| OLD | NEW |
|---|
| 1 // Copyright 2012 the V8 project authors. All rights reserved. | 1 // Copyright 2012 the V8 project authors. All rights reserved. |
| 2 // Redistribution and use in source and binary forms, with or without | 2 // Redistribution and use in source and binary forms, with or without |
| 3 // modification, are permitted provided that the following conditions are | 3 // modification, are permitted provided that the following conditions are |
| 4 // met: | 4 // met: |
| 5 // | 5 // |
| 6 // * Redistributions of source code must retain the above copyright | 6 // * Redistributions of source code must retain the above copyright |
| 7 // notice, this list of conditions and the following disclaimer. | 7 // notice, this list of conditions and the following disclaimer. |
| 8 // * Redistributions in binary form must reproduce the above | 8 // * Redistributions in binary form must reproduce the above |
| 9 // copyright notice, this list of conditions and the following | 9 // copyright notice, this list of conditions and the following |
| 10 // disclaimer in the documentation and/or other materials provided | 10 // disclaimer in the documentation and/or other materials provided |
| (...skipping 1016 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1027 static AccessCheckResult CheckPropertyAccess( | 1027 static AccessCheckResult CheckPropertyAccess( |
| 1028 JSObject* obj, | 1028 JSObject* obj, |
| 1029 String* name, | 1029 String* name, |
| 1030 v8::AccessType access_type) { | 1030 v8::AccessType access_type) { |
| 1031 uint32_t index; | 1031 uint32_t index; |
| 1032 if (name->AsArrayIndex(&index)) { | 1032 if (name->AsArrayIndex(&index)) { |
| 1033 return CheckElementAccess(obj, index, access_type); | 1033 return CheckElementAccess(obj, index, access_type); |
| 1034 } | 1034 } |
| 1035 | 1035 |
| 1036 LookupResult lookup(obj->GetIsolate()); | 1036 LookupResult lookup(obj->GetIsolate()); |
| 1037 obj->LocalLookup(name, &lookup); | 1037 obj->LocalLookup(name, &lookup, true); |
| 1038 | 1038 |
| 1039 if (!lookup.IsProperty()) return ACCESS_ABSENT; | 1039 if (!lookup.IsProperty()) return ACCESS_ABSENT; |
| 1040 if (CheckGenericAccess<Object*>( | 1040 if (CheckGenericAccess<Object*>( |
| 1041 obj, lookup.holder(), name, access_type, &Isolate::MayNamedAccess)) { | 1041 obj, lookup.holder(), name, access_type, &Isolate::MayNamedAccess)) { |
| 1042 return ACCESS_ALLOWED; | 1042 return ACCESS_ALLOWED; |
| 1043 } | 1043 } |
| 1044 | 1044 |
| 1045 // Access check callback denied the access, but some properties | 1045 // Access check callback denied the access, but some properties |
| 1046 // can have a special permissions which override callbacks descision | 1046 // can have a special permissions which override callbacks descision |
| 1047 // (currently see v8::AccessControl). | 1047 // (currently see v8::AccessControl). |
| (...skipping 235 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1283 bool is_function = value->IsSharedFunctionInfo(); | 1283 bool is_function = value->IsSharedFunctionInfo(); |
| 1284 bool is_module = value->IsJSModule(); | 1284 bool is_module = value->IsJSModule(); |
| 1285 ASSERT(is_var + is_const + is_function + is_module == 1); | 1285 ASSERT(is_var + is_const + is_function + is_module == 1); |
| 1286 | 1286 |
| 1287 if (is_var || is_const) { | 1287 if (is_var || is_const) { |
| 1288 // Lookup the property in the global object, and don't set the | 1288 // Lookup the property in the global object, and don't set the |
| 1289 // value of the variable if the property is already there. | 1289 // value of the variable if the property is already there. |
| 1290 // Do the lookup locally only, see ES5 erratum. | 1290 // Do the lookup locally only, see ES5 erratum. |
| 1291 LookupResult lookup(isolate); | 1291 LookupResult lookup(isolate); |
