Commit 2e911778 authored by Michael Achenbach's avatar Michael Achenbach Committed by Commit Bot

[foozzie] Make stubbing-out typed arrays more robust

Fuzz tests could mess with some library methods used by stubs for
NaN-pattern problems in typed arrays. This change makes the stubs
more robust.

Bug: chromium:1197627
Change-Id: I84975f798d616fd5e82fd9ab84ad01fc35336a04
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2820968
Auto-Submit: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: 's avatarMaya Lekova <mslekova@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73896}
parent 89f42f92
......@@ -99,7 +99,11 @@ Object.defineProperty(
// Mock buffer access in float typed arrays because of varying NaN patterns.
(function() {
const origArrayFrom = Array.from;
const origArrayIsArray = Array.isArray;
const origFunctionPrototype = Function.prototype;
const origIsNaN = isNaN;
const origIterator = Symbol.iterator;
const deNaNify = function(value) { return origIsNaN(value) ? 1 : value; };
const mock = function(type) {
......@@ -117,17 +121,17 @@ Object.defineProperty(
construct: function(target, args) {
for (let i = 0; i < args.length; i++) {
if (args[i] != null &&
typeof args[i][Symbol.iterator] === 'function') {
typeof args[i][origIterator] === 'function') {
// Consume iterators.
args[i] = Array.from(args[i]);
args[i] = origArrayFrom(args[i]);
}
if (Array.isArray(args[i])) {
if (origArrayIsArray(args[i])) {
args[i] = args[i].map(deNaNify);
}
}
const obj = new (
Function.prototype.bind.call(type, null, ...args));
origFunctionPrototype.bind.call(type, null, ...args));
return new Proxy(obj, {
get: function(x, prop) {
if (typeof x[prop] == "function")
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment