2011-03-28 Oliver Hunt <oliver@apple.com>
authoroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 28 Mar 2011 23:39:16 +0000 (23:39 +0000)
committeroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 28 Mar 2011 23:39:16 +0000 (23:39 +0000)
        Reviewed by Geoffrey Garen.

        instanceof Array test fails when using iframes
        https://bugs.webkit.org/show_bug.cgi?id=17250

        Add test cases for correct behaviour

        * fast/js/js-constructors-use-correct-global-expected.txt: Added.
        * fast/js/js-constructors-use-correct-global.html: Added.
        * fast/js/resources/js-constructors-use-correct-global.js: Added.
2011-03-28  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoffrey Garen.

        instanceof Array test fails when using iframes
        https://bugs.webkit.org/show_bug.cgi?id=17250

        This is a problem with all built in constructors, the use of
        lexicalGlobalObject rather than the constructors own
        global object reference means that a builtin will always use
        the prototype from the lexical global object rather than that
        of the constructors origin.

        * API/JSObjectRef.cpp:
        (JSObjectMakeFunction):
        (JSObjectMakeRegExp):
        * JavaScriptCore.exp:
        * runtime/ArrayConstructor.cpp:
        (JSC::constructArrayWithSizeQuirk):
        * runtime/BooleanConstructor.cpp:
        (JSC::constructBoolean):
        (JSC::constructBooleanFromImmediateBoolean):
        * runtime/BooleanConstructor.h:
        * runtime/DateConstructor.cpp:
        (JSC::constructDate):
        * runtime/DateInstance.cpp:
        * runtime/DateInstance.h:
        * runtime/ErrorConstructor.cpp:
        (JSC::constructWithErrorConstructor):
        (JSC::callErrorConstructor):
        * runtime/FunctionConstructor.cpp:
        (JSC::constructWithFunctionConstructor):
        (JSC::callFunctionConstructor):
        (JSC::constructFunction):
        * runtime/FunctionConstructor.h:
        * runtime/JSCell.cpp:
        (JSC::JSCell::getOwnPropertySlot):
        (JSC::JSCell::put):
        (JSC::JSCell::deleteProperty):
        (JSC::JSCell::toThisObject):
        (JSC::JSCell::toObject):
        * runtime/JSCell.h:
        (JSC::JSCell::JSValue::toObject):
        * runtime/JSNotAnObject.cpp:
        (JSC::JSNotAnObject::toObject):
        * runtime/JSNotAnObject.h:
        * runtime/JSObject.cpp:
        (JSC::JSObject::toObject):
        * runtime/JSObject.h:
        * runtime/JSString.cpp:
        (JSC::StringObject::create):
        (JSC::JSString::toObject):
        (JSC::JSString::toThisObject):
        * runtime/JSString.h:
        * runtime/JSValue.cpp:
        (JSC::JSValue::toObjectSlowCase):
        (JSC::JSValue::toThisObjectSlowCase):
        (JSC::JSValue::synthesizeObject):
        * runtime/JSValue.h:
        * runtime/NumberConstructor.cpp:
        (JSC::constructWithNumberConstructor):
        * runtime/NumberObject.cpp:
        (JSC::constructNumber):
        * runtime/NumberObject.h:
        * runtime/ObjectConstructor.cpp:
        (JSC::constructObject):
        (JSC::constructWithObjectConstructor):
        (JSC::callObjectConstructor):
        * runtime/RegExpConstructor.cpp:
        (JSC::constructRegExp):
        (JSC::constructWithRegExpConstructor):
        (JSC::callRegExpConstructor):
        * runtime/RegExpConstructor.h:
        * runtime/StringConstructor.cpp:
        (JSC::constructWithStringConstructor):
        * runtime/StringObject.h:
2011-03-25  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoffrey Garen.

        instanceof Array test fails when using iframes
        https://bugs.webkit.org/show_bug.cgi?id=17250

        Up date for new toObject api

        * UserObjectImp.cpp:
        (UserObjectImp::toPrimitive):
        (UserObjectImp::toBoolean):
        (UserObjectImp::toNumber):
        (UserObjectImp::toString):
2011-03-28  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoffrey Garen.

        instanceof Array test fails when using iframes
        https://bugs.webkit.org/show_bug.cgi?id=17250

        Update for new function and date apis

        Test: fast/js/js-constructors-use-correct-global.html

        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSDOMBinding.cpp:
        (WebCore::jsDateOrNull):
        * bindings/js/JSLazyEventListener.cpp:
        (WebCore::JSLazyEventListener::initializeJSFunction):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@82173 268f45cc-cd09-0410-ab3c-d52691b4dbfc

42 files changed:
LayoutTests/ChangeLog
LayoutTests/fast/js/js-constructors-use-correct-global-expected.txt [new file with mode: 0644]
LayoutTests/fast/js/js-constructors-use-correct-global.html [new file with mode: 0644]
LayoutTests/fast/js/resources/js-constructors-use-correct-global.js [new file with mode: 0644]
Source/JavaScriptCore/API/JSObjectRef.cpp
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/JavaScriptCore.exp
Source/JavaScriptCore/JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def
Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp
Source/JavaScriptCore/runtime/ArrayConstructor.cpp
Source/JavaScriptCore/runtime/BooleanConstructor.cpp
Source/JavaScriptCore/runtime/BooleanConstructor.h
Source/JavaScriptCore/runtime/DateConstructor.cpp
Source/JavaScriptCore/runtime/DateInstance.cpp
Source/JavaScriptCore/runtime/DateInstance.h
Source/JavaScriptCore/runtime/ErrorConstructor.cpp
Source/JavaScriptCore/runtime/FunctionConstructor.cpp
Source/JavaScriptCore/runtime/FunctionConstructor.h
Source/JavaScriptCore/runtime/JSCell.cpp
Source/JavaScriptCore/runtime/JSCell.h
Source/JavaScriptCore/runtime/JSNotAnObject.cpp
Source/JavaScriptCore/runtime/JSNotAnObject.h
Source/JavaScriptCore/runtime/JSObject.cpp
Source/JavaScriptCore/runtime/JSObject.h
Source/JavaScriptCore/runtime/JSString.cpp
Source/JavaScriptCore/runtime/JSString.h
Source/JavaScriptCore/runtime/JSValue.cpp
Source/JavaScriptCore/runtime/JSValue.h
Source/JavaScriptCore/runtime/NumberConstructor.cpp
Source/JavaScriptCore/runtime/NumberObject.cpp
Source/JavaScriptCore/runtime/NumberObject.h
Source/JavaScriptCore/runtime/ObjectConstructor.cpp
Source/JavaScriptCore/runtime/RegExpConstructor.cpp
Source/JavaScriptCore/runtime/RegExpConstructor.h
Source/JavaScriptCore/runtime/StringConstructor.cpp
Source/JavaScriptCore/runtime/StringObject.h
Source/JavaScriptGlue/ChangeLog
Source/JavaScriptGlue/UserObjectImp.cpp
Source/WebCore/ChangeLog
Source/WebCore/bindings/js/JSDOMBinding.cpp
Source/WebCore/bindings/js/JSLazyEventListener.cpp
Source/WebCore/bridge/qt/qt_runtime.cpp

index 447d280..4a56d91 100644 (file)
@@ -1,3 +1,16 @@
+2011-03-28  Oliver Hunt  <oliver@apple.com>
+
+        Reviewed by Geoffrey Garen.
+
+        instanceof Array test fails when using iframes
+        https://bugs.webkit.org/show_bug.cgi?id=17250
+
+        Add test cases for correct behaviour
+
+        * fast/js/js-constructors-use-correct-global-expected.txt: Added.
+        * fast/js/js-constructors-use-correct-global.html: Added.
+        * fast/js/resources/js-constructors-use-correct-global.js: Added.
+
 2011-03-28  Vincent Scheib  <scheib@chromium.org>
 
