diff options
author | Gaming4JC <g4jc@hyperbola.info> | 2019-07-13 23:20:19 -0400 |
---|---|---|
committer | Gaming4JC <g4jc@hyperbola.info> | 2019-07-18 22:38:43 -0400 |
commit | fe80b3d80d20241ff03338de4351d580796fd2c7 (patch) | |
tree | 169e4c59f59a972db0fd8d3d54780ec63406fae9 | |
parent | 7e510ee9b4dee7c2d15005baac89a2017f5673ef (diff) | |
download | UXP-fe80b3d80d20241ff03338de4351d580796fd2c7.tar UXP-fe80b3d80d20241ff03338de4351d580796fd2c7.tar.gz UXP-fe80b3d80d20241ff03338de4351d580796fd2c7.tar.lz UXP-fe80b3d80d20241ff03338de4351d580796fd2c7.tar.xz UXP-fe80b3d80d20241ff03338de4351d580796fd2c7.zip |
1357506 - Remove assert that constructorBox can only be set once when parsing classes.
Both asm.js and syntax parsing can abort and rewind parsing of an inner function.
The bookkeeping to make sure that a class's constructor FunctionBox is only set once is not worth it -- duplicate constructor definitions already throw an early error.
-rw-r--r-- | js/src/frontend/Parser.cpp | 17 | ||||
-rw-r--r-- | js/src/frontend/Parser.h | 21 | ||||
-rw-r--r-- | js/src/frontend/SharedContext.h | 1 | ||||
-rw-r--r-- | js/src/jit-test/tests/class/bug1357506.js | 8 |
4 files changed, 14 insertions, 33 deletions
diff --git a/js/src/frontend/Parser.cpp b/js/src/frontend/Parser.cpp index ec4a975e6..01ab3f64c 100644 --- a/js/src/frontend/Parser.cpp +++ b/js/src/frontend/Parser.cpp @@ -547,7 +547,7 @@ FunctionBox::initWithEnclosingParseContext(ParseContext* enclosing, FunctionSynt if (kind == ClassConstructor || kind == DerivedClassConstructor) { auto stmt = enclosing->findInnermostStatement<ParseContext::ClassStatement>(); MOZ_ASSERT(stmt); - stmt->setConstructorBox(this); + stmt->constructorBox = this; if (kind == DerivedClassConstructor) { setDerivedClassConstructor(); @@ -574,16 +574,6 @@ FunctionBox::initWithEnclosingParseContext(ParseContext* enclosing, FunctionSynt } void -FunctionBox::resetForAbortedSyntaxParse(ParseContext* enclosing, FunctionSyntaxKind kind) -{ - if (kind == ClassConstructor || kind == DerivedClassConstructor) { - auto stmt = enclosing->findInnermostStatement<ParseContext::ClassStatement>(); - MOZ_ASSERT(stmt); - stmt->clearConstructorBoxForAbortedSyntaxParse(this); - } -} - -void FunctionBox::initWithEnclosingScope(Scope* enclosingScope) { if (!function()->isArrow()) { @@ -3407,7 +3397,6 @@ Parser<FullParseHandler>::trySyntaxParseInnerFunction(ParseNode* pn, HandleFunct // correctness. parser->clearAbortedSyntaxParse(); usedNames.rewind(token); - funbox->resetForAbortedSyntaxParse(pc, kind); MOZ_ASSERT_IF(parser->context->isJSContext(), !parser->context->asJSContext()->isExceptionPending()); break; @@ -7078,7 +7067,7 @@ Parser<ParseHandler>::classDefinition(YieldHandling yieldHandling, errorAt(nameOffset, JSMSG_BAD_METHOD_DEF); return null(); } - if (classStmt.constructorBox()) { + if (classStmt.constructorBox) { errorAt(nameOffset, JSMSG_DUPLICATE_PROPERTY, "constructor"); return null(); } @@ -7125,7 +7114,7 @@ Parser<ParseHandler>::classDefinition(YieldHandling yieldHandling, // Amend the toStringEnd offset for the constructor now that we've // finished parsing the class. uint32_t classEndOffset = pos().end; - if (FunctionBox* ctorbox = classStmt.constructorBox()) { + if (FunctionBox* ctorbox = classStmt.constructorBox) { if (ctorbox->function()->isInterpretedLazy()) ctorbox->function()->lazyScript()->setToStringEnd(classEndOffset); ctorbox->toStringEnd = classEndOffset; diff --git a/js/src/frontend/Parser.h b/js/src/frontend/Parser.h index 65e46a65e..7866bc4fd 100644 --- a/js/src/frontend/Parser.h +++ b/js/src/frontend/Parser.h @@ -85,29 +85,14 @@ class ParseContext : public Nestable<ParseContext> } }; - class ClassStatement : public Statement + struct ClassStatement : public Statement { - FunctionBox* constructorBox_; + FunctionBox* constructorBox; - public: explicit ClassStatement(ParseContext* pc) : Statement(pc, StatementKind::Class), - constructorBox_(nullptr) + constructorBox(nullptr) { } - - void clearConstructorBoxForAbortedSyntaxParse(FunctionBox* funbox) { - MOZ_ASSERT(constructorBox_ == funbox); - constructorBox_ = nullptr; - } - - void setConstructorBox(FunctionBox* funbox) { - MOZ_ASSERT(!constructorBox_); - constructorBox_ = funbox; - } - - FunctionBox* constructorBox() const { - return constructorBox_; - } }; // The intra-function scope stack. diff --git a/js/src/frontend/SharedContext.h b/js/src/frontend/SharedContext.h index 3499a53fb..013444690 100644 --- a/js/src/frontend/SharedContext.h +++ b/js/src/frontend/SharedContext.h @@ -503,7 +503,6 @@ class FunctionBox : public ObjectBox, public SharedContext void initFromLazyFunction(); void initStandaloneFunction(Scope* enclosingScope); void initWithEnclosingParseContext(ParseContext* enclosing, FunctionSyntaxKind kind); - void resetForAbortedSyntaxParse(ParseContext* enclosing, FunctionSyntaxKind kind); ObjectBox* toObjectBox() override { return this; } JSFunction* function() const { return &object->as<JSFunction>(); } diff --git a/js/src/jit-test/tests/class/bug1357506.js b/js/src/jit-test/tests/class/bug1357506.js new file mode 100644 index 000000000..52a5643e6 --- /dev/null +++ b/js/src/jit-test/tests/class/bug1357506.js @@ -0,0 +1,8 @@ +// Test that constructors that abort due to asm.js do not assert due to the +// parser keeping track of the FunctionBox corresponding to the constructor. + +class a { + constructor() { + "use asm"; + } +} |