get_by_pname can become confused when iterating over objects with static properties

https://bugs.webkit.org/show_bug.cgi?id=113831

Reviewed by Geoffrey Garen.

get_by_pname doesn't take static properties into account when using a JSPropertyNameIterator to directly
access an object's backing store. One way to fix this is to not cache any properties when iterating over
objects with static properties. This patch fixes the bug that was originally reported on swisscom.ch.

Source/JavaScriptCore:

* runtime/JSObject.cpp:
(JSC::JSObject::getOwnNonIndexPropertyNames):
* runtime/JSPropertyNameIterator.cpp:
(JSC::JSPropertyNameIterator::create):
* runtime/PropertyNameArray.h:
(JSC::PropertyNameArray::PropertyNameArray):
(JSC::PropertyNameArray::numCacheableSlots):
(JSC::PropertyNameArray::setNumCacheableSlots):
(PropertyNameArray):

Change-Id: I7ae9c48eea3c5300c4825a10a660b0e2210c8862
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@147570 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com>

1 files changed, 3 insertions, 0 deletions

diff --git a/Source/JavaScriptCore/runtime/JSObject.cpp b/Source/JavaScriptCore/runtime/JSObject.cpp
index 32adefd2f..72cbb022a 100644
--- a/Source/JavaScriptCore/runtime/JSObject.cpp
+++ b/Source/JavaScriptCore/runtime/JSObject.cpp
@@ -1513,7 +1513,10 @@ void JSObject::getOwnPropertyNames(JSObject* object, ExecState* exec, PropertyNa
 void JSObject::getOwnNonIndexPropertyNames(JSObject* object, ExecState* exec, PropertyNameArray& propertyNames, EnumerationMode mode)
 {
     getClassPropertyNames(exec, object->classInfo(), propertyNames, mode, object->staticFunctionsReified());
+    size_t preStructurePropertyNamesCount = propertyNames.size();
     object->structure()->getPropertyNamesFromStructure(exec->globalData(), propertyNames, mode);
+    size_t numCacheableSlots = preStructurePropertyNamesCount ? 0 : propertyNames.size();
+    propertyNames.setNumCacheableSlots(numCacheableSlots);
 }
 
 double JSObject::toNumber(ExecState* exec) const