SpiderMonkey Bytecode Descriptions

Bytecode Listing

This document is automatically generated from Opcodes.h and Xdr.h by make_opcode_doc.py.

Bytecode version: 172 (0xb973c032).

Statements

Jumps

JSOP_AND [-1, +1] (JUMP, DETECTING, LEFTASSOC)
Value69 (0x45)
Operandsint32_t offset
Length5
Stack Usescond
Stack Defscond

Converts the top of stack value into a boolean, if the result is false, jumps to a 32-bit offset from the current bytecode.

JSOP_BACKPATCH [-0, +0] (JUMP)
Value149 (0x95)
Operandsint32_t offset
Length5
Stack Uses
Stack Defs

Placeholder opcode used during bytecode generation. This never appears in a finished script. FIXME: bug 473671.

JSOP_GOTO [-0, +0] (JUMP)
Value6 (0x06)
Operandsint32_t offset
Length5
Stack Uses
Stack Defs

Jumps to a 32-bit offset from the current bytecode.

JSOP_IFEQ [-1, +0] (JUMP, DETECTING)
Value7 (0x07)
Operandsint32_t offset
Length5
Stack Usescond
Stack Defs

Pops the top of stack value, converts it into a boolean, if the result is false, jumps to a 32-bit offset from the current bytecode.

The idea is that a sequence like JSOP_ZERO; JSOP_ZERO; JSOP_EQ; JSOP_IFEQ; JSOP_RETURN; reads like a nice linear sequence that will execute the return.

JSOP_IFNE [-1, +0] (JUMP)
Value8 (0x08)
Operandsint32_t offset
Length5
Stack Usescond
Stack Defs

Pops the top of stack value, converts it into a boolean, if the result is true, jumps to a 32-bit offset from the current bytecode.

JSOP_LABEL [-0, +0] (JUMP)
Value106 (0x6a)
Operandsint32_t offset
Length5
Stack Uses
Stack Defs

This opcode precedes every labeled statement. It's a no-op.

offset is the offset to the next instruction after this statement, the one break LABEL; would jump to. IonMonkey uses this.

JSOP_LOOPENTRY [-0, +0] (UINT8)
Value227 (0xe3)
Operandsuint8_t BITFIELD
Length2
Stack Uses
Stack Defs

This opcode is the target of the entry jump for some loop. The uint8 argument is a bitfield. The lower 7 bits of the argument indicate the loop depth. This value starts at 1 and is just a hint: deeply nested loops all have the same value. The upper bit is set if Ion should be able to OSR at this point, which is true unless there is non-loop state on the stack.

JSOP_LOOPHEAD [-0, +0]
Value109 (0x6d)
Operands
Length1
Stack Uses
Stack Defs

Another no-op.

This opcode is the target of the backwards jump for some loop.

JSOP_OR [-1, +1] (JUMP, DETECTING, LEFTASSOC)
Value68 (0x44)
Operandsint32_t offset
Length5
Stack Usescond
Stack Defscond

Converts the top of stack value into a boolean, if the result is true, jumps to a 32-bit offset from the current bytecode.

Switch Statement

JSOP_CASE [-2, +1] (JUMP)
Value121 (0x79)
Operandsint32_t offset
Length5
Stack Useslval, rval
Stack Defslval(if lval !== rval)

Pops the top two values on the stack as rval and lval, compare them with ===, if the result is true, jumps to a 32-bit offset from the current bytecode, re-pushes lval onto the stack if false.

JSOP_CONDSWITCH [-0, +0]
Value120 (0x78)
Operands
Length1
Stack Uses
Stack Defs

This no-op appears after the bytecode for EXPR in switch (EXPR) {...} if the switch cannot be optimized using JSOP_TABLESWITCH. For a non-optimized switch statement like this:

   switch (EXPR) {
     case V0:
       C0;
     ...
     default:
       D;
   }

the bytecode looks like this:

   (EXPR)
   condswitch
   (V0)
   case ->C0
   ...
   default ->D
   (C0)
   ...
   (D)

Note that code for all case-labels is emitted first, then code for the body of each case clause.

JSOP_DEFAULT [-1, +0] (JUMP)
Value122 (0x7a)
Operandsint32_t offset
Length5
Stack Useslval
Stack Defs

This appears after all cases in a JSOP_CONDSWITCH, whether there is a default: label in the switch statement or not. Pop the switch operand from the stack and jump to a 32-bit offset from the current bytecode. offset from the current bytecode.

JSOP_TABLESWITCH [-1, +0] (TABLESWITCH, DETECTING)
Value70 (0x46)
Operandsint32_t len, int32_t low, int32_t high,int32_t offset[0], ..., int32_t offset[high-low]
Lengthlen
Stack Usesi
Stack Defs

Pops the top of stack value as i, if low <= i <= high, jumps to a 32-bit offset: offset[i - low] from the current bytecode, jumps to a 32-bit offset: len from the current bytecode if not.

This opcode has variable length.

For-In Statement

JSOP_ENDITER [-1, +0]
Value78 (0x4e)
Operands
Length1
Stack Usesiter
Stack Defs

Exits a for-in loop by popping the iterator object from the stack and closing it.

