The call to enumerable_own_property_names in the non-array case was
missing an exception check.
Fixes 1 test262 case (JSON/parse/reviver-object-own-keys-err.js)
- Fix evaluation order: IsArray(O) should always be called and before
Get(O, @@toStringTag), previously it was the other way around and
IsArray would only be called if @@toStringTag is not a string
- Add missing exception checks to both function calls
- Add missing builtin tag for arguments object
Also, while we're here:
- Update variable names to match spec
- Add spec step comments
If calling the executor function throws an exception, the return value
of `vm.call()` will be an empty value, which we then passed as an
argument to the reject function, which is incorrect - what it actually
needs is the exception value. This stems from a misunderstanding of the
spec I had at the time of implementing this - in their case, the
exception value is part of the completion record returned by Call().
This error was previously masked as we would use a fallback
(`value_or(js_undefined())` for the empty value argument, but that was
removed in 57f7e6e.
Fixes#8447.
As the name implies (and the spec confirms), this is only ever going to
be an object or "nothing", or "undefined" in the spec. By taking this
literally and updating a check to check for `is_undefined()`, we
introduced a bug - the value was still initialized as an empty value.
Instead, use a pointer to an Object - either we have one, or we don't.
Fixes#8448.
Non-RangeError exceptions can be thrown by user implementations of
valueOf (which are called by to_index), and the specification
disallows changing the type of the thrown error.
Now that the Object rewrite is in place, we have enough tools to
implement the mapped `arguments` propreties according to spec.
The basic mechanism is that the `arguments` object installs a hidden
parameter mapping object that property accesses get filtered through.
This is how accessing numeric properties on `arguments` are proxied
to the named identifier in the function scope.
When `arguments` is instantiated, getters and setters are created
for all the numeric properties on the object that correspond to
function arguments. These getters and setters can be deleted from the
object. This is all pretty intricate, so refer to the spec for details.
Note that the `arguments` object itself is still lazily instantiated
on first access within a function. This is non-conforming, and we'll
have to revisit this once we get around to improving function calls.
This also renames ErrorType::StringMatchAllNonGlobalRegExp to
ErrorType::StringNonGlobalRegExp (removes "MatchAll") because this error
is now used in the same way from multiple operations.
To make this happen, this patch implements the SetImmutablePrototype
abstract operation (as a method on Object) and then overrides
[[SetPrototypeOf]] on ObjectPrototype.
This is a huge patch, I know. In hindsight this perhaps could've been
done slightly more incremental, but I started and then fixed everything
until it worked, and here we are. I tried splitting of some completely
unrelated changes into separate commits, however. Anyway.
This is a rewrite of most of Object, and by extension large parts of
Array, Proxy, Reflect, String, TypedArray, and some other things.
What we already had worked fine for about 90% of things, but getting the
last 10% right proved to be increasingly difficult with the current code
that sort of grew organically and is only very loosely based on the
spec - this became especially obvious when we started fixing a large
number of test262 failures.
Key changes include:
- 1:1 matching function names and parameters of all object-related
functions, to avoid ambiguity. Previously we had things like put(),
which the spec doesn't have - as a result it wasn't always clear which
need to be used.
- Better separation between object abstract operations and internal
methods - the former are always the same, the latter can be overridden
(and are therefore virtual). The internal methods (i.e. [[Foo]] in the
spec) are now prefixed with 'internal_' for clarity - again, it was
previously not always clear which AO a certain method represents,
get() could've been both Get and [[Get]] (I don't know which one it
was closer to right now).
Note that some of the old names have been kept until all code relying
on them is updated, but they are now simple wrappers around the
closest matching standard abstract operation.
- Simplifications of the storage layer: functions that write values to
storage are now prefixed with 'storage_' to make their purpose clear,
and as they are not part of the spec they should not contain any steps
specified by it. Much functionality is now covered by the layers above
it and was removed (e.g. handling of accessors, attribute checks).
- PropertyAttributes has been greatly simplified, and is being replaced
by PropertyDescriptor - a concept similar to the current
implementation, but more aligned with the actual spec. See the commit
message of the previous commit where it was introduced for details.
- As a bonus, and since I had to look at the spec a whole lot anyway, I
introduced more inline comments with the exact steps from the spec -
this makes it super easy to verify correctness.
- East-const all the things.
As a result of all of this, things are much more correct but a bit
slower now. Retaining speed wasn't a consideration at all, I have done
no profiling of the new code - there might be low hanging fruits, which
we can then harvest separately.
Special thanks to Idan for helping me with this by tracking down bugs,
updating everything outside of LibJS to work with these changes (LibWeb,
Spreadsheet, HackStudio), as well as providing countless patches to fix
regressions I introduced - there still are very few (we got it down to
5), but we also get many new passing test262 tests in return. :^)
Co-authored-by: Idan Horowitz <idan.horowitz@gmail.com>
This would previously crash as we used to_string() without checking the
type first. Circumvent that by handling invalid and numeric ones
separately and then using to_string_or_symbol().
This is an implementation of 'The Property Descriptor Specification
Type' and related abstract operations, namely:
- IsAccessorDescriptor
- IsDataDescriptor
- IsGenericDescriptor
- FromPropertyDescriptor
- ToPropertyDescriptor
- CompletePropertyDescriptor
It works with Optional<T> to enable omitting certain fields, which will
eventually replace the Attribute::Has{Getter,Setter,Configurable,
Enumerable,Writable} bit flags, which are awkward to work with - being
able to use an initializer list with any of the possible attributes is
much more convenient.
Parts of the current PropertyAttributes implementation as well as the
much simpler PropertyDescriptor struct in Object.h will eventually be
replaced with this and completely go away.
Property storage will still use the PropertyAttributes bit flags, this
is for the layers above.
Note that this is currently guarded behind an #if 0 as if conflicts with
the existing PropertyDescriptor struct, but it's known to compile and
work just fine - I simply want to have this in a separate commit, the
primary object rewrite commit will be large enough as is.
Specifically, explicitly specify the checked type, use the resulting
value instead of doing the same calculation twice, and break down
calculations to discrete operations to ensure no intermediary overflows
are missed.
Specifically, this now explicitly takes the length, adds missing
exceptions checks to calls with user-supplied lengths, takes and uses
the prototype argument, and fixes some spec non-conformance in
ArrayConstructor and its native functions around the use of ArrayCreate
This patch implements spec-compliant runtime semantics for the following
constructs:
- super.property
- super[property]
The MakeSuperPropertyReference AO is added to support this. :^)
ResolveBinding now matches the spec, while the non-conforming parts
are moved to GetIdentifierReference.
Implementing this properly requires variable bindings.
This is used by VM::call_internal() and VM::construct() which roughly
map to function objects' [[Call]] and [[Construct]] slots in the spec.
Reorganizing this code revealed something weird: NativeFunction gets
its strictness by checking VM::in_strict_mode(). In other words,
it inherits the strict flag from the caller context. This is quite
weird, but many test-js tests rely on it, so let's preserve it until
we can think of something nicer.
Specifically, instead of using the internal {get, put}_by_index methods
we now use the GetValueFromBuffer and SetValueInBuffer abstract
operations, as required by the specification.
While i was here i also replaced a couple custom detached array buffer
error messages with the existing ErrorType::DetachedArrayBuffer.
This should really be handled at a different layer of the stack, but
this allows us to make progress on the Object rewrite without breaking
strict mode assignment tests.
This code is non-conforming and will eventually get cleaned out once
we implement proper variable bindings. However, this will aid us in
improving other parts of the code right now.
