michael@0:     bool explicitUseStrict() const { return explicitUseStrict_; }
michael@0: 
michael@0:     bool compileAndGo() const {
michael@0:         return compileAndGo_;
michael@0:     }
michael@0: 
michael@0:     bool selfHosted() const { return selfHosted_; }
michael@0:     bool bindingsAccessedDynamically() const { return bindingsAccessedDynamically_; }
michael@0:     bool funHasExtensibleScope() const {
michael@0:         return funHasExtensibleScope_;
michael@0:     }
michael@0:     bool funNeedsDeclEnvObject() const {
michael@0:         return funNeedsDeclEnvObject_;
michael@0:     }
michael@0:     bool funHasAnyAliasedFormal() const {
michael@0:         return funHasAnyAliasedFormal_;
michael@0:     }
michael@0: 
michael@0:     bool hasSingletons() const { return hasSingletons_; }
michael@0:     bool treatAsRunOnce() const {
michael@0:         return treatAsRunOnce_;
michael@0:     }
michael@0:     bool hasRunOnce() const { return hasRunOnce_; }
michael@0:     bool hasBeenCloned() const { return hasBeenCloned_; }
michael@0:     bool hasBeenInlined() const { return hasBeenInlined_; }
michael@0: 
michael@0:     void setTreatAsRunOnce() { treatAsRunOnce_ = true; }
michael@0:     void setHasRunOnce() { hasRunOnce_ = true; }
michael@0:     void setHasBeenCloned() { hasBeenCloned_ = true; }
michael@0:     void setHasBeenInlined() { hasBeenInlined_ = true; }
michael@0: 
michael@0:     bool isActiveEval() const { return isActiveEval_; }
michael@0:     bool isCachedEval() const { return isCachedEval_; }
michael@0:     bool directlyInsideEval() const { return directlyInsideEval_; }
michael@0: 
michael@0:     void cacheForEval() {
michael@0:         JS_ASSERT(isActiveEval() && !isCachedEval());
michael@0:         isActiveEval_ = false;
michael@0:         isCachedEval_ = true;
michael@0:     }
michael@0: 
michael@0:     void uncacheForEval() {
michael@0:         JS_ASSERT(isCachedEval() && !isActiveEval());
michael@0:         isCachedEval_ = false;
michael@0:         isActiveEval_ = true;
michael@0:     }
michael@0: 
michael@0:     void setActiveEval() { isActiveEval_ = true; }
michael@0:     void setDirectlyInsideEval() { directlyInsideEval_ = true; }
michael@0: 
michael@0:     bool usesArgumentsAndApply() const {
michael@0:         return usesArgumentsAndApply_;
michael@0:     }
michael@0:     void setUsesArgumentsAndApply() { usesArgumentsAndApply_ = true; }
michael@0: 
michael@0:     bool shouldCloneAtCallsite() const {
michael@0:         return shouldCloneAtCallsite_;
michael@0:     }
michael@0:     bool shouldInline() const {
michael@0:         return shouldInline_;
michael@0:     }
michael@0: 
michael@0:     void setShouldCloneAtCallsite() { shouldCloneAtCallsite_ = true; }
michael@0:     void setShouldInline() { shouldInline_ = true; }
michael@0: 
michael@0:     bool isCallsiteClone() const {
michael@0:         return isCallsiteClone_;
michael@0:     }
michael@0:     bool isGeneratorExp() const { return isGeneratorExp_; }
michael@0: 
michael@0:     bool failedBoundsCheck() const {
michael@0:         return failedBoundsCheck_;
michael@0:     }
michael@0:     bool failedShapeGuard() const {
michael@0:         return failedShapeGuard_;
michael@0:     }
michael@0:     bool hadFrequentBailouts() const {
michael@0:         return hadFrequentBailouts_;
michael@0:     }
michael@0:     bool uninlineable() const {
michael@0:         return uninlineable_;
michael@0:     }
michael@0:     bool invalidatedIdempotentCache() const {
michael@0:         return invalidatedIdempotentCache_;
michael@0:     }
michael@0: 
michael@0:     void setFailedBoundsCheck() { failedBoundsCheck_ = true; }
michael@0:     void setFailedShapeGuard() { failedShapeGuard_ = true; }
michael@0:     void setHadFrequentBailouts() { hadFrequentBailouts_ = true; }
michael@0:     void setUninlineable() { uninlineable_ = true; }
michael@0:     void setInvalidatedIdempotentCache() { invalidatedIdempotentCache_ = true; }
michael@0: 
michael@0:     bool hasScriptCounts() const { return hasScriptCounts_; }
michael@0: 
michael@0:     bool hasFreezeConstraints() const { return hasFreezeConstraints_; }
michael@0:     void setHasFreezeConstraints() { hasFreezeConstraints_ = true; }
michael@0:     void clearHasFreezeConstraints() { hasFreezeConstraints_ = false; }
michael@0: 
michael@0:     bool warnedAboutUndefinedProp() const { return warnedAboutUndefinedProp_; }
michael@0:     void setWarnedAboutUndefinedProp() { warnedAboutUndefinedProp_ = true; }
michael@0: 
michael@0:     /* See ContextFlags::funArgumentsHasLocalBinding comment. */
michael@0:     bool argumentsHasVarBinding() const {
michael@0:         return argsHasVarBinding_;
michael@0:     }
michael@0:     jsbytecode *argumentsBytecode() const { JS_ASSERT(code()[0] == JSOP_ARGUMENTS); return code(); }
michael@0:     void setArgumentsHasVarBinding();
michael@0:     bool argumentsAliasesFormals() const {
michael@0:         return argumentsHasVarBinding() && !strict();
michael@0:     }
michael@0: 
michael@0:     js::GeneratorKind generatorKind() const {
michael@0:         return js::GeneratorKindFromBits(generatorKindBits_);
michael@0:     }
michael@0:     bool isGenerator() const { return generatorKind() != js::NotGenerator; }
michael@0:     bool isLegacyGenerator() const { return generatorKind() == js::LegacyGenerator; }
michael@0:     bool isStarGenerator() const { return generatorKind() == js::StarGenerator; }
michael@0:     void setGeneratorKind(js::GeneratorKind kind) {
michael@0:         // A script only gets its generator kind set as part of initialization,
michael@0:         // so it can only transition from not being a generator.
