| Index: src/runtime/runtime-object.cc
|
| diff --git a/src/runtime/runtime-object.cc b/src/runtime/runtime-object.cc
|
| index 1bf405a1d9a9bd4d533a354ee45252b972102bf9..956fee9e838f46214ed47b017e7a0a226efedf99 100644
|
| --- a/src/runtime/runtime-object.cc
|
| +++ b/src/runtime/runtime-object.cc
|
| @@ -92,13 +92,98 @@
|
| Object);
|
| }
|
|
|
| + if (object->IsJSProxy()) {
|
| + Handle<Object> name_object;
|
| + if (key->IsSymbol()) {
|
| + name_object = key;
|
| + } else {
|
| + ASSIGN_RETURN_ON_EXCEPTION(isolate, name_object,
|
| + Execution::ToString(isolate, key), Object);
|
| + }
|
| + Handle<Name> name = Handle<Name>::cast(name_object);
|
| + return Object::SetProperty(Handle<JSProxy>::cast(object), name, value,
|
| + language_mode);
|
| + }
|
| +
|
| // Check if the given key is an array index.
|
| uint32_t index = 0;
|
| if (key->ToArrayIndex(&index)) {
|
| - // TODO(verwaest): Support other objects as well.
|
| - if (!object->IsJSReceiver()) return value;
|
| - return JSReceiver::SetElement(Handle<JSReceiver>::cast(object), index,
|
| - value, language_mode);
|
| + // TODO(verwaest): Support non-JSObject receivers.
|
| + if (!object->IsJSObject()) return value;
|
| + Handle<JSObject> js_object = Handle<JSObject>::cast(object);
|
| +
|
| + // In Firefox/SpiderMonkey, Safari and Opera you can access the characters
|
| + // of a string using [] notation. We need to support this too in
|
| + // JavaScript.
|
| + // In the case of a String object we just need to redirect the assignment to
|
| + // the underlying string if the index is in range. Since the underlying
|
| + // string does nothing with the assignment then we can ignore such
|
| + // assignments.
|
| + if (js_object->IsStringObjectWithCharacterAt(index)) {
|
| + return value;
|
| + }
|
| +
|
| + JSObject::ValidateElements(js_object);
|
| + if (js_object->HasExternalArrayElements() ||
|
| + js_object->HasFixedTypedArrayElements()) {
|
| + if (!value->IsNumber() && !value->IsUndefined()) {
|
| + ASSIGN_RETURN_ON_EXCEPTION(isolate, value,
|
| + Execution::ToNumber(isolate, value), Object);
|
| + }
|
| + }
|
| +
|
| + MaybeHandle<Object> result =
|
| + JSObject::SetElement(js_object, index, value, language_mode);
|
| + JSObject::ValidateElements(js_object);
|
| +
|
| + return result.is_null() ? result : value;
|
| + }
|
| +
|
| + if (key->IsName()) {
|
| + Handle<Name> name = Handle<Name>::cast(key);
|
| + if (name->AsArrayIndex(&index)) {
|
| + // TODO(verwaest): Support non-JSObject receivers.
|
| + if (!object->IsJSObject()) return value;
|
| + Handle<JSObject> js_object = Handle<JSObject>::cast(object);
|
| + if (js_object->HasExternalArrayElements()) {
|
| + if (!value->IsNumber() && !value->IsUndefined()) {
|
| + ASSIGN_RETURN_ON_EXCEPTION(
|
| + isolate, value, Execution::ToNumber(isolate, value), Object);
|
| + }
|
| + }
|
| + return JSObject::SetElement(js_object, index, value, language_mode);
|
| + } else {
|
| + if (name->IsString()) name = String::Flatten(Handle<String>::cast(name));
|
| + return Object::SetProperty(object, name, value, language_mode);
|
| + }
|
| + }
|
| +
|
| + // Call-back into JavaScript to convert the key to a string.
|
| + Handle<Object> converted;
|
| + ASSIGN_RETURN_ON_EXCEPTION(isolate, converted,
|
| + Execution::ToString(isolate, key), Object);
|
| + Handle<String> name = Handle<String>::cast(converted);
|
| +
|
| + if (name->AsArrayIndex(&index)) {
|
| + // TODO(verwaest): Support non-JSObject receivers.
