Fix accessor update of non-extensible maps.
When installing getter/setter of non-extensible map with existing setter/getter of the same name, we introduce a new transition (so we have two transitions with the same name!). This triggers an assertion in map updater. This fix carefully checks that on the back-pointer path from non-extensible map to the extensible map there are only integrity level transitions. Otherwise, we just bail out. Bug: chromium:932953 Change-Id: I02e91c3b652428a84a9f5c58b6691ea9b1fc44d6 Reviewed-on: https://chromium-review.googlesource.com/c/1477067Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Jaroslav Sevcik <jarin@chromium.org> Cr-Commit-Position: refs/heads/master@{#59667}
Showing
Please
register
or
sign in
to comment