         Chromium rebaseline for r82144.
diff --git a/LayoutTests/fast/js/js-constructors-use-correct-global-expected.txt b/LayoutTests/fast/js/js-constructors-use-correct-global-expected.txt
new file mode 100644 (file)
index 0000000..5d2e11b
--- /dev/null
@@ -0,0 +1,34 @@
+Test to ensure that js constructors create objects with the correct constructor
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS new otherGlobal.Object() instanceof otherGlobal.Object is true
+PASS otherGlobal.Object() instanceof otherGlobal.Object is true
+PASS new otherGlobal.Function() instanceof otherGlobal.Function is true
+PASS otherGlobal.Function() instanceof otherGlobal.Function is true
+PASS new otherGlobal.Array() instanceof otherGlobal.Array is true
+PASS otherGlobal.Array() instanceof otherGlobal.Array is true
+PASS new otherGlobal.Number() instanceof otherGlobal.Number is true
+PASS new otherGlobal.String() instanceof otherGlobal.String is true
+PASS new otherGlobal.Boolean() instanceof otherGlobal.Boolean is true
+PASS new otherGlobal.RegExp() instanceof otherGlobal.RegExp is true
+PASS otherGlobal.RegExp() instanceof otherGlobal.RegExp is true
+PASS new otherGlobal.Date() instanceof otherGlobal.Date is true
+PASS new otherGlobal.Error() instanceof otherGlobal.Error is true
+PASS otherGlobal.Error() instanceof otherGlobal.Error is true
+PASS new otherGlobal.RangeError() instanceof otherGlobal.RangeError is true
+PASS otherGlobal.RangeError() instanceof otherGlobal.RangeError is true
+PASS new otherGlobal.ReferenceError() instanceof otherGlobal.ReferenceError is true
+PASS otherGlobal.ReferenceError() instanceof otherGlobal.ReferenceError is true
+PASS new otherGlobal.SyntaxError() instanceof otherGlobal.SyntaxError is true
+PASS otherGlobal.SyntaxError() instanceof otherGlobal.SyntaxError is true
+PASS new otherGlobal.TypeError() instanceof otherGlobal.TypeError is true
+PASS otherGlobal.TypeError() instanceof otherGlobal.TypeError is true
+PASS new otherGlobal.URIError() instanceof otherGlobal.URIError is true
+PASS otherGlobal.URIError() instanceof otherGlobal.URIError is true
+PASS new otherGlobal.Image() instanceof otherGlobal.Image is true
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
diff --git a/LayoutTests/fast/js/js-constructors-use-correct-global.html b/LayoutTests/fast/js/js-constructors-use-correct-global.html
new file mode 100644 (file)
index 0000000..0dec691
--- /dev/null
@@ -0,0 +1,14 @@
+<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
+<html>
+<head>
+<link rel="stylesheet" href="resources/js-test-style.css">
+<script src="resources/js-test-pre.js"></script>
+</head>
+<body>
+<p id="description"></p>
+<div id="console"></div>
+<iframe></iframe>
+<script src="resources/js-constructors-use-correct-global.js"></script>
+<script src="resources/js-test-post.js"></script>
+</body>
+</html>
diff --git a/LayoutTests/fast/js/resources/js-constructors-use-correct-global.js b/LayoutTests/fast/js/resources/js-constructors-use-correct-global.js
new file mode 100644 (file)
index 0000000..df8cb08
--- /dev/null
@@ -0,0 +1,16 @@
+description("Test to ensure that js constructors create objects with the correct constructor");
+
+var otherGlobal = document.getElementsByTagName("iframe")[0].contentWindow;
+var constructors = ["Object", "Function", "Array", "Number", "String", "Boolean", "RegExp", "Date", "Error", "RangeError", "ReferenceError", "SyntaxError", "TypeError", "URIError", "Image"];
+
+for (var i = 0; i < constructors.length; i++) {
+    shouldBeTrue("new otherGlobal." + constructors[i] + "() instanceof otherGlobal." + constructors[i]);
+    try {
+        if ((typeof (otherGlobal[constructors[i]]())) === "object" || (typeof (otherGlobal[constructors[i]]())) === "function")
+            shouldBeTrue("otherGlobal." + constructors[i] + "() instanceof otherGlobal." + constructors[i]);
+    } catch(e) {
+    
+    }
+}
+
+successfullyParsed = true;
index 36ca338..ae40830 100644 (file)
@@ -124,7 +124,7 @@ JSObjectRef JSObjectMakeFunction(JSContextRef ctx, JSStringRef name, unsigned pa
         args.append(jsString(exec, parameterNames[i]->ustring()));
     args.append(jsString(exec, body->ustring()));
 
-    JSObject* result = constructFunction(exec, args, nameID, sourceURL->ustring(), startingLineNumber);
+    JSObject* result = constructFunction(exec, exec->lexicalGlobalObject(), args, nameID, sourceURL->ustring(), startingLineNumber);
     if (exec->hadException()) {
         if (exception)
             *exception = toRef(exec, exec->exception());
@@ -207,7 +207,7 @@ JSObjectRef JSObjectMakeRegExp(JSContextRef ctx, size_t argumentCount, const JSV
     for (size_t i = 0; i < argumentCount; ++i)
         argList.append(toJS(exec, arguments[i]));
 
