projects / platform / upstream / v8.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: aa14020)
Avoid normalizing global proxy for fuzzing purposes.
authorverwaest@chromium.org <verwaest@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
Thu, 27 Feb 2014 16:27:22 +0000 (16:27 +0000)
committerverwaest@chromium.org <verwaest@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
Thu, 27 Feb 2014 16:27:22 +0000 (16:27 +0000)
R=danno@chromium.org

Review URL: https://codereview.chromium.org/183313002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19587 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

src/runtime.cc patch | blob | history

diff --git a/src/runtime.cc b/src/runtime.cc
index 306042f..532b97a 100644 (file)
--- a/src/runtime.cc
+++ b/src/runtime.cc
@@ -2478,7 +2478,7 @@ RUNTIME_FUNCTION(MaybeObject*,
   ASSERT(args.length() == 2);
   CONVERT_ARG_HANDLE_CHECKED(JSObject, object, 0);
   CONVERT_SMI_ARG_CHECKED(properties, 1);
-  if (object->HasFastProperties()) {
+  if (object->HasFastProperties() && !object->IsJSGlobalProxy()) {
     JSObject::NormalizeProperties(object, KEEP_INOBJECT_PROPERTIES, properties);
   }
   return *object;
Domain: Web Framework / Web Engine;