1 // Copyright 2016 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "src/api/api-inl.h"
6 #include "src/builtins/builtins-utils-inl.h"
7 #include "src/builtins/builtins.h"
8 #include "src/codegen/code-factory.h"
9 #include "src/codegen/compiler.h"
10 #include "src/logging/counters.h"
11 #include "src/numbers/conversions.h"
12 #include "src/objects/api-callbacks.h"
13 #include "src/objects/lookup.h"
14 #include "src/objects/objects-inl.h"
15 #include "src/strings/string-builder-inl.h"
16
17 namespace v8 {
18 namespace internal {
19
20 namespace {
21
22 // ES6 section 19.2.1.1.1 CreateDynamicFunction
CreateDynamicFunction(Isolate * isolate,BuiltinArguments args,const char * token)23 MaybeHandle<Object> CreateDynamicFunction(Isolate* isolate,
24 BuiltinArguments args,
25 const char* token) {
26 // Compute number of arguments, ignoring the receiver.
27 DCHECK_LE(1, args.length());
28 int const argc = args.length() - 1;
29
30 Handle<JSFunction> target = args.target();
31 Handle<JSObject> target_global_proxy(target->global_proxy(), isolate);
32
33 if (!Builtins::AllowDynamicFunction(isolate, target, target_global_proxy)) {
34 isolate->CountUsage(v8::Isolate::kFunctionConstructorReturnedUndefined);
35 // TODO(verwaest): We would like to throw using the calling context instead
36 // of the entered context but we don't currently have access to that.
37 HandleScopeImplementer* impl = isolate->handle_scope_implementer();
38 SaveAndSwitchContext save(
39 isolate, impl->LastEnteredOrMicrotaskContext()->native_context());
40 THROW_NEW_ERROR(isolate, NewTypeError(MessageTemplate::kNoAccess), Object);
41 }
42
43 // Build the source string.
44 Handle<String> source;
45 int parameters_end_pos = kNoSourcePosition;
46 {
47 IncrementalStringBuilder builder(isolate);
48 builder.AppendCharacter('(');
49 builder.AppendCString(token);
50 builder.AppendCStringLiteral(" anonymous(");
51 if (argc > 1) {
52 for (int i = 1; i < argc; ++i) {
53 if (i > 1) builder.AppendCharacter(',');
54 Handle<String> param;
55 ASSIGN_RETURN_ON_EXCEPTION(
56 isolate, param, Object::ToString(isolate, args.at(i)), Object);
57 param = String::Flatten(isolate, param);
58 builder.AppendString(param);
59 }
60 }
61 builder.AppendCharacter('\n');
62 parameters_end_pos = builder.Length();
63 builder.AppendCStringLiteral(") {\n");
64 if (argc > 0) {
65 Handle<String> body;
66 ASSIGN_RETURN_ON_EXCEPTION(
67 isolate, body, Object::ToString(isolate, args.at(argc)), Object);
68 builder.AppendString(body);
69 }
70 builder.AppendCStringLiteral("\n})");
71 ASSIGN_RETURN_ON_EXCEPTION(isolate, source, builder.Finish(), Object);
72 }
73
74 bool is_code_like = true;
75 for (int i = 0; i < argc; ++i) {
76 if (!args.at(i + 1)->IsCodeLike(isolate)) {
77 is_code_like = false;
78 break;
79 }
80 }
81
82 // Compile the string in the constructor and not a helper so that errors to
83 // come from here.
84 Handle<JSFunction> function;
85 {
86 ASSIGN_RETURN_ON_EXCEPTION(
87 isolate, function,
88 Compiler::GetFunctionFromString(
89 handle(target->native_context(), isolate), source,
90 ONLY_SINGLE_FUNCTION_LITERAL, parameters_end_pos, is_code_like),
91 Object);
92 Handle<Object> result;
93 ASSIGN_RETURN_ON_EXCEPTION(
94 isolate, result,
95 Execution::Call(isolate, function, target_global_proxy, 0, nullptr),
96 Object);
97 function = Handle<JSFunction>::cast(result);
98 function->shared().set_name_should_print_as_anonymous(true);
99 }
100
101 // If new.target is equal to target then the function created
102 // is already correctly setup and nothing else should be done
103 // here. But if new.target is not equal to target then we are
104 // have a Function builtin subclassing case and therefore the
105 // function has wrong initial map. To fix that we create a new
106 // function object with correct initial map.
