Changeset 127698 in webkit

Timestamp:

Sep 5, 2012 11:17:59 PM (12 years ago)

Author:

ggaren@apple.com

Message:

Named functions should not allocate scope objects for their names
​https://bugs.webkit.org/show_bug.cgi?id=95659

Reviewed by Oliver Hunt.

Source/JavaScriptCore:

In most cases, we can merge a function expression's name into its symbol
table. This reduces memory footprint per closure from three objects
(function + activation + name scope) to two (function + activation),
speeds up closure allocation, and speeds up recursive calls.

In the case of a named function expression that contains a non-strict
eval, the rules are so bat-poop crazy that I don't know how to model
them without an extra object. Since functions now default to not having
such an object, this case needs to allocate the object on function
entry.

Therefore, this patch makes the slow case a bit slower so the fast case
can be faster and more memory-efficient. (Note that the slow case already
allocates an activation on entry, and until recently also allocated a
scope chain node on entry, so adding one allocation on entry shouldn't
break the bank.)

• bytecode/CodeBlock.cpp:

(JSC::CodeBlock::CodeBlock): Caught a missed initializer. No behavior change.

• bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::BytecodeGenerator): Put the callee in static scope
during compilation so it doesn't need to be in dynamic scope at runtime.

(JSC::BytecodeGenerator::resolveCallee):
(JSC::BytecodeGenerator::addCallee): Helper functions for either statically
resolving the callee or adding a dynamic scope that will resolve to it,
depending on whether you're in the fast path.

We move the callee into a var location if it's captured because activations
prefer to have contiguous ranges of captured variables.

• bytecompiler/BytecodeGenerator.h:

(JSC::BytecodeGenerator::registerFor):
(BytecodeGenerator):

• dfg/DFGOperations.cpp:
• interpreter/Interpreter.cpp:

(JSC::Interpreter::privateExecute):

• jit/JITStubs.cpp:

(JSC::DEFINE_STUB_FUNCTION):

• llint/LLIntSlowPaths.cpp:

(JSC::LLInt::LLINT_SLOW_PATH_DECL): This is the point of the patch: remove
one allocation in the case of a named function expression.

• parser/Parser.cpp:

(JSC::::Parser):

• parser/Parser.h:

(JSC::Scope::declareCallee):
(Scope):
(Parser):
(JSC::parse):

• runtime/Executable.cpp:

(JSC::EvalExecutable::compileInternal):
(JSC::ProgramExecutable::checkSyntax):
(JSC::ProgramExecutable::compileInternal):
(JSC::FunctionExecutable::produceCodeBlockFor):
(JSC::FunctionExecutable::fromGlobalCode): Pipe the callee's name through
the parser so we get accurate information on whether the callee was captured.

(JSC::FunctionExecutable::FunctionExecutable):
(JSC::EvalExecutable::compileInternal):
(JSC::ProgramExecutable::checkSyntax):
(JSC::ProgramExecutable::compileInternal):
(JSC::FunctionExecutable::produceCodeBlockFor):
(JSC::FunctionExecutable::fromGlobalCode):

• runtime/Executable.h:

(JSC::FunctionExecutable::create):
(FunctionExecutable):
(JSC::FunctionExecutable::finishCreation): I had to refactor function
creation to support the following function constructor quirk: the function
gets a name, but its name is not in lexical scope.

To simplify this, FunctionExecutable now automatically extracts all the
data it needs from the parsed node. The special "fromGlobalCode" path
used by the function constructor creates an anonymous function, and then
quirkily sets the value used by the .name property to be non-null, even
though the parsed name is null.

• runtime/JSNameScope.h:

(JSC::JSNameScope::create):
(JSC::JSNameScope::JSNameScope): Added support for explicitly specifying
your container scope. The compiler uses this for named function expressions.

LayoutTests:

Added coverage for some extra-tricky cases.

• fast/js/named-function-expression-expected.txt:
• fast/js/script-tests/named-function-expression.js:

(shouldBeTrueWithDescription): I rolled my own shouldBeTrue() here to avoid the
built-in shouldBe()'s eval scoping, which can change the variable
resolution rules I'm trying to test.

• inspector/debugger/debugger-expand-scope-expected.txt: Not sure why this

result used to miss the function name scope, but the new result is a
progression, so I've updated the expected results.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/fast/js/named-function-expression-expected.txt (modified) (2 diffs)
• LayoutTests/fast/js/script-tests/named-function-expression.js (modified) (2 diffs)
• LayoutTests/inspector/debugger/debugger-expand-scope-expected.txt (modified) (1 diff)
• Source/JavaScriptCore/ChangeLog (modified) (1 diff)
• Source/JavaScriptCore/bytecode/CodeBlock.cpp (modified) (1 diff)
• Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp (modified) (11 diffs)
• Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h (modified) (4 diffs)
• Source/JavaScriptCore/dfg/DFGOperations.cpp (modified) (2 diffs)
• Source/JavaScriptCore/interpreter/Interpreter.cpp (modified) (2 diffs)
• Source/JavaScriptCore/jit/JITStubs.cpp (modified) (2 diffs)
• Source/JavaScriptCore/llint/LLIntSlowPaths.cpp (modified) (2 diffs)
• Source/JavaScriptCore/parser/Parser.cpp (modified) (2 diffs)
• Source/JavaScriptCore/parser/Parser.h (modified) (4 diffs)
• Source/JavaScriptCore/runtime/Executable.cpp (modified) (8 diffs)
• Source/JavaScriptCore/runtime/Executable.h (modified) (3 diffs)
• Source/JavaScriptCore/runtime/JSNameScope.h (modified) (2 diffs)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2012-09-03  Geoffrey Garen  <ggaren@apple.com>
+
+        Named functions should not allocate scope objects for their names
+        https://bugs.webkit.org/show_bug.cgi?id=95659
+
+        Reviewed by Oliver Hunt.
+
+        Added coverage for some extra-tricky cases.
+
+        * fast/js/named-function-expression-expected.txt:
+        * fast/js/script-tests/named-function-expression.js:
+        (shouldBeTrueWithDescription): I rolled my own shouldBeTrue() here to avoid the
+        built-in shouldBe()'s eval scoping, which can change the variable
+        resolution rules I'm trying to test.
+
+        * inspector/debugger/debugger-expand-scope-expected.txt: Not sure why this
+        result used to miss the function name scope, but the new result is a
+        progression, so I've updated the expected results.
+
 2012-09-05  Csaba Osztrogonác  <ossy@webkit.org>
 

