Name Description Size
Activation-inl.h static 4859
Activation.cpp 3056
Activation.h 23805
ArgumentsObject-inl.h namespace js 2040
ArgumentsObject.cpp static 34463
ArgumentsObject.h numArgs = std::max(numFormalArgs, numActualArgs) The array 'args' has numArgs elements. 18030
ArrayBufferObject-inl.h 2454
ArrayBufferObject.cpp 62138
ArrayBufferObject.h 25401
ArrayBufferObjectMaybeShared.cpp 2184
ArrayBufferViewObject.cpp This method is used to trace TypedArrayObjects and DataViewObjects. We need a custom tracer to move the object's data pointer if its owner was moved and stores its data inline. 9110
ArrayBufferViewObject.h ArrayBufferViewObject Common base class for all array buffer views (DataViewObject and TypedArrayObject). 5264
ArrayObject-inl.h Track objects with overflowing lengths in type information. 4384
ArrayObject.h 2695
AsyncFunction.cpp 8400
AsyncFunction.h 12173
AsyncFunctionResolveKind.h vm_AsyncFunctionResolveKind_h 578
AsyncIteration.cpp static 24406
AsyncIteration.h 21365
AtomsTable.h Implementation details of the atoms table. 6549
BigIntType.cpp 118367
BigIntType.h 20113
BooleanObject-inl.h = nullptr 785
BooleanObject.h Stores this Boolean object's [[PrimitiveValue]]. 1334
BuildId.cpp SpiderMonkey buildId-related functionality. 1006
BuiltinObjectKind.cpp 5590
BuiltinObjectKind.h Built-in objects used by the GetBuiltinConstructor and GetBuiltinPrototype self-hosted intrinsics. 2144
BytecodeFormatFlags.h [SMDOC] Bytecode Format flags (JOF_*) 2875
BytecodeIterator-inl.h 1070
BytecodeIterator.h 2305
BytecodeLocation-inl.h 3576
BytecodeLocation.cpp 825
BytecodeLocation.h 9580
BytecodeUtil-inl.h Add an extra pushed value for Or/And opcodes, so that they are included in the pushed array of stack values for type inference. 6575
BytecodeUtil.cpp JS bytecode descriptors, disassemblers, and (expression) decompilers. 82895
BytecodeUtil.h JS bytecode definitions. 21242
Caches-inl.h nDynamicSlots = 3131
Caches.cpp 817
Caches.h GetSrcNote cache to avoid O(n^2) growth in finding a source note for a given pc in a script. We use the script->code pointer to tag the cache, instead of the script address itself, so that source notes are always found by offset from the bytecode with which they were generated. 8812
CallNonGenericMethod.cpp 1069
CharacterEncoding.cpp nbytes sets 1 length since this is surrogate pair. 23491
CheckIsObjectKind.h vm_CheckIsObjectKind_h 619
CodeCoverage.cpp 19282
CodeCoverage.h 5478
CommonPropertyNames.h A higher-order macro for enumerating all cached property names. 41717
Compartment-inl.h Only GC things have to be wrapped or copied. 13511
Compartment.cpp Directly allocate the copy in the destination compartment, rather than first flattening it (and possibly allocating in source compartment), because we don't know whether the flattening will pay off later. 17852
Compartment.h 17132
CompilationAndEvaluation.cpp Same-thread compilation and evaluation APIs. 18441
Compression.cpp 7590
Compression.h Compress some of the input. Return true if it should be called again. 3943
DateObject.h Cached slots holding local properties of the date. These are undefined until the first actual lookup occurs and are reset to undefined whenever the date's time is modified. 3481
DateTime.cpp !defined(XP_WIN) 26155
EnvironmentObject-inl.h namespace js 3185
EnvironmentObject.cpp / Shape* js::EnvironmentCoordinateToEnvironmentShape(JSScript* script, jsbytecode* pc) { MOZ_ASSERT(JOF_OPTYPE(JSOp(*pc)) == JOF_ENVCOORD); ScopeIter si(script->innermostScope(pc)); uint32_t hops = EnvironmentCoordinate(pc).hops(); while (true) { MOZ_ASSERT(!si.done()); if (si.hasSyntacticEnvironment()) { if (!hops) { break; } hops--; } si++; } return si.environmentShape(); } PropertyName* js::EnvironmentCoordinateNameSlow(JSScript* script, jsbytecode* pc) { Shape* shape = EnvironmentCoordinateToEnvironmentShape(script, pc); EnvironmentCoordinate ec(pc); Shape::Range<NoGC> r(shape); while (r.front().slot() != ec.slot()) { r.popFront(); } jsid id = r.front().propidRaw(); /* Beware nameless destructuring formal. 135371