-    JSObject* result = constructRegExp(exec, argList);
+    JSObject* result = constructRegExp(exec, exec->lexicalGlobalObject(),  argList);
     if (exec->hadException()) {
         if (exception)
             *exception = toRef(exec, exec->exception());
index db99870..29f403d 100644 (file)
@@ -1,3 +1,80 @@
+2011-03-28  Oliver Hunt  <oliver@apple.com>
+
+        Reviewed by Geoffrey Garen.
+
+        instanceof Array test fails when using iframes
+        https://bugs.webkit.org/show_bug.cgi?id=17250
+
+        This is a problem with all built in constructors, the use of
+        lexicalGlobalObject rather than the constructors own 
+        global object reference means that a builtin will always use
+        the prototype from the lexical global object rather than that
+        of the constructors origin.
+
+        * API/JSObjectRef.cpp:
+        (JSObjectMakeFunction):
+        (JSObjectMakeRegExp):
+        * JavaScriptCore.exp:
+        * runtime/ArrayConstructor.cpp:
+        (JSC::constructArrayWithSizeQuirk):
+        * runtime/BooleanConstructor.cpp:
+        (JSC::constructBoolean):
+        (JSC::constructBooleanFromImmediateBoolean):
+        * runtime/BooleanConstructor.h:
+        * runtime/DateConstructor.cpp:
+        (JSC::constructDate):
+        * runtime/DateInstance.cpp:
+        * runtime/DateInstance.h:
+        * runtime/ErrorConstructor.cpp:
+        (JSC::constructWithErrorConstructor):
+        (JSC::callErrorConstructor):
+        * runtime/FunctionConstructor.cpp:
+        (JSC::constructWithFunctionConstructor):
+        (JSC::callFunctionConstructor):
+        (JSC::constructFunction):
+        * runtime/FunctionConstructor.h:
+        * runtime/JSCell.cpp:
+        (JSC::JSCell::getOwnPropertySlot):
+        (JSC::JSCell::put):
+        (JSC::JSCell::deleteProperty):
+        (JSC::JSCell::toThisObject):
+        (JSC::JSCell::toObject):
+        * runtime/JSCell.h:
+        (JSC::JSCell::JSValue::toObject):
+        * runtime/JSNotAnObject.cpp:
+        (JSC::JSNotAnObject::toObject):
+        * runtime/JSNotAnObject.h:
+        * runtime/JSObject.cpp:
+        (JSC::JSObject::toObject):
+        * runtime/JSObject.h:
+        * runtime/JSString.cpp:
+        (JSC::StringObject::create):
+        (JSC::JSString::toObject):
+        (JSC::JSString::toThisObject):
+        * runtime/JSString.h:
+        * runtime/JSValue.cpp:
+        (JSC::JSValue::toObjectSlowCase):
+        (JSC::JSValue::toThisObjectSlowCase):
+        (JSC::JSValue::synthesizeObject):
+        * runtime/JSValue.h:
+        * runtime/NumberConstructor.cpp:
+        (JSC::constructWithNumberConstructor):
+        * runtime/NumberObject.cpp:
+        (JSC::constructNumber):
+        * runtime/NumberObject.h:
+        * runtime/ObjectConstructor.cpp:
+        (JSC::constructObject):
+        (JSC::constructWithObjectConstructor):
+        (JSC::callObjectConstructor):
+        * runtime/RegExpConstructor.cpp:
+        (JSC::constructRegExp):
+        (JSC::constructWithRegExpConstructor):
+        (JSC::callRegExpConstructor):
+        * runtime/RegExpConstructor.h:
+        * runtime/StringConstructor.cpp:
+        (JSC::constructWithStringConstructor):
+        * runtime/StringObject.h:
+
 2011-03-28  Geoffrey Garen  <ggaren@apple.com>
 
         Reviewed by Oliver Hunt.
index fd77193..e2647d1 100644 (file)
@@ -122,7 +122,6 @@ __ZN3JSC11createErrorEPNS_9ExecStateERKNS_7UStringE
 __ZN3JSC11regExpFlagsERKNS_7UStringE
 __ZN3JSC12DateInstance6s_infoE
 __ZN3JSC12DateInstanceC1EPNS_9ExecStateEN3WTF17NonNullPassRefPtrINS_9StructureEEEd
-__ZN3JSC12DateInstanceC1EPNS_9ExecStateEd
 __ZN3JSC12JSGlobalData10ClientDataD2Ev
 __ZN3JSC12JSGlobalData11jsArrayVPtrE
 __ZN3JSC12JSGlobalData12createLeakedENS_15ThreadStackTypeE
@@ -182,7 +181,7 @@ __ZN3JSC16createRangeErrorEPNS_9ExecStateERKNS_7UStringE
 __ZN3JSC16throwSyntaxErrorEPNS_9ExecStateE
 __ZN3JSC17BytecodeGenerator21setDumpsGeneratedCodeEb
 __ZN3JSC17PropertyNameArray3addEPN3WTF10StringImplE
-__ZN3JSC17constructFunctionEPNS_9ExecStateERKNS_7ArgListERKNS_10IdentifierERKNS_7UStringEi
+__ZN3JSC17constructFunctionEPNS_9ExecStateEPNS_14JSGlobalObjectERKNS_7ArgListERKNS_10IdentifierERKNS_7UStringEi
 __ZN3JSC17createSyntaxErrorEPNS_9ExecStateERKNS_7UStringE
 __ZN3JSC18DebuggerActivationC1ERNS_12JSGlobalDataEPNS_8JSObjectE
 __ZN3JSC18PropertyDescriptor11setWritableEb
@@ -535,7 +534,7 @@ __ZNK3JSC6JSCell11toPrimitiveEPNS_9ExecStateENS_22PreferredPrimitiveTypeE
 __ZNK3JSC6JSCell12toThisObjectEPNS_9ExecStateE
 __ZNK3JSC6JSCell14isGetterSetterEv
 __ZNK3JSC6JSCell8toNumberEPNS_9ExecStateE
-__ZNK3JSC6JSCell8toObjectEPNS_9ExecStateE
+__ZNK3JSC6JSCell8toObjectEPNS_9ExecStateEPNS_14JSGlobalObjectE
 __ZNK3JSC6JSCell8toStringEPNS_9ExecStateE
 __ZNK3JSC6JSCell9getStringEPNS_9ExecStateE
 __ZNK3JSC6JSCell9getStringEPNS_9ExecStateERNS_7UStringE
@@ -543,7 +542,7 @@ __ZNK3JSC6JSCell9getUInt32ERj
 __ZNK3JSC6JSCell9toBooleanEPNS_9ExecStateE
 __ZNK3JSC7ArgList8getSliceEiRS0_
 __ZNK3JSC7JSArray12subclassDataEv
-__ZNK3JSC7JSValue16toObjectSlowCaseEPNS_9ExecStateE
+__ZNK3JSC7JSValue16toObjectSlowCaseEPNS_9ExecStateEPNS_14JSGlobalObjectE
 __ZNK3JSC7JSValue19synthesizePrototypeEPNS_9ExecStateE
 __ZNK3JSC7JSValue20toThisObjectSlowCaseEPNS_9ExecStateE
 __ZNK3JSC7JSValue9toIntegerEPNS_9ExecStateE
@@ -556,7 +555,7 @@ __ZNK3JSC8JSObject12defaultValueEPNS_9ExecStateENS_22PreferredPrimitiveTypeE
 __ZNK3JSC8JSObject12toThisObjectEPNS_9ExecStateE
 __ZNK3JSC8JSObject18toStrictThisObjectEPNS_9ExecStateE
 __ZNK3JSC8JSObject8toNumberEPNS_9ExecStateE
-__ZNK3JSC8JSObject8toObjectEPNS_9ExecStateE
+__ZNK3JSC8JSObject8toObjectEPNS_9ExecStateEPNS_14JSGlobalObjectE
 __ZNK3JSC8JSObject8toStringEPNS_9ExecStateE
 __ZNK3JSC8JSObject9classNameEv
 __ZNK3JSC8JSObject9toBooleanEPNS_9ExecStateE
index 6237440..d7cddf4 100644 (file)
@@ -3,7 +3,6 @@ EXPORTS
     ??0CString@WTF@@QAE@PBD@Z
     ??0CString@WTF@@QAE@PBDI@Z
     ??0Collator@WTF@@QAE@PBD@Z
-    ??0DateInstance@JSC@@QAE@PAVExecState@1@N@Z
     ??0DateInstance@JSC@@QAE@PAVExecState@1@V?$NonNullPassRefPtr@VStructure@JSC@@@WTF@@N@Z
     ??0DefaultGCActivityCallback@JSC@@QAE@PAVHeap@1@@Z
     ??0DropAllLocks@JSLock@JSC@@QAE@W4JSLockBehavior@2@@Z
@@ -94,7 +93,7 @@ EXPORTS
     ?constructArray@JSC@@YAPAVJSArray@1@PAVExecState@1@ABVArgList@1@@Z
     ?constructEmptyArray@JSC@@YAPAVJSArray@1@PAVExecState@1@@Z
     ?constructEmptyObject@JSC@@YAPAVJSObject@1@PAVExecState@1@@Z
-    ?constructFunction@JSC@@YAPAVJSObject@1@PAVExecState@1@ABVArgList@1@ABVIdentifier@1@ABVUString@1@H@Z
+    ?constructFunction@JSC@@YAPAVJSObject@1@PAVExecState@1@PAVJSGlobalObject@1@ABVArgList@1@ABVIdentifier@1@ABVUString@1@H@Z
     ?convertUTF16ToUTF8@Unicode@WTF@@YA?AW4ConversionResult@12@PAPB_WPB_WPAPADPAD_N@Z
     ?convertUTF8ToUTF16@Unicode@WTF@@YA?AW4ConversionResult@12@PAPBDPBDPAPA_WPA_W_N@Z
     ?create@ByteArray@WTF@@SA?AV?$PassRefPtr@VByteArray@WTF@@@2@I@Z
@@ -336,10 +335,9 @@ EXPORTS
     ?toNumber@JSCell@JSC@@UBENPAVExecState@2@@Z
     ?toNumber@JSObject@JSC@@UBENPAVExecState@2@@Z
     ?toNumber@JSString@JSC@@EBENPAVExecState@2@@Z
-    ?toObject@JSCell@JSC@@UBEPAVJSObject@2@PAVExecState@2@@Z
-    ?toObject@JSObject@JSC@@UBEPAV12@PAVExecState@2@@Z
-    ?toObject@JSString@JSC@@EBEPAVJSObject@2@PAVExecState@2@@Z
-    ?toObjectSlowCase@JSValue@JSC@@ABEPAVJSObject@2@PAVExecState@2@@Z
+    ?toObject@JSCell@JSC@@UBEPAVJSObject@2@PAVExecState@2@PAVJSGlobalObject@2@@Z
+    ?toObject@JSObject@JSC@@UBEPAV12@PAVExecState@2@PAVJSGlobalObject@2@@Z
+    ?toObjectSlowCase@JSValue@JSC@@ABEPAVJSObject@2@PAVExecState@2@PAVJSGlobalObject@2@@Z
     ?toPrimitive@JSCell@JSC@@UBE?AVJSValue@2@PAVExecState@2@W4PreferredPrimitiveType@2@@Z
     ?toPrimitive@JSString@JSC@@EBE?AVJSValue@2@PAVExecState@2@W4PreferredPrimitiveType@2@@Z
     ?toStrictThisObject@JSObject@JSC@@UBE?AVJSValue@2@PAVExecState@2@@Z
index dbdbb5b..b5df53f 100644 (file)
@@ -248,7 +248,7 @@ BytecodeGenerator::BytecodeGenerator(ProgramNode* programNode, ScopeChainNode* s
     SymbolTable::iterator end = symbolTable->end();
     for (SymbolTable::iterator it = symbolTable->begin(); it != end; ++it)
         registerFor(it->second.getIndex()).setIndex(it->second.getIndex() + m_globalVarStorageOffset);
-        
+
     BatchedTransitionOptimizer optimizer(*m_globalData, globalObject);
 
