* Copyright (C) 1999-2002 Harri Porten (porten@kde.org)
* Copyright (C) 2001 Peter Kelly (pmk@post.com)
- * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008, 2009 Apple Inc. All rights reserved.
+ * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2015 Apple Inc. All rights reserved.
* Copyright (C) 2007 Cameron Zwarich (cwzwarich@uwaterloo.ca)
* Copyright (C) 2007 Maks Orlovich
+ * Copyright (C) 2015 Canon Inc. All rights reserved.
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Library General Public
#include "config.h"
#include "JSFunction.h"
+#include "ClonedArguments.h"
#include "CodeBlock.h"
#include "CommonIdentifiers.h"
#include "CallFrame.h"
+#include "ExceptionHelpers.h"
#include "FunctionPrototype.h"
+#include "GetterSetter.h"
+#include "JSArray.h"
+#include "JSBoundFunction.h"
+#include "JSCInlines.h"
+#include "JSFunctionInlines.h"
#include "JSGlobalObject.h"
+#include "JSNotAnObject.h"
#include "Interpreter.h"
+#include "ObjectConstructor.h"
#include "ObjectPrototype.h"
#include "Parser.h"
#include "PropertyNameArray.h"
-#include "ScopeChainMark.h"
-using namespace WTF;
-using namespace Unicode;
+#include "StackVisitor.h"
namespace JSC {
+EncodedJSValue JSC_HOST_CALL callHostFunctionAsConstructor(ExecState* exec)
+ return throwVMError(exec, createNotAConstructorError(exec, exec->callee()));
-const ClassInfo JSFunction::info = { "Function", &InternalFunction::info, 0, 0 };
+const ClassInfo JSFunction::s_info = { "Function", &Base::s_info, 0, CREATE_METHOD_TABLE(JSFunction) };
bool JSFunction::isHostFunctionNonInline() const
return isHostFunction();
-JSFunction::JSFunction(NonNullPassRefPtr<Structure> structure)
- : Base(structure)
- , m_executable(adoptRef(new VPtrHackExecutable()))
+JSFunction* JSFunction::create(VM& vm, FunctionExecutable* executable, JSScope* scope)
+ JSFunction* result = createImpl(vm, executable, scope);
+ executable->singletonFunction()->notifyWrite(vm, result, "Allocating a function");
+ return result;
-JSFunction::JSFunction(ExecState* exec, NonNullPassRefPtr<Structure> structure, int length, const Identifier& name, NativeFunction func)
- : Base(&exec->globalData(), structure, name)
- , m_executable(adoptRef(new NativeExecutable(exec)))
+static inline NativeExecutable* getNativeExecutable(VM& vm, NativeFunction nativeFunction, Intrinsic intrinsic, NativeFunction nativeConstructor)
- setNativeFunction(func);
- putDirect(exec->propertyNames().length, jsNumber(exec, length), DontDelete | ReadOnly | DontEnum);
+ UNUSED_PARAM(intrinsic);
- UNUSED_PARAM(length);
+ if (intrinsic != NoIntrinsic && vm.canUseJIT()) {
+ ASSERT(nativeConstructor == callHostFunctionAsConstructor);
+ return vm.getHostFunction(nativeFunction, intrinsic);
+ }
+ return vm.getHostFunction(nativeFunction, nativeConstructor);
+JSFunction* JSFunction::create(VM& vm, JSGlobalObject* globalObject, int length, const String& name, NativeFunction nativeFunction, Intrinsic intrinsic, NativeFunction nativeConstructor)
+ NativeExecutable* executable = getNativeExecutable(vm, nativeFunction, intrinsic, nativeConstructor);
+ JSFunction* function = new (NotNull, allocateCell<JSFunction>(vm.heap)) JSFunction(vm, globalObject, globalObject->functionStructure());
+ // Can't do this during initialization because getHostFunction might do a GC allocation.
