Diff
Modified: trunk/JSTests/ChangeLog (234727 => 234728)
--- trunk/JSTests/ChangeLog 2018-08-09 17:47:24 UTC (rev 234727)
+++ trunk/JSTests/ChangeLog 2018-08-09 18:02:05 UTC (rev 234728)
@@ -1,5 +1,14 @@
2018-08-08 Keith Miller <[email protected]>
+ Array.prototype.sort should call @toLength instead of ">>> 0"
+ https://bugs.webkit.org/show_bug.cgi?id=188430
+
+ Reviewed by Saam Barati.
+
+ * test262/expectations.yaml:
+
+2018-08-08 Keith Miller <[email protected]>
+
Array.prototype.sort should throw TypeError if param is a not callable object
https://bugs.webkit.org/show_bug.cgi?id=188382
Modified: trunk/JSTests/test262/expectations.yaml (234727 => 234728)
--- trunk/JSTests/test262/expectations.yaml 2018-08-09 17:47:24 UTC (rev 234727)
+++ trunk/JSTests/test262/expectations.yaml 2018-08-09 18:02:05 UTC (rev 234728)
@@ -669,9 +669,6 @@
test/built-ins/Array/prototype/slice/target-array-with-non-writable-property.js:
default: 'TypeError: Attempted to assign to readonly property.'
strict mode: 'TypeError: Attempted to assign to readonly property.'
-test/built-ins/Array/prototype/sort/S15.4.4.11_A4_T3.js:
- default: 'Test262Error: #3: var obj = {}; obj.sort = Array.prototype.sort; obj[0] = "z"; obj[1] = "y"; obj[2] = "x"; obj.length = -4294967294; obj.sort(); obj[0] === "z". Actual: y'
- strict mode: 'Test262Error: #3: var obj = {}; obj.sort = Array.prototype.sort; obj[0] = "z"; obj[1] = "y"; obj[2] = "x"; obj.length = -4294967294; obj.sort(); obj[0] === "z". Actual: y'
test/built-ins/Array/prototype/splice/S15.4.4.12_A3_T1.js:
default: 'Test262Error: #1: var obj = {}; obj.splice = Array.prototype.splice; obj[0] = "x"; obj[4294967295] = "y"; obj.length = 4294967296; var arr = obj.splice(4294967295,1); arr.length === 1. Actual: 0'
strict mode: 'Test262Error: #1: var obj = {}; obj.splice = Array.prototype.splice; obj[0] = "x"; obj[4294967295] = "y"; obj.length = 4294967296; var arr = obj.splice(4294967295,1); arr.length === 1. Actual: 0'
Modified: trunk/LayoutTests/ChangeLog (234727 => 234728)
--- trunk/LayoutTests/ChangeLog 2018-08-09 17:47:24 UTC (rev 234727)
+++ trunk/LayoutTests/ChangeLog 2018-08-09 18:02:05 UTC (rev 234728)
@@ -1,3 +1,17 @@
+2018-08-08 Keith Miller <[email protected]>
+
+ Array.prototype.sort should call @toLength instead of ">>> 0"
+ https://bugs.webkit.org/show_bug.cgi?id=188430
+
+ Reviewed by Saam Barati.
+
+ Remove invalid conformance test expectations. Array.prototype.sort calls toLength, which
+ does not truncate integers.
+
+ * sputnik/Conformance/15_Native_Objects/15.4_Array/15.4.4/15.4.4.11_Array_prototype_sort/S15.4.4.11_A4_T1.html:
+ * sputnik/Conformance/15_Native_Objects/15.4_Array/15.4.4/15.4.4.11_Array_prototype_sort/S15.4.4.11_A4_T2.html:
+ * sputnik/Conformance/15_Native_Objects/15.4_Array/15.4.4/15.4.4.11_Array_prototype_sort/S15.4.4.11_A4_T3.html:
+
2018-08-09 Miguel Gomez <[email protected]>
Unreviewed GTK+ gardening after r234720.
Modified: trunk/LayoutTests/sputnik/Conformance/15_Native_Objects/15.4_Array/15.4.4/15.4.4.11_Array_prototype_sort/S15.4.4.11_A4_T1.html (234727 => 234728)
--- trunk/LayoutTests/sputnik/Conformance/15_Native_Objects/15.4_Array/15.4.4/15.4.4.11_Array_prototype_sort/S15.4.4.11_A4_T1.html 2018-08-09 17:47:24 UTC (rev 234727)
+++ trunk/LayoutTests/sputnik/Conformance/15_Native_Objects/15.4_Array/15.4.4/15.4.4.11_Array_prototype_sort/S15.4.4.11_A4_T1.html 2018-08-09 18:02:05 UTC (rev 234728)
@@ -94,9 +94,10 @@
}
//CHECK#4
-if (obj[4294967295] !== "y") {
- testFailed('#4: var obj = {}; obj.sort = Array.prototype.sort; obj[] = "x"; obj[4294967295] = "y"; obj.length = 4294967296; obj.sort(); obj[4294967295] == "y"');
-}
+// This test isn't valid since the spec requires toLength on obj.length now.