trunk/LayoutTests/fast/js/named-function-expression-expected.txt

@@ -1 @@
-Bug 4698 - kjs does not allow named functions in function expressions.
+Tests variable resolution rules for named function expressions.
 
 On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
@@ -18 +18 @@
 regression test where kjs regarded an anonymous function declaration (which is illegal) as a FunctionExpr
 PASS var hadError = 0; try { eval("function(){ return 2; };"); } catch(e) { hadError = 1; }; hadError; is 1
+
+-----
+
+PASS: (function closure() { return closure == arguments.callee && !this.closure; })() should be true and is.
+PASS: (function closure() { closure = 1; return closure == arguments.callee && !this.closure; })() should be true and is.
+PASS: (function closure(closure) { return closure == 1 && !this.closure; })(1) should be true and is.
+PASS: (function closure() { var closure = 1; return closure == 1 && !this.closure; })() should be true and is.
+PASS: (function closure() { function closure() { }; return closure != arguments.callee && !this.closure; })() should be true and is.
+PASS: (function closure() { return (function() { return closure && !this.closure; })(); })() should be true and is.
+PASS: (function closure() { return (function() { closure = null; return closure && !this.closure; })(); })() should be true and is.
+PASS: (function closure() { return (function() { return closure && !this.closure; }); })()() should be true and is.
+PASS: (function closure() { return (function() { closure = null; return closure && !this.closure; }); })()() should be true and is.
+PASS: (function closure() { eval("var closure"); return closure == undefined && !this.closure; })() should be true and is.
+PASS: (function closure() { eval("function closure() { }"); return closure != arguments.callee && !this.closure; })() should be true and is.
+PASS: (function closure() { eval("var closure;"); closure = 1; return closure == 1 && !this.closure; })() should be true and is.
+PASS: (function closure() { eval("var closure"); delete closure; return closure == arguments.callee && !this.closure; })() should be true and is.
+PASS: (function closure() { eval("function closure() { }"); delete closure; return closure == arguments.callee && !this.closure; })() should be true and is.
+PASS: (function closure() { eval("closure = 1;"); return closure == arguments.callee && !this.closure; })() should be true and is.
 PASS successfullyParsed is true
 

trunk/LayoutTests/fast/js/script-tests/named-function-expression.js

@@ -1 +1 @@
 description(
-"Bug 4698 - kjs does not allow named functions in function expressions."
+"Tests variable resolution rules for named function expressions."
 );
 
@@ -25 +25 @@
 debug("regression test where kjs regarded an anonymous function declaration (which is illegal) as a FunctionExpr");
 shouldBe('var hadError = 0; try { eval("function(){ return 2; };"); } catch(e) { hadError = 1; }; hadError;', "1");
+
+debug("\n-----\n");
+
+function shouldBeTrueWithDescription(x, xDescription)
+{
+        if (x) {
+                debug("PASS: " + xDescription + " should be true and is.");
+                return;
+        }
+
+        debug("FAIL: " + xDescription + " should be true but isn't.");
+}
+
+// Recursion.
+shouldBeTrueWithDescription(
+        (function closure() { return closure == arguments.callee && !this.closure; })(),
+        "(function closure() { return closure == arguments.callee && !this.closure; })()"
+);
+
+// Assignment.
+shouldBeTrueWithDescription(
+        (function closure() { closure = 1; return closure == arguments.callee && !this.closure; })(),
+        "(function closure() { closure = 1; return closure == arguments.callee && !this.closure; })()"
+);
+
+// Function name vs parameter.
+shouldBeTrueWithDescription(
+        (function closure(closure) { return closure == 1 && !this.closure; })(1),
+        "(function closure(closure) { return closure == 1 && !this.closure; })(1)"
+);
+
+// Function name vs var.
+shouldBeTrueWithDescription(
+        (function closure() { var closure = 1; return closure == 1 && !this.closure; })(),
+        "(function closure() { var closure = 1; return closure == 1 && !this.closure; })()"
+);
+
+// Function name vs declared function.
+shouldBeTrueWithDescription(
+        (function closure() { function closure() { }; return closure != arguments.callee && !this.closure; })(),
+        "(function closure() { function closure() { }; return closure != arguments.callee && !this.closure; })()"
+);
+
+// Resolve before tear-off.
+shouldBeTrueWithDescription(
+        (function closure() { return (function() { return closure && !this.closure; })(); })(),
+        "(function closure() { return (function() { return closure && !this.closure; })(); })()"
+);
+
+// Resolve assignment before tear-off.
+shouldBeTrueWithDescription(
+        (function closure() { return (function() { closure = null; return closure && !this.closure; })(); })(),
+        "(function closure() { return (function() { closure = null; return closure && !this.closure; })(); })()"
+);
+
+// Resolve after tear-off.
+shouldBeTrueWithDescription(
+        (function closure() { return (function() { return closure && !this.closure; }); })()(),
+        "(function closure() { return (function() { return closure && !this.closure; }); })()()"
+);
+
+// Resolve assignment after tear-off.
+shouldBeTrueWithDescription(
+        (function closure() { return (function() { closure = null; return closure && !this.closure; }); })()(),
+        "(function closure() { return (function() { closure = null; return closure && !this.closure; }); })()()"
+);
+
+// Eval var shadowing (should overwrite).
+shouldBeTrueWithDescription(
+        (function closure() { eval("var closure"); return closure == undefined && !this.closure; })(),
+        "(function closure() { eval(\"var closure\"); return closure == undefined && !this.closure; })()"
+);
+
+// Eval function shadowing (should overwrite).
+shouldBeTrueWithDescription(
+        (function closure() { eval("function closure() { }"); return closure != arguments.callee && !this.closure; })(),
+        "(function closure() { eval(\"function closure() { }\"); return closure != arguments.callee && !this.closure; })()"
+);
+
+// Eval shadowing (should overwrite), followed by put (should overwrite).
+shouldBeTrueWithDescription(
+        (function closure() { eval("var closure;"); closure = 1; return closure == 1 && !this.closure; })(),
+        "(function closure() { eval(\"var closure;\"); closure = 1; return closure == 1 && !this.closure; })()"
+);
+
+// Eval var shadowing, followed by delete (should not overwrite).
+shouldBeTrueWithDescription(
+        (function closure() { eval("var closure"); delete closure; return closure == arguments.callee && !this.closure; })(),
+        "(function closure() { eval(\"var closure\"); delete closure; return closure == arguments.callee && !this.closure; })()"
+);
+
+// Eval function shadowing, followed by delete (should not overwrite).
+shouldBeTrueWithDescription(
+        (function closure() { eval("function closure() { }"); delete closure; return closure == arguments.callee && !this.closure; })(),
+        "(function closure() { eval(\"function closure() { }\"); delete closure; return closure == arguments.callee && !this.closure; })()"
+);
+
+// Eval assignment (should not overwrite).
+shouldBeTrueWithDescription(
+        (function closure() { eval("closure = 1;"); return closure == arguments.callee && !this.closure; })(),
+        "(function closure() { eval(\"closure = 1;\"); return closure == arguments.callee && !this.closure; })()"
+);