EnvironmentObject.h Return a shape representing the static scope containing the variable accessed by the ALIASEDVAR op at 'pc'. 47023
EqualityOperations.cpp 7341
EqualityOperations.h The equality comparisons of js/Equality.h, but with extra efficiency for SpiderMonkey-internal callers. These functions, assuming they're passed C++-valid arguments, are identical to the same-named JS::-namespaced functions -- just with hidden linkage (so they're more efficient to call), and without various external-caller-focused JSAPI-usage assertions performed that SpiderMonkey users never come close to failing. 1685
ErrorMessages.cpp SpiderMonkey-internal error-reporting formatting functionality. 995
ErrorObject-inl.h vm_ErrorObject_inl_h 1269
ErrorObject.cpp 24637
ErrorObject.h Assign the initial error shape to the empty object. (This shape does *not* include .message, which must be added separately if needed; see ErrorObject::init.) 4506
ErrorReporting.cpp 19485
ErrorReporting.h Metadata for a compilation error (or warning) at a particular offset, or at no offset (i.e. with respect to a script overall). 7112
Exception.cpp 1867
ForOfIterator.cpp 5752
FrameIter-inl.h 2149
FrameIter.cpp 27662
FrameIter.h 18754
FunctionFlags.cpp 688
FunctionFlags.h 12409
FunctionPrefixKind.h vm_FunctionPrefixKind_h 553
GeckoProfiler-inl.h This class is used to suppress profiler sampling during critical sections where stack state is not valid. 3231
GeckoProfiler.cpp Ensure all future generated code will be instrumented, or that all currently instrumented code is discarded 18173
GeckoProfiler.h 9527
GeneratorAndAsyncKind.h namespace js 601
GeneratorObject.cpp 13972
GeneratorObject.h 8134
GeneratorResumeKind.h vm_GeneratorResumeKind_h 562
GlobalObject-inl.h static 988
GlobalObject.cpp static 40016
GlobalObject.h Global object slots are reserved as follows: [0, APPLICATION_SLOTS) Pre-reserved slots in all global objects set aside for the embedding's use. As with all reserved slots these start out as UndefinedValue() and are traced for GC purposes. Apart from that the engine never touches these slots, so the embedding can do whatever it wants with them. [APPLICATION_SLOTS, APPLICATION_SLOTS + JSProto_LIMIT) Stores the original value of the constructor for the corresponding JSProtoKey. [APPLICATION_SLOTS + JSProto_LIMIT, APPLICATION_SLOTS + 2 * JSProto_LIMIT) Stores the prototype, if any, for the constructor for the corresponding JSProtoKey offset from JSProto_LIMIT. [APPLICATION_SLOTS + 2 * JSProto_LIMIT, RESERVED_SLOTS) Various one-off values: ES5 13.2.3's [[ThrowTypeError]], RegExp statics, the original eval for this global object (implementing |var eval = otherWindow.eval; eval(...)| as an indirect eval), a bit indicating whether this object has been cleared (see JS_ClearScope), and a cache for whether eval is allowed (per the global's Content Security Policy). The two JSProto_LIMIT-sized ranges are necessary to implement js::FindClassObject, and spec language speaking in terms of "the original Array prototype object", or "as if by the expression new Array()" referring to the original Array constructor. The actual (writable and even deletable) Object, Array, &c. properties are not stored in reserved slots. 37106
HelperThreadState.h Definitions for managing off-thread work using a process wide list of worklist items and pool of threads. Worklist items are engine internal, and are distinct from e.g. web workers. 23488
HelperThreadTask.h vm_HelperThreadTask_h 1652
HelperThreads.cpp 81468
HelperThreads.h API for managing off-thread work. 9568
Id.cpp static 1558
Initialization.cpp SpiderMonkey initialization and shutdown code. 8888
InlineCharBuffer-inl.h 5239
Instrumentation.cpp static 9374
Instrumentation.h The main entry point of a script. 4475
