[ES6] Add Symbol.species properties to the relevant constructors
https://bugs.webkit.org/show_bug.cgi?id=153339
Reviewed by Michael Saboff.
Source/JavaScriptCore:
This patch adds Symbol.species to the RegExp, Array, TypedArray, Map, Set, ArrayBuffer, and
Promise constructors. The functions that use these properties will be added in a later
patch.
* builtins/GlobalObject.js:
(speciesGetter):
* runtime/ArrayConstructor.cpp:
(JSC::ArrayConstructor::finishCreation):
* runtime/ArrayConstructor.h:
(JSC::ArrayConstructor::create):
* runtime/BooleanConstructor.h:
(JSC::BooleanConstructor::create):
* runtime/CommonIdentifiers.h:
* runtime/DateConstructor.h:
(JSC::DateConstructor::create):
* runtime/ErrorConstructor.h:
(JSC::ErrorConstructor::create):
* runtime/JSArrayBufferConstructor.cpp:
(JSC::JSArrayBufferConstructor::finishCreation):
(JSC::JSArrayBufferConstructor::create):
* runtime/JSArrayBufferConstructor.h:
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
* runtime/JSInternalPromiseConstructor.cpp:
(JSC::JSInternalPromiseConstructor::create):
* runtime/JSInternalPromiseConstructor.h:
* runtime/JSPromiseConstructor.cpp:
(JSC::JSPromiseConstructor::create):
(JSC::JSPromiseConstructor::finishCreation):
* runtime/JSPromiseConstructor.h:
* runtime/JSTypedArrayViewConstructor.cpp:
(JSC::JSTypedArrayViewConstructor::finishCreation):
(JSC::JSTypedArrayViewConstructor::create): Deleted.
* runtime/JSTypedArrayViewConstructor.h:
(JSC::JSTypedArrayViewConstructor::create):
* runtime/MapConstructor.cpp:
(JSC::MapConstructor::finishCreation):
* runtime/MapConstructor.h:
(JSC::MapConstructor::create):
* runtime/NumberConstructor.h:
(JSC::NumberConstructor::create):
* runtime/RegExpConstructor.cpp:
(JSC::RegExpConstructor::finishCreation):
* runtime/RegExpConstructor.h:
(JSC::RegExpConstructor::create):
* runtime/SetConstructor.cpp:
(JSC::SetConstructor::finishCreation):
* runtime/SetConstructor.h:
(JSC::SetConstructor::create):
* runtime/StringConstructor.h:
(JSC::StringConstructor::create):
* runtime/SymbolConstructor.h:
(JSC::SymbolConstructor::create):
* runtime/WeakMapConstructor.h:
(JSC::WeakMapConstructor::create):
* runtime/WeakSetConstructor.h:
(JSC::WeakSetConstructor::create):
* tests/stress/symbol-species.js: Added.
(testSymbolSpeciesOnConstructor):
LayoutTests:
Add species to the list of property names on the Symbol object.
* js/Object-getOwnPropertyNames-expected.txt:
* js/script-tests/Object-getOwnPropertyNames.js:
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@195460 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/Source/JavaScriptCore/ChangeLog b/Source/JavaScriptCore/ChangeLog
index ea4cb83..8772b48 100644
--- a/Source/JavaScriptCore/ChangeLog
+++ b/Source/JavaScriptCore/ChangeLog
@@ -1,3 +1,70 @@
+2016-01-22 Keith Miller <keith_miller@apple.com>
+
+ [ES6] Add Symbol.species properties to the relevant constructors
+ https://bugs.webkit.org/show_bug.cgi?id=153339
+
+ Reviewed by Michael Saboff.
+
+ This patch adds Symbol.species to the RegExp, Array, TypedArray, Map, Set, ArrayBuffer, and
+ Promise constructors. The functions that use these properties will be added in a later
+ patch.
+
+ * builtins/GlobalObject.js:
+ (speciesGetter):
+ * runtime/ArrayConstructor.cpp:
+ (JSC::ArrayConstructor::finishCreation):
+ * runtime/ArrayConstructor.h:
+ (JSC::ArrayConstructor::create):
+ * runtime/BooleanConstructor.h:
+ (JSC::BooleanConstructor::create):
+ * runtime/CommonIdentifiers.h:
+ * runtime/DateConstructor.h:
+ (JSC::DateConstructor::create):
+ * runtime/ErrorConstructor.h:
+ (JSC::ErrorConstructor::create):
+ * runtime/JSArrayBufferConstructor.cpp:
+ (JSC::JSArrayBufferConstructor::finishCreation):
+ (JSC::JSArrayBufferConstructor::create):
+ * runtime/JSArrayBufferConstructor.h:
+ * runtime/JSGlobalObject.cpp:
+ (JSC::JSGlobalObject::init):
+ * runtime/JSInternalPromiseConstructor.cpp:
+ (JSC::JSInternalPromiseConstructor::create):
+ * runtime/JSInternalPromiseConstructor.h:
+ * runtime/JSPromiseConstructor.cpp:
+ (JSC::JSPromiseConstructor::create):
+ (JSC::JSPromiseConstructor::finishCreation):
+ * runtime/JSPromiseConstructor.h:
+ * runtime/JSTypedArrayViewConstructor.cpp:
+ (JSC::JSTypedArrayViewConstructor::finishCreation):
+ (JSC::JSTypedArrayViewConstructor::create): Deleted.
