Diff
Modified: branches/safari-612.1.27.0-branch/JSTests/ChangeLog (281213 => 281214)
--- branches/safari-612.1.27.0-branch/JSTests/ChangeLog 2021-08-18 22:04:13 UTC (rev 281213)
+++ branches/safari-612.1.27.0-branch/JSTests/ChangeLog 2021-08-18 22:04:16 UTC (rev 281214)
@@ -1,47 +1,3 @@
-2021-08-18 Russell Epstein <repst...@apple.com>
-
- Cherry-pick r280463. rdar://problem/82088775
-
- definePropertyOnReceiver should check if receiver canPerformFastPutInline
- https://bugs.webkit.org/show_bug.cgi?id=227963
- <rdar://80259710>
-
- Reviewed by Alexey Shvayka.
-
- JSTests:
-
- * stress/reflect-set-custom-value.js: Added.
-
- Source/_javascript_Core:
-
- definePropertyOnReceiver has a fast path if the slot is not opaque and the receiver doesn't
- have a custom defineOwnProperty implementation, in which case it calls putInlineFast (and
- transitively putDirectInternal<PutModePut>). The issue is that putDirectInternal does not
- handle customValues correctly: it just overwrites the property without changing the attributes.
- To fix that, we should first check if the property might be a custom value, and if that's the case
- we now call `definePropertyOnReceiverSlow`, which has been updated to handle custom values correctly.
- I also added assertions to putInlineFastReplacingStaticPropertyIfNeeded and putDirectInternal
- to make sure we don't accidentally overwrite custom values in the future.
-
- * runtime/JSObject.cpp:
- (JSC::definePropertyOnReceiverSlow):
- (JSC::JSObject::definePropertyOnReceiver):
- (JSC::JSObject::putInlineFastReplacingStaticPropertyIfNeeded):
- * runtime/JSObjectInlines.h:
- (JSC::JSObject::putDirectInternal):
-
- git-svn-id: https://svn.webkit.org/repository/webkit/trunk@280463 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 2021-07-29 Tadeu Zagallo <tzaga...@apple.com>
-
- definePropertyOnReceiver should check if receiver canPerformFastPutInline
- https://bugs.webkit.org/show_bug.cgi?id=227963
- <rdar://80259710>
-
- Reviewed by Alexey Shvayka.
-
- * stress/reflect-set-custom-value.js: Added.
-
2021-08-02 Yusuke Suzuki <ysuz...@apple.com>
[JSC] Yarr BoyerMoore search should support character-class
Modified: branches/safari-612.1.27.0-branch/JSTests/stress/reflect-set-custom-value.js (281213 => 281214)
--- branches/safari-612.1.27.0-branch/JSTests/stress/reflect-set-custom-value.js 2021-08-18 22:04:13 UTC (rev 281213)
+++ branches/safari-612.1.27.0-branch/JSTests/stress/reflect-set-custom-value.js 2021-08-18 22:04:16 UTC (rev 281214)
@@ -1,3 +1,14 @@
-const testGetterSetter = $vm.createCustomTestGetterSetter();
-Reflect.set({}, 'customValue', 'foo', testGetterSetter);
-testGetterSetter.customValue = 42;
+{
+ // reified
+ const testGetterSetter = $vm.createCustomTestGetterSetter();
+ Reflect.set({}, 'customValue', 'foo', testGetterSetter);
+ testGetterSetter.customValue = 42;
+}
+
+{
+ // non-reified
+ let tester = $vm.createStaticCustomValue();
+ Reflect.set({}, "testStaticValueSetFlag", 'foo', tester);
+ if (!tester.testStaticValueSetterCalled)
+ throw new Error('Custom value overriden');
+}
Modified: branches/safari-612.1.27.0-branch/Source/_javascript_Core/ChangeLog (281213 => 281214)
--- branches/safari-612.1.27.0-branch/Source/_javascript_Core/ChangeLog 2021-08-18 22:04:13 UTC (rev 281213)
+++ branches/safari-612.1.27.0-branch/Source/_javascript_Core/ChangeLog 2021-08-18 22:04:16 UTC (rev 281214)
@@ -1,63 +1,5 @@
2021-08-18 Russell Epstein <repst...@apple.com>
- Cherry-pick r280463. rdar://problem/82088775
-
- definePropertyOnReceiver should check if receiver canPerformFastPutInline
- https://bugs.webkit.org/show_bug.cgi?id=227963
- <rdar://80259710>
-
- Reviewed by Alexey Shvayka.