Interpreter-inl.h Every possible consumer of MagicValue(JS_OPTIMIZED_ARGUMENTS) (as determined by ScriptAnalysis::needsArgsObj) must check for these magic values and, when one is received, act as if the value were the function's ArgumentsObject. Additionally, it is possible that, after 'arguments' was copied into a temporary, the arguments object has been created a some other failed guard that called JSScript::argumentsOptimizationFailed. In this case, it is always valid (and necessary) to replace JS_OPTIMIZED_ARGUMENTS with the real arguments object. 23326
Interpreter.cpp JavaScript bytecode interpreter. 175910
Interpreter.h JS interpreter interface. 27135
IsGivenTypeObject-inl.h 949
Iteration.cpp JavaScript iterators. 58518
Iteration.h JavaScript iterators. 16492
JSAtom-inl.h Write out character representing |index| to the memory just before |end|. Thus |*end| is not touched, but |end[-1]| and earlier are modified as appropriate. There must be at least js::UINT32_CHAR_BUFFER_LENGTH elements before |end| to avoid buffer underflow. The start of the characters written is returned and is necessarily before |end|. 4603
JSAtom.cpp JS atom table. 43212
JSAtom.h Return a printable, lossless char[] representation of a string-type atom. The returned string is guaranteed to contain only ASCII characters. 3363
JSContext-inl.h Set a breakpoint here (break js::ContextChecks::fail) to debug realm/compartment/zone mismatches. 12775
JSContext.cpp JS execution context. 36007
JSContext.h JS execution context. 43045
JSFunction-inl.h For attempts to clone functions at a function definition opcode, try to avoid the the clone if the function has singleton type. This was called pessimistically, and we need to preserve the type's property that if it is singleton there is only a single object with its type in existence. For functions inner to run once lambda, it may be possible that the lambda runs multiple times and we repeatedly clone it. In these cases, fall through to CloneFunctionObject, which will deep clone the function's script. 4837
JSFunction.cpp JS function support. 79593
JSFunction.h JS function definitions. 34777
JSONParser.cpp JSONString: /^"([^\u0000-\u001F"\\]|\\(["/\\bfnrt]|u[0-9a-fA-F]{4}))*"$/ 21533
JSONParser.h Data members 7558
JSONPrinter.cpp 5375
JSONPrinter.h vm_JSONPrinter_h 2742
JSObject-inl.h Get the GC kind to use for scripted 'new' on the given class. FIXME bug 547327: estimate the size from the allocation site. 25118
JSObject.cpp JS object implementation. 129754
JSObject.h / class GlobalObject; class NewObjectCache; enum class IntegrityLevel { Sealed, Frozen }; // Forward declarations, required for later friend declarations. bool PreventExtensions(JSContext* cx, JS::HandleObject obj, JS::ObjectOpResult& result); bool SetImmutablePrototype(JSContext* cx, JS::HandleObject obj, bool* succeeded); } /* namespace js 40876
JSScript-inl.h A JSScript always marks its realm's global so we can assert it's non-null here. We don't need a read barrier here for the same reason JSObject::nonCCWGlobal doesn't need one. 7933
JSScript.cpp JS script operations. 153388
JSScript.h JS script descriptor. 95903
JitActivation.cpp 8337
JitActivation.h 9732
List-inl.h static 4234
List.cpp 419
List.h The List specification type, ECMA-262 6.2.1. <> Lists are simple mutable sequences of values. Many standards use them. Abstractly, they're not objects; they don't have properties or prototypes; they're for internal specification use only. ListObject is our most direct implementation of a List: store the values in the slots of a JSObject. We often implement Lists in other ways. For example, builtin/Utilities.js contains a completely unrelated List constructor that's used in self-hosted code. And AsyncGeneratorObject optimizes away the ListObject in the common case where its internal queue never holds more than one element. ListObjects must not be exposed to content scripts. 3009