     const VarStack& varStack = programNode->varStack();
index af2afc6..e0f4b23 100644 (file)
@@ -52,16 +52,18 @@ ArrayConstructor::ArrayConstructor(ExecState* exec, JSGlobalObject* globalObject
 
 static inline JSObject* constructArrayWithSizeQuirk(ExecState* exec, const ArgList& args)
 {
+    JSGlobalObject* globalObject = asInternalFunction(exec->callee())->globalObject();
+
     // a single numeric argument denotes the array size (!)
     if (args.size() == 1 && args.at(0).isNumber()) {
         uint32_t n = args.at(0).toUInt32(exec);
         if (n != args.at(0).toNumber(exec))
             return throwError(exec, createRangeError(exec, "Array size is not a small enough positive integer."));
-        return new (exec) JSArray(exec->lexicalGlobalObject()->arrayStructure(), n, CreateInitialized);
+        return new (exec) JSArray(globalObject->arrayStructure(), n, CreateInitialized);
     }
 
     // otherwise the array is constructed with the arguments in it
-    return new (exec) JSArray(exec->globalData(), exec->lexicalGlobalObject()->arrayStructure(), args);
+    return new (exec) JSArray(exec->globalData(), globalObject->arrayStructure(), args);
 }
 
 static EncodedJSValue JSC_HOST_CALL constructWithArrayConstructor(ExecState* exec)
index 21ef5bb..e5b0f3d 100644 (file)
@@ -40,7 +40,7 @@ BooleanConstructor::BooleanConstructor(ExecState* exec, JSGlobalObject* globalOb
 // ECMA 15.6.2
 JSObject* constructBoolean(ExecState* exec, const ArgList& args)
 {
-    BooleanObject* obj = new (exec) BooleanObject(exec->globalData(), exec->lexicalGlobalObject()->booleanObjectStructure());
+    BooleanObject* obj = new (exec) BooleanObject(exec->globalData(), asInternalFunction(exec->callee())->globalObject()->booleanObjectStructure());
     obj->setInternalValue(exec->globalData(), jsBoolean(args.at(0).toBoolean(exec)));
     return obj;
 }
@@ -69,9 +69,9 @@ CallType BooleanConstructor::getCallData(CallData& callData)
     return CallTypeHost;
 }
 
-JSObject* constructBooleanFromImmediateBoolean(ExecState* exec, JSValue immediateBooleanValue)
+JSObject* constructBooleanFromImmediateBoolean(ExecState* exec, JSGlobalObject* globalObject, JSValue immediateBooleanValue)
 {
-    BooleanObject* obj = new (exec) BooleanObject(exec->globalData(), exec->lexicalGlobalObject()->booleanObjectStructure());
+    BooleanObject* obj = new (exec) BooleanObject(exec->globalData(), globalObject->booleanObjectStructure());
     obj->setInternalValue(exec->globalData(), immediateBooleanValue);
     return obj;
 }
index 0f3efa7..2550b3b 100644 (file)
@@ -36,7 +36,7 @@ namespace JSC {
         virtual CallType getCallData(CallData&);
     };
 
-    JSObject* constructBooleanFromImmediateBoolean(ExecState*, JSValue);
+    JSObject* constructBooleanFromImmediateBoolean(ExecState*, JSGlobalObject*, JSValue);
     JSObject* constructBoolean(ExecState*, const ArgList&);
 
 } // namespace JSC
index efaeb0f..e19267a 100644 (file)
@@ -121,7 +121,7 @@ JSObject* constructDate(ExecState* exec, const ArgList& args)
         }
     }
 
-    return new (exec) DateInstance(exec, value);
+    return new (exec) DateInstance(exec, asInternalFunction(exec->callee())->globalObject()->dateStructure(), value);
 }
     
 static EncodedJSValue JSC_HOST_CALL constructWithDateConstructor(ExecState* exec)
index 204b8ac..74adda4 100644 (file)
@@ -48,13 +48,6 @@ DateInstance::DateInstance(ExecState* exec, NonNullPassRefPtr<Structure> structu
     setInternalValue(exec->globalData(), jsNumber(timeClip(time)));
 }
 