JSOP_ITER [-1, +1] (UINT8)
Value75 (0x4b)
Operandsuint8_t flags
Length2
Stack Usesval
Stack Defsiter

Sets up a for-in or for-each-in loop using the JSITER_* flag bits in this op's uint8_t immediate operand. It pops the top of stack value as val and pushes iter which is an iterator for val.

JSOP_ITERNEXT [-0, +1]
Value77 (0x4d)
Operands
Length1
Stack Usesiter
Stack Defsiter, val

Pushes the value produced by the preceding JSOP_MOREITER operation (cx->iterValue) onto the stack

This opcode increments iterator cursor if current iteration does not have JSITER_FOREACH flag.

JSOP_MOREITER [-1, +2]
Value76 (0x4c)
Operands
Length1
Stack Usesiter
Stack Defsiter, cond

Stores the next iterated value into cx->iterValue and pushes true onto the stack if another value is available, and false otherwise. It is followed immediately by JSOP_IFNE.

This opcode increments iterator cursor if current iteration has JSITER_FOREACH flag.

With Statement

JSOP_ENTERWITH [-1, +0] (OBJECT)
Value3 (0x03)
Operandsuint32_t staticWithIndex
Length5
Stack Usesval
Stack Defs

Pops the top of stack value, converts it to an object, and adds a DynamicWithObject wrapping that object to the scope chain.

There is a matching JSOP_LEAVEWITH instruction later. All name lookups between the two that may need to consult the With object are deoptimized.

JSOP_LEAVEWITH [-0, +0]
Value4 (0x04)
Operands
Length1
Stack Uses
Stack Defs

Pops the scope chain object pushed by JSOP_ENTERWITH.

Exception Handling

JSOP_EXCEPTION [-0, +1]
Value118 (0x76)
Operands
Length1
Stack Uses
Stack Defsexception

Pushes the current pending exception onto the stack and clears the pending exception. This is only emitted at the beginning of code for a catch-block, so it is known that an exception is pending. It is used to implement catch-blocks and yield*.

JSOP_FINALLY [-0, +2]
Value135 (0x87)
Operands
Length1
Stack Uses
Stack Defsfalse, (next bytecode's PC)

This opcode has a def count of 2, but these values are already on the stack (they're pushed by JSOP_GOSUB).

JSOP_GOSUB [-0, +0] (JUMP)
Value116 (0x74)
Operandsint32_t offset
Length5
Stack Uses
Stack Defsfalse, (next bytecode's PC)

Pushes false and next bytecode's PC onto the stack, and jumps to a 32-bit offset from the current bytecode.

This opcode is used for entering finally block.

JSOP_RETSUB [-2, +0]
Value117 (0x75)
Operands
Length1
Stack Useslval, rval
Stack Defs

Pops the top two values on the stack as rval and lval, converts lval into a boolean, raises error if the result is true, jumps to a 32-bit absolute PC: rval if false.

This opcode is used for returning from finally block.

JSOP_THROW [-1, +0]
Value112 (0x70)
Operands
Length1
Stack Usesv
Stack Defs

Pops the top of stack value as v, sets pending exception as v, then raises error.

JSOP_THROWING [-1, +0]
Value151 (0x97)
Operands
Length1
Stack Usesv
Stack Defs

Pops the top of stack value as v, sets pending exception as v, to trigger rethrow.

This opcode is used in conditional catch clauses.

JSOP_TRY [-0, +0]
Value134 (0x86)
Operands
Length1
Stack Uses
Stack Defs

This no-op appears at the top of the bytecode for a TryStatement.

Location information for catch/finally blocks is stored in a side table, script->trynotes().

Function

JSOP_CALL [-(argc+2), +1] (UINT16, INVOKE, TYPESET)
Value58 (0x3a)
Operandsuint16_t argc
Length3
Stack Usescallee, this, args[0], ..., args[argc-1]
Stack Defsrval

Invokes callee with this and args, pushes return value onto the stack.

JSOP_EVAL [-(argc+2), +1] (UINT16, INVOKE, TYPESET)
Value123 (0x7b)
Operandsuint16_t argc
Length3
Stack Usescallee, this, args[0], ..., args[argc-1]
Stack Defsrval

Invokes eval with args and pushes return value onto the stack.

If eval in global scope is not original one, invokes the function with this and args, and pushes return value onto the stack.

JSOP_FUNAPPLY [-(argc+2), +1] (UINT16, INVOKE, TYPESET)
Value79 (0x4f)
Operandsuint16_t argc
Length3
Stack Usescallee, this, args[0], ..., args[argc-1]
Stack Defsrval

Invokes callee with this and args, pushes return value onto the stack.

This is for f.apply.

JSOP_FUNCALL [-(argc+2), +1] (UINT16, INVOKE, TYPESET)
Value108 (0x6c)
Operandsuint16_t argc
Length3
Stack Usescallee, this, args[0], ..., args[argc-1]
Stack Defsrval

Invokes callee with this and args, pushes return value onto the stack.

If callee is determined to be the canonical Function.prototype.call function, then this operation is optimized to directly call callee with args[0] as this, and the remaining arguments as formal args to callee.

Like JSOP_FUNAPPLY but for f.call instead of f.apply.

JSOP_LAMBDA [-0, +1] (OBJECT)
Value130 (0x82)
Operandsuint32_t funcIndex
Length5
Stack Uses
Stack Defsobj

Pushes a closure for a named or anonymous function expression onto the stack.

