After the introduction of the Proxy builtin object there was
a possibility to traverse the prototype chain with an invalid object.
The prototype was freed before it's data/properties were queried resulting
in accessing invalid information.
By forcing the allocator to always do a gc (`--mem-stres-test=on` build option)
it was possible to trigger the issue without complicated tests.
New internal method:
* `ecma_op_object_get_prototype_of` which always returns the prototype
of an object and the return value must be freed (if it is valid).
Updated prototype chain traversing in:
* `jerry_object_get_property_names`
* `ecma_builtin_object_prototype_lookup_getter_setter`
* `ecma_op_function_has_instance`
* `ecma_op_function_get_super_constructor`
* `ecma_op_object_is_prototype_of`
* `ecma_op_object_enumerate`
Removed method `ecma_proxy_object_prototype_to_cp`
JerryScript-DCO-1.0-Signed-off-by: Peter Gal pgal.usz@partner.samsung.com
In Proxy.[[Get]] if the target.[[GetOwnPropertyDescriptor]] fails the
trap result should be freed.
Fixes: #4466
JerryScript-DCO-1.0-Signed-off-by: Peter Gal pgal.usz@partner.samsung.com
'this' is a restricted keyword in C++ so it's a good practice to avoid it's usage as an identifier.
JerryScript-DCO-1.0-Signed-off-by: Robert Fancsik frobert@inf.u-szeged.hu
After #4372 and #4369 all builtin constructors have new target support.
This patch fixes#4446.
JerryScript-DCO-1.0-Signed-off-by: Robert Fancsik frobert@inf.u-szeged.hu
based on ECMA-262 v11, B.2.1.2
Fixed tests from the exclude list:
* annexB/built-ins/unescape/four-ignore-bad-u.js
* annexB/built-ins/unescape/four.js
* annexB/built-ins/unescape/two.js
JerryScript-DCO-1.0-Signed-off-by: Adam Szilagyi aszilagy@inf.u-szeged.hu
- `-fno-builtin` should not be necessary: a) by default, we assume
that a libc exists on the system the project is compiled for, but
b) even if the assumption does not hold, `-fno-builtin` can be
passed as an external CFLAG to the build system, plus c) the use
of builtins is expected to help both code size and performance.
(Except when jerry-math is enabled.)
- `-fno-stack-protector` should not be necessary: it is the default
not to instrument code with stack protection.
JerryScript-DCO-1.0-Signed-off-by: Akos Kiss akiss@inf.u-szeged.hu
When accessing an error's type there is no need to check the Proxy
prototype (as there is none).
Fixes: #4440
JerryScript-DCO-1.0-Signed-off-by: Peter Gal pgal.usz@partner.samsung.com
Remove redundancy between all-in-one and all-in-one-source builds
by keeping only the second, and adopt the more established term
"amalgamated" build for it. This change includes the following:
- Replace `ENABLE_ALL_IN_ONE` and `ENABLE_ALL_IN_ONE_SOURCE` cmake
options with `ENABLE_AMALGAM` top-level option.
- Replace `--all-in-one` option of `build.py` helper with
`--amalgam`.
- Merge the `srcmerger.py` and `srcgenerator.py` tool scripts into
`amalgam.py` (with improvements).
- Update documentation.
JerryScript-DCO-1.0-Signed-off-by: Akos Kiss akiss@inf.u-szeged.hu
ecma_op_function_get_function_realm now can process proxy and bound functions.
JerryScript-DCO-1.0-Signed-off-by: bence gabor kis kisbg@inf.u-szeged.hu
With older CMake (for example 2.8.12.2) the feature check of HAVE_M_LIB
reports false positive fail due to -Werror=strict-prototypes. It is already
fixed in CMake https://gitlab.kitware.com/cmake/cmake/-/commit/4bc17345
The feature is present and works, so we should only ignore this build warning.
Additionally the necessary GCC/Clang guard added to the similar
CMake feature check in jerry-port/default/CMakeLists.txt
JerryScript-DCO-1.0-Signed-off-by: Csaba Osztrogonác csaba.osztrogonac@h-lab.eu
Normally, it is more usual and safe to use a toolchain's native
math library. Especially, if multiple components of a project use
math functions, in which case all components should be linked
against the same libm.
The libjerry-math can be used, of course, but as it needs extra
care and consideration, it should be opt-in.
JerryScript-DCO-1.0-Signed-off-by: Akos Kiss akiss@inf.u-szeged.hu
When shifting a negative BigInt value if the
shift count is very "big" the result should be -1.
eg.:
```
(-2n >> (2n*32n)) === -1n
```
Note: the `-2n >> (2n*31n)` already returned `-1n` prior this change.
JerryScript-DCO-1.0-Signed-off-by: Peter Gal pgal.usz@partner.samsung.com
Proxy flags (IsCallable, IsConstructor) can't be stored on the
property list compressed pointer. As adding a Proxy to a WeakSet
would add a property to the Proxy object causing failures down the line.
The prototype internal "slot" can be used to store there flags as
it is not used in case of Proxies (as per standard).
JerryScript-DCO-1.0-Signed-off-by: Peter Gal pgal.usz@partner.samsung.com
That "libm" in the name of the library resulted in awkward naming
on *nix systems (`libjerry-libm.*`, "lib" occurring twice). And the
name of the corresponding header is `math.h` anyway.
Note that this is a breaking change in some sense. The commit
contains no API change, but the build system does change for users
of the math library.
JerryScript-DCO-1.0-Signed-off-by: Akos Kiss akiss@inf.u-szeged.hu
When an error occurs accessing a property during JSON stringify call
the wrapper object is not freed at the correct place.
JerryScript-DCO-1.0-Signed-off-by: Peter Gal pgal.usz@partner.samsung.com
Extended the `jerry_type_t` enum with `JERRY_TYPE_BIGINT` and added it to
the `jerry_value_get_type`.
JerryScript-DCO-1.0-Signed-off-by: Peter Gal pgal.usz@partner.samsung.com
The assert in the reduce and filter methods did not checked if the given value
is a BigInt. This missing check caused the assert to fail.
JerryScript-DCO-1.0-Signed-off-by: Peter Gal pgal.usz@partner.samsung.com
- Rework symbols to have the same value across realms
- Support realms for native functions
- Support test262
- Use new.target realms for constructing intrinsics
JerryScript-DCO-1.0-Signed-off-by: Zoltan Herczeg zherczeg.u-szeged@partner.samsung.com
- Type for realm objects is introduced (ecma_global_object_t)
- Realm reference is added to built-in objects and ECMAScript functions
- Resolving built-ins, global environments, and scopes require realm object
- Unnecessary global object accesses are removed from the code
Missing: external functions and static snapshot functions have no realm reference
JerryScript-DCO-1.0-Signed-off-by: Zoltan Herczeg zherczeg.u-szeged@partner.samsung.com
The handling of Proxy.[[Get]] was not fully correctly in the case when the
Proxy was revoked during the execution of the handler.
JerryScript-DCO-1.0-Signed-off-by: Peter Gal pgal.usz@partner.samsung.com