+ * runtime/JSTypedArrayViewConstructor.h:
+ (JSC::JSTypedArrayViewConstructor::create):
+ * runtime/MapConstructor.cpp:
+ (JSC::MapConstructor::finishCreation):
+ * runtime/MapConstructor.h:
+ (JSC::MapConstructor::create):
+ * runtime/NumberConstructor.h:
+ (JSC::NumberConstructor::create):
+ * runtime/RegExpConstructor.cpp:
+ (JSC::RegExpConstructor::finishCreation):
+ * runtime/RegExpConstructor.h:
+ (JSC::RegExpConstructor::create):
+ * runtime/SetConstructor.cpp:
+ (JSC::SetConstructor::finishCreation):
+ * runtime/SetConstructor.h:
+ (JSC::SetConstructor::create):
+ * runtime/StringConstructor.h:
+ (JSC::StringConstructor::create):
+ * runtime/SymbolConstructor.h:
+ (JSC::SymbolConstructor::create):
+ * runtime/WeakMapConstructor.h:
+ (JSC::WeakMapConstructor::create):
+ * runtime/WeakSetConstructor.h:
+ (JSC::WeakSetConstructor::create):
+ * tests/stress/symbol-species.js: Added.
+ (testSymbolSpeciesOnConstructor):
+
2016-01-21 Benjamin Poulain <benjamin@webkit.org>
[JSC] The IRC allocator can mess up the degree of Tmps interfering with move-related Tmps
diff --git a/Source/JavaScriptCore/builtins/GlobalObject.js b/Source/JavaScriptCore/builtins/GlobalObject.js
index cf6abb6..ad28e799 100644
--- a/Source/JavaScriptCore/builtins/GlobalObject.js
+++ b/Source/JavaScriptCore/builtins/GlobalObject.js
@@ -64,3 +64,10 @@
return typeof object === "undefined" || object == null || typeof object === "object";
}
+
+// FIXME: this needs to have it's name changed to "get [Symbol.species]".
+// see: https://bugs.webkit.org/show_bug.cgi?id=151363
+function speciesGetter()
+{
+ return this;
+}
diff --git a/Source/JavaScriptCore/runtime/ArrayConstructor.cpp b/Source/JavaScriptCore/runtime/ArrayConstructor.cpp
index 3d3202a..893bf3f 100644
--- a/Source/JavaScriptCore/runtime/ArrayConstructor.cpp
+++ b/Source/JavaScriptCore/runtime/ArrayConstructor.cpp
@@ -29,6 +29,7 @@
#include "CopiedSpaceInlines.h"
#include "Error.h"
#include "ExceptionHelpers.h"
+#include "GetterSetter.h"
#include "JSArray.h"
#include "JSFunction.h"
#include "Lookup.h"
@@ -61,11 +62,12 @@
{
}
-void ArrayConstructor::finishCreation(VM& vm, ArrayPrototype* arrayPrototype)
+void ArrayConstructor::finishCreation(VM& vm, ArrayPrototype* arrayPrototype, GetterSetter* speciesSymbol)
{
Base::finishCreation(vm, arrayPrototype->classInfo()->className);
putDirectWithoutTransition(vm, vm.propertyNames->prototype, arrayPrototype, DontEnum | DontDelete | ReadOnly);
putDirectWithoutTransition(vm, vm.propertyNames->length, jsNumber(1), ReadOnly | DontEnum | DontDelete);
+ putDirectNonIndexAccessor(vm, vm.propertyNames->speciesSymbol, speciesSymbol, Accessor | ReadOnly | DontEnum | DontDelete);
}
bool ArrayConstructor::getOwnPropertySlot(JSObject* object, ExecState* exec, PropertyName propertyName, PropertySlot &slot)
diff --git a/Source/JavaScriptCore/runtime/ArrayConstructor.h b/Source/JavaScriptCore/runtime/ArrayConstructor.h
index 528c50e..5256a52 100644
--- a/Source/JavaScriptCore/runtime/ArrayConstructor.h
+++ b/Source/JavaScriptCore/runtime/ArrayConstructor.h
@@ -28,16 +28,17 @@
class ArrayAllocationProfile;
class ArrayPrototype;
class JSArray;
+class GetterSetter;
class ArrayConstructor : public InternalFunction {
public:
typedef InternalFunction Base;
static const unsigned StructureFlags = OverridesGetOwnPropertySlot | InternalFunction::StructureFlags;
- static ArrayConstructor* create(VM& vm, Structure* structure, ArrayPrototype* arrayPrototype)
+ static ArrayConstructor* create(VM& vm, Structure* structure, ArrayPrototype* arrayPrototype, GetterSetter* speciesSymbol)
{
ArrayConstructor* constructor = new (NotNull, allocateCell<ArrayConstructor>(vm.heap)) ArrayConstructor(vm, structure);
- constructor->finishCreation(vm, arrayPrototype);
+ constructor->finishCreation(vm, arrayPrototype, speciesSymbol);
return constructor;
}
@@ -49,7 +50,7 @@
}
protected:
- void finishCreation(VM&, ArrayPrototype*);
+ void finishCreation(VM&, ArrayPrototype*, GetterSetter* speciesSymbol);
private:
ArrayConstructor(VM&, Structure*);
diff --git a/Source/JavaScriptCore/runtime/BooleanConstructor.h b/Source/JavaScriptCore/runtime/BooleanConstructor.h
index 603da55..e49b9f9 100644
--- a/Source/JavaScriptCore/runtime/BooleanConstructor.h
+++ b/Source/JavaScriptCore/runtime/BooleanConstructor.h
@@ -26,12 +26,13 @@
namespace JSC {
class BooleanPrototype;
+class GetterSetter;
class BooleanConstructor : public InternalFunction {
public:
typedef InternalFunction Base;
- static BooleanConstructor* create(VM& vm, Structure* structure, BooleanPrototype* booleanPrototype)
+ static BooleanConstructor* create(VM& vm, Structure* structure, BooleanPrototype* booleanPrototype, GetterSetter*)
{
BooleanConstructor* constructor = new (NotNull, allocateCell<BooleanConstructor>(vm.heap)) BooleanConstructor(vm, structure);
