Chromium Code Reviews

Side by Side Diff: src/objects.cc

Issue 1821723004: Ensure CreateDataProperty works correctly on TypedArrays (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master
Patch Set: Created 4 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View unified diff |
« no previous file with comments | « no previous file | test/mjsunit/regress/regress-crbug-596394.js » ('j') | test/mjsunit/regress/regress-crbug-596394.js » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 the V8 project authors. All rights reserved. 1 // Copyright 2015 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "src/objects.h" 5 #include "src/objects.h"
6 6
7 #include <cmath> 7 #include <cmath>
8 #include <iomanip> 8 #include <iomanip>
9 #include <sstream> 9 #include <sstream>
10 10
(...skipping 6670 matching lines...)
6681 6681
6682 Maybe<bool> JSObject::CreateDataProperty(LookupIterator* it, 6682 Maybe<bool> JSObject::CreateDataProperty(LookupIterator* it,
6683 Handle<Object> value, 6683 Handle<Object> value,
6684 ShouldThrow should_throw) { 6684 ShouldThrow should_throw) {
6685 DCHECK(it->GetReceiver()->IsJSObject()); 6685 DCHECK(it->GetReceiver()->IsJSObject());
6686 MAYBE_RETURN(JSReceiver::GetPropertyAttributes(it), Nothing<bool>()); 6686 MAYBE_RETURN(JSReceiver::GetPropertyAttributes(it), Nothing<bool>());
6687 Handle<JSReceiver> receiver = Handle<JSReceiver>::cast(it->GetReceiver()); 6687 Handle<JSReceiver> receiver = Handle<JSReceiver>::cast(it->GetReceiver());
6688 Isolate* isolate = receiver->GetIsolate(); 6688 Isolate* isolate = receiver->GetIsolate();
6689 6689
6690 if (it->IsFound()) { 6690 if (it->IsFound()) {
6691 if (!it->IsConfigurable()) { 6691 if (it->state() == LookupIterator::INTEGER_INDEXED_EXOTIC ||
adamk 2016/03/21 21:44:01 Why is this needed? DefineOwnPropertyIgnoreAttribu
Dan Ehrenberg 2016/03/21 22:08:43 If there isn't a check here, then IsConfigurable()
Toon Verwaest 2016/03/31 15:08:03 IsConfigurable should not be exposed at all. You n
Dan Ehrenberg 2016/04/04 23:48:06 I guess all of those cases could actually come up
6692 !it->IsConfigurable()) {
6692 RETURN_FAILURE( 6693 RETURN_FAILURE(
6693 isolate, should_throw, 6694 isolate, should_throw,
6694 NewTypeError(MessageTemplate::kRedefineDisallowed, it->GetName())); 6695 NewTypeError(MessageTemplate::kRedefineDisallowed, it->GetName()));
6695 } 6696 }
6696 } else { 6697 } else {
6697 if (!JSObject::IsExtensible(Handle<JSObject>::cast(it->GetReceiver()))) { 6698 if (!JSObject::IsExtensible(Handle<JSObject>::cast(it->GetReceiver()))) {
6698 RETURN_FAILURE( 6699 RETURN_FAILURE(
6699 isolate, should_throw, 6700 isolate, should_throw,
6700 NewTypeError(MessageTemplate::kDefineDisallowed, it->GetName())); 6701 NewTypeError(MessageTemplate::kDefineDisallowed, it->GetName()));
6701 } 6702 }
(...skipping 13046 matching lines...)
19748 if (cell->value() != *new_value) { 19749 if (cell->value() != *new_value) {
19749 cell->set_value(*new_value); 19750 cell->set_value(*new_value);
19750 Isolate* isolate = cell->GetIsolate(); 19751 Isolate* isolate = cell->GetIsolate();
19751 cell->dependent_code()->DeoptimizeDependentCodeGroup( 19752 cell->dependent_code()->DeoptimizeDependentCodeGroup(
19752 isolate, DependentCode::kPropertyCellChangedGroup); 19753 isolate, DependentCode::kPropertyCellChangedGroup);
19753 } 19754 }
19754 } 19755 }
19755 19756
19756 } // namespace internal 19757 } // namespace internal
19757 } // namespace v8 19758 } // namespace v8
OLDNEW
« no previous file with comments | « no previous file | test/mjsunit/regress/regress-crbug-596394.js » ('j') | test/mjsunit/regress/regress-crbug-596394.js » ('J')

Powered by Google App Engine