Call to JSToWasmICCallee::createStructure passes in wrong prototype value
authorsbarati@apple.com <sbarati@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 11 May 2019 01:40:00 +0000 (01:40 +0000)
committersbarati@apple.com <sbarati@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 11 May 2019 01:40:00 +0000 (01:40 +0000)
commitf2f1f6f42f66966e47a06cee4dd8d8813d13e634
tree96f1beef3bab390e7ccc0f49538f2ae73c2019d2
parentddccd5cfc8adfd4951a1f8bdbab26fb7122ff75c
Call to JSToWasmICCallee::createStructure passes in wrong prototype value
https://bugs.webkit.org/show_bug.cgi?id=197807
<rdar://problem/50530400>

Reviewed by Yusuke Suzuki.

JSTests:

* stress/js-to-wasm-callee-has-correct-prototype.js: Added.
(test.getInstance):
(test):

Source/JavaScriptCore:

We were passing the empty value instead of null. However, the empty
value means the Structure is poly proto. That's definitely not the case
here.

* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245203 268f45cc-cd09-0410-ab3c-d52691b4dbfc
JSTests/ChangeLog
JSTests/stress/js-to-wasm-callee-has-correct-prototype.js [new file with mode: 0644]
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/runtime/JSGlobalObject.cpp