+// if (obj[4294967295] !== "y") {
+// testFailed('#4: var obj = {}; obj.sort = Array.prototype.sort; obj[] = "x"; obj[4294967295] = "y"; obj.length = 4294967296; obj.sort(); obj[4294967295] == "y"');
+// }
} catch (ex) {
sputnikException = ex;
Modified: trunk/LayoutTests/sputnik/Conformance/15_Native_Objects/15.4_Array/15.4.4/15.4.4.11_Array_prototype_sort/S15.4.4.11_A4_T2.html (234727 => 234728)
--- trunk/LayoutTests/sputnik/Conformance/15_Native_Objects/15.4_Array/15.4.4/15.4.4.11_Array_prototype_sort/S15.4.4.11_A4_T2.html 2018-08-09 17:47:24 UTC (rev 234727)
+++ trunk/LayoutTests/sputnik/Conformance/15_Native_Objects/15.4_Array/15.4.4/15.4.4.11_Array_prototype_sort/S15.4.4.11_A4_T2.html 2018-08-09 18:02:05 UTC (rev 234728)
@@ -90,19 +90,20 @@
}
//CHECK#3
-if (obj[0] !== "y") {
- testFailed('#3: var obj = {}; obj.sort = Array.prototype.sort; obj[0] = "z"; obj[1] = "y"; obj[4294967297] = "x"; obj.length = 4294967298; obj.sort(); obj[0] === "y". Actual: ' + (obj[0]));
-}
+// This test isn't valid since the spec requires toLength on obj.length now.
+// if (obj[0] !== "y") {
+// testFailed('#3: var obj = {}; obj.sort = Array.prototype.sort; obj[0] = "z"; obj[1] = "y"; obj[4294967297] = "x"; obj.length = 4294967298; obj.sort(); obj[0] === "y". Actual: ' + (obj[0]));
+// }
//CHECK#4
-if (obj[1] !== "z") {
- testFailed('#4: var obj = {}; obj.sort = Array.prototype.sort; obj[0] = "z"; obj[1] = "y"; obj[4294967297] = "x"; obj.length = 4294967298; obj.sort(); obj[1] === "z". Actual: ' + (obj[1]));
-}
+// if (obj[1] !== "z") {
+// testFailed('#4: var obj = {}; obj.sort = Array.prototype.sort; obj[0] = "z"; obj[1] = "y"; obj[4294967297] = "x"; obj.length = 4294967298; obj.sort(); obj[1] === "z". Actual: ' + (obj[1]));
+// }
//CHECK#5
-if (obj[4294967297] !== "x") {
- testFailed('#5: var obj = {}; obj.sort = Array.prototype.sort; obj[0] = "z"; obj[1] = "y"; obj[4294967297] = "x"; obj.length = 4294967298; obj.sort(); obj[4294967297] === "x". Actual: ' + (obj[4294967297]));
-}
+// if (obj[4294967297] !== "x") {
+// testFailed('#5: var obj = {}; obj.sort = Array.prototype.sort; obj[0] = "z"; obj[1] = "y"; obj[4294967297] = "x"; obj.length = 4294967298; obj.sort(); obj[4294967297] === "x". Actual: ' + (obj[4294967297]));
+// }
} catch (ex) {
sputnikException = ex;
Modified: trunk/LayoutTests/sputnik/Conformance/15_Native_Objects/15.4_Array/15.4.4/15.4.4.11_Array_prototype_sort/S15.4.4.11_A4_T3.html (234727 => 234728)
--- trunk/LayoutTests/sputnik/Conformance/15_Native_Objects/15.4_Array/15.4.4/15.4.4.11_Array_prototype_sort/S15.4.4.11_A4_T3.html 2018-08-09 17:47:24 UTC (rev 234727)
+++ trunk/LayoutTests/sputnik/Conformance/15_Native_Objects/15.4_Array/15.4.4/15.4.4.11_Array_prototype_sort/S15.4.4.11_A4_T3.html 2018-08-09 18:02:05 UTC (rev 234728)
@@ -90,19 +90,20 @@
}
//CHECK#3
-if (obj[0] !== "y") {
- testFailed('#3: var obj = {}; obj.sort = Array.prototype.sort; obj[0] = "z"; obj[1] = "y"; obj[2] = "x"; obj.length = -4294967294; obj.sort(); obj[0] === "y". Actual: ' + (obj[0]));
-}
+// This test isn't valid since the spec requires toLength on obj.length now.
