X-Git-Url: https://git.saurik.com/apple/javascriptcore.git/blobdiff_plain/2d39b0e377c0896910ee49ae70082ba665faf986..ed1e77d3adeb83d26fd1dfb16dd84cabdcefd250:/runtime/JSString.h

diff --git a/runtime/JSString.h b/runtime/JSString.h
index 1287b66..068f52f 100644
--- a/runtime/JSString.h
+++ b/runtime/JSString.h
@@ -30,601 +30,748 @@
 #include "PropertySlot.h"
 #include "Structure.h"
 #include <array>
+#include <wtf/text/StringView.h>
 
 namespace JSC {
 
-    class JSString;
-    class JSRopeString;
-    class LLIntOffsetsExtractor;
+class JSString;
+class JSRopeString;
+class LLIntOffsetsExtractor;
+
+JSString* jsEmptyString(VM*);
+JSString* jsEmptyString(ExecState*);
+JSString* jsString(VM*, const String&); // returns empty string if passed null string
+JSString* jsString(ExecState*, const String&); // returns empty string if passed null string
+
+JSString* jsSingleCharacterString(VM*, UChar);
+JSString* jsSingleCharacterString(ExecState*, UChar);
+JSString* jsSubstring(VM*, const String&, unsigned offset, unsigned length);
+JSString* jsSubstring(ExecState*, const String&, unsigned offset, unsigned length);
+JSString* jsSubstring8(VM*, const String&, unsigned offset, unsigned length);
+JSString* jsSubstring8(ExecState*, const String&, unsigned offset, unsigned length);
+
+// Non-trivial strings are two or more characters long.
+// These functions are faster than just calling jsString.
+JSString* jsNontrivialString(VM*, const String&);
+JSString* jsNontrivialString(ExecState*, const String&);
+JSString* jsNontrivialString(ExecState*, String&&);
+
+// Should be used for strings that are owned by an object that will
+// likely outlive the JSValue this makes, such as the parse tree or a
+// DOM object that contains a String
+JSString* jsOwnedString(VM*, const String&);
+JSString* jsOwnedString(ExecState*, const String&);
+
+JSRopeString* jsStringBuilder(VM*);
+
+bool isJSString(JSValue);
+JSString* asString(JSValue);
+
+struct StringViewWithUnderlyingString {
+    StringView view;
+    String underlyingString;
+};
+
+class JSString : public JSCell {
+public:
+    friend class JIT;
+    friend class VM;
+    friend class SpecializedThunkJIT;
+    friend class JSRopeString;
+    friend class MarkStack;
+    friend class SlotVisitor;
+    friend struct ThunkHelpers;
+
+    typedef JSCell Base;
+    static const unsigned StructureFlags = Base::StructureFlags | OverridesGetOwnPropertySlot | InterceptsGetOwnPropertySlotByIndexEvenWhenLengthIsNotZero | StructureIsImmortal;
+
+    static const bool needsDestruction = true;
+    static void destroy(JSCell*);
+
+private:
+    JSString(VM& vm, PassRefPtr<StringImpl> value)
+        : JSCell(vm, vm.stringStructure.get())
+        , m_flags(0)
+        , m_value(value)
+    {
+    }
 
-    JSString* jsEmptyString(VM*);
-    JSString* jsEmptyString(ExecState*);
-    JSString* jsString(VM*, const String&); // returns empty string if passed null string
-    JSString* jsString(ExecState*, const String&); // returns empty string if passed null string
+    JSString(VM& vm)
+        : JSCell(vm, vm.stringStructure.get())
+        , m_flags(0)
+    {
+    }
 
-    JSString* jsSingleCharacterString(VM*, UChar);
-    JSString* jsSingleCharacterString(ExecState*, UChar);
-    JSString* jsSingleCharacterSubstring(ExecState*, const String&, unsigned offset);
-    JSString* jsSubstring(VM*, const String&, unsigned offset, unsigned length);
-    JSString* jsSubstring(ExecState*, const String&, unsigned offset, unsigned length);
+    void finishCreation(VM& vm, size_t length)
+    {
+        ASSERT(!m_value.isNull());
+        Base::finishCreation(vm);
+        m_length = length;
+        setIs8Bit(m_value.impl()->is8Bit());
+        vm.m_newStringsSinceLastHashCons++;
+    }
 
-    // Non-trivial strings are two or more characters long.
-    // These functions are faster than just calling jsString.
-    JSString* jsNontrivialString(VM*, const String&);
-    JSString* jsNontrivialString(ExecState*, const String&);
+    void finishCreation(VM& vm, size_t length, size_t cost)
+    {
+        ASSERT(!m_value.isNull());
+        Base::finishCreation(vm);
+        m_length = length;
+        setIs8Bit(m_value.impl()->is8Bit());
+        Heap::heap(this)->reportExtraMemoryAllocated(cost);
+        vm.m_newStringsSinceLastHashCons++;
+    }
 
-    // Should be used for strings that are owned by an object that will
-    // likely outlive the JSValue this makes, such as the parse tree or a
-    // DOM object that contains a String
-    JSString* jsOwnedString(VM*, const String&);
-    JSString* jsOwnedString(ExecState*, const String&);
+protected:
+    void finishCreation(VM& vm)
+    {
+        Base::finishCreation(vm);
+        m_length = 0;
+        setIs8Bit(true);
+        vm.m_newStringsSinceLastHashCons++;
+    }
 
-    JSRopeString* jsStringBuilder(VM*);
+public:
+    static JSString* create(VM& vm, PassRefPtr<StringImpl> value)
+    {
+        ASSERT(value);
+        int32_t length = value->length();
+        RELEASE_ASSERT(length >= 0);
+        size_t cost = value->cost();
+        JSString* newString = new (NotNull, allocateCell<JSString>(vm.heap)) JSString(vm, value);
+        newString->finishCreation(vm, length, cost);
+        return newString;
+    }
+    static JSString* createHasOtherOwner(VM& vm, PassRefPtr<StringImpl> value)
+    {
+        ASSERT(value);
+        size_t length = value->length();
+        JSString* newString = new (NotNull, allocateCell<JSString>(vm.heap)) JSString(vm, value);
+        newString->finishCreation(vm, length);
+        return newString;
+    }
 
