Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1139)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 9460004: Fix redefining of attributes on aliased arguments. (Closed)

Created:
8 years, 10 months ago by Michael Starzinger
Modified:
8 years, 10 months ago
Reviewers:
rossberg
CC:
v8-dev
Visibility:
Public.

Description

Fix redefining of attributes on aliased arguments. This allows elements of the non-strict arguments object to be redefined with custom attributes and still maintain an alias into the context. Such a slow alias is maintained by placing a special marker into the dictionary backing store of the arguments object. R=rossberg@chromium.org BUG=v8:1772 TEST=test262,mjsunit/object-define-property Committed: https://code.google.com/p/v8/source/detail?r=10827

Patch Set 1 #

Total comments: 6

Patch Set 2 : Addressed comments by Andreas Rossberg. #

Unified diffs Side-by-side diffs Delta from patch set Stats (+138 lines, -40 lines) Patch
M include/v8.h View 1 chunk +1 line, -1 line 0 comments Download
M src/elements.cc View 1 chunk +14 lines, -4 lines 0 comments Download
M src/heap.h View 1 chunk +3 lines, -0 lines 0 comments Download
M src/heap.cc View 1 chunk +10 lines, -0 lines 0 comments Download
M src/objects.h View 1 3 chunks +36 lines, -1 line 0 comments Download
M src/objects.cc View 2 chunks +38 lines, -20 lines 0 comments Download
M src/objects-debug.cc View 1 chunk +5 lines, -0 lines 0 comments Download
M src/objects-inl.h View 1 chunk +3 lines, -0 lines 0 comments Download
M src/objects-printer.cc View 1 chunk +6 lines, -0 lines 0 comments Download
M test/mjsunit/object-define-property.js View 1 chunk +22 lines, -1 line 0 comments Download
M test/test262/test262.status View 1 chunk +0 lines, -13 lines 0 comments Download

Messages

Total messages: 2 (0 generated)
rossberg
lgtm https://chromiumcodereview.appspot.com/9460004/diff/1/include/v8.h File include/v8.h (right): https://chromiumcodereview.appspot.com/9460004/diff/1/include/v8.h#newcode3853 include/v8.h:3853: static const int kJSObjectType = 0xa9; I love ...
8 years, 10 months ago (2012-02-24 13:51:05 UTC) #1
Michael Starzinger
8 years, 10 months ago (2012-02-24 14:36:40 UTC) #2 
Added new patch set. Rebased. Landed.

https://chromiumcodereview.appspot.com/9460004/diff/1/include/v8.h
File include/v8.h (right):

https://chromiumcodereview.appspot.com/9460004/diff/1/include/v8.h#newcode3853
include/v8.h:3853: static const int kJSObjectType = 0xa9;
On 2012/02/24 13:51:05, rossberg wrote:
> I love this...

Me too ...

https://chromiumcodereview.appspot.com/9460004/diff/1/src/objects.h
File src/objects.h (right):

https://chromiumcodereview.appspot.com/9460004/diff/1/src/objects.h#newcode6440
src/objects.h:6440: class AliasedArgumentsEntry: public Struct {
On 2012/02/24 13:51:05, rossberg wrote:
> Maybe add a comment explaining the role of this type.

Done.

https://chromiumcodereview.appspot.com/9460004/diff/1/test/mjsunit/object-def...
File test/mjsunit/object-define-property.js (right):

https://chromiumcodereview.appspot.com/9460004/diff/1/test/mjsunit/object-def...
test/mjsunit/object-define-property.js:1077: })(0);
On 2012/02/24 13:51:05, rossberg wrote:
> You could have another test that checks that everything still works correctly
> when the arguments object escapes its owner function and is modified
elsewhere.

Done. As discussed offline, this is a white-box test for a code-path through our
implementation that is not covered by test262. Most other paths (including
manipulating the arguments object outside the function it was instantiated in)
are already covered by test262.

Powered by Google App Engine
This is Rietveld 408576698