+ function->finishCreation(vm, executable, length, name);
+ return function;
-JSFunction::JSFunction(ExecState* exec, NonNullPassRefPtr<FunctionExecutable> executable, ScopeChainNode* scopeChainNode)
- : Base(&exec->globalData(), exec->lexicalGlobalObject()->functionStructure(), executable->name())
- , m_executable(executable)
+class JSStdFunction : public JSFunction {
+ JSStdFunction(VM& vm, JSGlobalObject* object, Structure* structure, NativeStdFunction&& function)
+ : JSFunction(vm, object, structure)
+ , stdFunction(WTF::move(function)) { }
+ NativeStdFunction stdFunction;
+static EncodedJSValue JSC_HOST_CALL runStdFunction(ExecState* state)
- setScopeChain(scopeChainNode);
+ JSStdFunction* jsFunction = jsCast<JSStdFunction*>(state->callee());
+ ASSERT(jsFunction);
+ return jsFunction->stdFunction(state);
+JSFunction* JSFunction::create(VM& vm, JSGlobalObject* globalObject, int length, const String& name, NativeStdFunction&& nativeStdFunction, Intrinsic intrinsic, NativeFunction nativeConstructor)
- ASSERT(vptr() == JSGlobalData::jsFunctionVPtr);
+ NativeExecutable* executable = getNativeExecutable(vm, runStdFunction, intrinsic, nativeConstructor);
+ JSStdFunction* function = new (NotNull, allocateCell<JSStdFunction>(vm.heap)) JSStdFunction(vm, globalObject, globalObject->functionStructure(), WTF::move(nativeStdFunction));
+ // Can't do this during initialization because getHostFunction might do a GC allocation.
+ function->finishCreation(vm, executable, length, name);
+ return function;
- // JIT code for other functions may have had calls linked directly to the code for this function; these links
- // are based on a check for the this pointer value for this JSFunction - which will no longer be valid once
- // this memory is freed and may be reused (potentially for another, different JSFunction).
- if (!isHostFunction()) {
- ASSERT(m_executable);
- if (jsExecutable()->isGenerated())
- jsExecutable()->generatedBytecode().unlinkCallers();
- scopeChain().~ScopeChain(); // FIXME: Don't we need to do this in the interpreter too?
- }
+JSFunction::JSFunction(VM& vm, JSGlobalObject* globalObject, Structure* structure)
+ : Base(vm, globalObject, structure)
+ , m_executable()
-void JSFunction::markChildren(MarkStack& markStack)
+void JSFunction::finishCreation(VM& vm, NativeExecutable* executable, int length, const String& name)
- Base::markChildren(markStack);
- if (!isHostFunction()) {
- jsExecutable()->markAggregate(markStack);
- scopeChain().markAggregate(markStack);
- }
+ Base::finishCreation(vm);
+ ASSERT(inherits(info()));
+ m_executable.set(vm, this, executable);
+ putDirect(vm, vm.propertyNames->name, jsString(&vm, name), DontDelete | ReadOnly | DontEnum);
+ putDirect(vm, vm.propertyNames->length, jsNumber(length), DontDelete | ReadOnly | DontEnum);
+JSFunction* JSFunction::createBuiltinFunction(VM& vm, FunctionExecutable* executable, JSGlobalObject* globalObject)
+ JSFunction* function = create(vm, executable, globalObject);
+ function->putDirect(vm, vm.propertyNames->name, jsString(&vm, executable->name().string()), DontDelete | ReadOnly | DontEnum);