-    class JSString : public JSCell {
-    public:
-        friend class JIT;
-        friend class VM;
-        friend class SpecializedThunkJIT;
-        friend class JSRopeString;
-        friend class MarkStack;
-        friend class SlotVisitor;
-        friend struct ThunkHelpers;
+    Identifier toIdentifier(ExecState*) const;
+    AtomicString toAtomicString(ExecState*) const;
+    RefPtr<AtomicStringImpl> toExistingAtomicString(ExecState*) const;
 
-        typedef JSCell Base;
+    class SafeView;
+    SafeView view(ExecState*) const;
+    StringViewWithUnderlyingString viewWithUnderlyingString(ExecState&) const;
 
-        static const bool needsDestruction = true;
-        static const bool hasImmortalStructure = true;
-        static void destroy(JSCell*);
+    const String& value(ExecState*) const;
+    const String& tryGetValue() const;
+    const StringImpl* tryGetValueImpl() const;
+    unsigned length() const { return m_length; }
 
-    private:
-        JSString(VM& vm, PassRefPtr<StringImpl> value)
-            : JSCell(vm, vm.stringStructure.get())
-            , m_flags(0)
-            , m_value(value)
-        {
-        }
-
-        JSString(VM& vm)
-            : JSCell(vm, vm.stringStructure.get())
-            , m_flags(0)
-        {
-        }
+    JSValue toPrimitive(ExecState*, PreferredPrimitiveType) const;
+    bool toBoolean() const { return !!m_length; }
+    bool getPrimitiveNumber(ExecState*, double& number, JSValue&) const;
+    JSObject* toObject(ExecState*, JSGlobalObject*) const;
+    double toNumber(ExecState*) const;
 
-        void finishCreation(VM& vm, size_t length)
-        {
-            ASSERT(!m_value.isNull());
-            Base::finishCreation(vm);
-            m_length = length;
-            setIs8Bit(m_value.impl()->is8Bit());
-            vm.m_newStringsSinceLastHashCons++;
-        }
-
-        void finishCreation(VM& vm, size_t length, size_t cost)
-        {
-            ASSERT(!m_value.isNull());
-            Base::finishCreation(vm);
-            m_length = length;
-            setIs8Bit(m_value.impl()->is8Bit());
-            Heap::heap(this)->reportExtraMemoryCost(cost);
-            vm.m_newStringsSinceLastHashCons++;
-        }
+    bool getStringPropertySlot(ExecState*, PropertyName, PropertySlot&);
+    bool getStringPropertySlot(ExecState*, unsigned propertyName, PropertySlot&);
+    bool getStringPropertyDescriptor(ExecState*, PropertyName, PropertyDescriptor&);
 
-    protected:
-        void finishCreation(VM& vm)
-        {
-            Base::finishCreation(vm);
-            m_length = 0;
-            setIs8Bit(true);
-            vm.m_newStringsSinceLastHashCons++;
-        }
-            
-    public:
-        static JSString* create(VM& vm, PassRefPtr<StringImpl> value)
-        {
-            ASSERT(value);
-            int32_t length = value->length();
-            RELEASE_ASSERT(length >= 0);
-            size_t cost = value->cost();
-            JSString* newString = new (NotNull, allocateCell<JSString>(vm.heap)) JSString(vm, value);
-            newString->finishCreation(vm, length, cost);
-            return newString;
-        }
-        static JSString* createHasOtherOwner(VM& vm, PassRefPtr<StringImpl> value)
-        {
-            ASSERT(value);
-            size_t length = value->length();
-            JSString* newString = new (NotNull, allocateCell<JSString>(vm.heap)) JSString(vm, value);
-            newString->finishCreation(vm, length);
-            return newString;
-        }
+    bool canGetIndex(unsigned i) { return i < m_length; }
+    JSString* getIndex(ExecState*, unsigned);
 
-        Identifier toIdentifier(ExecState*) const;
-        AtomicString toAtomicString(ExecState*) const;
-        AtomicStringImpl* toExistingAtomicString(ExecState*) const;
-        const String& value(ExecState*) const;
-        const String& tryGetValue() const;
-        const StringImpl* tryGetValueImpl() const;
-        unsigned length() const { return m_length; }
-
-        JSValue toPrimitive(ExecState*, PreferredPrimitiveType) const;
-        JS_EXPORT_PRIVATE bool toBoolean() const;
-        bool getPrimitiveNumber(ExecState*, double& number, JSValue&) const;
-        JSObject* toObject(ExecState*, JSGlobalObject*) const;
-        double toNumber(ExecState*) const;
-            
-        bool getStringPropertySlot(ExecState*, PropertyName, PropertySlot&);
-        bool getStringPropertySlot(ExecState*, unsigned propertyName, PropertySlot&);
-        bool getStringPropertyDescriptor(ExecState*, PropertyName, PropertyDescriptor&);
-
-        bool canGetIndex(unsigned i) { return i < m_length; }
-        JSString* getIndex(ExecState*, unsigned);
-
-        static Structure* createStructure(VM& vm, JSGlobalObject* globalObject, JSValue proto)
-        {
-            return Structure::create(vm, globalObject, proto, TypeInfo(StringType, StructureFlags), info());
-        }
-
-        static size_t offsetOfLength() { return OBJECT_OFFSETOF(JSString, m_length); }
-        static size_t offsetOfFlags() { return OBJECT_OFFSETOF(JSString, m_flags); }
-        static size_t offsetOfValue() { return OBJECT_OFFSETOF(JSString, m_value); }
-
-        DECLARE_EXPORT_INFO;
-
-        static void dumpToStream(const JSCell*, PrintStream&);
-        static void visitChildren(JSCell*, SlotVisitor&);
-
-        enum {
-            HashConsLock = 1u << 2,
-            IsHashConsSingleton = 1u << 1,
-            Is8Bit = 1u
-        };
-
-    protected:
-        static const unsigned StructureFlags = OverridesGetOwnPropertySlot | InterceptsGetOwnPropertySlotByIndexEvenWhenLengthIsNotZero | StructureIsImmortal;
+    static Structure* createStructure(VM& vm, JSGlobalObject* globalObject, JSValue proto)
+    {
+        return Structure::create(vm, globalObject, proto, TypeInfo(StringType, StructureFlags), info());
+    }
 
