Title: [292009] trunk/Source/_javascript_Core
- Revision
- 292009
- Author
- mark....@apple.com
- Date
- 2022-03-28 16:48:31 -0700 (Mon, 28 Mar 2022)
Log Message
The lazy symbolObjectStructure should be realized before we allocate a SymbolObject.
https://bugs.webkit.org/show_bug.cgi?id=238474
<rdar://problem/90918765>
Reviewed by Yusuke Suzuki and Saam Barati.
We should not be allocating the symbolObjectStructure while in the middle of
initializing a SymbolObject.
* runtime/Symbol.cpp:
(JSC::Symbol::toObject const):
(JSC::SymbolObject::create): Deleted.
* runtime/SymbolObject.h:
Modified Paths
Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (292008 => 292009)
--- trunk/Source/_javascript_Core/ChangeLog 2022-03-28 23:31:02 UTC (rev 292008)
+++ trunk/Source/_javascript_Core/ChangeLog 2022-03-28 23:48:31 UTC (rev 292009)
@@ -1,3 +1,19 @@
+2022-03-28 Mark Lam <mark....@apple.com>
+
+ The lazy symbolObjectStructure should be realized before we allocate a SymbolObject.
+ https://bugs.webkit.org/show_bug.cgi?id=238474
+ <rdar://problem/90918765>
+
+ Reviewed by Yusuke Suzuki and Saam Barati.
+
+ We should not be allocating the symbolObjectStructure while in the middle of
+ initializing a SymbolObject.
+
+ * runtime/Symbol.cpp:
+ (JSC::Symbol::toObject const):
+ (JSC::SymbolObject::create): Deleted.
+ * runtime/SymbolObject.h:
+
2022-03-28 Chris Dumez <cdu...@apple.com>
Unreviewed, address post-landing review comment from Darin after r291972.
Modified: trunk/Source/_javascript_Core/runtime/Symbol.cpp (292008 => 292009)
--- trunk/Source/_javascript_Core/runtime/Symbol.cpp 2022-03-28 23:31:02 UTC (rev 292008)
+++ trunk/Source/_javascript_Core/runtime/Symbol.cpp 2022-03-28 23:48:31 UTC (rev 292009)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2012-2021 Apple Inc. All rights reserved.
+ * Copyright (C) 2012-2022 Apple Inc. All rights reserved.
* Copyright (C) 2015-2016 Yusuke Suzuki <utatane....@gmail.com>.
*
* Redistribution and use in source and binary forms, with or without
@@ -60,13 +60,6 @@
vm.symbolImplToSymbolMap.set(&m_privateName.uid(), this);
}
-inline SymbolObject* SymbolObject::create(VM& vm, JSGlobalObject* globalObject, Symbol* symbol)
-{
- SymbolObject* object = new (NotNull, allocateCell<SymbolObject>(vm)) SymbolObject(vm, globalObject->symbolObjectStructure());
- object->finishCreation(vm, symbol);
- return object;
-}
-
JSValue Symbol::toPrimitive(JSGlobalObject*, PreferredPrimitiveType) const
{
return const_cast<Symbol*>(this);
@@ -74,7 +67,7 @@
JSObject* Symbol::toObject(JSGlobalObject* globalObject) const
{
- return SymbolObject::create(globalObject->vm(), globalObject, const_cast<Symbol*>(this));
+ return SymbolObject::create(globalObject->vm(), globalObject->symbolObjectStructure(), const_cast<Symbol*>(this));
}
double Symbol::toNumber(JSGlobalObject* globalObject) const
Modified: trunk/Source/_javascript_Core/runtime/SymbolObject.h (292008 => 292009)
--- trunk/Source/_javascript_Core/runtime/SymbolObject.h 2022-03-28 23:31:02 UTC (rev 292008)
+++ trunk/Source/_javascript_Core/runtime/SymbolObject.h 2022-03-28 23:48:31 UTC (rev 292009)
@@ -49,7 +49,6 @@
object->finishCreation(vm, symbol);
return object;
}
- static SymbolObject* create(VM&, JSGlobalObject*, Symbol*);
DECLARE_EXPORT_INFO;
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes