Bug 247427
| Summary: | Setting [[Prototype]] of global object in JSC shell should not throw `TypeError` | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Kanguk Lee <p51lee> |
| Component: | JavaScriptCore | Assignee: | Nobody <webkit-unassigned> |
| Status: | NEW | ||
| Severity: | Normal | CC: | ashvayka, mark.lam, webkit-bug-importer, ysuzuki |
| Priority: | P2 | Keywords: | InRadar |
| Version: | WebKit Local Build | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
Kanguk Lee
// input.js
Object . setPrototypeOf ( this , { } ) ;
__________________________________________
Hello,
Executing the input.js using JSC throws TypeError, but it is expected to terminate normally.
Running the input.js with JSC gives
---
$ jsc input.js
Exception: TypeError: Cannot set prototype of immutable prototype object
setPrototypeOf@[native code]
global code@input.js:1:24
---
while other engines behave like
---
# V8
$ node input.js
// no error
# GraalJS
$ js input.js
// no error
---
WebKit version: 615.1.10
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Radar WebKit Bug Importer
<rdar://problem/101940462>
Alexey Shvayka
Great catch, thank you!
Indeed the ECMA-262 doesn't require global object to have immutable prototype; it's the WebIDL spec which makes global objects' [[Prototype]] slots immutable: https://webidl.spec.whatwg.org/#platform-object-setprototypeof. That shouldn't affect the JSC shell of course.
When fixing that we need to ensure that scope resolution is sane when `globalThis.__proto__` is modified, which might get a little tricky.
Yusuke Suzuki
I wonder if we should fix this. Since DOM window is super more common in various places, should we just keep our behavior aligned to DOM window?
Alexey Shvayka
(In reply to Yusuke Suzuki from comment #3)
> I wonder if we should fix this. Since DOM window is super more common in
> various places, should we just keep our behavior aligned to DOM window?
I would say we should fix this (not prioritize of course) just for the spec purity and non-browser environments like Bun, which claims to be functionally-equivalent to Node.js.