JSOP_LAMBDA_ARROW [-1, +1] (OBJECT)
Value131 (0x83)
Operandsuint32_t funcIndex
Length5
Stack Usesthis
Stack Defsobj

Pops the top of stack value as this, pushes an arrow function with this onto the stack.

JSOP_NEW [-(argc+2), +1] (UINT16, INVOKE, TYPESET)
Value82 (0x52)
Operandsuint16_t argc
Length3
Stack Usescallee, this, args[0], ..., args[argc-1]
Stack Defsrval

Invokes callee as a constructor with this and args, pushes return value onto the stack.

JSOP_RETRVAL [-0, +0]
Value153 (0x99)
Operands
Length1
Stack Uses
Stack Defs

Stops interpretation and returns value set by JSOP_SETRVAL. When not set, returns undefined.

Also emitted at end of script so interpreter don't need to check if opcode is still in script range.

JSOP_RETURN [-1, +0]
Value5 (0x05)
Operands
Length1
Stack Usesrval
Stack Defs

Pops the top of stack value as rval, stops interpretation of current script and returns rval.

JSOP_RUNONCE [-0, +0]
Value71 (0x47)
Operands
Length1
Stack Uses
Stack Defs

Prologue emitted in scripts expected to run once, which deoptimizes code if it executes multiple times.

JSOP_SETCALL [-0, +0]
Value74 (0x4a)
Operands
Length1
Stack Uses
Stack Defs

Sometimes web pages do o.Item(i) = j. This is not an early SyntaxError, for web compatibility. Instead we emit JSOP_SETCALL after the function call, an opcode that always throws.

JSOP_SETRVAL [-1, +0]
Value152 (0x98)
Operands
Length1
Stack Usesrval
Stack Defs

Pops the top of stack value as rval, sets the return value in stack frame as rval.

JSOP_SPREADCALL [-3, +1] (INVOKE, TYPESET)
Value41 (0x29)
Operands
Length1
Stack Usescallee, this, args
Stack Defsrval

spreadcall variant of JSOP_CALL.

Invokes callee with this and args, pushes the return value onto the stack.

args is an Array object which contains actual arguments.

JSOP_SPREADEVAL [-3, +1] (INVOKE, TYPESET)
Value43 (0x2b)
Operands
Length1
Stack Usescallee, this, args
Stack Defsrval

spreadcall variant of JSOP_EVAL

Invokes eval with args and pushes the return value onto the stack.

If eval in global scope is not original one, invokes the function with this and args, and pushes return value onto the stack.

JSOP_SPREADNEW [-3, +1] (INVOKE, TYPESET)
Value42 (0x2a)
Operands
Length1
Stack Usescallee, this, args
Stack Defsrval

spreadcall variant of JSOP_NEW

Invokes callee as a constructor with this and args, pushes the return value onto the stack.

Generator

JSOP_GENERATOR [-0, +0]
Value202 (0xca)
Operands
Length1
Stack Uses
Stack Defs

Initializes generator frame, creates a generator, sets YIELDING flag, stops interpretation and returns the generator.

JSOP_YIELD [-1, +1]
Value203 (0xcb)
Operands
Length1
Stack Usesrval1
Stack Defsrval2

Pops the top of stack value as rval1, sets YIELDING flag, stops interpretation and returns rval1, pushes sent value from send() onto the stack.

Debugger

JSOP_DEBUGGER [-0, +0]
Value115 (0x73)
Operands
Length1
Stack Uses
Stack Defs

Invokes debugger.

JSOP_DEBUGLEAVEBLOCK [-0, +0]
Value200 (0xc8)
Operands
Length1
Stack Uses
Stack Defs

The opcode to assist the debugger.

Variables and Scopes

Variables

JSOP_BINDNAME [-0, +1] (ATOM, NAME, SET)
Value110 (0x6e)
Operandsuint32_t nameIndex
Length5
Stack Uses
Stack Defsscope

Looks up name on the scope chain and pushes the scope which contains the name onto the stack. If not found, pushes global scope onto the stack.

JSOP_DEFCONST [-0, +0] (ATOM)
Value128 (0x80)
Operandsuint32_t nameIndex
Length5
Stack Uses
Stack Defs

Defines the new binding on the frame's current variables-object (the scope object on the scope chain designated to receive new variables) with READONLY attribute.

This is used for global scripts and also in some cases for function scripts where use of dynamic scoping inhibits optimization.

JSOP_DEFFUN [-0, +0] (OBJECT)
Value127 (0x7f)
Operandsuint32_t funcIndex
Length5
Stack Uses
Stack Defs

Defines the given function on the current scope.

This is used for global scripts and also in some cases for function scripts where use of dynamic scoping inhibits optimization.

JSOP_DEFVAR [-0, +0] (ATOM)
Value129 (0x81)
Operandsuint32_t nameIndex
Length5
Stack Uses
Stack Defs

Defines the new binding on the frame's current variables-object (the scope object on the scope chain designated to receive new variables).

This is used for global scripts and also in some cases for function scripts where use of dynamic scoping inhibits optimization.

JSOP_DELNAME [-0, +1] (ATOM, NAME)
Value36 (0x24)
Operandsuint32_t nameIndex
Length5
Stack Uses
Stack Defssucceeded

Looks up name on the scope chain and deletes it, pushes true onto the stack if succeeded (if the property was present and deleted or if the property wasn't present in the first place), false if not.