trunk/LayoutTests/inspector/debugger/debugger-expand-scope-expected.txt

@@ -20 +20 @@
     makeClosureLocalVar: "local.TextParam"
     n: "TextParam"
+WindowWith Block
+    makeClosure: function makeClosure(n) {
 WindowGlobal
     <section collapsed>

trunk/Source/JavaScriptCore/ChangeLog

@@ +1 @@
+2012-09-05  Geoffrey Garen  <ggaren@apple.com>
+
+        Named functions should not allocate scope objects for their names
+        https://bugs.webkit.org/show_bug.cgi?id=95659
+
+        Reviewed by Oliver Hunt.
+
+        In most cases, we can merge a function expression's name into its symbol
+        table. This reduces memory footprint per closure from three objects
+        (function + activation + name scope) to two (function + activation),
+        speeds up closure allocation, and speeds up recursive calls.
+
+        In the case of a named function expression that contains a non-strict
+        eval, the rules are so bat-poop crazy that I don't know how to model
+        them without an extra object. Since functions now default to not having
+        such an object, this case needs to allocate the object on function
+        entry.
+
+        Therefore, this patch makes the slow case a bit slower so the fast case
+        can be faster and more memory-efficient. (Note that the slow case already
+        allocates an activation on entry, and until recently also allocated a
+        scope chain node on entry, so adding one allocation on entry shouldn't
+        break the bank.)
+
+        * bytecode/CodeBlock.cpp:
+        (JSC::CodeBlock::CodeBlock): Caught a missed initializer. No behavior change.
+
+        * bytecompiler/BytecodeGenerator.cpp:
+        (JSC::BytecodeGenerator::BytecodeGenerator): Put the callee in static scope
+        during compilation so it doesn't need to be in dynamic scope at runtime.
+
+        (JSC::BytecodeGenerator::resolveCallee):
+        (JSC::BytecodeGenerator::addCallee): Helper functions for either statically
+        resolving the callee or adding a dynamic scope that will resolve to it,
+        depending on whether you're in the fast path.
+
+        We move the callee into a var location if it's captured because activations
+        prefer to have contiguous ranges of captured variables.
+
+        * bytecompiler/BytecodeGenerator.h:
+        (JSC::BytecodeGenerator::registerFor):
+        (BytecodeGenerator):
+
+        * dfg/DFGOperations.cpp:
+        * interpreter/Interpreter.cpp:
+        (JSC::Interpreter::privateExecute):
+        * jit/JITStubs.cpp:
+        (JSC::DEFINE_STUB_FUNCTION):
+        * llint/LLIntSlowPaths.cpp:
+        (JSC::LLInt::LLINT_SLOW_PATH_DECL): This is the point of the patch: remove
+        one allocation in the case of a named function expression.
+
+        * parser/Parser.cpp:
+        (JSC::::Parser):
+        * parser/Parser.h:
+        (JSC::Scope::declareCallee):
+        (Scope):
+        (Parser):
+        (JSC::parse):
+        * runtime/Executable.cpp:
+        (JSC::EvalExecutable::compileInternal):
+        (JSC::ProgramExecutable::checkSyntax):
+        (JSC::ProgramExecutable::compileInternal):
+        (JSC::FunctionExecutable::produceCodeBlockFor):
+        (JSC::FunctionExecutable::fromGlobalCode): Pipe the callee's name through
+        the parser so we get accurate information on whether the callee was captured.
+
+        (JSC::FunctionExecutable::FunctionExecutable):
+        (JSC::EvalExecutable::compileInternal):
+        (JSC::ProgramExecutable::checkSyntax):
+        (JSC::ProgramExecutable::compileInternal):
+        (JSC::FunctionExecutable::produceCodeBlockFor):
+        (JSC::FunctionExecutable::fromGlobalCode):
+        * runtime/Executable.h:
+        (JSC::FunctionExecutable::create):
+        (FunctionExecutable):
+        (JSC::FunctionExecutable::finishCreation): I had to refactor function
+        creation to support the following function constructor quirk: the function
+        gets a name, but its name is not in lexical scope.
+
+        To simplify this, FunctionExecutable now automatically extracts all the
+        data it needs from the parsed node. The special "fromGlobalCode" path
+        used by the function constructor creates an anonymous function, and then
+        quirkily sets the value used by the .name property to be non-null, even
+        though the parsed name is null.
+
+        * runtime/JSNameScope.h:
+        (JSC::JSNameScope::create):
+        (JSC::JSNameScope::JSNameScope): Added support for explicitly specifying
+        your container scope. The compiler uses this for named function expressions.
+
 2012-09-05  Gavin Barraclough  <barraclough@apple.com>
 

trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp

@@ -1753 +1753 @@
     , m_numCalleeRegisters(0)
     , m_numVars(0)
+    , m_numCapturedVars(0)
     , m_isConstructor(isConstructor)
     , m_numParameters(0)

trunk/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp

@@ -34 +34 @@
 #include "BatchedTransitionOptimizer.h"
 #include "Comment.h"
+#include "Interpreter.h"
 #include "JSActivation.h"
 #include "JSFunction.h"
-#include "Interpreter.h"
+#include "JSNameScope.h"
 #include "LowLevelInterpreter.h"
-
 #include "StrongInlines.h"
 #include <wtf/text/WTFString.h>
@@ -325 +325 @@
             globalObject->removeDirect(*m_globalData, function->ident()); // Newly declared functions overwrite existing properties.
         
-        JSValue value = JSFunction::create(exec, makeFunction(exec, function), scope);
+        JSValue value = JSFunction::create(exec, FunctionExecutable::create(*m_globalData, function), scope);
         int index = addGlobalVar(
             function->ident(), IsVariable,
@@ -420 +420 @@
     }
 
+    RegisterID* calleeRegister = resolveCallee(functionBody); // May push to the scope chain and/or add a captured var.
+
     const DeclarationStacks::FunctionStack& functionStack = functionBody->functionStack();
     const DeclarationStacks::VarStack& varStack = functionBody->varStack();
@@ -457 +459 @@
 
     codeBlock->m_numCapturedVars = codeBlock->m_numVars;
+
     m_firstLazyFunction = codeBlock->m_numVars;
     for (size_t i = 0; i < functionStack.size(); ++i) {
@@ -497 +500 @@
 
     preserveLastVar();
+
+    // We declare the callee's name last because it should lose to a var, function, and/or parameter declaration.
+    addCallee(functionBody, calleeRegister);
 
     if (isConstructor()) {
@@ -550 +556 @@
     const DeclarationStacks::FunctionStack& functionStack = evalNode->functionStack();
     for (size_t i = 0; i < functionStack.size(); ++i)
-        m_codeBlock->addFunctionDecl(makeFunction(m_globalData, functionStack[i]));
+        m_codeBlock->addFunctionDecl(FunctionExecutable::create(*m_globalData, functionStack[i]));
 
     const DeclarationStacks::VarStack& varStack = evalNode->varStack();
@@ -573 +579 @@
     instructions().append(reg->index());
     return reg;
+}
+
+RegisterID* BytecodeGenerator::resolveCallee(FunctionBodyNode* functionBodyNode)
+{
+    if (functionBodyNode->ident().isNull())
+        return 0;
+
+    m_calleeRegister.setIndex(RegisterFile::Callee);
+
+    // If non-strict eval is in play, we use a separate object in the scope chain for the callee's name.
+    if ((m_codeBlock->usesEval() && !m_codeBlock->isStrictMode()) || m_shouldEmitDebugHooks) {
+        emitOpcode(op_push_name_scope);
+        instructions().append(addConstant(functionBodyNode->ident()));
+        instructions().append(m_calleeRegister.index());
+        instructions().append(ReadOnly | DontDelete);
+
+        // Put a mirror object in compilation scope, so compile-time variable resolution sees the property name we'll see at runtime.
+        m_scope.set(*globalData(),
+            JSNameScope::create(
+                m_scope->globalObject()->globalExec(),
+                functionBodyNode->ident(),
+                jsUndefined(),
+                ReadOnly | DontDelete,
+                m_scope.get()
+            )
+        );
+        return 0;
+    }
+
+    if (!functionBodyNode->captures(functionBodyNode->ident()))
+        return &m_calleeRegister;
+
+    // Move the callee into the captured section of the stack.
+    return emitMove(addVar(), &m_calleeRegister);
+}
+
+void BytecodeGenerator::addCallee(FunctionBodyNode* functionBodyNode, RegisterID* calleeRegister)
+{
+    if (functionBodyNode->ident().isNull())
+        return;
+
+    // If non-strict eval is in play, we use a separate object in the scope chain for the callee's name.
+    if ((m_codeBlock->usesEval() && !m_codeBlock->isStrictMode()) || m_shouldEmitDebugHooks)
+        return;
+
+    ASSERT(calleeRegister);
+    symbolTable().add(functionBodyNode->ident().impl(), SymbolTableEntry(calleeRegister->index(), ReadOnly));
 }
 
@@ -1831 +1884 @@
 RegisterID* BytecodeGenerator::emitNewFunction(RegisterID* dst, FunctionBodyNode* function)
 {
-    return emitNewFunctionInternal(dst, m_codeBlock->addFunctionDecl(makeFunction(m_globalData, function)), false);
+    return emitNewFunctionInternal(dst, m_codeBlock->addFunctionDecl(FunctionExecutable::create(*m_globalData, function)), false);
 }
 
