Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (232210 => 232211)
--- trunk/Source/_javascript_Core/ChangeLog 2018-05-25 22:47:59 UTC (rev 232210)
+++ trunk/Source/_javascript_Core/ChangeLog 2018-05-25 23:18:15 UTC (rev 232211)
@@ -1,3 +1,42 @@
+2018-05-25 Mark Lam <[email protected]>
+
+ Enforce invariant that GetterSetter objects are invariant.
+ https://bugs.webkit.org/show_bug.cgi?id=185968
+ <rdar://problem/40541416>
+
+ Reviewed by Saam Barati.
+
+ The code already assumes the invariant that GetterSetter objects are immutable.
+ For example, the use of @tryGetById in builtins expect this invariant to be true.
+ The existing code mostly enforces this except for one case: JSObject's
+ validateAndApplyPropertyDescriptor, where it will re-use the same GetterSetter
+ object.
+
+ This patch enforces this invariant by removing the setGetter and setSetter methods
+ of GetterSetter, and requiring the getter/setter callback functions to be
+ specified at construction time.
+
+ * jit/JITOperations.cpp:
+ * llint/LLIntSlowPaths.cpp:
+ (JSC::LLInt::LLINT_SLOW_PATH_DECL):
+ * runtime/GetterSetter.cpp:
+ (JSC::GetterSetter::withGetter): Deleted.
+ (JSC::GetterSetter::withSetter): Deleted.
+ * runtime/GetterSetter.h:
+ * runtime/JSGlobalObject.cpp:
+ (JSC::JSGlobalObject::init):
+ * runtime/JSObject.cpp:
+ (JSC::JSObject::putIndexedDescriptor):
+ (JSC::JSObject::putDirectNativeIntrinsicGetter):
+ (JSC::putDescriptor):
+ (JSC::validateAndApplyPropertyDescriptor):
+ * runtime/JSTypedArrayViewPrototype.cpp:
+ (JSC::JSTypedArrayViewPrototype::finishCreation):
+ * runtime/Lookup.cpp:
+ (JSC::reifyStaticAccessor):
+ * runtime/PropertyDescriptor.cpp:
+ (JSC::PropertyDescriptor::slowGetterSetter):
+
2018-05-25 Saam Barati <[email protected]>
Make JSC have a mini mode that kicks in when the JIT is disabled
Modified: trunk/Source/_javascript_Core/jit/JITOperations.cpp (232210 => 232211)
--- trunk/Source/_javascript_Core/jit/JITOperations.cpp 2018-05-25 22:47:59 UTC (rev 232210)
+++ trunk/Source/_javascript_Core/jit/JITOperations.cpp 2018-05-25 23:18:15 UTC (rev 232211)
@@ -1781,23 +1781,15 @@
ASSERT(object && object->isObject());
JSObject* baseObject = asObject(object);
- GetterSetter* accessor = GetterSetter::create(vm, exec->lexicalGlobalObject());
-
JSValue getter = JSValue::decode(encodedGetterValue);
JSValue setter = JSValue::decode(encodedSetterValue);
- ASSERT(getter.isObject() || getter.isUndefined());
- ASSERT(setter.isObject() || setter.isUndefined());
ASSERT(getter.isObject() || setter.isObject());
-
- if (!getter.isUndefined())
- accessor->setGetter(vm, exec->lexicalGlobalObject(), asObject(getter));
- if (!setter.isUndefined())
- accessor->setSetter(vm, exec->lexicalGlobalObject(), asObject(setter));
+ GetterSetter* accessor = GetterSetter::create(vm, exec->lexicalGlobalObject(), getter, setter);
CommonSlowPaths::putDirectAccessorWithReify(vm, exec, baseObject, uid, accessor, attribute);
}
#else
-void JIT_OPERATION operationPutGetterSetter(ExecState* exec, JSCell* object, UniquedStringImpl* uid, int32_t attribute, JSCell* getter, JSCell* setter)