Strict mode code should never contain this opcode.

JSOP_NAME [-0, +1] (ATOM, NAME, TYPESET)
Value59 (0x3b)
Operandsuint32_t nameIndex
Length5
Stack Uses
Stack Defsval

Looks up name on the scope chain and pushes its value onto the stack.

JSOP_SETCONST [-1, +1] (ATOM, NAME, SET)
Value14 (0x0e)
Operandsuint32_t nameIndex
Length5
Stack Usesval
Stack Defsval

Defines a readonly property on the frame's current variables-object (the scope object on the scope chain designated to receive new variables).

JSOP_SETNAME [-2, +1] (ATOM, NAME, SET, DETECTING)
Value111 (0x6f)
Operandsuint32_t nameIndex
Length5
Stack Usesscope, val
Stack Defsval

Pops a scope and value from the stack, assigns value to the given name, and pushes the value back on the stack

Free Variables

JSOP_BINDGNAME [-0, +1] (ATOM, NAME, SET, GNAME)
Value214 (0xd6)
Operandsuint32_t nameIndex
Length5
Stack Uses
Stack Defsglobal

Pushes the global scope onto the stack.

nameIndex is not used.

JSOP_GETGNAME [-0, +1] (ATOM, NAME, TYPESET, GNAME)
Value154 (0x9a)
Operandsuint32_t nameIndex
Length5
Stack Uses
Stack Defsval

Looks up name on global scope and pushes its value onto the stack.

Free variable references that must either be found on the global or a ReferenceError.

JSOP_SETGNAME [-2, +1] (ATOM, NAME, SET, DETECTING, GNAME)
Value155 (0x9b)
Operandsuint32_t nameIndex
Length5
Stack Usesscope, val
Stack Defsval

Pops the top two values on the stack as val and scope, sets property of scope as val and pushes val back on the stack.

scope should be the global scope.

Local Variables

JSOP_GETLOCAL [-0, +1] (LOCAL, NAME)
Value86 (0x56)
Operandsuint32_t localno
Length4
Stack Uses
Stack Defsval

Pushes the value of local variable onto the stack.

JSOP_SETLOCAL [-1, +1] (LOCAL, NAME, SET, DETECTING)
Value87 (0x57)
Operandsuint32_t localno
Length4
Stack Usesv
Stack Defsv

Stores the top stack value to the given local.

Aliased Variables

JSOP_GETALIASEDVAR [-0, +1] (SCOPECOORD, NAME, TYPESET)
Value136 (0x88)
Operandsuint8_t hops, uint24_t slot
Length5
Stack Uses
Stack DefsaliasedVar

Pushes aliased variable onto the stack.

An "aliased variable" is a var, let, or formal arg that is aliased. Sources of aliasing include: nested functions accessing the vars of an enclosing function, function statements that are conditionally executed, eval, with, and arguments. All of these cases require creating a CallObject to own the aliased variable.

An ALIASEDVAR opcode contains the following immediates:

uint8 hops:  the number of scope objects to skip to find the ScopeObject
             containing the variable being accessed
uint24 slot: the slot containing the variable in the ScopeObject (this
             'slot' does not include RESERVED_SLOTS).
JSOP_SETALIASEDVAR [-1, +1] (SCOPECOORD, NAME, SET, DETECTING)
Value137 (0x89)
Operandsuint8_t hops, uint24_t slot
Length5
Stack Usesv
Stack Defsv

Sets aliased variable as the top of stack value.

Intrinsics

JSOP_BINDINTRINSIC [-0, +1] (ATOM, NAME, SET)
Value145 (0x91)
Operandsuint32_t nameIndex
Length5
Stack Uses
Stack DefsintrinsicHolder

Pushes intrinsicHolder onto the stack.

JSOP_GETINTRINSIC [-0, +1] (ATOM, NAME, TYPESET)
Value143 (0x8f)
Operandsuint32_t nameIndex
Length5
Stack Uses
Stack Defsintrinsic[name]

Pushes the value of the intrinsic onto the stack.

Intrinsic names are emitted instead of JSOP_*NAME ops when the CompileOptions flag selfHostingMode is set.

They are used in self-hosted code to access other self-hosted values and intrinsic functions the runtime doesn't give client JS code access to.

JSOP_SETINTRINSIC [-2, +1] (ATOM, NAME, SET, DETECTING)
Value144 (0x90)
Operandsuint32_t nameIndex
Length5
Stack Usesscope, val
Stack Defsval

Pops the top two values on the stack as val and scope, sets intrinsic as val, and pushes val onto the stack.

scope is not used.

Block-local Scope

JSOP_POPBLOCKSCOPE [-0, +0]
Value199 (0xc7)
Operands
Length1
Stack Uses
Stack Defs

Pops block from the scope chain.

JSOP_PUSHBLOCKSCOPE [-0, +0] (OBJECT)
Value198 (0xc6)
Operandsuint32_t staticBlockObjectIndex
Length5
Stack Uses
Stack Defs

Pushes block onto the scope chain.

This

JSOP_IMPLICITTHIS [-0, +1] (ATOM)
Value226 (0xe2)
Operandsuint32_t nameIndex
Length5
Stack Uses
Stack Defsthis

Pushes the implicit this value for calls to the associated name onto the stack.

