RESOLVED FIXED 64657
Converted this value not preserved when accessed via direct eval. 
https://bugs.webkit.org/show_bug.cgi?id=64657
Summary Converted this value not preserved when accessed via direct eval.
Gavin Barraclough
Reported 2011-07-16 15:00:51 PDT
Upon entry into a non-strcict function primitive types should be boxed as an Object type - which we do using op_convert_this. However we omit to convert this where this is not used within the function. The problem comes if a direct eval (running within the function's scope) accesses this. We are safe in the case of a single eval, since the this object will be converted within callEval, however the converted value is not preserved, and is freshly converted each time eval is invoked. This is inefficient and incorrect, since any changes to this will be lost between eval statements.
Attachments
Preliminary patch, need ChangeLog & layout test. (3.27 KB, patch)
2011-07-16 15:54 PDT, Gavin Barraclough 		no flags
DetailsFormatted DiffDiff
The patch, with layout test & correct strict mode behaviour (8.26 KB, patch)
2011-07-16 17:30 PDT, Gavin Barraclough 		oliver: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Gavin Barraclough
Comment 1 2011-07-16 15:52:47 PDT
Lemme try that description thing again. Upon entry into a non-strict function, primitive this values should be boxed as Object types (or substituted with the global object) - which is done by op_convert_this. However we only do so where this is used lexically within the function (we omit the conversion op if not). The problem comes if a direct eval (running within the function's scope) accesses the this value. We are safe in the case of a single eval, since the this object will be converted within callEval, however the converted value is not preserved, and a new wrapper object is allocated each time eval is invoked. This is inefficient and incorrect, since any changes to the wrapper object will be lost between eval statements.
Gavin Barraclough
Comment 2 2011-07-16 15:54:06 PDT
Created attachment 101103 [details] Preliminary patch, need ChangeLog & layout test.
Gavin Barraclough
Comment 3 2011-07-16 17:30:16 PDT
Created attachment 101106 [details] The patch, with layout test & correct strict mode behaviour
Gavin Barraclough
Comment 4 2011-07-16 22:05:13 PDT
Fixed in r91164
Note You need to log in before you can comment on or make changes to this bug.