+// if (obj[0] !== "y") {
+// testFailed('#3: var obj = {}; obj.sort = Array.prototype.sort; obj[0] = "z"; obj[1] = "y"; obj[2] = "x"; obj.length = -4294967294; obj.sort(); obj[0] === "y". Actual: ' + (obj[0]));
+// }
//CHECK#4
-if (obj[1] !== "z") {
- testFailed('#4: var obj = {}; obj.sort = Array.prototype.sort; obj[0] = "z"; obj[1] = "y"; obj[2] = "x"; obj.length = -4294967294; obj.sort(); obj[1] === "z". Actual: ' + (obj[1]));
-}
+// if (obj[1] !== "z") {
+// testFailed('#4: var obj = {}; obj.sort = Array.prototype.sort; obj[0] = "z"; obj[1] = "y"; obj[2] = "x"; obj.length = -4294967294; obj.sort(); obj[1] === "z". Actual: ' + (obj[1]));
+// }
//CHECK#5
-if (obj[2] !== "x") {
- testFailed('#5: var obj = {}; obj.sort = Array.prototype.sort; obj[0] = "z"; obj[1] = "y"; obj[2] = "x"; obj.length = -4294967294; obj.sort(); obj[2] === "x". Actual: ' + (obj[2]));
-}
+// if (obj[2] !== "x") {
+// testFailed('#5: var obj = {}; obj.sort = Array.prototype.sort; obj[0] = "z"; obj[1] = "y"; obj[2] = "x"; obj.length = -4294967294; obj.sort(); obj[2] === "x". Actual: ' + (obj[2]));
+// }
} catch (ex) {
sputnikException = ex;
Modified: trunk/Source/_javascript_Core/ChangeLog (234727 => 234728)
--- trunk/Source/_javascript_Core/ChangeLog 2018-08-09 17:47:24 UTC (rev 234727)
+++ trunk/Source/_javascript_Core/ChangeLog 2018-08-09 18:02:05 UTC (rev 234728)
@@ -1,5 +1,21 @@
2018-08-08 Keith Miller <[email protected]>
+ Array.prototype.sort should call @toLength instead of ">>> 0"
+ https://bugs.webkit.org/show_bug.cgi?id=188430
+
+ Reviewed by Saam Barati.
+
+ Also add a new function to $vm that will fetch a private
+ property. This can be useful for running builtin helper functions.
+
+ * builtins/ArrayPrototype.js:
+ (sort):
+ * tools/JSDollarVM.cpp:
+ (JSC::functionGetPrivateProperty):
+ (JSC::JSDollarVM::finishCreation):
+
+2018-08-08 Keith Miller <[email protected]>
+
Array.prototype.sort should throw TypeError if param is a not callable object
https://bugs.webkit.org/show_bug.cgi?id=188382
Modified: trunk/Source/_javascript_Core/builtins/ArrayPrototype.js (234727 => 234728)
--- trunk/Source/_javascript_Core/builtins/ArrayPrototype.js 2018-08-09 17:47:24 UTC (rev 234727)
+++ trunk/Source/_javascript_Core/builtins/ArrayPrototype.js 2018-08-09 18:02:05 UTC (rev 234728)
@@ -603,7 +603,7 @@
let array = @toObject(this, "Array.prototype.sort requires that |this| not be null or undefined");
- let length = array.length >>> 0;
+ let length = @toLength(array.length);
// For compatibility with Firefox and Chrome, do nothing observable
// to the target array if it has 0 or 1 sortable properties.
Modified: trunk/Source/_javascript_Core/tools/JSDollarVM.cpp (234727 => 234728)
--- trunk/Source/_javascript_Core/tools/JSDollarVM.cpp 2018-08-09 17:47:24 UTC (rev 234727)
+++ trunk/Source/_javascript_Core/tools/JSDollarVM.cpp 2018-08-09 18:02:05 UTC (rev 234728)
@@ -1676,6 +1676,24 @@
return JSValue::encode(func);
}
+static EncodedJSValue JSC_HOST_CALL functionGetPrivateProperty(ExecState* exec)
+{
+ VM& vm = exec->vm();
+ auto scope = DECLARE_THROW_SCOPE(vm);
+
+ if (exec->argumentCount() < 2 || !exec->argument(1).isString())
+ return encodedJSUndefined();
+
+ String str = asString(exec->argument(1))->value(exec);
+
+ const Identifier* ident = vm.propertyNames->lookUpPrivateName(Identifier::fromString(exec, str));
+ if (!ident)
+ return throwVMError(exec, scope, "Unknown private name.");
+
+ scope.release();
+ return JSValue::encode(exec->argument(0).get(exec, *ident));
+}
+
static EncodedJSValue JSC_HOST_CALL functionCreateRoot(ExecState* exec)
{
VM& vm = exec->vm();
@@ -2020,6 +2038,7 @@
addFunction(vm, "createDOMJITCheckSubClassObject", functionCreateDOMJITCheckSubClassObject, 0);
addFunction(vm, "createDOMJITGetterBaseJSObject", functionCreateDOMJITGetterBaseJSObject, 0);
addFunction(vm, "createBuiltin", functionCreateBuiltin, 2);
+ addFunction(vm, "getPrivateProperty", functionGetPrivateProperty, 2);
addFunction(vm, "setImpureGetterDelegate", functionSetImpureGetterDelegate, 2);
addConstructibleFunction(vm, "Root", functionCreateRoot, 0);
