PageRenderTime 210ms CodeModel.GetById 22ms app.highlight 167ms RepoModel.GetById 1ms app.codeStats 1ms

/js/lib/Socket.IO-node/support/expresso/deps/jscoverage/js/jsfun.cpp

http://github.com/onedayitwillmake/RealtimeMultiplayerNodeJs
C++ | 2101 lines | 1530 code | 230 blank | 341 comment | 355 complexity | f75c575ae46a95c89a215ee036a1f7df MD5 | raw file

Large files files are truncated, but you can click here to view the full file

   1/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*-
   2 * vim: set ts=8 sw=4 et tw=99:
   3 *
   4 * ***** BEGIN LICENSE BLOCK *****
   5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
   6 *
   7 * The contents of this file are subject to the Mozilla Public License Version
   8 * 1.1 (the "License"); you may not use this file except in compliance with
   9 * the License. You may obtain a copy of the License at
  10 * http://www.mozilla.org/MPL/
  11 *
  12 * Software distributed under the License is distributed on an "AS IS" basis,
  13 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
  14 * for the specific language governing rights and limitations under the
  15 * License.
  16 *
  17 * The Original Code is Mozilla Communicator client code, released
  18 * March 31, 1998.
  19 *
  20 * The Initial Developer of the Original Code is
  21 * Netscape Communications Corporation.
  22 * Portions created by the Initial Developer are Copyright (C) 1998
  23 * the Initial Developer. All Rights Reserved.
  24 *
  25 * Contributor(s):
  26 *
  27 * Alternatively, the contents of this file may be used under the terms of
  28 * either of the GNU General Public License Version 2 or later (the "GPL"),
  29 * or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
  30 * in which case the provisions of the GPL or the LGPL are applicable instead
  31 * of those above. If you wish to allow use of your version of this file only
  32 * under the terms of either the GPL or the LGPL, and not to allow others to
  33 * use your version of this file under the terms of the MPL, indicate your
  34 * decision by deleting the provisions above and replace them with the notice
  35 * and other provisions required by the GPL or the LGPL. If you do not delete
  36 * the provisions above, a recipient may use your version of this file under
  37 * the terms of any one of the MPL, the GPL or the LGPL.
  38 *
  39 * ***** END LICENSE BLOCK ***** */
  40
  41/*
  42 * JS function support.
  43 */
  44#include "jsstddef.h"
  45#include <string.h>
  46#include "jstypes.h"
  47#include "jsbit.h"
  48#include "jsutil.h" /* Added by JSIFY */
  49#include "jsapi.h"
  50#include "jsarray.h"
  51#include "jsatom.h"
  52#include "jsbuiltins.h"
  53#include "jscntxt.h"
  54#include "jsversion.h"
  55#include "jsdbgapi.h"
  56#include "jsemit.h"
  57#include "jsfun.h"
  58#include "jsgc.h"
  59#include "jsinterp.h"
  60#include "jslock.h"
  61#include "jsnum.h"
  62#include "jsobj.h"
  63#include "jsopcode.h"
  64#include "jsparse.h"
  65#include "jsscan.h"
  66#include "jsscope.h"
  67#include "jsscript.h"
  68#include "jsstr.h"
  69#include "jsexn.h"
  70#include "jsstaticcheck.h"
  71
  72#if JS_HAS_GENERATORS
  73# include "jsiter.h"
  74#endif
  75
  76#if JS_HAS_XDR
  77# include "jsxdrapi.h"
  78#endif
  79
  80/* Generic function/call/arguments tinyids -- also reflected bit numbers. */
  81enum {
  82    CALL_ARGUMENTS  = -1,       /* predefined arguments local variable */
  83    ARGS_LENGTH     = -2,       /* number of actual args, arity if inactive */
  84    ARGS_CALLEE     = -3,       /* reference from arguments to active funobj */
  85    FUN_ARITY       = -4,       /* number of formal parameters; desired argc */
  86    FUN_NAME        = -5,       /* function name, "" if anonymous */
  87    FUN_CALLER      = -6        /* Function.prototype.caller, backward compat */
  88};
  89
  90#if JSFRAME_OVERRIDE_BITS < 8
  91# error "not enough override bits in JSStackFrame.flags!"
  92#endif
  93
  94#define TEST_OVERRIDE_BIT(fp, tinyid) \
  95    ((fp)->flags & JS_BIT(JSFRAME_OVERRIDE_SHIFT - ((tinyid) + 1)))
  96
  97#define SET_OVERRIDE_BIT(fp, tinyid) \
  98    ((fp)->flags |= JS_BIT(JSFRAME_OVERRIDE_SHIFT - ((tinyid) + 1)))
  99
 100JSBool
 101js_GetArgsValue(JSContext *cx, JSStackFrame *fp, jsval *vp)
 102{
 103    JSObject *argsobj;
 104
 105    if (TEST_OVERRIDE_BIT(fp, CALL_ARGUMENTS)) {
 106        JS_ASSERT(fp->callobj);
 107        return OBJ_GET_PROPERTY(cx, fp->callobj,
 108                                ATOM_TO_JSID(cx->runtime->atomState
 109                                             .argumentsAtom),
 110                                vp);
 111    }
 112    argsobj = js_GetArgsObject(cx, fp);
 113    if (!argsobj)
 114        return JS_FALSE;
 115    *vp = OBJECT_TO_JSVAL(argsobj);
 116    return JS_TRUE;
 117}
 118
 119static JSBool
 120MarkArgDeleted(JSContext *cx, JSStackFrame *fp, uintN slot)
 121{
 122    JSObject *argsobj;
 123    jsval bmapval, bmapint;
 124    size_t nbits, nbytes;
 125    jsbitmap *bitmap;
 126
 127    argsobj = fp->argsobj;
 128    (void) JS_GetReservedSlot(cx, argsobj, 0, &bmapval);
 129    nbits = fp->argc;
 130    JS_ASSERT(slot < nbits);
 131    if (JSVAL_IS_VOID(bmapval)) {
 132        if (nbits <= JSVAL_INT_BITS) {
 133            bmapint = 0;
 134            bitmap = (jsbitmap *) &bmapint;
 135        } else {
 136            nbytes = JS_HOWMANY(nbits, JS_BITS_PER_WORD) * sizeof(jsbitmap);
 137            bitmap = (jsbitmap *) JS_malloc(cx, nbytes);
 138            if (!bitmap)
 139                return JS_FALSE;
 140            memset(bitmap, 0, nbytes);
 141            bmapval = PRIVATE_TO_JSVAL(bitmap);
 142            JS_SetReservedSlot(cx, argsobj, 0, bmapval);
 143        }
 144    } else {
 145        if (nbits <= JSVAL_INT_BITS) {
 146            bmapint = JSVAL_TO_INT(bmapval);
 147            bitmap = (jsbitmap *) &bmapint;
 148        } else {
 149            bitmap = (jsbitmap *) JSVAL_TO_PRIVATE(bmapval);
 150        }
 151    }
 152    JS_SET_BIT(bitmap, slot);
 153    if (bitmap == (jsbitmap *) &bmapint) {
 154        bmapval = INT_TO_JSVAL(bmapint);
 155        JS_SetReservedSlot(cx, argsobj, 0, bmapval);
 156    }
 157    return JS_TRUE;
 158}
 159
 160/* NB: Infallible predicate, false does not mean error/exception. */
 161static JSBool
 162ArgWasDeleted(JSContext *cx, JSStackFrame *fp, uintN slot)
 163{
 164    JSObject *argsobj;
 165    jsval bmapval, bmapint;
 166    jsbitmap *bitmap;
 167
 168    argsobj = fp->argsobj;
 169    (void) JS_GetReservedSlot(cx, argsobj, 0, &bmapval);
 170    if (JSVAL_IS_VOID(bmapval))
 171        return JS_FALSE;
 172    if (fp->argc <= JSVAL_INT_BITS) {
 173        bmapint = JSVAL_TO_INT(bmapval);
 174        bitmap = (jsbitmap *) &bmapint;
 175    } else {
 176        bitmap = (jsbitmap *) JSVAL_TO_PRIVATE(bmapval);
 177    }
 178    return JS_TEST_BIT(bitmap, slot) != 0;
 179}
 180
 181JSBool
 182js_GetArgsProperty(JSContext *cx, JSStackFrame *fp, jsid id, jsval *vp)
 183{
 184    jsval val;
 185    JSObject *obj;
 186    uintN slot;
 187
 188    if (TEST_OVERRIDE_BIT(fp, CALL_ARGUMENTS)) {
 189        JS_ASSERT(fp->callobj);
 190        if (!OBJ_GET_PROPERTY(cx, fp->callobj,
 191                              ATOM_TO_JSID(cx->runtime->atomState
 192                                           .argumentsAtom),
 193                              &val)) {
 194            return JS_FALSE;
 195        }
 196        if (JSVAL_IS_PRIMITIVE(val)) {
 197            obj = js_ValueToNonNullObject(cx, val);
 198            if (!obj)
 199                return JS_FALSE;
 200        } else {
 201            obj = JSVAL_TO_OBJECT(val);
 202        }
 203        return OBJ_GET_PROPERTY(cx, obj, id, vp);
 204    }
 205
 206    *vp = JSVAL_VOID;
 207    if (JSID_IS_INT(id)) {
 208        slot = (uintN) JSID_TO_INT(id);
 209        if (slot < fp->argc) {
 210            if (fp->argsobj && ArgWasDeleted(cx, fp, slot))
 211                return OBJ_GET_PROPERTY(cx, fp->argsobj, id, vp);
 212            *vp = fp->argv[slot];
 213        } else {
 214            /*
 215             * Per ECMA-262 Ed. 3, 10.1.8, last bulleted item, do not share
 216             * storage between the formal parameter and arguments[k] for all
 217             * fp->argc <= k && k < fp->fun->nargs.  For example, in
 218             *
 219             *   function f(x) { x = 42; return arguments[0]; }
 220             *   f();
 221             *
 222             * the call to f should return undefined, not 42.  If fp->argsobj
 223             * is null at this point, as it would be in the example, return
 224             * undefined in *vp.