MallocProvider.h Hierarchy of SpiderMonkey system memory allocators: - System {m,c,re}alloc/new/free: Overridden by jemalloc in most environments. Do not use these functions directly. - js_{m,c,re}alloc/new/free: Wraps the system allocators and adds a failure injection framework for use by the fuzzers as well as templated, typesafe variants. See js/public/Utility.h. - AllocPolicy: An interface for the js allocators, for use with templates. These allocators are for system memory whose lifetime is not associated with a GC thing. See js/public/AllocPolicy.h. - SystemAllocPolicy: No extra functionality over bare allocators. - TempAllocPolicy: Adds automatic error reporting to the provided JSContext when allocations fail. - ZoneAllocPolicy: Forwards to the Zone MallocProvider. - MallocProvider. A mixin base class that handles automatically updating the GC's state in response to allocations that are tied to a GC lifetime or are for a particular GC purpose. These allocators must only be used for memory that will be freed when a GC thing is swept. - gc::Zone: Automatically triggers zone GC. - JSRuntime: Automatically triggers full GC. - JSContext: Dispatches directly to the runtime. 7825
MatchPairs.h RegExp match results are succinctly represented by pairs of integer indices delimiting (start, limit] segments of the input string. The pair count for a given RegExp match is the capturing parentheses count plus one for the "0 capturing paren" whole text match. 3215
MemoryMetrics.cpp static 29104
ModuleBuilder.h 4006
Modules.cpp JavaScript modules (as in, the syntactic construct) implementation. 5780
Monitor.h vm_Monitor_h 1880
MutexIDs.h 2797
NativeObject-inl.h Check that the information about the object stored in the last property's base shape is consistent with that stored in the previous shape. If not consistent, then the last property cannot be removed as it will induce a change in the object itself, and the object must be converted to dictionary mode instead. See BaseShape comment in jsscope.h 28176
NativeObject.cpp Objects with no elements share one empty set of elements. 108920
NativeObject.h To really poison a set of values, using 'magic' or 'undefined' isn't good enough since often these will just be ignored by buggy code (see bug 629974) in debug builds and crash in release builds. Instead, we use a safe-for-crash pointer. 68591
NumberObject-inl.h = nullptr 816
NumberObject.h Stores this Number object's [[PrimitiveValue]]. 1283
ObjectGroup-inl.h static 4160
ObjectGroup.cpp Windows may not appear on prototype chains. 58847
ObjectGroup.h The NewObjectKind allows an allocation site to specify the type properties and lifetime requirements that must be fixed at allocation time. 24775
ObjectOperations-inl.h Fundamental operations on objects. 13316
ObjectOperations.h Fundamental operations on objects. 13109
OffThreadPromiseRuntimeState.cpp 10392
OffThreadPromiseRuntimeState.h 9568
OffThreadScriptCompilation.cpp 9488
Opcodes.h 146189
PIC.cpp 10323
PIC.h The basic PICStub just has a pointer to the next stub. 7045
PlainObject-inl.h static 3816
PlainObject.cpp JS object implementation. 6912
PlainObject.h Return the allocKind we would use if we were to tenure this object. 2345
Printer.cpp Include trailing \0 13294
Printer.h Do nothing 7723
Probes-inl.h Many probe handlers are implemented inline for minimal performance impact, especially important when no backends are enabled. 2446
Probes.cpp These functions call the DTrace macros for the JavaScript USDT probes. Originally this code was inlined in the JavaScript code; however since a number of operations are called, these have been placed into functions to reduce any negative compiler optimization effect that the addition of a number of usually unused lines of code would cause. 2119
Probes.h Static probes The probe points defined in this file are scattered around the SpiderMonkey source tree. The presence of probes::SomeEvent() means that someEvent is about to happen or has happened. To the extent possible, probes should be inserted in all paths associated with a given event, regardless of the active runmode (interpreter/traceJIT/methodJIT/ionJIT). When a probe fires, it is handled by any probe handling backends that have been compiled in. By default, most probes do nothing or at least do nothing expensive, so the presence of the probe should have negligible effect on running time. (Probes in slow paths