Fix function.length and boundFunction.length

Author: rhuanjl

lib/Runtime/Library/BoundFunction.cpp

@@ -309,17 +309,15 @@ namespace Js
 
     PropertyQueryFlags BoundFunction::HasPropertyQuery(PropertyId propertyId, _Inout_opt_ PropertyValueInfo* info)
     {
-        if (propertyId == PropertyIds::length)
-        {
-            return PropertyQueryFlags::Property_Found;
-        }
+        EnsureLength();
 
         return JavascriptFunction::HasPropertyQuery(propertyId, info);
     }
 
     PropertyQueryFlags BoundFunction::GetPropertyQuery(Var originalInstance, PropertyId propertyId, Var* value, PropertyValueInfo* info, ScriptContext* requestContext)
     {
         BOOL result;
+        EnsureLength();
         if (GetPropertyBuiltIns(originalInstance, propertyId, value, info, requestContext, &result))
         {
             return JavascriptConversion::BooleanToPropertyQueryFlags(result);
@@ -332,6 +330,7 @@ namespace Js
     {
         BOOL result;
         PropertyRecord const* propertyRecord;
+        EnsureLength();
         this->GetScriptContext()->FindPropertyRecord(propertyNameString, &propertyRecord);
 
         if (propertyRecord != nullptr && GetPropertyBuiltIns(originalInstance, propertyRecord->GetPropertyId(), value, info, requestContext, &result))
@@ -344,23 +343,13 @@ namespace Js
 
     bool BoundFunction::GetPropertyBuiltIns(Var originalInstance, PropertyId propertyId, Var* value, PropertyValueInfo* info, ScriptContext* requestContext, BOOL* result)
     {
-        if (propertyId == PropertyIds::length)
+        if (!EnsureLength() && propertyId == PropertyIds::length)
         {
             // Get the "length" property of the underlying target function
-            int len = 0;
-            Var varLength;
-            if (targetFunction->GetProperty(targetFunction, PropertyIds::length, &varLength, nullptr, requestContext))
+            if (GetPropertyQuery(originalInstance, propertyId, value, info, requestContext) == PropertyQueryFlags::Property_Found)
             {
-                len = JavascriptConversion::ToInt32(varLength, requestContext);
+                return true;
             }
-
-            // Reduce by number of bound args
-            len = len - this->count;
-            len = max(len, 0);
-
-            *value = JavascriptNumber::ToVar(len, requestContext);
-            *result = true;
-            return true;
         }
 
         return false;
@@ -374,6 +363,7 @@ namespace Js
     BOOL BoundFunction::SetProperty(PropertyId propertyId, Var value, PropertyOperationFlags flags, PropertyValueInfo* info)
     {
         BOOL result;
+        EnsureLength();
         if (SetPropertyBuiltIns(propertyId, value, flags, info, &result))
         {
             return result;
@@ -386,6 +376,7 @@ namespace Js
     {
         BOOL result;
         PropertyRecord const* propertyRecord;
+        EnsureLength();
         this->GetScriptContext()->FindPropertyRecord(propertyNameString, &propertyRecord);
 
         if (propertyRecord != nullptr && SetPropertyBuiltIns(propertyRecord->GetPropertyId(), value, flags, info, &result))
@@ -398,13 +389,7 @@ namespace Js
 
     bool BoundFunction::SetPropertyBuiltIns(PropertyId propertyId, Var value, PropertyOperationFlags flags, PropertyValueInfo* info, BOOL* result)
     {
-        if (propertyId == PropertyIds::length)
-        {
-            JavascriptError::ThrowCantAssignIfStrictMode(flags, this->GetScriptContext());
-
-            *result = false;
-            return true;
-        }
+        EnsureLength();
 
         return false;
     }
@@ -431,52 +416,64 @@ namespace Js
 
     BOOL BoundFunction::DeleteProperty(PropertyId propertyId, PropertyOperationFlags flags)
     {
-        if (propertyId == PropertyIds::length)
-        {
-            return false;
-        }
+        EnsureLength();
 
         return JavascriptFunction::DeleteProperty(propertyId, flags);
     }
 
     BOOL BoundFunction::DeleteProperty(JavascriptString *propertyNameString, PropertyOperationFlags flags)
     {
-        if (BuiltInPropertyRecords::length.Equals(propertyNameString))
-        {
-            return false;
-        }
+        EnsureLength();
 
         return JavascriptFunction::DeleteProperty(propertyNameString, flags);
     }
 
     BOOL BoundFunction::IsWritable(PropertyId propertyId)
     {
-        if (propertyId == PropertyIds::length)
-        {
-            return false;
-        }
+        EnsureLength();
 
         return JavascriptFunction::IsWritable(propertyId);
     }
 
     BOOL BoundFunction::IsConfigurable(PropertyId propertyId)
     {
-        if (propertyId == PropertyIds::length)
-        {
-            return false;
-        }
+        EnsureLength();
 
         return JavascriptFunction::IsConfigurable(propertyId);
     }
 
     BOOL BoundFunction::IsEnumerable(PropertyId propertyId)
     {
-        if (propertyId == PropertyIds::length)
+        EnsureLength();
+
+        return JavascriptFunction::IsEnumerable(propertyId);
+    }
+
+    bool BoundFunction::EnsureLength()
+    {
+        if (!lengthSet)
         {
+            // Get the "length" property of the underlying target function
+            int len = 0;
+            if (JavascriptFunction::Is(targetFunction))
+            {
+                JavascriptFunction* func = JavascriptFunction::UnsafeFromVar(targetFunction);
+                FunctionProxy* proxy = func->GetFunctionProxy();
+                if (proxy)
+                {
+                    len = proxy->EnsureDeserialized()->GetReportedInParamsCount() - 1;
+                }
+            }
+
+            // Reduce by number of bound args
+            len = len - this->count;
+            len = max(len, 0);
+            
+            SetPropertyWithAttributes(PropertyIds::length, TaggedInt::ToVarUnchecked(len), PropertyConfigurable, nullptr, PropertyOperation_None, SideEffects_None);
+            lengthSet = true;
             return false;
         }
-
-        return JavascriptFunction::IsEnumerable(propertyId);
+        return true;
     }
 
     BOOL BoundFunction::HasInstance(Var instance, ScriptContext* scriptContext, IsInstInlineCache* inlineCache)

lib/Runtime/Library/BoundFunction.h

@@ -25,6 +25,7 @@ namespace Js
 
         static bool Is(Var func){ return JavascriptFunction::Is(func) && JavascriptFunction::UnsafeFromVar(func)->IsBoundFunction(); }
         static Var NewInstance(RecyclableObject* function, CallInfo callInfo, ...);
+        bool EnsureLength();
         virtual JavascriptString* GetDisplayNameImpl() const override;
         virtual PropertyQueryFlags HasPropertyQuery(PropertyId propertyId, _Inout_opt_ PropertyValueInfo* info) override;
         virtual PropertyQueryFlags GetPropertyQuery(Var originalInstance, PropertyId propertyId, Var* value, PropertyValueInfo* info, ScriptContext* requestContext) override;
@@ -73,5 +74,6 @@ namespace Js
         Field(Var)                 boundThis;
         Field(uint)                count;
         Field(Field(Var)*)         boundArgs;
+        Field(bool)                lengthSet = false;
     };
 } // namespace Js