+void JIT_OPERATION operationPutGetterSetter(ExecState* exec, JSCell* object, UniquedStringImpl* uid, int32_t attribute, JSCell* getterCell, JSCell* setterCell)
{
VM& vm = exec->vm();
NativeCallFrameTracer tracer(&vm, exec);
@@ -1805,16 +1797,10 @@
ASSERT(object && object->isObject());
JSObject* baseObject = asObject(object);
- GetterSetter* accessor = GetterSetter::create(vm, exec->lexicalGlobalObject());
-
- ASSERT(!getter || getter->isObject());
- ASSERT(!setter || setter->isObject());
ASSERT(getter || setter);
-
- if (getter)
- accessor->setGetter(vm, exec->lexicalGlobalObject(), getter->getObject());
- if (setter)
- accessor->setSetter(vm, exec->lexicalGlobalObject(), setter->getObject());
+ JSObject* getter = getterCell ? getterCell->getObject() : nullptr;
+ JSObject* setter = setterCell ? setterCell->getObject() : nullptr;
+ GetterSetter* accessor = GetterSetter::create(vm, exec->lexicalGlobalObject(), getter, setter);
CommonSlowPaths::putDirectAccessorWithReify(vm, exec, baseObject, uid, accessor, attribute);
}
#endif
Modified: trunk/Source/_javascript_Core/llint/LLIntSlowPaths.cpp (232210 => 232211)
--- trunk/Source/_javascript_Core/llint/LLIntSlowPaths.cpp 2018-05-25 22:47:59 UTC (rev 232210)
+++ trunk/Source/_javascript_Core/llint/LLIntSlowPaths.cpp 2018-05-25 23:18:15 UTC (rev 232211)
@@ -1078,20 +1078,12 @@
LLINT_BEGIN();
ASSERT(LLINT_OP(1).jsValue().isObject());
JSObject* baseObject = asObject(LLINT_OP(1).jsValue());
-
- GetterSetter* accessor = GetterSetter::create(vm, exec->lexicalGlobalObject());
- LLINT_CHECK_EXCEPTION();
JSValue getter = LLINT_OP(4).jsValue();
JSValue setter = LLINT_OP(5).jsValue();
- ASSERT(getter.isObject() || getter.isUndefined());
- ASSERT(setter.isObject() || setter.isUndefined());
ASSERT(getter.isObject() || setter.isObject());
-
- if (!getter.isUndefined())
- accessor->setGetter(vm, exec->lexicalGlobalObject(), asObject(getter));
- if (!setter.isUndefined())
- accessor->setSetter(vm, exec->lexicalGlobalObject(), asObject(setter));
+ GetterSetter* accessor = GetterSetter::create(vm, exec->lexicalGlobalObject(), getter, setter);
+
CommonSlowPaths::putDirectAccessorWithReify(vm, exec, baseObject, exec->codeBlock()->identifier(pc[2].u.operand), accessor, pc[3].u.operand);
LLINT_END();
}
Modified: trunk/Source/_javascript_Core/runtime/GetterSetter.cpp (232210 => 232211)
--- trunk/Source/_javascript_Core/runtime/GetterSetter.cpp 2018-05-25 22:47:59 UTC (rev 232210)
+++ trunk/Source/_javascript_Core/runtime/GetterSetter.cpp 2018-05-25 23:18:15 UTC (rev 232211)
@@ -45,32 +45,6 @@
visitor.append(thisObject->m_setter);
}
-GetterSetter* GetterSetter::withGetter(VM& vm, JSGlobalObject* globalObject, JSObject* newGetter)
-{
- if (isGetterNull()) {
- setGetter(vm, globalObject, newGetter);
- return this;
- }
-
- GetterSetter* result = GetterSetter::create(vm, globalObject);
- result->setGetter(vm, globalObject, newGetter);
- result->setSetter(vm, globalObject, setter());
- return result;
-}
-
-GetterSetter* GetterSetter::withSetter(VM& vm, JSGlobalObject* globalObject, JSObject* newSetter)
-{
- if (isSetterNull()) {
- setSetter(vm, globalObject, newSetter);
- return this;
- }
-