107 Handle<Object> unchecked_new_target = args.new_target();
108 if (!unchecked_new_target->IsUndefined(isolate) &&
109 !unchecked_new_target.is_identical_to(target)) {
110 Handle<JSReceiver> new_target =
111 Handle<JSReceiver>::cast(unchecked_new_target);
112 Handle<Map> initial_map;
113 ASSIGN_RETURN_ON_EXCEPTION(
114 isolate, initial_map,
115 JSFunction::GetDerivedMap(isolate, target, new_target), Object);
116
117 Handle<SharedFunctionInfo> shared_info(function->shared(), isolate);
118 Handle<Map> map = Map::AsLanguageMode(isolate, initial_map, shared_info);
119
120 Handle<Context> context(function->context(), isolate);
121 function = Factory::JSFunctionBuilder{isolate, shared_info, context}
122 .set_map(map)
123 .set_allocation_type(AllocationType::kYoung)
124 .Build();
125 }
126 return function;
127 }
128
129 } // namespace
130
131 // ES6 section 19.2.1.1 Function ( p1, p2, ... , pn, body )
BUILTIN(FunctionConstructor)132 BUILTIN(FunctionConstructor) {
133 HandleScope scope(isolate);
134 Handle<Object> result;
135 ASSIGN_RETURN_FAILURE_ON_EXCEPTION(
136 isolate, result, CreateDynamicFunction(isolate, args, "function"));
137 return *result;
138 }
139
140 // ES6 section 25.2.1.1 GeneratorFunction (p1, p2, ... , pn, body)
BUILTIN(GeneratorFunctionConstructor)141 BUILTIN(GeneratorFunctionConstructor) {
142 HandleScope scope(isolate);
143 RETURN_RESULT_OR_FAILURE(isolate,
144 CreateDynamicFunction(isolate, args, "function*"));
145 }
146
BUILTIN(AsyncFunctionConstructor)147 BUILTIN(AsyncFunctionConstructor) {
148 HandleScope scope(isolate);
149 Handle<Object> maybe_func;
150 ASSIGN_RETURN_FAILURE_ON_EXCEPTION(
151 isolate, maybe_func,
152 CreateDynamicFunction(isolate, args, "async function"));
153 if (!maybe_func->IsJSFunction()) return *maybe_func;
154
155 // Do not lazily compute eval position for AsyncFunction, as they may not be
156 // determined after the function is resumed.
157 Handle<JSFunction> func = Handle<JSFunction>::cast(maybe_func);
158 Handle<Script> script =
159 handle(Script::cast(func->shared().script()), isolate);
160 int position = Script::GetEvalPosition(isolate, script);
161 USE(position);
162
163 return *func;
164 }
165
BUILTIN(AsyncGeneratorFunctionConstructor)166 BUILTIN(AsyncGeneratorFunctionConstructor) {
167 HandleScope scope(isolate);
168 Handle<Object> maybe_func;
169 ASSIGN_RETURN_FAILURE_ON_EXCEPTION(
170 isolate, maybe_func,
171 CreateDynamicFunction(isolate, args, "async function*"));
172 if (!maybe_func->IsJSFunction()) return *maybe_func;
173
174 // Do not lazily compute eval position for AsyncFunction, as they may not be
175 // determined after the function is resumed.
176 Handle<JSFunction> func = Handle<JSFunction>::cast(maybe_func);
177 Handle<Script> script =
178 handle(Script::cast(func->shared().script()), isolate);
179 int position = Script::GetEvalPosition(isolate, script);
180 USE(position);
181
182 return *func;
183 }
184
185 namespace {
186
DoFunctionBind(Isolate * isolate,BuiltinArguments args)187 Object DoFunctionBind(Isolate* isolate, BuiltinArguments args) {
188 HandleScope scope(isolate);
189 DCHECK_LE(1, args.length());
190 if (!args.receiver()->IsCallable()) {
191 THROW_NEW_ERROR_RETURN_FAILURE(
192 isolate, NewTypeError(MessageTemplate::kFunctionBind));
193 }
194
195 // Allocate the bound function with the given {this_arg} and {args}.
196 Handle<JSReceiver> target = args.at<JSReceiver>(0);
197 Handle<Object> this_arg = isolate->factory()->undefined_value();
198 base::ScopedVector<Handle<Object>> argv(std::max(0, args.length() - 2));
199 if (args.length() > 1) {
200 this_arg = args.at(1);
201 for (int i = 2; i < args.length(); ++i) {
202 argv[i - 2] = args.at(i);
203 }
204 }
205 Handle<JSBoundFunction> function;
206 ASSIGN_RETURN_FAILURE_ON_EXCEPTION(
207 isolate, function,
208 isolate->factory()->NewJSBoundFunction(target, this_arg, argv));
209 Maybe<bool> result =
210 JSFunctionOrBoundFunctionOrWrappedFunction::CopyNameAndLength(
211 isolate, function, target, isolate->factory()->bound__string(),
212 argv.length());
213 if (result.IsNothing()) {
214 DCHECK(isolate->has_pending_exception());
215 return ReadOnlyRoots(isolate).exception();
216 }
217 return *function;
218 }
219
220 } // namespace
221
222 // ES6 section 19.2.3.2 Function.prototype.bind ( thisArg, ...args )
BUILTIN(FunctionPrototypeBind)223 BUILTIN(FunctionPrototypeBind) { return DoFunctionBind(isolate, args); }
224
225 // ES6 section 19.2.3.5 Function.prototype.toString ( )
BUILTIN(FunctionPrototypeToString)226 BUILTIN(FunctionPrototypeToString) {
227 HandleScope scope(isolate);
228 Handle<Object> receiver = args.receiver();
229 if (receiver->IsJSBoundFunction()) {
230 return *JSBoundFunction::ToString(Handle<JSBoundFunction>::cast(receiver));
231 }
232 if (receiver->IsJSFunction()) {
233 return *JSFunction::ToString(Handle<JSFunction>::cast(receiver));
234 }
235 // With the revised toString behavior, all callable objects are valid
236 // receivers for this method.
237 if (receiver->IsJSReceiver() &&
238 JSReceiver::cast(*receiver).map().is_callable()) {
239 return ReadOnlyRoots(isolate).function_native_code_string();
240 }
241 THROW_NEW_ERROR_RETURN_FAILURE(
242 isolate, NewTypeError(MessageTemplate::kNotGeneric,
243 isolate->factory()->NewStringFromAsciiChecked(
244 "Function.prototype.toString"),
245 isolate->factory()->Function_string()));
246 }
247
248 } // namespace internal
249 } // namespace v8
250