may do something by default, as long as there is no noticeable slowdown.) For some probes, the mere existence of the probe is too expensive even if it does nothing when called. For example, just having consistent information available for a function call entry/exit probe causes the JITs to de-optimize function calls. In those cases, the JITs may query at compile time whether a probe is desired, and omit the probe invocation if not. If a probe is runtime-disabled at compilation time, it is not guaranteed to fire within a compiled function if it is later enabled. Not all backends handle all of the probes listed here. 4310
ProfilingStack.cpp 1685
PromiseLookup.cpp 9554
PromiseLookup.h A PromiseLookup holds the following: Promise's shape (promiseConstructorShape_) To ensure that Promise has not been modified. Promise.prototype's shape (promiseProtoShape_) To ensure that Promise.prototype has not been modified. Promise's shape for the @@species getter. (promiseSpeciesShape_) To quickly retrieve the @@species getter for Promise. Promise's slot number for resolve (promiseResolveSlot_) To quickly retrieve the Promise.resolve function. Promise.prototype's slot number for constructor (promiseProtoConstructorSlot_) To quickly retrieve the Promise.prototype.constructor property. Promise.prototype's slot number for then (promiseProtoThenSlot_) To quickly retrieve the Promise.prototype.then function. MOZ_INIT_OUTSIDE_CTOR fields below are set in |initialize()|. The constructor only initializes a |state_| field, that defines whether the other fields are accessible. 6037
PromiseObject.h 9259
ProxyObject.cpp static 10712
ProxyObject.h This is the base class for the various kinds of proxy objects. It's never instantiated. Proxy objects use their shape primarily to record flags. Property information, &c. is all dynamically computed. There is no class_ member to force specialization of JSObject::is<T>(). The implementation in JSObject is incorrect for proxies since it doesn't take account of the handler type. 5936
Realm-inl.h static 3539
Realm.cpp As a hack, we clear our timezone cache every time we create a new realm. This ensures that the cache is always relatively fresh, but shouldn't interfere with benchmarks that create tons of date objects (unless they also create tons of iframes, which seems unlikely). 28739
Realm.h A single-entry cache for some base-10 double-to-string conversions. This helps date-format-xparb.js. It also avoids skewing the results for v8-splay.js when measured by the SunSpider harness, where the splay tree initialization (which includes many repeated double-to-string conversions) is erroneously included in the measurement; see bug 562553. 32946
ReceiverGuard-inl.h vm_ReceiverGuard_inl_h 1212
ReceiverGuard.cpp 604
ReceiverGuard.h vm_ReceiverGuard_h 3233
RegExpObject.cpp = nullptr 40489
RegExpObject.h JavaScript RegExp objects. 8199
RegExpShared.h The compiled representation of a RegExp, potentially shared among RegExp instances created during separate evaluations of a single RegExp literal in source code. 13725
RegExpStatics.cpp RegExpStatics allocates memory -- in order to keep the statics stored per-global and not leak, we create a JSClass to wrap the C++ instance and provide an appropriate finalizer. We lazily create and store an instance of that JSClass in a global reserved slot. 3435
RegExpStatics.h The latest RegExp output, set after execution. 9392
RegExpStaticsObject.h vm_RegExpStaticsObject_h 829
Runtime.cpp static 26886
Runtime.h Different signature because the return type has MOZ_MUST_USE_TYPE. 40703
SavedFrame.h 9491
SavedStacks-inl.h 1271
SavedStacks.cpp Maximum number of saved frames returned for an async stack. 70724
SavedStacks.h 15021
Scope.cpp 74228
Scope.h Empty base class for scope Data classes to inherit from. Scope GC things store a pointer to these in their first word so they must be suitably aligned to allow storing GC flags in the low bits. 53302
ScopeKind.h 889
SelfHosting.cpp 118573