+ function->putDirect(vm, vm.propertyNames->length, jsNumber(executable->parameterCount()), DontDelete | ReadOnly | DontEnum);
+ return function;
+JSFunction* JSFunction::createBuiltinFunction(VM& vm, FunctionExecutable* executable, JSGlobalObject* globalObject, const String& name)
+ JSFunction* function = create(vm, executable, globalObject);
+ function->putDirect(vm, vm.propertyNames->name, jsString(&vm, name), DontDelete | ReadOnly | DontEnum);
+ function->putDirect(vm, vm.propertyNames->length, jsNumber(executable->parameterCount()), DontDelete | ReadOnly | DontEnum);
+ return function;
+FunctionRareData* JSFunction::allocateAndInitializeRareData(ExecState* exec, size_t inlineCapacity)
+ ASSERT(!m_rareData);
+ VM& vm = exec->vm();
+ JSObject* prototype = jsDynamicCast<JSObject*>(get(exec, vm.propertyNames->prototype));
+ if (!prototype)
+ prototype = globalObject()->objectPrototype();
+ FunctionRareData* rareData = FunctionRareData::create(vm, prototype, inlineCapacity);
+ // A DFG compilation thread may be trying to read the rare data
+ // We want to ensure that it sees it properly allocated
+ WTF::storeStoreFence();
+ m_rareData.set(vm, this, rareData);
+ return m_rareData.get();
+FunctionRareData* JSFunction::initializeRareData(ExecState* exec, size_t inlineCapacity)
+ ASSERT(!!m_rareData);
+ VM& vm = exec->vm();
+ JSObject* prototype = jsDynamicCast<JSObject*>(get(exec, vm.propertyNames->prototype));
+ if (!prototype)
+ prototype = globalObject()->objectPrototype();
+ m_rareData->initialize(globalObject()->vm(), prototype, inlineCapacity);
+ return m_rareData.get();
+String JSFunction::name(ExecState* exec)
+ return get(exec, exec->vm().propertyNames->name).toWTFString(exec);
+String JSFunction::displayName(ExecState* exec)
+ JSValue displayName = getDirect(exec->vm(), exec->vm().propertyNames->displayName);
+ if (displayName && isJSString(displayName))
+ return asString(displayName)->tryGetValue();
+ return String();
+const String JSFunction::calculatedDisplayName(ExecState* exec)
+ const String explicitName = displayName(exec);
+ if (!explicitName.isEmpty())
+ return explicitName;
+ const String actualName = name(exec);
+ if (!actualName.isEmpty() || isHostOrBuiltinFunction())
+ return actualName;
+ return jsExecutable()->inferredName().string();
-CallType JSFunction::getCallData(CallData& callData)
+const SourceCode* JSFunction::sourceCode() const
+ if (isHostOrBuiltinFunction())
+ return 0;
+ return &jsExecutable()->source();
+void JSFunction::visitChildren(JSCell* cell, SlotVisitor& visitor)
- if (isHostFunction()) {
- callData.native.function = nativeFunction();
+ JSFunction* thisObject = jsCast<JSFunction*>(cell);
+ ASSERT_GC_OBJECT_INHERITS(thisObject, info());
+ Base::visitChildren(thisObject, visitor);
+ visitor.append(&thisObject->m_executable);
+ if (thisObject->m_rareData)
+ visitor.append(&thisObject->m_rareData);
+CallType JSFunction::getCallData(JSCell* cell, CallData& callData)
+ JSFunction* thisObject = jsCast<JSFunction*>(cell);
+ if (thisObject->isHostFunction()) {
+ callData.native.function = thisObject->nativeFunction();
return CallTypeHost;
- callData.js.functionExecutable = jsExecutable();