-        friend class JSValue;
-            
-        bool isRope() const { return m_value.isNull(); }
-        bool is8Bit() const { return m_flags & Is8Bit; }
-        void setIs8Bit(bool flag)
-        {
-            if (flag)
-                m_flags |= Is8Bit;
-            else
-                m_flags &= ~Is8Bit;
-        }
-        bool shouldTryHashCons();
-        bool isHashConsSingleton() const { return m_flags & IsHashConsSingleton; }
-        void clearHashConsSingleton() { m_flags &= ~IsHashConsSingleton; }
-        void setHashConsSingleton() { m_flags |= IsHashConsSingleton; }
-        bool tryHashConsLock();
-        void releaseHashConsLock();
-
-        unsigned m_flags;
-            
-        // A string is represented either by a String or a rope of fibers.
-        unsigned m_length;
-        mutable String m_value;
+    static size_t offsetOfLength() { return OBJECT_OFFSETOF(JSString, m_length); }
+    static size_t offsetOfFlags() { return OBJECT_OFFSETOF(JSString, m_flags); }
+    static size_t offsetOfValue() { return OBJECT_OFFSETOF(JSString, m_value); }
 
-    private:
-        friend class LLIntOffsetsExtractor;
-            
-        static JSValue toThis(JSCell*, ExecState*, ECMAMode);
+    DECLARE_EXPORT_INFO;
 
-        String& string() { ASSERT(!isRope()); return m_value; }
+    static void dumpToStream(const JSCell*, PrintStream&);
+    static void visitChildren(JSCell*, SlotVisitor&);
 
-        friend JSValue jsString(ExecState*, JSString*, JSString*);
-        friend JSString* jsSubstring(ExecState*, JSString*, unsigned offset, unsigned length);
+    enum {
+        HashConsLock = 1u << 2,
+        IsHashConsSingleton = 1u << 1,
+        Is8Bit = 1u
     };
 
-    class JSRopeString : public JSString {
-        friend class JSString;
+protected:
+    friend class JSValue;
 
-        friend JSRopeString* jsStringBuilder(VM*);
+    bool isRope() const { return m_value.isNull(); }
+    bool isSubstring() const;
+    bool is8Bit() const { return m_flags & Is8Bit; }
+    void setIs8Bit(bool flag) const
+    {
+        if (flag)
+            m_flags |= Is8Bit;
+        else
+            m_flags &= ~Is8Bit;
+    }
+    bool shouldTryHashCons();
+    bool isHashConsSingleton() const { return m_flags & IsHashConsSingleton; }
+    void clearHashConsSingleton() { m_flags &= ~IsHashConsSingleton; }
+    void setHashConsSingleton() { m_flags |= IsHashConsSingleton; }
+    bool tryHashConsLock();
+    void releaseHashConsLock();
 
-        class RopeBuilder {
-        public:
-            RopeBuilder(VM& vm)
-                : m_vm(vm)
-                , m_jsString(jsStringBuilder(&vm))
-                , m_index(0)
-            {
-            }
+    mutable unsigned m_flags;
 
-            bool append(JSString* jsString)
-            {
-                if (m_index == JSRopeString::s_maxInternalRopeLength)
-                    expand();
-                if (static_cast<int32_t>(m_jsString->length() + jsString->length()) < 0) {
-                    m_jsString = nullptr;
-                    return false;
-                }
-                m_jsString->append(m_vm, m_index++, jsString);
-                return true;
-            }
+    // A string is represented either by a String or a rope of fibers.
+    unsigned m_length;
+    mutable String m_value;
 
-            JSRopeString* release()
-            {
-                RELEASE_ASSERT(m_jsString);
-                JSRopeString* tmp = m_jsString;
-                m_jsString = 0;
-                return tmp;
-            }
+private:
+    friend class LLIntOffsetsExtractor;
 
-            unsigned length() const { return m_jsString->m_length; }
+    static JSValue toThis(JSCell*, ExecState*, ECMAMode);
 
-        private:
-            void expand();
-                
-            VM& m_vm;
-            JSRopeString* m_jsString;
-            size_t m_index;
-        };
-            
-    private:
-        JSRopeString(VM& vm)
-            : JSString(vm)
-        {
-        }
+    String& string() { ASSERT(!isRope()); return m_value; }
+    StringView unsafeView(ExecState&) const;
 
-        void finishCreation(VM& vm, JSString* s1, JSString* s2)
-        {
-            Base::finishCreation(vm);
-            m_length = s1->length() + s2->length();
-            setIs8Bit(s1->is8Bit() && s2->is8Bit());
-            m_fibers[0].set(vm, this, s1);
-            m_fibers[1].set(vm, this, s2);
-        }
-            
-        void finishCreation(VM& vm, JSString* s1, JSString* s2, JSString* s3)
-        {
-            Base::finishCreation(vm);
-            m_length = s1->length() + s2->length() + s3->length();
-            setIs8Bit(s1->is8Bit() && s2->is8Bit() &&  s3->is8Bit());
-            m_fibers[0].set(vm, this, s1);
-            m_fibers[1].set(vm, this, s2);
-            m_fibers[2].set(vm, this, s3);
-        }
+    friend JSValue jsString(ExecState*, JSString*, JSString*);
+    friend JSString* jsSubstring(ExecState*, JSString*, unsigned offset, unsigned length);
+};
 
-        void finishCreation(VM& vm)
-        {
-            JSString::finishCreation(vm);
-        }
+class JSRopeString final : public JSString {
+    friend class JSString;
 
-        void append(VM& vm, size_t index, JSString* jsString)
-        {
-            m_fibers[index].set(vm, this, jsString);
-            m_length += jsString->m_length;
-            RELEASE_ASSERT(static_cast<int32_t>(m_length) >= 0);
-            setIs8Bit(is8Bit() && jsString->is8Bit());
-        }
+    friend JSRopeString* jsStringBuilder(VM*);
 
-        static JSRopeString* createNull(VM& vm)
+public:
+    class RopeBuilder {
+    public:
+        RopeBuilder(VM& vm)
+            : m_vm(vm)
+            , m_jsString(jsStringBuilder(&vm))
+            , m_index(0)
         {
-            JSRopeString* newString = new (NotNull, allocateCell<JSRopeString>(vm.heap)) JSRopeString(vm);
-            newString->finishCreation(vm);
-            return newString;
         }
 