 225             */
 226            if (fp->argsobj)
 227                return OBJ_GET_PROPERTY(cx, fp->argsobj, id, vp);
 228        }
 229    } else {
 230        if (id == ATOM_TO_JSID(cx->runtime->atomState.lengthAtom)) {
 231            if (fp->argsobj && TEST_OVERRIDE_BIT(fp, ARGS_LENGTH))
 232                return OBJ_GET_PROPERTY(cx, fp->argsobj, id, vp);
 233            *vp = INT_TO_JSVAL((jsint) fp->argc);
 234        }
 235    }
 236    return JS_TRUE;
 237}
 238
 239JSObject *
 240js_GetArgsObject(JSContext *cx, JSStackFrame *fp)
 241{
 242    JSObject *argsobj, *global, *parent;
 243
 244    /*
 245     * We must be in a function activation; the function must be lightweight
 246     * or else fp must have a variable object.
 247     */
 248    JS_ASSERT(fp->fun && (!(fp->fun->flags & JSFUN_HEAVYWEIGHT) || fp->varobj));
 249
 250    /* Skip eval and debugger frames. */
 251    while (fp->flags & JSFRAME_SPECIAL)
 252        fp = fp->down;
 253
 254    /* Create an arguments object for fp only if it lacks one. */
 255    argsobj = fp->argsobj;
 256    if (argsobj)
 257        return argsobj;
 258
 259    /* Link the new object to fp so it can get actual argument values. */
 260    argsobj = js_NewObject(cx, &js_ArgumentsClass, NULL, NULL, 0);
 261    if (!argsobj || !JS_SetPrivate(cx, argsobj, fp)) {
 262        cx->weakRoots.newborn[GCX_OBJECT] = NULL;
 263        return NULL;
 264    }
 265
 266    /*
 267     * Give arguments an intrinsic scope chain link to fp's global object.
 268     * Since the arguments object lacks a prototype because js_ArgumentsClass
 269     * is not initialized, js_NewObject won't assign a default parent to it.
 270     *
 271     * Therefore if arguments is used as the head of an eval scope chain (via
 272     * a direct or indirect call to eval(program, arguments)), any reference
 273     * to a standard class object in the program will fail to resolve due to
 274     * js_GetClassPrototype not being able to find a global object containing
 275     * the standard prototype by starting from arguments and following parent.
 276     */
 277    global = fp->scopeChain;
 278    while ((parent = OBJ_GET_PARENT(cx, global)) != NULL)
 279        global = parent;
 280    STOBJ_SET_PARENT(argsobj, global);
 281    fp->argsobj = argsobj;
 282    return argsobj;
 283}
 284
 285static JSBool
 286args_enumerate(JSContext *cx, JSObject *obj);
 287
 288JS_FRIEND_API(JSBool)
 289js_PutArgsObject(JSContext *cx, JSStackFrame *fp)
 290{
 291    JSObject *argsobj;
 292    jsval bmapval, rval;
 293    JSBool ok;
 294    JSRuntime *rt;
 295
 296    /*
 297     * Reuse args_enumerate here to reflect fp's actual arguments as indexed
 298     * elements of argsobj.  Do this first, before clearing and freeing the
 299     * deleted argument slot bitmap, because args_enumerate depends on that.
 300     */
 301    argsobj = fp->argsobj;
 302    ok = args_enumerate(cx, argsobj);
 303
 304    /*
 305     * Now clear the deleted argument number bitmap slot and free the bitmap,
 306     * if one was actually created due to 'delete arguments[0]' or similar.
 307     */
 308    (void) JS_GetReservedSlot(cx, argsobj, 0, &bmapval);
 309    if (!JSVAL_IS_VOID(bmapval)) {
 310        JS_SetReservedSlot(cx, argsobj, 0, JSVAL_VOID);
 311        if (fp->argc > JSVAL_INT_BITS)
 312            JS_free(cx, JSVAL_TO_PRIVATE(bmapval));
 313    }
 314
 315    /*
 316     * Now get the prototype properties so we snapshot fp->fun and fp->argc
 317     * before fp goes away.
 318     */
 319    rt = cx->runtime;
 320    ok &= js_GetProperty(cx, argsobj, ATOM_TO_JSID(rt->atomState.calleeAtom),
 321                         &rval);
 322    ok &= js_SetProperty(cx, argsobj, ATOM_TO_JSID(rt->atomState.calleeAtom),
 323                         &rval);
 324    ok &= js_GetProperty(cx, argsobj, ATOM_TO_JSID(rt->atomState.lengthAtom),
 325                         &rval);
 326    ok &= js_SetProperty(cx, argsobj, ATOM_TO_JSID(rt->atomState.lengthAtom),
 327                         &rval);
 328
 329    /*
 330     * Clear the private pointer to fp, which is about to go away (js_Invoke).
 331     * Do this last because the args_enumerate and js_GetProperty calls above
 332     * need to follow the private slot to find fp.
