Diff
Modified: trunk/JSTests/ChangeLog (290296 => 290297)
--- trunk/JSTests/ChangeLog 2022-02-22 10:08:59 UTC (rev 290296)
+++ trunk/JSTests/ChangeLog 2022-02-22 10:14:20 UTC (rev 290297)
@@ -1,5 +1,14 @@
2022-02-22 Yusuke Suzuki <[email protected]>
+ [JSC] ShadowRealm JSRemoteFunction creation should convert CopyNameAndLength errors to TypeError
+ https://bugs.webkit.org/show_bug.cgi?id=237007
+
+ Reviewed by Alexey Shvayka.
+
+ * test262/expectations.yaml:
+
+2022-02-22 Yusuke Suzuki <[email protected]>
+
[JSC] TypeError from JSRemoteFunction should be generated by JSRemoteFunction's JSGlobalObject
https://bugs.webkit.org/show_bug.cgi?id=237013
Modified: trunk/JSTests/test262/expectations.yaml (290296 => 290297)
--- trunk/JSTests/test262/expectations.yaml 2022-02-22 10:08:59 UTC (rev 290296)
+++ trunk/JSTests/test262/expectations.yaml 2022-02-22 10:14:20 UTC (rev 290297)
@@ -822,12 +822,6 @@
test/built-ins/RegExp/quantifier-integer-limit.js:
default: 'SyntaxError: Invalid regular _expression_: number too large in {} quantifier'
strict mode: 'SyntaxError: Invalid regular _expression_: number too large in {} quantifier'
-test/built-ins/ShadowRealm/WrappedFunction/length-throws-typeerror.js:
- default: 'Test262Error: expect a TypeError on length getter throwing Expected a TypeError but got a Error'
- strict mode: 'Test262Error: expect a TypeError on length getter throwing Expected a TypeError but got a Error'
-test/built-ins/ShadowRealm/WrappedFunction/name-throws-typeerror.js:
- default: 'Test262Error: expect a TypeError on name getter throwing Expected a TypeError but got a Error'
- strict mode: 'Test262Error: expect a TypeError on name getter throwing Expected a TypeError but got a Error'
test/built-ins/Temporal/Duration/compare/calendar-dateadd-called-with-plaindate-instance.js:
default: 'RangeError: Cannot compare a duration of years, months, or weeks without a relativeTo option'
strict mode: 'RangeError: Cannot compare a duration of years, months, or weeks without a relativeTo option'
Modified: trunk/Source/_javascript_Core/ChangeLog (290296 => 290297)
--- trunk/Source/_javascript_Core/ChangeLog 2022-02-22 10:08:59 UTC (rev 290296)
+++ trunk/Source/_javascript_Core/ChangeLog 2022-02-22 10:14:20 UTC (rev 290297)
@@ -1,5 +1,28 @@
2022-02-22 Yusuke Suzuki <[email protected]>
+ [JSC] ShadowRealm JSRemoteFunction creation should convert CopyNameAndLength errors to TypeError
+ https://bugs.webkit.org/show_bug.cgi?id=237007
+
+ Reviewed by Alexey Shvayka.
+
+ 1. Rename JSRemoteFunction::create to tryCreate since it can throw an error.
+ 2. Passing JSGlobalObject* as a first parameter to JSRemoteFunction::tryCreate since it can throw an error.
+ 3. Extract CopyNameAndLength part and convert errors to TypeError as specified.
+
+ * jit/JITOperations.cpp:
+ (JSC::getWrappedValue):
+ (JSC::JSC_DEFINE_JIT_OPERATION):
+ * runtime/JSRemoteFunction.cpp:
+ (JSC::wrapValue):
+ (JSC::JSC_DEFINE_HOST_FUNCTION):
+ (JSC::JSRemoteFunction::tryCreate):
+ (JSC::JSRemoteFunction::copyNameAndLength):
+ (JSC::JSRemoteFunction::finishCreation):
+ (JSC::JSRemoteFunction::create): Deleted.
+ * runtime/JSRemoteFunction.h:
+
+2022-02-22 Yusuke Suzuki <[email protected]>
+
[JSC] TypeError from JSRemoteFunction should be generated by JSRemoteFunction's JSGlobalObject
https://bugs.webkit.org/show_bug.cgi?id=237013
Modified: trunk/Source/_javascript_Core/jit/JITOperations.cpp (290296 => 290297)
--- trunk/Source/_javascript_Core/jit/JITOperations.cpp 2022-02-22 10:08:59 UTC (rev 290296)
+++ trunk/Source/_javascript_Core/jit/JITOperations.cpp 2022-02-22 10:14:20 UTC (rev 290297)
@@ -125,7 +125,7 @@
RELEASE_AND_RETURN(scope, value);
if (value.isCallable(vm))
- RELEASE_AND_RETURN(scope, JSRemoteFunction::create(vm, targetGlobalObject, static_cast<JSObject*>(value.asCell())));
+ RELEASE_AND_RETURN(scope, JSRemoteFunction::tryCreate(targetGlobalObject, vm, static_cast<JSObject*>(value.asCell())));
throwTypeError(globalObject, scope, "value passing between realms must be callable or primitive");
return jsUndefined();
@@ -140,10 +140,8 @@
JITOperationPrologueCallFrameTracer tracer(vm, callFrame);
ASSERT(isRemoteFunction(vm, callee));
- auto scope = DECLARE_THROW_SCOPE(vm);
-
JSGlobalObject* targetGlobalObject = callee->targetFunction()->globalObject();
- RELEASE_AND_RETURN(scope, JSValue::encode(getWrappedValue(globalObject, targetGlobalObject, JSValue::decode(encodedValue))));