@@ -1838 +1891 @@
     FunctionOffsetMap::AddResult ptr = m_functionOffsets.add(function, 0);
     if (ptr.isNewEntry)
-        ptr.iterator->second = m_codeBlock->addFunctionDecl(makeFunction(m_globalData, function));
+        ptr.iterator->second = m_codeBlock->addFunctionDecl(FunctionExecutable::create(*m_globalData, function));
     return emitNewFunctionInternal(dst, ptr.iterator->second, true);
 }
@@ -1863 +1916 @@
 {
     FunctionBodyNode* function = n->body();
-    unsigned index = m_codeBlock->addFunctionExpr(makeFunction(m_globalData, function));
+    unsigned index = m_codeBlock->addFunctionExpr(FunctionExecutable::create(*m_globalData, function));
     
     createActivationIfNecessary();
@@ -2600 +2653 @@
         return;
 
-    RefPtr<RegisterID> error = emitLoad(newTemporary(), createTypeError(scope()->globalObject()->globalExec(), StrictModeReadonlyPropertyWriteError));
+    RefPtr<RegisterID> error = emitLoad(newTemporary(), JSValue(createTypeError(scope()->globalObject()->globalExec(), StrictModeReadonlyPropertyWriteError)));
     emitThrow(error.get());
 }

trunk/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h

@@ -618 +618 @@
 
         void addParameter(const Identifier&, int parameterIndex);
-        
+        RegisterID* resolveCallee(FunctionBodyNode*);
+        void addCallee(FunctionBodyNode*, RegisterID*);
+
         void preserveLastVar();
         bool shouldAvoidResolveGlobal();
@@ -626 +628 @@
             if (index >= 0)
                 return m_calleeRegisters[index];
+
+            if (index == RegisterFile::Callee)
+                return m_calleeRegister;
 
             ASSERT(m_parameters.size());
@@ -637 +642 @@
         unsigned addConstantBuffer(unsigned length);
         
-        FunctionExecutable* makeFunction(ExecState* exec, FunctionBodyNode* body)
-        {
-            return FunctionExecutable::create(exec, body->ident(), body->inferredName(), body->source(), body->usesArguments(), body->parameters(), body->isStrictMode(), body->lineNo(), body->lastLine());
-        }
-
-        FunctionExecutable* makeFunction(JSGlobalData* globalData, FunctionBodyNode* body)
-        {
-            return FunctionExecutable::create(*globalData, body->ident(), body->inferredName(), body->source(), body->usesArguments(), body->parameters(), body->isStrictMode(), body->lineNo(), body->lastLine());
-        }
-
         JSString* addStringConstant(const Identifier&);
 
@@ -717 +712 @@
         RegisterID m_ignoredResultRegister;
         RegisterID m_thisRegister;
+        RegisterID m_calleeRegister;
         RegisterID* m_activationRegister;
         SegmentedVector<RegisterID, 32> m_constantPoolRegisters;

trunk/Source/JavaScriptCore/dfg/DFGOperations.cpp

@@ -1244 +1244 @@
     JSGlobalData& globalData = exec->globalData();
     NativeCallFrameTracer tracer(&globalData, exec);
-    return static_cast<FunctionExecutable*>(functionExecutable)->make(exec, exec->scope());
+    return JSFunction::create(exec, static_cast<FunctionExecutable*>(functionExecutable), exec->scope());
 }
 
@@ -1252 +1252 @@
     FunctionExecutable* functionExecutable =
         static_cast<FunctionExecutable*>(functionExecutableAsCell);
-    JSFunction* function = functionExecutable->make(exec, exec->scope());
-    if (!functionExecutable->name().isNull()) {
-        JSNameScope* functionScopeObject =
-            JSNameScope::create(
-                exec, functionExecutable->name(), function, ReadOnly | DontDelete);
-        function->setScope(exec->globalData(), functionScopeObject);
-    }
-    return function;
+    return JSFunction::create(exec, functionExecutable, exec->scope());
 }
 

trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp

@@ -1348 +1348 @@
             FunctionExecutable* function = codeBlock->functionDecl(i);
             PutPropertySlot slot;
-            variableObject->methodTable()->put(variableObject, callFrame, function->name(), function->make(callFrame, scope), slot);
+            variableObject->methodTable()->put(variableObject, callFrame, function->name(), JSFunction::create(callFrame, function, scope), slot);
         }
     }
@@ -4280 +4280 @@
         JSFunction* func = function->make(callFrame, callFrame->scope());
 
-        /* 
-            The Identifier in a FunctionExpression can be referenced from inside
-            the FunctionExpression's FunctionBody to allow the function to call
-            itself recursively. However, unlike in a FunctionDeclaration, the
-            Identifier in a FunctionExpression cannot be referenced from and
-            does not affect the scope enclosing the FunctionExpression.
-         */
-        if (!function->name().isNull()) {
-            JSNameScope* functionScopeObject = JSNameScope::create(callFrame, function->name(), func, ReadOnly | DontDelete);
-            func->setScope(*globalData, functionScopeObject);
-        }
-
         callFrame->uncheckedR(dst) = JSValue(func);
 

trunk/Source/JavaScriptCore/jit/JITStubs.cpp

@@ -2142 +2142 @@
     
     ASSERT(stackFrame.callFrame->codeBlock()->codeType() != FunctionCode || !stackFrame.callFrame->codeBlock()->needsFullScopeChain() || stackFrame.callFrame->uncheckedR(stackFrame.callFrame->codeBlock()->activationRegister()).jsValue());
-    return stackFrame.args[0].function()->make(stackFrame.callFrame, stackFrame.callFrame->scope());
+    return JSFunction::create(stackFrame.callFrame, stackFrame.args[0].function(), stackFrame.callFrame->scope());
 }
 