- callData.js.scopeChain = scopeChain().node();
+ callData.js.functionExecutable = thisObject->jsExecutable();
+ callData.js.scope = thisObject->scope();
return CallTypeJS;
-JSValue JSFunction::call(ExecState* exec, JSValue thisValue, const ArgList& args)
+class RetrieveArgumentsFunctor {
+ RetrieveArgumentsFunctor(JSFunction* functionObj)
+ : m_targetCallee(jsDynamicCast<JSObject*>(functionObj))
+ , m_result(jsNull())
+ {
+ }
+ JSValue result() const { return m_result; }
+ StackVisitor::Status operator()(StackVisitor& visitor)
+ {
+ JSObject* callee = visitor->callee();
+ if (callee != m_targetCallee)
+ return StackVisitor::Continue;
+ m_result = JSValue(visitor->createArguments());
+ return StackVisitor::Done;
+ }
+ JSObject* m_targetCallee;
+ JSValue m_result;
+static JSValue retrieveArguments(ExecState* exec, JSFunction* functionObj)
+ RetrieveArgumentsFunctor functor(functionObj);
+ exec->iterate(functor);
+ return functor.result();
+EncodedJSValue JSFunction::argumentsGetter(ExecState* exec, JSObject* slotBase, EncodedJSValue, PropertyName)
+ JSFunction* thisObj = jsCast<JSFunction*>(slotBase);
+ ASSERT(!thisObj->isHostFunction());
+ return JSValue::encode(retrieveArguments(exec, thisObj));
+class RetrieveCallerFunctionFunctor {
+ RetrieveCallerFunctionFunctor(JSFunction* functionObj)
+ : m_targetCallee(jsDynamicCast<JSObject*>(functionObj))
+ , m_hasFoundFrame(false)
+ , m_hasSkippedToCallerFrame(false)
+ , m_result(jsNull())
+ {
+ }
+ JSValue result() const { return m_result; }
+ StackVisitor::Status operator()(StackVisitor& visitor)
+ {
+ JSObject* callee = visitor->callee();
+ if (callee && callee->inherits(JSBoundFunction::info()))
+ return StackVisitor::Continue;
+ if (!m_hasFoundFrame && (callee != m_targetCallee))
+ return StackVisitor::Continue;
+ m_hasFoundFrame = true;
+ if (!m_hasSkippedToCallerFrame) {
+ m_hasSkippedToCallerFrame = true;
+ return StackVisitor::Continue;
+ }
+ if (callee)
+ m_result = callee;
+ return StackVisitor::Done;
+ }
+ JSObject* m_targetCallee;
+ bool m_hasFoundFrame;
+ bool m_hasSkippedToCallerFrame;
+ JSValue m_result;
+static JSValue retrieveCallerFunction(ExecState* exec, JSFunction* functionObj)
- ASSERT(!isHostFunction());
- return exec->interpreter()->execute(jsExecutable(), exec, this, thisValue.toThisObject(exec), args, scopeChain().node(), exec->exceptionSlot());
+ RetrieveCallerFunctionFunctor functor(functionObj);
+ exec->iterate(functor);
+ return functor.result();
-JSValue JSFunction::argumentsGetter(ExecState* exec, const Identifier&, const PropertySlot& slot)
+EncodedJSValue JSFunction::callerGetter(ExecState* exec, JSObject* slotBase, EncodedJSValue, PropertyName)
- JSFunction* thisObj = asFunction(slot.slotBase());
+ JSFunction* thisObj = jsCast<JSFunction*>(slotBase);
- return exec->interpreter()->retrieveArguments(exec, thisObj);
+ JSValue caller = retrieveCallerFunction(exec, thisObj);
+ // See ES5.1 - Function.caller may not be used to retrieve a strict caller.
+ if (!caller.isObject() || !asObject(caller)->inherits(JSFunction::info())) {
+ // It isn't a JSFunction, but if it is a JSCallee from a program or call eval, return null.
