Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(819)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/factory.cc

Issue 536943002: Never skip access checks when looking up properties (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge
Patch Set: Created 6 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « src/bootstrapper.cc ('k') | src/hydrogen.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 the V8 project authors. All rights reserved. 1 // Copyright 2014 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "src/factory.h" 5 #include "src/factory.h"
6 6
7 #include "src/allocation-site-scopes.h" 7 #include "src/allocation-site-scopes.h"
8 #include "src/base/bits.h" 8 #include "src/base/bits.h"
9 #include "src/conversions.h" 9 #include "src/conversions.h"
10 #include "src/isolate-inl.h" 10 #include "src/isolate-inl.h"
(...skipping 2164 matching lines...) Expand 10 before | Expand all | Expand 10 after
2175 if (obj->remove_prototype()) { 2175 if (obj->remove_prototype()) {
2176 DCHECK(result->shared()->IsApiFunction()); 2176 DCHECK(result->shared()->IsApiFunction());
2177 DCHECK(!result->has_initial_map()); 2177 DCHECK(!result->has_initial_map());
2178 DCHECK(!result->has_prototype()); 2178 DCHECK(!result->has_prototype());
2179 return result; 2179 return result;
2180 } 2180 }
2181 2181
2182 if (prototype->IsTheHole()) { 2182 if (prototype->IsTheHole()) {
2183 #ifdef DEBUG 2183 #ifdef DEBUG
2184 LookupIterator it(handle(JSObject::cast(result->prototype())), 2184 LookupIterator it(handle(JSObject::cast(result->prototype())),
2185 constructor_string(), LookupIterator::OWN_PROPERTY); 2185 constructor_string(),
2186 LookupIterator::OWN_SKIP_INTERCEPTOR);
2186 MaybeHandle<Object> maybe_prop = Object::GetProperty(&it); 2187 MaybeHandle<Object> maybe_prop = Object::GetProperty(&it);
2187 DCHECK(it.IsFound()); 2188 DCHECK(it.IsFound());
2188 DCHECK(maybe_prop.ToHandleChecked().is_identical_to(result)); 2189 DCHECK(maybe_prop.ToHandleChecked().is_identical_to(result));
2189 #endif 2190 #endif
2190 } else { 2191 } else {
2191 JSObject::AddProperty(handle(JSObject::cast(result->prototype())), 2192 JSObject::AddProperty(handle(JSObject::cast(result->prototype())),
2192 constructor_string(), result, DONT_ENUM); 2193 constructor_string(), result, DONT_ENUM);
2193 } 2194 }
2194 2195
2195 // Down from here is only valid for API functions that can be used as a 2196 // Down from here is only valid for API functions that can be used as a
(...skipping 191 matching lines...) Expand 10 before | Expand all | Expand 10 after
2387 return Handle<Object>::null(); 2388 return Handle<Object>::null();
2388 } 2389 }
2389 2390
2390 2391
2391 Handle<Object> Factory::ToBoolean(bool value) { 2392 Handle<Object> Factory::ToBoolean(bool value) {
2392 return value ? true_value() : false_value(); 2393 return value ? true_value() : false_value();
2393 } 2394 }
2394 2395
2395 2396
2396 } } // namespace v8::internal 2397 } } // namespace v8::internal
OLDNEW
« no previous file with comments | « src/bootstrapper.cc ('k') | src/hydrogen.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698