Google Git
Sign in
chromium / v8 / v8.git / 92220026b2c4e490a78ca709e9cb9e336ef62e3a^! / .
commit92220026b2c4e490a78ca709e9cb9e336ef62e3a[log] [tgz]
authorCreddy <chandanreddy@google.com>Thu Aug 02 08:22:11 2018
committerCommit Bot <commit-bot@chromium.org>Thu Aug 02 09:15:43 2018
treef27671a46ea352d1e5b177b7cd390ef0b14d35c0
parent37dfedea6f0b6059fef246d242b7bfee751da7fe [diff]
[runtime] Setup Constructor for proxy_map

Bug: chromium:868473
Change-Id: I6a2f9be15cdc05cfa793650436c7ec3dd583bef4
Reviewed-on: https://chromium-review.googlesource.com/1158833
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Chandan Reddy <chandanreddy@google.com>
Cr-Commit-Position: refs/heads/master@{#54857}
diff --git a/src/bootstrapper.cc b/src/bootstrapper.cc
index ea5017f..e648729 100644
--- a/src/bootstrapper.cc
+++ b/src/bootstrapper.cc

@@ -3448,6 +3448,8 @@
         name, proxy_function_map, Builtins::kProxyConstructor);
     Handle<JSFunction> proxy_function = factory->NewFunction(args);
 
+    isolate_->proxy_map()->SetConstructor(*proxy_function);
+
     proxy_function->shared()->set_internal_formal_parameter_count(2);
     proxy_function->shared()->set_length(2);
 

diff --git a/src/objects-debug.cc b/src/objects-debug.cc
index 864301c..1c41e5b 100644
--- a/src/objects-debug.cc
+++ b/src/objects-debug.cc

@@ -1426,6 +1426,7 @@
 
 void JSProxy::JSProxyVerify(Isolate* isolate) {
   CHECK(IsJSProxy());
+  CHECK(map()->GetConstructor()->IsJSFunction());
   VerifyPointer(isolate, target());
   VerifyPointer(isolate, handler());
   if (!IsRevoked()) {

diff --git a/test/mjsunit/regress/regress-5085.js b/test/mjsunit/regress/regress-5085.js
index 21b6962..167bfa0 100644
--- a/test/mjsunit/regress/regress-5085.js
+++ b/test/mjsunit/regress/regress-5085.js

@@ -64,3 +64,11 @@
   a: 1
 };
 assertEquals(Proxy.prototype, {b: 2});
+
+(function testProxyCreationContext() {
+  let realm = Realm.create();
+  let p1 = new Proxy({}, {});
+  let p2 = Realm.eval(realm, "new Proxy({}, {})");
+  assertEquals(0, Realm.owner(p1));
+  assertEquals(1, Realm.owner(p2));
+})();