186818 2018-06-19 13:59:52 -0700 DirectArguments::create needs to initialize to undefined instead of the empty value 2018-06-19 18:11:53 -0700 1 1 1 Unclassified WebKit JavaScriptCore WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 saam saam benjamin commit-queue fpizlo ggaren gskachkov jfbastien keith_miller mark.lam msaboff rmorisset ticaiolima webkit-bug-importer ysuzuki oldest_to_newest 1434544 0 saam 2018-06-19 13:59:52 -0700 We have code in OSR exit that sets up length, but not capacity. This means get_from_arguments may end up loading an empty value, instead of undefined. We rely on it DirectArguments having at least up to the number of declared parameters slots being undefined if there are no arguments to the actual function 1434546 1 saam 2018-06-19 14:00:37 -0700 The test case ``` function foo(a, b) { let x = arguments; OSRExit(); return a + b; // Will load JSValue() instead of jsUndefined() since we'll materialize a DirectArguments in OSRExit that only has slots filled with JSValue() } function bar() { foo(); } noInline(bar); for (let i = 0; i < 1000; ++i) { bar(); } ``` 1434558 2 saam 2018-06-19 14:10:03 -0700 <rdar://problem/38415177> 1434621 3 343118 saam 2018-06-19 15:54:44 -0700 Created attachment 343118 patch 1434668 4 343118 commit-queue 2018-06-19 18:11:51 -0700 Comment on attachment 343118 patch Clearing flags on attachment: 343118 Committed r233000: <https://trac.webkit.org/changeset/233000> 1434669 5 commit-queue 2018-06-19 18:11:53 -0700 All reviewed patches have been landed. Closing bug. 343118 2018-06-19 15:54:44 -0700 2018-06-19 18:11:51 -0700 patch a-backup.diff text/plain 3367 saam SW5kZXg6IEpTVGVzdHMvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIEpTVGVzdHMvQ2hhbmdlTG9n CShyZXZpc2lvbiAyMzI5OTApCisrKyBKU1Rlc3RzL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpA QCAtMSwzICsxLDE1IEBACisyMDE4LTA2LTE5ICBTYWFtIEJhcmF0aSAgPHNiYXJhdGlAYXBwbGUu Y29tPgorCisgICAgICAgIERpcmVjdEFyZ3VtZW50czo6Y3JlYXRlIG5lZWRzIHRvIGluaXRpYWxp emUgdG8gdW5kZWZpbmVkIGluc3RlYWQgb2YgdGhlIGVtcHR5IHZhbHVlCisgICAgICAgIGh0dHBz Oi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0xODY4MTgKKyAgICAgICAgPHJkYXI6 Ly9wcm9ibGVtLzM4NDE1MTc3PgorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEp LgorCisgICAgICAgICogc3RyZXNzL2NyZWF0ZS1kaXJlY3QtYXJndW1lbnRzLWluLW9zci1zaG91 bGQtaW5pdGlhbGl6ZS10by11bmRlZmluZWQuanM6IEFkZGVkLgorICAgICAgICAoZm9vKToKKyAg ICAgICAgKGJhcik6CisKIDIwMTgtMDYtMTkgIFRhZGV1IFphZ2FsbG8gIDx0emFnYWxsb0BhcHBs ZS5jb20+CiAKICAgICAgICAgU2hhZG93Q2hpY2tlbiBjcmFzaGVzIHdpdGggc3RhY2sgb3ZlcmZs b3cgaW4gdGhlIExMSW50CkluZGV4OiBKU1Rlc3RzL3N0cmVzcy9jcmVhdGUtZGlyZWN0LWFyZ3Vt ZW50cy1pbi1vc3Itc2hvdWxkLWluaXRpYWxpemUtdG8tdW5kZWZpbmVkLmpzCj09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0K LS0tIEpTVGVzdHMvc3RyZXNzL2NyZWF0ZS1kaXJlY3QtYXJndW1lbnRzLWluLW9zci1zaG91bGQt aW5pdGlhbGl6ZS10by11bmRlZmluZWQuanMJKG5vbmV4aXN0ZW50KQorKysgSlNUZXN0cy9zdHJl c3MvY3JlYXRlLWRpcmVjdC1hcmd1bWVudHMtaW4tb3NyLXNob3VsZC1pbml0aWFsaXplLXRvLXVu