JSOP_THIS [-0, +1]
Value65 (0x41)
Operands
Length1
Stack Uses
Stack Defsthis

Pushes this value for current stack frame onto the stack.

Arguments

JSOP_ARGUMENTS [-0, +1]
Value9 (0x09)
Operands
Length1
Stack Uses
Stack Defsarguments

Pushes the arguments object for the current function activation.

If JSScript is not marked needsArgsObj, then a JS_OPTIMIZED_ARGUMENTS magic value is pushed. Otherwise, a proper arguments object is constructed and pushed.

This opcode requires that the function does not have rest parameter.

JSOP_CALLEE [-0, +1]
Value132 (0x84)
Operands
Length1
Stack Uses
Stack Defscallee

Pushes current callee onto the stack.

Used for named function expression self-naming, if lightweight.

JSOP_GETARG [-0, +1] (QARG , NAME)
Value84 (0x54)
Operandsuint16_t argno
Length3
Stack Uses
Stack Defsarguments[argno]

Fast get op for function arguments and local variables.

Pushes arguments[argno] onto the stack.

JSOP_REST [-0, +1] (TYPESET)
Value224 (0xe0)
Operands
Length1
Stack Uses
Stack Defsrest

Creates rest parameter array for current function call, and pushes it onto the stack.

JSOP_SETARG [-1, +1] (QARG , NAME, SET)
Value85 (0x55)
Operandsuint16_t argno
Length3
Stack Usesv
Stack Defsv

Fast set op for function arguments and local variables.

Sets arguments[argno] as the top of stack value.

Operator

Comparison Operators

JSOP_EQ [-2, +1] (LEFTASSOC, ARITH, DETECTING)
JSOP_GE [-2, +1] (LEFTASSOC, ARITH)
JSOP_GT [-2, +1] (LEFTASSOC, ARITH)
JSOP_LE [-2, +1] (LEFTASSOC, ARITH)
JSOP_LT [-2, +1] (LEFTASSOC, ARITH)
JSOP_NE [-2, +1] (LEFTASSOC, ARITH, DETECTING)
ValueJSOP_EQ: 18 (0x12)
JSOP_GE: 23 (0x17)
JSOP_GT: 22 (0x16)
JSOP_LE: 21 (0x15)
JSOP_LT: 20 (0x14)
JSOP_NE: 19 (0x13)
Operands
Length1
Stack Useslval, rval
Stack Defs(lval OP rval)

Pops the top two values from the stack and pushes the result of comparing them.

JSOP_STRICTEQ [-2, +1] (DETECTING, LEFTASSOC, ARITH)
JSOP_STRICTNE [-2, +1] (DETECTING, LEFTASSOC, ARITH)
ValueJSOP_STRICTEQ: 72 (0x48)
JSOP_STRICTNE: 73 (0x49)
Operands
Length1
Stack Useslval, rval
Stack Defs(lval OP rval)

Pops the top two values from the stack, then pushes the result of applying the operator to the two values.

Arithmetic Operators

JSOP_ADD [-2, +1] (LEFTASSOC, ARITH)
Value27 (0x1b)
Operands
Length1
Stack Useslval, rval
Stack Defs(lval + rval)

Pops the top two values lval and rval from the stack, then pushes the result of lval + rval.

JSOP_DIV [-2, +1] (LEFTASSOC, ARITH)
JSOP_MOD [-2, +1] (LEFTASSOC, ARITH)
JSOP_MUL [-2, +1] (LEFTASSOC, ARITH)
JSOP_SUB [-2, +1] (LEFTASSOC, ARITH)
ValueJSOP_DIV: 30 (0x1e)
JSOP_MOD: 31 (0x1f)
JSOP_MUL: 29 (0x1d)
JSOP_SUB: 28 (0x1c)
Operands
Length1
Stack Useslval, rval
Stack Defs(lval OP rval)

Pops the top two values lval and rval from the stack, then pushes the result of applying the arithmetic operation to them.

JSOP_NEG [-1, +1] (ARITH)
Value34 (0x22)
Operands
Length1
Stack Usesval
Stack Defs(-val)

Pops the value val from the stack, then pushes -val.

JSOP_POS [-1, +1] (ARITH)
Value35 (0x23)
Operands
Length1
Stack Usesval
Stack Defs(+val)

Pops the value val from the stack, then pushes +val. (+val is the value converted to a number.)

Bitwise Logical Operators

JSOP_BITAND [-2, +1] (LEFTASSOC, ARITH)
JSOP_BITOR [-2, +1] (LEFTASSOC, ARITH)
JSOP_BITXOR [-2, +1] (LEFTASSOC, ARITH)
ValueJSOP_BITAND: 17 (0x11)
JSOP_BITOR: 15 (0x0f)
JSOP_BITXOR: 16 (0x10)
Operands
Length1
Stack Useslval, rval
Stack Defs(lval OP rval)

Pops the top two values lval and rval from the stack, then pushes the result of the operation applied to the two operands, converting both to 32-bit signed integers if necessary.

JSOP_BITNOT [-1, +1] (ARITH)
Value33 (0x21)
Operands
Length1
Stack Usesval
Stack Defs(~val)

Pops the value val from the stack, then pushes ~val.