 333     */
 334    ok &= JS_SetPrivate(cx, argsobj, NULL);
 335    fp->argsobj = NULL;
 336    return ok;
 337}
 338
 339static JSBool
 340args_delProperty(JSContext *cx, JSObject *obj, jsval id, jsval *vp)
 341{
 342    jsint slot;
 343    JSStackFrame *fp;
 344
 345    if (!JSVAL_IS_INT(id))
 346        return JS_TRUE;
 347    fp = (JSStackFrame *)
 348         JS_GetInstancePrivate(cx, obj, &js_ArgumentsClass, NULL);
 349    if (!fp)
 350        return JS_TRUE;
 351    JS_ASSERT(fp->argsobj);
 352
 353    slot = JSVAL_TO_INT(id);
 354    switch (slot) {
 355      case ARGS_CALLEE:
 356      case ARGS_LENGTH:
 357        SET_OVERRIDE_BIT(fp, slot);
 358        break;
 359
 360      default:
 361        if ((uintN)slot < fp->argc && !MarkArgDeleted(cx, fp, slot))
 362            return JS_FALSE;
 363        break;
 364    }
 365    return JS_TRUE;
 366}
 367
 368static JSBool
 369args_getProperty(JSContext *cx, JSObject *obj, jsval id, jsval *vp)
 370{
 371    jsint slot;
 372    JSStackFrame *fp;
 373
 374    if (!JSVAL_IS_INT(id))
 375        return JS_TRUE;
 376    fp = (JSStackFrame *)
 377         JS_GetInstancePrivate(cx, obj, &js_ArgumentsClass, NULL);
 378    if (!fp)
 379        return JS_TRUE;
 380    JS_ASSERT(fp->argsobj);
 381
 382    slot = JSVAL_TO_INT(id);
 383    switch (slot) {
 384      case ARGS_CALLEE:
 385        if (!TEST_OVERRIDE_BIT(fp, slot))
 386            *vp = OBJECT_TO_JSVAL(fp->callee);
 387        break;
 388
 389      case ARGS_LENGTH:
 390        if (!TEST_OVERRIDE_BIT(fp, slot))
 391            *vp = INT_TO_JSVAL((jsint)fp->argc);
 392        break;
 393
 394      default:
 395        if ((uintN)slot < fp->argc && !ArgWasDeleted(cx, fp, slot))
 396            *vp = fp->argv[slot];
 397        break;
 398    }
 399    return JS_TRUE;
 400}
 401
 402static JSBool
 403args_setProperty(JSContext *cx, JSObject *obj, jsval id, jsval *vp)
 404{
 405    JSStackFrame *fp;
 406    jsint slot;
 407
 408    if (!JSVAL_IS_INT(id))
 409        return JS_TRUE;
 410    fp = (JSStackFrame *)
 411         JS_GetInstancePrivate(cx, obj, &js_ArgumentsClass, NULL);
 412    if (!fp)
 413        return JS_TRUE;
 414    JS_ASSERT(fp->argsobj);
 415
 416    slot = JSVAL_TO_INT(id);
 417    switch (slot) {
 418      case ARGS_CALLEE:
 419      case ARGS_LENGTH:
 420        SET_OVERRIDE_BIT(fp, slot);
 421        break;
 422
 423      default:
 424        if (FUN_INTERPRETED(fp->fun) &&
 425            (uintN)slot < fp->argc &&
 426            !ArgWasDeleted(cx, fp, slot)) {
 427            fp->argv[slot] = *vp;
 428        }
 429        break;
 430    }
 431    return JS_TRUE;
 432}
 433
 434static JSBool
 435args_resolve(JSContext *cx, JSObject *obj, jsval id, uintN flags,
 436             JSObject **objp)
 437{
 438    JSStackFrame *fp;
 439    uintN slot;
 440    JSString *str;
 441    JSAtom *atom;
 442    intN tinyid;
 443    jsval value;
 444
 445    *objp = NULL;
 446    fp = (JSStackFrame *)
 447         JS_GetInstancePrivate(cx, obj, &js_ArgumentsClass, NULL);
 448    if (!fp)
 449        return JS_TRUE;
 450    JS_ASSERT(fp->argsobj);
 451
 452    if (JSVAL_IS_INT(id)) {
 453        slot = JSVAL_TO_INT(id);
 454        if (slot < fp->argc && !ArgWasDeleted(cx, fp, slot)) {
 455            /* XXX ECMA specs DontEnum, contrary to other array-like objects */
 456            if (!js_DefineProperty(cx, obj, INT_JSVAL_TO_JSID(id),
 457                                   fp->argv[slot],
 458                                   args_getProperty, args_setProperty,
 459                                   0, NULL)) {
 460                return JS_FALSE;
 461            }
 462            *objp = obj;
 463        }
 464    } else {
 465        str = JSVAL_TO_STRING(id);
 466        atom = cx->runtime->atomState.lengthAtom;
 467        if (str == ATOM_TO_STRING(atom)) {
 468            tinyid = ARGS_LENGTH;
 469            value = INT_TO_JSVAL(fp->argc);
 470        } else {
 471            atom = cx->runtime->atomState.calleeAtom;
 472            if (str == ATOM_TO_STRING(atom)) {
 473                tinyid = ARGS_CALLEE;
 474                value = OBJECT_TO_JSVAL(fp->callee);
 475            } else {
 476                atom = NULL;
 477
 478                /* Quell GCC overwarnings. */
 479                tinyid = 0;
 480                value = JSVAL_NULL;
 481            }
 482        }
 483
 484        if (atom && !TEST_OVERRIDE_BIT(fp, tinyid)) {
 485            if (!js_DefineNativeProperty(cx, obj, ATOM_TO_JSID(atom), value,
 486                                         args_getProperty, args_setProperty, 0,
 487                                         SPROP_HAS_SHORTID, tinyid, NULL)) {
 488                return JS_FALSE;
 489            }
 490            *objp = obj;
 491        }
 492    }
 493
 494    return JS_TRUE;
 495}
 496
 497static JSBool
 498args_enumerate(JSContext *cx, JSObject *obj)
 499{
 500    JSStackFrame *fp;
 501    JSObject *pobj;
 502    JSProperty *prop;
 503    uintN slot, argc;
 504
 505    fp = (JSStackFrame *)
 506         JS_GetInstancePrivate(cx, obj, &js_ArgumentsClass, NULL);
 507    if (!fp)
 508        return JS_TRUE;
 509    JS_ASSERT(fp->argsobj);
 510
 511    /*
 512     * Trigger reflection with value snapshot in args_resolve using a series
 513     * of js_LookupProperty calls.  We handle length, callee, and the indexed
 514     * argument properties.  We know that args_resolve covers all these cases
 515     * and creates direct properties of obj, but that it may fail to resolve
 516     * length or callee if overridden.
 517     */
 518    if (!js_LookupProperty(cx, obj,
 519                           ATOM_TO_JSID(cx->runtime->atomState.lengthAtom),
 520                           &pobj, &prop)) {
 521        return JS_FALSE;
 522    }
 523    if (prop)
 524        OBJ_DROP_PROPERTY(cx, pobj, prop);
 525
 526    if (!js_LookupProperty(cx, obj,
 527                           ATOM_TO_JSID(cx->runtime->atomState.calleeAtom),
 528                           &pobj, &prop)) {
 529        return JS_FALSE;
 530    }
 531    if (prop)
 532        OBJ_DROP_PROPERTY(cx, pobj, prop);
 533
 534    argc = fp->argc;
 535    for (slot = 0; slot < argc; slot++) {
 536        if (!js_LookupProperty(cx, obj, INT_TO_JSID((jsint)slot), &pobj, &prop))
 537            return JS_FALSE;
 538        if (prop)
 539            OBJ_DROP_PROPERTY(cx, pobj, prop);
 540    }
 541    return JS_TRUE;
 542}
 543
 544#if JS_HAS_GENERATORS
 545/*
 546 * If a generator-iterator's arguments or call object escapes, it needs to
 547 * mark its generator object.
 548 */
 549static void
 550args_or_call_trace(JSTracer *trc, JSObject *obj)
 551{
 552    JSStackFrame *fp;
 553
 554    fp = (JSStackFrame *) JS_GetPrivate(trc->context, obj);
 555    if (fp && (fp->flags & JSFRAME_GENERATOR)) {
 556        JS_CALL_OBJECT_TRACER(trc, FRAME_TO_GENERATOR(fp)->obj,
 557                              "FRAME_TO_GENERATOR(fp)->obj");
 558    }
 559}
 560#else
 561# define args_or_call_trace NULL
 562#endif
 563
 564/*
 565 * The Arguments class is not initialized via JS_InitClass, and must not be,
 566 * because its name is "Object".  Per ECMA, that causes instances of it to
 567 * delegate to the object named by Object.prototype.  It also ensures that
 568 * arguments.toString() returns "[object Object]".
 569 *
 570 * The JSClass functions below collaborate to lazily reflect and synchronize
 571 * actual argument values, argument count, and callee function object stored
 572 * in a JSStackFrame with their corresponding property values in the frame's
 573 * arguments object.
