objects constructed using call/apply with Language Level 1_8 and above fail to have prototype set

[tmallery]

String.prototype.constructor.apply(null, ['abc']) +'';
Array.prototype.constructor.apply(null, Array(4)) + '';

Both of these fail when using language levels 1_8 or ES_6. When using language 1_7 and below, they work.

ScriptRuntime.applyOrCall has this condition:
if (callThis == null && cx.hasFeature(Context.FEATURE_OLD_UNDEF_NULL_THIS)) {
callThis = getTopCallScope(cx); // This covers the case of args[0] == (null|undefined) as well.
}

This is what allows 1_7 to work, though I have no idea if this correct per design.

Since this problem isn't limited to a single constructor I'm guessing the problem is in this method. A quick and dirty solution is to call setObjectProtoAndParent() on the result of function.call. This probably requires a condition on the method being a constructor since any function can be called here.

I will be creating a test to show this issue.

[gbrail]

I think that the problem is that on line 256 of NativeString (inside the "Id_constructor" block), the Native String class is creating a new instance using "new" and not wiring up to its parent and prootype and all that stuff. The result is that the "apply" function actually works, but it returns a "string" object that's unusable.

[tmallery]

This issue happens for both String and Array. It's possible each "native" object has this problem. I believe the root issue is that objects created using "new xyz" take a different code path than the ones created by executing the JS constructor method, "xyz.constructor.apply(..)". Fixing that is probably out of scope. The two ways I see to fix this issue I see are we either: apply something general to the "execute a JS constructor" method, or as you pointed out, for each native object have it's JS "constructor" code set the prototype and parent scope before returning.