Ignore:
Timestamp:
Mar 5, 2012, 5:18:42 PM (13 years ago)
Author:
[email protected]
Message:

putByIndex should throw in strict mode
https://bugs.webkit.org/show_bug.cgi?id=80335

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

We'll need to pass an additional parameter.

Part 1 - rename JSValue::put() for integer indices to JSValue::putByIndex()
to match the method in the MethodTable, make this take a parameter indicating
whether the put should throw. This fixes the cases where the base of the put
is a primitive.

  • dfg/DFGOperations.cpp:

(DFG):
(JSC::DFG::putByVal):
(JSC::DFG::operationPutByValInternal):

  • interpreter/Interpreter.cpp:

(JSC::Interpreter::execute):
(JSC::Interpreter::privateExecute):

  • jit/JITStubs.cpp:

(JSC::DEFINE_STUB_FUNCTION):

  • llint/LLIntSlowPaths.cpp:

(JSC::LLInt::LLINT_SLOW_PATH_DECL):

  • runtime/JSObject.h:

(JSC::JSValue::putByIndex):

  • runtime/JSValue.cpp:

(JSC):

  • runtime/JSValue.h:

(JSValue):

LayoutTests:

  • fast/js/primitive-property-access-edge-cases-expected.txt:
  • fast/js/script-tests/primitive-property-access-edge-cases.js:

(checkNumericGet.Object.defineProperty):
(checkNumericSet.Object.defineProperty):
(checkNumericGetStrict.Object.defineProperty):
(checkNumericSetStrict.Object.defineProperty):
(checkNumericRead):
(checkNumericWrite):
(checkNumericReadStrict):
(checkNumericWriteStrict):

  • Added test cases.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/Source/JavaScriptCore/jit/JITStubs.cpp

    r109705 r109824  
    25692569            }
    25702570
    2571             baseValue.put(callFrame, i, value);
     2571            baseValue.putByIndex(callFrame, i, value, callFrame->codeBlock()->isStrictMode());
    25722572        } else
    2573             baseValue.put(callFrame, i, value);
     2573            baseValue.putByIndex(callFrame, i, value, callFrame->codeBlock()->isStrictMode());
    25742574    } else {
    25752575        Identifier property(callFrame, subscript.toString(callFrame)->value(callFrame));
     
    26122612        if (!isJSByteArray(baseValue))
    26132613            ctiPatchCallByReturnAddress(callFrame->codeBlock(), STUB_RETURN_ADDRESS, FunctionPtr(cti_op_put_by_val));
    2614         baseValue.put(callFrame, i, value);
     2614        baseValue.putByIndex(callFrame, i, value, callFrame->codeBlock()->isStrictMode());
    26152615    } else {
    26162616        Identifier property(callFrame, subscript.toString(callFrame)->value(callFrame));
     
    34033403    unsigned property = stackFrame.args[1].int32();
    34043404
    3405     stackFrame.args[0].jsValue().put(callFrame, property, stackFrame.args[2].jsValue());
     3405    JSValue arrayValue = stackFrame.args[0].jsValue();
     3406    ASSERT(isJSArray(arrayValue));
     3407    asArray(arrayValue)->putDirectIndex(callFrame, property, stackFrame.args[2].jsValue(), false);
    34063408}
    34073409
Note: See TracChangeset for help on using the changeset viewer.