src/runtime.cc - Issue 6452004: Fix issues with using defineProperty on the global proxy object.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: src/runtime.cc

Issue 6452004: Fix issues with using defineProperty on the global proxy object. (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge

Patch Set: Address comments. Created 9 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: src/runtime.cc

diff --git a/src/runtime.cc b/src/runtime.cc

index 3e38d388d8c9607a6cb9f4b066129c5ea2f247fb..61944ac004eb1004e3165278f20511add9b12eb3 100644

--- a/src/runtime.cc

+++ b/src/runtime.cc

@@ -887,7 +887,7 @@ static MaybeObject* Runtime_PreventExtensions(Arguments args) {

static MaybeObject* Runtime_IsExtensible(Arguments args) {

ASSERT(args.length() == 1);

CONVERT_CHECKED(JSObject, obj, args[0]);

- return obj->map()->is_extensible() ? Heap::true_value()

+ return obj->map()->is_extensible() ? Heap::true_value()

: Heap::false_value();

}

@@ -3668,14 +3668,20 @@ static MaybeObject* Runtime_DefineOrRedefineDataProperty(Arguments args) {

if (((unchecked & (DONT_DELETE | DONT_ENUM | READ_ONLY)) != 0) &&

is_element) {

// Normalize the elements to enable attributes on the property.

- if (!js_object->IsJSGlobalProxy()) {

- NormalizeElements(js_object);

- }

+ if (js_object->IsJSGlobalProxy()) {

+ Handle<Object> proto(js_object->GetPrototype());

+ // If proxy is detached, ignore the assignment. Alternatively,

+ // we could throw an exception.

+ if (proto->IsNull()) return *obj_value;

+ js_object = Handle<JSObject>::cast(proto);

+ }

+ NormalizeElements(js_object);

Handle<NumberDictionary> dictionary(js_object->element_dictionary());

// Make sure that we never go back to fast case.

dictionary->set_requires_slow_elements();

PropertyDetails details = PropertyDetails(attr, NORMAL);

NumberDictionarySet(dictionary, index, obj_value, details);

+ return *obj_value;

}

LookupResult result;

@@ -3690,9 +3696,12 @@ static MaybeObject* Runtime_DefineOrRedefineDataProperty(Arguments args) {

if (result.IsProperty() &&

(attr != result.GetAttributes() || result.type() == CALLBACKS)) {

// New attributes - normalize to avoid writing to instance descriptor

- if (!js_object->IsJSGlobalProxy()) {

- NormalizeProperties(js_object, CLEAR_INOBJECT_PROPERTIES, 0);

+ if (js_object->IsJSGlobalProxy()) {

+ // Since the result is a property, the prototype will exist so

+ // we don't have to check for null.

+ js_object = Handle<JSObject>(JSObject::cast(js_object->GetPrototype()));

}

+ NormalizeProperties(js_object, CLEAR_INOBJECT_PROPERTIES, 0);

// Use IgnoreAttributes version since a readonly property may be

// overridden and SetProperty does not allow this.

return js_object->SetLocalPropertyIgnoreAttributes(*name,

« no previous file with comments | « no previous file | test/cctest/test-api.cc » ('j') | no next file with comments »