Closed Bug 405654 Opened 18 years ago Closed 18 years ago

Execution exits interpreter on Function.apply and Function.call

Categories

(Rhino Graveyard :: Core, defect)

Product:
Rhino Graveyard
Component:
Core
Version:
1.6R6
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: szegedia, Assigned: szegedia)

Details

when f.apply() or f.call() are invoked from the interpreter, the interpreter will call into Java code for IdFunctionObject.call() which will initiate another interpreter loop in case f is an interpreted function. This breaks continuations captured within the f.apply() or f.call(). The interpreter loop should recognize the special cases of Function.apply and Function.call, and if they are invoked on an InterpretedFunction within the same security domain, then execute the applied/called function within the current interpreter loop.
Unfortunately, this gets worse. apply() and call() are not the only cases of a JS->Java->JS transition. There is the case of a JS-aware Java object, or a JavaAdapter being passed to Java code. However, since these require that the developer explicitly meddle with Java-specific functionality, we can accept this as a limitation. However, there are further pure-JS cases as well, namely all JS 1.6 array iterator methods: Array.every(), Array. filter(), Array. forEach(), Array. map(), Array. some(). It is clearly not feasible to treat these as special cases in the interpreter. It might be possible to provide an implementation of them written in JS, and when someone needs continuations support through these invocations, then redefine them using Array.prototype.every = function(fun /*, thisp*/) { var len = this.length; if (typeof fun != "function") throw new TypeError(); var thisp = arguments[1]; for (var i = 0; i < len; i++) { if (i in this && !fun.call(thisp, this[i], i, this)) return false; } return true; }; and similar -- code seen here was lifted from <http://developer.mozilla.org/en/docs/Core_JavaScript_1.5_Reference:Objects:Array:every> Also, unrelated to these, exotic stuff, like invoking apply on apply itself etc. clearly won't work as expected...
cvs ci -m "Fix for Bug 405654 – Execution exits interpreter on Function.apply and Function.call" -l "/Rhino/src/org/mozilla/javascript/BaseFunction.java" "/Rhino/src/org/mozilla/javascript/ScriptRuntime.java" "/Rhino/src/org/mozilla/javascript/Interpreter.java" Checking in src/org/mozilla/javascript/BaseFunction.java; /cvsroot/mozilla/js/rhino/src/org/mozilla/javascript/BaseFunction.java,v <-- BaseFunction.java new revision: 1.65; previous revision: 1.64 done Checking in src/org/mozilla/javascript/ScriptRuntime.java; /cvsroot/mozilla/js/rhino/src/org/mozilla/javascript/ScriptRuntime.java,v <-- ScriptRuntime.java new revision: 1.284; previous revision: 1.283 done Checking in src/org/mozilla/javascript/Interpreter.java; /cvsroot/mozilla/js/rhino/src/org/mozilla/javascript/Interpreter.java,v <-- Interpreter.java new revision: 1.338; previous revision: 1.337 done
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.