[Webkit-unassigned] [Bug 151113] calling super() a second time in a constructor should throw
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Apr 19 00:01:38 PDT 2016
https://bugs.webkit.org/show_bug.cgi?id=151113
--- Comment #40 from GSkachkov <gskachkov at gmail.com> ---
Comment on attachment 276498
--> https://bugs.webkit.org/attachment.cgi?id=276498
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=276498&action=review
Thanks for review
>> Source/JavaScriptCore/ChangeLog:14
>> + that is used to check if 'this' is empty.
>
> I think the phrasing of the changelog would be clearer as:
>
> Currently, our implementation checks if 'super()' was called in a constructor more than once and raises a RuntimeError before the second call. According to the spec we need to raise an error just after the second super() is finished and before the new 'this' is assigned https://esdiscuss.org/topic/duplicate-super-call-behaviour. To implement this behavior this patch adds a new op code, op_is_empty, that is used to check if 'this' is empty.
Yeah, fixed. English is not my mother tongue language. Thanks!
>> Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h:1097
>> + }
>
> I think this case is wrong. If the abstract interpreter has no information then child.m_type will be SpecNone (0) and this case will convert the IsEmpty check into a constant. I think a correct condition would be "child.m_type && !(child.m_type & ~SpecEmpty)".
Done
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160419/1d72edf3/attachment.html>
More information about the webkit-unassigned
mailing list