- GetterSetter* result = GetterSetter::create(vm, globalObject);
- result->setGetter(vm, globalObject, getter());
- result->setSetter(vm, globalObject, newSetter);
- return result;
-}
-
JSValue callGetter(ExecState* exec, JSValue base, JSValue getterSetter)
{
VM& vm = exec->vm();
Modified: trunk/Source/_javascript_Core/runtime/GetterSetter.h (232210 => 232211)
--- trunk/Source/_javascript_Core/runtime/GetterSetter.h 2018-05-25 22:47:59 UTC (rev 232210)
+++ trunk/Source/_javascript_Core/runtime/GetterSetter.h 2018-05-25 23:18:15 UTC (rev 232211)
@@ -44,11 +44,12 @@
friend class JIT;
typedef JSNonFinalObject Base;
private:
- GetterSetter(VM& vm, JSGlobalObject* globalObject)
+ GetterSetter(VM& vm, JSGlobalObject* globalObject, JSObject* getter, JSObject* setter)
: Base(vm, globalObject->getterSetterStructure())
{
- m_getter.set(vm, this, globalObject->nullGetterFunction());
- m_setter.set(vm, this, globalObject->nullSetterFunction());
+ WTF::storeStoreFence();
+ m_getter.set(vm, this, getter ? getter : globalObject->nullGetterFunction());
+ m_setter.set(vm, this, setter ? setter : globalObject->nullSetterFunction());
}
public:
@@ -55,13 +56,26 @@
static const unsigned StructureFlags = Base::StructureFlags | OverridesGetOwnPropertySlot | StructureIsImmortal;
- static GetterSetter* create(VM& vm, JSGlobalObject* globalObject)
+ static GetterSetter* create(VM& vm, JSGlobalObject* globalObject, JSObject* getter, JSObject* setter)
{
- GetterSetter* getterSetter = new (NotNull, allocateCell<GetterSetter>(vm.heap)) GetterSetter(vm, globalObject);
+ GetterSetter* getterSetter = new (NotNull, allocateCell<GetterSetter>(vm.heap)) GetterSetter(vm, globalObject, getter, setter);
getterSetter->finishCreation(vm);
return getterSetter;
}
+ static GetterSetter* create(VM& vm, JSGlobalObject* globalObject, JSValue getter, JSValue setter)
+ {
+ ASSERT(getter.isUndefined() || getter.isObject());
+ ASSERT(setter.isUndefined() || setter.isObject());
+ JSObject* getterObject { nullptr };
+ JSObject* setterObject { nullptr };
+ if (getter.isObject())
+ getterObject = asObject(getter);
+ if (setter.isObject())
+ setterObject = asObject(setter);
+ return create(vm, globalObject, getterObject, setterObject);
+ }
+
static void visitChildren(JSCell*, SlotVisitor&);
JSObject* getter() const { return m_getter.get(); }
@@ -76,18 +90,6 @@
bool isGetterNull() const { return !!jsDynamicCast<NullGetterFunction*>(*m_getter.get()->vm(), m_getter.get()); }
bool isSetterNull() const { return !!jsDynamicCast<NullSetterFunction*>(*m_setter.get()->vm(), m_setter.get()); }
- // Set the getter. It's only valid to call this if you've never set the getter on this
- // object.
- void setGetter(VM& vm, JSGlobalObject* globalObject, JSObject* getter)
- {
- if (!getter)
- getter = jsCast<JSObject*>(globalObject->nullGetterFunction());
-
- RELEASE_ASSERT(isGetterNull());
- WTF::storeStoreFence();
- m_getter.set(vm, this, getter);
- }
-
JSObject* setter() const { return m_setter.get(); }
JSObject* setterConcurrently() const
@@ -97,21 +99,6 @@
return result;
}
- // Set the setter. It's only valid to call this if you've never set the setter on this
- // object.