SelfHosting.h Check whether the given JSFunction is a self-hosted function whose self-hosted name is the given name. 2887
Shape-inl.h static 13533
Shape.cpp JS symbol tables. 67023
Shape.h [SMDOC] Shapes In isolation, a Shape represents a property that exists in one or more objects; it has an id, flags, etc. (But it doesn't represent the property's value.) However, Shapes are always stored in linked linear sequence of Shapes, called "shape lineages". Each shape lineage represents the layout of an entire object. Every JSObject has a pointer, |shape_|, accessible via lastProperty(), to the last Shape in a shape lineage, which identifies the property most recently added to the object. This pointer permits fast object layout tests. The shape lineage order also dictates the enumeration order for the object; ECMA requires no particular order but this implementation has promised and delivered property definition order. Shape lineages occur in two kinds of data structure. 1. N-ary property trees. Each path from a non-root node to the root node in a property tree is a shape lineage. Property trees permit full (or partial) sharing of Shapes between objects that have fully (or partly) identical layouts. The root is an EmptyShape whose identity is determined by the object's class, compartment and prototype. These Shapes are shared and immutable. 2. Dictionary mode lists. Shapes in such lists are said to be "in dictionary mode", as are objects that point to such Shapes. These Shapes are unshared, private to a single object, and immutable except for their links in the dictionary list. All shape lineages are bi-directionally linked, via the |parent| and |children|/|listp| members. Shape lineages start out life in the property tree. They can be converted (by copying) to dictionary mode lists in the following circumstances. 1. The shape lineage's size reaches MAX_HEIGHT. This reasonable limit avoids potential worst cases involving shape lineage mutations. 2. A property represented by a non-last Shape in a shape lineage is removed from an object. (In the last Shape case, obj->shape_ can be easily adjusted to point to obj->shape_->parent.) We originally tried lazy forking of the property tree, but this blows up for delete/add repetitions. 3. A property represented by a non-last Shape in a shape lineage has its attributes modified. To find the Shape for a particular property of an object initially requires a linear search. But if the number of searches starting at any particular Shape in the property tree exceeds LINEAR_SEARCHES_MAX and the Shape's lineage has (excluding the EmptyShape) at least MIN_ENTRIES, we create an auxiliary hash table -- the ShapeTable -- that allows faster lookup. Furthermore, a ShapeTable is always created for dictionary mode lists, and it is attached to the last Shape in the lineage. Shape tables for property tree Shapes never change, but shape tables for dictionary mode Shapes can grow and shrink. To save memory, shape tables can be discarded on GC and recreated when needed. AutoKeepShapeCaches can be used to avoid discarding shape tables for a particular zone. Methods operating on ShapeTables take either an AutoCheckCannotGC or AutoKeepShapeCaches argument, to help ensure tables are not purged while we're using them. There used to be a long, math-heavy comment here explaining why property trees are more space-efficient than alternatives. This was removed in bug 631138; see that bug for the full details. For getters/setters, an AccessorShape is allocated. This is a slightly fatter type with extra fields for the getter/setter data. Because many Shapes have similar data, there is actually a secondary type called a BaseShape that holds some of a Shape's data. Many shapes can share a single BaseShape. 58896
SharedArrayObject.cpp for resize 16091
