WebKit Bugzilla
Attachment 343397 Details for
Bug 186951
: performProxyCall should toThis the value passed to its handler
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-186951-20180622165556.patch (text/plain), 3.16 KB, created by
Keith Miller
on 2018-06-22 16:55:57 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Keith Miller
Created:
2018-06-22 16:55:57 PDT
Size:
3.16 KB
patch
obsolete
>Subversion Revision: 233085 >diff --git a/Source/JavaScriptCore/ChangeLog b/Source/JavaScriptCore/ChangeLog >index 6ac55e25b8c1e212d1a5a534ea68dc52927a514a..6550783e82f8516ad4f79da3963088033fa6cfea 100644 >--- a/Source/JavaScriptCore/ChangeLog >+++ b/Source/JavaScriptCore/ChangeLog >@@ -1,3 +1,13 @@ >+2018-06-22 Keith Miller <keith_miller@apple.com> >+ >+ performProxyCall should toThis the value passed to its handler >+ https://bugs.webkit.org/show_bug.cgi?id=186951 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * runtime/ProxyObject.cpp: >+ (JSC::performProxyCall): >+ > 2018-06-22 Keith Miller <keith_miller@apple.com> > > We should call visitChildren on Base not the exact typename >diff --git a/Source/JavaScriptCore/runtime/ProxyObject.cpp b/Source/JavaScriptCore/runtime/ProxyObject.cpp >index 5c3ee5eb85fcde790303afe0f0b13206c74b46d2..be64c691ae8467ea5859a6957962526acd04a6b7 100644 >--- a/Source/JavaScriptCore/runtime/ProxyObject.cpp >+++ b/Source/JavaScriptCore/runtime/ProxyObject.cpp >@@ -549,7 +549,7 @@ static EncodedJSValue JSC_HOST_CALL performProxyCall(ExecState* exec) > RETURN_IF_EXCEPTION(scope, encodedJSValue()); > MarkedArgumentBuffer arguments; > arguments.append(target); >- arguments.append(exec->thisValue()); >+ arguments.append(exec->thisValue().toThis(exec, ECMAMode::StrictMode)); > arguments.append(argArray); > ASSERT(!arguments.hasOverflowed()); > scope.release(); >diff --git a/JSTests/ChangeLog b/JSTests/ChangeLog >index be4eb3cfc87bf088c23800f784bbe7d6fe7fda10..58c1eca11dee5fe2b99c6a50c597e6435a390907 100644 >--- a/JSTests/ChangeLog >+++ b/JSTests/ChangeLog >@@ -1,3 +1,18 @@ >+2018-06-22 Keith Miller <keith_miller@apple.com> >+ >+ performProxyCall should toThis the value passed to its handler >+ https://bugs.webkit.org/show_bug.cgi?id=186951 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * stress/proxy-call-apply-handler-to-this.js: Added. >+ (applyHandler): >+ (let.f.new.Proxy): >+ (withScope): >+ (lexicalScope): >+ (strictEvalScope): >+ (BigInt): >+ > 2018-06-20 Keith Miller <keith_miller@apple.com> > > flattenDictionaryStruture needs to zero inline storage. >diff --git a/JSTests/stress/proxy-call-apply-handler-to-this.js b/JSTests/stress/proxy-call-apply-handler-to-this.js >new file mode 100644 >index 0000000000000000000000000000000000000000..9507bd94462fe0c70c1bef420e772428ad718068 >--- /dev/null >+++ b/JSTests/stress/proxy-call-apply-handler-to-this.js >@@ -0,0 +1,39 @@ >+//@ runDefault("--useBigInt=1") >+ >+let expectedThis; >+ >+function applyHandler(target, thisValue) { >+ if (thisValue !== expectedThis) >+ throw new Error("got weird this value: " + thisValue); >+} >+ >+let handler = { >+ apply: applyHandler >+}; >+let f = new Proxy(function() {}, handler); >+ >+function withScope(o) { >+ with (o) { >+ f(); >+ } >+} >+ >+function lexicalScope() { >+ let x; >+ f(); >+} >+ >+// globalScope >+f(); >+ >+function strictEvalScope() { >+ "use strict"; >+ eval("var x; f();"); >+} >+ >+let primitives = [undefined, null, true, 1.324, "test", Symbol("test"), BigInt(12), {}, []]; >+ >+for (let primitive of primitives) { >+ expectedThis = primitive; >+ f.call(primitive); >+}
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=343397">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
mark.lam
:
review+
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 186951
: 343397