- void setSetter(VM& vm, JSGlobalObject* globalObject, JSObject* setter)
- {
- if (!setter)
- setter = jsCast<JSObject*>(globalObject->nullSetterFunction());
-
- RELEASE_ASSERT(isSetterNull());
- WTF::storeStoreFence();
- m_setter.set(vm, this, setter);
- }
-
- GetterSetter* withGetter(VM&, JSGlobalObject*, JSObject* getter);
- GetterSetter* withSetter(VM&, JSGlobalObject*, JSObject* setter);
-
static Structure* createStructure(VM& vm, JSGlobalObject* globalObject, JSValue prototype)
{
return Structure::create(vm, globalObject, prototype, TypeInfo(GetterSetterType), info());
Modified: trunk/Source/_javascript_Core/runtime/JSGlobalObject.cpp (232210 => 232211)
--- trunk/Source/_javascript_Core/runtime/JSGlobalObject.cpp 2018-05-25 22:47:59 UTC (rev 232210)
+++ trunk/Source/_javascript_Core/runtime/JSGlobalObject.cpp 2018-05-25 23:18:15 UTC (rev 232211)
@@ -466,9 +466,7 @@
m_throwTypeErrorGetterSetter.initLater(
[] (const Initializer<GetterSetter>& init) {
JSFunction* thrower = init.owner->throwTypeErrorFunction();
- GetterSetter* getterSetter = GetterSetter::create(init.vm, init.owner);
- getterSetter->setGetter(init.vm, init.owner, thrower);
- getterSetter->setSetter(init.vm, init.owner, thrower);
+ GetterSetter* getterSetter = GetterSetter::create(init.vm, init.owner, thrower, thrower);
init.set(getterSetter);
});
@@ -475,9 +473,9 @@
m_nullGetterFunction.set(vm, this, NullGetterFunction::create(vm, NullGetterFunction::createStructure(vm, this, m_functionPrototype.get())));
m_nullSetterFunction.set(vm, this, NullSetterFunction::create(vm, NullSetterFunction::createStructure(vm, this, m_functionPrototype.get())));
m_objectPrototype.set(vm, this, ObjectPrototype::create(vm, this, ObjectPrototype::createStructure(vm, this, jsNull())));
- GetterSetter* protoAccessor = GetterSetter::create(vm, this);
- protoAccessor->setGetter(vm, this, JSFunction::create(vm, this, 0, makeString("get ", vm.propertyNames->underscoreProto.string()), globalFuncProtoGetter, UnderscoreProtoIntrinsic));
- protoAccessor->setSetter(vm, this, JSFunction::create(vm, this, 0, makeString("set ", vm.propertyNames->underscoreProto.string()), globalFuncProtoSetter));
+ GetterSetter* protoAccessor = GetterSetter::create(vm, this,
+ JSFunction::create(vm, this, 0, makeString("get ", vm.propertyNames->underscoreProto.string()), globalFuncProtoGetter, UnderscoreProtoIntrinsic),
+ JSFunction::create(vm, this, 0, makeString("set ", vm.propertyNames->underscoreProto.string()), globalFuncProtoSetter));
m_objectPrototype->putDirectNonIndexAccessor(vm, vm.propertyNames->underscoreProto, protoAccessor, PropertyAttribute::Accessor | PropertyAttribute::DontEnum);
m_functionPrototype->structure()->setPrototypeWithoutTransition(vm, m_objectPrototype.get());
m_objectStructureForObjectConstructor.set(vm, this, vm.structureCache.emptyObjectStructureForPrototype(this, m_objectPrototype.get(), JSFinalObject::defaultInlineCapacity()));
@@ -484,15 +482,12 @@
m_objectProtoValueOfFunction.set(vm, this, jsCast<JSFunction*>(objectPrototype()->getDirect(vm, vm.propertyNames->valueOf)));
JSFunction* thrower = JSFunction::create(vm, this, 0, String(), globalFuncThrowTypeErrorArgumentsCalleeAndCaller);
- GetterSetter* getterSetter = GetterSetter::create(vm, this);
- getterSetter->setGetter(vm, this, thrower);
- getterSetter->setSetter(vm, this, thrower);
+ GetterSetter* getterSetter = GetterSetter::create(vm, this, thrower, thrower);