michael@0:         JS_ASSERT(!isGenerator());
michael@0:         generatorKindBits_ = GeneratorKindAsBits(kind);
michael@0:     }
michael@0: 
michael@0:     /*
michael@0:      * As an optimization, even when argsHasLocalBinding, the function prologue
michael@0:      * may not need to create an arguments object. This is determined by
michael@0:      * needsArgsObj which is set by AnalyzeArgumentsUsage before running
michael@0:      * the script the first time. When !needsArgsObj, the prologue may simply
michael@0:      * write MagicValue(JS_OPTIMIZED_ARGUMENTS) to 'arguments's slot and any
michael@0:      * uses of 'arguments' will be guaranteed to handle this magic value.
michael@0:      * So avoid spurious arguments object creation, we maintain the invariant
michael@0:      * that needsArgsObj is only called after the script has been analyzed.
michael@0:      */
michael@0:     bool analyzedArgsUsage() const { return !needsArgsAnalysis_; }
michael@0:     inline bool ensureHasAnalyzedArgsUsage(JSContext *cx);
michael@0:     bool needsArgsObj() const {
michael@0:         JS_ASSERT(analyzedArgsUsage());
michael@0:         return needsArgsObj_;
michael@0:     }
michael@0:     void setNeedsArgsObj(bool needsArgsObj);
michael@0:     static bool argumentsOptimizationFailed(JSContext *cx, js::HandleScript script);
michael@0: 
michael@0:     /*
michael@0:      * Arguments access (via JSOP_*ARG* opcodes) must access the canonical
michael@0:      * location for the argument. If an arguments object exists AND this is a
michael@0:      * non-strict function (where 'arguments' aliases formals), then all access
michael@0:      * must go through the arguments object. Otherwise, the local slot is the
michael@0:      * canonical location for the arguments. Note: if a formal is aliased
michael@0:      * through the scope chain, then script->formalIsAliased and JSOP_*ARG*
michael@0:      * opcodes won't be emitted at all.
michael@0:      */
michael@0:     bool argsObjAliasesFormals() const {
michael@0:         return needsArgsObj() && !strict();
michael@0:     }
michael@0: 
michael@0:     bool hasAnyIonScript() const {
michael@0:         return hasIonScript() || hasParallelIonScript();
michael@0:     }
michael@0: 
michael@0:     bool hasIonScript() const {
michael@0:         bool res = ion && ion != ION_DISABLED_SCRIPT && ion != ION_COMPILING_SCRIPT;
michael@0:         MOZ_ASSERT_IF(res, baseline);
michael@0:         return res;
michael@0:     }
michael@0:     bool canIonCompile() const {
michael@0:         return ion != ION_DISABLED_SCRIPT;
michael@0:     }
michael@0: 
michael@0:     bool isIonCompilingOffThread() const {
michael@0:         return ion == ION_COMPILING_SCRIPT;
michael@0:     }
michael@0: 
michael@0:     js::jit::IonScript *ionScript() const {
michael@0:         JS_ASSERT(hasIonScript());
michael@0:         return ion;
michael@0:     }
michael@0:     js::jit::IonScript *maybeIonScript() const {
michael@0:         return ion;
michael@0:     }
michael@0:     js::jit::IonScript *const *addressOfIonScript() const {
michael@0:         return &ion;
michael@0:     }
michael@0:     void setIonScript(js::jit::IonScript *ionScript) {
michael@0:         if (hasIonScript())
michael@0:             js::jit::IonScript::writeBarrierPre(tenuredZone(), ion);
michael@0:         ion = ionScript;
michael@0:         MOZ_ASSERT_IF(hasIonScript(), hasBaselineScript());
michael@0:         updateBaselineOrIonRaw();
michael@0:     }
michael@0: 
michael@0:     bool hasBaselineScript() const {
michael@0:         bool res = baseline && baseline != BASELINE_DISABLED_SCRIPT;
michael@0:         MOZ_ASSERT_IF(!res, !ion || ion == ION_DISABLED_SCRIPT);
michael@0:         return res;
michael@0:     }
michael@0:     bool canBaselineCompile() const {
michael@0:         return baseline != BASELINE_DISABLED_SCRIPT;
michael@0:     }
michael@0:     js::jit::BaselineScript *baselineScript() const {
michael@0:         JS_ASSERT(hasBaselineScript());
michael@0:         return baseline;
michael@0:     }
michael@0:     inline void setBaselineScript(JSContext *maybecx, js::jit::BaselineScript *baselineScript);
michael@0: 
michael@0:     void updateBaselineOrIonRaw();
michael@0: 
michael@0:     bool hasParallelIonScript() const {
michael@0:         return parallelIon && parallelIon != ION_DISABLED_SCRIPT && parallelIon != ION_COMPILING_SCRIPT;
michael@0:     }
michael@0: 
michael@0:     bool canParallelIonCompile() const {
michael@0:         return parallelIon != ION_DISABLED_SCRIPT;
michael@0:     }
michael@0: 
michael@0:     bool isParallelIonCompilingOffThread() const {
michael@0:         return parallelIon == ION_COMPILING_SCRIPT;
michael@0:     }
michael@0: 
michael@0:     js::jit::IonScript *parallelIonScript() const {
michael@0:         JS_ASSERT(hasParallelIonScript());
michael@0:         return parallelIon;
michael@0:     }
michael@0:     js::jit::IonScript *maybeParallelIonScript() const {
michael@0:         return parallelIon;
michael@0:     }
michael@0:     void setParallelIonScript(js::jit::IonScript *ionScript) {
michael@0:         if (hasParallelIonScript())
michael@0:             js::jit::IonScript::writeBarrierPre(tenuredZone(), parallelIon);
michael@0:         parallelIon = ionScript;
michael@0:     }
michael@0: 
michael@0:     static size_t offsetOfBaselineScript() {
michael@0:         return offsetof(JSScript, baseline);
michael@0:     }
michael@0:     static size_t offsetOfIonScript() {
michael@0:         return offsetof(JSScript, ion);
michael@0:     }
michael@0:     static size_t offsetOfParallelIonScript() {
michael@0:         return offsetof(JSScript, parallelIon);
michael@0:     }
michael@0:     static size_t offsetOfBaselineOrIonRaw() {
michael@0:         return offsetof(JSScript, baselineOrIonRaw);
michael@0:     }
michael@0:     static size_t offsetOfBaselineOrIonSkipArgCheck() {
michael@0:         return offsetof(JSScript, baselineOrIonSkipArgCheck);
michael@0:     }
michael@0: 
michael@0:     bool isRelazifiable() const {
michael@0:         return (selfHosted() || lazyScript) &&
michael@0:                !isGenerator() && !hasBaselineScript() && !hasAnyIonScript() && !hasBeenInlined();
michael@0:     }
michael@0:     void setLazyScript(js::LazyScript *lazy) {
michael@0:         lazyScript = lazy;
michael@0:     }
michael@0:     js::LazyScript *maybeLazyScript() {
michael@0:         return lazyScript;
michael@0:     }
michael@0: 
michael@0:     /*
michael@0:      * Original compiled function for the script, if it has a function.
