Bug 1520093 - Make evalcx work with same-compartment realms. r=jorendorff
authorJan de Mooij <jdemooij@mozilla.com>
Tue, 15 Jan 2019 20:03:43 +0000
changeset 514050 6ec84030fb70b4156b028e2c28136fa55c95272d
parent 514049 ce47b0935c9f67b00787f450ff226fbc64f7ee04
child 514051 070316635c495a75684a55168d734a1f7df5edca
push id1953
push userffxbld-merge
push dateMon, 11 Mar 2019 12:10:20 +0000
treeherdermozilla-release@9c35dcbaa899 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjorendorff
bugs1520093
milestone66.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1520093 - Make evalcx work with same-compartment realms. r=jorendorff Differential Revision: https://phabricator.services.mozilla.com/D16530
js/src/jit-test/tests/debug/bug-1192401.js
js/src/jit-test/tests/realms/basic.js
js/src/shell/js.cpp
--- a/js/src/jit-test/tests/debug/bug-1192401.js
+++ b/js/src/jit-test/tests/debug/bug-1192401.js
@@ -1,5 +1,6 @@
+// |jit-test| --more-compartments
 const dbg = new Debugger();
 const g = evalcx("lazy");
 dbg.addDebuggee(g);
 dbg.memory.trackingAllocationSites = true;
 g.eval("this.alloc = {}");
--- a/js/src/jit-test/tests/realms/basic.js
+++ b/js/src/jit-test/tests/realms/basic.js
@@ -73,8 +73,15 @@ function testTypedArrayLazyBuffer(global
     var arr1 = new global.Int32Array(1);
     var arr2 = new Int32Array(arr1);
     assertEq(objectGlobal(arr2.buffer), this);
     global.buf = arr1.buffer;
     global.eval("assertEq(objectGlobal(buf), this);");
 }
 testTypedArrayLazyBuffer(newGlobal());
 testTypedArrayLazyBuffer(newGlobal({sameCompartmentAs: this}));
+
+function testEvalcx() {
+    var g = newGlobal();
+    evalcx("this.x = 7", g);
+    assertEq(g.x, 7);
+}
+testEvalcx();
--- a/js/src/shell/js.cpp
+++ b/js/src/shell/js.cpp
@@ -3762,16 +3762,23 @@ static void SetStandardRealmOptions(JS::
       .setBigIntEnabled(enableBigInt)
 #endif
       .setStreamsEnabled(enableStreams);
 }
 
 static JSObject* NewSandbox(JSContext* cx, bool lazy) {
   JS::RealmOptions options;
   SetStandardRealmOptions(options);
+
+  if (defaultToSameCompartment) {
+    options.creationOptions().setExistingCompartment(cx->global());
+  } else {
+    options.creationOptions().setNewCompartmentAndZone();
+  }
+
   RootedObject obj(cx,
                    JS_NewGlobalObject(cx, &sandbox_class, nullptr,
                                       JS::DontFireOnNewGlobalHook, options));
   if (!obj) {
     return nullptr;
   }
 
   {
@@ -3843,27 +3850,23 @@ static bool EvalInContext(JSContext* cx,
     return true;
   }
 
   JS::AutoFilename filename;
   unsigned lineno;
 
   DescribeScriptedCaller(cx, &filename, &lineno);
   {
-    Maybe<JSAutoRealm> ar;
-    unsigned flags;
-    JSObject* unwrapped = UncheckedUnwrap(sobj, true, &flags);
-    if (flags & Wrapper::CROSS_COMPARTMENT) {
-      sobj = unwrapped;
-      ar.emplace(cx, sobj);
-    }
+    sobj = UncheckedUnwrap(sobj, true);
+
+    JSAutoRealm ar(cx, sobj);
 
     sobj = ToWindowIfWindowProxy(sobj);
 
-    if (!(sobj->getClass()->flags & JSCLASS_IS_GLOBAL)) {
+    if (!JS_IsGlobalObject(sobj)) {
       JS_ReportErrorASCII(cx, "Invalid scope argument to evalcx");
       return false;
     }
 
     JS::CompileOptions opts(cx);
     opts.setFileAndLine(filename.get(), lineno);
 
     JS::SourceText<char16_t> srcBuf;