constructor->finishCreation(vm, booleanPrototype);
diff --git a/Source/JavaScriptCore/runtime/CommonIdentifiers.h b/Source/JavaScriptCore/runtime/CommonIdentifiers.h
index f66533b..841aa0e 100644
--- a/Source/JavaScriptCore/runtime/CommonIdentifiers.h
+++ b/Source/JavaScriptCore/runtime/CommonIdentifiers.h
@@ -268,15 +268,15 @@
macro(match) \
macro(replace) \
macro(search) \
- macro(species) \
macro(split) \
macro(toPrimitive)
#define JSC_COMMON_PRIVATE_IDENTIFIERS_EACH_WELL_KNOWN_SYMBOL(macro) \
macro(hasInstance) \
macro(iterator) \
- macro(unscopables) \
- macro(toStringTag)
+ macro(species) \
+ macro(toStringTag) \
+ macro(unscopables)
#define JSC_COMMON_BYTECODE_INTRINSICS_EACH_NAME(macro) \
macro(assert) \
diff --git a/Source/JavaScriptCore/runtime/DateConstructor.h b/Source/JavaScriptCore/runtime/DateConstructor.h
index 13de37b..4843a69 100644
--- a/Source/JavaScriptCore/runtime/DateConstructor.h
+++ b/Source/JavaScriptCore/runtime/DateConstructor.h
@@ -26,13 +26,14 @@
namespace JSC {
class DatePrototype;
+class GetterSetter;
class DateConstructor : public InternalFunction {
public:
typedef InternalFunction Base;
static const unsigned StructureFlags = Base::StructureFlags | OverridesGetOwnPropertySlot;
- static DateConstructor* create(VM& vm, Structure* structure, DatePrototype* datePrototype)
+ static DateConstructor* create(VM& vm, Structure* structure, DatePrototype* datePrototype, GetterSetter*)
{
DateConstructor* constructor = new (NotNull, allocateCell<DateConstructor>(vm.heap)) DateConstructor(vm, structure);
constructor->finishCreation(vm, datePrototype);
diff --git a/Source/JavaScriptCore/runtime/ErrorConstructor.h b/Source/JavaScriptCore/runtime/ErrorConstructor.h
index b11894d..96dea49 100644
--- a/Source/JavaScriptCore/runtime/ErrorConstructor.h
+++ b/Source/JavaScriptCore/runtime/ErrorConstructor.h
@@ -27,12 +27,13 @@
namespace JSC {
class ErrorPrototype;
+class GetterSetter;
class ErrorConstructor : public InternalFunction {
public:
typedef InternalFunction Base;
- static ErrorConstructor* create(VM& vm, Structure* structure, ErrorPrototype* errorPrototype)
+ static ErrorConstructor* create(VM& vm, Structure* structure, ErrorPrototype* errorPrototype, GetterSetter*)
{
ErrorConstructor* constructor = new (NotNull, allocateCell<ErrorConstructor>(vm.heap)) ErrorConstructor(vm, structure);
constructor->finishCreation(vm, errorPrototype);
diff --git a/Source/JavaScriptCore/runtime/JSArrayBufferConstructor.cpp b/Source/JavaScriptCore/runtime/JSArrayBufferConstructor.cpp
index b76c1de..cffd41a 100644
--- a/Source/JavaScriptCore/runtime/JSArrayBufferConstructor.cpp
+++ b/Source/JavaScriptCore/runtime/JSArrayBufferConstructor.cpp
@@ -28,6 +28,7 @@
#include "Error.h"
#include "ExceptionHelpers.h"
+#include "GetterSetter.h"
#include "JSArrayBuffer.h"
#include "JSArrayBufferPrototype.h"
#include "JSGlobalObject.h"
@@ -47,22 +48,23 @@
{
}
-void JSArrayBufferConstructor::finishCreation(VM& vm, JSArrayBufferPrototype* prototype)
+void JSArrayBufferConstructor::finishCreation(VM& vm, JSArrayBufferPrototype* prototype, GetterSetter* speciesSymbol)
{
Base::finishCreation(vm, ASCIILiteral("ArrayBuffer"));
putDirectWithoutTransition(vm, vm.propertyNames->prototype, prototype, DontEnum | DontDelete | ReadOnly);
putDirectWithoutTransition(vm, vm.propertyNames->length, jsNumber(1), DontEnum | DontDelete | ReadOnly);
+ putDirectNonIndexAccessor(vm, vm.propertyNames->speciesSymbol, speciesSymbol, Accessor | ReadOnly | DontEnum | DontDelete);
JSGlobalObject* globalObject = this->globalObject();
JSC_NATIVE_FUNCTION(vm.propertyNames->isView, arrayBufferFuncIsView, DontEnum, 1);
}
-JSArrayBufferConstructor* JSArrayBufferConstructor::create(VM& vm, Structure* structure, JSArrayBufferPrototype* prototype)
+JSArrayBufferConstructor* JSArrayBufferConstructor::create(VM& vm, Structure* structure, JSArrayBufferPrototype* prototype, GetterSetter* speciesSymbol)
{
JSArrayBufferConstructor* result =
new (NotNull, allocateCell<JSArrayBufferConstructor>(vm.heap))
JSArrayBufferConstructor(vm, structure);
- result->finishCreation(vm, prototype);
+ result->finishCreation(vm, prototype, speciesSymbol);
return result;
}
diff --git a/Source/JavaScriptCore/runtime/JSArrayBufferConstructor.h b/Source/JavaScriptCore/runtime/JSArrayBufferConstructor.h
index b65b523..61ee803 100644
--- a/Source/JavaScriptCore/runtime/JSArrayBufferConstructor.h
+++ b/Source/JavaScriptCore/runtime/JSArrayBufferConstructor.h
@@ -31,6 +31,7 @@
namespace JSC {
class JSArrayBufferPrototype;
+class GetterSetter;
class JSArrayBufferConstructor : public InternalFunction {
public:
@@ -38,10 +39,10 @@
protected:
JSArrayBufferConstructor(VM&, Structure*);
- void finishCreation(VM&, JSArrayBufferPrototype*);
+ void finishCreation(VM&, JSArrayBufferPrototype*, GetterSetter* speciesSymbol);