+ if (jsDynamicCast<JSCallee*>(caller))
+ return JSValue::encode(jsNull());
+ return JSValue::encode(caller);
+ }
+ JSFunction* function = jsCast<JSFunction*>(caller);
+ if (function->isHostOrBuiltinFunction() || !function->jsExecutable()->isStrictMode())
+ return JSValue::encode(caller);
+ return JSValue::encode(throwTypeError(exec, ASCIILiteral("Function.caller used to retrieve strict caller")));
-JSValue JSFunction::callerGetter(ExecState* exec, const Identifier&, const PropertySlot& slot)
+EncodedJSValue JSFunction::lengthGetter(ExecState*, JSObject* slotBase, EncodedJSValue, PropertyName)
- JSFunction* thisObj = asFunction(slot.slotBase());
+ JSFunction* thisObj = jsCast<JSFunction*>(slotBase);
- return exec->interpreter()->retrieveCaller(exec, thisObj);
+ return JSValue::encode(jsNumber(thisObj->jsExecutable()->parameterCount()));
-JSValue JSFunction::lengthGetter(ExecState* exec, const Identifier&, const PropertySlot& slot)
+EncodedJSValue JSFunction::nameGetter(ExecState*, JSObject* slotBase, EncodedJSValue, PropertyName)
- JSFunction* thisObj = asFunction(slot.slotBase());
+ JSFunction* thisObj = jsCast<JSFunction*>(slotBase);
- return jsNumber(exec, thisObj->jsExecutable()->parameterCount());
+ return JSValue::encode(thisObj->jsExecutable()->nameValue());
-bool JSFunction::getOwnPropertySlot(ExecState* exec, const Identifier& propertyName, PropertySlot& slot)
+bool JSFunction::getOwnPropertySlot(JSObject* object, ExecState* exec, PropertyName propertyName, PropertySlot& slot)
- if (isHostFunction())
- return Base::getOwnPropertySlot(exec, propertyName, slot);
+ JSFunction* thisObject = jsCast<JSFunction*>(object);
+ if (thisObject->isHostOrBuiltinFunction())
+ return Base::getOwnPropertySlot(thisObject, exec, propertyName, slot);
if (propertyName == exec->propertyNames().prototype) {
- JSValue* location = getDirectLocation(propertyName);
- if (!location) {
- JSObject* prototype = new (exec) JSObject(scopeChain().globalObject()->emptyObjectStructure());
- prototype->putDirect(exec->propertyNames().constructor, this, DontEnum);
- putDirect(exec->propertyNames().prototype, prototype, DontDelete);
- location = getDirectLocation(propertyName);
+ VM& vm = exec->vm();
+ unsigned attributes;
+ PropertyOffset offset = thisObject->getDirectOffset(vm, propertyName, attributes);
+ if (!isValidOffset(offset)) {
+ JSObject* prototype = constructEmptyObject(exec);
+ prototype->putDirect(vm, exec->propertyNames().constructor, thisObject, DontEnum);
+ thisObject->putDirect(vm, exec->propertyNames().prototype, prototype, DontDelete | DontEnum);
+ offset = thisObject->getDirectOffset(vm, exec->propertyNames().prototype, attributes);
+ ASSERT(isValidOffset(offset));
- slot.setValueSlot(this, location, offsetForLocation(location));
+ slot.setValue(thisObject, attributes, thisObject->getDirect(offset), offset);
if (propertyName == exec->propertyNames().arguments) {
- slot.setCustom(this, argumentsGetter);
+ if (thisObject->jsExecutable()->isStrictMode()) {
+ bool result = Base::getOwnPropertySlot(thisObject, exec, propertyName, slot);
+ if (!result) {
+ thisObject->putDirectAccessor(exec, propertyName, thisObject->globalObject()->throwTypeErrorGetterSetter(exec->vm()), DontDelete | DontEnum | Accessor);
+ result = Base::getOwnPropertySlot(thisObject, exec, propertyName, slot);
+ ASSERT(result);
+ }
+ return result;
+ }
+ slot.setCacheableCustom(thisObject, ReadOnly | DontEnum | DontDelete, argumentsGetter);
return true;
if (propertyName == exec->propertyNames().length) {
- slot.setCustom(this, lengthGetter);
+ slot.setCacheableCustom(thisObject, ReadOnly | DontEnum | DontDelete, lengthGetter);
+ return true;
+ }
+ if (propertyName == exec->propertyNames().name) {
+ slot.setCacheableCustom(thisObject, ReadOnly | DontEnum | DontDelete, nameGetter);
return true;
if (propertyName == exec->propertyNames().caller) {
- slot.setCustom(this, callerGetter);
