Bug 252228

Summary: constructFunctionSkippingEvalEnabledCheck() should use structureGlobalObject.
Product: WebKit Reporter: Mark Lam <mark.lam>
Component: JavaScriptCoreAssignee: Mark Lam <mark.lam>
Status: ASSIGNED ---    
Severity: Normal CC: webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   

Description Mark Lam 2023-02-13 21:56:10 PST 
constructFunctionSkippingEvalEnabledCheck() is instantiating JSFunction, JSGeneratorFunction, JSAsyncFunction, and JSAsyncGeneratorFunction with a structure from potentially another realm.  Hence, it should use the scope object from that realm as well.
Comment 1 Mark Lam 2023-02-13 21:58:01 PST 
<rdar://problem/105434457>
Comment 2 Radar WebKit Bug Importer 2023-02-13 21:59:38 PST 
<rdar://problem/105434535>
Comment 3 Mark Lam 2023-02-13 22:00:59 PST 
<rdar://problem/105434457>
Comment 4 Mark Lam 2023-02-13 22:01:42 PST 
Pull request: https://github.com/WebKit/WebKit/pull/10073