public:
- static JSArrayBufferConstructor* create(VM&, Structure*, JSArrayBufferPrototype*);
+ static JSArrayBufferConstructor* create(VM&, Structure*, JSArrayBufferPrototype*, GetterSetter* speciesSymbol);
DECLARE_INFO;
diff --git a/Source/JavaScriptCore/runtime/JSGlobalObject.cpp b/Source/JavaScriptCore/runtime/JSGlobalObject.cpp
index b6ba27c..1fb7fd4 100644
--- a/Source/JavaScriptCore/runtime/JSGlobalObject.cpp
+++ b/Source/JavaScriptCore/runtime/JSGlobalObject.cpp
@@ -393,7 +393,10 @@
#undef CREATE_PROTOTYPE_FOR_DERIVED_ITERATOR_TYPE
// Constructors
-
+
+ GetterSetter* speciesGetterSetter = GetterSetter::create(vm, this);
+ speciesGetterSetter->setGetter(vm, this, JSFunction::createBuiltinFunction(vm, globalObjectSpeciesGetterCodeGenerator(vm), this));
+
ObjectConstructor* objectConstructor = ObjectConstructor::create(vm, this, ObjectConstructor::createStructure(vm, this, m_functionPrototype.get()), m_objectPrototype.get());
m_objectConstructor.set(vm, this, objectConstructor);
@@ -401,12 +404,12 @@
m_definePropertyFunction.set(vm, this, definePropertyFunction);
JSCell* functionConstructor = FunctionConstructor::create(vm, FunctionConstructor::createStructure(vm, this, m_functionPrototype.get()), m_functionPrototype.get());
- JSCell* arrayConstructor = ArrayConstructor::create(vm, ArrayConstructor::createStructure(vm, this, m_functionPrototype.get()), m_arrayPrototype.get());
+ JSCell* arrayConstructor = ArrayConstructor::create(vm, ArrayConstructor::createStructure(vm, this, m_functionPrototype.get()), m_arrayPrototype.get(), speciesGetterSetter);
- m_regExpConstructor.set(vm, this, RegExpConstructor::create(vm, RegExpConstructor::createStructure(vm, this, m_functionPrototype.get()), m_regExpPrototype.get()));
+ m_regExpConstructor.set(vm, this, RegExpConstructor::create(vm, RegExpConstructor::createStructure(vm, this, m_functionPrototype.get()), m_regExpPrototype.get(), speciesGetterSetter));
#define CREATE_CONSTRUCTOR_FOR_SIMPLE_TYPE(capitalName, lowerName, properName, instanceType, jsName) \
-capitalName ## Constructor* lowerName ## Constructor = capitalName ## Constructor::create(vm, capitalName ## Constructor::createStructure(vm, this, m_functionPrototype.get()), m_ ## lowerName ## Prototype.get()); \
+capitalName ## Constructor* lowerName ## Constructor = capitalName ## Constructor::create(vm, capitalName ## Constructor::createStructure(vm, this, m_functionPrototype.get()), m_ ## lowerName ## Prototype.get(), speciesGetterSetter); \
m_ ## lowerName ## Prototype->putDirectWithoutTransition(vm, vm.propertyNames->constructor, lowerName ## Constructor, DontEnum); \
FOR_EACH_SIMPLE_BUILTIN_TYPE(CREATE_CONSTRUCTOR_FOR_SIMPLE_TYPE)
@@ -470,7 +473,7 @@
putDirectWithoutTransition(vm, vm.propertyNames->Math, MathObject::create(vm, this, MathObject::createStructure(vm, this, m_objectPrototype.get())), DontEnum);
putDirectWithoutTransition(vm, vm.propertyNames->Reflect, ReflectObject::create(vm, this, ReflectObject::createStructure(vm, this, m_objectPrototype.get())), DontEnum);
- JSTypedArrayViewConstructor* typedArraySuperConstructor = JSTypedArrayViewConstructor::create(vm, this, JSTypedArrayViewConstructor::createStructure(vm, this, m_functionPrototype.get()), typedArrayProto);
+ JSTypedArrayViewConstructor* typedArraySuperConstructor = JSTypedArrayViewConstructor::create(vm, this, JSTypedArrayViewConstructor::createStructure(vm, this, m_functionPrototype.get()), typedArrayProto, speciesGetterSetter);
typedArrayProto->putDirectWithoutTransition(vm, vm.propertyNames->constructor, typedArraySuperConstructor, DontEnum);
std::array<InternalFunction*, NUMBER_OF_TYPED_ARRAY_TYPES> typedArrayConstructors;
diff --git a/Source/JavaScriptCore/runtime/JSInternalPromiseConstructor.cpp b/Source/JavaScriptCore/runtime/JSInternalPromiseConstructor.cpp
index c6b29f1..b8c2984 100644
--- a/Source/JavaScriptCore/runtime/JSInternalPromiseConstructor.cpp
+++ b/Source/JavaScriptCore/runtime/JSInternalPromiseConstructor.cpp
@@ -47,10 +47,10 @@
@end
*/
-JSInternalPromiseConstructor* JSInternalPromiseConstructor::create(VM& vm, Structure* structure, JSInternalPromisePrototype* promisePrototype)
+JSInternalPromiseConstructor* JSInternalPromiseConstructor::create(VM& vm, Structure* structure, JSInternalPromisePrototype* promisePrototype, GetterSetter* speciesSymbol)
{
JSInternalPromiseConstructor* constructor = new (NotNull, allocateCell<JSInternalPromiseConstructor>(vm.heap)) JSInternalPromiseConstructor(vm, structure);
- constructor->finishCreation(vm, promisePrototype);
+ constructor->finishCreation(vm, promisePrototype, speciesSymbol);
return constructor;
}
diff --git a/Source/JavaScriptCore/runtime/JSInternalPromiseConstructor.h b/Source/JavaScriptCore/runtime/JSInternalPromiseConstructor.h
