Bug 177070 - [JSC] Consider dropping JSObjectSetPrototype feature for JSGlobalObject
Summary: [JSC] Consider dropping JSObjectSetPrototype feature for JSGlobalObject
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Yusuke Suzuki
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2017-09-18 07:24 PDT by Yusuke Suzuki
Modified: 2017-09-27 12:24 PDT (History)
10 users (show)

See Also:

Attachments
Patch (4.05 KB, patch)
2017-09-18 11:53 PDT, Yusuke Suzuki 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Yusuke Suzuki 2017-09-18 07:24:57 PDT 
Now, JSGlobalObject is an immutable prototype exotic object. It means that we cannot change the [[Prototype]] of JSGlobalObject.
However, our JSC API allows us to change it specially.

What do you think of dropping this feature?
Comment 1 Geoffrey Garen 2017-09-18 10:57:59 PDT 
Seems OK to me, to match the spec.
Comment 2 Yusuke Suzuki 2017-09-18 11:53:52 PDT 
Created attachment 321118 [details]
Patch
Comment 3 Yusuke Suzuki 2017-09-18 11:59:01 PDT 
Comment on attachment 321118 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=321118&action=review

> Source/JavaScriptCore/ChangeLog:15
> +        edge cases.

While we do not allow users to change [[Prototype]] of the global object, our JS API has the way to set custom [[Prototype]] of global object by setting "prototype" of JSClassRef.
So I think it's ok even in terms of the ability of JSC APIs.
Comment 4 Saam Barati 2017-09-18 12:26:22 PDT 
Comment on attachment 321118 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=321118&action=review

>> Source/JavaScriptCore/ChangeLog:15
>> +        edge cases.
> 
> While we do not allow users to change [[Prototype]] of the global object, our JS API has the way to set custom [[Prototype]] of global object by setting "prototype" of JSClassRef.
> So I think it's ok even in terms of the ability of JSC APIs.

Can we now constant fold toThis on global object? Why doesn't this patch remove the JSGlobalObject::resetPrototype API?
Comment 5 Yusuke Suzuki 2017-09-18 12:29:21 PDT 
Comment on attachment 321118 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=321118&action=review

>>> Source/JavaScriptCore/ChangeLog:15
>>> +        edge cases.
>> 
>> While we do not allow users to change [[Prototype]] of the global object, our JS API has the way to set custom [[Prototype]] of global object by setting "prototype" of JSClassRef.
>> So I think it's ok even in terms of the ability of JSC APIs.
> 
> Can we now constant fold toThis on global object? Why doesn't this patch remove the JSGlobalObject::resetPrototype API?

Not yet. I'm now removing resetPrototype things to perform constant folding GlobalThis by ensuring that prototype is not changed after instantiation.
But resetPrototype still exists in the other places. This patch is a first step to remove it.
Comment 6 Yusuke Suzuki 2017-09-18 12:37:23 PDT 
Comment on attachment 321118 [details]
Patch

Thank you for your reviews!
Comment 7 WebKit Commit Bot 2017-09-18 13:06:37 PDT 
Comment on attachment 321118 [details]
Patch

Clearing flags on attachment: 321118

Committed r222175: <http://trac.webkit.org/changeset/222175>
Comment 8 WebKit Commit Bot 2017-09-18 13:06:39 PDT 
All reviewed patches have been landed.  Closing bug.
Comment 9 Radar WebKit Bug Importer 2017-09-27 12:24:57 PDT 
<rdar://problem/34693228>