Changeset 264991 in webkit


Ignore:
Timestamp:
Jul 28, 2020 9:38:36 AM (4 years ago)
Author:
mark.lam@apple.com
Message:

ASSERTION FAILED: isSymbol() in Source/JavaScriptCore/runtime/JSCell.cpp(188)
https://bugs.webkit.org/show_bug.cgi?id=214837

Reviewed by Darin Adler.

JSTests:

  • stress/jsc-shell-test-properties-should-not-be-enumerable.js: Added.

Source/JavaScriptCore:

The issue found by this bug was that jsc shell test properties were enumerable.
These properties are only meant for test development use. They will never be
present in a productized JavaScript environment.

This patch helps reduce the change of users of the jsc shell tripping up on these
test properties when enumerating the global object.

  • jsc.cpp:
Location:
trunk
Files:
1 added
3 edited

Legend:

Unmodified
Added
Removed

  • trunk/JSTests/ChangeLog

    r264980 r264991  
     12020-07-28  Mark Lam  <mark.lam@apple.com>
     2
     3        ASSERTION FAILED: isSymbol() in Source/JavaScriptCore/runtime/JSCell.cpp(188)
     4        https://bugs.webkit.org/show_bug.cgi?id=214837
     5
     6        Reviewed by Darin Adler.
     7
     8        * stress/jsc-shell-test-properties-should-not-be-enumerable.js: Added.
     9
    1102020-07-28  Caio Lima  <ticaiolima@gmail.com>
    211

  • trunk/Source/JavaScriptCore/ChangeLog

    r264988 r264991  
     12020-07-28  Mark Lam  <mark.lam@apple.com>
     2
     3        ASSERTION FAILED: isSymbol() in Source/JavaScriptCore/runtime/JSCell.cpp(188)
     4        https://bugs.webkit.org/show_bug.cgi?id=214837
     5
     6        Reviewed by Darin Adler.
     7
     8        The issue found by this bug was that jsc shell test properties were enumerable.
     9        These properties are only meant for test development use.  They will never be
     10        present in a productized JavaScript environment.
     11
     12        This patch helps reduce the change of users of the jsc shell tripping up on these
     13        test properties when enumerating the global object.
     14
     15        * jsc.cpp:
     16
    1172020-07-28  Yusuke Suzuki  <ysuzuki@apple.com>
    218

  • trunk/Source/JavaScriptCore/jsc.cpp

    r264617 r264991  
    475475    GlobalObject(VM&, Structure*);
    476476
     477    static constexpr unsigned DontEnum = 0 | PropertyAttribute::DontEnum;
     478
    477479    void finishCreation(VM& vm, const Vector<String>& arguments)
    478480    {
     