michael@0:      * nullptr for global and eval scripts.
michael@0:      * The delazifying variant ensures that the function isn't lazy. The
michael@0:      * non-delazifying variant must only be used after earlier code has
michael@0:      * called ensureNonLazyCanonicalFunction and while the function can't
michael@0:      * have been relazified.
michael@0:      */
michael@0:     inline JSFunction *functionDelazifying() const;
michael@0:     JSFunction *functionNonDelazifying() const {
michael@0:         return function_;
michael@0:     }
michael@0:     inline void setFunction(JSFunction *fun);
michael@0:     /*
michael@0:      * De-lazifies the canonical function. Must be called before entering code
michael@0:      * that expects the function to be non-lazy.
michael@0:      */
michael@0:     inline void ensureNonLazyCanonicalFunction(JSContext *cx);
michael@0: 
michael@0:     /*
michael@0:      * Donor provided itself to callsite clone; null if this is non-clone.
michael@0:      */
michael@0:     JSFunction *donorFunction() const;
michael@0:     void setIsCallsiteClone(JSObject *fun);
michael@0: 
michael@0:     JSFlatString *sourceData(JSContext *cx);
michael@0: 
michael@0:     static bool loadSource(JSContext *cx, js::ScriptSource *ss, bool *worked);
michael@0: 
michael@0:     void setSourceObject(JSObject *object);
michael@0:     JSObject *sourceObject() const {
michael@0:         return sourceObject_;
michael@0:     }
michael@0:     js::ScriptSourceObject &scriptSourceUnwrap() const;
michael@0:     js::ScriptSource *scriptSource() const;
michael@0:     JSPrincipals *originPrincipals() const { return scriptSource()->originPrincipals(); }
michael@0:     const char *filename() const { return scriptSource()->filename(); }
michael@0: 
michael@0:   public:
michael@0: 
michael@0:     /* Return whether this script was compiled for 'eval' */
michael@0:     bool isForEval() { return isCachedEval() || isActiveEval(); }
michael@0: 
michael@0: #ifdef DEBUG
michael@0:     unsigned id();
michael@0: #else
michael@0:     unsigned id() { return 0; }
michael@0: #endif
michael@0: 
michael@0:     /* Ensure the script has a TypeScript. */
michael@0:     inline bool ensureHasTypes(JSContext *cx);
michael@0: 
michael@0:     inline js::GlobalObject &global() const;
michael@0:     js::GlobalObject &uninlinedGlobal() const;
michael@0: 
michael@0:     /* See StaticScopeIter comment. */
michael@0:     JSObject *enclosingStaticScope() const {
michael@0:         if (isCallsiteClone())
michael@0:             return nullptr;
michael@0:         return enclosingScopeOrOriginalFunction_;
michael@0:     }
michael@0: 
michael@0:   private:
michael@0:     bool makeTypes(JSContext *cx);
michael@0: 
michael@0:   public:
michael@0:     uint32_t getUseCount() const {
michael@0:         return useCount;
michael@0:     }
michael@0:     uint32_t incUseCount(uint32_t amount = 1) { return useCount += amount; }
michael@0:     uint32_t *addressOfUseCount() { return &useCount; }
michael@0:     static size_t offsetOfUseCount() { return offsetof(JSScript, useCount); }
michael@0:     void resetUseCount() { useCount = 0; }
michael@0: 
michael@0:   public:
michael@0:     bool initScriptCounts(JSContext *cx);
michael@0:     js::PCCounts getPCCounts(jsbytecode *pc);
michael@0:     void addIonCounts(js::jit::IonScriptCounts *ionCounts);
michael@0:     js::jit::IonScriptCounts *getIonCounts();
michael@0:     js::ScriptCounts releaseScriptCounts();
michael@0:     void destroyScriptCounts(js::FreeOp *fop);
michael@0: 
michael@0:     jsbytecode *main() {
michael@0:         return code() + mainOffset();
michael@0:     }
michael@0: 
michael@0:     /*
michael@0:      * computedSizeOfData() is the in-use size of all the data sections.
michael@0:      * sizeOfData() is the size of the block allocated to hold all the data
michael@0:      * sections (which can be larger than the in-use size).