index 5993437..db871be 100644
--- a/Source/JavaScriptCore/runtime/JSInternalPromiseConstructor.h
+++ b/Source/JavaScriptCore/runtime/JSInternalPromiseConstructor.h
@@ -38,7 +38,7 @@
typedef JSPromiseConstructor Base;
static const unsigned StructureFlags = Base::StructureFlags | OverridesGetOwnPropertySlot;
- static JSInternalPromiseConstructor* create(VM&, Structure*, JSInternalPromisePrototype*);
+ static JSInternalPromiseConstructor* create(VM&, Structure*, JSInternalPromisePrototype*, GetterSetter*);
static Structure* createStructure(VM&, JSGlobalObject*, JSValue);
DECLARE_INFO;
diff --git a/Source/JavaScriptCore/runtime/JSPromiseConstructor.cpp b/Source/JavaScriptCore/runtime/JSPromiseConstructor.cpp
index e590a8f..19db844 100644
--- a/Source/JavaScriptCore/runtime/JSPromiseConstructor.cpp
+++ b/Source/JavaScriptCore/runtime/JSPromiseConstructor.cpp
@@ -29,6 +29,7 @@
#include "BuiltinNames.h"
#include "Error.h"
#include "Exception.h"
+#include "GetterSetter.h"
#include "IteratorOperations.h"
#include "JSCBuiltins.h"
#include "JSCJSValueInlines.h"
@@ -61,10 +62,10 @@
@end
*/
-JSPromiseConstructor* JSPromiseConstructor::create(VM& vm, Structure* structure, JSPromisePrototype* promisePrototype)
+JSPromiseConstructor* JSPromiseConstructor::create(VM& vm, Structure* structure, JSPromisePrototype* promisePrototype, GetterSetter* speciesSymbol)
{
JSPromiseConstructor* constructor = new (NotNull, allocateCell<JSPromiseConstructor>(vm.heap)) JSPromiseConstructor(vm, structure);
- constructor->finishCreation(vm, promisePrototype);
+ constructor->finishCreation(vm, promisePrototype, speciesSymbol);
constructor->addOwnInternalSlots(vm, structure->globalObject());
return constructor;
}
@@ -79,11 +80,12 @@
{
}
-void JSPromiseConstructor::finishCreation(VM& vm, JSPromisePrototype* promisePrototype)
+void JSPromiseConstructor::finishCreation(VM& vm, JSPromisePrototype* promisePrototype, GetterSetter* speciesSymbol)
{
Base::finishCreation(vm, ASCIILiteral("Promise"));
putDirectWithoutTransition(vm, vm.propertyNames->prototype, promisePrototype, DontEnum | DontDelete | ReadOnly);
putDirectWithoutTransition(vm, vm.propertyNames->length, jsNumber(1), ReadOnly | DontEnum | DontDelete);
+ putDirectNonIndexAccessor(vm, vm.propertyNames->speciesSymbol, speciesSymbol, Accessor | ReadOnly | DontEnum | DontDelete);
}
void JSPromiseConstructor::addOwnInternalSlots(VM& vm, JSGlobalObject* globalObject)
diff --git a/Source/JavaScriptCore/runtime/JSPromiseConstructor.h b/Source/JavaScriptCore/runtime/JSPromiseConstructor.h
index 3e9c42c..92c1d90 100644
--- a/Source/JavaScriptCore/runtime/JSPromiseConstructor.h
+++ b/Source/JavaScriptCore/runtime/JSPromiseConstructor.h
@@ -32,13 +32,14 @@
class JSPromise;
class JSPromisePrototype;
+class GetterSetter;
class JSPromiseConstructor : public InternalFunction {
public:
typedef InternalFunction Base;
static const unsigned StructureFlags = Base::StructureFlags | OverridesGetOwnPropertySlot;
- static JSPromiseConstructor* create(VM&, Structure*, JSPromisePrototype*);
+ static JSPromiseConstructor* create(VM&, Structure*, JSPromisePrototype*, GetterSetter* speciesSymbol);
static Structure* createStructure(VM&, JSGlobalObject*, JSValue);
DECLARE_INFO;
@@ -47,7 +48,7 @@
protected:
JSPromiseConstructor(VM&, Structure*);
- void finishCreation(VM&, JSPromisePrototype*);
+ void finishCreation(VM&, JSPromisePrototype*, GetterSetter*);
private:
static ConstructType getConstructData(JSCell*, ConstructData&);
diff --git a/Source/JavaScriptCore/runtime/JSTypedArrayViewConstructor.cpp b/Source/JavaScriptCore/runtime/JSTypedArrayViewConstructor.cpp
index 2b2c909..9d972dd 100644
--- a/Source/JavaScriptCore/runtime/JSTypedArrayViewConstructor.cpp
+++ b/Source/JavaScriptCore/runtime/JSTypedArrayViewConstructor.cpp
@@ -28,10 +28,12 @@
#include "CallFrame.h"
#include "Error.h"
+#include "GetterSetter.h"
#include "JSCBuiltins.h"
#include "JSCellInlines.h"
#include "JSGenericTypedArrayViewConstructorInlines.h"
#include "JSObject.h"
+#include "JSTypedArrayViewPrototype.h"
#include "JSTypedArrays.h"
namespace JSC {
@@ -43,25 +45,17 @@
const ClassInfo JSTypedArrayViewConstructor::s_info = { "Function", &Base::s_info, 0, CREATE_METHOD_TABLE(JSTypedArrayViewConstructor) };
-void JSTypedArrayViewConstructor::finishCreation(VM& vm, JSGlobalObject* globalObject, JSObject* prototype)
+void JSTypedArrayViewConstructor::finishCreation(VM& vm, JSGlobalObject* globalObject, JSTypedArrayViewPrototype* prototype, GetterSetter* speciesSymbol)
{
Base::finishCreation(vm, "TypedArray");
putDirectWithoutTransition(vm, vm.propertyNames->prototype, prototype, DontEnum | DontDelete | ReadOnly);
putDirectWithoutTransition(vm, vm.propertyNames->length, jsNumber(3), DontEnum | DontDelete | ReadOnly);
