Closed Bug 1608809 Opened 4 years ago Closed 4 years ago

Make super() throw after evaluating args

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla74

Tracking Flags:

Tracking

Status

firefox74

---

fixed

People

(Reporter: yulia, Assigned: anba)

Details

Attachments

(3 files)

Bug 1608809 - Part 1: Don't throw for non-constructors in JSOp::SuperFun. r=jandem! 4 years ago André Bargull [:anba] 47 bytes, text/x-phabricator-request		Details \| Review
Bug 1608809 - Part 2: Remove unnecessary rooting in JSOp::InitHomeObject interpreter implementation. r=jandem! 4 years ago André Bargull [:anba] 47 bytes, text/x-phabricator-request		Details \| Review
Bug 1608809 - Part 3: Remove lazy-proto code paths from JSOp::SuperBase implementations. r=jandem! 4 years ago André Bargull [:anba] 47 bytes, text/x-phabricator-request		Details \| Review

Yulia Startsev [:yulia]

Reporter

Description

•

4 years ago

As discussed at tc39:

https://github.com/tc39/notes/blob/master/meetings/2019-12/december-3.md#normative-make-super-throw-after-evaluating-args

Further details: https://github.com/tc39/ecma262/issues/1351

Extending null has a different behavior depending on if you use class syntax or setPrototypeOf.

we currently throw BEFORE evaluating args on super, we will need to throw AFTER evaluating args on super.

Yulia Startsev [:yulia]

Reporter

Updated

•

4 years ago

Priority: -- → P4

Yulia Startsev [:yulia]

Reporter

Updated

•

4 years ago

Priority: P4 → P3

André Bargull [:anba]

Assignee

Updated

•

4 years ago

Assignee: nobody → andrebargull

Status: NEW → ASSIGNED

André Bargull [:anba]

Assignee

Comment 1

•

4 years ago

Attached file Bug 1608809 - Part 1: Don't throw for non-constructors in JSOp::SuperFun. r=jandem! — Details

Modify JSOp::SuperFun to only retrieve the prototype without any further checks.

Drive-by change:
Take advantage that the object whose prototype gets retrieved is guaranteed to
be a JSFunction, so we neither have to worry about proxy objects nor lazy
prototypes.

André Bargull [:anba]

Assignee

Comment 2

•

4 years ago

Attached file Bug 1608809 - Part 2: Remove unnecessary rooting in JSOp::InitHomeObject interpreter implementation. r=jandem! — Details

Depends on D60677

André Bargull [:anba]

Assignee

Comment 3

•

4 years ago

Attached file Bug 1608809 - Part 3: Remove lazy-proto code paths from JSOp::SuperBase implementations. r=jandem! — Details

The [[HomeObject]] slot is guaranteed to either contain a JSFunction or a
PlainObject, so we can use safely use JSObject::staticPrototype() to retrieve
the prototype and can also remove the lazy-proto handling in the compilers.

Depends on D60678

Pulsebot

Comment 4

•

4 years ago

Pushed by apavel@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/c79dd9a939fd
Part 1: Don't throw for non-constructors in JSOp::SuperFun. r=jandem
https://hg.mozilla.org/integration/autoland/rev/dc2a6717541a
Part 2: Remove unnecessary rooting in JSOp::InitHomeObject interpreter implementation. r=jandem
https://hg.mozilla.org/integration/autoland/rev/b77cdd2e0b00
Part 3: Remove lazy-proto code paths from JSOp::SuperBase implementations. r=jandem

Alexandru Michis [:malexandru]

Comment 5

•

4 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/c79dd9a939fd
https://hg.mozilla.org/mozilla-central/rev/dc2a6717541a
https://hg.mozilla.org/mozilla-central/rev/b77cdd2e0b00

Status: ASSIGNED → RESOLVED

Closed: 4 years ago

status-firefox74: --- → fixed

Resolution: --- → FIXED

Target Milestone: --- → mozilla74

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Make super() throw after evaluating args

Categories

(Core :: JavaScript Engine, task, P3)

Tracking

()

People

(Reporter: yulia, Assigned: anba)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(3 files)

Description

Updated

Updated

Updated

Comment 1

Comment 2

Comment 3

Comment 4

Comment 5

Attachment

General

Description

File Name

Content Type