michael@0:      */
michael@0:     size_t computedSizeOfData() const;
michael@0:     size_t sizeOfData(mozilla::MallocSizeOf mallocSizeOf) const;
michael@0:     size_t sizeOfTypeScript(mozilla::MallocSizeOf mallocSizeOf) const;
michael@0: 
michael@0:     uint32_t numNotes();  /* Number of srcnote slots in the srcnotes section */
michael@0: 
michael@0:     /* Script notes are allocated right after the code. */
michael@0:     jssrcnote *notes() { return (jssrcnote *)(code() + length()); }
michael@0: 
michael@0:     bool hasArray(ArrayKind kind) {
michael@0:         return hasArrayBits & (1 << kind);
michael@0:     }
michael@0:     void setHasArray(ArrayKind kind) { hasArrayBits |= (1 << kind); }
michael@0:     void cloneHasArray(JSScript *script) { hasArrayBits = script->hasArrayBits; }
michael@0: 
michael@0:     bool hasConsts()        { return hasArray(CONSTS);      }
michael@0:     bool hasObjects()       { return hasArray(OBJECTS);     }
michael@0:     bool hasRegexps()       { return hasArray(REGEXPS);     }
michael@0:     bool hasTrynotes()      { return hasArray(TRYNOTES);    }
michael@0:     bool hasBlockScopes()   { return hasArray(BLOCK_SCOPES); }
michael@0: 
michael@0:     #define OFF(fooOff, hasFoo, t)   (fooOff() + (hasFoo() ? sizeof(t) : 0))
michael@0: 
michael@0:     size_t constsOffset()     { return 0; }
michael@0:     size_t objectsOffset()    { return OFF(constsOffset,     hasConsts,     js::ConstArray);      }
michael@0:     size_t regexpsOffset()    { return OFF(objectsOffset,    hasObjects,    js::ObjectArray);     }
michael@0:     size_t trynotesOffset()   { return OFF(regexpsOffset,    hasRegexps,    js::ObjectArray);     }
michael@0:     size_t blockScopesOffset(){ return OFF(trynotesOffset,   hasTrynotes,   js::TryNoteArray);    }
michael@0: 
michael@0:     size_t dataSize() const { return dataSize_; }
michael@0: 
michael@0:     js::ConstArray *consts() {
michael@0:         JS_ASSERT(hasConsts());
michael@0:         return reinterpret_cast<js::ConstArray *>(data + constsOffset());
michael@0:     }
michael@0: 
michael@0:     js::ObjectArray *objects() {
michael@0:         JS_ASSERT(hasObjects());
michael@0:         return reinterpret_cast<js::ObjectArray *>(data + objectsOffset());
michael@0:     }
michael@0: 
michael@0:     js::ObjectArray *regexps() {
michael@0:         JS_ASSERT(hasRegexps());
michael@0:         return reinterpret_cast<js::ObjectArray *>(data + regexpsOffset());
michael@0:     }
michael@0: 
michael@0:     js::TryNoteArray *trynotes() {
michael@0:         JS_ASSERT(hasTrynotes());
michael@0:         return reinterpret_cast<js::TryNoteArray *>(data + trynotesOffset());
michael@0:     }
michael@0: 
michael@0:     js::BlockScopeArray *blockScopes() {
michael@0:         JS_ASSERT(hasBlockScopes());
michael@0:         return reinterpret_cast<js::BlockScopeArray *>(data + blockScopesOffset());
michael@0:     }
michael@0: 
michael@0:     bool hasLoops();
michael@0: 
michael@0:     size_t natoms() const { return natoms_; }
michael@0: 
michael@0:     js::HeapPtrAtom &getAtom(size_t index) const {
michael@0:         JS_ASSERT(index < natoms());
michael@0:         return atoms[index];
michael@0:     }
michael@0: 
michael@0:     js::HeapPtrAtom &getAtom(jsbytecode *pc) const {
michael@0:         JS_ASSERT(containsPC(pc) && containsPC(pc + sizeof(uint32_t)));
michael@0:         return getAtom(GET_UINT32_INDEX(pc));
michael@0:     }
michael@0: 
michael@0:     js::PropertyName *getName(size_t index) {
michael@0:         return getAtom(index)->asPropertyName();
michael@0:     }
michael@0: 
michael@0:     js::PropertyName *getName(jsbytecode *pc) const {
michael@0:         JS_ASSERT(containsPC(pc) && containsPC(pc + sizeof(uint32_t)));
michael@0:         return getAtom(GET_UINT32_INDEX(pc))->asPropertyName();
michael@0:     }
michael@0: 
michael@0:     JSObject *getObject(size_t index) {
michael@0:         js::ObjectArray *arr = objects();
michael@0:         JS_ASSERT(index < arr->length);
michael@0:         return arr->vector[index];
michael@0:     }
michael@0: 
michael@0:     size_t innerObjectsStart() {
michael@0:         // The first object contains the caller if savedCallerFun is used.
michael@0:         return savedCallerFun() ? 1 : 0;
michael@0:     }
michael@0: 
michael@0:     JSObject *getObject(jsbytecode *pc) {
michael@0:         JS_ASSERT(containsPC(pc) && containsPC(pc + sizeof(uint32_t)));
michael@0:         return getObject(GET_UINT32_INDEX(pc));
michael@0:     }
michael@0: 
michael@0:     JSVersion getVersion() const {
michael@0:         return JSVersion(version);
michael@0:     }
michael@0: 
michael@0:     inline JSFunction *getFunction(size_t index);
michael@0:     inline JSFunction *getCallerFunction();
michael@0:     inline JSFunction *functionOrCallerFunction();
michael@0: 
michael@0:     inline js::RegExpObject *getRegExp(size_t index);
michael@0:     inline js::RegExpObject *getRegExp(jsbytecode *pc);
michael@0: 
michael@0:     const js::Value &getConst(size_t index) {
michael@0:         js::ConstArray *arr = consts();
michael@0:         JS_ASSERT(index < arr->length);
michael@0:         return arr->vector[index];
michael@0:     }
michael@0: 
michael@0:     js::NestedScopeObject *getStaticScope(jsbytecode *pc);
michael@0: 
michael@0:     /*
michael@0:      * The isEmpty method tells whether this script has code that computes any
michael@0:      * result (not return value, result AKA normal completion value) other than
michael@0:      * JSVAL_VOID, or any other effects.