-    public:
-        static JSString* create(VM& vm, JSString* s1, JSString* s2)
+        bool append(JSString* jsString)
         {
-            JSRopeString* newString = new (NotNull, allocateCell<JSRopeString>(vm.heap)) JSRopeString(vm);
-            newString->finishCreation(vm, s1, s2);
-            return newString;
+            if (m_index == JSRopeString::s_maxInternalRopeLength)
+                expand();
+            if (static_cast<int32_t>(m_jsString->length() + jsString->length()) < 0) {
+                m_jsString = nullptr;
+                return false;
+            }
+            m_jsString->append(m_vm, m_index++, jsString);
+            return true;
         }
-        static JSString* create(VM& vm, JSString* s1, JSString* s2, JSString* s3)
+
+        JSRopeString* release()
         {
-            JSRopeString* newString = new (NotNull, allocateCell<JSRopeString>(vm.heap)) JSRopeString(vm);
-            newString->finishCreation(vm, s1, s2, s3);
-            return newString;
+            RELEASE_ASSERT(m_jsString);
+            JSRopeString* tmp = m_jsString;
+            m_jsString = 0;
+            return tmp;
         }
 
-        void visitFibers(SlotVisitor&);
-            
-        static ptrdiff_t offsetOfFibers() { return OBJECT_OFFSETOF(JSRopeString, m_fibers); }
+        unsigned length() const { return m_jsString->m_length; }
 
-        static const unsigned s_maxInternalRopeLength = 3;
-            
     private:
-        friend JSValue jsStringFromRegisterArray(ExecState*, Register*, unsigned);
-        friend JSValue jsStringFromArguments(ExecState*, JSValue);
-
-        JS_EXPORT_PRIVATE void resolveRope(ExecState*) const;
-        JS_EXPORT_PRIVATE void resolveRopeToAtomicString(ExecState*) const;
-        JS_EXPORT_PRIVATE AtomicStringImpl* resolveRopeToExistingAtomicString(ExecState*) const;
-        void resolveRopeSlowCase8(LChar*) const;
-        void resolveRopeSlowCase(UChar*) const;
-        void outOfMemory(ExecState*) const;
-        void resolveRopeInternal8(LChar*) const;
-        void resolveRopeInternal16(UChar*) const;
-        void clearFibers() const;
-            
-        JS_EXPORT_PRIVATE JSString* getIndexSlowCase(ExecState*, unsigned);
-
-        mutable std::array<WriteBarrier<JSString>, s_maxInternalRopeLength> m_fibers;
-    };
+        void expand();
 
+        VM& m_vm;
+        JSRopeString* m_jsString;
+        size_t m_index;
+    };
 
-    inline const StringImpl* JSString::tryGetValueImpl() const
+private:
+    JSRopeString(VM& vm)
+        : JSString(vm)
     {
-        return m_value.impl();
     }
 
-    JSString* asString(JSValue);
-
-    inline JSString* asString(JSValue value)
+    void finishCreation(VM& vm, JSString* s1, JSString* s2)
     {
-        ASSERT(value.asCell()->isString());
-        return jsCast<JSString*>(value.asCell());
+        Base::finishCreation(vm);
+        m_length = s1->length() + s2->length();
+        setIs8Bit(s1->is8Bit() && s2->is8Bit());
+        setIsSubstring(false);
+        fiber(0).set(vm, this, s1);
+        fiber(1).set(vm, this, s2);
+        fiber(2).clear();
     }
 
-    inline JSString* jsEmptyString(VM* vm)
+    void finishCreation(VM& vm, JSString* s1, JSString* s2, JSString* s3)
     {
-        return vm->smallStrings.emptyString();
+        Base::finishCreation(vm);
+        m_length = s1->length() + s2->length() + s3->length();
+        setIs8Bit(s1->is8Bit() && s2->is8Bit() &&  s3->is8Bit());
+        setIsSubstring(false);
+        fiber(0).set(vm, this, s1);
+        fiber(1).set(vm, this, s2);
+        fiber(2).set(vm, this, s3);
     }
 
-    ALWAYS_INLINE JSString* jsSingleCharacterString(VM* vm, UChar c)
+    void finishCreation(ExecState& exec, JSString& base, unsigned offset, unsigned length)
     {
-        if (c <= maxSingleCharacterString)
-            return vm->smallStrings.singleCharacterString(c);
-        return JSString::create(*vm, String(&c, 1).impl());
+        VM& vm = exec.vm();
+        Base::finishCreation(vm);
+        ASSERT(!sumOverflows<int32_t>(offset, length));
+        ASSERT(offset + length <= base.length());
+        m_length = length;
+        setIs8Bit(base.is8Bit());
+        setIsSubstring(true);
+        if (base.isSubstring()) {
+            JSRopeString& baseRope = static_cast<JSRopeString&>(base);
+            substringBase().set(vm, this, baseRope.substringBase().get());
+            substringOffset() = baseRope.substringOffset() + offset;
+        } else {
+            substringBase().set(vm, this, &base);
+            substringOffset() = offset;
+
+            // For now, let's not allow substrings with a rope base.
+            // Resolve non-substring rope bases so we don't have to deal with it.
+            // FIXME: Evaluate if this would be worth adding more branches.
+            if (base.isRope())
+                static_cast<JSRopeString&>(base).resolveRope(&exec);
+        }
     }
 
-    ALWAYS_INLINE JSString* jsSingleCharacterSubstring(ExecState* exec, const String& s, unsigned offset)
+    void finishCreation(VM& vm)
     {
-        VM* vm = &exec->vm();
-        ASSERT(offset < static_cast<unsigned>(s.length()));
-        UChar c = s.characterAt(offset);
-        if (c <= maxSingleCharacterString)
-            return vm->smallStrings.singleCharacterString(c);
-        return JSString::create(*vm, StringImpl::createSubstringSharingImpl(s.impl(), offset, 1));
+        JSString::finishCreation(vm);
+        setIsSubstring(false);
+        fiber(0).clear();
+        fiber(1).clear();
+        fiber(2).clear();
     }
 
-    inline JSString* jsNontrivialString(VM* vm, const String& s)
+    void append(VM& vm, size_t index, JSString* jsString)
     {
-        ASSERT(s.length() > 1);
-        return JSString::create(*vm, s.impl());
+        fiber(index).set(vm, this, jsString);
+        m_length += jsString->m_length;
+        RELEASE_ASSERT(static_cast<int32_t>(m_length) >= 0);
+        setIs8Bit(is8Bit() && jsString->is8Bit());
     }
 