+ return JSValue::encode(getWrappedValue(globalObject, targetGlobalObject, JSValue::decode(encodedValue)));
}
JSC_DEFINE_JIT_OPERATION(operationGetWrappedValueForCaller, EncodedJSValue, (JSRemoteFunction* callee, EncodedJSValue encodedValue))
Modified: trunk/Source/_javascript_Core/runtime/JSRemoteFunction.cpp (290296 => 290297)
--- trunk/Source/_javascript_Core/runtime/JSRemoteFunction.cpp 2022-02-22 10:08:59 UTC (rev 290296)
+++ trunk/Source/_javascript_Core/runtime/JSRemoteFunction.cpp 2022-02-22 10:14:20 UTC (rev 290297)
@@ -53,7 +53,7 @@
if (value.isCallable(vm)) {
JSObject* targetFunction = static_cast<JSObject*>(value.asCell());
- return JSRemoteFunction::create(vm, targetGlobalObject, targetFunction);
+ return JSRemoteFunction::tryCreate(targetGlobalObject, vm, targetFunction);
}
return JSValue();
@@ -167,7 +167,7 @@
destinationGlobalObject = jsCast<JSGlobalObject*>(callFrame->uncheckedArgument(1));
}
- RELEASE_AND_RETURN(scope, JSValue::encode(JSRemoteFunction::create(vm, destinationGlobalObject, targetCallable)));
+ RELEASE_AND_RETURN(scope, JSValue::encode(JSRemoteFunction::tryCreate(destinationGlobalObject, vm, targetCallable)));
}
inline Structure* getRemoteFunctionStructure(JSGlobalObject* globalObject)
@@ -176,7 +176,7 @@
return globalObject->remoteFunctionStructure();
}
-JSRemoteFunction* JSRemoteFunction::create(VM& vm, JSGlobalObject* globalObject, JSObject* targetCallable)
+JSRemoteFunction* JSRemoteFunction::tryCreate(JSGlobalObject* globalObject, VM& vm, JSObject* targetCallable)
{
ASSERT(targetCallable && targetCallable->isCallable(vm));
if (auto remote = jsDynamicCast<JSRemoteFunction*>(vm, targetCallable)) {
@@ -189,18 +189,15 @@
Structure* structure = getRemoteFunctionStructure(globalObject);
JSRemoteFunction* function = new (NotNull, allocateCell<JSRemoteFunction>(vm)) JSRemoteFunction(vm, executable, globalObject, structure, targetCallable);
- function->finishCreation(vm);
+ function->finishCreation(globalObject, vm);
return function;
}
-void JSRemoteFunction::finishCreation(VM& vm)
+// https://tc39.es/proposal-shadowrealm/#sec-copynameandlength
+void JSRemoteFunction::copyNameAndLength(JSGlobalObject* globalObject)
{
- Base::finishCreation(vm);
- ASSERT(inherits(vm, info()));
-
- // 3.1.2: CopyNameAndLength
+ VM& vm = globalObject->vm();
auto scope = DECLARE_THROW_SCOPE(vm);
- JSGlobalObject* globalObject = this->globalObject();
PropertySlot slot(m_targetFunction.get(), PropertySlot::InternalMethodType::Get);
bool targetHasLength = m_targetFunction->getOwnPropertySlotInline(globalObject, vm.propertyNames->length, slot);
@@ -214,12 +211,25 @@
m_length = std::max(targetLengthAsInt, 0.0);
}
- JSValue targetName = JSValue(m_targetFunction.get()).get(globalObject, vm.propertyNames->name);
+ JSValue targetName = m_targetFunction->get(globalObject, vm.propertyNames->name);
RETURN_IF_EXCEPTION(scope, void());
if (targetName.isString())
m_nameMayBeNull.set(vm, this, asString(targetName));
+}
- scope.release();
+void JSRemoteFunction::finishCreation(JSGlobalObject* globalObject, VM& vm)
+{
+ Base::finishCreation(vm);
+ ASSERT(inherits(vm, info()));
+
+ auto scope = DECLARE_THROW_SCOPE(vm);
+ copyNameAndLength(globalObject);
+
+ auto* exception = scope.exception();
+ if (UNLIKELY(exception && !vm.isTerminationException(exception))) {
+ scope.clearException();
+ throwTypeError(globalObject, scope, "wrapping returned function throws an error");
+ }
}
template<typename Visitor>
Modified: trunk/Source/_javascript_Core/runtime/JSRemoteFunction.h (290296 => 290297)
--- trunk/Source/_javascript_Core/runtime/JSRemoteFunction.h 2022-02-22 10:08:59 UTC (rev 290296)
+++ trunk/Source/_javascript_Core/runtime/JSRemoteFunction.h 2022-02-22 10:14:20 UTC (rev 290297)
@@ -53,7 +53,7 @@
return vm.remoteFunctionSpace<mode>();
}
- JS_EXPORT_PRIVATE static JSRemoteFunction* create(VM&, JSGlobalObject*, JSObject* targetCallable);
+ JS_EXPORT_PRIVATE static JSRemoteFunction* tryCreate(JSGlobalObject*, VM&, JSObject* targetCallable);
JSObject* targetFunction() { return m_targetFunction.get(); }
JSGlobalObject* targetGlobalObject() { return targetFunction()->globalObject(); }
@@ -82,7 +82,9 @@
private:
JSRemoteFunction(VM&, NativeExecutable*, JSGlobalObject*, Structure*, JSObject* targetCallable);
- void finishCreation(VM&);
+ void copyNameAndLength(JSGlobalObject*);
+
+ void finishCreation(JSGlobalObject*, VM&);
DECLARE_VISIT_CHILDREN;
WriteBarrier<JSObject> m_targetFunction;