 574 */
 575JSClass js_ArgumentsClass = {
 576    js_Object_str,
 577    JSCLASS_HAS_PRIVATE | JSCLASS_NEW_RESOLVE | JSCLASS_HAS_RESERVED_SLOTS(1) |
 578    JSCLASS_MARK_IS_TRACE | JSCLASS_HAS_CACHED_PROTO(JSProto_Object),
 579    JS_PropertyStub,    args_delProperty,
 580    args_getProperty,   args_setProperty,
 581    args_enumerate,     (JSResolveOp) args_resolve,
 582    JS_ConvertStub,     JS_FinalizeStub,
 583    NULL,               NULL,
 584    NULL,               NULL,
 585    NULL,               NULL,
 586    JS_CLASS_TRACE(args_or_call_trace), NULL
 587};
 588
 589#define JSSLOT_SCRIPTED_FUNCTION         (JSSLOT_PRIVATE + 1)
 590#define JSSLOT_CALL_ARGUMENTS            (JSSLOT_PRIVATE + 2)
 591#define CALL_CLASS_FIXED_RESERVED_SLOTS  2
 592
 593JSObject *
 594js_GetCallObject(JSContext *cx, JSStackFrame *fp, JSObject *parent)
 595{
 596    JSObject *callobj, *funobj;
 597
 598    /* Create a call object for fp only if it lacks one. */
 599    JS_ASSERT(fp->fun);
 600    callobj = fp->callobj;
 601    if (callobj)
 602        return callobj;
 603
 604    /* The default call parent is its function's parent (static link). */
 605    if (!parent) {
 606        funobj = fp->callee;
 607        if (funobj)
 608            parent = OBJ_GET_PARENT(cx, funobj);
 609    }
 610
 611    /* Create the call object and link it to its stack frame. */
 612    callobj = js_NewObject(cx, &js_CallClass, NULL, parent, 0);
 613    if (!callobj)
 614        return NULL;
 615
 616    JS_SetPrivate(cx, callobj, fp);
 617    STOBJ_SET_SLOT(callobj, JSSLOT_SCRIPTED_FUNCTION,
 618                   OBJECT_TO_JSVAL(FUN_OBJECT(fp->fun)));
 619    fp->callobj = callobj;
 620
 621    /* Make callobj be the scope chain and the variables object. */
 622    JS_ASSERT(fp->scopeChain == parent);
 623    fp->scopeChain = callobj;
 624    fp->varobj = callobj;
 625    return callobj;
 626}
 627
 628JSFunction *
 629js_GetCallObjectFunction(JSObject *obj)
 630{
 631    jsval v;
 632
 633    JS_ASSERT(STOBJ_GET_CLASS(obj) == &js_CallClass);
 634    v = STOBJ_GET_SLOT(obj, JSSLOT_SCRIPTED_FUNCTION);
 635    if (JSVAL_IS_VOID(v)) {
 636        /* Newborn or prototype object. */
 637        return NULL;
 638    }
 639    JS_ASSERT(!JSVAL_IS_PRIMITIVE(v));
 640    return (JSFunction *) JSVAL_TO_OBJECT(v);
 641}
 642
 643JS_FRIEND_API(JSBool)
 644js_PutCallObject(JSContext *cx, JSStackFrame *fp)
 645{
 646    JSObject *callobj;
 647    JSBool ok;
 648    JSFunction *fun;
 649    uintN n;
 650    JSScope *scope;
 651
 652    /*
 653     * Since for a call object all fixed slots happen to be taken, we can copy
 654     * arguments and variables straight into JSObject.dslots.
 655     */
 656    JS_STATIC_ASSERT(JS_INITIAL_NSLOTS - JSSLOT_PRIVATE ==
 657                     1 + CALL_CLASS_FIXED_RESERVED_SLOTS);
 658
 659    callobj = fp->callobj;
 660    if (!callobj)
 661        return JS_TRUE;
 662
 663    /*
 664     * Get the arguments object to snapshot fp's actual argument values.
 665     */
 666    ok = JS_TRUE;
 667    if (fp->argsobj) {
 668        if (!TEST_OVERRIDE_BIT(fp, CALL_ARGUMENTS)) {
 669            STOBJ_SET_SLOT(callobj, JSSLOT_CALL_ARGUMENTS,
 670                           OBJECT_TO_JSVAL(fp->argsobj));
 671        }
 672        ok &= js_PutArgsObject(cx, fp);
 673    }
 674
 675    fun = fp->fun;
 676    JS_ASSERT(fun == js_GetCallObjectFunction(callobj));
 677    n = JS_GET_LOCAL_NAME_COUNT(fun);
 678    if (n != 0) {
 679        JS_LOCK_OBJ(cx, callobj);
 680        n += JS_INITIAL_NSLOTS;
 681        if (n > STOBJ_NSLOTS(callobj))
 682            ok &= js_ReallocSlots(cx, callobj, n, JS_TRUE);
 683        scope = OBJ_SCOPE(callobj);
 684        if (ok) {
 685            memcpy(callobj->dslots, fp->argv, fun->nargs * sizeof(jsval));
 686            memcpy(callobj->dslots + fun->nargs, fp->slots,
 687                   fun->u.i.nvars * sizeof(jsval));
 688            if (scope->object == callobj && n > scope->map.freeslot)
 689                scope->map.freeslot = n;
 690        }
 691        JS_UNLOCK_SCOPE(cx, scope);
 692    }
 693
 694    /*
 695     * Clear the private pointer to fp, which is about to go away (js_Invoke).
 696     * Do this last because js_GetProperty calls above need to follow the
 697     * private slot to find fp.
 698     */
 699    JS_SetPrivate(cx, callobj, NULL);
 700    fp->callobj = NULL;
 701    return ok;
 702}
 703
 704static JSBool
 705call_enumerate(JSContext *cx, JSObject *obj)
 706{
 707    JSFunction *fun;
 708    uintN n, i;
 709    void *mark;
 710    jsuword *names;
 711    JSBool ok;
 712    JSAtom *name;
 713    JSObject *pobj;
 714    JSProperty *prop;
 715
 716    fun = js_GetCallObjectFunction(obj);
 717    n = JS_GET_LOCAL_NAME_COUNT(fun);
 718    if (n == 0)
 719        return JS_TRUE;
 720
 721    mark = JS_ARENA_MARK(&cx->tempPool);
 722
 723    MUST_FLOW_THROUGH("out");
 724    names = js_GetLocalNameArray(cx, fun, &cx->tempPool);
 725    if (!names) {
 726        ok = JS_FALSE;
 727        goto out;
 728    }
 729
 730    for (i = 0; i != n; ++i) {
 731        name = JS_LOCAL_NAME_TO_ATOM(names[i]);
 732        if (!name)
 733            continue;
 734
 735        /*
 736         * Trigger reflection by looking up the name of the argument or
 737         * variable.
 738         */
 739        ok = js_LookupProperty(cx, obj, ATOM_TO_JSID(name), &pobj, &prop);
 740        if (!ok)
 741            goto out;
 742
 743        /*
 744         * At this point the call object always has a property corresponding
 745         * to the local name because call_resolve creates the property using
 746         * JSPROP_PERMANENT.
 747         */
 748        JS_ASSERT(prop && pobj == obj);
 749        OBJ_DROP_PROPERTY(cx, pobj, prop);
 750    }
 751    ok = JS_TRUE;
 752
 753  out:
 754    JS_ARENA_RELEASE(&cx->tempPool, mark);
 755    return ok;
 756}
 757
 758typedef enum JSCallPropertyKind {
 759    JSCPK_ARGUMENTS,
 760    JSCPK_ARG,
 761    JSCPK_VAR
 762} JSCallPropertyKind;
 763
 764static JSBool
 765CallPropertyOp(JSContext *cx, JSObject *obj, jsid id, jsval *vp,
 766               JSCallPropertyKind kind, JSBool setter)
 767{
 768    JSFunction *fun;
 769    JSStackFrame *fp;
 770    uintN i;
 771    jsval *array;
 772
 773    if (STOBJ_GET_CLASS(obj) != &js_CallClass)
 774        return JS_TRUE;
 775
 776    fun = js_GetCallObjectFunction(obj);
 777    fp = (JSStackFrame *) JS_GetPrivate(cx, obj);
 778
 779    if (kind == JSCPK_ARGUMENTS) {
 780        if (setter) {
 781            if (fp)
 782                SET_OVERRIDE_BIT(fp, CALL_ARGUMENTS);
 783            STOBJ_SET_SLOT(obj, JSSLOT_CALL_ARGUMENTS, *vp);
 784        } else {
 785            if (fp && !TEST_OVERRIDE_BIT(fp, CALL_ARGUMENTS)) {
 786                JSObject *argsobj;
 787
 788                argsobj = js_GetArgsObject(cx, fp);
 789                if (!argsobj)
 790                    return JS_FALSE;
 791                *vp = OBJECT_TO_JSVAL(argsobj);
 792            } else {