-    ALWAYS_INLINE Identifier JSString::toIdentifier(ExecState* exec) const
+    static JSRopeString* createNull(VM& vm)
     {
-        return Identifier(exec, toAtomicString(exec));
+        JSRopeString* newString = new (NotNull, allocateCell<JSRopeString>(vm.heap)) JSRopeString(vm);
+        newString->finishCreation(vm);
+        return newString;
     }
 
-    ALWAYS_INLINE AtomicString JSString::toAtomicString(ExecState* exec) const
+public:
+    static JSString* create(VM& vm, JSString* s1, JSString* s2)
     {
-        if (isRope())
-            static_cast<const JSRopeString*>(this)->resolveRopeToAtomicString(exec);
-        return AtomicString(m_value);
+        JSRopeString* newString = new (NotNull, allocateCell<JSRopeString>(vm.heap)) JSRopeString(vm);
+        newString->finishCreation(vm, s1, s2);
+        return newString;
     }
-
-    ALWAYS_INLINE AtomicStringImpl* JSString::toExistingAtomicString(ExecState* exec) const
+    static JSString* create(VM& vm, JSString* s1, JSString* s2, JSString* s3)
     {
-        if (isRope())
-            return static_cast<const JSRopeString*>(this)->resolveRopeToExistingAtomicString(exec);
-        if (m_value.impl()->isAtomic())
-            return static_cast<AtomicStringImpl*>(m_value.impl());
-        if (AtomicStringImpl* existingAtomicString = AtomicString::find(m_value.impl())) {
-            m_value = *existingAtomicString;
-            return existingAtomicString;
-        }
-        return nullptr;
+        JSRopeString* newString = new (NotNull, allocateCell<JSRopeString>(vm.heap)) JSRopeString(vm);
+        newString->finishCreation(vm, s1, s2, s3);
+        return newString;
     }
 
-    inline const String& JSString::value(ExecState* exec) const
+    static JSString* create(ExecState& exec, JSString& base, unsigned offset, unsigned length)
     {
-        if (isRope())
-            static_cast<const JSRopeString*>(this)->resolveRope(exec);
-        return m_value;
+        JSRopeString* newString = new (NotNull, allocateCell<JSRopeString>(exec.vm().heap)) JSRopeString(exec.vm());
+        newString->finishCreation(exec, base, offset, length);
+        return newString;
     }
 
-    inline const String& JSString::tryGetValue() const
-    {
-        if (isRope())
-            static_cast<const JSRopeString*>(this)->resolveRope(0);
-        return m_value;
-    }
+    void visitFibers(SlotVisitor&);
 
-    inline JSString* JSString::getIndex(ExecState* exec, unsigned i)
-    {
-        ASSERT(canGetIndex(i));
-        if (isRope())
-            return static_cast<JSRopeString*>(this)->getIndexSlowCase(exec, i);
-        ASSERT(i < m_value.length());
-        return jsSingleCharacterSubstring(exec, m_value, i);
-    }
+    static ptrdiff_t offsetOfFibers() { return OBJECT_OFFSETOF(JSRopeString, u); }
 
-    inline JSString* jsString(VM* vm, const String& s)
+    static const unsigned s_maxInternalRopeLength = 3;
+
+private:
+    friend JSValue jsStringFromRegisterArray(ExecState*, Register*, unsigned);
+    friend JSValue jsStringFromArguments(ExecState*, JSValue);
+
+    JS_EXPORT_PRIVATE void resolveRope(ExecState*) const;
+    JS_EXPORT_PRIVATE void resolveRopeToAtomicString(ExecState*) const;
+    JS_EXPORT_PRIVATE RefPtr<AtomicStringImpl> resolveRopeToExistingAtomicString(ExecState*) const;
+    void resolveRopeSlowCase8(LChar*) const;
+    void resolveRopeSlowCase(UChar*) const;
+    void outOfMemory(ExecState*) const;
+    void resolveRopeInternal8(LChar*) const;
+    void resolveRopeInternal8NoSubstring(LChar*) const;
+    void resolveRopeInternal16(UChar*) const;
+    void resolveRopeInternal16NoSubstring(UChar*) const;
+    void clearFibers() const;
+    StringView unsafeView(ExecState&) const;
+    StringViewWithUnderlyingString viewWithUnderlyingString(ExecState&) const;
+
+    WriteBarrierBase<JSString>& fiber(unsigned i) const
     {
-        int size = s.length();
-        if (!size)
-            return vm->smallStrings.emptyString();
-        if (size == 1) {
-            UChar c = s.characterAt(0);
-            if (c <= maxSingleCharacterString)
-                return vm->smallStrings.singleCharacterString(c);
-        }
-        return JSString::create(*vm, s.impl());
+        ASSERT(!isSubstring());
+        ASSERT(i < s_maxInternalRopeLength);
+        return u[i].string;
     }
 
-    inline JSString* jsSubstring(ExecState* exec, JSString* s, unsigned offset, unsigned length)
+    WriteBarrierBase<JSString>& substringBase() const
     {
-        ASSERT(offset <= static_cast<unsigned>(s->length()));
-        ASSERT(length <= static_cast<unsigned>(s->length()));
-        ASSERT(offset + length <= static_cast<unsigned>(s->length()));
-        VM* vm = &exec->vm();
-        if (!length)
-            return vm->smallStrings.emptyString();
-        return jsSubstring(vm, s->value(exec), offset, length);
+        return u[1].string;
     }
 
-    inline JSString* jsSubstring8(VM* vm, const String& s, unsigned offset, unsigned length)
+    uintptr_t& substringOffset() const
     {
-        ASSERT(offset <= static_cast<unsigned>(s.length()));
-        ASSERT(length <= static_cast<unsigned>(s.length()));
-        ASSERT(offset + length <= static_cast<unsigned>(s.length()));
-        if (!length)
-            return vm->smallStrings.emptyString();
-        if (length == 1) {
-            UChar c = s.characterAt(offset);
-            if (c <= maxSingleCharacterString)
-                return vm->smallStrings.singleCharacterString(c);
-        }
-        return JSString::createHasOtherOwner(*vm, StringImpl::createSubstringSharingImpl8(s.impl(), offset, length));
+        return u[2].number;
     }
 
