Bug 201484

Summary: LazyClassStructure::setConstructor should not store the constructor to the global object
Product: WebKit Reporter: Tadeu Zagallo <tzagallo>
Component: JavaScriptCoreAssignee: Tadeu Zagallo <tzagallo>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, ews-watchlist, keith_miller, mark.lam, msaboff, saam, webkit-bug-importer, wfurr, ysuzuki
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=201551
Attachments:
Description Flags
Patch
none
Patch
none
Patch for landing none

Tadeu Zagallo
Reported 2019-09-04 18:53:51 PDT
<rdar://problem/50400451>
Attachments
Patch (6.53 KB, patch)
2019-09-04 19:10 PDT, Tadeu Zagallo 		no flags
DetailsFormatted DiffDiff
Patch (6.49 KB, patch)
2019-09-04 19:32 PDT, Tadeu Zagallo 		no flags
DetailsFormatted DiffDiff
Patch for landing (6.48 KB, patch)
2019-09-05 11:00 PDT, Tadeu Zagallo 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Tadeu Zagallo
Comment 1 2019-09-04 19:10:16 PDT
Created attachment 378035 [details] Patch
Yusuke Suzuki
Comment 2 2019-09-04 19:14:47 PDT
Comment on attachment 378035 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=378035&action=review r=me with comment. > Source/JavaScriptCore/runtime/Lookup.h:367 > + if (!propertyName.isNull()) I think this never happens because this function is called for property materialization. I think `propertyName.isNull()` code in the original one exists for the use case not through static-property-table. And I believe we do not have a case like, 1. While using LazyClassStructure without specifying it in static-property-table... 2. But still we want global object property for that. Can you ensure that the above use case does not exist in our code base?
Tadeu Zagallo
Comment 3 2019-09-04 19:30:01 PDT
(In reply to Yusuke Suzuki from comment #2) > I think this never happens because this function is called for property > materialization. > I think `propertyName.isNull()` code in the original one exists for the use > case not through static-property-table. And I believe we do not have a case > like, > > 1. While using LazyClassStructure without specifying it in > static-property-table... > 2. But still we want global object property for that. > > Can you ensure that the above use case does not exist in our code base? You're right, thanks! I've updated the patch.
Tadeu Zagallo
Comment 4 2019-09-04 19:32:19 PDT
Created attachment 378038 [details] Patch
Yusuke Suzuki
Comment 5 2019-09-04 21:17:43 PDT
Comment on attachment 378038 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=378038&action=review > Source/JavaScriptCore/runtime/Lookup.h:367 > + thisObj.putDirect(vm, propertyName, constructor, static_cast<unsigned>(PropertyAttribute::DontEnum)); Oops, please check attribute. This doesn't matter since all LazyClassStructure property's attribute is now DontEnum, but it is possible that other properties will use LazyClassStructure in the future. So, can you use `value.attributes()` ?
Tadeu Zagallo
Comment 6 2019-09-05 10:55:39 PDT
Comment on attachment 378038 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=378038&action=review >> Source/JavaScriptCore/runtime/Lookup.h:367 >> + thisObj.putDirect(vm, propertyName, constructor, static_cast<unsigned>(PropertyAttribute::DontEnum)); > > Oops, please check attribute. This doesn't matter since all LazyClassStructure property's attribute is now DontEnum, but it is possible that other properties will use LazyClassStructure in the future. > So, can you use `value.attributes()` ? Oops, good catch, I'll fix it. Thanks!
Tadeu Zagallo
Comment 7 2019-09-05 11:00:31 PDT
Created attachment 378099 [details] Patch for landing
WebKit Commit Bot
Comment 8 2019-09-05 11:48:02 PDT
Comment on attachment 378099 [details] Patch for landing Clearing flags on attachment: 378099 Committed r249538: <https://trac.webkit.org/changeset/249538>
WebKit Commit Bot
Comment 9 2019-09-05 11:48:03 PDT
All reviewed patches have been landed. Closing bug.
Keith Miller
Comment 10 2019-10-02 07:57:03 PDT
*** Bug 202433 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.