| blob | 1c58107abe8b926896f6b93323647a2b86bd5a09 |
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
2 * vim: set sw=4 ts=8 et tw=99:
3 *
4 * ***** BEGIN LICENSE BLOCK *****
5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
6 *
7 * The contents of this file are subject to the Mozilla Public License Version
8 * 1.1 (the "License"); you may not use this file except in compliance with
9 * the License. You may obtain a copy of the License at
10 * http://www.mozilla.org/MPL/
11 *
12 * Software distributed under the License is distributed on an "AS IS" basis,
13 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
14 * for the specific language governing rights and limitations under the
15 * License.
16 *
17 * The Original Code is Mozilla Communicator client code, released
18 * March 31, 1998.
19 *
20 * The Initial Developer of the Original Code is
21 * Netscape Communications Corporation.
22 * Portions created by the Initial Developer are Copyright (C) 1998
23 * the Initial Developer. All Rights Reserved.
24 *
25 * Contributor(s):
26 *
27 * Alternatively, the contents of this file may be used under the terms of
28 * either of the GNU General Public License Version 2 or later (the "GPL"),
29 * or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
30 * in which case the provisions of the GPL or the LGPL are applicable instead
31 * of those above. If you wish to allow use of your version of this file only
32 * under the terms of either the GPL or the LGPL, and not to allow others to
33 * use your version of this file under the terms of the MPL, indicate your
34 * decision by deleting the provisions above and replace them with the notice
35 * and other provisions required by the GPL or the LGPL. If you do not delete
36 * the provisions above, a recipient may use your version of this file under
37 * the terms of any one of the MPL, the GPL or the LGPL.
38 *
39 * ***** END LICENSE BLOCK ***** */
41 /*
42 * JS bytecode descriptors, disassemblers, and decompilers.
43 */
44 #ifdef HAVE_MEMORY_H
45 #include <memory.h>
46 #endif
47 #include <stdarg.h>
48 #include <stdio.h>
49 #include <stdlib.h>
50 #include <string.h>
87 /*
88 * Index limit must stay within 32 bits.
89 */
92 /* Verify JSOP_XXX_LENGTH constant definitions. */
93 #define OPDEF(op,val,name,token,length,nuses,ndefs,prec,format) \
94 JS_STATIC_ASSERT(op##_LENGTH == length);
96 #undef OPDEF
102 #define OPDEF(op,val,name,token,length,nuses,ndefs,prec,format) \
103 {length,nuses,ndefs,prec,format},
105 #undef OPDEF
106 };
110 /*
111 * Each element of the array is either a source literal associated with JS
112 * bytecode or null.
113 */
115 #define OPDEF(op,val,name,token,length,nuses,ndefs,prec,format) \
116 token,
118 #undef OPDEF
119 };
121 #if defined(DEBUG) || defined(JS_JIT_SPEW) || defined(JS_METHODJIT_SPEW)
122 /*
123 * Array of JS bytecode names used by DEBUG-only js_Disassemble and by
124 * JIT debug spew.
125 */
127 #define OPDEF(op,val,name,token,length,nuses,ndefs,prec,format) \
128 name,
130 #undef OPDEF
131 };
132 #endif
134 /************************************************************************/
136 static ptrdiff_t
138 {
139 uint32 type;
145 }
147 uintN
150 {
151 JSOp op;
157 /*
158 * We need to detect index base prefix. It presents when resetbase
159 * follows the bytecode.
160 */
169 }
170 }
172 }
174 uintN
176 {
177 JSOp op;
189 do_table:
190 /* Structure: default-jump case-low case-high case1-jump ... */
204 do_lookup:
205 /* Structure: default-jump case-count (case1-value case1-jump) ... */
209 }
210 }
212 uintN
214 {
225 /* stack: fun, this, [argc arguments] */
229 }
230 }
232 uintN
234 {
240 }
251 {
254 // No change needed
260 }
261 }
263 {
270 }
271 }
272 };
274 #ifdef DEBUG
276 /* If pc != NULL, includes a prefix indicating whether the PC is at the current line. */
279 {
281 uintN len;
291 else
293 }
300 }
302 }
306 {
308 }
312 {
314 }
316 JSBool
318 {
320 }
322 static bool
324 {
337 JSAutoByteString bytes;
347 }
354 }
362 }
369 }
370 }
373 }
378 {
379 JSOp op;
382 uint32 type;
384 uintN index;
386 jsval v;
387 jsint i;
399 }
427 }
431 else
434 }
435 {
436 JSAutoByteString bytes;
440 }
446 {
447 JSAutoByteString bytes;
451 }
458 /* FALL THROUGH */
466 {
484 }
487 }
491 {
493 jsatomid npairs;
509 JSAutoByteString bytes;
513 npairs--;
514 }
517 }
537 }
539 JSAutoByteString bytes;
544 }
562 print_int:
572 }
573 }
576 }
580 /************************************************************************/
582 /*
583 * Sprintf, but with unlimited and automatically allocated buffering.
584 */
593 #define INIT_SPRINTER(cx, sp, ap, off) \
594 ((sp)->context = cx, (sp)->pool = ap, (sp)->base = NULL, (sp)->size = 0, \
595 (sp)->offset = off)
597 #define OFF2STR(sp,off) ((sp)->base + (off))
598 #define STR2OFF(sp,str) ((str) - (sp)->base)
599 #define RETRACT(sp,str) ((sp)->offset = STR2OFF(sp, str))
601 static JSBool
603 {
615 }
619 }
623 }
625 static ptrdiff_t
627 {
631 /* Allocate space for s, including the '\0' at the end. */
638 }
640 /* Advance offset and copy s into sp's buffer. */
647 }
649 static ptrdiff_t
651 {
653 }
655 static ptrdiff_t
657 {
673 }
676 static ptrdiff_t
678 {
689 }
693 }
706 };
708 #define DONT_ESCAPE 0x10000
712 {
713 /* Sample off first for later return value pointer computation. */
725 /* Loop control variables: z points at end of string sentinel. */
727 /* Move t forward from s past un-quote-worthy characters. */
734 }
737 /* Allocate space for s, including the '\0' at the end. */
741 /* Advance sp->offset and copy s into sp's buffer. */
751 /* Use js_EscapeMap, \u, or \x only if necessary. */
755 ok = dontEscape
759 /*
760 * Use \x only if the high byte is 0 and we're in a quoted string,
761 * because ECMA-262 allows only \u, not \x, in Unicode identifiers
762 * (see bug 621814).