-    inline JSString* jsSubstring(VM* vm, const String& s, unsigned offset, unsigned length)
+    static uintptr_t notSubstringSentinel()
     {
-        ASSERT(offset <= static_cast<unsigned>(s.length()));
-        ASSERT(length <= static_cast<unsigned>(s.length()));
-        ASSERT(offset + length <= static_cast<unsigned>(s.length()));
-        if (!length)
-            return vm->smallStrings.emptyString();
-        if (length == 1) {
-            UChar c = s.characterAt(offset);
-            if (c <= maxSingleCharacterString)
-                return vm->smallStrings.singleCharacterString(c);
-        }
-        return JSString::createHasOtherOwner(*vm, StringImpl::createSubstringSharingImpl(s.impl(), offset, length));
+        return 0;
     }
 
-    inline JSString* jsOwnedString(VM* vm, const String& s)
+    static uintptr_t substringSentinel()
     {
-        int size = s.length();
-        if (!size)
-            return vm->smallStrings.emptyString();
-        if (size == 1) {
-            UChar c = s.characterAt(0);
-            if (c <= maxSingleCharacterString)
-                return vm->smallStrings.singleCharacterString(c);
-        }
-        return JSString::createHasOtherOwner(*vm, s.impl());
+        return 1;
     }
 
-    inline JSRopeString* jsStringBuilder(VM* vm)
+    bool isSubstring() const
     {
-        return JSRopeString::createNull(*vm);
+        return u[0].number == substringSentinel();
     }
 
-    inline JSString* jsEmptyString(ExecState* exec) { return jsEmptyString(&exec->vm()); }
-    inline JSString* jsString(ExecState* exec, const String& s) { return jsString(&exec->vm(), s); }
-    inline JSString* jsSingleCharacterString(ExecState* exec, UChar c) { return jsSingleCharacterString(&exec->vm(), c); }
-    inline JSString* jsSubstring8(ExecState* exec, const String& s, unsigned offset, unsigned length) { return jsSubstring8(&exec->vm(), s, offset, length); }
-    inline JSString* jsSubstring(ExecState* exec, const String& s, unsigned offset, unsigned length) { return jsSubstring(&exec->vm(), s, offset, length); }
-    inline JSString* jsNontrivialString(ExecState* exec, const String& s) { return jsNontrivialString(&exec->vm(), s); }
-    inline JSString* jsOwnedString(ExecState* exec, const String& s) { return jsOwnedString(&exec->vm(), s); }
-
-    JS_EXPORT_PRIVATE JSString* jsStringWithCacheSlowCase(VM&, StringImpl&);
-
-    ALWAYS_INLINE JSString* jsStringWithCache(ExecState* exec, const String& s)
+    void setIsSubstring(bool isSubstring)
     {
-        VM& vm = exec->vm();
-        StringImpl* stringImpl = s.impl();
-        if (!stringImpl || !stringImpl->length())
-            return jsEmptyString(&vm);
-
-        if (stringImpl->length() == 1) {
-            UChar singleCharacter = (*stringImpl)[0u];
-            if (singleCharacter <= maxSingleCharacterString)
-                return vm.smallStrings.singleCharacterString(static_cast<unsigned char>(singleCharacter));
-        }
+        u[0].number = isSubstring ? substringSentinel() : notSubstringSentinel();
+    }
 
-        if (JSString* lastCachedString = vm.lastCachedString.get()) {
-            if (lastCachedString->tryGetValueImpl() == stringImpl)
-                return lastCachedString;
-        }
+    mutable union {
+        uintptr_t number;
+        WriteBarrierBase<JSString> string;
+    } u[s_maxInternalRopeLength];
+};
+
+class JSString::SafeView {
+public:
+    SafeView();
+    explicit SafeView(ExecState&, const JSString&);
+    operator StringView() const;
+    StringView get() const;
+
+private:
+    ExecState* m_state { nullptr };
+
+    // The following pointer is marked "volatile" to make the compiler leave it on the stack
+    // or in a register as long as this object is alive, even after the last use of the pointer.
+    // That's needed to prevent garbage collecting the string and possibly deleting the block
+    // with the characters in it, and then using the StringView after that.
+    const JSString* volatile m_string { nullptr };
+};
+
+JS_EXPORT_PRIVATE JSString* jsStringWithCacheSlowCase(VM&, StringImpl&);
+
+inline const StringImpl* JSString::tryGetValueImpl() const
+{
+    return m_value.impl();
+}
+
+inline JSString* asString(JSValue value)
+{
+    ASSERT(value.asCell()->isString());
+    return jsCast<JSString*>(value.asCell());
+}
+
+inline JSString* jsEmptyString(VM* vm)
+{
+    return vm->smallStrings.emptyString();
+}
+
+ALWAYS_INLINE JSString* jsSingleCharacterString(VM* vm, UChar c)
+{
+    if (c <= maxSingleCharacterString)
+        return vm->smallStrings.singleCharacterString(c);
+    return JSString::create(*vm, String(&c, 1).impl());
+}
+
+inline JSString* jsNontrivialString(VM* vm, const String& s)
+{
+    ASSERT(s.length() > 1);
+    return JSString::create(*vm, s.impl());
+}
+
+inline JSString* jsNontrivialString(VM* vm, String&& s)
+{
+    ASSERT(s.length() > 1);
+    return JSString::create(*vm, s.releaseImpl());
+}
+
+ALWAYS_INLINE Identifier JSString::toIdentifier(ExecState* exec) const
+{
+    return Identifier::fromString(exec, toAtomicString(exec));
+}
+
+ALWAYS_INLINE AtomicString JSString::toAtomicString(ExecState* exec) const
+{
+    if (isRope())
+        static_cast<const JSRopeString*>(this)->resolveRopeToAtomicString(exec);
+    return AtomicString(m_value);
+}
+
+ALWAYS_INLINE RefPtr<AtomicStringImpl> JSString::toExistingAtomicString(ExecState* exec) const
+{
+    if (isRope())
+        return static_cast<const JSRopeString*>(this)->resolveRopeToExistingAtomicString(exec);
+    if (m_value.impl()->isAtomic())
+        return static_cast<AtomicStringImpl*>(m_value.impl());
+    return AtomicStringImpl::lookUp(m_value.impl());
+}
+
+inline const String& JSString::value(ExecState* exec) const
+{
+    if (isRope())
+        static_cast<const JSRopeString*>(this)->resolveRope(exec);
+    return m_value;
+}
+
+inline const String& JSString::tryGetValue() const
+{
+    if (isRope())
+        static_cast<const JSRopeString*>(this)->resolveRope(0);
+    return m_value;
+}
+
+inline JSString* JSString::getIndex(ExecState* exec, unsigned i)
+{
+    ASSERT(canGetIndex(i));
+    return jsSingleCharacterString(exec, unsafeView(*exec)[i]);
+}
+
+inline JSString* jsString(VM* vm, const String& s)
+{
+    int size = s.length();
+    if (!size)
+        return vm->smallStrings.emptyString();
+    if (size == 1) {
+        UChar c = s.characterAt(0);
+        if (c <= maxSingleCharacterString)
+            return vm->smallStrings.singleCharacterString(c);
+    }
+    return JSString::create(*vm, s.impl());
+}
+
+inline JSString* jsSubstring(ExecState* exec, JSString* s, unsigned offset, unsigned length)
+{
+    ASSERT(offset <= static_cast<unsigned>(s->length()));
+    ASSERT(length <= static_cast<unsigned>(s->length()));
+    ASSERT(offset + length <= static_cast<unsigned>(s->length()));
+    VM& vm = exec->vm();
+    if (!length)
+        return vm.smallStrings.emptyString();
+    if (!offset && length == s->length())
+        return s;
+    return JSRopeString::create(*exec, *s, offset, length);
+}
+
+inline JSString* jsSubstring8(VM* vm, const String& s, unsigned offset, unsigned length)
+{
+    ASSERT(offset <= static_cast<unsigned>(s.length()));
+    ASSERT(length <= static_cast<unsigned>(s.length()));
+    ASSERT(offset + length <= static_cast<unsigned>(s.length()));
+    if (!length)
+        return vm->smallStrings.emptyString();
+    if (length == 1) {
+        UChar c = s.characterAt(offset);
+        if (c <= maxSingleCharacterString)
+            return vm->smallStrings.singleCharacterString(c);
+    }
+    return JSString::createHasOtherOwner(*vm, StringImpl::createSubstringSharingImpl8(s.impl(), offset, length));
+}
+
+inline JSString* jsSubstring(VM* vm, const String& s, unsigned offset, unsigned length)
+{
+    ASSERT(offset <= static_cast<unsigned>(s.length()));
+    ASSERT(length <= static_cast<unsigned>(s.length()));
+    ASSERT(offset + length <= static_cast<unsigned>(s.length()));
+    if (!length)
+        return vm->smallStrings.emptyString();
+    if (length == 1) {
+        UChar c = s.characterAt(offset);
+        if (c <= maxSingleCharacterString)
+            return vm->smallStrings.singleCharacterString(c);
+    }
+    return JSString::createHasOtherOwner(*vm, StringImpl::createSubstringSharingImpl(s.impl(), offset, length));
+}
 