| 1292 if (FLAG_es52_globals) { | 1292 if (FLAG_es52_globals) { |
| 1293 Object* obj = *global; | 1293 global->LocalLookup(*name, &lookup, true); |
| 1294 do { | |
| 1295 JSObject::cast(obj)->LocalLookup(*name, &lookup); | |
| 1296 if (lookup.IsFound()) break; | |
| 1297 obj = obj->GetPrototype(); | |
| 1298 } while (obj->IsJSObject() && | |
| 1299 JSObject::cast(obj)->map()->is_hidden_prototype()); | |
| 1300 } else { | 1294 } else { |
| 1301 global->Lookup(*name, &lookup); | 1295 global->Lookup(*name, &lookup); |
| 1302 } | 1296 } |
| 1303 if (lookup.IsFound()) { | 1297 if (lookup.IsFound()) { |
| 1304 // We found an existing property. Unless it was an interceptor | 1298 // We found an existing property. Unless it was an interceptor |
| 1305 // that claims the property is absent, skip this declaration. | 1299 // that claims the property is absent, skip this declaration. |
| 1306 if (!lookup.IsInterceptor()) continue; | 1300 if (!lookup.IsInterceptor()) continue; |
| 1307 PropertyAttributes attributes = global->GetPropertyAttribute(*name); | 1301 PropertyAttributes attributes = global->GetPropertyAttribute(*name); |
| 1308 if (attributes != ABSENT) continue; | 1302 if (attributes != ABSENT) continue; |
| 1309 // Fall-through and introduce the absent property by using | 1303 // Fall-through and introduce the absent property by using |
| 1310 // SetProperty. | 1304 // SetProperty. |
| 1311 } | 1305 } |
| 1312 } else if (is_function) { | 1306 } else if (is_function) { |
| 1313 // Copy the function and update its context. Use it as value. | 1307 // Copy the function and update its context. Use it as value. |
| 1314 Handle<SharedFunctionInfo> shared = | 1308 Handle<SharedFunctionInfo> shared = |
| 1315 Handle<SharedFunctionInfo>::cast(value); | 1309 Handle<SharedFunctionInfo>::cast(value); |
| 1316 Handle<JSFunction> function = | 1310 Handle<JSFunction> function = |
| 1317 isolate->factory()->NewFunctionFromSharedFunctionInfo( | 1311 isolate->factory()->NewFunctionFromSharedFunctionInfo( |
| 1318 shared, context, TENURED); | 1312 shared, context, TENURED); |
| 1319 value = function; | 1313 value = function; |
| 1320 } | 1314 } |
| 1321 | 1315 |
| 1322 LookupResult lookup(isolate); | 1316 LookupResult lookup(isolate); |
| 1323 global->LocalLookup(*name, &lookup); | 1317 global->LocalLookup(*name, &lookup, true); |
| 1324 | 1318 |
| 1325 // Compute the property attributes. According to ECMA-262, | 1319 // Compute the property attributes. According to ECMA-262, |
| 1326 // the property must be non-configurable except in eval. | 1320 // the property must be non-configurable except in eval. |
| 1327 int attr = NONE; | 1321 int attr = NONE; |
| 1328 bool is_eval = DeclareGlobalsEvalFlag::decode(flags); | 1322 bool is_eval = DeclareGlobalsEvalFlag::decode(flags); |
| 1329 if (!is_eval || is_module) { | 1323 if (!is_eval || is_module) { |
| 1330 attr |= DONT_DELETE; | 1324 attr |= DONT_DELETE; |
| 1331 } | 1325 } |
| 1332 bool is_native = DeclareGlobalsNativeFlag::decode(flags); | 1326 bool is_native = DeclareGlobalsNativeFlag::decode(flags); |
| 1333 if (is_const || is_module || (is_native && is_function)) { | 1327 if (is_const || is_module || (is_native && is_function)) { |
| (...skipping 158 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1492 | 1486 |
| 1493 // Lookup the property locally in the global object. If it isn't | 1487 // Lookup the property locally in the global object. If it isn't |
| 1494 // there, there is a property with this name in the prototype chain. | 1488 // there, there is a property with this name in the prototype chain. |
| 1495 // We follow Safari and Firefox behavior and only set the property | 1489 // We follow Safari and Firefox behavior and only set the property |
