[typedarrays] Check detached buffer at start of typed array methods

src/objects-inl.h

Index: src/objects-inl.h
diff --git a/src/objects-inl.h b/src/objects-inl.h
index 63abfbc6729cdf7d6232c58dcd4ece00c73edf0c..3e43b030f53d41a18037443d47b8ad43ba0ac8cd 100644
--- a/src/objects-inl.h
+++ b/src/objects-inl.h
@@ -6897,8 +6897,18 @@ MaybeHandle<JSTypedArray> JSTypedArray::Validate(Isolate* isolate,
     THROW_NEW_ERROR(isolate, NewTypeError(message), JSTypedArray);
   }
 
-  // TODO(caitp): throw if array.[[ViewedArrayBuffer]] is neutered (per v8:4648)
-  return Handle<JSTypedArray>::cast(receiver);
+  Handle<JSTypedArray> array = Handle<JSTypedArray>::cast(receiver);
+  if (V8_UNLIKELY(array->WasNeutered())) {
+    const MessageTemplate::Template message =
+        MessageTemplate::kDetachedOperation;
+    Handle<String> operation =
+        isolate->factory()->NewStringFromAsciiChecked(method_name);
+    THROW_NEW_ERROR(isolate, NewTypeError(message, operation), JSTypedArray);
+  }
+
+  // TODO(cwhan.tunz): spec describes to return `buffer`, but it may disrupt
+  // current implementations, and it's much useful to return array for now.

[Dan Ehrenberg, 2017/03/28 19:39:28]

Nit: I agree with your reasoning here; I think you can remove
"TODO(cwhan.tunz):" and just have this comment.

[Choongwoo Han, 2017/03/29 05:36:54]

Done.

+  return array;
 }
 
 #ifdef VERIFY_HEAP