michael@0:      */
michael@0:     bool isEmpty() const {
michael@0:         if (length() > 3)
michael@0:             return false;
michael@0: 
michael@0:         jsbytecode *pc = code();
michael@0:         if (noScriptRval() && JSOp(*pc) == JSOP_FALSE)
michael@0:             ++pc;
michael@0:         return JSOp(*pc) == JSOP_RETRVAL;
michael@0:     }
michael@0: 
michael@0:     bool varIsAliased(uint32_t varSlot);
michael@0:     bool formalIsAliased(unsigned argSlot);
michael@0:     bool formalLivesInArgumentsObject(unsigned argSlot);
michael@0: 
michael@0:   private:
michael@0:     /* Change this->stepMode to |newValue|. */
michael@0:     void setNewStepMode(js::FreeOp *fop, uint32_t newValue);
michael@0: 
michael@0:     bool ensureHasDebugScript(JSContext *cx);
michael@0:     js::DebugScript *debugScript();
michael@0:     js::DebugScript *releaseDebugScript();
michael@0:     void destroyDebugScript(js::FreeOp *fop);
michael@0: 
michael@0:   public:
michael@0:     bool hasBreakpointsAt(jsbytecode *pc);
michael@0:     bool hasAnyBreakpointsOrStepMode() { return hasDebugScript_; }
michael@0: 
michael@0:     js::BreakpointSite *getBreakpointSite(jsbytecode *pc)
michael@0:     {
michael@0:         return hasDebugScript_ ? debugScript()->breakpoints[pcToOffset(pc)] : nullptr;
michael@0:     }
michael@0: 
michael@0:     js::BreakpointSite *getOrCreateBreakpointSite(JSContext *cx, jsbytecode *pc);
michael@0: 
michael@0:     void destroyBreakpointSite(js::FreeOp *fop, jsbytecode *pc);
michael@0: 
michael@0:     void clearBreakpointsIn(js::FreeOp *fop, js::Debugger *dbg, JSObject *handler);
michael@0:     void clearTraps(js::FreeOp *fop);
michael@0: 
michael@0:     void markTrapClosures(JSTracer *trc);
michael@0: 
michael@0:     /*
michael@0:      * Set or clear the single-step flag. If the flag is set or the count
michael@0:      * (adjusted by changeStepModeCount) is non-zero, then the script is in
michael@0:      * single-step mode. (JSD uses an on/off-style interface; Debugger uses a
michael@0:      * count-style interface.)
michael@0:      */
michael@0:     bool setStepModeFlag(JSContext *cx, bool step);
michael@0: 
michael@0:     /*
michael@0:      * Increment or decrement the single-step count. If the count is non-zero or
michael@0:      * the flag (set by setStepModeFlag) is set, then the script is in
michael@0:      * single-step mode. (JSD uses an on/off-style interface; Debugger uses a
michael@0:      * count-style interface.)
michael@0:      *
michael@0:      * Only incrementing is fallible, as it could allocate a DebugScript.
michael@0:      */
michael@0:     bool incrementStepModeCount(JSContext *cx);
michael@0:     void decrementStepModeCount(js::FreeOp *fop);
michael@0: 
michael@0:     bool stepModeEnabled() { return hasDebugScript_ && !!debugScript()->stepMode; }
michael@0: 
michael@0: #ifdef DEBUG
michael@0:     uint32_t stepModeCount() { return hasDebugScript_ ? (debugScript()->stepMode & stepCountMask) : 0; }
michael@0: #endif
michael@0: 
michael@0:     void finalize(js::FreeOp *fop);
michael@0: 
michael@0:     static inline js::ThingRootKind rootKind() { return js::THING_ROOT_SCRIPT; }
michael@0: 
michael@0:     void markChildren(JSTracer *trc);
michael@0: };
michael@0: 
michael@0: /* If this fails, add/remove padding within JSScript. */
michael@0: static_assert(sizeof(JSScript) % js::gc::CellSize == 0,
michael@0:               "Size of JSScript must be an integral multiple of js::gc::CellSize");
michael@0: 
michael@0: namespace js {
michael@0: 
michael@0: /*
michael@0:  * Iterator over a script's bindings (formals and variables).
michael@0:  * The order of iteration is:
michael@0:  *  - first, formal arguments, from index 0 to numArgs
michael@0:  *  - next, variables, from index 0 to numLocals
michael@0:  */
michael@0: class BindingIter
michael@0: {
michael@0:     const InternalBindingsHandle bindings_;
michael@0:     uint32_t i_;
michael@0: 
michael@0:     friend class Bindings;
michael@0: 
michael@0:   public:
michael@0:     explicit BindingIter(const InternalBindingsHandle &bindings) : bindings_(bindings), i_(0) {}
michael@0:     explicit BindingIter(const HandleScript &script) : bindings_(script, &script->bindings), i_(0) {}
michael@0: 
michael@0:     bool done() const { return i_ == bindings_->count(); }
michael@0:     operator bool() const { return !done(); }
michael@0:     void operator++(int) { JS_ASSERT(!done()); i_++; }
michael@0:     BindingIter &operator++() { (*this)++; return *this; }
michael@0: 
michael@0:     uint32_t frameIndex() const {
michael@0:         JS_ASSERT(!done());
michael@0:         return i_ < bindings_->numArgs() ? i_ : i_ - bindings_->numArgs();
michael@0:     }
michael@0: 
michael@0:     const Binding &operator*() const { JS_ASSERT(!done()); return bindings_->bindingArray()[i_]; }
michael@0:     const Binding *operator->() const { JS_ASSERT(!done()); return &bindings_->bindingArray()[i_]; }
michael@0: };
michael@0: 
michael@0: /*
michael@0:  * This helper function fills the given BindingVector with the sequential
michael@0:  * values of BindingIter.
michael@0:  */
michael@0: 
michael@0: typedef Vector<Binding, 32> BindingVector;
michael@0: 
michael@0: extern bool
michael@0: FillBindingVector(HandleScript fromScript, BindingVector *vec);
michael@0: 
michael@0: /*
michael@0:  * Iterator over the aliased formal bindings in ascending index order. This can
michael@0:  * be veiwed as a filtering of BindingIter with predicate
michael@0:  *   bi->aliased() && bi->kind() == Binding::ARGUMENT
michael@0:  */
michael@0: class AliasedFormalIter
michael@0: {
michael@0:     const Binding *begin_, *p_, *end_;
michael@0:     unsigned slot_;
michael@0: 
michael@0:     void settle() {
michael@0:         while (p_ != end_ && !p_->aliased())
michael@0:             p_++;
michael@0:     }
michael@0: 
michael@0:   public:
michael@0:     explicit inline AliasedFormalIter(JSScript *script);
michael@0: 
michael@0:     bool done() const { return p_ == end_; }
michael@0:     operator bool() const { return !done(); }
michael@0:     void operator++(int) { JS_ASSERT(!done()); p_++; slot_++; settle(); }
michael@0: 
michael@0:     const Binding &operator*() const { JS_ASSERT(!done()); return *p_; }
michael@0:     const Binding *operator->() const { JS_ASSERT(!done()); return p_; }
michael@0:     unsigned frameIndex() const { JS_ASSERT(!done()); return p_ - begin_; }
michael@0:     unsigned scopeSlot() const { JS_ASSERT(!done()); return slot_; }
michael@0: };
michael@0: 
michael@0: // Information about a script which may be (or has been) lazily compiled to
michael@0: // bytecode from its source.
michael@0: class LazyScript : public gc::BarrieredCell<LazyScript>
michael@0: {
michael@0:     // If non-nullptr, the script has been compiled and this is a forwarding
michael@0:     // pointer to the result.
michael@0:     HeapPtrScript script_;
michael@0: 
michael@0:     // Original function with which the lazy script is associated.
michael@0:     HeapPtrFunction function_;
michael@0: 
michael@0:     // Function or block chain in which the script is nested, or nullptr.
michael@0:     HeapPtrObject enclosingScope_;
michael@0: 
michael@0:     // ScriptSourceObject, or nullptr if the script in which this is nested
michael@0:     // has not been compiled yet. This is never a CCW; we don't clone
michael@0:     // LazyScripts into other compartments.
michael@0:     HeapPtrObject sourceObject_;
michael@0: 
michael@0:     // Heap allocated table with any free variables or inner functions.
michael@0:     void *table_;
michael@0: 
michael@0: #if JS_BITS_PER_WORD == 32
michael@0:     uint32_t padding;
michael@0: #endif
michael@0: 
michael@0:     struct PackedView {
michael@0:         // Assorted bits that should really be in ScriptSourceObject.
michael@0:         uint32_t version : 8;
michael@0: 
michael@0:         uint32_t numFreeVariables : 24;
michael@0:         uint32_t numInnerFunctions : 23;
michael@0: 
michael@0:         uint32_t generatorKindBits : 2;
michael@0: 
michael@0:         // N.B. These are booleans but need to be uint32_t to pack correctly on MSVC.
michael@0:         uint32_t strict : 1;
michael@0:         uint32_t bindingsAccessedDynamically : 1;
michael@0:         uint32_t hasDebuggerStatement : 1;
michael@0:         uint32_t directlyInsideEval : 1;
michael@0:         uint32_t usesArgumentsAndApply : 1;
michael@0:         uint32_t hasBeenCloned : 1;
michael@0:         uint32_t treatAsRunOnce : 1;
michael@0:     };
michael@0: 
michael@0:     union {
michael@0:         PackedView p_;
michael@0:         uint64_t packedFields_;
michael@0:     };
michael@0: 
michael@0:     // Source location for the script.
michael@0:     uint32_t begin_;
michael@0:     uint32_t end_;
michael@0:     uint32_t lineno_;
michael@0:     uint32_t column_;
michael@0: 
michael@0:     LazyScript(JSFunction *fun, void *table, uint64_t packedFields,
michael@0:                uint32_t begin, uint32_t end, uint32_t lineno, uint32_t column);
michael@0: 
michael@0:     // Create a LazyScript without initializing the freeVariables and the
michael@0:     // innerFunctions. To be GC-safe, the caller must initialize both vectors
michael@0:     // with valid atoms and functions.
michael@0:     static LazyScript *CreateRaw(ExclusiveContext *cx, HandleFunction fun,
michael@0:                                  uint64_t packedData, uint32_t begin, uint32_t end,
michael@0:                                  uint32_t lineno, uint32_t column);
michael@0: 
michael@0:   public:
michael@0:     // Create a LazyScript without initializing the freeVariables and the
michael@0:     // innerFunctions. To be GC-safe, the caller must initialize both vectors
michael@0:     // with valid atoms and functions.
michael@0:     static LazyScript *CreateRaw(ExclusiveContext *cx, HandleFunction fun,
michael@0:                                  uint32_t numFreeVariables, uint32_t numInnerFunctions,
michael@0:                                  JSVersion version, uint32_t begin, uint32_t end,
michael@0:                                  uint32_t lineno, uint32_t column);
michael@0: 
michael@0:     // Create a LazyScript and initialize the freeVariables and the
michael@0:     // innerFunctions with dummy values to be replaced in a later initialization
michael@0:     // phase.