-DateInstance::DateInstance(ExecState* exec, double time)
-    : JSWrapperObject(exec->lexicalGlobalObject()->dateStructure())
-{
-    ASSERT(inherits(&s_info));
-    setInternalValue(exec->globalData(), jsNumber(timeClip(time)));
-}
-
 const GregorianDateTime* DateInstance::calculateGregorianDateTime(ExecState* exec) const
 {
     double milli = internalNumber();
index 6c97789..d0dcf0b 100644 (file)
@@ -31,7 +31,6 @@ namespace JSC {
 
     class DateInstance : public JSWrapperObject {
     public:
-        DateInstance(ExecState*, double);
         DateInstance(ExecState*, NonNullPassRefPtr<Structure>, double);
         explicit DateInstance(ExecState*, NonNullPassRefPtr<Structure>);
 
index 2e53b95..7f4f82c 100644 (file)
@@ -42,7 +42,7 @@ ErrorConstructor::ErrorConstructor(ExecState* exec, JSGlobalObject* globalObject
 static EncodedJSValue JSC_HOST_CALL constructWithErrorConstructor(ExecState* exec)
 {
     JSValue message = exec->argumentCount() ? exec->argument(0) : jsUndefined();
-    Structure* errorStructure = exec->lexicalGlobalObject()->errorStructure();
+    Structure* errorStructure = asInternalFunction(exec->callee())->globalObject()->errorStructure();
     return JSValue::encode(ErrorInstance::create(exec, errorStructure, message));
 }
 
@@ -55,7 +55,7 @@ ConstructType ErrorConstructor::getConstructData(ConstructData& constructData)
 static EncodedJSValue JSC_HOST_CALL callErrorConstructor(ExecState* exec)
 {
     JSValue message = exec->argumentCount() ? exec->argument(0) : jsUndefined();
-    Structure* errorStructure = exec->lexicalGlobalObject()->errorStructure();
+    Structure* errorStructure = asInternalFunction(exec->callee())->globalObject()->errorStructure();
     return JSValue::encode(ErrorInstance::create(exec, errorStructure, message));
 }
 
index 573bd5b..a9f0a06 100644 (file)
@@ -49,7 +49,7 @@ FunctionConstructor::FunctionConstructor(ExecState* exec, JSGlobalObject* global
 static EncodedJSValue JSC_HOST_CALL constructWithFunctionConstructor(ExecState* exec)
 {
     ArgList args(exec);
-    return JSValue::encode(constructFunction(exec, args));
+    return JSValue::encode(constructFunction(exec, asInternalFunction(exec->callee())->globalObject(), args));
 }
 
 ConstructType FunctionConstructor::getConstructData(ConstructData& constructData)
@@ -61,7 +61,7 @@ ConstructType FunctionConstructor::getConstructData(ConstructData& constructData
 static EncodedJSValue JSC_HOST_CALL callFunctionConstructor(ExecState* exec)
 {
     ArgList args(exec);
-    return JSValue::encode(constructFunction(exec, args));
+    return JSValue::encode(constructFunction(exec, asInternalFunction(exec->callee())->globalObject(), args));
 }
 
 // ECMA 15.3.1 The Function Constructor Called as a Function
@@ -72,7 +72,7 @@ CallType FunctionConstructor::getCallData(CallData& callData)
 }
 
 // ECMA 15.3.2 The Function Constructor
-JSObject* constructFunction(ExecState* exec, const ArgList& args, const Identifier& functionName, const UString& sourceURL, int lineNumber)
+JSObject* constructFunction(ExecState* exec, JSGlobalObject* globalObject, const ArgList& args, const Identifier& functionName, const UString& sourceURL, int lineNumber)
 {
     // Functions need to have a space following the opening { due to for web compatibility
     // see https://bugs.webkit.org/show_bug.cgi?id=24350
@@ -96,7 +96,6 @@ JSObject* constructFunction(ExecState* exec, const ArgList& args, const Identifi
         program = builder.toUString();
     }
 
-    JSGlobalObject* globalObject = exec->lexicalGlobalObject();
     JSGlobalData& globalData = globalObject->globalData();
     SourceCode source = makeSource(program, sourceURL, lineNumber);
     JSObject* exception = 0;
@@ -111,9 +110,9 @@ JSObject* constructFunction(ExecState* exec, const ArgList& args, const Identifi
 }
 
 // ECMA 15.3.2 The Function Constructor
-JSObject* constructFunction(ExecState* exec, const ArgList& args)
+JSObject* constructFunction(ExecState* exec, JSGlobalObject* globalObject, const ArgList& args)
 {
-    return constructFunction(exec, args, Identifier(exec, "anonymous"), UString(), 1);
+    return constructFunction(exec, globalObject, args, Identifier(exec, "anonymous"), UString(), 1);
 }
 
 } // namespace JSC
index 6af4861..7f21b20 100644 (file)
@@ -36,8 +36,8 @@ namespace JSC {
         virtual CallType getCallData(CallData&);
     };
 
-    JSObject* constructFunction(ExecState*, const ArgList&, const Identifier& functionName, const UString& sourceURL, int lineNumber);
-    JSObject* constructFunction(ExecState*, const ArgList&);
+    JSObject* constructFunction(ExecState*, JSGlobalObject*, const ArgList&, const Identifier& functionName, const UString& sourceURL, int lineNumber);
+    JSObject* constructFunction(ExecState*, JSGlobalObject*, const ArgList&);
 
 } // namespace JSC
 
index 9acb777..ce7fe22 100644 (file)
@@ -119,7 +119,7 @@ bool JSCell::getOwnPropertySlot(ExecState* exec, const Identifier& identifier, P
     // This is not a general purpose implementation of getOwnPropertySlot.
     // It should only be called by JSValue::get.
     // It calls getPropertySlot, not getOwnPropertySlot.
-    JSObject* object = toObject(exec);
+    JSObject* object = toObject(exec, exec->lexicalGlobalObject());
     slot.setBase(object);
     if (!object->getPropertySlot(exec, identifier, slot))
         slot.setUndefined();
@@ -131,7 +131,7 @@ bool JSCell::getOwnPropertySlot(ExecState* exec, unsigned identifier, PropertySl
     // This is not a general purpose implementation of getOwnPropertySlot.
     // It should only be called by JSValue::get.
     // It calls getPropertySlot, not getOwnPropertySlot.
-    JSObject* object = toObject(exec);
+    JSObject* object = toObject(exec, exec->lexicalGlobalObject());
     slot.setBase(object);
     if (!object->getPropertySlot(exec, identifier, slot))
         slot.setUndefined();
@@ -140,27 +140,27 @@ bool JSCell::getOwnPropertySlot(ExecState* exec, unsigned identifier, PropertySl
 
 void JSCell::put(ExecState* exec, const Identifier& identifier, JSValue value, PutPropertySlot& slot)
 {
-    toObject(exec)->put(exec, identifier, value, slot);
+    toObject(exec, exec->lexicalGlobalObject())->put(exec, identifier, value, slot);
 }
 
 void JSCell::put(ExecState* exec, unsigned identifier, JSValue value)
 {
-    toObject(exec)->put(exec, identifier, value);
+    toObject(exec, exec->lexicalGlobalObject())->put(exec, identifier, value);
 }
 
 bool JSCell::deleteProperty(ExecState* exec, const Identifier& identifier)
 {
-    return toObject(exec)->deleteProperty(exec, identifier);
+    return toObject(exec, exec->lexicalGlobalObject())->deleteProperty(exec, identifier);
 }
 
 bool JSCell::deleteProperty(ExecState* exec, unsigned identifier)
 {
-    return toObject(exec)->deleteProperty(exec, identifier);
+    return toObject(exec, exec->lexicalGlobalObject())->deleteProperty(exec, identifier);
 }
 