Bitwise Shift Operators

JSOP_LSH [-2, +1] (LEFTASSOC, ARITH)
JSOP_RSH [-2, +1] (LEFTASSOC, ARITH)
ValueJSOP_LSH: 24 (0x18)
JSOP_RSH: 25 (0x19)
Operands
Length1
Stack Useslval, rval
Stack Defs(lval OP rval)

Pops the top two values lval and rval from the stack, then pushes the result of the operation applied to the operands.

JSOP_URSH [-2, +1] (LEFTASSOC, ARITH)
Value26 (0x1a)
Operands
Length1
Stack Useslval, rval
Stack Defs(lval >>> rval)

Pops the top two values lval and rval from the stack, then pushes lval >>> rval.

Logical Operators

JSOP_NOT [-1, +1] (ARITH, DETECTING)
Value32 (0x20)
Operands
Length1
Stack Usesval
Stack Defs(!val)

Pops the value val from the stack, then pushes !val.

Special Operators

JSOP_IN [-2, +1] (LEFTASSOC)
Value113 (0x71)
Operands
Length1
Stack Usesid, obj
Stack Defs(id in obj)

Pops the top two values id and obj from the stack, then pushes id in obj. This will throw a TypeError if obj is not an object.

Note that obj is the top value.

JSOP_INSTANCEOF [-2, +1] (LEFTASSOC, TMPSLOT)
Value114 (0x72)
Operands
Length1
Stack Usesobj, ctor
Stack Defs(obj instanceof ctor)

Pops the top two values obj and ctor from the stack, then pushes obj instanceof ctor. This will throw a TypeError if obj is not an object.

JSOP_TYPEOF [-1, +1] (DETECTING)
Value39 (0x27)
Operands
Length1
Stack Usesval
Stack Defs(typeof val)

Pops the value val from the stack, then pushes typeof val.

JSOP_TYPEOFEXPR [-1, +1] (DETECTING)
Value197 (0xc5)
Operands
Length1
Stack Usesval
Stack Defs(typeof val)

Pops the top stack value as val and pushes typeof val. Note that this opcode isn't used when, in the original source code, val is a name -- see JSOP_TYPEOF for that. (This is because typeof undefinedName === "undefined".)

JSOP_VOID [-1, +1]
Value40 (0x28)
Operands
Length1
Stack Usesval
Stack Defsundefined

Pops the top value on the stack and pushes undefined.

Stack Operations

JSOP_DUP [-1, +2]
Value12 (0x0c)
Operands
Length1
Stack Usesv
Stack Defsv, v

Pushes a copy of the top value on the stack.

JSOP_DUP2 [-2, +4]
Value13 (0x0d)
Operands
Length1
Stack Usesv1, v2
Stack Defsv1, v2, v1, v2

Duplicates the top two values on the stack.

JSOP_DUPAT [-0, +1] (UINT24)
Value44 (0x2c)
Operandsuint24_t n
Length4
Stack Usesv[n], v[n-1], ..., v[1], v[0]
Stack Defsv[n], v[n-1], ..., v[1], v[0], v[n]

Duplicates the Nth value from the top onto the stack.

JSOP_PICK [-0, +0] (UINT8, TMPSLOT2)
Value133 (0x85)
Operandsuint8_t n
Length2
Stack Usesv[n], v[n-1], ..., v[1], v[0]
Stack Defsv[n-1], ..., v[1], v[0], v[n]

Picks the nth element from the stack and moves it to the top of the stack.

JSOP_POP [-1, +0]
Value81 (0x51)
Operands
Length1
Stack Usesv
Stack Defs

Pops the top value off the stack.

JSOP_POPN [-n, +0] (UINT16)
Value11 (0x0b)
Operandsuint16_t n
Length3
Stack Usesv[n-1], ..., v[1], v[0]
Stack Defs

Pops the top n values from the stack.

JSOP_SWAP [-2, +2]
Value10 (0x0a)
Operands
Length1
Stack Usesv1, v2
Stack Defsv2, v1

Swaps the top two values on the stack. This is useful for things like post-increment/decrement.

Literals

Constants

JSOP_DOUBLE [-0, +1] (DOUBLE)
Value60 (0x3c)
Operandsuint32_t constIndex
Length5
Stack Uses
Stack Defsval

Pushes numeric constant onto the stack.

JSOP_FALSE [-0, +1]
JSOP_TRUE [-0, +1]
ValueJSOP_FALSE: 66 (0x42)
JSOP_TRUE: 67 (0x43)
Operands
Length1
Stack Uses
Stack Defstrue/false

Pushes boolean value onto the stack.

JSOP_INT32 [-0, +1] (INT32)
Value216 (0xd8)
Operandsint32_t val
Length5
Stack Uses
Stack Defsval

Pushes 32-bit int immediate integer operand onto the stack.

JSOP_INT8 [-0, +1] (INT8)
Value215 (0xd7)
Operandsint8_t val
Length2
Stack Uses
Stack Defsval

Pushes 8-bit int immediate integer operand onto the stack.

JSOP_NULL [-0, +1]
Value64 (0x40)
Operands
Length1
Stack Uses
Stack Defsnull

Pushes null onto the stack.

JSOP_ONE [-0, +1]
Value63 (0x3f)
Operands
Length1
Stack Uses
Stack Defs1

Pushes 1 onto the stack.

