Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing coverage: Resizable / Growable (Shared)ArrayBuffers: Object.defineProperty, Object.defineProperties, probably others #3440

Open
marjakh opened this issue Mar 23, 2022 · 0 comments
Open

Missing coverage: Resizable / Growable (Shared)ArrayBuffers: Object.defineProperty, Object.defineProperties, probably others #3440

marjakh opened this issue Mar 23, 2022 · 0 comments

Comments

@marjakh
Copy link
Contributor

marjakh commented Mar 23, 2022
edited
Loading

There was a bug in V8 where I hadn't modified Object.defineProperty / Object.defineProperties to deal with RAB / GSAB.

The repro is very simple:

const gsab = new SharedArrayBuffer(1024, {maxByteLength: 11337});
const ta = new Float64Array(gsab);
Object.defineProperty(ta, 0, {});

Unfortunately, test262 didn't catch this, because it's not passing resizable / growable (Shared)ArrayBuffers to Object.defineProperty.

-> Would be great to have tests for this, and basically, all other places which need to handle RAB / GSABs.

A hand-wavy way to identify such places might be to see which places do something special with the "length" property of an object. Possibly via IsValidIntegerIndex.

cc @syg @sarahghp
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@marjakh