@@ -2983 +2983 @@
 
     FunctionExecutable* function = stackFrame.args[0].function();
-    JSFunction* func = function->make(callFrame, callFrame->scope());
+    JSFunction* func = JSFunction::create(callFrame, function, callFrame->scope());
     ASSERT(callFrame->codeBlock()->codeType() != FunctionCode || !callFrame->codeBlock()->needsFullScopeChain() || callFrame->uncheckedR(callFrame->codeBlock()->activationRegister()).jsValue());
-
-    /* 
-        The Identifier in a FunctionExpression can be referenced from inside
-        the FunctionExpression's FunctionBody to allow the function to call
-        itself recursively. However, unlike in a FunctionDeclaration, the
-        Identifier in a FunctionExpression cannot be referenced from and
-        does not affect the scope enclosing the FunctionExpression.
-     */
-    if (!function->name().isNull()) {
-        JSNameScope* functionScopeObject = JSNameScope::create(callFrame, function->name(), func, ReadOnly | DontDelete);
-        func->setScope(callFrame->globalData(), functionScopeObject);
-    }
 
     return func;

trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp

@@ -1261 +1261 @@
     dataLog("Creating function!\n");
 #endif
-    LLINT_RETURN(codeBlock->functionDecl(pc[2].u.operand)->make(exec, exec->scope()));
+    LLINT_RETURN(JSFunction::create(exec, codeBlock->functionDecl(pc[2].u.operand), exec->scope()));
 }
 
@@ -1269 +1269 @@
     CodeBlock* codeBlock = exec->codeBlock();
     FunctionExecutable* function = codeBlock->functionExpr(pc[2].u.operand);
-    JSFunction* func = function->make(exec, exec->scope());
-    
-    if (!function->name().isNull()) {
-        JSNameScope* functionScopeObject = JSNameScope::create(exec, function->name(), func, ReadOnly | DontDelete);
-        func->setScope(globalData, functionScopeObject);
-    }
+    JSFunction* func = JSFunction::create(exec, function, exec->scope());
     
     LLINT_RETURN(func);

trunk/Source/JavaScriptCore/parser/Parser.cpp

@@ -41 +41 @@
 
 template <typename LexerType>
-Parser<LexerType>::Parser(JSGlobalData* globalData, const SourceCode& source, FunctionParameters* parameters, JSParserStrictness strictness, JSParserMode parserMode)
+Parser<LexerType>::Parser(JSGlobalData* globalData, const SourceCode& source, FunctionParameters* parameters, const Identifier& name, JSParserStrictness strictness, JSParserMode parserMode)
     : m_globalData(globalData)
     , m_source(&source)
@@ -72 +72 @@
             scope->declareParameter(&parameters->at(i));
     }
+    if (!name.isNull())
+        scope->declareCallee(&name);
     next();
     m_lexer->setLastLineNumber(tokenLine());

trunk/Source/JavaScriptCore/parser/Parser.h

@@ -209 +209 @@
     bool isFunctionBoundary() { return m_isFunctionBoundary; }
 
+    void declareCallee(const Identifier* ident)
+    {
+        m_declaredVariables.add(ident->ustring().impl());
+    }
+
     bool declareVariable(const Identifier* ident)
     {
@@ -383 +388 @@
 
 public:
-    Parser(JSGlobalData*, const SourceCode&, FunctionParameters*, JSParserStrictness, JSParserMode);
+    Parser(JSGlobalData*, const SourceCode&, FunctionParameters*, const Identifier&, JSParserStrictness, JSParserMode);
     ~Parser();
 
@@ -1021 +1026 @@
 
 template <class ParsedNode>
-PassRefPtr<ParsedNode> parse(JSGlobalData* globalData, JSGlobalObject* lexicalGlobalObject, const SourceCode& source, FunctionParameters* parameters, JSParserStrictness strictness, JSParserMode parserMode, Debugger* debugger, ExecState* execState, JSObject** exception)
+PassRefPtr<ParsedNode> parse(JSGlobalData* globalData, JSGlobalObject* lexicalGlobalObject, const SourceCode& source, FunctionParameters* parameters, const Identifier& name, JSParserStrictness strictness, JSParserMode parserMode, Debugger* debugger, ExecState* execState, JSObject** exception)
 {
     SamplingRegion samplingRegion("Parsing");
@@ -1028 +1033 @@
 
     if (source.provider()->data()->is8Bit()) {
-        Parser< Lexer<LChar> > parser(globalData, source, parameters, strictness, parserMode);
+        Parser< Lexer<LChar> > parser(globalData, source, parameters, name, strictness, parserMode);
         return parser.parse<ParsedNode>(lexicalGlobalObject, debugger, execState, exception);
     }
-    Parser< Lexer<UChar> > parser(globalData, source, parameters, strictness, parserMode);
+    Parser< Lexer<UChar> > parser(globalData, source, parameters, name, strictness, parserMode);
     return parser.parse<ParsedNode>(lexicalGlobalObject, debugger, execState, exception);
 }

trunk/Source/JavaScriptCore/runtime/Executable.cpp

@@ -134 +134 @@
 const ClassInfo FunctionExecutable::s_info = { "FunctionExecutable", &ScriptExecutable::s_info, 0, 0, CREATE_METHOD_TABLE(FunctionExecutable) };
 