 793                *vp = STOBJ_GET_SLOT(obj, JSSLOT_CALL_ARGUMENTS);
 794            }
 795        }
 796        return JS_TRUE;
 797    }
 798
 799    JS_ASSERT((int16) JSVAL_TO_INT(id) == JSVAL_TO_INT(id));
 800    i = (uint16) JSVAL_TO_INT(id);
 801    JS_ASSERT_IF(kind == JSCPK_ARG, i < fun->nargs);
 802    JS_ASSERT_IF(kind == JSCPK_VAR, i < fun->u.i.nvars);
 803
 804    if (!fp) {
 805        i += CALL_CLASS_FIXED_RESERVED_SLOTS;
 806        if (kind == JSCPK_VAR)
 807            i += fun->nargs;
 808        else
 809            JS_ASSERT(kind == JSCPK_ARG);
 810        return setter
 811               ? JS_SetReservedSlot(cx, obj, i, *vp)
 812               : JS_GetReservedSlot(cx, obj, i, vp);
 813    }
 814
 815    if (kind == JSCPK_ARG) {
 816        array = fp->argv;
 817    } else {
 818        JS_ASSERT(kind == JSCPK_VAR);
 819        array = fp->slots;
 820    }
 821    if (setter)
 822        array[i] = *vp;
 823    else
 824        *vp = array[i];
 825    return JS_TRUE;
 826}
 827
 828static JSBool
 829GetCallArguments(JSContext *cx, JSObject *obj, jsid id, jsval *vp)
 830{
 831    return CallPropertyOp(cx, obj, id, vp, JSCPK_ARGUMENTS, JS_FALSE);
 832}
 833
 834static JSBool
 835SetCallArguments(JSContext *cx, JSObject *obj, jsid id, jsval *vp)
 836{
 837    return CallPropertyOp(cx, obj, id, vp, JSCPK_ARGUMENTS, JS_TRUE);
 838}
 839
 840JSBool
 841js_GetCallArg(JSContext *cx, JSObject *obj, jsid id, jsval *vp)
 842{
 843    return CallPropertyOp(cx, obj, id, vp, JSCPK_ARG, JS_FALSE);
 844}
 845
 846static JSBool
 847SetCallArg(JSContext *cx, JSObject *obj, jsid id, jsval *vp)
 848{
 849    return CallPropertyOp(cx, obj, id, vp, JSCPK_ARG, JS_TRUE);
 850}
 851
 852JSBool
 853js_GetCallVar(JSContext *cx, JSObject *obj, jsid id, jsval *vp)
 854{
 855    return CallPropertyOp(cx, obj, id, vp, JSCPK_VAR, JS_FALSE);
 856}
 857
 858static JSBool
 859SetCallVar(JSContext *cx, JSObject *obj, jsid id, jsval *vp)
 860{
 861    return CallPropertyOp(cx, obj, id, vp, JSCPK_VAR, JS_TRUE);
 862}
 863
 864static JSBool
 865call_resolve(JSContext *cx, JSObject *obj, jsval idval, uintN flags,
 866             JSObject **objp)
 867{
 868    JSFunction *fun;
 869    jsid id;
 870    JSLocalKind localKind;
 871    JSPropertyOp getter, setter;
 872    uintN slot, attrs;
 873
 874    if (!JSVAL_IS_STRING(idval))
 875        return JS_TRUE;
 876
 877    fun = js_GetCallObjectFunction(obj);
 878    if (!fun)
 879        return JS_TRUE;
 880
 881    if (!js_ValueToStringId(cx, idval, &id))
 882        return JS_FALSE;
 883
 884    localKind = js_LookupLocal(cx, fun, JSID_TO_ATOM(id), &slot);
 885    if (localKind != JSLOCAL_NONE) {
 886        JS_ASSERT((uint16) slot == slot);
 887        attrs = JSPROP_PERMANENT | JSPROP_SHARED;
 888        if (localKind == JSLOCAL_ARG) {
 889            JS_ASSERT(slot < fun->nargs);
 890            getter = js_GetCallArg;
 891            setter = SetCallArg;
 892        } else {
 893            JS_ASSERT(localKind == JSLOCAL_VAR || localKind == JSLOCAL_CONST);
 894            JS_ASSERT(slot < fun->u.i.nvars);
 895            getter = js_GetCallVar;
 896            setter = SetCallVar;
 897            if (localKind == JSLOCAL_CONST)
 898                attrs |= JSPROP_READONLY;
 899        }
 900        if (!js_DefineNativeProperty(cx, obj, id, JSVAL_VOID, getter, setter,
 901                                     attrs, SPROP_HAS_SHORTID, (int16) slot,
 902                                     NULL)) {
 903            return JS_FALSE;
 904        }
 905        *objp = obj;
 906        return JS_TRUE;
 907    }
 908
 909    /*
 910     * Resolve arguments so that we never store a particular Call object's
 911     * arguments object reference in a Call prototype's |arguments| slot.
 912     */
 913    if (id == ATOM_TO_JSID(cx->runtime->atomState.argumentsAtom)) {
 914        if (!js_DefineNativeProperty(cx, obj, id, JSVAL_VOID,
 915                                     GetCallArguments, SetCallArguments,
 916                                     JSPROP_PERMANENT | JSPROP_SHARED,
 917                                     0, 0, NULL)) {
 918            return JS_FALSE;
 919        }
 920        *objp = obj;
 921        return JS_TRUE;
 922    }
 923    return JS_TRUE;
 924}
 925
 926static JSBool
 927call_convert(JSContext *cx, JSObject *obj, JSType type, jsval *vp)
 928{
 929    JSStackFrame *fp;
 930
 931    if (type == JSTYPE_FUNCTION) {
 932        fp = (JSStackFrame *) JS_GetPrivate(cx, obj);
 933        if (fp) {
 934            JS_ASSERT(fp->fun);
 935            *vp = OBJECT_TO_JSVAL(fp->callee);
 936        }
 937    }
 938    return JS_TRUE;
 939}
 940
 941static uint32
 942call_reserveSlots(JSContext *cx, JSObject *obj)
 943{
 944    JSFunction *fun;
 945
 946    fun = js_GetCallObjectFunction(obj);
 947    return JS_GET_LOCAL_NAME_COUNT(fun);
 948}
 949
 950JS_FRIEND_DATA(JSClass) js_CallClass = {
 951    js_Call_str,
 952    JSCLASS_HAS_PRIVATE |
 953    JSCLASS_HAS_RESERVED_SLOTS(CALL_CLASS_FIXED_RESERVED_SLOTS) |
 954    JSCLASS_NEW_RESOLVE | JSCLASS_IS_ANONYMOUS |
 955    JSCLASS_MARK_IS_TRACE | JSCLASS_HAS_CACHED_PROTO(JSProto_Call),
 956    JS_PropertyStub,    JS_PropertyStub,
 957    JS_PropertyStub,    JS_PropertyStub,
 958    call_enumerate,     (JSResolveOp)call_resolve,
 959    call_convert,       JS_FinalizeStub,
 960    NULL,               NULL,
 961    NULL,               NULL,
 962    NULL,               NULL,
 963    JS_CLASS_TRACE(args_or_call_trace), call_reserveSlots
 964};
 965
 966static JSBool
 967fun_getProperty(JSContext *cx, JSObject *obj, jsval id, jsval *vp)
 968{
 969    jsint slot;
 970    JSFunction *fun;
 971    JSStackFrame *fp;
 972    JSSecurityCallbacks *callbacks;
 973
 974    if (!JSVAL_IS_INT(id))
 975        return JS_TRUE;
 976    slot = JSVAL_TO_INT(id);
 977
 978    /*
 979     * Loop because getter and setter can be delegated from another class,
 980     * but loop only for ARGS_LENGTH because we must pretend that f.length
 981     * is in each function instance f, per ECMA-262, instead of only in the
 982     * Function.prototype object (we use JSPROP_PERMANENT with JSPROP_SHARED
 983     * to make it appear so).
 984     *
 985     * This code couples tightly to the attributes for the function_props[]
 986     * initializers above, and to js_SetProperty and js_HasOwnProperty.
 987     *
 988     * It's important to allow delegating objects, even though they inherit
 989     * this getter (fun_getProperty), to override arguments, arity, caller,
 990     * and name.  If we didn't return early for slot != ARGS_LENGTH, we would
 991     * clobber *vp with the native property value, instead of letting script
 992     * override that value in delegating objects.
 993     *
 994     * Note how that clobbering is what simulates JSPROP_READONLY for all of
 995     * the non-standard properties when the directly addressed object (obj)
 996     * is a function object (i.e., when this loop does not iterate).