SharedArrayObject.h SharedArrayRawBuffer A bookkeeping object always stored immediately before the raw buffer. The buffer itself is mmap()'d and refcounted. SharedArrayBufferObjects and structured clone objects may hold references. |<------ sizeof ------>|<- length ->| | waste | SharedArrayRawBuffer | data array | waste | Observe that if we want to map the data array on a specific address, such as absolute zero (bug 1056027), then the SharedArrayRawBuffer cannot be prefixed to the data array, it has to be a separate object, also in shared memory. (That would get rid of ~4KB of waste, as well.) Very little else would have to change throughout the engine, the SARB would point to the data array using a constant pointer, instead of computing its address. If preparedForWasm_ is true then length_ can change following initialization; it may grow toward maxSize_. See extensive comments above WasmArrayRawBuffer in ArrayBufferObject.cpp. length_ only grows when the lock is held. 9113
SharedImmutableStringsCache-inl.h 2704
SharedImmutableStringsCache.cpp 3634
SharedImmutableStringsCache.h The `SharedImmutableStringsCache` allows safely sharing and deduplicating immutable strings (either `const char*` [any encoding, not restricted to only Latin-1 or only UTF-8] or `const char16_t*`) between threads. The locking mechanism is dead-simple and coarse grained: a single lock guards all of the internal table itself, the table's entries, and the entries' reference counts. It is only safe to perform any mutation on the cache or any data stored within the cache when this lock is acquired. 14511
SharedMem.h 4930
SharedStencil.h Exception handling record. 17097
SourceHook.cpp 903
Stack-inl.h Initialize stack frame members. 23558
Stack.cpp 23252
Stack.h / namespace js { namespace jit { class BaselineFrame; class RematerializedFrame; } // namespace jit /** Pointer to a live JS or WASM stack frame. 32320
StencilEnums.h 12678
StringObject-inl.h static 1538
StringObject.h Creates a new String object boxing the given string. The object's [[Prototype]] is determined from context. 2163
StringType-inl.h Don't bother trying to find a static atom; measurement shows that not many get here (for one, Atomize is catching them). 14581
StringType.cpp 73442
StringType.h The buffer length required to contain any unsigned 32-bit integer. 70434
StructuredClone.cpp This file implements the structured data algorithms of The spec is in two parts: - StructuredSerialize examines a JS value and produces a graph of Records. - StructuredDeserialize walks the Records and produces a new JS value. The differences between our implementation and the spec are minor: - We call the two phases "write" and "read". - Our algorithms use an explicit work stack, rather than recursion. - Serialized data is a flat array of bytes, not a (possibly cyclic) graph of "Records". - As a consequence, we handle non-treelike object graphs differently. We serialize objects that appear in multiple places in the input as backreferences, using sequential integer indexes. See `JSStructuredCloneReader::allObjs`, our take on the "memory" map in the spec's StructuredDeserialize. 108852
SymbolType.cpp 3924
SymbolType.h namespace JS 5192
TaggedProto.cpp static 1181
TaggedProto.h Skip nullptr and LazyProto. 5138
ThrowMsgKind.cpp 1004
ThrowMsgKind.h vm_ThrowMsgKind_h 849
Time.cpp PR time code. 12955
Time.h Broken down form of 64 bit time value. 5026
ToSource.cpp Convert a JSString to its source expression; returns null after reporting an error, otherwise returns a new string reference. No Handle needed since the input is dead after the GC. 7071
ToSource.h 817
TraceLogging.cpp 53830
TraceLogging.h [SMDOC] Tracelogging overview. Tracelogging makes it possible to trace the occurrence of a single event and/or the start and stop of an event. This is implemented with as low overhead as possible to not interfere with running. Logging something is done in 3 stages. 1) Get the tracelogger of the current thread. cx may be omitted, in which case it will be fetched from TLS. - TraceLoggerForCurrentThread(cx); 2) Optionally create a TraceLoggerEvent for the text that needs to get logged. This step takes some time, so try to do this beforehand, outside the hot path and don't do unnecessary repetitions, since it will cripple performance. - TraceLoggerEvent event(logger, "foo"); There are also some predefined events. They are located in TraceLoggerTextId. They don't require to create an TraceLoggerEvent and can also be used as an argument to these functions. 