+ if (thisObject->jsExecutable()->isStrictMode()) {
+ bool result = Base::getOwnPropertySlot(thisObject, exec, propertyName, slot);
+ if (!result) {
+ thisObject->putDirectAccessor(exec, propertyName, thisObject->globalObject()->throwTypeErrorGetterSetter(exec->vm()), DontDelete | DontEnum | Accessor);
+ result = Base::getOwnPropertySlot(thisObject, exec, propertyName, slot);
+ ASSERT(result);
+ }
+ return result;
+ }
+ slot.setCacheableCustom(thisObject, ReadOnly | DontEnum | DontDelete, callerGetter);
return true;
- return Base::getOwnPropertySlot(exec, propertyName, slot);
+ return Base::getOwnPropertySlot(thisObject, exec, propertyName, slot);
- bool JSFunction::getOwnPropertyDescriptor(ExecState* exec, const Identifier& propertyName, PropertyDescriptor& descriptor)
- {
- if (isHostFunction())
- return Base::getOwnPropertyDescriptor(exec, propertyName, descriptor);
- if (propertyName == exec->propertyNames().prototype) {
- PropertySlot slot;
- getOwnPropertySlot(exec, propertyName, slot);
- return Base::getOwnPropertyDescriptor(exec, propertyName, descriptor);
- }
- if (propertyName == exec->propertyNames().arguments) {
- descriptor.setDescriptor(exec->interpreter()->retrieveArguments(exec, this), ReadOnly | DontEnum | DontDelete);
- return true;
- }
- if (propertyName == exec->propertyNames().length) {
- descriptor.setDescriptor(jsNumber(exec, jsExecutable()->parameterCount()), ReadOnly | DontEnum | DontDelete);
- return true;
- }
- if (propertyName == exec->propertyNames().caller) {
- descriptor.setDescriptor(exec->interpreter()->retrieveCaller(exec, this), ReadOnly | DontEnum | DontDelete);
- return true;
- }
- return Base::getOwnPropertyDescriptor(exec, propertyName, descriptor);
- }
-void JSFunction::getOwnPropertyNames(ExecState* exec, PropertyNameArray& propertyNames, EnumerationMode mode)
+void JSFunction::getOwnNonIndexPropertyNames(JSObject* object, ExecState* exec, PropertyNameArray& propertyNames, EnumerationMode mode)
- if (!isHostFunction() && (mode == IncludeDontEnumProperties)) {
- propertyNames.add(exec->propertyNames().arguments);
- propertyNames.add(exec->propertyNames().callee);
- propertyNames.add(exec->propertyNames().caller);
- propertyNames.add(exec->propertyNames().length);
+ JSFunction* thisObject = jsCast<JSFunction*>(object);
+ if (!thisObject->isHostOrBuiltinFunction() && mode.includeDontEnumProperties()) {
+ VM& vm = exec->vm();
+ // Make sure prototype has been reified.
+ PropertySlot slot(thisObject);
+ thisObject->methodTable(vm)->getOwnPropertySlot(thisObject, exec, vm.propertyNames->prototype, slot);
+ propertyNames.add(vm.propertyNames->arguments);
+ propertyNames.add(vm.propertyNames->caller);
+ propertyNames.add(vm.propertyNames->length);
+ propertyNames.add(vm.propertyNames->name);
- Base::getOwnPropertyNames(exec, propertyNames, mode);
+ Base::getOwnNonIndexPropertyNames(thisObject, exec, propertyNames, mode);
-void JSFunction::put(ExecState* exec, const Identifier& propertyName, JSValue value, PutPropertySlot& slot)
+void JSFunction::put(JSCell* cell, ExecState* exec, PropertyName propertyName, JSValue value, PutPropertySlot& slot)
- if (isHostFunction()) {
- Base::put(exec, propertyName, value, slot);
+ JSFunction* thisObject = jsCast<JSFunction*>(cell);
+ if (thisObject->isHostOrBuiltinFunction()) {
+ Base::put(thisObject, exec, propertyName, value, slot);
+ return;
+ }
+ if (propertyName == exec->propertyNames().prototype) {
+ // Make sure prototype has been reified, such that it can only be overwritten
+ // following the rules set out in ECMA-262 8.12.9.
+ PropertySlot slot(thisObject);
+ thisObject->methodTable(exec->vm())->getOwnPropertySlot(thisObject, exec, propertyName, slot);
+ if (thisObject->m_rareData)
+ thisObject->m_rareData->clear("Store to prototype property of a function");
+ // Don't allow this to be cached, since a [[Put]] must clear m_rareData.