 997     */
 998    while (!(fun = (JSFunction *)
 999                   JS_GetInstancePrivate(cx, obj, &js_FunctionClass, NULL))) {
1000        if (slot != ARGS_LENGTH)
1001            return JS_TRUE;
1002        obj = OBJ_GET_PROTO(cx, obj);
1003        if (!obj)
1004            return JS_TRUE;
1005    }
1006
1007    /* Find fun's top-most activation record. */
1008    for (fp = cx->fp; fp && (fp->fun != fun || (fp->flags & JSFRAME_SPECIAL));
1009         fp = fp->down) {
1010        continue;
1011    }
1012
1013    switch (slot) {
1014      case CALL_ARGUMENTS:
1015        /* Warn if strict about f.arguments or equivalent unqualified uses. */
1016        if (!JS_ReportErrorFlagsAndNumber(cx,
1017                                          JSREPORT_WARNING | JSREPORT_STRICT,
1018                                          js_GetErrorMessage, NULL,
1019                                          JSMSG_DEPRECATED_USAGE,
1020                                          js_arguments_str)) {
1021            return JS_FALSE;
1022        }
1023        if (fp) {
1024            if (!js_GetArgsValue(cx, fp, vp))
1025                return JS_FALSE;
1026        } else {
1027            *vp = JSVAL_NULL;
1028        }
1029        break;
1030
1031      case ARGS_LENGTH:
1032      case FUN_ARITY:
1033            *vp = INT_TO_JSVAL((jsint)fun->nargs);
1034        break;
1035
1036      case FUN_NAME:
1037        *vp = fun->atom
1038              ? ATOM_KEY(fun->atom)
1039              : STRING_TO_JSVAL(cx->runtime->emptyString);
1040        break;
1041
1042      case FUN_CALLER:
1043        if (fp && fp->down && fp->down->fun)
1044            *vp = OBJECT_TO_JSVAL(fp->down->callee);
1045        else
1046            *vp = JSVAL_NULL;
1047        if (!JSVAL_IS_PRIMITIVE(*vp)) {
1048            callbacks = JS_GetSecurityCallbacks(cx);
1049            if (callbacks && callbacks->checkObjectAccess) {
1050                id = ATOM_KEY(cx->runtime->atomState.callerAtom);
1051                if (!callbacks->checkObjectAccess(cx, obj, id, JSACC_READ, vp))
1052                    return JS_FALSE;
1053            }
1054        }
1055        break;
1056
1057      default:
1058        /* XXX fun[0] and fun.arguments[0] are equivalent. */
1059        if (fp && fp->fun && (uintN)slot < fp->fun->nargs)
1060            *vp = fp->argv[slot];
1061        break;
1062    }
1063
1064    return JS_TRUE;
1065}
1066
1067/*
1068 * ECMA-262 specifies that length is a property of function object instances,
1069 * but we can avoid that space cost by delegating to a prototype property that
1070 * is JSPROP_PERMANENT and JSPROP_SHARED.  Each fun_getProperty call computes
1071 * a fresh length value based on the arity of the individual function object's
1072 * private data.
1073 *
1074 * The extensions below other than length, i.e., the ones not in ECMA-262,
1075 * are neither JSPROP_READONLY nor JSPROP_SHARED, because for compatibility
1076 * with ECMA we must allow a delegating object to override them. Therefore to
1077 * avoid entraining garbage in Function.prototype slots, they must be resolved
1078 * in non-prototype function objects, wherefore the lazy_function_props table
1079 * and fun_resolve's use of it.
1080 */
1081#define LENGTH_PROP_ATTRS (JSPROP_READONLY|JSPROP_PERMANENT|JSPROP_SHARED)
1082
1083static JSPropertySpec function_props[] = {
1084    {js_length_str,    ARGS_LENGTH,    LENGTH_PROP_ATTRS, fun_getProperty, JS_PropertyStub},
1085    {0,0,0,0,0}
1086};
1087
1088typedef struct LazyFunctionProp {
1089    uint16      atomOffset;
1090    int8        tinyid;
1091    uint8       attrs;
1092} LazyFunctionProp;
1093
1094/* NB: no sentinel at the end -- use JS_ARRAY_LENGTH to bound loops. */
1095static LazyFunctionProp lazy_function_props[] = {
1096    {ATOM_OFFSET(arguments), CALL_ARGUMENTS, JSPROP_PERMANENT},
1097    {ATOM_OFFSET(arity),     FUN_ARITY,      JSPROP_PERMANENT},
1098    {ATOM_OFFSET(caller),    FUN_CALLER,     JSPROP_PERMANENT},
1099    {ATOM_OFFSET(name),      FUN_NAME,       JSPROP_PERMANENT},
1100};
1101
1102static JSBool
1103fun_enumerate(JSContext *cx, JSObject *obj)
1104{
1105    jsid prototypeId;
1106    JSObject *pobj;
1107    JSProperty *prop;
1108
1109    prototypeId = ATOM_TO_JSID(cx->runtime->atomState.classPrototypeAtom);
1110    if (!OBJ_LOOKUP_PROPERTY(cx, obj, prototypeId, &pobj, &prop))
1111        return JS_FALSE;
1112    if (prop)
1113        OBJ_DROP_PROPERTY(cx, pobj, prop);
1114    return JS_TRUE;
1115}
1116
1117static JSBool
1118fun_resolve(JSContext *cx, JSObject *obj, jsval id, uintN flags,
1119            JSObject **objp)
1120{
1121    JSFunction *fun;
1122    JSAtom *atom;
1123    uintN i;
1124
1125    if (!JSVAL_IS_STRING(id))
1126        return JS_TRUE;
1127
1128    fun = GET_FUNCTION_PRIVATE(cx, obj);
1129
1130    /*
1131     * No need to reflect fun.prototype in 'fun.prototype = ... '.
1132     *
1133     * This is not just an optimization, because we must not resolve when
1134     * defining hidden properties during compilation. The setup code for the
1135     * prototype and the lazy properties below eventually calls the property
1136     * hooks for the function object. That in turn calls fun_reserveSlots to
1137     * get the number of the reserved slots which is just the number of
1138     * regular expressions literals in the function. When compiling, that
1139     * number is not yet ready so we must make sure that fun_resolve does
1140     * nothing until the code for the function is generated.
1141     */
1142    if (flags & JSRESOLVE_ASSIGNING)
1143        return JS_TRUE;
1144
1145    /*
1146     * Ok, check whether id is 'prototype' and bootstrap the function object's
1147     * prototype property.
1148     */
1149    atom = cx->runtime->atomState.classPrototypeAtom;
1150    if (id == ATOM_KEY(atom)) {
1151        JSObject *proto;
1152
1153        /*
1154         * Beware of the wacky case of a user function named Object -- trying
1155         * to find a prototype for that will recur back here _ad perniciem_.
1156         */
1157        if (fun->atom == CLASS_ATOM(cx, Object))
1158            return JS_TRUE;
1159
1160        /*
1161         * Make the prototype object to have the same parent as the function
1162         * object itself.
1163         */
1164        proto = js_NewObject(cx, &js_ObjectClass, NULL, OBJ_GET_PARENT(cx, obj),
1165                             0);
1166        if (!proto)
1167            return JS_FALSE;
1168
1169        /*
1170         * ECMA (15.3.5.2) says that constructor.prototype is DontDelete for
1171         * user-defined functions, but DontEnum | ReadOnly | DontDelete for
1172         * native "system" constructors such as Object or Function.  So lazily
1173         * set the former here in fun_resolve, but eagerly define the latter
1174         * in JS_InitClass, with the right attributes.