763 */
765 }
768 }
770 /* Sprint the closing quote and return the quoted string. */
774 /*
775 * If we haven't Sprint'd anything yet, Sprint an empty string so that
776 * the OFF2STR below gives a valid result.
777 */
781 }
783 JSString *
785 {
787 Sprinter sprinter;
797 }
799 /************************************************************************/
813 };
815 JSPrinter *
818 {
840 }
841 }
843 }
845 void
847 {
850 }
852 JSString *
854 {
867 }
869 /*
870 * NB: Indexed by SRC_DECL_* defines from jsemit.h.
871 */
876 {
881 }
883 }
885 int
887 {
897 /* If pretty-printing, expand magic tab into a run of jp->indent spaces. */
899 format++;
903 }
904 }
906 /* Suppress newlines (must be once per format, at the end) if not pretty. */
913 }
916 }
918 /* Allocate temp space, convert format, and put. */
923 }
928 }
937 }
939 JSBool
941 {
943 }
945 /************************************************************************/
957 /*
958 * Find the depth of the operand stack when the interpreter reaches the given
959 * pc in script. pcstack must have space for least script->depth elements. On
960 * return it will contain pointers to opcodes that populated the interpreter's
961 * current operand stack.
962 *
963 * This function cannot raise an exception or error. However, due to a risk of
964 * potential bugs when modeling the stack, the function returns -1 if it
965 * detects an inconsistency in the model. Such an inconsistency triggers an
966 * assert in a debug build.
967 */
968 static intN
972 #define FAILED_EXPRESSION_DECOMPILER ((char *) 1)
974 /*
975 * Decompile a part of expression up to the given pc. The function returns
976 * NULL on out-of-memory, or the FAILED_EXPRESSION_DECOMPILER sentinel when
977 * the decompiler fails due to a bug and/or unimplemented feature, or the
978 * decompiled string on success.
979 */
984 /*
985 * Get a stacked offset from ss->sprinter.base, or if the stacked value |off|
986 * is negative, fetch the generating pc from printer->pcstack[-2 - off] and
987 * decompile the code that generated the missing value. This is used when
988 * reporting errors, where the model stack will lack |pcdepth| non-negative
989 * offsets (see DecompileExpression and DecompileCode).
990 *
991 * If the stacked offset is -1, return 0 to index the NUL padding at the start
992 * of ss->sprinter.base. If this happens, it means there is a decompiler bug
993 * to fix, but it won't violate memory safety.
994 */
995 static ptrdiff_t
997 {
1021 }
1025 }
1026 }
1028 }
1032 {
1035 /*
1036 * Must call GetOff before using ss->sprinter.base, since it may be null
1037 * until bootstrapped by GetOff.
1038 */
1041 }
1043 /*
1044 * Gap between stacked strings to allow for insertion of parens and commas
1045 * when auto-parenthesizing expressions and decompiling array initialisers.
1046 */
1047 #define PAREN_SLOP (2 + 1)
1049 /* Fake opcodes (see jsopcode.h) must not overflow unsigned 8-bit space. */
1052 static void
1054 {
1057 }
1059 static JSBool
1061 {
1062 uintN top;
1067 /* ss->top points to the next free slot; be paranoid about overflow. */
1073 }
1075 /* The opcodes stack must contain real bytecodes that index js_CodeSpec. */
1083 }
1085 static ptrdiff_t
1087 {
1088 uintN top;
1092 /* ss->top points to the next free slot; be paranoid about underflow. */
1106 }
1108 }
1112 {
1117 }
1119 static ptrdiff_t
1121 {
1123 }
1127 {
1129 }
1133 {
1135 }
1138 jsval key;
1144 static JSBool
1146 {
1156 }
1158 static ptrdiff_t
1160 {
1161 jsdouble d;
1171 /* Don't use Infinity and NaN, they're mutable. */
1180 ToCStringBuf cbuf;
1185 }
1191 }
1193 }
1198 static JSBool
1202 {
1207 uintN i;
1208 jsval key;
1214 /* JSOP_CONDSWITCH doesn't pop, unlike JSOP_{LOOKUP,TABLE}SWITCH. */
1229 }
1241 /*
1242 * key encodes the JSOP_CASE bytecode's offset from switchtop.
1243 * The next case expression follows immediately, unless we are
1244 * at the last case.
1245 */
1252 }
1255 /* Balance the stack as if this JSOP_CASE matched. */
1258 /*
1259 * key comes from an atom, not the decompiler, so we need to
1260 * quote it if it's a string literal. But if table[i].label
1261 * is non-null, key was constant-propagated and label is the
1262 * name of the const we should show as the case label. We set
1263 * key to undefined so this identifier is escaped, if required
1264 * by non-ASCII characters, but not quoted, by QuoteString.
1265 */
1271 JSOp junk;
1279 }
1287 }
1291 }
1300 }
1304 }
1309 /* Re-balance as if last JSOP_CASE or JSOP_DEFAULT mismatched. */
1312 }
1313 }
1319 }
1322 /* By the end of a JSOP_CONDSWITCH, the discriminant has been popped. */
1326 }
1328 #define LOCAL_ASSERT_CUSTOM(expr, BAD_EXIT) \
1329 JS_BEGIN_MACRO \
1330 JS_ASSERT(expr); \
1331 if (!(expr)) { BAD_EXIT; } \
1332 JS_END_MACRO
1334 #define LOCAL_ASSERT_RV(expr, rv) \
1335 LOCAL_ASSERT_CUSTOM(expr, return (rv))
1339 {
1345 #if !JS_HAS_DESTRUCTURING
1347 #endif
1349 }
1353 {
1360 /*
1361 * We must be called from js_DecompileValueGenerator (via Decompile) when
1362 * dereferencing a local that's undefined or null. Search script->objects
1363 * for the block containing this local by its stack index, i.
1364 *
1365 * In case of destructuring's use of JSOP_GETLOCAL, however, there may be
1366 * no such local. This could mean no blocks (no script objects at all, or
1367 * none of the script's object literals are blocks), or the stack slot i is
1368 * not in a block. In either case, return GetStr(ss, i).