    522524#endif
    523525
    524         putDirectNativeFunction(vm, this, Identifier::fromString(vm, "OSRExit"), 0, functionUndefined1, OSRExitIntrinsic, static_cast<unsigned>(PropertyAttribute::DontEnum));
    525         putDirectNativeFunction(vm, this, Identifier::fromString(vm, "isFinalTier"), 0, functionFalse, IsFinalTierIntrinsic, static_cast<unsigned>(PropertyAttribute::DontEnum));
    526         putDirectNativeFunction(vm, this, Identifier::fromString(vm, "predictInt32"), 0, functionUndefined2, SetInt32HeapPredictionIntrinsic, static_cast<unsigned>(PropertyAttribute::DontEnum));
    527         putDirectNativeFunction(vm, this, Identifier::fromString(vm, "isInt32"), 0, functionIsInt32, CheckInt32Intrinsic, static_cast<unsigned>(PropertyAttribute::DontEnum));
    528         putDirectNativeFunction(vm, this, Identifier::fromString(vm, "isPureNaN"), 0, functionIsPureNaN, CheckInt32Intrinsic, static_cast<unsigned>(PropertyAttribute::DontEnum));
    529         putDirectNativeFunction(vm, this, Identifier::fromString(vm, "fiatInt52"), 0, functionIdentity, FiatInt52Intrinsic, static_cast<unsigned>(PropertyAttribute::DontEnum));
     526        putDirectNativeFunction(vm, this, Identifier::fromString(vm, "OSRExit"), 0, functionUndefined1, OSRExitIntrinsic, DontEnum);
     527        putDirectNativeFunction(vm, this, Identifier::fromString(vm, "isFinalTier"), 0, functionFalse, IsFinalTierIntrinsic, DontEnum);
     528        putDirectNativeFunction(vm, this, Identifier::fromString(vm, "predictInt32"), 0, functionUndefined2, SetInt32HeapPredictionIntrinsic, DontEnum);
     529        putDirectNativeFunction(vm, this, Identifier::fromString(vm, "isInt32"), 0, functionIsInt32, CheckInt32Intrinsic, DontEnum);
     530        putDirectNativeFunction(vm, this, Identifier::fromString(vm, "isPureNaN"), 0, functionIsPureNaN, CheckInt32Intrinsic, DontEnum);
     531        putDirectNativeFunction(vm, this, Identifier::fromString(vm, "fiatInt52"), 0, functionIdentity, FiatInt52Intrinsic, DontEnum);
    530532       
    531533        addFunction(vm, "effectful42", functionEffectful42, 0);
     
    583585            for (size_t i = 0; i < arguments.size(); ++i)
    584586                array->putDirectIndex(this, i, jsString(vm, arguments[i]));
    585             putDirect(vm, Identifier::fromString(vm, "arguments"), array);
    586         }
    587 
    588         putDirect(vm, Identifier::fromString(vm, "console"), jsUndefined());
     587            putDirect(vm, Identifier::fromString(vm, "arguments"), array, DontEnum);
     588        }
     589
     590        putDirect(vm, Identifier::fromString(vm, "console"), jsUndefined(), DontEnum);
    589591       
    590592        Structure* plainObjectStructure = JSFinalObject::createStructure(vm, this, objectPrototype(), 0);
    591593       
    592594        JSObject* dollar = JSFinalObject::create(vm, plainObjectStructure);
    593         putDirect(vm, Identifier::fromString(vm, "$"), dollar);
    594         putDirect(vm, Identifier::fromString(vm, "$262"), dollar);
     595        putDirect(vm, Identifier::fromString(vm, "$"), dollar, DontEnum);
     596        putDirect(vm, Identifier::fromString(vm, "$262"), dollar, DontEnum);
    595597       
    596598        addFunction(vm, dollar, "createRealm", functionDollarCreateRealm, 0);
     
    598600        addFunction(vm, dollar, "evalScript", functionDollarEvalScript, 1);
    599601       
    600         dollar->putDirect(vm, Identifier::fromString(vm, "global"), this);
     602        dollar->putDirect(vm, Identifier::fromString(vm, "global"), this, DontEnum);
    601603        dollar->putDirectCustomAccessor(vm, Identifier::fromString(vm, "IsHTMLDDA"),
    602604            CustomGetterSetter::create(vm, [](JSGlobalObject* globalObject, EncodedJSValue, PropertyName) {
     
    607609
    608610        JSObject* agent = JSFinalObject::create(vm, plainObjectStructure);
    609         dollar->putDirect(vm, Identifier::fromString(vm, "agent"), agent);
     611        dollar->putDirect(vm, Identifier::fromString(vm, "agent"), agent, DontEnum);
    610612       
    611613        // The test262 INTERPRETING.md document says that some of these functions are just in the main
     
    637639    {
    638640        Identifier identifier = Identifier::fromString(vm, name);
    639         object->putDirect(vm, identifier, JSFunction::create(vm, this, arguments, identifier.string(), function));
     641        object->putDirect(vm, identifier, JSFunction::create(vm, this, arguments, identifier.string(), function), DontEnum);
    640642    }
    641643
Note: See TracChangeset for help on using the changeset viewer.