JSOP_STRING [-0, +1] (ATOM)
Value61 (0x3d)
Operandsuint32_t atomIndex
Length5
Stack Uses
Stack Defsstring

Pushes string constant onto the stack.

JSOP_UINT16 [-0, +1] (UINT16)
Value88 (0x58)
Operandsuint16_t val
Length3
Stack Uses
Stack Defsval

Pushes unsigned 16-bit int immediate integer operand onto the stack.

JSOP_UINT24 [-0, +1] (UINT24)
Value188 (0xbc)
Operandsuint24_t val
Length4
Stack Uses
Stack Defsval

Pushes unsigned 24-bit int immediate integer operand onto the stack.

JSOP_UNDEFINED [-0, +1]
Value1 (0x01)
Operands
Length1
Stack Uses
Stack Defsundefined

Pushes undefined onto the stack.

JSOP_ZERO [-0, +1]
Value62 (0x3e)
Operands
Length1
Stack Uses
Stack Defs0

Pushes 0 onto the stack.

Object

JSOP_CALLELEM [-2, +1] (BYTE , ELEM, TYPESET, LEFTASSOC)
Value193 (0xc1)
Operands
Length1
Stack Usesobj, propval
Stack Defsobj[propval]

Pops the top two values on the stack as propval and obj, pushes propval property of obj onto the stack.

Like JSOP_GETELEM but for call context.

JSOP_CALLPROP [-1, +1] (ATOM, PROP, TYPESET, TMPSLOT3)
Value184 (0xb8)
Operandsuint32_t nameIndex
Length5
Stack Usesobj
Stack Defsobj[name]

Pops the top of stack value, pushes property of it onto the stack.

Like JSOP_GETPROP but for call context.

JSOP_DELELEM [-2, +1] (BYTE , ELEM)
Value38 (0x26)
Operands
Length1
Stack Usesobj, propval
Stack Defssucceeded

Pops the top two values on the stack as propval and obj, deletes propval property from obj, pushes true onto the stack if succeeded, false if not.

JSOP_DELPROP [-1, +1] (ATOM, PROP)
Value37 (0x25)
Operandsuint32_t nameIndex
Length5
Stack Usesobj
Stack Defssucceeded

Pops the top of stack value, deletes property from it, pushes true onto the stack if succeeded, false if not.

JSOP_ENDINIT [-0, +0]
Value92 (0x5c)
Operands
Length1
Stack Uses
Stack Defs

A no-operation bytecode.

Indicates the end of object/array initialization, and used for Type-Inference, decompile, etc.

JSOP_GETELEM [-2, +1] (BYTE , ELEM, TYPESET, LEFTASSOC)
Value55 (0x37)
Operands
Length1
Stack Usesobj, propval
Stack Defsobj[propval]

Pops the top two values on the stack as propval and obj, pushes propval property of obj onto the stack.

JSOP_GETPROP [-1, +1] (ATOM, PROP, TYPESET, TMPSLOT3)
Value53 (0x35)
Operandsuint32_t nameIndex
Length5
Stack Usesobj
Stack Defsobj[name]

Pops the top of stack value, pushes property of it onto the stack.

JSOP_GETXPROP [-1, +1] (ATOM, PROP, TYPESET)
Value195 (0xc3)
Operandsuint32_t nameIndex
Length5
Stack Usesobj
Stack Defsobj[name]

Pops the top of stack value, gets an extant property value of it, throwing ReferenceError if the identified property does not exist.

JSOP_INITELEM [-3, +1] (ELEM, SET, DETECTING)
Value94 (0x5e)
Operands
Length1
Stack Usesobj, id, val
Stack Defsobj

Initialize a numeric property in an object literal, like {1: x}.

Pops the top three values on the stack as val, id and obj, defines id property of obj as val, pushes obj onto the stack.

JSOP_INITELEM_GETTER [-3, +1] (ELEM, SET, DETECTING)
Value99 (0x63)
Operands
Length1
Stack Usesobj, id, val
Stack Defsobj

Initialize a numeric getter in an object literal like {get 2() {}}.

Pops the top three values on the stack as val, id and obj, defines id getter of obj as val, pushes obj onto the stack.

JSOP_INITELEM_SETTER [-3, +1] (ELEM, SET, DETECTING)
Value100 (0x64)
Operands
Length1
Stack Usesobj, id, val
Stack Defsobj

Initialize a numeric setter in an object literal like {set 2(v) {}}.

Pops the top three values on the stack as val, id and obj, defines id setter of obj as val, pushes obj onto the stack.

JSOP_INITPROP [-2, +1] (ATOM, PROP, SET, DETECTING)
Value93 (0x5d)
Operandsuint32_t nameIndex
Length5
Stack Usesobj, val
Stack Defsobj

Initialize a named property in an object literal, like {a: x}.

Pops the top two values on the stack as val and obj, defines nameIndex property of obj as val, pushes obj onto the stack.

JSOP_INITPROP_GETTER [-2, +1] (ATOM, PROP, SET, DETECTING)
Value97 (0x61)
Operandsuint32_t nameIndex
Length5
Stack Usesobj, val
Stack Defsobj

Initialize a getter in an object literal.

Pops the top two values on the stack as val and obj, defines getter of obj as val, pushes obj onto the stack.

JSOP_INITPROP_SETTER [-2, +1] (ATOM, PROP, SET, DETECTING)
Value98 (0x62)
Operandsuint32_t nameIndex
Length5
Stack Usesobj, val
Stack Defsobj

Initialize a setter in an object literal.