+ putDirectNonIndexAccessor(vm, vm.propertyNames->speciesSymbol, speciesSymbol, Accessor | ReadOnly | DontEnum | DontDelete);
JSC_BUILTIN_FUNCTION(vm.propertyNames->of, typedArrayConstructorOfCodeGenerator, DontEnum);
JSC_BUILTIN_FUNCTION(vm.propertyNames->from, typedArrayConstructorFromCodeGenerator, DontEnum);
}
-JSTypedArrayViewConstructor* JSTypedArrayViewConstructor::create(
- VM& vm, JSGlobalObject* globalObject, Structure* structure,
- JSObject* prototype)
-{
- JSTypedArrayViewConstructor* result = new (NotNull, allocateCell<JSTypedArrayViewConstructor>(vm.heap)) JSTypedArrayViewConstructor(vm, structure);
- result->finishCreation(vm, globalObject, prototype);
- return result;
-}
-
Structure* JSTypedArrayViewConstructor::createStructure(
VM& vm, JSGlobalObject* globalObject, JSValue prototype)
{
diff --git a/Source/JavaScriptCore/runtime/JSTypedArrayViewConstructor.h b/Source/JavaScriptCore/runtime/JSTypedArrayViewConstructor.h
index a8a6729..259f6ee 100644
--- a/Source/JavaScriptCore/runtime/JSTypedArrayViewConstructor.h
+++ b/Source/JavaScriptCore/runtime/JSTypedArrayViewConstructor.h
@@ -30,16 +30,24 @@
namespace JSC {
+class JSTypedArrayViewPrototype;
+class GetterSetter;
+
class JSTypedArrayViewConstructor : public InternalFunction {
public:
typedef InternalFunction Base;
protected:
JSTypedArrayViewConstructor(VM&, Structure*);
- void finishCreation(VM&, JSGlobalObject*, JSObject* prototype);
+ void finishCreation(VM&, JSGlobalObject*, JSTypedArrayViewPrototype*, GetterSetter* speciesSymbol);
public:
- static JSTypedArrayViewConstructor* create(VM&, JSGlobalObject*, Structure*, JSObject* prototype);
+ static JSTypedArrayViewConstructor* create(VM& vm, JSGlobalObject* globalObject, Structure* structure, JSTypedArrayViewPrototype* prototype, GetterSetter* speciesSymbol)
+ {
+ JSTypedArrayViewConstructor* result = new (NotNull, allocateCell<JSTypedArrayViewConstructor>(vm.heap)) JSTypedArrayViewConstructor(vm, structure);
+ result->finishCreation(vm, globalObject, prototype, speciesSymbol);
+ return result;
+ }
DECLARE_INFO;
diff --git a/Source/JavaScriptCore/runtime/MapConstructor.cpp b/Source/JavaScriptCore/runtime/MapConstructor.cpp
index efa9a43..810517a 100644
--- a/Source/JavaScriptCore/runtime/MapConstructor.cpp
+++ b/Source/JavaScriptCore/runtime/MapConstructor.cpp
@@ -27,6 +27,7 @@
#include "MapConstructor.h"
#include "Error.h"
+#include "GetterSetter.h"
#include "IteratorOperations.h"
#include "JSCJSValueInlines.h"
#include "JSCellInlines.h"
@@ -39,11 +40,12 @@
const ClassInfo MapConstructor::s_info = { "Function", &Base::s_info, 0, CREATE_METHOD_TABLE(MapConstructor) };
-void MapConstructor::finishCreation(VM& vm, MapPrototype* mapPrototype)
+void MapConstructor::finishCreation(VM& vm, MapPrototype* mapPrototype, GetterSetter* speciesSymbol)
{
Base::finishCreation(vm, mapPrototype->classInfo()->className);
putDirectWithoutTransition(vm, vm.propertyNames->prototype, mapPrototype, DontEnum | DontDelete | ReadOnly);
putDirectWithoutTransition(vm, vm.propertyNames->length, jsNumber(0), ReadOnly | DontEnum | DontDelete);
+ putDirectNonIndexAccessor(vm, vm.propertyNames->speciesSymbol, speciesSymbol, Accessor | ReadOnly | DontEnum | DontDelete);
}
static EncodedJSValue JSC_HOST_CALL callMap(ExecState* exec)
diff --git a/Source/JavaScriptCore/runtime/MapConstructor.h b/Source/JavaScriptCore/runtime/MapConstructor.h
index 1a85de5..0462d74 100644
--- a/Source/JavaScriptCore/runtime/MapConstructor.h
+++ b/Source/JavaScriptCore/runtime/MapConstructor.h
@@ -31,15 +31,16 @@
namespace JSC {
class MapPrototype;
+class GetterSetter;
class MapConstructor : public InternalFunction {
public:
typedef InternalFunction Base;
- static MapConstructor* create(VM& vm, Structure* structure, MapPrototype* mapPrototype)
+ static MapConstructor* create(VM& vm, Structure* structure, MapPrototype* mapPrototype, GetterSetter* speciesSymbol)
{
MapConstructor* constructor = new (NotNull, allocateCell<MapConstructor>(vm.heap)) MapConstructor(vm, structure);
- constructor->finishCreation(vm, mapPrototype);
+ constructor->finishCreation(vm, mapPrototype, speciesSymbol);
return constructor;
}
@@ -55,7 +56,7 @@
: Base(vm, structure)
{
}
- void finishCreation(VM&, MapPrototype*);
+ void finishCreation(VM&, MapPrototype*, GetterSetter* speciesSymbol);
static ConstructType getConstructData(JSCell*, ConstructData&);
static CallType getCallData(JSCell*, CallData&);
};
diff --git a/Source/JavaScriptCore/runtime/NumberConstructor.h b/Source/JavaScriptCore/runtime/NumberConstructor.h
index 8b4ad41..9f444eb 100644
--- a/Source/JavaScriptCore/runtime/NumberConstructor.h
+++ b/Source/JavaScriptCore/runtime/NumberConstructor.h
@@ -26,13 +26,14 @@
namespace JSC {
class NumberPrototype;
+class GetterSetter;
class NumberConstructor : public InternalFunction {
public:
typedef InternalFunction Base;