1369 */
1396 }
1397 }
1400 }
1401 }
1402 }
1406 #undef LOCAL_ASSERT
1407 }
1409 static JSBool
1411 {
1412 uintN slot;
1416 /* The slot refers to a variable with name stored in jp->localNames. */
1419 }
1421 /* We have a local which index is relative to the stack base. */
1426 }
1428 #define LOAD_ATOM(PCOFF) \
1429 GET_ATOM_FROM_BYTECODE(jp->script, pc, PCOFF, atom)
1431 #if JS_HAS_DESTRUCTURING
1433 #define LOCAL_ASSERT(expr) LOCAL_ASSERT_RV(expr, NULL)
1434 #define LOAD_OP_DATA(pc) (oplen = (cs = &js_CodeSpec[op=(JSOp)*pc])->length)
1442 {
1445 JSOp op;
1447 uintN oplen;
1448 jsint i;
1481 /* FALL THROUGH */
1494 }
1495 {
1496 JSAutoByteString bytes;
1501 }
1510 }
1514 /*
1515 * We may need to auto-parenthesize the left-most value decompiled
1516 * here, so add back PAREN_SLOP temporarily. Then decompile until the
1517 * opcode that would reduce the stack depth to (ss->top-1), which we
1518 * pass to Decompile encoded as -(ss->top-1) - 1 or just -ss->top for
1519 * the nb parameter.
1520 */
1534 /* lval is from JSOP_BINDNAME, so just print xval. */
1537 /* xval is from JSOP_SETCALL or JSOP_BINDXMLNAME, print lval. */
1545 }
1547 }
1555 }
1557 /*
1558 * Starting with a SRC_DESTRUCT-annotated JSOP_DUP, decompile a destructuring
1559 * left-hand side object or array initialiser, including nested destructuring
1560 * initialisers. On successful return, the decompilation will be pushed on ss
1561 * and the return value will point to the POP or GROUP bytecode following the
1562 * destructuring expression.
1563 *
1564 * At any point, if pc is equal to endpc and would otherwise advance, we stop
1565 * immediately and return endpc.
1566 */
1569 {
1575 uintN oplen;
1577 jsdouble d;
1581 JSBool hole;
1586 /*
1587 * Set head so we can rewrite '[' to '{' as needed. Back up PAREN_SLOP
1588 * chars so the destructuring decompilation accumulates contiguously in
1589 * ss->sprinter starting with "[".
1590 */
1603 #if JS_HAS_DESTRUCTURING_SHORTHAND
1605 #endif
1615 /* Handle the optimized number-pushing opcodes. */
1628 do_getelem:
1636 /* Distinguish object from array by opcode or source note. */
1642 /* Sanity check for the gnarly control flow above. */
1645 /* Fill in any holes (holes at the end don't matter). */
1649 }
1650 }
1660 do_destructure_atom:
1661 {
1663 #if JS_HAS_DESTRUCTURING_SHORTHAND
1665 #endif
1669 }
1673 }
1677 }
1683 /*
1684 * Decompile the left-hand side expression whose bytecode starts at pc
1685 * and continues for a bounded number of bytecodes or stack operations
1686 * (and which in any event stops before endpc).
1687 */
1692 #if JS_HAS_DESTRUCTURING_SHORTHAND
1701 /* Early check to rule out odd "name: lval" length. */
1706 /*
1707 * Even "name: lval" string length: check for "x: x" and the
1708 * like, and apply the shorthand if we can.
1709 */
1717 }
1718 }
1719 }
1720 #endif
1725 /*
1726 * We should stop if JSOP_DUP is either without notes or its note is
1727 * not SRC_CONTINUE. The former happens when JSOP_DUP duplicates the
1728 * last destructuring reference implementing an op= assignment like in
1729 * '([t] = z).y += x'. In the latter case the note is SRC_DESTRUCT and
1730 * means another destructuring initialiser abuts this one like in
1731 * '[a] = [b] = c'.
1732 */
1739 }
1745 }
1747 out:
1752 }
1757 {
1758 JSOp op;
1762 JSBool hole;
1787 }
1801 }
1802 }
1810 }
1812 #undef LOCAL_ASSERT
1813 #undef LOAD_OP_DATA
1817 static JSBool
1819 {
1825 /* Allocate the parallel (to avoid padding) offset and opcode stacks. */
1832 }
1840 }
1842 /*
1843 * If nb is non-negative, decompile nb bytecodes starting at pc. Otherwise
1844 * the decompiler starts at pc and continues until it reaches an opcode for
1845 * which decompiling would result in the stack depth equaling -(nb + 1).
1846 *
1847 * The nextop parameter is either JSOP_NOP or the "next" opcode in order of
1848 * abstract interpretation (not necessarily physically next in a bytecode
1849 * vector). So nextop is JSOP_POP for the last operand in a comma expression,
1850 * or JSOP_AND for the right operand of &&.
1851 */
1854 {
1863 uintN nuses;
1870 JSBool ok;
1871 #if JS_HAS_XML_SUPPORT
1873 #else
1874 #define inXML JS_FALSE
1875 #endif
1876 jsval val;
1891 /* Argument and variables decompilation uses the following to share code. */
1894 /*
1895 * Local macros
1896 */
1897 #define LOCAL_ASSERT(expr) LOCAL_ASSERT_RV(expr, NULL)
1898 #define DECOMPILE_CODE(pc,nb) if (!Decompile(ss, pc, nb, JSOP_NOP)) return NULL
1899 #define NEXT_OP(pc) (((pc) + (len) == endpc) ? nextop : pc[len])
1900 #define TOP_STR() GetStr(ss, ss->top - 1)
1901 #define POP_STR() PopStr(ss, op)
1902 #define POP_STR_PREC(prec) PopStrPrec(ss, prec)
1904 /*
1905 * Pop a condition expression for if/while. JSOP_IFEQ's precedence forces
1906 * extra parens around assignment, which avoids a strict-mode warning.
1907 */
1908 #define POP_COND_STR() \
1909 PopStr(ss, (js_CodeSpec[ss->opcodes[ss->top - 1]].format & JOF_SET) \
1910 ? JSOP_IFEQ \
1911 : JSOP_NOP)
1913 #define ATOM_IS_IDENTIFIER(atom) js_IsIdentifier(atom)
1915 /*
1916 * Given an atom already fetched from jp->script's atom map, quote/escape its
1917 * string appropriately into rval, and select fmt from the quoted and unquoted
1918 * alternatives.
