1/*
2 * Copyright (C) 2016 Apple Inc. All Rights Reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
14 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
17 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
18 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
19 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
20 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
21 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
26#include "config.h"
27#include "JSNode.h"
28
29#if ENABLE(JIT)
30
31#include "DOMJITAbstractHeapRepository.h"
32#include "DOMJITCheckDOM.h"
33#include "DOMJITHelpers.h"
34#include "JSDOMWrapper.h"
35#include "Node.h"
36#include <JavaScriptCore/FrameTracers.h>
37#include <JavaScriptCore/Snippet.h>
38#include <JavaScriptCore/SnippetParams.h>
39
40namespace WebCore {
41using namespace JSC;
42
43Ref<JSC::Snippet> checkSubClassSnippetForJSNode()
44{
45 return DOMJIT::checkDOM<Node>();
46}
47
48enum class IsContainerGuardRequirement { Required, NotRequired };
49
50template<typename WrappedNode>
51static Ref<JSC::DOMJIT::CallDOMGetterSnippet> createCallDOMGetterForOffsetAccess(ptrdiff_t offset, IsContainerGuardRequirement isContainerGuardRequirement)
52{
53 Ref<JSC::DOMJIT::CallDOMGetterSnippet> snippet = JSC::DOMJIT::CallDOMGetterSnippet::create();
54 snippet->numGPScratchRegisters = 1;
55 snippet->setGenerator([=](CCallHelpers& jit, JSC::SnippetParams& params) {
56 JSValueRegs result = params[0].jsValueRegs();
57 GPRReg node = params[1].gpr();
58 GPRReg globalObject = params[2].gpr();
59 GPRReg scratch = params.gpScratch(0);
60 JSValue globalObjectValue = params[2].value();
61
62 CCallHelpers::JumpList nullCases;
63 // Load a wrapped object. "node" should be already type checked by CheckDOM.
64 jit.loadPtr(CCallHelpers::Address(node, JSNode::offsetOfWrapped()), scratch);
65
66 if (isContainerGuardRequirement == IsContainerGuardRequirement::Required)
67 nullCases.append(jit.branchTest32(CCallHelpers::Zero, CCallHelpers::Address(scratch, Node::nodeFlagsMemoryOffset()), CCallHelpers::TrustedImm32(Node::flagIsContainer())));
68
69 jit.loadPtr(CCallHelpers::Address(scratch, offset), scratch);
70 nullCases.append(jit.branchTestPtr(CCallHelpers::Zero, scratch));
71
72 DOMJIT::toWrapper<WrappedNode>(jit, params, scratch, globalObject, result, DOMJIT::toWrapperSlow<WrappedNode>, globalObjectValue);
73 CCallHelpers::Jump done = jit.jump();
74
75 nullCases.link(&jit);
76 jit.moveValue(jsNull(), result);
77 done.link(&jit);
78 return CCallHelpers::JumpList();
79 });
80 return snippet;
81}
82
83Ref<JSC::DOMJIT::CallDOMGetterSnippet> compileNodeFirstChildAttribute()
84{
85 auto snippet = createCallDOMGetterForOffsetAccess<Node>(CAST_OFFSET(Node*, ContainerNode*) + ContainerNode::firstChildMemoryOffset(), IsContainerGuardRequirement::Required);
86 snippet->effect = JSC::DOMJIT::Effect::forDef(DOMJIT::AbstractHeapRepository::Node_firstChild);
87 return snippet;
88}
89
90Ref<JSC::DOMJIT::CallDOMGetterSnippet> compileNodeLastChildAttribute()
91{
92 auto snippet = createCallDOMGetterForOffsetAccess<Node>(CAST_OFFSET(Node*, ContainerNode*) + ContainerNode::lastChildMemoryOffset(), IsContainerGuardRequirement::Required);
93 snippet->effect = JSC::DOMJIT::Effect::forDef(DOMJIT::AbstractHeapRepository::Node_lastChild);