static const unsigned StructureFlags = Base::StructureFlags | OverridesGetOwnPropertySlot | ImplementsHasInstance | ImplementsDefaultHasInstance;
- static NumberConstructor* create(VM& vm, Structure* structure, NumberPrototype* numberPrototype)
+ static NumberConstructor* create(VM& vm, Structure* structure, NumberPrototype* numberPrototype, GetterSetter*)
{
NumberConstructor* constructor = new (NotNull, allocateCell<NumberConstructor>(vm.heap)) NumberConstructor(vm, structure);
constructor->finishCreation(vm, numberPrototype);
diff --git a/Source/JavaScriptCore/runtime/RegExpConstructor.cpp b/Source/JavaScriptCore/runtime/RegExpConstructor.cpp
index 589e756..054b380 100644
--- a/Source/JavaScriptCore/runtime/RegExpConstructor.cpp
+++ b/Source/JavaScriptCore/runtime/RegExpConstructor.cpp
@@ -23,6 +23,7 @@
#include "RegExpConstructor.h"
#include "Error.h"
+#include "GetterSetter.h"
#include "JSCInlines.h"
#include "RegExpMatchesArray.h"
#include "RegExpPrototype.h"
@@ -90,7 +91,7 @@
{
}
-void RegExpConstructor::finishCreation(VM& vm, RegExpPrototype* regExpPrototype)
+void RegExpConstructor::finishCreation(VM& vm, RegExpPrototype* regExpPrototype, GetterSetter* speciesSymbol)
{
Base::finishCreation(vm, regExpPrototype->classInfo()->className);
ASSERT(inherits(info()));
@@ -100,6 +101,8 @@
// no. of arguments for constructor
putDirectWithoutTransition(vm, vm.propertyNames->length, jsNumber(2), ReadOnly | DontDelete | DontEnum);
+
+ putDirectNonIndexAccessor(vm, vm.propertyNames->speciesSymbol, speciesSymbol, Accessor | ReadOnly | DontEnum | DontDelete);
}
void RegExpConstructor::destroy(JSCell* cell)
diff --git a/Source/JavaScriptCore/runtime/RegExpConstructor.h b/Source/JavaScriptCore/runtime/RegExpConstructor.h
index 7e2813d..7f253ca 100644
--- a/Source/JavaScriptCore/runtime/RegExpConstructor.h
+++ b/Source/JavaScriptCore/runtime/RegExpConstructor.h
@@ -29,16 +29,17 @@
namespace JSC {
class RegExpPrototype;
+class GetterSetter;
class RegExpConstructor : public InternalFunction {
public:
typedef InternalFunction Base;
static const unsigned StructureFlags = Base::StructureFlags | OverridesGetOwnPropertySlot;
- static RegExpConstructor* create(VM& vm, Structure* structure, RegExpPrototype* regExpPrototype)
+ static RegExpConstructor* create(VM& vm, Structure* structure, RegExpPrototype* regExpPrototype, GetterSetter* species)
{
RegExpConstructor* constructor = new (NotNull, allocateCell<RegExpConstructor>(vm.heap)) RegExpConstructor(vm, structure, regExpPrototype);
- constructor->finishCreation(vm, regExpPrototype);
+ constructor->finishCreation(vm, regExpPrototype, species);
return constructor;
}
@@ -68,7 +69,7 @@
static void visitChildren(JSCell*, SlotVisitor&);
protected:
- void finishCreation(VM&, RegExpPrototype*);
+ void finishCreation(VM&, RegExpPrototype*, GetterSetter* species);
private:
RegExpConstructor(VM&, Structure*, RegExpPrototype*);
diff --git a/Source/JavaScriptCore/runtime/SetConstructor.cpp b/Source/JavaScriptCore/runtime/SetConstructor.cpp
index 070060f..313cb07 100644
--- a/Source/JavaScriptCore/runtime/SetConstructor.cpp
+++ b/Source/JavaScriptCore/runtime/SetConstructor.cpp
@@ -27,6 +27,7 @@
#include "SetConstructor.h"
#include "Error.h"
+#include "GetterSetter.h"
#include "IteratorOperations.h"
#include "JSCJSValueInlines.h"
#include "JSCellInlines.h"
@@ -40,11 +41,12 @@
const ClassInfo SetConstructor::s_info = { "Function", &Base::s_info, 0, CREATE_METHOD_TABLE(SetConstructor) };
-void SetConstructor::finishCreation(VM& vm, SetPrototype* setPrototype)
+void SetConstructor::finishCreation(VM& vm, SetPrototype* setPrototype, GetterSetter* speciesSymbol)
{
Base::finishCreation(vm, setPrototype->classInfo()->className);
putDirectWithoutTransition(vm, vm.propertyNames->prototype, setPrototype, DontEnum | DontDelete | ReadOnly);
putDirectWithoutTransition(vm, vm.propertyNames->length, jsNumber(0), ReadOnly | DontEnum | DontDelete);
+ putDirectNonIndexAccessor(vm, vm.propertyNames->speciesSymbol, speciesSymbol, Accessor | ReadOnly | DontEnum | DontDelete);
}
static EncodedJSValue JSC_HOST_CALL callSet(ExecState* exec)
diff --git a/Source/JavaScriptCore/runtime/SetConstructor.h b/Source/JavaScriptCore/runtime/SetConstructor.h
index efbd88b..42fe3ee 100644
--- a/Source/JavaScriptCore/runtime/SetConstructor.h
+++ b/Source/JavaScriptCore/runtime/SetConstructor.h
@@ -31,15 +31,16 @@
namespace JSC {
class SetPrototype;
+class GetterSetter;
class SetConstructor : public InternalFunction {
public:
typedef InternalFunction Base;
- static SetConstructor* create(VM& vm, Structure* structure, SetPrototype* setPrototype)
+ static SetConstructor* create(VM& vm, Structure* structure, SetPrototype* setPrototype, GetterSetter* speciesSymbol)
{
SetConstructor* constructor = new (NotNull, allocateCell<SetConstructor>(vm.heap)) SetConstructor(vm, structure);