1919 */
1920 #define GET_QUOTE_AND_FMT(qfmt, ufmt, rval) \
1921 JS_BEGIN_MACRO \
1922 jschar quote_; \
1923 if (!ATOM_IS_IDENTIFIER(atom)) { \
1925 fmt = qfmt; \
1926 } else { \
1927 quote_ = 0; \
1928 fmt = ufmt; \
1929 } \
1930 rval = QuoteString(&ss->sprinter, ATOM_TO_STRING(atom), quote_); \
1931 if (!rval) \
1932 return NULL; \
1933 JS_END_MACRO
1935 #define LOAD_OBJECT(PCOFF) \
1936 GET_OBJECT_FROM_BYTECODE(jp->script, pc, PCOFF, obj)
1938 #define LOAD_FUNCTION(PCOFF) \
1939 GET_FUNCTION_FROM_BYTECODE(jp->script, pc, PCOFF, fun)
1941 #define LOAD_REGEXP(PCOFF) \
1942 GET_REGEXP_FROM_BYTECODE(jp->script, pc, PCOFF, obj)
1944 #define GET_SOURCE_NOTE_ATOM(sn, atom) \
1945 JS_BEGIN_MACRO \
1946 jsatomid atomIndex_ = (jsatomid) js_GetSrcNoteOffset((sn), 0); \
1947 \
1948 LOCAL_ASSERT(atomIndex_ < jp->script->atomMap.length); \
1949 (atom) = jp->script->atomMap.vector[atomIndex_]; \
1950 JS_END_MACRO
1952 /*
1953 * Get atom from jp->script's atom map, quote/escape its string appropriately
1954 * into rval, and select fmt from the quoted and unquoted alternatives.
1955 */
1956 #define GET_ATOM_QUOTE_AND_FMT(qfmt, ufmt, rval) \
1957 JS_BEGIN_MACRO \
1958 LOAD_ATOM(0); \
1959 GET_QUOTE_AND_FMT(qfmt, ufmt, rval); \
1960 JS_END_MACRO
1962 /*
1963 * Per spec, new x(y).z means (new x(y))).z. For example new (x(y).z) must
1964 * decompile with the constructor parenthesized, but new x.z should not. The
1965 * normal rules give x(y).z and x.z identical precedence: both are produced by
1966 * JSOP_GETPROP.
1967 *
1968 * Therefore, we need to know in case JSOP_NEW whether the constructor
1969 * expression contains any unparenthesized function calls. So when building a
1970 * MemberExpression or CallExpression, we set ss->opcodes[n] to JSOP_CALL if
1971 * this is true. x(y).z gets JSOP_CALL, not JSOP_GETPROP.
1972 */
1973 #define PROPAGATE_CALLNESS() \
1974 JS_BEGIN_MACRO \
1975 if (ss->opcodes[ss->top - 1] == JSOP_CALL || \
1976 ss->opcodes[ss->top - 1] == JSOP_EVAL || \
1977 ss->opcodes[ss->top - 1] == JSOP_FUNCALL || \
1978 ss->opcodes[ss->top - 1] == JSOP_FUNAPPLY) { \
1979 saveop = JSOP_CALL; \
1980 } \
1981 JS_END_MACRO
1994 #if JS_HAS_XML_SUPPORT
1996 #endif
1999 /*
2000 * Move saveop to lastop so prefixed bytecodes can take special action
2001 * while sharing maximal code. Set op and saveop to the new bytecode,
2002 * use op in POP_STR to trigger automatic parenthesization, but push
2003 * saveop at the bottom of the loop if this op pushes. Thus op may be
2004 * set to nop or otherwise mutated to suppress auto-parens.
2005 */
2010 /*
2011 * The decompiler uses js_GetIndexFromBytecode to get atoms and
2012 * objects and ignores these suffix/prefix bytecodes, thus
2013 * simplifying code that must process JSOP_GETTER/JSOP_SETTER
2014 * prefixes.
2015 */
2021 }
2026 /*
2027 * Here it is possible that nuses > ss->top when the op has a hidden
2028 * source note. But when nb < 0 we assume that the caller knows that
2029 * Decompile would never meet such opcodes.
2030 */
2036 }
2038 /*
2039 * Save source literal associated with JS now before the following
2040 * rewrite changes op. See bug 380197.
2041 */
2048 /*
2049 * Rewrite non-get ops to their "get" format if the error is in
2050 * the bytecode at pc, so we don't decompile more than the error
2051 * expression.
2052 */
2060 /*
2061 * JOF_NAME does not imply JOF_ATOM, so we must check for
2062 * the QARG and QVAR format types, and translate those to
2063 * JSOP_GETARG or JSOP_GETLOCAL appropriately, instead of
2064 * to JSOP_NAME.
2065 */
2068 ? JSOP_GETARG
2070 ? JSOP_GETLOCAL
2078 /*
2079 * We must replace the faulting pc's bytecode with a
2080 * corresponding JSOP_GET* code. For JSOP_SET{PROP,ELEM},
2081 * we must use the "2nd" form of JSOP_GET{PROP,ELEM}, to
2082 * throw away the assignment op's right-hand operand and
2083 * decompile it as if it were a GET of its left-hand
2084 * operand.
2085 */
2088 ? JSOP_GETPROP2
2092 ? JSOP_GETELEM2
2095 /*
2096 * Unknown mode (including mode 0) means that op is
2097 * uncategorized for our purposes, so we must write
2098 * per-op special case code here.
2099 */
2106 /*
2107 * NB: JSOP_GETTHISPROP can't fail due to |this|
2108 * being null or undefined at runtime (beware that
2109 * this may change for ES4). Therefore any error
2110 * resulting from this op must be due to the value
2111 * of the property accessed via |this|, so do not
2112 * rewrite op to JSOP_THIS.
2113 *
2114 * The next two cases should not change op if
2115 * js_DecompileValueGenerator was called from the
2116 * the property getter. They should rewrite only
2117 * if the base object in the arg/var/local is null
2118 * or undefined. FIXME: bug 431569.
2119 */
2132 }
2133 }
2134 }
2135 }
2143 }
2148 }
2155 /*
2156 * Avoid over-parenthesizing y in x op= y based on its
2157 * expansion: x = x op y (replace y by z = w to see the
2158 * problem).
