Add assertions that Object::SetPrototype doesn't throw

It's used when setting up the context snapshot for blink, so we want to be sure that it doesn't execute script. Bug: chromium:728583 Change-Id: I46507e18d178e6473dd10348a9f253016a9178b7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2807615Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Jochen Eisinger <jochen@chromium.org> Cr-Commit-Position: refs/heads/master@{#73920}

Add assertions that Object::SetPrototype doesn't throw
It's used when setting up the context snapshot for blink, so we want to be sure that it doesn't execute script. Bug: chromium:728583 Change-Id: I46507e18d178e6473dd10348a9f253016a9178b7 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2807615Reviewed-by: Camillo Bruni <cbruni@chromium.org> Commit-Queue: Jochen Eisinger <jochen@chromium.org> Cr-Commit-Position: refs/heads/master@{#73920}
eacdf599 · Jochen Eisinger · Commit Bot · 6ec52d90 · eacdf599
Commit eacdf599 authored Apr 12, 2021 by Jochen Eisinger Committed by Commit Bot Apr 12, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 19 additions and 9 deletions

api.cc src/api/api.cc +19 -9

No files found.
--- a/src/api/api.cc
+++ b/src/api/api.cc
@@ -4348,17 +4348,27 @@ Local<Value> v8::Object::GetPrototype() {
 Maybe<bool> v8::Object::SetPrototype(Local<Context> context,
                                     Local<Value> value) {
  auto isolate = reinterpret_cast<i::Isolate*>(context->GetIsolate());
-  ENTER_V8(isolate, context, Object, SetPrototype, Nothing<bool>(),
-           i::HandleScope);
  auto self = Utils::OpenHandle(this);
  auto value_obj = Utils::OpenHandle(*value);
-  // We do not allow exceptions thrown while setting the prototype
-  // to propagate outside.
-  TryCatch try_catch(reinterpret_cast<v8::Isolate*>(isolate));
-  auto result =
-      i::JSReceiver::SetPrototype(self, value_obj, false, i::kThrowOnError);
-  has_pending_exception = result.IsNothing();
-  RETURN_ON_FAILED_EXECUTION_PRIMITIVE(bool);
+  if (self->IsJSProxy()) {
+    ENTER_V8(isolate, context, Object, SetPrototype, Nothing<bool>(),
+             i::HandleScope);
+    // We do not allow exceptions thrown while setting the prototype
+    // to propagate outside.
+    TryCatch try_catch(reinterpret_cast<v8::Isolate*>(isolate));
+    auto result = i::JSProxy::SetPrototype(i::Handle<i::JSProxy>::cast(self),
+                                           value_obj, false, i::kThrowOnError);
+    has_pending_exception = result.IsNothing();
+    RETURN_ON_FAILED_EXECUTION_PRIMITIVE(bool);
+  } else {
+    ENTER_V8_NO_SCRIPT_NO_EXCEPTION(isolate);
+    auto result = i::JSObject::SetPrototype(i::Handle<i::JSObject>::cast(self),
+                                            value_obj, false, i::kThrowOnError);
+    if (result.IsNothing()) {
+      isolate->clear_pending_exception();
+      return Nothing<bool>();
+    }
+  }
  return Just(true);
 }