94 return snippet;
95}
96
97Ref<JSC::DOMJIT::CallDOMGetterSnippet> compileNodeNextSiblingAttribute()
98{
99 auto snippet = createCallDOMGetterForOffsetAccess<Node>(Node::nextSiblingMemoryOffset(), IsContainerGuardRequirement::NotRequired);
100 snippet->effect = JSC::DOMJIT::Effect::forDef(DOMJIT::AbstractHeapRepository::Node_nextSibling);
101 return snippet;
102}
103
104Ref<JSC::DOMJIT::CallDOMGetterSnippet> compileNodePreviousSiblingAttribute()
105{
106 auto snippet = createCallDOMGetterForOffsetAccess<Node>(Node::previousSiblingMemoryOffset(), IsContainerGuardRequirement::NotRequired);
107 snippet->effect = JSC::DOMJIT::Effect::forDef(DOMJIT::AbstractHeapRepository::Node_previousSibling);
108 return snippet;
109}
110
111Ref<JSC::DOMJIT::CallDOMGetterSnippet> compileNodeParentNodeAttribute()
112{
113 auto snippet = createCallDOMGetterForOffsetAccess<ContainerNode>(Node::parentNodeMemoryOffset(), IsContainerGuardRequirement::NotRequired);
114 snippet->effect = JSC::DOMJIT::Effect::forDef(DOMJIT::AbstractHeapRepository::Node_parentNode);
115 return snippet;
116}
117
118Ref<JSC::DOMJIT::CallDOMGetterSnippet> compileNodeNodeTypeAttribute()
119{
120 Ref<JSC::DOMJIT::CallDOMGetterSnippet> snippet = JSC::DOMJIT::CallDOMGetterSnippet::create();
121 snippet->effect = JSC::DOMJIT::Effect::forPure();
122 snippet->requireGlobalObject = false;
123 snippet->setGenerator([=](CCallHelpers& jit, JSC::SnippetParams& params) {
124 JSValueRegs result = params[0].jsValueRegs();
125 GPRReg node = params[1].gpr();
126 jit.load8(CCallHelpers::Address(node, JSC::JSCell::typeInfoTypeOffset()), result.payloadGPR());
127 jit.and32(CCallHelpers::TrustedImm32(JSNodeTypeMask), result.payloadGPR());
128 jit.boxInt32(result.payloadGPR(), result);
129 return CCallHelpers::JumpList();
130 });
131 return snippet;
132}
133
134Ref<JSC::DOMJIT::CallDOMGetterSnippet> compileNodeOwnerDocumentAttribute()
135{
136 Ref<JSC::DOMJIT::CallDOMGetterSnippet> snippet = JSC::DOMJIT::CallDOMGetterSnippet::create();
137 snippet->numGPScratchRegisters = 2;
138 snippet->setGenerator([=](CCallHelpers& jit, JSC::SnippetParams& params) {
139 JSValueRegs result = params[0].jsValueRegs();
140 GPRReg node = params[1].gpr();
141 GPRReg globalObject = params[2].gpr();
142 JSValue globalObjectValue = params[2].value();
143 GPRReg wrapped = params.gpScratch(0);
144 GPRReg document = params.gpScratch(1);
145
146 jit.loadPtr(CCallHelpers::Address(node, JSNode::offsetOfWrapped()), wrapped);
147 DOMJIT::loadDocument(jit, wrapped, document);
148 RELEASE_ASSERT(!CAST_OFFSET(EventTarget*, Node*));
149 RELEASE_ASSERT(!CAST_OFFSET(Node*, Document*));
150
151 CCallHelpers::JumpList nullCases;
152 // If the |this| is the document itself, ownerDocument will return null.
153 nullCases.append(jit.branchPtr(CCallHelpers::Equal, wrapped, document));
154 DOMJIT::toWrapper<Document>(jit, params, document, globalObject, result, DOMJIT::toWrapperSlow<Document>, globalObjectValue);
155 auto done = jit.jump();
156
157 nullCases.link(&jit);
158 jit.moveValue(jsNull(), result);
159 done.link(&jit);
160 return CCallHelpers::JumpList();
161 });
162 snippet->effect = JSC::DOMJIT::Effect::forDef(DOMJIT::AbstractHeapRepository::Node_ownerDocument);
163 return snippet;
164}
165
166}
167
168#endif
169