Builtins that should not rely on iteration do.
authorkeith_miller@apple.com <keith_miller@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 22 Feb 2016 19:43:01 +0000 (19:43 +0000)
committerkeith_miller@apple.com <keith_miller@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 22 Feb 2016 19:43:01 +0000 (19:43 +0000)
https://bugs.webkit.org/show_bug.cgi?id=154475

Reviewed by Geoffrey Garen.

When changing the behavior of varargs calls to use ES6 iterators the
call builtin function's use of a varargs call was overlooked. The use
of iterators is observable outside the scope of the the call function,
thus it must be reimplemented.

* builtins/FunctionPrototype.js:
(call):
* tests/stress/call-apply-builtin-functions-dont-use-iterators.js: Added.
(test):
(addAll):
(catch):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@196949 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/builtins/FunctionPrototype.js
Source/JavaScriptCore/tests/stress/call-apply-builtin-functions-dont-use-iterators.js [new file with mode: 0644]

index d1fbc23..1ae6291 100644 (file)
@@ -1,3 +1,22 @@
+2016-02-22  Keith Miller  <keith_miller@apple.com>
+
+        Builtins that should not rely on iteration do.
+        https://bugs.webkit.org/show_bug.cgi?id=154475
+
+        Reviewed by Geoffrey Garen.
+
+        When changing the behavior of varargs calls to use ES6 iterators the
+        call builtin function's use of a varargs call was overlooked. The use
+        of iterators is observable outside the scope of the the call function,
+        thus it must be reimplemented.
+
+        * builtins/FunctionPrototype.js:
+        (call):
+        * tests/stress/call-apply-builtin-functions-dont-use-iterators.js: Added.
+        (test):
+        (addAll):
+        (catch):
+
 2016-02-22  Konstantin Tokarev  <annulen@yandex.ru>
 
         [JSC shell] Don't put empty arguments array to VM.
index 364bc43..c9d5df3 100644 (file)
@@ -27,7 +27,12 @@ function call(thisArgument)
 {
     "use strict";
 
-    return this.@call(...arguments);
+    let argumentValues = [];
+    // Start from 1 to ignore thisArgument
+    for (let i = 1; i < arguments.length; i++)
+        @putByValDirect(argumentValues, i-1, arguments[i]);
+
+    return this.@apply(thisArgument, argumentValues);
 }
 
 function apply(thisValue, argumentValues)
diff --git a/Source/JavaScriptCore/tests/stress/call-apply-builtin-functions-dont-use-iterators.js b/Source/JavaScriptCore/tests/stress/call-apply-builtin-functions-dont-use-iterators.js
new file mode 100644 (file)
index 0000000..e0eaa01
--- /dev/null
@@ -0,0 +1,32 @@
+(function(){
+    "use strict";
+    var it = [][Symbol.iterator]();
+    while (it) {
+        if (it.hasOwnProperty('next'))
+            delete it.next;
+        it = Object.getPrototypeOf(it);
+    }
+
+    var bind = Function.prototype.bind;
+    var uncurryThis = bind.bind(bind.call);
+
+    var bindFn = uncurryThis(bind);
+    var applyFn = uncurryThis(bind.apply);
+    function test() { print("here"); }
+    var sliceFn = uncurryThis([].slice);
+    function addAll(var_args) {
+        var args = sliceFn(arguments, 0);
+        var result = this;
+        for (var i = 0; i < args.length; i++)
+            result += args[i];
+        return result;
+    }
+    var sum;
+
+    try {
+        sum = applyFn(addAll, 3, [4, 5, 6]);
+    } catch (err) {
+        print('oops ', err);
+    }
+    print('sum ', sum);
+})();