michael@0:     static LazyScript *Create(ExclusiveContext *cx, HandleFunction fun,
michael@0:                               uint64_t packedData, uint32_t begin, uint32_t end,
michael@0:                               uint32_t lineno, uint32_t column);
michael@0: 
michael@0:     void initRuntimeFields(uint64_t packedFields);
michael@0: 
michael@0:     inline JSFunction *functionDelazifying(JSContext *cx) const;
michael@0:     JSFunction *functionNonDelazifying() const {
michael@0:         return function_;
michael@0:     }
michael@0: 
michael@0:     void initScript(JSScript *script);
michael@0:     void resetScript();
michael@0:     JSScript *maybeScript() {
michael@0:         return script_;
michael@0:     }
michael@0: 
michael@0:     JSObject *enclosingScope() const {
michael@0:         return enclosingScope_;
michael@0:     }
michael@0:     ScriptSourceObject *sourceObject() const;
michael@0:     ScriptSource *scriptSource() const {
michael@0:         return sourceObject()->source();
michael@0:     }
michael@0:     JSPrincipals *originPrincipals() const {
michael@0:         return scriptSource()->originPrincipals();
michael@0:     }
michael@0:     JSVersion version() const {
michael@0:         JS_STATIC_ASSERT(JSVERSION_UNKNOWN == -1);
michael@0:         return (p_.version == JS_BIT(8) - 1) ? JSVERSION_UNKNOWN : JSVersion(p_.version);
michael@0:     }
michael@0: 
michael@0:     void setParent(JSObject *enclosingScope, ScriptSourceObject *sourceObject);
michael@0: 
michael@0:     uint32_t numFreeVariables() const {
michael@0:         return p_.numFreeVariables;
michael@0:     }
michael@0:     HeapPtrAtom *freeVariables() {
michael@0:         return (HeapPtrAtom *)table_;
michael@0:     }
michael@0: 
michael@0:     uint32_t numInnerFunctions() const {
michael@0:         return p_.numInnerFunctions;
michael@0:     }
michael@0:     HeapPtrFunction *innerFunctions() {
michael@0:         return (HeapPtrFunction *)&freeVariables()[numFreeVariables()];
michael@0:     }
michael@0: 
michael@0:     GeneratorKind generatorKind() const { return GeneratorKindFromBits(p_.generatorKindBits); }
michael@0: 
michael@0:     bool isGenerator() const { return generatorKind() != NotGenerator; }
michael@0: 
michael@0:     bool isLegacyGenerator() const { return generatorKind() == LegacyGenerator; }
michael@0: 
michael@0:     bool isStarGenerator() const { return generatorKind() == StarGenerator; }
michael@0: 
michael@0:     void setGeneratorKind(GeneratorKind kind) {
michael@0:         // A script only gets its generator kind set as part of initialization,
michael@0:         // so it can only transition from NotGenerator.
michael@0:         JS_ASSERT(!isGenerator());
michael@0:         // Legacy generators cannot currently be lazy.
michael@0:         JS_ASSERT(kind != LegacyGenerator);
michael@0:         p_.generatorKindBits = GeneratorKindAsBits(kind);
michael@0:     }
michael@0: 
michael@0:     bool strict() const {
michael@0:         return p_.strict;
michael@0:     }
michael@0:     void setStrict() {
michael@0:         p_.strict = true;
michael@0:     }
michael@0: 
michael@0:     bool bindingsAccessedDynamically() const {
michael@0:         return p_.bindingsAccessedDynamically;
michael@0:     }
michael@0:     void setBindingsAccessedDynamically() {
michael@0:         p_.bindingsAccessedDynamically = true;
michael@0:     }
michael@0: 
michael@0:     bool hasDebuggerStatement() const {
michael@0:         return p_.hasDebuggerStatement;
michael@0:     }
michael@0:     void setHasDebuggerStatement() {
michael@0:         p_.hasDebuggerStatement = true;
michael@0:     }
michael@0: 
michael@0:     bool directlyInsideEval() const {
michael@0:         return p_.directlyInsideEval;
michael@0:     }
michael@0:     void setDirectlyInsideEval() {
michael@0:         p_.directlyInsideEval = true;
michael@0:     }
michael@0: 
michael@0:     bool usesArgumentsAndApply() const {
michael@0:         return p_.usesArgumentsAndApply;
michael@0:     }
michael@0:     void setUsesArgumentsAndApply() {
michael@0:         p_.usesArgumentsAndApply = true;
michael@0:     }
michael@0: 
michael@0:     bool hasBeenCloned() const {
michael@0:         return p_.hasBeenCloned;
michael@0:     }
michael@0:     void setHasBeenCloned() {
michael@0:         p_.hasBeenCloned = true;
michael@0:     }
michael@0: 
michael@0:     bool treatAsRunOnce() const {
michael@0:         return p_.treatAsRunOnce;
michael@0:     }
michael@0:     void setTreatAsRunOnce() {
michael@0:         p_.treatAsRunOnce = true;
michael@0:     }
michael@0: 
michael@0:     ScriptSource *source() const {
michael@0:         return sourceObject()->source();
michael@0:     }
michael@0:     uint32_t begin() const {
michael@0:         return begin_;
michael@0:     }
michael@0:     uint32_t end() const {
michael@0:         return end_;
michael@0:     }
michael@0:     uint32_t lineno() const {
michael@0:         return lineno_;
michael@0:     }
michael@0:     uint32_t column() const {
michael@0:         return column_;
michael@0:     }
michael@0: 
michael@0:     bool hasUncompiledEnclosingScript() const;
michael@0:     uint32_t staticLevel(JSContext *cx) const;
michael@0: 
michael@0:     void markChildren(JSTracer *trc);
michael@0:     void finalize(js::FreeOp *fop);
michael@0: 
michael@0:     static inline js::ThingRootKind rootKind() { return js::THING_ROOT_LAZY_SCRIPT; }
michael@0: 
michael@0:     size_t sizeOfExcludingThis(mozilla::MallocSizeOf mallocSizeOf)
michael@0:     {
michael@0:         return mallocSizeOf(table_);
michael@0:     }
michael@0: 
michael@0:     uint64_t packedFields() const {
michael@0:         return packedFields_;
michael@0:     }
michael@0: };
michael@0: 
michael@0: /* If this fails, add/remove padding within LazyScript. */
michael@0: JS_STATIC_ASSERT(sizeof(LazyScript) % js::gc::CellSize == 0);
michael@0: 
michael@0: /*
michael@0:  * New-script-hook calling is factored from JSScript::fullyInitFromEmitter() so
michael@0:  * that it and callers of XDRScript() can share this code.  In the case of
michael@0:  * callers of XDRScript(), the hook should be invoked only after successful
michael@0:  * decode of any owning function (the fun parameter) or script object (null
michael@0:  * fun).