1175         */
1176        if (!js_SetClassPrototype(cx, obj, proto,
1177                                  JSPROP_ENUMERATE | JSPROP_PERMANENT)) {
1178            cx->weakRoots.newborn[GCX_OBJECT] = NULL;
1179            return JS_FALSE;
1180        }
1181        *objp = obj;
1182        return JS_TRUE;
1183    }
1184
1185    for (i = 0; i < JS_ARRAY_LENGTH(lazy_function_props); i++) {
1186        LazyFunctionProp *lfp = &lazy_function_props[i];
1187
1188        atom = OFFSET_TO_ATOM(cx->runtime, lfp->atomOffset);
1189        if (id == ATOM_KEY(atom)) {
1190            if (!js_DefineNativeProperty(cx, obj,
1191                                         ATOM_TO_JSID(atom), JSVAL_VOID,
1192                                         fun_getProperty, JS_PropertyStub,
1193                                         lfp->attrs, SPROP_HAS_SHORTID,
1194                                         lfp->tinyid, NULL)) {
1195                return JS_FALSE;
1196            }
1197            *objp = obj;
1198            return JS_TRUE;
1199        }
1200    }
1201
1202    return JS_TRUE;
1203}
1204
1205static JSBool
1206fun_convert(JSContext *cx, JSObject *obj, JSType type, jsval *vp)
1207{
1208    switch (type) {
1209      case JSTYPE_FUNCTION:
1210        *vp = OBJECT_TO_JSVAL(obj);
1211        return JS_TRUE;
1212      default:
1213        return js_TryValueOf(cx, obj, type, vp);
1214    }
1215}
1216
1217#if JS_HAS_XDR
1218
1219/* XXX store parent and proto, if defined */
1220static JSBool
1221fun_xdrObject(JSXDRState *xdr, JSObject **objp)
1222{
1223    JSContext *cx;
1224    JSFunction *fun;
1225    uint32 nullAtom;            /* flag to indicate if fun->atom is NULL */
1226    uintN nargs, nvars, n;
1227    uint32 localsword;          /* word to xdr argument and variable counts */
1228    uint32 flagsword;           /* originally only flags was JS_XDRUint8'd */
1229    JSTempValueRooter tvr;
1230    JSBool ok;
1231
1232    cx = xdr->cx;
1233    if (xdr->mode == JSXDR_ENCODE) {
1234        fun = GET_FUNCTION_PRIVATE(cx, *objp);
1235        if (!FUN_INTERPRETED(fun)) {
1236            JS_ReportErrorNumber(cx, js_GetErrorMessage, NULL,
1237                                 JSMSG_NOT_SCRIPTED_FUNCTION,
1238                                 JS_GetFunctionName(fun));
1239            return JS_FALSE;
1240        }
1241        nullAtom = !fun->atom;
1242        nargs = fun->nargs;
1243        nvars = fun->u.i.nvars;
1244        localsword = (nargs << 16) | nvars;
1245        flagsword = fun->flags;
1246    } else {
1247        fun = js_NewFunction(cx, NULL, NULL, 0, JSFUN_INTERPRETED, NULL, NULL);
1248        if (!fun)
1249            return JS_FALSE;
1250        STOBJ_CLEAR_PARENT(FUN_OBJECT(fun));
1251        STOBJ_CLEAR_PROTO(FUN_OBJECT(fun));
1252#ifdef __GNUC__
1253        nvars = nargs = 0;   /* quell GCC uninitialized warning */
1254#endif
1255    }
1256
1257    /* From here on, control flow must flow through label out. */
1258    JS_PUSH_TEMP_ROOT_OBJECT(cx, FUN_OBJECT(fun), &tvr);
1259    ok = JS_TRUE;
1260
1261    if (!JS_XDRUint32(xdr, &nullAtom))
1262        goto bad;
1263    if (!nullAtom && !js_XDRStringAtom(xdr, &fun->atom))
1264        goto bad;
1265    if (!JS_XDRUint32(xdr, &localsword) ||
1266        !JS_XDRUint32(xdr, &flagsword)) {
1267        goto bad;
1268    }
1269
1270    if (xdr->mode == JSXDR_DECODE) {
1271        nargs = localsword >> 16;
1272        nvars = localsword & JS_BITMASK(16);
1273        JS_ASSERT(flagsword | JSFUN_INTERPRETED);
1274        fun->flags = (uint16) flagsword;
1275    }
1276
1277    /* do arguments and local vars */
1278    n = nargs + nvars;
1279    if (n != 0) {
1280        void *mark;
1281        uintN i;
1282        uintN bitmapLength;
1283        uint32 *bitmap;
1284        jsuword *names;
1285        JSAtom *name;
1286        JSLocalKind localKind;
1287
1288        mark = JS_ARENA_MARK(&xdr->cx->tempPool);
1289
1290        /*
1291         * From this point the control must flow via the label release_mark.
1292         *
1293         * To xdr the names we prefix the names with a bitmap descriptor and
1294         * then xdr the names as strings. For argument names (indexes below
1295         * nargs) the corresponding bit in the bitmap is unset when the name
1296         * is null. Such null names are not encoded or decoded. For variable
1297         * names (indexes starting from nargs) bitmap's bit is set when the
1298         * name is declared as const, not as ordinary var.
1299         * */
1300        bitmapLength = JS_HOWMANY(n, JS_BITS_PER_UINT32);
1301        JS_ARENA_ALLOCATE_CAST(bitmap, uint32 *, &xdr->cx->tempPool,
1302                               bitmapLength * sizeof *bitmap);
1303        if (!bitmap) {
1304            js_ReportOutOfScriptQuota(xdr->cx);
1305            ok = JS_FALSE;
1306            goto release_mark;
1307        }
1308        if (xdr->mode == JSXDR_ENCODE) {
1309            names = js_GetLocalNameArray(xdr->cx, fun, &xdr->cx->tempPool);
1310            if (!names) {
1311                ok = JS_FALSE;
1312                goto release_mark;
1313            }
1314            memset(bitmap, 0, bitmapLength * sizeof *bitmap);
1315            for (i = 0; i != n; ++i) {
1316                if (i < fun->nargs
1317                    ? JS_LOCAL_NAME_TO_ATOM(names[i]) != NULL
1318                    : JS_LOCAL_NAME_IS_CONST(names[i])) {
1319                    bitmap[i >> JS_BITS_PER_UINT32_LOG2] |=
1320                        JS_BIT(i & (JS_BITS_PER_UINT32 - 1));
1321                }
1322            }
1323        }
1324#ifdef __GNUC__
1325        else {
1326            names = NULL;   /* quell GCC uninitialized warning */
1327        }
1328#endif
1329        for (i = 0; i != bitmapLength; ++i) {
1330            ok = JS_XDRUint32(xdr, &bitmap[i]);
1331            if (!ok)
1332                goto release_mark;
1333        }
1334        for (i = 0; i != n; ++i) {
1335            if (i < nargs &&
1336                !(bitmap[i >> JS_BITS_PER_UINT32_LOG2] &
1337                  JS_BIT(i & (JS_BITS_PER_UINT32 - 1)))) {
1338                if (xdr->mode == JSXDR_DECODE) {
1339                    ok = js_AddLocal(xdr->cx, fun, NULL, JSLOCAL_ARG);
1340                    if (!ok)
1341                        goto release_mark;
1342                } else {
1343                    JS_ASSERT(!JS_LOCAL_NAME_TO_ATOM(names[i]));
1344                }
1345                continue;
1346            }
1347            if (xdr->mode == JSXDR_ENCODE)
1348                name = JS_LOCAL_NAME_TO_ATOM(names[i]);
1349            ok = js_XDRStringAtom(xdr, &name);
1350            if (!ok)
1351                goto release_mark;
1352            if (xdr->mode == JSXDR_DECODE) {
1353                localKind = (i < nargs)
1354                            ? JSLOCAL_ARG
1355                            : bitmap[i >> JS_BITS_PER_UINT32_LOG2] &
1356                              JS_BIT(i & (JS_BITS_PER_UINT32 - 1))
1357                            ? JSLOCAL_CONST
1358                            : JSLOCAL_VAR;
1359                ok = js_AddLocal(xdr->cx, fun, name, localKind);
1360                if (!ok)
1361                    goto release_mark;
1362            }
1363        }
1364        ok = JS_TRUE;
1365
1366      release_mark:
1367        JS_ARENA_RELEASE(&xdr->cx->tempPool, mark);
1368        if (!ok)
1369            goto out;
1370
1371        if (xdr->mode == JSXDR_DECODE)
1372            js_FreezeLocalNames(cx, fun);
1373    }
1374
1375    if (!js_XDRScript(xdr, &fun->u.i.script, NULL))
1376        goto bad;
1377
1378    if (xdr->mode == JSXDR_DECODE) {
1379        *objp = FUN_OBJECT(fun);
1380#ifdef CHECK_SCRIPT_OWNER
1381        fun->u.i.script->owner = NULL;
1382#endif
1383        js_CallNewScriptHook(cx, fun->u.i.script, fun);
1384    }
1385
1386out:
1387    JS_POP_TEMP_ROOT(cx, &tvr);
1388    return ok;
1389
1390bad:
1391    ok = JS_FALSE;
1392    goto out;
1393}
1394
1395#else  /* !JS_HAS_XDR */
1396
1397#define fun_xdrObject NULL
1398
1399#endif /* !JS_HAS_XDR */
1400
1401/*
1402 * [[HasInstance]] internal method for Function objects: fetch the .prototype
1403 * property of its 'this' parameter, and walks the prototype chain of v (only
1404 * if v is an object) returning true if .prototype is found.
