RESOLVED FIXED 181321
Object.getOwnPropertyNames includes "arguments" and "caller" for bound functions 
https://bugs.webkit.org/show_bug.cgi?id=181321
Summary Object.getOwnPropertyNames includes "arguments" and "caller" for bound functions
Aruna Herath
Reported 2018-01-04 23:30:58 PST
Object.getOwnPropertyNames((() => {}).bind({})) Returned array for above method call includes "arguments". If the values in this array are accessed in the function a type error will be thrown. Following code will throw. const boundFn = (() => {}).bind({}); Object.getOwnPropertyNames(boundFn).forEach(p => {boundFn[p]}); In Chrome, firefox "arguments" is not there in the returned array.
Attachments
Patch (4.84 KB, patch)
2018-01-06 12:50 PST, Yusuke Suzuki 		no flags
DetailsFormatted DiffDiff
Patch (4.86 KB, patch)
2018-01-06 13:12 PST, Yusuke Suzuki 		no flags
DetailsFormatted DiffDiff
Patch (5.87 KB, patch)
2018-01-06 13:31 PST, Yusuke Suzuki 		no flags
DetailsFormatted DiffDiff
Archive of layout-test-results from ews102 for mac-elcapitan (2.22 MB, application/zip)
2018-01-06 14:11 PST, EWS Watchlist 		no flags
Details
Patch (11.67 KB, patch)
2018-01-06 14:15 PST, Yusuke Suzuki 		no flags
DetailsFormatted DiffDiff
Show Obsolete (3) View All Add attachment proposed patch, testcase, etc.
Yusuke Suzuki
Comment 1 2018-01-06 12:16:59 PST
Basically, either having or not having is OK. This was originally derived from web compatibility extension. But if no browsers have this property right now, we can remove it I think.
Yusuke Suzuki
Comment 2 2018-01-06 12:42:02 PST
(In reply to Yusuke Suzuki from comment #1) > Basically, either having or not having is OK. This was originally derived > from web compatibility extension. But if no browsers have this property > right now, we can remove it I think. No. We should remove them. https://tc39.github.io/ecma262/#sec-forbidden-extensions ECMAScript function objects defined using syntactic constructors in strict mode code must not be created with own properties named "caller" or "arguments". Such own properties also must not be created for function objects defined using an ArrowFunction, MethodDefinition, GeneratorDeclaration, GeneratorExpression, ClassDeclaration, ClassExpression, AsyncFunctionDeclaration, AsyncFunctionExpression, or AsyncArrowFunction regardless of whether the definition is contained in strict mode code. Built-in functions, strict functions created using the Function constructor, generator functions created using the Generator constructor, async functions created using the AsyncFunction constructor, and functions created using the bind method also must not be created with such own properties.
Yusuke Suzuki
Comment 3 2018-01-06 12:50:53 PST
Created attachment 330642 [details] Patch
EWS Watchlist
Comment 4 2018-01-06 12:53:28 PST
Attachment 330642 [details] did not pass style-queue: ERROR: Source/JavaScriptCore/ChangeLog:8: Line contains tab character. [whitespace/tab] [5] ERROR: Source/JavaScriptCore/ChangeLog:9: Line contains tab character. [whitespace/tab] [5] ERROR: Source/JavaScriptCore/ChangeLog:11: Line contains tab character. [whitespace/tab] [5] Total errors found: 3 in 4 files If any of these errors are false positives, please file a bug against check-webkit-style.
Yusuke Suzuki
Comment 5 2018-01-06 13:12:26 PST
Created attachment 330643 [details] Patch
Saam Barati
Comment 6 2018-01-06 13:31:01 PST
Comment on attachment 330643 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=330643&action=review > Source/JavaScriptCore/runtime/JSBoundFunction.cpp:225 > String name; // We lazily create our 'name' string property. Does JSBoundFunction have its own Structure?
Yusuke Suzuki
Comment 7 2018-01-06 13:31:22 PST
Created attachment 330644 [details] Patch
Yusuke Suzuki
Comment 8 2018-01-06 13:34:29 PST
Comment on attachment 330643 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=330643&action=review >> Source/JavaScriptCore/runtime/JSBoundFunction.cpp:225 >> String name; // We lazily create our 'name' string property. > > Does JSBoundFunction have its own Structure? Yes, we have ones.
EWS Watchlist
Comment 9 2018-01-06 14:11:12 PST
Comment on attachment 330644 [details] Patch Attachment 330644 [details] did not pass mac-ews (mac): Output: http://webkit-queues.webkit.org/results/5957222 New failing tests: inspector/runtime/getProperties.html js/strict-throw-type-error.html inspector/model/remote-object-get-properties.html
EWS Watchlist
Comment 10 2018-01-06 14:11:14 PST
Created attachment 330645 [details] Archive of layout-test-results from ews102 for mac-elcapitan The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews102 Port: mac-elcapitan Platform: Mac OS X 10.11.6
Yusuke Suzuki
Comment 11 2018-01-06 14:15:30 PST
Created attachment 330646 [details] Patch
Yusuke Suzuki
Comment 12 2018-01-06 16:15:28 PST
Committed r226489: <https://trac.webkit.org/changeset/226489>
Radar WebKit Bug Importer
Comment 13 2018-01-06 16:16:20 PST
<rdar://problem/36336710>
Note You need to log in before you can comment on or make changes to this bug.