michael@0:  */
michael@0: extern void
michael@0: CallNewScriptHook(JSContext *cx, JS::HandleScript script, JS::HandleFunction fun);
michael@0: 
michael@0: extern void
michael@0: CallDestroyScriptHook(FreeOp *fop, JSScript *script);
michael@0: 
michael@0: struct SharedScriptData
michael@0: {
michael@0:     uint32_t length;
michael@0:     uint32_t natoms;
michael@0:     bool marked;
michael@0:     jsbytecode data[1];
michael@0: 
michael@0:     static SharedScriptData *new_(ExclusiveContext *cx, uint32_t codeLength,
michael@0:                                   uint32_t srcnotesLength, uint32_t natoms);
michael@0: 
michael@0:     HeapPtrAtom *atoms() {
michael@0:         if (!natoms)
michael@0:             return nullptr;
michael@0:         return reinterpret_cast<HeapPtrAtom *>(data + length - sizeof(JSAtom *) * natoms);
michael@0:     }
michael@0: 
michael@0:     static SharedScriptData *fromBytecode(const jsbytecode *bytecode) {
michael@0:         return (SharedScriptData *)(bytecode - offsetof(SharedScriptData, data));
michael@0:     }
michael@0: 
michael@0:   private:
michael@0:     SharedScriptData() MOZ_DELETE;
michael@0:     SharedScriptData(const SharedScriptData&) MOZ_DELETE;
michael@0: };
michael@0: 
michael@0: struct ScriptBytecodeHasher
michael@0: {
michael@0:     struct Lookup
michael@0:     {
michael@0:         jsbytecode          *code;
michael@0:         uint32_t            length;
michael@0: 
michael@0:         Lookup(SharedScriptData *ssd) : code(ssd->data), length(ssd->length) {}
michael@0:     };
michael@0:     static HashNumber hash(const Lookup &l) { return mozilla::HashBytes(l.code, l.length); }
michael@0:     static bool match(SharedScriptData *entry, const Lookup &lookup) {
michael@0:         if (entry->length != lookup.length)
michael@0:             return false;
michael@0:         return mozilla::PodEqual<jsbytecode>(entry->data, lookup.code, lookup.length);
michael@0:     }
michael@0: };
michael@0: 
michael@0: typedef HashSet<SharedScriptData*,
michael@0:                 ScriptBytecodeHasher,
michael@0:                 SystemAllocPolicy> ScriptDataTable;
michael@0: 
michael@0: extern void
michael@0: UnmarkScriptData(JSRuntime *rt);
michael@0: 
michael@0: extern void
michael@0: SweepScriptData(JSRuntime *rt);
michael@0: 
michael@0: extern void
michael@0: FreeScriptData(JSRuntime *rt);
michael@0: 
michael@0: struct ScriptAndCounts
michael@0: {
michael@0:     /* This structure is stored and marked from the JSRuntime. */
michael@0:     JSScript *script;
michael@0:     ScriptCounts scriptCounts;
michael@0: 
michael@0:     PCCounts &getPCCounts(jsbytecode *pc) const {
michael@0:         return scriptCounts.pcCountsVector[script->pcToOffset(pc)];
michael@0:     }
michael@0: 
michael@0:     jit::IonScriptCounts *getIonCounts() const {
michael@0:         return scriptCounts.ionCounts;
michael@0:     }
michael@0: };
michael@0: 
michael@0: struct GSNCache;
michael@0: 
michael@0: jssrcnote *
michael@0: GetSrcNote(GSNCache &cache, JSScript *script, jsbytecode *pc);
michael@0: 
michael@0: } /* namespace js */
michael@0: 
michael@0: extern jssrcnote *
michael@0: js_GetSrcNote(JSContext *cx, JSScript *script, jsbytecode *pc);
michael@0: 
michael@0: extern jsbytecode *
michael@0: js_LineNumberToPC(JSScript *script, unsigned lineno);
michael@0: 
michael@0: extern JS_FRIEND_API(unsigned)
michael@0: js_GetScriptLineExtent(JSScript *script);
michael@0: 
michael@0: namespace js {
michael@0: 
michael@0: extern unsigned
michael@0: PCToLineNumber(JSScript *script, jsbytecode *pc, unsigned *columnp = nullptr);
michael@0: 
michael@0: extern unsigned
michael@0: PCToLineNumber(unsigned startLine, jssrcnote *notes, jsbytecode *code, jsbytecode *pc,
michael@0:                unsigned *columnp = nullptr);
michael@0: 
michael@0: /*
michael@0:  * This function returns the file and line number of the script currently
michael@0:  * executing on cx. If there is no current script executing on cx (e.g., a
michael@0:  * native called directly through JSAPI (e.g., by setTimeout)), nullptr and 0
michael@0:  * are returned as the file and line. Additionally, this function avoids the
michael@0:  * full linear scan to compute line number when the caller guarantees that the
michael@0:  * script compilation occurs at a JSOP_EVAL/JSOP_SPREADEVAL.
michael@0:  */
michael@0: 
michael@0: enum LineOption {
michael@0:     CALLED_FROM_JSOP_EVAL,
michael@0:     NOT_CALLED_FROM_JSOP_EVAL
michael@0: };
michael@0: 
michael@0: extern void
michael@0: DescribeScriptedCallerForCompilation(JSContext *cx, MutableHandleScript maybeScript,
michael@0:                                      const char **file, unsigned *linenop,
michael@0:                                      uint32_t *pcOffset, JSPrincipals **origin,
michael@0:                                      LineOption opt = NOT_CALLED_FROM_JSOP_EVAL);
michael@0: 
michael@0: bool
michael@0: CloneFunctionScript(JSContext *cx, HandleFunction original, HandleFunction clone,
michael@0:                     NewObjectKind newKind = GenericObject);
michael@0: 
michael@0: /*
michael@0:  * JSAPI clients are allowed to leave CompileOptions.originPrincipals nullptr in
michael@0:  * which case the JS engine sets options.originPrincipals = origin.principals.
michael@0:  * This normalization step must occur before the originPrincipals get stored in
michael@0:  * the JSScript/ScriptSource.
michael@0:  */
michael@0: 
michael@0: static inline JSPrincipals *
michael@0: NormalizeOriginPrincipals(JSPrincipals *principals, JSPrincipals *originPrincipals)
michael@0: {
michael@0:     return originPrincipals ? originPrincipals : principals;
michael@0: }
michael@0: 
michael@0: } /* namespace js */
michael@0: 
michael@0: #endif /* jsscript_h */