- constructor->finishCreation(vm, setPrototype);
+ constructor->finishCreation(vm, setPrototype, speciesSymbol);
return constructor;
}
@@ -55,7 +56,7 @@
: Base(vm, structure)
{
}
- void finishCreation(VM&, SetPrototype*);
+ void finishCreation(VM&, SetPrototype*, GetterSetter* speciesSymbol);
static ConstructType getConstructData(JSCell*, ConstructData&);
static CallType getCallData(JSCell*, CallData&);
};
diff --git a/Source/JavaScriptCore/runtime/StringConstructor.h b/Source/JavaScriptCore/runtime/StringConstructor.h
index 357511a..15083bf 100644
--- a/Source/JavaScriptCore/runtime/StringConstructor.h
+++ b/Source/JavaScriptCore/runtime/StringConstructor.h
@@ -26,13 +26,14 @@
namespace JSC {
class StringPrototype;
+class GetterSetter;
class StringConstructor : public InternalFunction {
public:
typedef InternalFunction Base;
static const unsigned StructureFlags = Base::StructureFlags | OverridesGetOwnPropertySlot;
- static StringConstructor* create(VM& vm, Structure* structure, StringPrototype* stringPrototype)
+ static StringConstructor* create(VM& vm, Structure* structure, StringPrototype* stringPrototype, GetterSetter*)
{
StringConstructor* constructor = new (NotNull, allocateCell<StringConstructor>(vm.heap)) StringConstructor(vm, structure);
constructor->finishCreation(vm, stringPrototype);
diff --git a/Source/JavaScriptCore/runtime/SymbolConstructor.h b/Source/JavaScriptCore/runtime/SymbolConstructor.h
index 344a978..73aec08 100644
--- a/Source/JavaScriptCore/runtime/SymbolConstructor.h
+++ b/Source/JavaScriptCore/runtime/SymbolConstructor.h
@@ -33,13 +33,14 @@
namespace JSC {
class SymbolPrototype;
+class GetterSetter;
class SymbolConstructor : public InternalFunction {
public:
typedef InternalFunction Base;
static const unsigned StructureFlags = OverridesGetOwnPropertySlot | Base::StructureFlags;
- static SymbolConstructor* create(VM& vm, Structure* structure, SymbolPrototype* prototype)
+ static SymbolConstructor* create(VM& vm, Structure* structure, SymbolPrototype* prototype, GetterSetter*)
{
SymbolConstructor* constructor = new (NotNull, allocateCell<SymbolConstructor>(vm.heap)) SymbolConstructor(vm, structure);
constructor->finishCreation(vm, prototype);
diff --git a/Source/JavaScriptCore/runtime/WeakMapConstructor.h b/Source/JavaScriptCore/runtime/WeakMapConstructor.h
index 66edbcb..2fc2072 100644
--- a/Source/JavaScriptCore/runtime/WeakMapConstructor.h
+++ b/Source/JavaScriptCore/runtime/WeakMapConstructor.h
@@ -31,12 +31,13 @@
namespace JSC {
class WeakMapPrototype;
+class GetterSetter;
class WeakMapConstructor : public InternalFunction {
public:
typedef InternalFunction Base;
- static WeakMapConstructor* create(VM& vm, Structure* structure, WeakMapPrototype* prototype)
+ static WeakMapConstructor* create(VM& vm, Structure* structure, WeakMapPrototype* prototype, GetterSetter*)
{
WeakMapConstructor* constructor = new (NotNull, allocateCell<WeakMapConstructor>(vm.heap)) WeakMapConstructor(vm, structure);
constructor->finishCreation(vm, prototype);
diff --git a/Source/JavaScriptCore/runtime/WeakSetConstructor.h b/Source/JavaScriptCore/runtime/WeakSetConstructor.h
index 7f6fb6a..d9ef2bd 100644
--- a/Source/JavaScriptCore/runtime/WeakSetConstructor.h
+++ b/Source/JavaScriptCore/runtime/WeakSetConstructor.h
@@ -31,12 +31,13 @@
namespace JSC {
class WeakSetPrototype;
+class GetterSetter;
class WeakSetConstructor : public InternalFunction {
public:
typedef InternalFunction Base;
- static WeakSetConstructor* create(VM& vm, Structure* structure, WeakSetPrototype* prototype)
+ static WeakSetConstructor* create(VM& vm, Structure* structure, WeakSetPrototype* prototype, GetterSetter*)
{
WeakSetConstructor* constructor = new (NotNull, allocateCell<WeakSetConstructor>(vm.heap)) WeakSetConstructor(vm, structure);
constructor->finishCreation(vm, prototype);
diff --git a/Source/JavaScriptCore/tests/stress/symbol-species.js b/Source/JavaScriptCore/tests/stress/symbol-species.js
new file mode 100644
index 0000000..8fc4ae1
--- /dev/null
+++ b/Source/JavaScriptCore/tests/stress/symbol-species.js
@@ -0,0 +1,18 @@
+speciesConstructors = [RegExp, Array, Int32Array.__proto__, Map, Set, ArrayBuffer, Promise];
+
+function testSymbolSpeciesOnConstructor(constructor) {
+ if (constructor[Symbol.species] !== constructor)
+ throw "Symbol.species should return the constructor for " + constructor.name;
+ constructor[Symbol.species] = true;
+ if (constructor[Symbol.species] !== constructor)
+ throw "Symbol.species was mutable " + constructor.name;
+ try {
+ Object.defineProperty(constructor, Symbol.species, { value: true });
+ } catch(e) {
+ return;
+ }
+ throw "Symbol.species was configurable " + constructor.name;
+}
+
+
+speciesConstructors.forEach(testSymbolSpeciesOnConstructor);