|
| + if (!object->IsJSObject()) return value;
|
| + Handle<JSObject> js_object = Handle<JSObject>::cast(object);
|
| + return JSObject::SetElement(js_object, index, value, language_mode);
|
| + }
|
| + return Object::SetProperty(object, name, value, language_mode);
|
| +}
|
| +
|
| +
|
| +MaybeHandle<Object> Runtime::DefineObjectProperty(Handle<JSObject> js_object,
|
| + Handle<Object> key,
|
| + Handle<Object> value,
|
| + PropertyAttributes attrs) {
|
| + Isolate* isolate = js_object->GetIsolate();
|
| + // Check if the given key is an array index.
|
| + uint32_t index = 0;
|
| + if (key->ToArrayIndex(&index)) {
|
| + return JSObject::SetOwnElementIgnoreAttributes(js_object, index, value,
|
| + attrs);
|
| }
|
|
|
| Handle<Name> name;
|
| @@ -113,12 +198,13 @@
|
| }
|
|
|
| if (name->AsArrayIndex(&index)) {
|
| - // TODO(verwaest): Support other objects as well.
|
| - if (!object->IsJSReceiver()) return value;
|
| - return JSReceiver::SetElement(Handle<JSReceiver>::cast(object), index,
|
| - value, language_mode);
|
| - }
|
| - return Object::SetProperty(object, name, value, language_mode);
|
| + return JSObject::SetOwnElementIgnoreAttributes(js_object, index, value,
|
| + attrs);
|
| + } else {
|
| + if (name->IsString()) name = String::Flatten(Handle<String>::cast(name));
|
| + return JSObject::SetOwnPropertyIgnoreAttributes(js_object, name, value,
|
| + attrs);
|
| + }
|
| }
|
|
|
|
|
| @@ -1269,27 +1355,23 @@
|
| RUNTIME_FUNCTION(Runtime_DefineDataPropertyUnchecked) {
|
| HandleScope scope(isolate);
|
| DCHECK(args.length() == 4);
|
| - CONVERT_ARG_HANDLE_CHECKED(JSObject, object, 0);
|
| + CONVERT_ARG_HANDLE_CHECKED(JSObject, js_object, 0);
|
| CONVERT_ARG_HANDLE_CHECKED(Name, name, 1);
|
| - CONVERT_ARG_HANDLE_CHECKED(Object, value, 2);
|
| + CONVERT_ARG_HANDLE_CHECKED(Object, obj_value, 2);
|
| CONVERT_PROPERTY_ATTRIBUTES_CHECKED(attrs, 3);
|
|
|
| - uint32_t index = 0;
|
| - LookupIterator::Configuration c = LookupIterator::OWN_SKIP_INTERCEPTOR;
|
| - LookupIterator it = name->AsArrayIndex(&index)
|
| - ? LookupIterator(isolate, object, index, c)
|
| - : LookupIterator(object, name, c);
|
| - if (it.state() == LookupIterator::ACCESS_CHECK && !it.HasAccess()) {
|
| - return isolate->heap()->undefined_value();
|
| + LookupIterator it(js_object, name, LookupIterator::OWN_SKIP_INTERCEPTOR);
|
| + if (it.IsFound() && it.state() == LookupIterator::ACCESS_CHECK) {
|
| + if (!isolate->MayAccess(js_object)) {
|
| + return isolate->heap()->undefined_value();
|
| + }
|
| + it.Next();
|
| }
|
|
|
| Handle<Object> result;
|
| - MaybeHandle<Object> maybe_result =
|
| - it.IsElement()
|
| - ? JSObject::SetOwnElementIgnoreAttributes(object, index, value, attrs)
|
| - : JSObject::SetOwnPropertyIgnoreAttributes(object, name, value,
|
| - attrs);
|
| - ASSIGN_RETURN_FAILURE_ON_EXCEPTION(isolate, result, maybe_result);
|
| + ASSIGN_RETURN_FAILURE_ON_EXCEPTION(
|
| + isolate, result,
|
| + Runtime::DefineObjectProperty(js_object, name, obj_value, attrs));
|
| return *result;
|
| }
|
|
|
| @@ -1299,8 +1381,8 @@
|
| HandleScope scope(isolate);
|
| DCHECK(args.length() == 2);
|
| CONVERT_ARG_HANDLE_CHECKED(JSReceiver, object, 0);
|
| - CONVERT_ARG_HANDLE_CHECKED(Name, name, 1);
|
| - return *JSReceiver::GetDataProperty(object, name);
|
| + CONVERT_ARG_HANDLE_CHECKED(Name, key, 1);
|
| + return *JSReceiver::GetDataProperty(object, key);
|
| }
|
|
|
|
|
|
|
Chromium Code Reviews
Issue 1181733002:
Revert of Replace SetObjectProperty / DefineObjectProperty with less powerful alternatives where relevant. (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@master