src/lookup.cc - Issue 1587633002: LookupIterator should find private symbols on JSProxies

Side by Side Diff: src/lookup.cc

Issue 1587633002: LookupIterator should find private symbols on JSProxies (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master

Patch Set: updates Created 4 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2014 the V8 project authors. All rights reserved.	1 // Copyright 2014 the V8 project authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "src/lookup.h"	5 #include "src/lookup.h"

6	6

7 #include "src/bootstrapper.h"	7 #include "src/bootstrapper.h"

8 #include "src/deoptimizer.h"	8 #include "src/deoptimizer.h"

9 #include "src/elements.h"	9 #include "src/elements.h"

10 #include "src/isolate-inl.h"	10 #include "src/isolate-inl.h"

(...skipping 252 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
263 Handle<JSObject> receiver = GetStoreTarget();	263 Handle<JSObject> receiver = GetStoreTarget();

264 if (receiver->IsJSGlobalObject()) return;	264 if (receiver->IsJSGlobalObject()) return;

265 holder_ = receiver;	265 holder_ = receiver;

266 holder_map_ = transition_map();	266 holder_map_ = transition_map();

267 JSObject::MigrateToMap(receiver, holder_map_);	267 JSObject::MigrateToMap(receiver, holder_map_);

268 ReloadPropertyInformation();	268 ReloadPropertyInformation();

269 }	269 }

270	270

271	271

272 void LookupIterator::Delete() {	272 void LookupIterator::Delete() {

273 Handle<JSObject> holder = Handle<JSObject>::cast(holder_);	273 Handle<JSReceiver> holder = Handle<JSReceiver>::cast(holder_);

274 if (IsElement()) {	274 if (IsElement()) {

275 ElementsAccessor* accessor = holder->GetElementsAccessor();	275 Handle<JSObject> object = Handle<JSObject>::cast(holder);

276 accessor->Delete(holder, number_);	276 ElementsAccessor* accessor = object->GetElementsAccessor();

	277 accessor->Delete(object, number_);

277 } else {	278 } else {

278 PropertyNormalizationMode mode = holder->map()->is_prototype_map()	279 PropertyNormalizationMode mode = holder->map()->is_prototype_map()

279 ? KEEP_INOBJECT_PROPERTIES	280 ? KEEP_INOBJECT_PROPERTIES

280 : CLEAR_INOBJECT_PROPERTIES;	281 : CLEAR_INOBJECT_PROPERTIES;

281	282

282 if (holder->HasFastProperties()) {	283 if (holder->HasFastProperties()) {

283 JSObject::NormalizeProperties(holder, mode, 0, "DeletingProperty");	284 JSObject::NormalizeProperties(Handle<JSObject>::cast(holder), mode, 0,

	285 "DeletingProperty");

284 holder_map_ = handle(holder->map(), isolate_);	286 holder_map_ = handle(holder->map(), isolate_);

285 ReloadPropertyInformation();	287 ReloadPropertyInformation();

286 }	288 }

287 // TODO(verwaest): Get rid of the name_ argument.	289 // TODO(verwaest): Get rid of the name_ argument.

288 JSObject::DeleteNormalizedProperty(holder, name_, number_);	290 JSReceiver::DeleteNormalizedProperty(holder, name_, number_);

289 JSObject::ReoptimizeIfPrototype(holder);	291 if (holder->IsJSObject()) {

	292 JSObject::ReoptimizeIfPrototype(Handle<JSObject>::cast(holder));

	293 }

290 }	294 }

291 }	295 }

292	296

293	297

294 void LookupIterator::TransitionToAccessorProperty(	298 void LookupIterator::TransitionToAccessorProperty(

295 AccessorComponent component, Handle<Object> accessor,	299 AccessorComponent component, Handle<Object> accessor,

296 PropertyAttributes attributes) {	300 PropertyAttributes attributes) {

297 DCHECK(!accessor->IsNull());	301 DCHECK(!accessor->IsNull());

298 // Can only be called when the receiver is a JSObject. JSProxy has to be	302 // Can only be called when the receiver is a JSObject. JSProxy has to be

299 // handled via a trap. Adding properties to primitive values is not	303 // handled via a trap. Adding properties to primitive values is not

(...skipping 199 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
499	503

500 Handle<Object> LookupIterator::GetDataValue() const {	504 Handle<Object> LookupIterator::GetDataValue() const {

501 DCHECK_EQ(DATA, state_);	505 DCHECK_EQ(DATA, state_);

502 Handle<Object> value = FetchValue();	506 Handle<Object> value = FetchValue();

503 return value;	507 return value;