| 1496 // locally if there is an explicit initialization value that we have | 1490 // locally if there is an explicit initialization value that we have |
| 1497 // to assign to the property. | 1491 // to assign to the property. |
| 1498 // Note that objects can have hidden prototypes, so we need to traverse | 1492 // Note that objects can have hidden prototypes, so we need to traverse |
| 1499 // the whole chain of hidden prototypes to do a 'local' lookup. | 1493 // the whole chain of hidden prototypes to do a 'local' lookup. |
| 1500 Object* object = global; | 1494 Object* object = global; |
| 1501 LookupResult lookup(isolate); | 1495 LookupResult lookup(isolate); |
| 1502 while (object->IsJSObject() && | 1496 JSObject::cast(object)->LocalLookup(*name, &lookup, true); |
| 1503 JSObject::cast(object)->map()->is_hidden_prototype()) { | 1497 if (lookup.IsInterceptor()) { |
| 1504 JSObject* raw_holder = JSObject::cast(object); | 1498 HandleScope handle_scope(isolate); |
| 1505 raw_holder->LocalLookup(*name, &lookup); | 1499 PropertyAttributes intercepted = |
| 1506 if (lookup.IsInterceptor()) { | 1500 lookup.holder()->GetPropertyAttribute(*name); |
| 1507 HandleScope handle_scope(isolate); | 1501 if (intercepted != ABSENT && (intercepted & READ_ONLY) == 0) { |
| 1508 Handle<JSObject> holder(raw_holder); | 1502 // Found an interceptor that's not read only. |
| 1509 PropertyAttributes intercepted = holder->GetPropertyAttribute(*name); | 1503 if (assign) { |
| 1510 // Update the raw pointer in case it's changed due to GC. | 1504 return lookup.holder()->SetProperty( |
| 1511 raw_holder = *holder; | 1505 &lookup, *name, args[2], attributes, strict_mode_flag); |
| 1512 if (intercepted != ABSENT && (intercepted & READ_ONLY) == 0) { | 1506 } else { |
| 1513 // Found an interceptor that's not read only. | 1507 return isolate->heap()->undefined_value(); |
| 1514 if (assign) { | |
| 1515 return raw_holder->SetProperty( | |
| 1516 &lookup, *name, args[2], attributes, strict_mode_flag); | |
| 1517 } else { | |
| 1518 return isolate->heap()->undefined_value(); | |
| 1519 } | |
| 1520 } | 1508 } |
| 1521 } | 1509 } |
| 1522 object = raw_holder->GetPrototype(); | |
| 1523 } | 1510 } |
| 1524 | 1511 |
| 1525 // Reload global in case the loop above performed a GC. | 1512 // Reload global in case the loop above performed a GC. |
| 1526 global = isolate->context()->global_object(); | 1513 global = isolate->context()->global_object(); |
| 1527 if (assign) { | 1514 if (assign) { |
| 1528 return global->SetProperty(*name, args[2], attributes, strict_mode_flag); | 1515 return global->SetProperty(*name, args[2], attributes, strict_mode_flag); |
| 1529 } | 1516 } |
| 1530 return isolate->heap()->undefined_value(); | 1517 return isolate->heap()->undefined_value(); |
| 1531 } | 1518 } |
| 1532 | 1519 |
| (...skipping 11784 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 13317 // Handle last resort GC and make sure to allow future allocations | 13304 // Handle last resort GC and make sure to allow future allocations |
| 13318 // to grow the heap without causing GCs (if possible). | 13305 // to grow the heap without causing GCs (if possible). |
| 13319 isolate->counters()->gc_last_resort_from_js()->Increment(); | 13306 isolate->counters()->gc_last_resort_from_js()->Increment(); |
| 13320 isolate->heap()->CollectAllGarbage(Heap::kNoGCFlags, | 13307 isolate->heap()->CollectAllGarbage(Heap::kNoGCFlags, |
| 13321 "Runtime::PerformGC"); | 13308 "Runtime::PerformGC"); |
| 13322 } | 13309 } |
| 13323 } | 13310 } |
| 13324 | 13311 |
| 13325 | 13312 |
| 13326 } } // namespace v8::internal | 13313 } } // namespace v8::internal |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 11413068:
Fix and clean up treatment of hidden prototypes. (Closed)
Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge