[webkit-reviews] review denied: [Bug 202599] InternalFunction::createSubclassStructure should use newTarget's globalObject : [Attachment 387394] Patch

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Jan 10 17:28:45 PST 2020


Yusuke Suzuki <ysuzuki at apple.com> has denied Alexey Shvayka
<shvaikalesh at gmail.com>'s request for review:
Bug 202599: InternalFunction::createSubclassStructure should use newTarget's
globalObject
https://bugs.webkit.org/show_bug.cgi?id=202599

Attachment 387394: Patch

https://bugs.webkit.org/attachment.cgi?id=387394&action=review




--- Comment #18 from Yusuke Suzuki <ysuzuki at apple.com> ---
Comment on attachment 387394
  --> https://bugs.webkit.org/attachment.cgi?id=387394
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=387394&action=review

Nice. But I think this patch is not covering DFG and FTL e.g.
operationCreatePromise in DFGOperations invoked by DFG::CreatePromise.

1. Add DFG / FTL handlings.
2. Can you clarify why JSGenerator / JSAsyncGenerator etc. are OK?
3. Why are Wasm constructors OK?
4. Why are Intl constructors OK?

> Source/JavaScriptCore/runtime/CommonSlowPaths.cpp:292
>      }

InternalFunction::createSubclassStructure is used for
`slow_path_create_generator`, `slow_path_create_async_generator` etc. Why are
they OK? Can you add clarification in ChangeLog?


More information about the webkit-reviews mailing list