<html>

    <head>

      <base href="https://bugs.webkit.org/" />

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - Introduce bytecode intrinsics"

   href="https://bugs.webkit.org/show_bug.cgi?id=143926">143926</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>Introduce bytecode intrinsics

          </td>

        </tr>

        <tr>

          <th>Classification</th>

          <td>Unclassified

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>WebKit

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>528+ (Nightly build)

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>Unspecified

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>Unspecified

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>Normal

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P2

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>JavaScriptCore

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>webkit-unassigned&#64;lists.webkit.org

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>utatane.tea&#64;gmail.com

          </td>

        </tr></table>

      <p>

        <div>

        <pre>When implementing functions in builtins/*.js, sometimes we require lower level functionality.

For example, in the current Array.from, we use `result[k] = value`.

The spec requires [[DefineOwnProperty]] operation here.

However, current implementation behaves as [[Put]].

So if we implement Array.prototype[k] getter/setter, the difference is observable.

Ideally, reaching here, we would like to use put_by_val_direct bytecode.

However, there's no syntax to generate it directly.

So I propose introducing bytecode level intrinsics into JSC BytecodeCompiler.

Like &#64;call, &#64;apply, we introduce a new node, Intrinsic. These are generated when calling appropriate private symbols in privileged code.

AST parser detects them and generates Intrinsic nodes and BytecodeCompiler detects them and generate required bytecodes.

For example, I'm supposing the following code in builtins/.

&#64;putByValDirect(result, k, value);

And AST parser &amp; bytecode generator detects them and generate `put_by_val_direct`.</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are the assignee for the bug.</li>

      </ul>

    </body>

</html>