ZGVmaW5lZC5qcwkod29ya2luZyBjb3B5KQpAQCAtMCwwICsxLDE3IEBACisvLyBUaGlzIHNob3Vs ZCBub3QgY3Jhc2guCisKK2Z1bmN0aW9uIGZvbyhhLCBiKSB7CisgICAgbGV0IHggPSBhcmd1bWVu dHM7CisgICAgT1NSRXhpdCgpOworICAgIHJldHVybiBhICsgYjsKK30KKworZnVuY3Rpb24gYmFy KGIpIHsKKyAgICBpZiAoYikKKyAgICAgICAgZm9vKCk7Cit9Citub0lubGluZShiYXIpOworCitm b3IgKGxldCBpID0gMDsgaSA8IDEwMDA7ICsraSkgeworICAgIGJhcih0cnVlKTsKK30KSW5kZXg6 IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291cmNlL0ph dmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMjMyOTUzKQorKysgU291cmNlL0phdmFT Y3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDI0IEBACisyMDE4 LTA2LTE5ICBTYWFtIEJhcmF0aSAgPHNiYXJhdGlAYXBwbGUuY29tPgorCisgICAgICAgIERpcmVj dEFyZ3VtZW50czo6Y3JlYXRlIG5lZWRzIHRvIGluaXRpYWxpemUgdG8gdW5kZWZpbmVkIGluc3Rl YWQgb2YgdGhlIGVtcHR5IHZhbHVlCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3No b3dfYnVnLmNnaT9pZD0xODY4MTgKKyAgICAgICAgPHJkYXI6Ly9wcm9ibGVtLzM4NDE1MTc3Pgor CisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIFRoZSBidWcg aGVyZSBpcyB0aGF0IHdlIHdpbGwgZW1pdCBjb2RlIHRoYXQganVzdCBsb2FkcyBmcm9tIERpcmVj dEFyZ3VtZW50cyBhcworICAgICAgICBsb25nIGFzIHRoZSBpbmRleCBpcyB3aXRoaW4gdGhlIGtu b3duIGNhcGFjaXR5IG9mIHRoZSBhcmd1bWVudHMgb2JqZWN0IChvcF9nZXRfZnJvbV9hcmd1bWVu dHMpLgorICAgICAgICBUaGUgYXJndW1lbnRzIG9iamVjdCBoYXMgYXQgbGVhc3QgZW5vdWdoIGNh cGFjaXR5IHRvIGhvbGQgdGhlIGRlY2xhcmVkIHBhcmFtZXRlcnMuCisgICAgICAgIFdoZW4gd2Ug bWF0ZXJpYWxpemVkIHRoaXMgb2JqZWN0IGluIE9TUiBleGl0LCB3ZSBpbml0aWFsaXplZCB1cCB0 byB0byB0aGUgY2FwYWNpdHkKKyAgICAgICAgd2l0aCBKU1ZhbHVlKCkuIEluIE9TUiBleGl0LCB0 aG91Z2gsIHdlIG9ubHkgZmlsbGVkIHVwIHRvIHRoZSBsZW5ndGggb2YgdGhlCisgICAgICAgIG9i amVjdCB3aXRoIGFjdHVhbCB2YWx1ZXMuIFNvIHdlJ2QgZW5kIHVwIHdpdGggYSBEaXJlY3RBcmd1 bWVudHMgb2JqZWN0IHdpdGgKKyAgICAgICAgY2FwYWNpdHkgbWludXMgbGVuZ3RoIHNsb3RzIG9m IEpTVmFsdWUoKS4gVG8gZml4IHRoaXMsIHdlIG5lZWQgaW5pdGlhbGl6ZSB1cCB0bworICAgICAg ICBjYXBhY2l0eSB3aXRoIGpzVW5kZWZpbmVkIGR1cmluZyBjb25zdHJ1Y3Rpb24uIFRoZSBpbnZh cmlhbnQgb2YgdGhpcyBvYmplY3QgaXMKKyAgICAgICAgdGhhdCB0aGUgY2FwYWNpdHkgbWludXMg bGVuZ3RoIHNsb3RzIGF0IHRoZSBlbmQgYXJlIGZpbGxlZCBpbiB3aXRoIGpzVW5kZWZpbmVkLgor CisgICAgICAgICogcnVudGltZS9EaXJlY3RBcmd1bWVudHMuY3BwOgorICAgICAgICAoSlNDOjpE aXJlY3RBcmd1bWVudHM6OmNyZWF0ZSk6CisKIDIwMTgtMDYtMTggIEtlaXRoIE1pbGxlciAgPGtl aXRoX21pbGxlckBhcHBsZS5jb20+CiAKICAgICAgICAgVW5yZXZpZXdlZCwgZml4IHRoZSBidWls ZC4uLgpJbmRleDogU291cmNlL0phdmFTY3JpcHRDb3JlL3J1bnRpbWUvRGlyZWN0QXJndW1lbnRz LmNwcAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvSmF2YVNjcmlwdENvcmUvcnVudGltZS9EaXJlY3RB cmd1bWVudHMuY3BwCShyZXZpc2lvbiAyMzI5NTMpCisrKyBTb3VyY2UvSmF2YVNjcmlwdENvcmUv cnVudGltZS9EaXJlY3RBcmd1bWVudHMuY3BwCSh3b3JraW5nIGNvcHkpCkBAIC02MSw3ICs2MSw3 IEBAIERpcmVjdEFyZ3VtZW50cyogRGlyZWN0QXJndW1lbnRzOjpjcmVhdGUKICAgICBEaXJlY3RB cmd1bWVudHMqIHJlc3VsdCA9IGNyZWF0ZVVuaW5pdGlhbGl6ZWQodm0sIHN0cnVjdHVyZSwgbGVu Z3RoLCBjYXBhY2l0eSk7CiAgICAgCiAgICAgZm9yICh1bnNpZ25lZCBpID0gY2FwYWNpdHk7IGkt LTspCi0gICAgICAgIHJlc3VsdC0+c3RvcmFnZSgpW2ldLmNsZWFyKCk7CisgICAgICAgIHJlc3Vs dC0+c3RvcmFnZSgpW2ldLnNldFVuZGVmaW5lZCgpOwogICAgIAogICAgIHJldHVybiByZXN1bHQ7 CiB9Cg==