2159 */
2163 /* Print only the right operand of the assignment-op. */
2172 /* In XML, just concatenate the two operands. */
2177 }
2192 }
2196 /*
2197 * Check for a do-while loop, a for-loop with an empty
2198 * initializer part, a labeled statement, a function
2199 * definition, or try/finally.
2200 */
2222 do_forloop:
2225 /* Skip the JSOP_NOP or JSOP_POP bytecode. */
2228 /* Get the cond, next, and loop-closing tail offsets. */
2233 /*
2234 * If this loop has a condition, then pc points at a goto
2235 * targeting the condition.
2236 */
2241 }
2244 /* Print the keyword and the possibly empty init-part. */
2248 /* Decompile the loop condition. */
2251 }
2253 /* Need a semicolon whether or not there was a cond. */
2257 /*
2258 * Decompile the loop updater. It may end in a JSOP_POP
2259 * that we skip; or in a JSOP_POPN that we do not skip,
2260 * followed by a JSOP_NOP (skipped as if it's a POP).
2261 * We cope with the difference between these two cases
2262 * by checking for stack imbalance and popping if there
2263 * is an rval.
2264 */
2273 }
2275 /* Do the loop body. */
2283 /* Set len so pc skips over the entire loop. */
2315 do_function:
2341 }
2345 #if JS_HAS_DESTRUCTURING
2354 }
2355 #endif
2356 /* FALL THROUGH */
2374 /*
2375 * We push push the pair of exception/restsub cookies to
2376 * simulate the effects [gosub] or control transfer during
2377 * exception capturing on the stack.
2378 */
2395 /*
2396 * JSOP_GOSUB and GOSUBX have no effect on the decompiler's
2397 * string stack because the next op in bytecode order finds
2398 * the stack balanced by a JSOP_RETSUB executed elsewhere.
2399 */
2404 {
2407 /*
2408 * The compiler models operand stack depth and fixes the stack
2409 * pointer on entry to a catch clause based on its depth model.
2410 * The decompiler must match the code generator's model, which
2411 * is why JSOP_FINALLY pushes a cookie that JSOP_RETSUB pops.
2412 */
2421 #if JS_HAS_DESTRUCTURING
2434 }
2435 }
2439 /*
2440 * If this is an empty group assignment, we have no stack
2441 * budget into which we can push our result string. Adjust
2442 * ss->sprinter.offset so that our consumer can find the
2443 * empty group assignment decompilation.
2444 */
2448 /*
2449 * Kill newtop before the end_groupassignment: label by
2450 * retracting/popping early. Control will either jump
2451 * to do_forloop: or do_letheadbody: or else break from
2452 * our case JSOP_POPN: after the switch (*pc2) below.
2453 */
2457 }
2459 end_groupassignment:
2462 /*
2463 * Thread directly to the next opcode if we can, to handle
2464 * the special cases of a group assignment in the first or
2465 * last part of a for(;;) loop head, or in a let block or
2466 * expression head.
2467 *
2468 * NB: todo at this point indexes space in ss->sprinter
2469 * that is liable to be overwritten. The code below knows
2470 * exactly how long rval lives, or else copies it down via
2471 * SprintCString.
2472 */
2483 }
2487 /*
2488 * This must be an empty destructuring
2489 * in the head of a let whose body block
2490 * is also empty.
2491 */
2498 }
2505 }
2507 /*
2508 * An unnannotated NOP following a POPN must be the
2509 * third part of for(;;) loop head. If the POPN's
2510 * immediate operand is 0, then we may have no slot
2511 * on the sprint-stack in which to push our result
2512 * string. In this case the result can be recovered
2513 * at ss->sprinter.base + ss->sprinter.offset.
2514 */
2519 }
2520 }
2522 /*
2523 * If control flow reaches this point with todo still -2,
2524 * just print rval as an expression statement.
2525 */
2529 }
2530 #endif
2534 }
2536 }
2539 /* The catch decompiler handles this op itself. */
2544 /*
2545 * By default, do not automatically parenthesize when popping
2546 * a stacked expression decompilation. We auto-parenthesize
2547 * only when JSOP_POP is annotated with SRC_PCDELTA, meaning
2548 * comma operator.
2549 */
2551 /* FALL THROUGH */
2557 /* Force parens around 'in' expression at 'for' front. */
2565 /* Comma operator: use JSOP_POP for correct precedence. */
2568 /* Pop and save to avoid blowing stack depth budget. */
2573 /*
2574 * The offset tells distance to the end of the right-hand
2575 * operand of the comma operator.
2576 */
2584 }
2586 /* Pop Decompile result and print comma expression. */
2593 /* Hide this pop, it's from a goto in a with or for/in. */
2598 /* This pop is at the end of the let block/expr head. */
2600 #if JS_HAS_DESTRUCTURING
2601 do_letheadbody:
2602 #endif
2618 /* Set saveop to reflect what we will push. */
2623 }
2631 }
2635 /* Turn off parens around a yield statement. */
2641 /*
2642 * Don't emit decompiler-pushed strings that are not
2643 * handled by other opcodes. They are pushed onto the
2644 * stack to help model the interpreter stack and should
2645 * not appear in the decompiler's output.
2646 */
2654 rval);
2658 }
2661 }
2685 {
2696 }
2699 #define LOCAL_ASSERT_OUT(expr) LOCAL_ASSERT_CUSTOM(expr, ok = JS_FALSE; \
2700 goto enterblock_out)
2708 }
2717 }
2718 }
2722 #if JS_HAS_BLOCK_SCOPE
2734 #endif
2748 }
2753 /*
2754 * This is a dup to save the exception for later.
2755 * It is emitted only when the catch head contains
2756 * an exception guard.
2757 */
2765 }
2766 }
2767 }
2769 #if JS_HAS_DESTRUCTURING
2775 }
2781 #endif
2790 }
2791 #if JS_HAS_DESTRUCTURING
2792 }
2793 #endif
2795 /*
2796 * Pop the exception_cookie (or its dup in the case of a
2797 * guarded catch head) off the stack now.
2798 */
2814 }
2822 }
2826 #undef LOCAL_ASSERT_OUT
2827 enterblock_out:
2832 }
2837 {
2850 /*
2851 * This JSOP_LEAVEBLOCK must be for a catch block. If sn's
2852 * offset does not equal the model stack depth, there must
2853 * be a copy of the exception value on the stack due to a
2854 * catch guard (see above, the JSOP_ENTERBLOCK + SRC_CATCH
2855 * case code).