1405 */
1406static JSBool
1407fun_hasInstance(JSContext *cx, JSObject *obj, jsval v, JSBool *bp)
1408{
1409    jsval pval;
1410
1411    if (!OBJ_GET_PROPERTY(cx, obj,
1412                          ATOM_TO_JSID(cx->runtime->atomState
1413                                       .classPrototypeAtom),
1414                          &pval)) {
1415        return JS_FALSE;
1416    }
1417
1418    if (JSVAL_IS_PRIMITIVE(pval)) {
1419        /*
1420         * Throw a runtime error if instanceof is called on a function that
1421         * has a non-object as its .prototype value.
1422         */
1423        js_ReportValueError(cx, JSMSG_BAD_PROTOTYPE,
1424                            -1, OBJECT_TO_JSVAL(obj), NULL);
1425        return JS_FALSE;
1426    }
1427
1428    return js_IsDelegate(cx, JSVAL_TO_OBJECT(pval), v, bp);
1429}
1430
1431static void
1432TraceLocalNames(JSTracer *trc, JSFunction *fun);
1433
1434static void
1435DestroyLocalNames(JSContext *cx, JSFunction *fun);
1436
1437static void
1438fun_trace(JSTracer *trc, JSObject *obj)
1439{
1440    JSFunction *fun;
1441
1442    /* A newborn function object may have a not yet initialized private slot. */
1443    fun = (JSFunction *) JS_GetPrivate(trc->context, obj);
1444    if (!fun)
1445        return;
1446
1447    if (FUN_OBJECT(fun) != obj) {
1448        /* obj is cloned function object, trace the original. */
1449        JS_CALL_TRACER(trc, FUN_OBJECT(fun), JSTRACE_OBJECT, "private");
1450        return;
1451    }
1452    if (fun->atom)
1453        JS_CALL_STRING_TRACER(trc, ATOM_TO_STRING(fun->atom), "atom");
1454    if (FUN_INTERPRETED(fun)) {
1455        if (fun->u.i.script)
1456            js_TraceScript(trc, fun->u.i.script);
1457        TraceLocalNames(trc, fun);
1458    }
1459}
1460
1461static void
1462fun_finalize(JSContext *cx, JSObject *obj)
1463{
1464    JSFunction *fun;
1465
1466    /* Ignore newborn and cloned function objects. */
1467    fun = (JSFunction *) JS_GetPrivate(cx, obj);
1468    if (!fun || FUN_OBJECT(fun) != obj)
1469        return;
1470
1471    /*
1472     * Null-check of u.i.script is required since the parser sets interpreted
1473     * very early.
1474     */
1475    if (FUN_INTERPRETED(fun)) {
1476        if (fun->u.i.script)
1477            js_DestroyScript(cx, fun->u.i.script);
1478        DestroyLocalNames(cx, fun);
1479    }
1480}
1481
1482static uint32
1483fun_reserveSlots(JSContext *cx, JSObject *obj)
1484{
1485    JSFunction *fun;
1486    uint32 nslots;
1487
1488    /*
1489     * We use JS_GetPrivate and not GET_FUNCTION_PRIVATE because during
1490     * js_InitFunctionClass invocation the function is called before the
1491     * private slot of the function object is set.
1492     */
1493    fun = (JSFunction *) JS_GetPrivate(cx, obj);
1494    nslots = 0;
1495    if (fun && FUN_INTERPRETED(fun) && fun->u.i.script) {
1496        if (fun->u.i.script->upvarsOffset != 0)
1497            nslots = JS_SCRIPT_UPVARS(fun->u.i.script)->length;
1498        if (fun->u.i.script->regexpsOffset != 0)
1499            nslots += JS_SCRIPT_REGEXPS(fun->u.i.script)->length;
1500    }
1501    return nslots;
1502}
1503
1504/*
1505 * Reserve two slots in all function objects for XPConnect.  Note that this
1506 * does not bloat every instance, only those on which reserved slots are set,
1507 * and those on which ad-hoc properties are defined.
1508 */
1509JS_FRIEND_DATA(JSClass) js_FunctionClass = {
1510    js_Function_str,
1511    JSCLASS_HAS_PRIVATE | JSCLASS_NEW_RESOLVE | JSCLASS_HAS_RESERVED_SLOTS(2) |
1512    JSCLASS_MARK_IS_TRACE | JSCLASS_HAS_CACHED_PROTO(JSProto_Function),
1513    JS_PropertyStub,  JS_PropertyStub,
1514    JS_PropertyStub,  JS_PropertyStub,
1515    fun_enumerate,    (JSResolveOp)fun_resolve,
1516    fun_convert,      fun_finalize,
1517    NULL,             NULL,
1518    NULL,             NULL,
1519    fun_xdrObject,    fun_hasInstance,
1520    JS_CLASS_TRACE(fun_trace), fun_reserveSlots
1521};
1522
1523static JSBool
1524fun_toStringHelper(JSContext *cx, uint32 indent, uintN argc, jsval *vp)
1525{
1526    jsval fval;
1527    JSObject *obj;
1528    JSFunction *fun;
1529    JSString *str;
1530
1531    fval = JS_THIS(cx, vp);
1532    if (JSVAL_IS_NULL(fval))
1533        return JS_FALSE;
1534
1535    if (!VALUE_IS_FUNCTION(cx, fval)) {
1536        /*
1537         * If we don't have a function to start off with, try converting the
1538         * object to a function. If that doesn't work, complain.
1539         */
1540        if (!JSVAL_IS_PRIMITIVE(fval)) {
1541            obj = JSVAL_TO_OBJECT(fval);
1542            if (!OBJ_GET_CLASS(cx, obj)->convert(cx, obj, JSTYPE_FUNCTION,
1543                                                 &fval)) {
1544                return JS_FALSE;
1545            }
1546            vp[1] = fval;
1547        }
1548        if (!VALUE_IS_FUNCTION(cx, fval)) {
1549            JS_ReportErrorNumber(cx, js_GetErrorMessage, NULL,
1550                                 JSMSG_INCOMPATIBLE_PROTO,
1551                                 js_Function_str, js_toString_str,
1552                                 JS_GetTypeName(cx, JS_TypeOfValue(cx, fval)));
1553            return JS_FALSE;
1554        }
1555    }
1556
1557    obj = JSVAL_TO_OBJECT(fval);
1558    if (argc != 0) {
1559        indent = js_ValueToECMAUint32(cx, &vp[2]);
1560        if (JSVAL_IS_NULL(vp[2]))
1561            return JS_FALSE;
1562    }
1563
1564    JS_ASSERT(JS_ObjectIsFunction(cx, obj));
1565    fun = GET_FUNCTION_PRIVATE(cx, obj);
1566    if (!fun)
1567        return JS_TRUE;
1568    str = JS_DecompileFunction(cx, fun, (uintN)indent);
1569    if (!str)
1570        return JS_FALSE;
1571    *vp = STRING_TO_JSVAL(str);
1572    return JS_TRUE;
1573}
1574
1575static JSBool
1576fun_toString(JSContext *cx, uintN argc, jsval *vp)
1577{
1578    return fun_toStringHelper(cx, 0, argc,  vp);
1579}
1580
1581#if JS_HAS_TOSOURCE
1582static JSBool
1583fun_toSource(JSContext *cx, uintN argc, jsval *vp)
1584{
1585    return fun_toStringHelper(cx, JS_DONT_PRETTY_PRINT, argc, vp);
1586}
1587#endif
1588
1589JSBool
1590js_fun_call(JSContext *cx, uintN argc, jsval *vp)
1591{
1592    JSObject *obj;
1593    jsval fval, *argv, *invokevp;
1594    JSString *str;
1595    void *mark;
1596    JSBool ok;
1597
1598    obj = JS_THIS_OBJECT(cx, vp);
1599    if (!obj || !OBJ_DEFAULT_VALUE(cx, obj, JSTYPE_FUNCTION, &vp[1]))
1600        return JS_FALSE;
1601    fval = vp[1];
1602
1603    if (!VALUE_IS_FUNCTION(cx, fval)) {
1604        str = JS_ValueToString(cx, fval);
1605        if (str) {
1606            const char *bytes = js_GetStringBytes(cx, str);
1607
1608            if (bytes) {
1609                JS_ReportErrorNumber(cx, js_GetErrorMessage, NULL,
1610                                     JSMSG_INCOMPATIBLE_PROTO,
1611                                     js_Function_str, js_call_str,
1612                                     bytes);
1613            }
1614        }
1615        return JS_FALSE;
1616    }
1617
1618    argv = vp + 2;
1619    if (argc == 0) {
1620        /* Call fun with its global object as the 'this' param if no args. */
1621        obj

Large files files are truncated, but you can click here to view the full file