Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/ic.cc

Issue 9443014: Fix redefinition of aliased elements in arguments. (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge
Patch Set: Addressed comments by Sven Panne. Created 8 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « src/api.cc ('k') | src/liveedit.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 // Redistribution and use in source and binary forms, with or without 2 // Redistribution and use in source and binary forms, with or without
3 // modification, are permitted provided that the following conditions are 3 // modification, are permitted provided that the following conditions are
4 // met: 4 // met:
5 // 5 //
6 // * Redistributions of source code must retain the above copyright 6 // * Redistributions of source code must retain the above copyright
7 // notice, this list of conditions and the following disclaimer. 7 // notice, this list of conditions and the following disclaimer.
8 // * Redistributions in binary form must reproduce the above 8 // * Redistributions in binary form must reproduce the above
9 // copyright notice, this list of conditions and the following 9 // copyright notice, this list of conditions and the following
10 // disclaimer in the documentation and/or other materials provided 10 // disclaimer in the documentation and/or other materials provided
(...skipping 1311 matching lines...) Expand 10 before | Expand all | Expand 10 after
1322 // TODO(1475): Must check prototype chains of object wrappers. 1322 // TODO(1475): Must check prototype chains of object wrappers.
1323 return *value; 1323 return *value;
1324 } 1324 }
1325 1325
1326 Handle<JSObject> receiver = Handle<JSObject>::cast(object); 1326 Handle<JSObject> receiver = Handle<JSObject>::cast(object);
1327 1327
1328 // Check if the given name is an array index. 1328 // Check if the given name is an array index.
1329 uint32_t index; 1329 uint32_t index;
1330 if (name->AsArrayIndex(&index)) { 1330 if (name->AsArrayIndex(&index)) {
1331 Handle<Object> result = 1331 Handle<Object> result =
1332 JSObject::SetElement(receiver, index, value, strict_mode); 1332 JSObject::SetElement(receiver, index, value, NONE, strict_mode);
1333 RETURN_IF_EMPTY_HANDLE(isolate(), result); 1333 RETURN_IF_EMPTY_HANDLE(isolate(), result);
1334 return *value; 1334 return *value;
1335 } 1335 }
1336 1336
1337 // Use specialized code for setting the length of arrays with fast 1337 // Use specialized code for setting the length of arrays with fast
1338 // properties. Slow properties might indicate redefinition of the 1338 // properties. Slow properties might indicate redefinition of the
1339 // length property. 1339 // length property.
1340 if (receiver->IsJSArray() && 1340 if (receiver->IsJSArray() &&
1341 name->Equals(isolate()->heap()->length_symbol()) && 1341 name->Equals(isolate()->heap()->length_symbol()) &&
1342 Handle<JSArray>::cast(receiver)->AllowsSetElementsLength() && 1342 Handle<JSArray>::cast(receiver)->AllowsSetElementsLength() &&
(...skipping 436 matching lines...) Expand 10 before | Expand all | Expand 10 after
1779 } 1779 }
1780 1780
1781 // Ignore stores where the receiver is not a JSObject. 1781 // Ignore stores where the receiver is not a JSObject.
1782 if (!object->IsJSObject()) return *value; 1782 if (!object->IsJSObject()) return *value;
1783 Handle<JSObject> receiver = Handle<JSObject>::cast(object); 1783 Handle<JSObject> receiver = Handle<JSObject>::cast(object);
1784 1784
1785 // Check if the given name is an array index. 1785 // Check if the given name is an array index.
1786 uint32_t index; 1786 uint32_t index;
1787 if (name->AsArrayIndex(&index)) { 1787 if (name->AsArrayIndex(&index)) {
1788 Handle<Object> result = 1788 Handle<Object> result =
1789 JSObject::SetElement(receiver, index, value, strict_mode); 1789 JSObject::SetElement(receiver, index, value, NONE, strict_mode);
1790 RETURN_IF_EMPTY_HANDLE(isolate(), result); 1790 RETURN_IF_EMPTY_HANDLE(isolate(), result);
1791 return *value; 1791 return *value;
1792 } 1792 }
1793 1793
1794 // Update inline cache and stub cache. 1794 // Update inline cache and stub cache.
1795 if (FLAG_use_ic && !receiver->IsJSGlobalProxy()) { 1795 if (FLAG_use_ic && !receiver->IsJSGlobalProxy()) {
1796 LookupResult lookup(isolate()); 1796 LookupResult lookup(isolate());
1797 if (LookupForWrite(receiver, name, &lookup)) { 1797 if (LookupForWrite(receiver, name, &lookup)) {
1798 UpdateCaches(&lookup, state, strict_mode, receiver, name, value); 1798 UpdateCaches(&lookup, state, strict_mode, receiver, name, value);
1799 } 1799 }
(...skipping 753 matching lines...) Expand 10 before | Expand all | Expand 10 after
2553 #undef ADDR 2553 #undef ADDR
2554 }; 2554 };
2555 2555
2556 2556
2557 Address IC::AddressFromUtilityId(IC::UtilityId id) { 2557 Address IC::AddressFromUtilityId(IC::UtilityId id) {
2558 return IC_utilities[id]; 2558 return IC_utilities[id];
2559 } 2559 }
2560 2560
2561 2561
2562 } } // namespace v8::internal 2562 } } // namespace v8::internal
OLDNEW
« no previous file with comments | « src/api.cc ('k') | src/liveedit.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698