-        return jsStringWithCacheSlowCase(vm, *stringImpl);
+inline JSString* jsOwnedString(VM* vm, const String& s)
+{
+    int size = s.length();
+    if (!size)
+        return vm->smallStrings.emptyString();
+    if (size == 1) {
+        UChar c = s.characterAt(0);
+        if (c <= maxSingleCharacterString)
+            return vm->smallStrings.singleCharacterString(c);
+    }
+    return JSString::createHasOtherOwner(*vm, s.impl());
+}
+
+inline JSRopeString* jsStringBuilder(VM* vm)
+{
+    return JSRopeString::createNull(*vm);
+}
+
+inline JSString* jsEmptyString(ExecState* exec) { return jsEmptyString(&exec->vm()); }
+inline JSString* jsString(ExecState* exec, const String& s) { return jsString(&exec->vm(), s); }
+inline JSString* jsSingleCharacterString(ExecState* exec, UChar c) { return jsSingleCharacterString(&exec->vm(), c); }
+inline JSString* jsSubstring8(ExecState* exec, const String& s, unsigned offset, unsigned length) { return jsSubstring8(&exec->vm(), s, offset, length); }
+inline JSString* jsSubstring(ExecState* exec, const String& s, unsigned offset, unsigned length) { return jsSubstring(&exec->vm(), s, offset, length); }
+inline JSString* jsNontrivialString(ExecState* exec, const String& s) { return jsNontrivialString(&exec->vm(), s); }
+inline JSString* jsNontrivialString(ExecState* exec, String&& s) { return jsNontrivialString(&exec->vm(), WTF::move(s)); }
+inline JSString* jsOwnedString(ExecState* exec, const String& s) { return jsOwnedString(&exec->vm(), s); }
+
+ALWAYS_INLINE JSString* jsStringWithCache(ExecState* exec, const String& s)
+{
+    VM& vm = exec->vm();
+    StringImpl* stringImpl = s.impl();
+    if (!stringImpl || !stringImpl->length())
+        return jsEmptyString(&vm);
+
+    if (stringImpl->length() == 1) {
+        UChar singleCharacter = (*stringImpl)[0u];
+        if (singleCharacter <= maxSingleCharacterString)
+            return vm.smallStrings.singleCharacterString(static_cast<unsigned char>(singleCharacter));
     }
 
-    ALWAYS_INLINE JSString* jsStringWithCache(ExecState* exec, const AtomicString& s)
-    {
-        return jsStringWithCache(exec, s.string());
+    if (JSString* lastCachedString = vm.lastCachedString.get()) {
+        if (lastCachedString->tryGetValueImpl() == stringImpl)
+            return lastCachedString;
     }
 
-    ALWAYS_INLINE bool JSString::getStringPropertySlot(ExecState* exec, PropertyName propertyName, PropertySlot& slot)
-    {
-        if (propertyName == exec->propertyNames().length) {
-            slot.setValue(this, DontEnum | DontDelete | ReadOnly, jsNumber(m_length));
-            return true;
-        }
+    return jsStringWithCacheSlowCase(vm, *stringImpl);
+}
 
-        unsigned i = propertyName.asIndex();
-        if (i < m_length) {
-            ASSERT(i != PropertyName::NotAnIndex); // No need for an explicit check, the above test would always fail!
-            slot.setValue(this, DontDelete | ReadOnly, getIndex(exec, i));
-            return true;
-        }
+ALWAYS_INLINE JSString* jsStringWithCache(ExecState* exec, const AtomicString& s)
+{
+    return jsStringWithCache(exec, s.string());
+}
 