-FunctionExecutable::FunctionExecutable(JSGlobalData& globalData, const Identifier& name, const Identifier& inferredName, const SourceCode& source, bool forceUsesArguments, FunctionParameters* parameters, bool inStrictContext)
-    : ScriptExecutable(globalData.functionExecutableStructure.get(), globalData, source, inStrictContext)
+FunctionExecutable::FunctionExecutable(JSGlobalData& globalData, FunctionBodyNode* node)
+    : ScriptExecutable(globalData.functionExecutableStructure.get(), globalData, node->source(), node->isStrictMode())
     , m_numCapturedVariables(0)
-    , m_forceUsesArguments(forceUsesArguments)
-    , m_parameters(parameters)
-    , m_name(name)
-    , m_inferredName(inferredName.isNull() ? globalData.propertyNames->emptyIdentifier : inferredName)
-{
-}
-
-FunctionExecutable::FunctionExecutable(ExecState* exec, const Identifier& name, const Identifier& inferredName, const SourceCode& source, bool forceUsesArguments, FunctionParameters* parameters, bool inStrictContext)
-    : ScriptExecutable(exec->globalData().functionExecutableStructure.get(), exec, source, inStrictContext)
-    , m_numCapturedVariables(0)
-    , m_forceUsesArguments(forceUsesArguments)
-    , m_parameters(parameters)
-    , m_name(name)
-    , m_inferredName(inferredName.isNull() ? exec->globalData().propertyNames->emptyIdentifier : inferredName)
-{
+    , m_forceUsesArguments(node->usesArguments())
+    , m_parameters(node->parameters())
+    , m_name(node->ident())
+    , m_inferredName(node->inferredName().isNull() ? globalData.propertyNames->emptyIdentifier : node->inferredName())
+{
+    m_firstLine = node->lineNo();
+    m_lastLine = node->lastLine();
 }
 
@@ -211 +203 @@
         if (!lexicalGlobalObject->evalEnabled())
             return throwError(exec, createEvalError(exec, ASCIILiteral("Eval is disabled")));
-        RefPtr<EvalNode> evalNode = parse<EvalNode>(globalData, lexicalGlobalObject, m_source, 0, isStrictMode() ? JSParseStrict : JSParseNormal, EvalNode::isFunctionNode ? JSParseFunctionCode : JSParseProgramCode, lexicalGlobalObject->debugger(), exec, &exception);
+        RefPtr<EvalNode> evalNode = parse<EvalNode>(globalData, lexicalGlobalObject, m_source, 0, Identifier(), isStrictMode() ? JSParseStrict : JSParseNormal, EvalNode::isFunctionNode ? JSParseFunctionCode : JSParseProgramCode, lexicalGlobalObject->debugger(), exec, &exception);
         if (!evalNode) {
             ASSERT(exception);
@@ -294 +286 @@
     JSGlobalData* globalData = &exec->globalData();
     JSGlobalObject* lexicalGlobalObject = exec->lexicalGlobalObject();
-    RefPtr<ProgramNode> programNode = parse<ProgramNode>(globalData, lexicalGlobalObject, m_source, 0, JSParseNormal, ProgramNode::isFunctionNode ? JSParseFunctionCode : JSParseProgramCode, lexicalGlobalObject->debugger(), exec, &exception);
+    RefPtr<ProgramNode> programNode = parse<ProgramNode>(globalData, lexicalGlobalObject, m_source, 0, Identifier(), JSParseNormal, ProgramNode::isFunctionNode ? JSParseFunctionCode : JSParseProgramCode, lexicalGlobalObject->debugger(), exec, &exception);
     if (programNode)
         return 0;
@@ -336 +328 @@
         m_programCodeBlock = newCodeBlock.release();
     } else {
-        RefPtr<ProgramNode> programNode = parse<ProgramNode>(globalData, lexicalGlobalObject, m_source, 0, isStrictMode() ? JSParseStrict : JSParseNormal, ProgramNode::isFunctionNode ? JSParseFunctionCode : JSParseProgramCode, lexicalGlobalObject->debugger(), exec, &exception);
+        RefPtr<ProgramNode> programNode = parse<ProgramNode>(globalData, lexicalGlobalObject, m_source, 0, Identifier(), isStrictMode() ? JSParseStrict : JSParseNormal, ProgramNode::isFunctionNode ? JSParseFunctionCode : JSParseProgramCode, lexicalGlobalObject->debugger(), exec, &exception);
         if (!programNode) {
             ASSERT(exception);
@@ -479 +471 @@
     JSGlobalData* globalData = scope->globalData();
     JSGlobalObject* globalObject = scope->globalObject();
-    RefPtr<FunctionBodyNode> body = parse<FunctionBodyNode>(globalData, globalObject, m_source, m_parameters.get(), isStrictMode() ? JSParseStrict : JSParseNormal, FunctionBodyNode::isFunctionNode ? JSParseFunctionCode : JSParseProgramCode, 0, 0, &exception);
+    RefPtr<FunctionBodyNode> body = parse<FunctionBodyNode>(
+        globalData,
+        globalObject,
+        m_source,
+        m_parameters.get(),
+        name(),
+        isStrictMode() ? JSParseStrict : JSParseNormal,
+        FunctionBodyNode::isFunctionNode ? JSParseFunctionCode : JSParseProgramCode,
+        0,
+        0,
+        &exception
+    );
 
     if (!body) {
@@ -648 +651 @@
 }
 
-FunctionExecutable* FunctionExecutable::fromGlobalCode(const Identifier& functionName, ExecState* exec, Debugger* debugger, const SourceCode& source, JSObject** exception)
+FunctionExecutable* FunctionExecutable::fromGlobalCode(const Identifier& name, ExecState* exec, Debugger* debugger, const SourceCode& source, JSObject** exception)
 {
     JSGlobalObject* lexicalGlobalObject = exec->lexicalGlobalObject();
-    RefPtr<ProgramNode> program = parse<ProgramNode>(&exec->globalData(), lexicalGlobalObject, source, 0, JSParseNormal, ProgramNode::isFunctionNode ? JSParseFunctionCode : JSParseProgramCode, debugger, exec, exception);
+    RefPtr<ProgramNode> program = parse<ProgramNode>(&exec->globalData(), lexicalGlobalObject, source, 0, Identifier(), JSParseNormal, ProgramNode::isFunctionNode ? JSParseFunctionCode : JSParseProgramCode, debugger, exec, exception);
     if (!program) {
         ASSERT(*exception);
@@ -657 +660 @@
     }
 