m_throwTypeErrorArgumentsCalleeAndCallerGetterSetter.set(vm, this, getterSetter);
m_functionPrototype->initRestrictedProperties(exec, this);
- m_speciesGetterSetter.set(vm, this, GetterSetter::create(vm, this));
- m_speciesGetterSetter->setGetter(vm, this, JSFunction::create(vm, globalOperationsSpeciesGetterCodeGenerator(vm), this));
+ m_speciesGetterSetter.set(vm, this, GetterSetter::create(vm, this, JSFunction::create(vm, globalOperationsSpeciesGetterCodeGenerator(vm), this), nullptr));
m_typedArrayProto.initLater(
[] (const Initializer<JSTypedArrayViewPrototype>& init) {
Modified: trunk/Source/_javascript_Core/runtime/JSObject.cpp (232210 => 232211)
--- trunk/Source/_javascript_Core/runtime/JSObject.cpp 2018-05-25 22:47:59 UTC (rev 232210)
+++ trunk/Source/_javascript_Core/runtime/JSObject.cpp 2018-05-25 23:18:15 UTC (rev 232211)
@@ -2456,22 +2456,18 @@
}
if (descriptor.isAccessorDescriptor()) {
- JSObject* getter = 0;
+ JSObject* getter = nullptr;
if (descriptor.getterPresent())
getter = descriptor.getterObject();
else if (oldDescriptor.isAccessorDescriptor())
getter = oldDescriptor.getterObject();
- JSObject* setter = 0;
+ JSObject* setter = nullptr;
if (descriptor.setterPresent())
setter = descriptor.setterObject();
else if (oldDescriptor.isAccessorDescriptor())
setter = oldDescriptor.setterObject();
- GetterSetter* accessor = GetterSetter::create(vm, exec->lexicalGlobalObject());
- if (getter)
- accessor->setGetter(vm, exec->lexicalGlobalObject(), getter);
- if (setter)
- accessor->setSetter(vm, exec->lexicalGlobalObject(), setter);
+ GetterSetter* accessor = GetterSetter::create(vm, exec->lexicalGlobalObject(), getter, setter);
entryInMap->set(vm, map, accessor);
entryInMap->attributes = descriptor.attributesOverridingCurrent(oldDescriptor) & ~PropertyAttribute::ReadOnly;
@@ -3054,9 +3050,8 @@
bool JSObject::putDirectNativeIntrinsicGetter(VM& vm, JSGlobalObject* globalObject, Identifier name, NativeFunction nativeFunction, Intrinsic intrinsic, unsigned attributes)
{
- GetterSetter* accessor = GetterSetter::create(vm, globalObject);
JSFunction* function = JSFunction::create(vm, globalObject, 0, makeString("get ", name.string()), nativeFunction, intrinsic);
- accessor->setGetter(vm, globalObject, function);
+ GetterSetter* accessor = GetterSetter::create(vm, globalObject, function, nullptr);
return putDirectNonIndexAccessor(vm, name, accessor, attributes);
}
@@ -3414,11 +3409,9 @@
VM& vm = exec->vm();
if (descriptor.isGenericDescriptor() || descriptor.isDataDescriptor()) {
if (descriptor.isGenericDescriptor() && oldDescriptor.isAccessorDescriptor()) {
- GetterSetter* accessor = GetterSetter::create(vm, exec->lexicalGlobalObject());
- if (oldDescriptor.getterPresent())
- accessor->setGetter(vm, exec->lexicalGlobalObject(), oldDescriptor.getterObject());
- if (oldDescriptor.setterPresent())
- accessor->setSetter(vm, exec->lexicalGlobalObject(), oldDescriptor.setterObject());
+ JSObject* getter = oldDescriptor.getterPresent() ? oldDescriptor.getterObject() : nullptr;
+ JSObject* setter = oldDescriptor.setterPresent() ? oldDescriptor.setterObject() : nullptr;
+ GetterSetter* accessor = GetterSetter::create(vm, exec->lexicalGlobalObject(), getter, setter);
target->putDirectAccessor(exec, propertyName, accessor, attributes | PropertyAttribute::Accessor);
return true;
}
@@ -3433,16 +3426,14 @@
return true;
}
attributes &= ~PropertyAttribute::ReadOnly;
- GetterSetter* accessor = GetterSetter::create(vm, exec->lexicalGlobalObject());
- if (descriptor.getterPresent())