Pops the top two values on the stack as val and obj, defines setter of obj as val, pushes obj onto the stack.

JSOP_MUTATEPROTO [-2, +1]
Value194 (0xc2)
Operands
Length1
Stack Usesobj, newProto
Stack Defssucceeded

__proto__: v inside an object initializer.

Pops the top two values on the stack as newProto and obj, sets prototype of obj as newProto, pushes true onto the stack if succeeded, false if not.

JSOP_NEWINIT [-0, +1] (UINT8)
Value89 (0x59)
Operandsuint8_t kind (, uint24_t extra)
Length5
Stack Uses
Stack Defsobj

Pushes newly created object onto the stack.

This opcode takes the kind of initializer (JSProto_Array or JSProto_Object).

This opcode has an extra byte so it can be exchanged with JSOP_NEWOBJECT during emit.

JSOP_NEWOBJECT [-0, +1] (OBJECT)
Value91 (0x5b)
Operandsuint32_t baseobjIndex
Length5
Stack Uses
Stack Defsobj

Pushes newly created object onto the stack.

This opcode takes an object with the final shape, which can be set at the start and slots then filled in directly.

JSOP_OBJECT [-0, +1] (OBJECT)
Value80 (0x50)
Operandsuint32_t objectIndex
Length5
Stack Uses
Stack Defsobj

Pushes deep-cloned object literal or singleton onto the stack.

JSOP_SETELEM [-3, +1] (BYTE , ELEM, SET, DETECTING)
Value56 (0x38)
Operands
Length1
Stack Usesobj, propval, val
Stack Defsval

Pops the top three values on the stack as val, propval and obj, sets propval property of obj as val, pushes obj onto the stack.

JSOP_SETPROP [-2, +1] (ATOM, PROP, SET, DETECTING)
Value54 (0x36)
Operandsuint32_t nameIndex
Length5
Stack Usesobj, val
Stack Defsval

Pops the top two values on the stack as val and obj, sets property of obj as val, pushes obj onto the stack.

JSOP_TOID [-1, +1]
Value225 (0xe1)
Operands
Length1
Stack Usesobj, id
Stack Defsobj, (jsid of id)

Pops the top of stack value, converts it into a jsid (int or string), and pushes it onto the stack.

Array

JSOP_ARRAYPUSH [-2, +0]
Value204 (0xcc)
Operands
Length1
Stack Usesv, obj
Stack Defs

Pops the top two values on the stack as obj and v, pushes v to obj.

This opcode is used for Array Comprehension.

JSOP_HOLE [-0, +1]
Value218 (0xda)
Operands
Length1
Stack Uses
Stack Defshole

Pushes a JS_ELEMENTS_HOLE value onto the stack, representing an omitted property in an array literal (e.g. property 0 in the array [, 1]).

This opcode is used with the JSOP_NEWARRAY opcode.

JSOP_INITELEM_ARRAY [-2, +1] (UINT24, ELEM, SET, DETECTING)
Value96 (0x60)
Operandsuint24_t index
Length4
Stack Usesobj, val
Stack Defsobj

Initialize an array element.

Pops the top two values on the stack as val and obj, sets index property of obj as val, pushes obj onto the stack.

JSOP_INITELEM_INC [-3, +2] (ELEM, SET)
Value95 (0x5f)
Operands
Length1
Stack Usesobj, index, val
Stack Defsobj, (index + 1)

Pops the top three values on the stack as val, index and obj, sets index property of obj as val, pushes obj and index + 1 onto the stack.

This opcode is used in Array literals with spread and spreadcall arguments.

JSOP_LENGTH [-1, +1] (ATOM, PROP, TYPESET, TMPSLOT3)
Value217 (0xd9)
Operandsuint32_t nameIndex
Length5
Stack Usesobj
Stack Defsobj['length']

Pops the top of stack value, pushes the length property of it onto the stack.

JSOP_NEWARRAY [-0, +1] (UINT24)
Value90 (0x5a)
Operandsuint24_t length
Length4
Stack Uses
Stack Defsobj

Pushes newly created array onto the stack.

This opcode takes the final length, which is preallocated.

JSOP_SPREAD [-3, +2] (ELEM, SET)
Value83 (0x53)
Operands
Length1
Stack Usesobj, index, iterable
Stack Defsobj, (index + iteration count)

Pops the top three values on the stack as iterable, index and obj, iterates over iterable and stores the iteration values as index + i elements of obj, pushes obj and index + iteration count onto the stack.

This opcode is used in Array literals with spread and spreadcall arguments.

RegExp

JSOP_REGEXP [-0, +1] (REGEXP)
Value160 (0xa0)
Operandsuint32_t regexpIndex
Length5
Stack Uses
Stack Defsregexp

Pushes a regular expression literal onto the stack. It requires special "clone on exec" handling.

Other

JSOP_LINENO [-0, +0] (UINT16)
Value119 (0x77)
Operandsuint32_t lineno
Length3
Stack Uses
Stack Defs

Embedded lineno to speedup pc->line mapping.

JSOP_NOP [-0, +0]
Value0 (0x00)
Operands
Length1
Stack Uses
Stack Defs

No operation is performed.

Document Tags and Contributors

Last updated by: cdleary,