+ PutPropertySlot dontCache(thisObject);
+ Base::put(thisObject, exec, propertyName, value, dontCache);
+ return;
+ }
+ if (thisObject->jsExecutable()->isStrictMode() && (propertyName == exec->propertyNames().arguments || propertyName == exec->propertyNames().caller)) {
+ // This will trigger the property to be reified, if this is not already the case!
+ bool okay = thisObject->hasProperty(exec, propertyName);
+ ASSERT_UNUSED(okay, okay);
+ Base::put(thisObject, exec, propertyName, value, slot);
- if (propertyName == exec->propertyNames().arguments || propertyName == exec->propertyNames().length)
+ if (propertyName == exec->propertyNames().arguments || propertyName == exec->propertyNames().length || propertyName == exec->propertyNames().name || propertyName == exec->propertyNames().caller) {
+ if (slot.isStrictMode())
+ throwTypeError(exec, StrictModeReadonlyPropertyWriteError);
- Base::put(exec, propertyName, value, slot);
+ }
+ Base::put(thisObject, exec, propertyName, value, slot);
-bool JSFunction::deleteProperty(ExecState* exec, const Identifier& propertyName)
+bool JSFunction::deleteProperty(JSCell* cell, ExecState* exec, PropertyName propertyName)
- if (isHostFunction())
- return Base::deleteProperty(exec, propertyName);
- if (propertyName == exec->propertyNames().arguments || propertyName == exec->propertyNames().length)
+ JSFunction* thisObject = jsCast<JSFunction*>(cell);
+ // For non-host functions, don't let these properties by deleted - except by DefineOwnProperty.
+ if (!thisObject->isHostOrBuiltinFunction() && !exec->vm().isInDefineOwnProperty()
+ && (propertyName == exec->propertyNames().arguments
+ || propertyName == exec->propertyNames().length
+ || propertyName == exec->propertyNames().name
+ || propertyName == exec->propertyNames().prototype
+ || propertyName == exec->propertyNames().caller))
return false;
- return Base::deleteProperty(exec, propertyName);
+ return Base::deleteProperty(thisObject, exec, propertyName);
+bool JSFunction::defineOwnProperty(JSObject* object, ExecState* exec, PropertyName propertyName, const PropertyDescriptor& descriptor, bool throwException)
+ JSFunction* thisObject = jsCast<JSFunction*>(object);
+ if (thisObject->isHostOrBuiltinFunction())
+ return Base::defineOwnProperty(object, exec, propertyName, descriptor, throwException);
+ if (propertyName == exec->propertyNames().prototype) {
+ // Make sure prototype has been reified, such that it can only be overwritten
+ // following the rules set out in ECMA-262 8.12.9.
+ PropertySlot slot(thisObject);
+ thisObject->methodTable(exec->vm())->getOwnPropertySlot(thisObject, exec, propertyName, slot);
+ if (thisObject->m_rareData)
+ thisObject->m_rareData->clear("Store to prototype property of a function");
+ return Base::defineOwnProperty(object, exec, propertyName, descriptor, throwException);
+ }
+ bool valueCheck;
+ if (propertyName == exec->propertyNames().arguments) {
+ if (thisObject->jsExecutable()->isStrictMode()) {
+ PropertySlot slot(thisObject);
+ if (!Base::getOwnPropertySlot(thisObject, exec, propertyName, slot))
+ thisObject->putDirectAccessor(exec, propertyName, thisObject->globalObject()->throwTypeErrorGetterSetter(exec->vm()), DontDelete | DontEnum | Accessor);
+ return Base::defineOwnProperty(object, exec, propertyName, descriptor, throwException);
+ }
+ valueCheck = !descriptor.value() || sameValue(exec, descriptor.value(), retrieveArguments(exec, thisObject));
+ } else if (propertyName == exec->propertyNames().caller) {
+ if (thisObject->jsExecutable()->isStrictMode()) {
+ PropertySlot slot(thisObject);
+ if (!Base::getOwnPropertySlot(thisObject, exec, propertyName, slot))