- accessor->setGetter(vm, exec->lexicalGlobalObject(), descriptor.getterObject());
- else if (oldDescriptor.getterPresent())
- accessor->setGetter(vm, exec->lexicalGlobalObject(), oldDescriptor.getterObject());
- if (descriptor.setterPresent())
- accessor->setSetter(vm, exec->lexicalGlobalObject(), descriptor.setterObject());
- else if (oldDescriptor.setterPresent())
- accessor->setSetter(vm, exec->lexicalGlobalObject(), oldDescriptor.setterObject());
+ JSObject* getter = descriptor.getterPresent()
+ ? descriptor.getterObject() : oldDescriptor.getterPresent()
+ ? oldDescriptor.getterObject() : nullptr;
+ JSObject* setter = descriptor.setterPresent()
+ ? descriptor.setterObject() : oldDescriptor.setterPresent()
+ ? oldDescriptor.setterObject() : nullptr;
+ GetterSetter* accessor = GetterSetter::create(vm, exec->lexicalGlobalObject(), getter, setter);
target->putDirectAccessor(exec, propertyName, accessor, attributes | PropertyAttribute::Accessor);
return true;
@@ -3559,29 +3550,36 @@
JSValue accessor = object->getDirect(vm, propertyName);
if (!accessor)
return false;
- GetterSetter* getterSetter;
+ JSObject* getter = nullptr;
+ JSObject* setter = nullptr;
bool getterSetterChanged = false;
+
if (accessor.isCustomGetterSetter()) {
- getterSetter = GetterSetter::create(vm, exec->lexicalGlobalObject());
auto* customGetterSetter = jsCast<CustomGetterSetter*>(accessor);
if (customGetterSetter->setter())
- getterSetter->setSetter(vm, exec->lexicalGlobalObject(), getCustomGetterSetterFunctionForGetterSetter(exec, propertyName, customGetterSetter, JSCustomGetterSetterFunction::Type::Setter));
+ setter = getCustomGetterSetterFunctionForGetterSetter(exec, propertyName, customGetterSetter, JSCustomGetterSetterFunction::Type::Setter);
if (customGetterSetter->getter())
- getterSetter->setGetter(vm, exec->lexicalGlobalObject(), getCustomGetterSetterFunctionForGetterSetter(exec, propertyName, customGetterSetter, JSCustomGetterSetterFunction::Type::Getter));
+ getter = getCustomGetterSetterFunctionForGetterSetter(exec, propertyName, customGetterSetter, JSCustomGetterSetterFunction::Type::Getter);
} else {
ASSERT(accessor.isGetterSetter());
- getterSetter = jsCast<GetterSetter*>(accessor);
+ auto* getterSetter = jsCast<GetterSetter*>(accessor);
+ getter = getterSetter->getter();
+ setter = getterSetter->setter();
}
if (descriptor.setterPresent()) {
- getterSetter = getterSetter->withSetter(vm, exec->lexicalGlobalObject(), descriptor.setterObject());
+ setter = descriptor.setterObject();
getterSetterChanged = true;
}
if (descriptor.getterPresent()) {
- getterSetter = getterSetter->withGetter(vm, exec->lexicalGlobalObject(), descriptor.getterObject());
+ getter = descriptor.getterObject();
getterSetterChanged = true;
}
+
if (current.attributesEqual(descriptor) && !getterSetterChanged)
return true;
+
+ GetterSetter* getterSetter = GetterSetter::create(vm, exec->lexicalGlobalObject(), getter, setter);
+
object->methodTable(vm)->deleteProperty(object, exec, propertyName);
RETURN_IF_EXCEPTION(scope, false);
unsigned attrs = descriptor.attributesOverridingCurrent(current);
Modified: trunk/Source/_javascript_Core/runtime/JSTypedArrayViewPrototype.cpp (232210 => 232211)
--- trunk/Source/_javascript_Core/runtime/JSTypedArrayViewPrototype.cpp 2018-05-25 22:47:59 UTC (rev 232210)
+++ trunk/Source/_javascript_Core/runtime/JSTypedArrayViewPrototype.cpp 2018-05-25 23:18:15 UTC (rev 232211)
@@ -326,8 +326,7 @@