-        return false;
+ALWAYS_INLINE bool JSString::getStringPropertySlot(ExecState* exec, PropertyName propertyName, PropertySlot& slot)
+{
+    if (propertyName == exec->propertyNames().length) {
+        slot.setValue(this, DontEnum | DontDelete | ReadOnly, jsNumber(m_length));
+        return true;
     }
-            
-    ALWAYS_INLINE bool JSString::getStringPropertySlot(ExecState* exec, unsigned propertyName, PropertySlot& slot)
-    {
-        if (propertyName < m_length) {
-            slot.setValue(this, DontDelete | ReadOnly, getIndex(exec, propertyName));
-            return true;
-        }
 
-        return false;
+    Optional<uint32_t> index = parseIndex(propertyName);
+    if (index && index.value() < m_length) {
+        slot.setValue(this, DontDelete | ReadOnly, getIndex(exec, index.value()));
+        return true;
     }
 
-    inline bool isJSString(JSValue v) { return v.isCell() && v.asCell()->type() == StringType; }
-
-    // --- JSValue inlines ----------------------------
-        
-    inline bool JSValue::toBoolean(ExecState* exec) const
-    {
-        if (isInt32())
-            return asInt32();
-        if (isDouble())
-            return asDouble() > 0.0 || asDouble() < 0.0; // false for NaN
-        if (isCell())
-            return asCell()->toBoolean(exec);
-        return isTrue(); // false, null, and undefined all convert to false.
-    }
+    return false;
+}
 
-    inline JSString* JSValue::toString(ExecState* exec) const
-    {
-        if (isString())
-            return jsCast<JSString*>(asCell());
-        return toStringSlowCase(exec);
+ALWAYS_INLINE bool JSString::getStringPropertySlot(ExecState* exec, unsigned propertyName, PropertySlot& slot)
+{
+    if (propertyName < m_length) {
+        slot.setValue(this, DontDelete | ReadOnly, getIndex(exec, propertyName));
+        return true;
     }
 
-    inline String JSValue::toWTFString(ExecState* exec) const
-    {
-        if (isString())
-            return static_cast<JSString*>(asCell())->value(exec);
-        return toWTFStringSlowCase(exec);
-    }
+    return false;
+}
 
-    ALWAYS_INLINE String inlineJSValueNotStringtoString(const JSValue& value, ExecState* exec)
-    {
-        VM& vm = exec->vm();
-        if (value.isInt32())
-            return vm.numericStrings.add(value.asInt32());
-        if (value.isDouble())
-            return vm.numericStrings.add(value.asDouble());
-        if (value.isTrue())
-            return vm.propertyNames->trueKeyword.string();
-        if (value.isFalse())
-            return vm.propertyNames->falseKeyword.string();
-        if (value.isNull())
-            return vm.propertyNames->nullKeyword.string();
-        if (value.isUndefined())
-            return vm.propertyNames->undefinedKeyword.string();
-        return value.toString(exec)->value(exec);
-    }
-
-    ALWAYS_INLINE String JSValue::toWTFStringInline(ExecState* exec) const
-    {
-        if (isString())
-            return static_cast<JSString*>(asCell())->value(exec);
+inline bool isJSString(JSValue v)
+{
+    return v.isCell() && v.asCell()->type() == StringType;
+}
 
-        return inlineJSValueNotStringtoString(*this, exec);
+ALWAYS_INLINE StringView JSRopeString::unsafeView(ExecState& state) const
+{
+    if (isSubstring()) {
+        if (is8Bit())
+            return StringView(substringBase()->m_value.characters8() + substringOffset(), m_length);
+        return StringView(substringBase()->m_value.characters16() + substringOffset(), m_length);
+    }
+    resolveRope(&state);
+    return m_value;
+}
+
+ALWAYS_INLINE StringViewWithUnderlyingString JSRopeString::viewWithUnderlyingString(ExecState& state) const
+{
+    if (isSubstring()) {
+        auto& base = substringBase()->m_value;
+        if (is8Bit())
+            return { { base.characters8() + substringOffset(), m_length }, base };
+        return { { base.characters16() + substringOffset(), m_length }, base };
     }
+    resolveRope(&state);
+    return { m_value, m_value };
+}
+
+ALWAYS_INLINE StringView JSString::unsafeView(ExecState& state) const
+{
+    if (isRope())
+        return static_cast<const JSRopeString*>(this)->unsafeView(state);
+    return m_value;
+}
+
+ALWAYS_INLINE StringViewWithUnderlyingString JSString::viewWithUnderlyingString(ExecState& state) const
+{
+    if (isRope())
+        return static_cast<const JSRopeString&>(*this).viewWithUnderlyingString(state);
+    return { m_value, m_value };
+}
+
+inline bool JSString::isSubstring() const
+{
+    return isRope() && static_cast<const JSRopeString*>(this)->isSubstring();
+}
+
+inline JSString::SafeView::SafeView()
+{
+}
+
+inline JSString::SafeView::SafeView(ExecState& state, const JSString& string)
+    : m_state(&state)
+    , m_string(&string)
+{
+}
+
+inline JSString::SafeView::operator StringView() const
+{
+    return m_string->unsafeView(*m_state);
+}
+
+inline StringView JSString::SafeView::get() const
+{
+    return *this;
+}
+
+ALWAYS_INLINE JSString::SafeView JSString::view(ExecState* exec) const
+{
+    return SafeView(*exec, *this);
+}
+
+// --- JSValue inlines ----------------------------
+
+inline bool JSValue::toBoolean(ExecState* exec) const
+{
+    if (isInt32())
+        return asInt32();
+    if (isDouble())
+        return asDouble() > 0.0 || asDouble() < 0.0; // false for NaN
+    if (isCell())
+        return asCell()->toBoolean(exec);
+    return isTrue(); // false, null, and undefined all convert to false.
+}
+
+inline JSString* JSValue::toString(ExecState* exec) const
+{
+    if (isString())
+        return jsCast<JSString*>(asCell());
+    return toStringSlowCase(exec);
+}
+
+inline String JSValue::toWTFString(ExecState* exec) const
+{
+    if (isString())
+        return static_cast<JSString*>(asCell())->value(exec);
+    return toWTFStringSlowCase(exec);
+}
 
 } // namespace JSC