2856 */
2863 }
2864 }
2874 }
2880 {
2884 }
2890 }
2897 #ifdef DEBUG
2898 /*
2899 * We must be in an eval called from jp->fun, where
2900 * jp->script is the eval-compiled script.
2901 *
2902 * However, it's possible that a js_Invoke already
2903 * pushed a frame trying to call Construct on an
2904 * object that's not a constructor, causing us to be
2905 * called with an intervening frame on the stack.
2906 */
2916 }
2917 #endif
2920 }
2923 }
2931 }
2935 #if JS_HAS_DESTRUCTURING
2937 /*
2938 * Distinguish a js_DecompileValueGenerator call that
2939 * targets op alone, from decompilation of a full group
2940 * assignment sequence, triggered by SRC_GROUPASSIGN
2941 * annotating the first JSOP_GETLOCAL in the sequence.
2942 */
2950 }
2952 /* Null sn to prevent bogus VarPrefix'ing below. */
2954 }
2955 #endif
2967 }
2978 }
2988 }
3000 /* Turn on parens around comma-expression here. */
3004 rval,
3010 }
3011 /* FALL THROUGH */
3017 else
3022 #if JS_HAS_GENERATORS
3024 #if JS_HAS_GENERATOR_EXPRS
3026 #endif
3027 {
3028 /* Turn off most parens. */
3040 }
3042 #if JS_HAS_GENERATOR_EXPRS
3044 /* FALL THROUGH */
3045 #endif
3048 {
3052 /* Turn off most parens. */
3055 /* Pop the expression being pushed or yielded. */
3058 /*
3059 * Skip the for loop head stacked by JSOP_FORLOCAL until we hit
3060 * a block local slot (note empty destructuring patterns result
3061 * in unit-count blocks).
3062 */
3068 }
3071 /*
3072 * Here, forpos must index the space before the left-most |for|
3073 * in the single string of accumulated |for| heads and optional
3074 * final |if (condition)|.
3075 */
3079 /*
3080 * Now move pos downward over the block's local slots. Even an
3081 * empty destructuring pattern has one (dummy) local.
3082 */
3087 }
3089 #if JS_HAS_GENERATOR_EXPRS
3091 /*
3092 * Generator expression: decompile just rval followed by
3093 * the string starting at forpos. Leave the result string
3094 * in ss->offsets[0] so it can be recovered by our caller
3095 * (the JSOP_ANONFUNOBJ with SRC_GENEXP case). Bump the
3096 * top of stack to balance yield, which is an expression
3097 * (so has neutral stack balance).
3098 */
3108 }
3111 /*
3112 * Array comprehension: retract the sprinter to the beginning
3113 * of the array initialiser and decompile "[<rval> for ...]".
3114 */
3132 }
3150 JSITER_FOREACH;
3171 /*
3172 * The loop back-edge carries +1 stack balance, for the
3173 * flag processed by JSOP_IFNE. We do not decompile the
3174 * JSOP_IFNE, and instead push the left-hand side of 'in'
3175 * after the loop edge in this stack slot (the JSOP_FOR*
3176 * opcodes' decompilers do this pushing).
3177 */
3194 }
3196 /*
3197 * Do not AddParentSlop here, as we will push the
3198 * top-most offset again, which will add paren slop
3199 * for us. We must push to balance the stack budget
3200 * when nesting for heads in a comprehension.
3201 */
3207 }
3212 /*
3213 * As above, rval or an extension of it must remain
3214 * stacked during loop body decompilation.
3215 */
3224 }
3274 }
3280 {
3283 if_again:
3300 rval);
3302 }
3317 /*
3318 * If the second offset for sn is non-zero, it tells
3319 * the distance from the goto around the else, to the
3320 * ifeq for the if inside the else that forms an "if
3321 * else if" chain. Thus cond spans the condition of
3322 * the second if, so we simply decompile it and start
3323 * over at label if_again.
3324 */
3333 }
3338 }
3343 }
3357 }
3372 }
3374 }
3385 do_logical_connective:
3386 /* Top of stack is the first clause in a disjunction (||). */
3396 }
3408 }
3413 }
3433 }
3435 do_forvarslot:
3461 }
3472 }
3481 /*
3482 * The stack has the object under the (top) index expression.
3483 * The "rval" property id is underneath those two on the stack.
3484 * The for loop body net and gross lengths can now be adjusted
3485 * to account for the length of the indexing expression that
3486 * came after JSOP_FORELEM and before JSOP_ENUMELEM.
3487 */
3501 ? dot_format
3504 }
3518 }
3519 /* FALL THROUGH */
3522 #if JS_HAS_DESTRUCTURING
3538 // Skip POP so the SRC_FOR_IN code can pop for itself.
3544 }
3546 }
3547 #endif
3564 do_setname:
3572 do_setlval:
3576 lval,
3578 ? js_getter_str
3580 ? js_setter_str
3582 rval);
3587 }
3595 }
3614 /* Skip the JSOP_PUSHOBJ-created empty string. */
3618 /*
3619 * Special case: new (x(y)(z)) must be parenthesized like so.
3620 * Same for new (x(y).z) -- contrast with new x(y).z.
3621 * See PROPAGATE_CALLNESS.
3622 */
3631 ? JSOP_NAME
3648 }
3658 }
3659 }
3680 do_delete_lval:
3705 #if JS_HAS_XML_SUPPORT
3713 #endif
3721 rval);
3735 do_incatom:
3740 do_inclval:
3749 /*
3750 * Force precedence below the numeric literal opcodes, so that
3751 * 42..foo or 10000..toString(16), e.g., decompile with parens
3752 * around the left-hand side of dot.
3753 */
3770 ? predot_format
3777 }
3791 do_atominc:
3796 do_lvalinc:
3805 /*
3806 * Force precedence below the numeric literal opcodes, so that
3807 * 42..foo or 10000..toString(16), e.g., decompile with parens
3808 * around the left-hand side of dot.
3809 */
3825 ? postdot_format
3832 }
3843 /* FALL THROUGH */
3850 do_getprop:
3852 do_getprop_lval:
3865 /* Get the name of the argument or variable. */
3868 do_getarg_prop:
3875 /* Get the name of the property. */
3898 /*
3899 * Force precedence below the numeric literal opcodes, so that
3900 * 42..foo or 10000..toString(16), e.g., decompile with parens
3901 * around the left-hand side of dot.