JSC_BUILTIN_FUNCTION_WITHOUT_TRANSITION(vm.propertyNames->toLocaleString, typedArrayPrototypeToLocaleStringCodeGenerator, static_cast<unsigned>(PropertyAttribute::DontEnum));
JSFunction* toStringTagFunction = JSFunction::create(vm, globalObject, 0, ASCIILiteral("get [Symbol.toStringTag]"), typedArrayViewProtoGetterFuncToStringTag, NoIntrinsic);
- GetterSetter* toStringTagAccessor = GetterSetter::create(vm, globalObject);
- toStringTagAccessor->setGetter(vm, globalObject, toStringTagFunction);
+ GetterSetter* toStringTagAccessor = GetterSetter::create(vm, globalObject, toStringTagFunction, nullptr);
putDirectNonIndexAccessor(vm, vm.propertyNames->toStringTagSymbol, toStringTagAccessor, PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly | PropertyAttribute::Accessor);
JSFunction* valuesFunction = JSFunction::create(vm, typedArrayPrototypeValuesCodeGenerator(vm), globalObject);
Modified: trunk/Source/_javascript_Core/runtime/Lookup.cpp (232210 => 232211)
--- trunk/Source/_javascript_Core/runtime/Lookup.cpp 2018-05-25 22:47:59 UTC (rev 232210)
+++ trunk/Source/_javascript_Core/runtime/Lookup.cpp 2018-05-25 23:18:15 UTC (rev 232211)
@@ -29,19 +29,18 @@
void reifyStaticAccessor(VM& vm, const HashTableValue& value, JSObject& thisObject, PropertyName propertyName)
{
JSGlobalObject* globalObject = thisObject.globalObject();
- GetterSetter* accessor = GetterSetter::create(vm, globalObject);
+ JSObject* getter = nullptr;
if (value.accessorGetter()) {
- JSFunction* function = nullptr;
if (value.attributes() & PropertyAttribute::Builtin)
- function = JSFunction::create(vm, value.builtinAccessorGetterGenerator()(vm), globalObject);
+ getter = JSFunction::create(vm, value.builtinAccessorGetterGenerator()(vm), globalObject);
else {
String getterName = tryMakeString(ASCIILiteral("get "), String(*propertyName.publicName()));
if (!getterName)
return;
- function = JSFunction::create(vm, globalObject, 0, getterName, value.accessorGetter());
+ getter = JSFunction::create(vm, globalObject, 0, getterName, value.accessorGetter());
}
- accessor->setGetter(vm, globalObject, function);
}
+ GetterSetter* accessor = GetterSetter::create(vm, globalObject, getter, nullptr);
thisObject.putDirectNonIndexAccessor(vm, propertyName, accessor, attributesForStructure(value.attributes()));
}
Modified: trunk/Source/_javascript_Core/runtime/PropertyDescriptor.cpp (232210 => 232211)
--- trunk/Source/_javascript_Core/runtime/PropertyDescriptor.cpp 2018-05-25 22:47:59 UTC (rev 232210)
+++ trunk/Source/_javascript_Core/runtime/PropertyDescriptor.cpp 2018-05-25 23:18:15 UTC (rev 232211)
@@ -75,17 +75,10 @@
GetterSetter* PropertyDescriptor::slowGetterSetter(ExecState* exec)
{
VM& vm = exec->vm();
- auto scope = DECLARE_THROW_SCOPE(vm);
-
JSGlobalObject* globalObject = exec->lexicalGlobalObject();
- GetterSetter* getterSetter = GetterSetter::create(vm, globalObject);
- RETURN_IF_EXCEPTION(scope, nullptr);
- if (m_getter && !m_getter.isUndefined())
- getterSetter->setGetter(vm, globalObject, jsCast<JSObject*>(m_getter));
- if (m_setter && !m_setter.isUndefined())
- getterSetter->setSetter(vm, globalObject, jsCast<JSObject*>(m_setter));
-
- return getterSetter;
+ JSValue getter = m_getter && !m_getter.isUndefined() ? jsCast<JSObject*>(m_getter) : jsUndefined();
+ JSValue setter = m_setter && !m_setter.isUndefined() ? jsCast<JSObject*>(m_setter) : jsUndefined();
+ return GetterSetter::create(vm, globalObject, getter, setter);
}
JSValue PropertyDescriptor::getter() const
