wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 1148750, part 15 - Stop retaining getter and setter ops when redefining a data property. r=efaust.

Browse Source 
StandardDefineProperty already does this. In short, redefining a magical data property like array.length or an arguments element should make it nonmagical.

In fact, it is an engine invariant that Shapes have either both JSPROP_GETTER and JSPROP_SETTER or neither: they never have e.g. a setter object and a getter op. As of recently the GC depends on this. So this change is necessary for memory safety.
This commit is contained in:
Jason Orendorff 2015-04-03 12:58:50 -05:00
parent 4bfe6cdf2b
commit 9b268c792c
1 changed files with 0 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
js/src/vm/NativeObject.cpp
View File

@ -1460,12 +1460,6 @@ js::NativeDefineProperty(ExclusiveContext* cx, HandleNativeObject obj, HandleId
return false;
if (!desc.hasValue()) {
// We have been asked merely to update JSPROP_READONLY (and possibly
// JSPROP_CONFIGURABLE and/or JSPROP_ENUMERABLE, handled above).
// Take everything else from shape.
desc.setGetter(shape->getter());
desc.setSetter(shape->setter());
// Fill in desc.[[Value]].
desc.setValue(currentValue);
} else {