 JSObject* JSCell::toThisObject(ExecState* exec) const
 {
-    return toObject(exec);
+    return toObject(exec, exec->lexicalGlobalObject());
 }
 
 JSValue JSCell::getJSNumber()
@@ -203,7 +203,7 @@ UString JSCell::toString(ExecState*) const
     return UString();
 }
 
-JSObject* JSCell::toObject(ExecState*) const
+JSObject* JSCell::toObject(ExecState*, JSGlobalObject*) const
 {
     ASSERT_NOT_REACHED();
     return 0;
index 447486c..62cee37 100644 (file)
@@ -35,6 +35,8 @@
 
 namespace JSC {
 
+    class JSGlobalObject;
+
 #if COMPILER(MSVC)
     // If WTF_MAKE_NONCOPYABLE is applied to JSCell we end up with a bunch of
     // undefined references to the JSCell copy constructor and assignment operator
@@ -106,7 +108,7 @@ namespace JSC {
         virtual bool toBoolean(ExecState*) const;
         virtual double toNumber(ExecState*) const;
         virtual UString toString(ExecState*) const;
-        virtual JSObject* toObject(ExecState*) const;
+        virtual JSObject* toObject(ExecState*, JSGlobalObject*) const;
 
         // Garbage collection.
         void* operator new(size_t, ExecState*);
@@ -336,7 +338,12 @@ namespace JSC {
 
     inline JSObject* JSValue::toObject(ExecState* exec) const
     {
-        return isCell() ? asCell()->toObject(exec) : toObjectSlowCase(exec);
+        return isCell() ? asCell()->toObject(exec, exec->lexicalGlobalObject()) : toObjectSlowCase(exec, exec->lexicalGlobalObject());
+    }
+
+    inline JSObject* JSValue::toObject(ExecState* exec, JSGlobalObject* globalObject) const
+    {
+        return isCell() ? asCell()->toObject(exec, globalObject) : toObjectSlowCase(exec, globalObject);
     }
 
     inline JSObject* JSValue::toThisObject(ExecState* exec) const
index e01b401..1115dc0 100644 (file)
@@ -67,7 +67,7 @@ UString JSNotAnObject::toString(ExecState* exec) const
     return "";
 }
 
-JSObject* JSNotAnObject::toObject(ExecState* exec) const
+JSObject* JSNotAnObject::toObject(ExecState* exec, JSGlobalObject*) const
 {
     ASSERT_UNUSED(exec, exec->hadException());
     return const_cast<JSNotAnObject*>(this);
index b882039..75bca18 100644 (file)
@@ -58,7 +58,7 @@ namespace JSC {
         virtual bool toBoolean(ExecState*) const;
         virtual double toNumber(ExecState*) const;
         virtual UString toString(ExecState*) const;
-        virtual JSObject* toObject(ExecState*) const;
+        virtual JSObject* toObject(ExecState*, JSGlobalObject*) const;
 
         // JSObject methods
         virtual bool getOwnPropertySlot(ExecState*, const Identifier& propertyName, PropertySlot&);
index d7570e9..b307540 100644 (file)
@@ -489,7 +489,7 @@ UString JSObject::toString(ExecState* exec) const
     return primitive.toString(exec);
 }
 
-JSObject* JSObject::toObject(ExecState*) const
+JSObject* JSObject::toObject(ExecState*, JSGlobalObject*) const
 {
     return const_cast<JSObject*>(this);
 }
index 66ac2d6..fe01cb9 100644 (file)
@@ -138,7 +138,7 @@ namespace JSC {
         virtual bool toBoolean(ExecState*) const;
         virtual double toNumber(ExecState*) const;
         virtual UString toString(ExecState*) const;
-        virtual JSObject* toObject(ExecState*) const;
+        virtual JSObject* toObject(ExecState*, JSGlobalObject*) const;
 
         virtual JSObject* toThisObject(ExecState*) const;
         virtual JSValue toStrictThisObject(ExecState*) const;
index c4ae969..d9c4d46 100644 (file)
@@ -253,19 +253,19 @@ UString JSString::toString(ExecState* exec) const
     return value(exec);
 }
 
-inline StringObject* StringObject::create(ExecState* exec, JSString* string)
+inline StringObject* StringObject::create(ExecState* exec, JSGlobalObject* globalObject, JSString* string)
 {
-    return new (exec) StringObject(exec->globalData(), exec->lexicalGlobalObject()->stringObjectStructure(), string);
+    return new (exec) StringObject(exec->globalData(), globalObject->stringObjectStructure(), string);
 }
 
-JSObject* JSString::toObject(ExecState* exec) const
+JSObject* JSString::toObject(ExecState* exec, JSGlobalObject* globalObject) const
 {
-    return StringObject::create(exec, const_cast<JSString*>(this));
+    return StringObject::create(exec, globalObject, const_cast<JSString*>(this));
 }
 
 JSObject* JSString::toThisObject(ExecState* exec) const
 {
-    return StringObject::create(exec, const_cast<JSString*>(this));
+    return StringObject::create(exec, exec->lexicalGlobalObject(), const_cast<JSString*>(this));
 }
 
 bool JSString::getOwnPropertySlot(ExecState* exec, const Identifier& propertyName, PropertySlot& slot)
index 11002db..9113d4a 100644 (file)
@@ -402,7 +402,7 @@ namespace JSC {
         virtual bool getPrimitiveNumber(ExecState*, double& number, JSValue& value);
         virtual bool toBoolean(ExecState*) const;
         virtual double toNumber(ExecState*) const;
-        virtual JSObject* toObject(ExecState*) const;
+        virtual JSObject* toObject(ExecState*, JSGlobalObject*) const;
         virtual UString toString(ExecState*) const;
 
         virtual JSObject* toThisObject(ExecState*) const;
index f4662db..d3ee89e 100644 (file)
@@ -54,14 +54,14 @@ double JSValue::toIntegerPreserveNaN(ExecState* exec) const
     return trunc(toNumber(exec));
 }
 
-JSObject* JSValue::toObjectSlowCase(ExecState* exec) const
+JSObject* JSValue::toObjectSlowCase(ExecState* exec, JSGlobalObject* globalObject) const
 {
     ASSERT(!isCell());
 
     if (isInt32() || isDouble())
-        return constructNumber(exec, asValue());
+        return constructNumber(exec, globalObject, asValue());
     if (isTrue() || isFalse())
-        return constructBooleanFromImmediateBoolean(exec, asValue());
+        return constructBooleanFromImmediateBoolean(exec, globalObject, asValue());
 
     ASSERT(isUndefinedOrNull());
     throwError(exec, createNotAnObjectError(exec, *this));
@@ -73,9 +73,9 @@ JSObject* JSValue::toThisObjectSlowCase(ExecState* exec) const
     ASSERT(!isCell());
 
     if (isInt32() || isDouble())
-        return constructNumber(exec, asValue());
+        return constructNumber(exec, exec->lexicalGlobalObject(), asValue());
     if (isTrue() || isFalse())
-        return constructBooleanFromImmediateBoolean(exec, asValue());
+        return constructBooleanFromImmediateBoolean(exec, exec->lexicalGlobalObject(), asValue());
     ASSERT(isUndefinedOrNull());
     return exec->globalThisValue();
 }
@@ -84,9 +84,9 @@ JSObject* JSValue::synthesizeObject(ExecState* exec) const
 {
     ASSERT(!isCell());
     if (isNumber())
-        return constructNumber(exec, asValue());
+        return constructNumber(exec, exec->lexicalGlobalObject(), asValue());
     if (isBoolean())
-        return constructBooleanFromImmediateBoolean(exec, asValue());
+        return constructBooleanFromImmediateBoolean(exec, exec->lexicalGlobalObject(), asValue());
 
