Title: [233110] trunk
- Revision
- 233110
- Author
- [email protected]
- Date
- 2018-06-22 17:03:56 -0700 (Fri, 22 Jun 2018)
Log Message
performProxyCall should toThis the value passed to its handler
https://bugs.webkit.org/show_bug.cgi?id=186951
Reviewed by Mark Lam.
JSTests:
* stress/proxy-call-apply-handler-to-this.js: Added.
(applyHandler):
(let.f.new.Proxy):
(withScope):
(lexicalScope):
(strictEvalScope):
(BigInt):
Source/_javascript_Core:
* runtime/ProxyObject.cpp:
(JSC::performProxyCall):
Modified Paths
Added Paths
Diff
Modified: trunk/JSTests/ChangeLog (233109 => 233110)
--- trunk/JSTests/ChangeLog 2018-06-22 23:32:16 UTC (rev 233109)
+++ trunk/JSTests/ChangeLog 2018-06-23 00:03:56 UTC (rev 233110)
@@ -1,3 +1,18 @@
+2018-06-22 Keith Miller <[email protected]>
+
+ performProxyCall should toThis the value passed to its handler
+ https://bugs.webkit.org/show_bug.cgi?id=186951
+
+ Reviewed by Mark Lam.
+
+ * stress/proxy-call-apply-handler-to-this.js: Added.
+ (applyHandler):
+ (let.f.new.Proxy):
+ (withScope):
+ (lexicalScope):
+ (strictEvalScope):
+ (BigInt):
+
2018-06-20 Keith Miller <[email protected]>
flattenDictionaryStruture needs to zero inline storage.
Added: trunk/JSTests/stress/proxy-call-apply-handler-to-this.js (0 => 233110)
--- trunk/JSTests/stress/proxy-call-apply-handler-to-this.js (rev 0)
+++ trunk/JSTests/stress/proxy-call-apply-handler-to-this.js 2018-06-23 00:03:56 UTC (rev 233110)
@@ -0,0 +1,39 @@
+//@ runDefault("--useBigInt=1")
+
+let expectedThis;
+
+function applyHandler(target, thisValue) {
+ if (thisValue !== expectedThis)
+ throw new Error("got weird this value: " + thisValue);
+}
+
+let handler = {
+ apply: applyHandler
+};
+let f = new Proxy(function() {}, handler);
+
+function withScope(o) {
+ with (o) {
+ f();
+ }
+}
+
+function lexicalScope() {
+ let x;
+ f();
+}
+
+// globalScope
+f();
+
+function strictEvalScope() {
+ "use strict";
+ eval("var x; f();");
+}
+
+let primitives = [undefined, null, true, 1.324, "test", Symbol("test"), BigInt(12), {}, []];
+
+for (let primitive of primitives) {
+ expectedThis = primitive;
+ f.call(primitive);
+}
Modified: trunk/Source/_javascript_Core/ChangeLog (233109 => 233110)
--- trunk/Source/_javascript_Core/ChangeLog 2018-06-22 23:32:16 UTC (rev 233109)
+++ trunk/Source/_javascript_Core/ChangeLog 2018-06-23 00:03:56 UTC (rev 233110)
@@ -1,3 +1,13 @@
+2018-06-22 Keith Miller <[email protected]>
+
+ performProxyCall should toThis the value passed to its handler
+ https://bugs.webkit.org/show_bug.cgi?id=186951
+
+ Reviewed by Mark Lam.
+
+ * runtime/ProxyObject.cpp:
+ (JSC::performProxyCall):
+
2018-06-22 Saam Barati <[email protected]>
ensureWritableX should only convert away from CoW when it will succeed
Modified: trunk/Source/_javascript_Core/runtime/ProxyObject.cpp (233109 => 233110)
--- trunk/Source/_javascript_Core/runtime/ProxyObject.cpp 2018-06-22 23:32:16 UTC (rev 233109)
+++ trunk/Source/_javascript_Core/runtime/ProxyObject.cpp 2018-06-23 00:03:56 UTC (rev 233110)
@@ -549,7 +549,7 @@
RETURN_IF_EXCEPTION(scope, encodedJSValue());
MarkedArgumentBuffer arguments;
arguments.append(target);
- arguments.append(exec->thisValue());
+ arguments.append(exec->thisValue().toThis(exec, ECMAMode::StrictMode));
arguments.append(argArray);
ASSERT(!arguments.hasOverflowed());
scope.release();
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