3902 */
3909 ? js_getter_str
3911 ? js_setter_str
3914 rval);
3920 /* FALL THROUGH */
3934 ? dot_format
3937 }
3958 ? js_getter_str
3960 ? js_setter_str
3963 rval);
3981 #if JS_HAS_DESTRUCTURING
3985 }
3986 #else
3988 #endif
4001 do_name:
4003 #if JS_HAS_XML_SUPPORT
4004 do_qname:
4005 #endif
4030 do_sprint_int:
4035 {
4041 }
4055 #if JS_HAS_GENERATOR_EXPRS
4061 SprintStack ss2;
4066 /*
4067 * All allocation when decompiling is LIFO, using malloc
4068 * or, more commonly, arena-allocating from cx->tempPool.
4069 * Therefore after InitSprintStack succeeds, we must
4070 * release to mark before returning.
4071 */
4074 innerLocalNames =
4080 }
4085 }
4088 /*
4089 * Recursively decompile this generator function as an
4090 * un-parenthesized generator expression. The ss->inGenExp
4091 * special case of JSOP_YIELD shares array comprehension
4092 * decompilation code that leaves the result as the single
4093 * string pushed on ss2.
4094 */
4103 /*
4104 * Decompile only the main bytecode, to avoid tripping over
4105 * new prolog ops that have stack effects.
4106 */
4109 JSOP_NOP)
4117 }
4119 /*
4120 * Advance over this op and its global |this| push, and
4121 * arrange to advance over the call to this lambda.
4122 */
4129 }
4136 /*
4137 * Arrange to parenthesize this genexp unless:
4138 *
4139 * 1. It is the complete expression consumed by a control
4140 * flow bytecode such as JSOP_TABLESWITCH whose syntax
4141 * always parenthesizes the controlling expression.
4142 * 2. It is the sole argument to a function call.
4143 *
4144 * But if this genexp runs up against endpc, parenthesize
4145 * regardless. (This can happen if we are called from
4146 * DecompileExpression or recursively from case
4147 * JSOP_{NOP,AND,OR}.)
4148 *
4149 * There's no special case for |if (genexp)| because the
4150 * compiler optimizes that to |if (true)|.
4151 */
4166 ? JSOP_POP
4169 /*
4170 * Stack this result as if it's a name and not an
4171 * anonymous function, so it doesn't get decompiled as
4172 * a generator function in a getter or setter context.
4173 * The precedence level is the same for JSOP_NAME and
4174 * JSOP_LAMBDA.
4175 */
4179 }
4181 /*
4182 * Alas, we have to malloc a copy of the result left on
4183 * the top of ss2 because both ss and ss2 arena-allocate
4184 * from cx's tempPool.
4185 */
4193 }
4195 /* FALL THROUGH */
4198 {
4199 /*
4200 * Always parenthesize expression closures. We can't force
4201 * saveop to a low-precedence op to arrange for auto-magic
4202 * parenthesization without confusing getter/setter code
4203 * that checks for JSOP_LAMBDA.
4204 */
4209 js_DecompileFunction);
4212 }
4213 sprint_string:
4238 {
4274 }
4278 j++;
4279 }
4281 }
4288 JS_SORTING_GENERIC);
4292 }
4293 }
4297 JS_FALSE);
4298 }
4304 }
4308 {
4335 }
4342 }
4345 JS_FALSE);
4351 }
4354 {
4356 jsint ncases;
4364 /*
4365 * Count the cases using offsets from switch to first case,
4366 * and case to case, stored in srcnote immediates.
4367 */
4375 /* End of cases, but count default as a case. */
4381 }
4382 }
4384 /*
4385 * Allocate table and rescan the cases using their srcnotes,
4386 * stashing each case's delta from switch top in table[i].key,
4387 * and the distance to its statements in table[i].offset.
4388 */
4406 }
4407 }
4409 /*
4410 * Find offset of default code by fetching the default offset
4411 * from the end of table. JSOP_CONDSWITCH always has a default
4412 * case at the end.
4413 */
4419 JS_TRUE);
4425 }
4429 {
4436 }
4461 {
4466 #if JS_HAS_SHARP_VARS
4478 }
4479 }
4488 }
4490 }
4493 {
4499 }
4502 {
4507 }
4510 {
4511 JSBool inArray;
4517 /* Skip any #n= prefix to find the opening bracket. */
4524 rval,
4528 }
4530 {
4531 JSBool isFirst;
4537 /* Turn off most parens. */
4541 /* Turn off all parens for xval and lval, which we control. */
4550 }
4553 lval,
4554 maybeComma,
4555 rval);
4568 /* fall through */
4570 do_initprop:
4582 lval,
4583 maybeComma,
4586 xval,
4592 }
4594 }
4596 #if JS_HAS_SHARP_VARS
4614 #if JS_HAS_XML_SUPPORT
4634 }
4644 }
4677 /* This gets reset by all XML tag expressions. */
4686 else
4691 /* Leave the name stacked and push a dummy string. */
4696 /* Pop the r.h.s., the dummy string, and the name. */
4706 /* If we're an attribute value, we shouldn't quote this. */
4720 /* These ops indicate the end of XML expressions. */
4743 DONT_ESCAPE))
4752 DONT_ESCAPE))
4781 }
4782 }
4785 /* -2 means "don't push", -1 means reported error. */
4791 }
4797 }
4800 }
4802 /*
4803 * Undefine local macros.
4804 */
4805 #undef inXML
4806 #undef DECOMPILE_CODE
4807 #undef NEXT_OP
4808 #undef TOP_STR
4809 #undef POP_STR
4810 #undef POP_STR_PREC
4811 #undef LOCAL_ASSERT
4812 #undef ATOM_IS_IDENTIFIER
4813 #undef GET_QUOTE_AND_FMT
4814 #undef GET_ATOM_QUOTE_AND_FMT
4817 }
4819 static JSBool
4821 uintN pcdepth)
4822 {
4824 SprintStack ss;
4827 JSBool ok;
4837 /* Initialize a sprinter for use with the offset stack. */
4843 /*
4844 * If we are called from js_DecompileValueGenerator with a portion of
4845 * script's bytecode that starts with a non-zero model stack depth given
4846 * by pcdepth, attempt to initialize the missing string offsets in ss to
4847 * |spindex| negative indexes from fp->sp for the activation fp in which
4848 * the error arose.