-    // Uses of this function that would not result in a single function expression are invalid.
+    // This function assumes an input string that would result in a single anonymous function expression.
     StatementNode* exprStatement = program->singleStatement();
     ASSERT(exprStatement);
@@ -666 +669 @@
     FunctionBodyNode* body = static_cast<FuncExprNode*>(funcExpr)->body();
     ASSERT(body);
-
-    return FunctionExecutable::create(exec->globalData(), functionName, functionName, body->source(), body->usesArguments(), body->parameters(), body->isStrictMode(), body->lineNo(), body->lastLine());
+    ASSERT(body->ident().isNull());
+
+    FunctionExecutable* functionExecutable = FunctionExecutable::create(exec->globalData(), body);
+    functionExecutable->m_nameValue.set(exec->globalData(), functionExecutable, jsString(&exec->globalData(), name.ustring()));
+    return functionExecutable;
 }
 

trunk/Source/JavaScriptCore/runtime/Executable.h

@@ -540 +540 @@
         typedef ScriptExecutable Base;
 
-        static FunctionExecutable* create(ExecState* exec, const Identifier& name, const Identifier& inferredName, const SourceCode& source, bool forceUsesArguments, FunctionParameters* parameters, bool isInStrictContext, int firstLine, int lastLine)
-        {
-            FunctionExecutable* executable = new (NotNull, allocateCell<FunctionExecutable>(*exec->heap())) FunctionExecutable(exec, name, inferredName, source, forceUsesArguments, parameters, isInStrictContext);
-            executable->finishCreation(exec->globalData(), name, firstLine, lastLine);
+        static FunctionExecutable* create(JSGlobalData& globalData, FunctionBodyNode* node)
+        {
+            FunctionExecutable* executable = new (NotNull, allocateCell<FunctionExecutable>(globalData.heap)) FunctionExecutable(globalData, node);
+            executable->finishCreation(globalData);
             return executable;
         }
-
-        static FunctionExecutable* create(JSGlobalData& globalData, const Identifier& name, const Identifier& inferredName, const SourceCode& source, bool forceUsesArguments, FunctionParameters* parameters, bool isInStrictContext, int firstLine, int lastLine)
-        {
-            FunctionExecutable* executable = new (NotNull, allocateCell<FunctionExecutable>(globalData.heap)) FunctionExecutable(globalData, name, inferredName, source, forceUsesArguments, parameters, isInStrictContext);
-            executable->finishCreation(globalData, name, firstLine, lastLine);
-            return executable;
-        }
+        static FunctionExecutable* fromGlobalCode(const Identifier& name, ExecState*, Debugger*, const SourceCode&, JSObject** exception);
 
         static void destroy(JSCell*);
 
-        JSFunction* make(ExecState* exec, JSScope* scope)
-        {
-            return JSFunction::create(exec, this, scope);
-        }
-        
         // Returns either call or construct bytecode. This can be appropriate
         // for answering questions that that don't vary between call and construct --
@@ -709 +698 @@
         void clearCodeIfNotCompiling();
         static void visitChildren(JSCell*, SlotVisitor&);
-        static FunctionExecutable* fromGlobalCode(const Identifier&, ExecState*, Debugger*, const SourceCode&, JSObject** exception);
         static Structure* createStructure(JSGlobalData& globalData, JSGlobalObject* globalObject, JSValue proto)
         {
@@ -722 +710 @@
 
     protected:
-        void finishCreation(JSGlobalData& globalData, const Identifier& name, int firstLine, int lastLine)
+        void finishCreation(JSGlobalData& globalData)
         {
             Base::finishCreation(globalData);
-            m_firstLine = firstLine;
-            m_lastLine = lastLine;
-            m_nameValue.set(globalData, this, jsString(&globalData, name.ustring()));
+            m_nameValue.set(globalData, this, jsString(&globalData, name().ustring()));
         }
 
     private:
-        FunctionExecutable(JSGlobalData&, const Identifier& name, const Identifier& inferredName, const SourceCode&, bool forceUsesArguments, FunctionParameters*, bool);
-        FunctionExecutable(ExecState*, const Identifier& name, const Identifier& inferredName, const SourceCode&, bool forceUsesArguments, FunctionParameters*, bool);
+        FunctionExecutable(JSGlobalData&, FunctionBodyNode*);
 
         JSObject* compileForCallInternal(ExecState*, JSScope*, JITCode::JITType, unsigned bytecodeIndex = UINT_MAX);

trunk/Source/JavaScriptCore/runtime/JSNameScope.h

@@ -39 +39 @@
     static JSNameScope* create(ExecState* exec, const Identifier& identifier, JSValue value, unsigned attributes)
     {
-        JSNameScope* scopeObject = new (NotNull, allocateCell<JSNameScope>(*exec->heap())) JSNameScope(exec);
+        JSNameScope* scopeObject = new (NotNull, allocateCell<JSNameScope>(*exec->heap())) JSNameScope(exec, exec->scope());
+        scopeObject->finishCreation(exec, identifier, value, attributes);
+        return scopeObject;
+    }
+
+    static JSNameScope* create(ExecState* exec, const Identifier& identifier, JSValue value, unsigned attributes, JSScope* next)
+    {
+        JSNameScope* scopeObject = new (NotNull, allocateCell<JSNameScope>(*exec->heap())) JSNameScope(exec, next);
         scopeObject->finishCreation(exec, identifier, value, attributes);
         return scopeObject;
@@ -65 +72 @@
 
 private:
-    JSNameScope(ExecState* exec)
+    JSNameScope(ExecState* exec, JSScope* next)
         : Base(
             exec->globalData(),
             exec->lexicalGlobalObject()->nameScopeStructure(),
             reinterpret_cast<Register*>(&m_registerStore + 1),
-            exec->scope()
+            next
         )
     {