Make CallSite constructor inaccessible from JS

src/messages.cc

 // Copyright 2011 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "src/messages.h"
 
 #include <memory>
 
 #include "src/api.h"
 #include "src/execution.h"
@@ skipping 491 matching lines @@
       handle(FixedArray::cast(raw_stack_array->elements()), isolate);
 
   const int raw_stack_len = raw_stack_elements->length();
   DCHECK(raw_stack_len % 4 == 1);  // Multiples of 4 plus sloppy frames count.
   const int frame_count = (raw_stack_len - 1) / 4;
 
   Handle<Object> sloppy_frames_obj =
       FixedArray::get(*raw_stack_elements, 0, isolate);
   int sloppy_frames = Handle<Smi>::cast(sloppy_frames_obj)->value();
 
-  Handle<JSFunction> callsite_ctor =
-      handle(isolate->native_context()->callsite_function(), isolate);
-
   int dst_ix = 0;
   Handle<FixedArray> frames = isolate->factory()->NewFixedArray(frame_count);
   for (int i = 1; i < raw_stack_len; i += 4) {
     Handle<Object> recv = FixedArray::get(*raw_stack_elements, i, isolate);
     Handle<Object> fun = FixedArray::get(*raw_stack_elements, i + 1, isolate);
     Handle<AbstractCode> code = Handle<AbstractCode>::cast(
         FixedArray::get(*raw_stack_elements, i + 2, isolate));
     Handle<Smi> pc =
         Handle<Smi>::cast(FixedArray::get(*raw_stack_elements, i + 3, isolate));
 
     Handle<Object> pos =
         (fun->IsSmi() && pc->value() < 0)
             ? handle(Smi::FromInt(-1 - pc->value()), isolate)
             : handle(Smi::FromInt(code->SourcePosition(pc->value())), isolate);
 
     sloppy_frames--;
     Handle<Object> strict = isolate->factory()->ToBoolean(sloppy_frames < 0);
 
     Handle<Object> callsite;
     ASSIGN_RETURN_ON_EXCEPTION(
         isolate, callsite,
-        CallSiteUtils::Construct(isolate, callsite_ctor, callsite_ctor, recv,
-                                 fun, pos, strict),
-        FixedArray);
+        CallSiteUtils::Construct(isolate, recv, fun, pos, strict), FixedArray);
 
     frames->set(dst_ix++, *callsite);
   }
 
   DCHECK_EQ(frame_count, dst_ix);
   return frames;
 }
 
 MaybeHandle<Object> AppendErrorString(Isolate* isolate, Handle<Object> error,
                                       IncrementalStringBuilder* builder) {
@@ skipping 333 matching lines @@
   ASSIGN_RETURN_ON_EXCEPTION(isolate, result, builder.Finish(), String);
   return result;
 }
 
 #define SET_CALLSITE_PROPERTY(target, key, value)                        \
   RETURN_ON_EXCEPTION(                                                   \
       isolate, JSObject::SetOwnPropertyIgnoreAttributes(                 \
                    target, isolate->factory()->key(), value, DONT_ENUM), \
       Object)
 
-MaybeHandle<Object> CallSiteUtils::Construct(
-    Isolate* isolate, Handle<JSFunction> target, Handle<Object> new_target,
-    Handle<Object> receiver, Handle<Object> fun, Handle<Object> pos,
-    Handle<Object> strict_mode) {
+MaybeHandle<Object> CallSiteUtils::Construct(Isolate* isolate,
+                                             Handle<Object> receiver,
+                                             Handle<Object> fun,
+                                             Handle<Object> pos,
+                                             Handle<Object> strict_mode) {
   // Create the JS object.
 
-  Handle<JSReceiver> new_target_recv =
-      new_target->IsJSReceiver() ? Handle<JSReceiver>::cast(new_target)
-                                 : Handle<JSReceiver>::cast(target);
+  Handle<JSFunction> target =
+      handle(isolate->native_context()->callsite_function(), isolate);
 
   Handle<JSObject> obj;
-  ASSIGN_RETURN_ON_EXCEPTION(isolate, obj,
-                             JSObject::New(target, new_target_recv), Object);
+  ASSIGN_RETURN_ON_EXCEPTION(isolate, obj, JSObject::New(target, target),
+                             Object);
 
   // For wasm frames, receiver is the wasm object and fun is the function index
   // instead of an actual function.
   const bool is_wasm_object =
       receiver->IsJSObject() && wasm::IsWasmObject(JSObject::cast(*receiver));
   if (!fun->IsJSFunction() && !is_wasm_object) {
     THROW_NEW_ERROR(isolate,
                     NewTypeError(MessageTemplate::kCallSiteExpectsFunction,
                                  Object::TypeOf(isolate, receiver),
                                  Object::TypeOf(isolate, fun)),
                     Object);
   }
 
   if (is_wasm_object) {
-    // TODO(jgruber): Convert back to DCHECK once the callsite constructor is
-    // inaccessible from JS.
-    CHECK(fun->IsSmi() && (wasm::GetNumberOfFunctions(JSObject::cast(
-                               *receiver)) > Smi::cast(*fun)->value()));
+    DCHECK(fun->IsSmi());
+    DCHECK(wasm::GetNumberOfFunctions(JSObject::cast(*receiver)) >
+           Smi::cast(*fun)->value());
 
     SET_CALLSITE_PROPERTY(obj, call_site_wasm_obj_symbol, receiver);
     SET_CALLSITE_PROPERTY(obj, call_site_wasm_func_index_symbol, fun);
   } else {
     DCHECK(fun->IsJSFunction());
     SET_CALLSITE_PROPERTY(obj, call_site_receiver_symbol, receiver);
     SET_CALLSITE_PROPERTY(obj, call_site_function_symbol, fun);
   }
 
-  // TODO(jgruber): Convert back to DCHECK once the callsite constructor is
-  // inaccessible from JS.
-  CHECK(pos->IsSmi());
-
+  DCHECK(pos->IsSmi());
   SET_CALLSITE_PROPERTY(obj, call_site_position_symbol, pos);
   SET_CALLSITE_PROPERTY(
       obj, call_site_strict_symbol,
       isolate->factory()->ToBoolean(strict_mode->BooleanValue()));
 
   return obj;
 }
 
 #undef SET_CALLSITE_PROPERTY
 
@@ skipping 221 matching lines @@
   builder.AppendCString(" (");
   RETURN_ON_EXCEPTION(
       isolate, AppendFileLocation(isolate, recv, &call_site, &builder), String);
   builder.AppendCString(")");
 
   RETURN_RESULT(isolate, builder.Finish(), String);
 }
 
 }  // namespace internal
 }  // namespace v8