4849 *
4850 * See js_DecompileValueGenerator for how its |spindex| parameter is used,
4851 * and see also GetOff, which makes use of the ss.offsets[i] < -1 that are
4852 * potentially stored below.
4853 */
4859 }
4860 }
4862 /* Call recursive subroutine to do the hard work. */
4868 /* If the given code didn't empty the stack, do it now. */
4874 }
4876 out:
4877 /* Free all temporary stuff allocated under this call. */
4880 }
4882 /*
4883 * Decompile a function body, expression closure expression, or complete
4884 * script. Start at |pc|; go to the end of |script|. Include a directive
4885 * prologue, if appropriate.
4886 */
4887 static JSBool
4889 {
4890 /* Print a strict mode code directive, if needed. */
4893 /*
4894 * We have no syntax for strict function expressions;
4895 * at least give a hint.
4896 */
4900 }
4902 }
4906 }
4908 JSBool
4910 {
4912 }
4914 JSString *
4917 JSDecompilerPtr decompiler)
4918 {
4927 else
4931 }
4935 JSBool
4937 {
4945 }
4949 }
4951 JSBool
4953 {
4955 uintN i;
4958 JSBool ok;
4964 /*
4965 * If pretty, conform to ECMA-262 Edition 3, 15.3.4.2, by decompiling a
4966 * FunctionDeclaration. Otherwise, check the JSFUN_LAMBDA flag and force
4967 * an expression by parenthesizing.
4968 */
4974 }
4989 #if JS_HAS_DESTRUCTURING
4990 SprintStack ss;
4992 #endif
4994 /* Print the parameters. */
5000 #if JS_HAS_DESTRUCTURING
5004 #endif
5012 #if JS_HAS_DESTRUCTURING
5013 #define LOCAL_ASSERT(expr) LOCAL_ASSERT_RV(expr, JS_FALSE)
5026 }
5031 }
5039 }
5041 }
5043 #undef LOCAL_ASSERT
5044 #endif
5049 }
5050 }
5052 #if JS_HAS_DESTRUCTURING
5055 #endif
5062 }
5071 }
5072 }
5078 }
5083 {
5110 /*
5111 * Prepare computing pcstack containing pointers to opcodes that
5112 * populated interpreter's stack with its current content.
5113 */
5129 /*
5130 * We search from fp->sp to base to find the most recently
5131 * calculated value matching v under assumption that it is
5132 * it that caused exception, see bug 328664.
5133 */
5140 }
5143 /*
5144 * The value may have come from beyond stackBase + pcdepth, meaning
5145 * that it came from a temporary slot pushed by the interpreter or
5146 * arguments pushed for an Invoke call. Only update pc if beneath
5147 * stackBase + pcdepth. If above, the value may or may not be
5148 * produced by the current pc. Since it takes a fairly contrived
5149 * combination of calls to produce a situation where this is not
5150 * what we want, we just use the current pc.
5151 */
5154 }
5156 release_pcstack:
5160 }
5162 {
5169 }
5171 /*
5172 * FIXME: bug 489843. Stack reconstruction may have returned a pc
5173 * value *inside* an imacro; this would confuse the decompiler.
5174 */
5178 else
5185 }
5189 }
5191 do_fallback:
5196 }
5202 }
5207 {
5208 JSOp op;
5214 intN pcdepth;
5224 /* None of these stack-writing ops generates novel values. */
5228 /* JSOP_PUSH is used to generate undefined for group assignment holes. */
5232 }
5234 /*
5235 * |this| could convert to a very long object initialiser, so cite it by
5236 * its keyword name instead.
5237 */
5241 }
5243 /*
5244 * JSOP_BINDNAME is special: it generates a value, the base object of a
5245 * reference. But if it is the generating op for a diagnostic produced by
5246 * js_DecompileValueGenerator, the name being bound is irrelevant. Just
5247 * fall back to the base object.
5248 */
5252 }
5254 /* NAME ops are self-contained, others require left or right context. */
5267 }
5279 }
5282 }
5287 }
5294 }
5301 }
5312 }
5314 }
5316 out:
5319 }
5321 uintN
5323 {
5325 }
5327 #define LOCAL_ASSERT(expr) LOCAL_ASSERT_RV(expr, -1);
5329 static intN
5332 {
5339 /*
5340 * Fill the slots that the opcode defines withs its pc unless it just
5341 * reshuffles the stack. In the latter case we want to preserve the
5342 * opcode that generated the original value.
5343 */
5349 }
5354 /* Keep the switch value. */
5369 }
5378 }
5380 }
5383 }
5385 #ifdef JS_TRACER
5387 #undef LOCAL_ASSERT
5388 #define LOCAL_ASSERT(expr) LOCAL_ASSERT_CUSTOM(expr, goto failure);
5390 static intN
5394 {
5403 }
5426 }
5430 }
5431 }
5438 success:
5442 }
5445 failure:
5449 }
5451 #undef LOCAL_ASSERT
5452 #define LOCAL_ASSERT(expr) LOCAL_ASSERT_RV(expr, -1);
5454 static intN
5458 {
5459 /*
5460 * Begin with a recursive call back to ReconstructPCStack to pick up
5461 * the state-of-the-world at the *start* of the imacro.
5462 */
5469 }
5472 #endif
5474 static intN
5477 {
5478 /*
5479 * Walk forward from script->main and compute the stack depth and stack of
5480 * operand-generating opcode PCs in pcstack.
5481 *
5482 * FIXME: Code to compute oplen copied from js_Disassemble1 and reduced.
5483 * FIXME: Optimize to use last empty-stack sequence point.
5484 */
5485 #ifdef JS_TRACER
5490 #endif
5503 /*
5504 * A (C ? T : E) expression requires skipping either T (if target is in
5505 * E) or both T and E (if target is after the whole expression) before
5506 * adjusting pcdepth based on the JSOP_IFEQ or JSOP_IFEQX at pc that
5507 * tests condition C. We know that the stack depth can't change from
5508 * what it was with C on top of stack.
5509 */
5524 }
5526 /*
5527 * Ok, target lies in E. Manually pop C off the model stack,
5528 * since we have moved beyond the IFEQ now.
5529 */
5532 }
5533 }
5535 /* Ignore early-exit code, which is annotated SRC_HIDDEN. */
5542 }
5546 #undef LOCAL_ASSERT
5547 }
5549 #undef LOCAL_ASSERT_RV