• Joyee Cheung's avatar
    [class] handle existing readonly properties in StoreOwnIC · 80bbbb14
    Joyee Cheung authored
    Previously, StoreOwnIC incorrectly reuses the [[Set]] semantics
    when initializing public literal class fields and object literals in
    certain cases (e.g. when there's no feedback).
    This was less of an issue for object literals, but with public class
    fields it's possible to define property attributes while the
    instance is still being initialized, or to encounter existing static
    "name" or "length" properties that should be readonly. This patch
    fixes it by
    
    1) Emitting code that calls into the slow stub when
       handling StoreOwnIC with existing read-only properties.
    2) Adding extra steps in StoreIC::Store to handle such stores
       properly with [[DefineOwnProperty]] semantics.
    
    Bug: v8:12421, v8:9888
    Change-Id: I6547320a1caba58c66ee1043cd3183a2de7cefef
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3300092Reviewed-by: 's avatarShu-yu Guo <syg@chromium.org>
    Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
    Commit-Queue: Joyee Cheung <joyee@igalia.com>
    Cr-Commit-Position: refs/heads/main@{#78659}
    80bbbb14
js-objects.h 51.1 KB