review.tizen.org Git - platform/upstream/v8.git/commit

Fix stub-invoked setter callback handling.

When invoking a setter callback for a property using
JSObject::SetPropertyWithCallback(),the callback arguments includes
a correct pair of receiver and holder objects.

Such a pair of _possibly different_ arguments (receiver, holder) must
also be supplied when invoking the same setter callback from JITed
code, when the setter is invoked through the StoreCallbackProperty
stub.

An example where this matters are the accessor properties kept on the
global scope of Worker (i.e., properties kept on the global object
itself, and not on its prototype.) Conflating the receiver with the
holder leads to general confusion when attempting to fetch out the
wrapper object.

LOG=N
R=dcarney@chromium.org, dcarney
BUG=239669

Review URL: https://codereview.chromium.org/139263008

Patch from Sigbjorn Finne <sigbjornf@opera.com>.

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18658 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

author	dcarney@chromium.org <dcarney@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
	Fri, 17 Jan 2014 10:34:43 +0000 (10:34 +0000)
committer	dcarney@chromium.org <dcarney@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
	Fri, 17 Jan 2014 10:34:43 +0000 (10:34 +0000)
commit	7cee52948fc2ef0f9f5d0981dc9028b3f001b200
tree	e978e53f77f1bab69324ac5619ca107487555555	tree \| snapshot
parent	0575396a4cf1bed8ffe6727b447fc53f5bc60909	commit \| diff

src/arm/stub-cache-arm.cc		diff \| blob \| history
src/ia32/stub-cache-ia32.cc		diff \| blob \| history
src/mips/stub-cache-mips.cc		diff \| blob \| history
src/stub-cache.cc		diff \| blob \| history
src/x64/stub-cache-x64.cc		diff \| blob \| history
test/cctest/test-api.cc		diff \| blob \| history