+ thisObject->putDirectAccessor(exec, propertyName, thisObject->globalObject()->throwTypeErrorGetterSetter(exec->vm()), DontDelete | DontEnum | Accessor);
+ return Base::defineOwnProperty(object, exec, propertyName, descriptor, throwException);
+ }
+ valueCheck = !descriptor.value() || sameValue(exec, descriptor.value(), retrieveCallerFunction(exec, thisObject));
+ } else if (propertyName == exec->propertyNames().length)
+ valueCheck = !descriptor.value() || sameValue(exec, descriptor.value(), jsNumber(thisObject->jsExecutable()->parameterCount()));
+ else if (propertyName == exec->propertyNames().name)
+ valueCheck = !descriptor.value() || sameValue(exec, descriptor.value(), thisObject->jsExecutable()->nameValue());
+ else
+ return Base::defineOwnProperty(object, exec, propertyName, descriptor, throwException);
+ if (descriptor.configurablePresent() && descriptor.configurable()) {
+ if (throwException)
+ exec->vm().throwException(exec, createTypeError(exec, ASCIILiteral("Attempting to change configurable attribute of unconfigurable property.")));
+ return false;
+ }
+ if (descriptor.enumerablePresent() && descriptor.enumerable()) {
+ if (throwException)
+ exec->vm().throwException(exec, createTypeError(exec, ASCIILiteral("Attempting to change enumerable attribute of unconfigurable property.")));
+ return false;
+ }
+ if (descriptor.isAccessorDescriptor()) {
+ if (throwException)
+ exec->vm().throwException(exec, createTypeError(exec, ASCIILiteral("Attempting to change access mechanism for an unconfigurable property.")));
+ return false;
+ }
+ if (descriptor.writablePresent() && descriptor.writable()) {
+ if (throwException)
+ exec->vm().throwException(exec, createTypeError(exec, ASCIILiteral("Attempting to change writable attribute of unconfigurable property.")));
+ return false;
+ }
+ if (!valueCheck) {
+ if (throwException)
+ exec->vm().throwException(exec, createTypeError(exec, ASCIILiteral("Attempting to change value of a readonly property.")));
+ return false;
+ }
+ return true;
// ECMA 13.2.2 [[Construct]]
-ConstructType JSFunction::getConstructData(ConstructData& constructData)
+ConstructType JSFunction::getConstructData(JSCell* cell, ConstructData& constructData)
- if (isHostFunction())
+ JSFunction* thisObject = jsCast<JSFunction*>(cell);
+ if (thisObject->isBuiltinFunction())
return ConstructTypeNone;
- constructData.js.functionExecutable = jsExecutable();
- constructData.js.scopeChain = scopeChain().node();
+ if (thisObject->isHostFunction()) {
+ constructData.native.function = thisObject->nativeConstructor();
+ return ConstructTypeHost;
+ }
+ constructData.js.functionExecutable = thisObject->jsExecutable();
+ constructData.js.scope = thisObject->scope();
return ConstructTypeJS;
-JSObject* JSFunction::construct(ExecState* exec, const ArgList& args)
+String getCalculatedDisplayName(CallFrame* callFrame, JSObject* object)
- ASSERT(!isHostFunction());
- Structure* structure;
- JSValue prototype = get(exec, exec->propertyNames().prototype);
- if (prototype.isObject())
- structure = asObject(prototype)->inheritorID();
- else
- structure = exec->lexicalGlobalObject()->emptyObjectStructure();
- JSObject* thisObj = new (exec) JSObject(structure);
- JSValue result = exec->interpreter()->execute(jsExecutable(), exec, this, thisObj, args, scopeChain().node(), exec->exceptionSlot());
- if (exec->hadException() || !result.isObject())
- return thisObj;
- return asObject(result);
+ if (JSFunction* function = jsDynamicCast<JSFunction*>(object))
+ return function->calculatedDisplayName(callFrame);
+ if (InternalFunction* function = jsDynamicCast<InternalFunction*>(object))
+ return function->calculatedDisplayName(callFrame);
+ return "";
} // namespace JSC