-
- JSTests:
-
- * stress/reflect-set-custom-value.js: Added.
-
- Source/_javascript_Core:
-
- definePropertyOnReceiver has a fast path if the slot is not opaque and the receiver doesn't
- have a custom defineOwnProperty implementation, in which case it calls putInlineFast (and
- transitively putDirectInternal<PutModePut>). The issue is that putDirectInternal does not
- handle customValues correctly: it just overwrites the property without changing the attributes.
- To fix that, we should first check if the property might be a custom value, and if that's the case
- we now call `definePropertyOnReceiverSlow`, which has been updated to handle custom values correctly.
- I also added assertions to putInlineFastReplacingStaticPropertyIfNeeded and putDirectInternal
- to make sure we don't accidentally overwrite custom values in the future.
-
- * runtime/JSObject.cpp:
- (JSC::definePropertyOnReceiverSlow):
- (JSC::JSObject::definePropertyOnReceiver):
- (JSC::JSObject::putInlineFastReplacingStaticPropertyIfNeeded):
- * runtime/JSObjectInlines.h:
- (JSC::JSObject::putDirectInternal):
-
- git-svn-id: https://svn.webkit.org/repository/webkit/trunk@280463 268f45cc-cd09-0410-ab3c-d52691b4dbfc
-
- 2021-07-29 Tadeu Zagallo <tzaga...@apple.com>
-
- definePropertyOnReceiver should check if receiver canPerformFastPutInline
- https://bugs.webkit.org/show_bug.cgi?id=227963
- <rdar://80259710>
-
- Reviewed by Alexey Shvayka.
-
- definePropertyOnReceiver has a fast path if the slot is not opaque and the receiver doesn't
- have a custom defineOwnProperty implementation, in which case it calls putInlineFast (and
- transitively putDirectInternal<PutModePut>). The issue is that putDirectInternal does not
- handle customValues correctly: it just overwrites the property without changing the attributes.
- To fix that, we should first check if the property might be a custom value, and if that's the case
- we now call `definePropertyOnReceiverSlow`, which has been updated to handle custom values correctly.
- I also added assertions to putInlineFastReplacingStaticPropertyIfNeeded and putDirectInternal
- to make sure we don't accidentally overwrite custom values in the future.
-
- * runtime/JSObject.cpp:
- (JSC::definePropertyOnReceiverSlow):
- (JSC::JSObject::definePropertyOnReceiver):
- (JSC::JSObject::putInlineFastReplacingStaticPropertyIfNeeded):
- * runtime/JSObjectInlines.h:
- (JSC::JSObject::putDirectInternal):
-
-2021-08-18 Russell Epstein <repst...@apple.com>
-
Cherry-pick r281178. rdar://problem/82083485
Add an option for canonicalizePrePostIncrements
Modified: branches/safari-612.1.27.0-branch/Source/_javascript_Core/runtime/JSObject.cpp (281213 => 281214)
--- branches/safari-612.1.27.0-branch/Source/_javascript_Core/runtime/JSObject.cpp 2021-08-18 22:04:13 UTC (rev 281213)
+++ branches/safari-612.1.27.0-branch/Source/_javascript_Core/runtime/JSObject.cpp 2021-08-18 22:04:16 UTC (rev 281214)
@@ -942,8 +942,7 @@
RELEASE_AND_RETURN(scope, customSetter(structure->globalObject(), JSValue::encode(this), JSValue::encode(value), propertyName));
}
// Avoid PutModePut because it fails for non-extensible structures.
- ASSERT(!(entry->value->attributes() & PropertyAttribute::CustomValue));
- putDirect(vm, propertyName, value, attributesForStructure(entry->value->attributes()), slot);
+ putDirect(vm, propertyName, value, attributesForStructure(entry->value->attributes()) & ~PropertyAttribute::CustomValue, slot);
return true;
}
}