3) Log the occurrence of a single event: - TraceLogTimestamp(logger, TraceLoggerTextId); Note: it is temporarily not supported to provide an TraceLoggerEvent as argument to log the occurrence of a single event. or log the start and stop of an event: - TraceLogStartEvent(logger, TraceLoggerTextId); - TraceLogStartEvent(logger, TraceLoggerEvent); - TraceLogStopEvent(logger, TraceLoggerTextId); - TraceLogStopEvent(logger, TraceLoggerEvent); or the start/stop of an event with a RAII class: - AutoTraceLog atl(logger, TraceLoggerTextId); - AutoTraceLog atl(logger, TraceLoggerEvent); 20987
TraceLoggingGraph.cpp 18005
TraceLoggingGraph.h The output of a tracelogging session is saved in /tmp/tl-data.json. The format of that file is a JS array per tracelogger (=thread), with a map containing: - dict: Name of the file containing a json table with the log text. All other files only contain a index to this table when logging. - events: Name of the file containing a flat list of log events saved in binary format. (64bit: Time Stamp Counter, 32bit index to dict) - tree: Name of the file containing the events with duration. The content is already in a tree data structure. This is also saved in a binary file. - treeFormat: The format used to encode the tree. By default "64,64,31,1,32". There are currently no other formats to save the tree. - 64,64,31,1,32 signifies how many bytes are used for the different parts of the tree. => 64 bits: Time Stamp Counter of start of event. => 64 bits: Time Stamp Counter of end of event. => 31 bits: Index to dict file containing the log text. => 1 bit: Boolean signifying if this entry has children. When true, the child can be found just right after this entry. => 32 bits: Containing the ID of the next event on the same depth or 0 if there isn't an event on the same depth anymore. /-> The position in the file. Id is this divided by size of entry. | So in this case this would be 1 (192bits per entry). | /-> Indicates there are children. The | | first child is located at current | | ID + 1. So 1 + 1 in this case: 2. | | Or 0x00180 in the tree file. | | /-> Next event on the same depth is | | | located at 4. So 0x00300 in the | | | tree file. 0x0000C0: [start, end, dictId, 1, 4] Example: 0x0: [start, end, dictId, 1, 0] | /----------------------------------\ | | 0xC0: [start, end, dictId, 0, 2] 0x180 [start, end, dictId, 1, 0] | /----------------------------------\ | | 0x240: [start, end, dictId, 0, 4] 0x300 [start, end, dictId, 0, 0] 9182
TraceLoggingTypes.cpp 656
TraceLoggingTypes.h Specific passes during ion compilation 9200
TypeInference-inl.h Inline members for javascript type inference. 45591
TypeInference.cpp static 139362
TypeInference.h Definitions related to javascript type inference. 12227
TypeSet.h TypeSet classes and functions. 32429
TypedArrayObject-inl.h Utilities and common inline code for TypedArray 23033
TypedArrayObject.cpp TypedArrayObject The non-templated base class for the specific typed implementations. This class holds all the member variables that are used by the subclasses. 92763
TypedArrayObject.h TypedArrayObject The non-templated base class for the specific typed implementations. This class holds all the member variables that are used by the subclasses. 11422
UbiNode.cpp 15872
UbiNodeCensus.cpp Count Types *********************************************************** 41963
UbiNodeShortestPaths.cpp = 10 2393
UsageStatistics.cpp 798
Value.cpp 1524
Warnings.cpp 3157
Warnings.h vm_Warnings_h 839
WindowProxy.cpp WindowProxy and Window implementation, for the web browser embedding. 2196
WrapperObject.h vm_WrapperObject_h 1075
Xdr.cpp 18370
Xdr.h 21819 11883 Usage: python This script generates SpiderMonkey bytecode documentation from js/src/vm/Opcodes.h. Output is written to stdout and should be pasted into the following MDN page: 5372