     ASSERT(isUndefinedOrNull());
     throwError(exec, createNotAnObjectError(exec, *this));
index 0fd6c4c..098123e 100644 (file)
@@ -37,6 +37,7 @@ namespace JSC {
     class Identifier;
     class JSCell;
     class JSGlobalData;
+    class JSGlobalObject;
     class JSImmediate;
     class JSObject;
     class JSString;
@@ -189,6 +190,7 @@ namespace JSC {
         UString toString(ExecState*) const;
         UString toPrimitiveString(ExecState*) const;
         JSObject* toObject(ExecState*) const;
+        JSObject* toObject(ExecState*, JSGlobalObject*) const;
 
         // Integer conversions.
         double toInteger(ExecState*) const;
@@ -244,7 +246,7 @@ namespace JSC {
         JSValue(HashTableDeletedValueTag);
 
         inline const JSValue asValue() const { return *this; }
-        JSObject* toObjectSlowCase(ExecState*) const;
+        JSObject* toObjectSlowCase(ExecState*, JSGlobalObject*) const;
         JSObject* toThisObjectSlowCase(ExecState*) const;
 
         JSObject* synthesizePrototype(ExecState*) const;
index 3e4d6c7..aee143a 100644 (file)
@@ -104,7 +104,7 @@ static JSValue numberConstructorMinValue(ExecState*, JSValue, const Identifier&)
 // ECMA 15.7.1
 static EncodedJSValue JSC_HOST_CALL constructWithNumberConstructor(ExecState* exec)
 {
-    NumberObject* object = new (exec) NumberObject(exec->globalData(), exec->lexicalGlobalObject()->numberObjectStructure());
+    NumberObject* object = new (exec) NumberObject(exec->globalData(), asInternalFunction(exec->callee())->globalObject()->numberObjectStructure());
     double n = exec->argumentCount() ? exec->argument(0).toNumber(exec) : 0;
     object->setInternalValue(exec->globalData(), jsNumber(n));
     return JSValue::encode(object);
index 3963294..74b5e98 100644 (file)
@@ -42,9 +42,9 @@ JSValue NumberObject::getJSNumber()
     return internalValue();
 }
 
-NumberObject* constructNumber(ExecState* exec, JSValue number)
+NumberObject* constructNumber(ExecState* exec, JSGlobalObject* globalObject, JSValue number)
 {
-    NumberObject* object = new (exec) NumberObject(exec->globalData(), exec->lexicalGlobalObject()->numberObjectStructure());
+    NumberObject* object = new (exec) NumberObject(exec->globalData(), globalObject->numberObjectStructure());
     object->setInternalValue(exec->globalData(), number);
     return object;
 }
index 1571fd4..90d0b26 100644 (file)
@@ -40,7 +40,7 @@ namespace JSC {
         virtual JSValue getJSNumber();
     };
 
-    NumberObject* constructNumber(ExecState*, JSValue);
+    NumberObject* constructNumber(ExecState*, JSGlobalObject*, JSValue);
 
 } // namespace JSC
 
index 5080ef8..c642a5b 100644 (file)
@@ -95,18 +95,18 @@ bool ObjectConstructor::getOwnPropertyDescriptor(ExecState* exec, const Identifi
 }
 
 // ECMA 15.2.2
-static ALWAYS_INLINE JSObject* constructObject(ExecState* exec, const ArgList& args)
+static ALWAYS_INLINE JSObject* constructObject(ExecState* exec, JSGlobalObject* globalObject, const ArgList& args)
 {
     JSValue arg = args.at(0);
     if (arg.isUndefinedOrNull())
-        return constructEmptyObject(exec);
-    return arg.toObject(exec);
+        return constructEmptyObject(exec, globalObject);
+    return arg.toObject(exec, globalObject);
 }
 
 static EncodedJSValue JSC_HOST_CALL constructWithObjectConstructor(ExecState* exec)
 {
     ArgList args(exec);
-    return JSValue::encode(constructObject(exec, args));
+    return JSValue::encode(constructObject(exec, asInternalFunction(exec->callee())->globalObject(), args));
 }
 
 ConstructType ObjectConstructor::getConstructData(ConstructData& constructData)
@@ -118,7 +118,7 @@ ConstructType ObjectConstructor::getConstructData(ConstructData& constructData)
 static EncodedJSValue JSC_HOST_CALL callObjectConstructor(ExecState* exec)
 {
     ArgList args(exec);
-    return JSValue::encode(constructObject(exec, args));
+    return JSValue::encode(constructObject(exec, asInternalFunction(exec->callee())->globalObject(), args));
 }
 
 CallType ObjectConstructor::getCallData(CallData& callData)
index 348f38a..19b4b36 100644 (file)
@@ -293,7 +293,7 @@ void setRegExpConstructorMultiline(ExecState* exec, JSObject* baseObject, JSValu
 }
 
 // ECMA 15.10.4
-JSObject* constructRegExp(ExecState* exec, const ArgList& args)
+JSObject* constructRegExp(ExecState* exec, JSGlobalObject* globalObject, const ArgList& args)
 {
     JSValue arg0 = args.at(0);
     JSValue arg1 = args.at(1);
@@ -320,13 +320,13 @@ JSObject* constructRegExp(ExecState* exec, const ArgList& args)
     RefPtr<RegExp> regExp = exec->globalData().regExpCache()->lookupOrCreate(pattern, flags);
     if (!regExp->isValid())
         return throwError(exec, createSyntaxError(exec, regExp->errorMessage()));
-    return new (exec) RegExpObject(exec->lexicalGlobalObject(), exec->lexicalGlobalObject()->regExpStructure(), regExp.release());
+    return new (exec) RegExpObject(exec->lexicalGlobalObject(), globalObject->regExpStructure(), regExp.release());
 }
 
 static EncodedJSValue JSC_HOST_CALL constructWithRegExpConstructor(ExecState* exec)
 {
     ArgList args(exec);
-    return JSValue::encode(constructRegExp(exec, args));
+    return JSValue::encode(constructRegExp(exec, asInternalFunction(exec->callee())->globalObject(), args));
 }
 
 ConstructType RegExpConstructor::getConstructData(ConstructData& constructData)
@@ -339,7 +339,7 @@ ConstructType RegExpConstructor::getConstructData(ConstructData& constructData)
 static EncodedJSValue JSC_HOST_CALL callRegExpConstructor(ExecState* exec)
 {
     ArgList args(exec);
-    return JSValue::encode(constructRegExp(exec, args));
+    return JSValue::encode(constructRegExp(exec, asInternalFunction(exec->callee())->globalObject(), args));
 }
 
 CallType RegExpConstructor::getCallData(CallData& callData)
index 03c6bea..5e0b2b8 100644 (file)
@@ -96,7 +96,7 @@ namespace JSC {
 
     RegExpConstructor* asRegExpConstructor(JSValue);
 
-    JSObject* constructRegExp(ExecState*, const ArgList&);
+    JSObject* constructRegExp(ExecState*, JSGlobalObject*, const ArgList&);
 
     inline RegExpConstructor* asRegExpConstructor(JSValue value)
     {
index 5398f31..ed088e4 100644 (file)
@@ -67,9 +67,10 @@ StringConstructor::StringConstructor(ExecState* exec, JSGlobalObject* globalObje
 // ECMA 15.5.2
 static EncodedJSValue JSC_HOST_CALL constructWithStringConstructor(ExecState* exec)
 {
+    JSGlobalObject* globalObject = asInternalFunction(exec->callee())->globalObject();
     if (!exec->argumentCount())
-        return JSValue::encode(new (exec) StringObject(exec, exec->lexicalGlobalObject()->stringObjectStructure()));
-    return JSValue::encode(new (exec) StringObject(exec, exec->lexicalGlobalObject()->stringObjectStructure(), exec->argument(0).toString(exec)));
+        return JSValue::encode(new (exec) StringObject(exec, globalObject->stringObjectStructure()));
+    return JSValue::encode(new (exec) StringObject(exec, globalObject->stringObjectStructure(), exec->argument(0).toString(exec)));
 }
 
 ConstructType StringConstructor::getConstructData(ConstructData& constructData)
index 0e2a2b2..ae3376d 100644 (file)
@@ -31,7 +31,7 @@ namespace JSC {
         StringObject(ExecState*, NonNullPassRefPtr<Structure>);
         StringObject(ExecState*, NonNullPassRefPtr<Structure>, const UString&);
 
-        static StringObject* create(ExecState*, JSString*);
+        static StringObject* create(ExecState*, JSGlobalObject*, JSString*);
 
         virtual bool getOwnPropertySlot(ExecState*, const Identifier& propertyName, PropertySlot&);
         virtual bool getOwnPropertySlot(ExecState*, unsigned propertyName, PropertySlot&);
index 7b3221a..6093c84 100644 (file)
@@ -1,3 +1,18 @@
+2011-03-25  Oliver Hunt  <oliver@apple.com>
+
+        Reviewed by Geoffrey Garen.
+
+        instanceof Array test fails when using iframes
+        https://bugs.webkit.org/show_bug.cgi?id=17250
+
+        Up date for new toObject api
+
+        * UserObjectImp.cpp:
+        (UserObjectImp::toPrimitive):
+        (UserObjectImp::toBoolean):
+        (UserObjectImp::toNumber):
+        (UserObjectImp::toString):
+
 2011-03-26  Adam Barth  <abarth@webkit.org>
 
         Remove the JavaScriptGlue GYP build.  We're not going to use GYP for
index f48a230..a04f58e 100644 (file)
@@ -167,7 +167,7 @@ JSUserObject* UserObjectImp::GetJSUserObject() const
 JSValue UserObjectImp::toPrimitive(ExecState *exec, PreferredPrimitiveType) const
 {
     JSValue result = jsUndefined();
-    JSUserObject* jsObjPtr = KJSValueToJSObject(toObject(exec), exec);
+    JSUserObject* jsObjPtr = KJSValueToJSObject(toObject(exec, exec->lexicalGlobalObject()), exec);
     CFTypeRef cfValue = jsObjPtr ? jsObjPtr->CopyCFValue() : 0;
     if (cfValue) {
         CFTypeID cfType = CFGetTypeID(cfValue);  // toPrimitive
@@ -204,7 +204,7 @@ JSValue UserObjectImp::toPrimitive(ExecState *exec, PreferredPrimitiveType) cons
 bool UserObjectImp::toBoolean(ExecState *exec) const
 {
     bool result = false;
-    JSUserObject* jsObjPtr = KJSValueToJSObject(toObject(exec), exec);
+    JSUserObject* jsObjPtr = KJSValueToJSObject(toObject(exec, exec->lexicalGlobalObject()), exec);
     CFTypeRef cfValue = jsObjPtr ? jsObjPtr->CopyCFValue() : 0;
     if (cfValue)
     {
@@ -284,7 +284,7 @@ bool UserObjectImp::toBoolean(ExecState *exec) const
 double UserObjectImp::toNumber(ExecState *exec) const
 {
     double result = 0;
-    JSUserObject* jsObjPtr = KJSValueToJSObject(toObject(exec), exec);
+    JSUserObject* jsObjPtr = KJSValueToJSObject(toObject(exec, exec->lexicalGlobalObject()), exec);
     CFTypeRef cfValue = jsObjPtr ? jsObjPtr->CopyCFValue() : 0;
     if (cfValue)
     {
@@ -318,7 +318,7 @@ double UserObjectImp::toNumber(ExecState *exec) const
 UString UserObjectImp::toString(ExecState *exec) const
 {
     UString result;
-    JSUserObject* jsObjPtr = KJSValueToJSObject(toObject(exec), exec);
+    JSUserObject* jsObjPtr = KJSValueToJSObject(toObject(exec, exec->lexicalGlobalObject()), exec);
     CFTypeRef cfValue = jsObjPtr ? jsObjPtr->CopyCFValue() : 0;
     if (cfValue)
     {
index 625ab40..4e2589a 100644 (file)
@@ -1,3 +1,20 @@
+2011-03-28  Oliver Hunt  <oliver@apple.com>
+
+        Reviewed by Geoffrey Garen.
+
+        instanceof Array test fails when using iframes
+        https://bugs.webkit.org/show_bug.cgi?id=17250
+
+        Update for new function and date apis
+
+        Test: fast/js/js-constructors-use-correct-global.html
+
+        * WebCore.xcodeproj/project.pbxproj:
+        * bindings/js/JSDOMBinding.cpp:
+        (WebCore::jsDateOrNull):
+        * bindings/js/JSLazyEventListener.cpp:
+        (WebCore::JSLazyEventListener::initializeJSFunction):
+
 2011-03-28  Beth Dakin  <bdakin@apple.com>
 
         Reviewed by Darin Adler.
index 4d18a4e..8501eb9 100644 (file)
@@ -483,7 +483,7 @@ JSValue jsDateOrNull(ExecState* exec, double value)
 {
     if (!isfinite(value))
         return jsNull();
-    return new (exec) DateInstance(exec, value);
+    return new (exec) DateInstance(exec, exec->lexicalGlobalObject()->dateStructure(), value);
 }
 
 double valueToDate(ExecState* exec, JSValue value)
index 31bbbed..5b17727 100644 (file)
@@ -97,7 +97,7 @@ JSObject* JSLazyEventListener::initializeJSFunction(ScriptExecutionContext* exec
     args.append(jsNontrivialString(exec, stringToUString(m_eventParameterName)));
     args.append(jsString(exec, m_code));
 
-    JSObject* jsFunction = constructFunction(exec, args, Identifier(exec, stringToUString(m_functionName)), stringToUString(m_sourceURL), m_lineNumber); // FIXME: is globalExec ok?
+    JSObject* jsFunction = constructFunction(exec, exec->lexicalGlobalObject(), args, Identifier(exec, stringToUString(m_functionName)), stringToUString(m_sourceURL), m_lineNumber); // FIXME: is globalExec ok?
     if (exec->hadException()) {
         exec->clearException();
         return 0;
index fd33b89..87ee522 100644 (file)
@@ -883,7 +883,7 @@ JSValue convertQVariantToValue(ExecState* exec, PassRefPtr<RootObject> root, con
         dt.isDST = -1;
         double ms = gregorianDateTimeToMS(exec, dt, time.msec(), /*inputIsUTC*/ false);
 
-        return new (exec) DateInstance(exec, trunc(ms));
+        return new (exec) DateInstance(exec, exec->lexicalGlobalObject()->dateStructure(), trunc(ms));
     }
 
     if (type == QMetaType::QByteArray) {