504 }	508 }

505	509

506	510

507 void LookupIterator::WriteDataValue(Handle<Object> value) {	511 void LookupIterator::WriteDataValue(Handle<Object> value) {

508 DCHECK_EQ(DATA, state_);	512 DCHECK_EQ(DATA, state_);

509 Handle<JSObject> holder = GetHolder<JSObject>();	513 Handle<JSReceiver> holder = GetHolder<JSReceiver>();

510 if (IsElement()) {	514 if (IsElement()) {

511 ElementsAccessor* accessor = holder->GetElementsAccessor();	515 Handle<JSObject> object = Handle<JSObject>::cast(holder);

512 accessor->Set(holder->elements(), number_, *value);	516 ElementsAccessor* accessor = object->GetElementsAccessor();

	517 accessor->Set(object->elements(), number_, *value);

513 } else if (holder->IsJSGlobalObject()) {	518 } else if (holder->IsJSGlobalObject()) {

	519 Handle<JSObject> object = Handle<JSObject>::cast(holder);

514 Handle<GlobalDictionary> property_dictionary =	520 Handle<GlobalDictionary> property_dictionary =

515 handle(holder->global_dictionary());	521 handle(object->global_dictionary());
	Toon Verwaest 2016/01/15 14:22:42 Handle<GlobalDictionary> dictionary( JSObject: Handle<GlobalDictionary> dictionary( JSObject::cast(*holder)->global_dictionary());
516 PropertyCell::UpdateCell(property_dictionary, dictionary_entry(), value,	522 PropertyCell::UpdateCell(property_dictionary, dictionary_entry(), value,

517 property_details_);	523 property_details_);

518 } else if (holder_map_->is_dictionary_map()) {	524 } else if (holder_map_->is_dictionary_map()) {

519 NameDictionary* property_dictionary = holder->property_dictionary();	525 NameDictionary* property_dictionary = holder->property_dictionary();

520 property_dictionary->ValueAtPut(dictionary_entry(), *value);	526 property_dictionary->ValueAtPut(dictionary_entry(), *value);

521 } else if (property_details_.type() == v8::internal::DATA) {	527 } else if (property_details_.type() == v8::internal::DATA) {

522 holder->WriteToField(descriptor_number(), *value);	528 Handle<JSObject> object = Handle<JSObject>::cast(holder);

	529 object->WriteToField(descriptor_number(), *value);
	Toon Verwaest 2016/01/15 14:22:42 JSObject::cast(holder)->WriteToField(descriptor_n JSObject::cast(holder)->WriteToField(descriptor_number(), *value)
523 } else {	530 } else {

524 DCHECK_EQ(v8::internal::DATA_CONSTANT, property_details_.type());	531 DCHECK_EQ(v8::internal::DATA_CONSTANT, property_details_.type());

525 }	532 }

526 }	533 }

527	534

528	535

529 bool LookupIterator::IsIntegerIndexedExotic(JSReceiver* holder) {	536 bool LookupIterator::IsIntegerIndexedExotic(JSReceiver* holder) {

530 DCHECK(exotic_index_state_ != ExoticIndexState::kNotExotic);	537 DCHECK(exotic_index_state_ != ExoticIndexState::kNotExotic);

531 if (exotic_index_state_ == ExoticIndexState::kExotic) return true;	538 if (exotic_index_state_ == ExoticIndexState::kExotic) return true;

532 if (!InternalHolderIsReceiverOrHiddenPrototype()) {	539 if (!InternalHolderIsReceiverOrHiddenPrototype()) {

(...skipping 71 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
604 JSReceiver* const holder) {	611 JSReceiver* const holder) {

605 STATIC_ASSERT(INTERCEPTOR == BEFORE_PROPERTY);	612 STATIC_ASSERT(INTERCEPTOR == BEFORE_PROPERTY);

606 DisallowHeapAllocation no_gc;	613 DisallowHeapAllocation no_gc;

607 if (interceptor_state_ == InterceptorState::kProcessNonMasking) {	614 if (interceptor_state_ == InterceptorState::kProcessNonMasking) {

608 return LookupNonMaskingInterceptorInHolder(map, holder);	615 return LookupNonMaskingInterceptorInHolder(map, holder);

609 }	616 }

610 switch (state_) {	617 switch (state_) {

611 case NOT_FOUND:	618 case NOT_FOUND:

612 if (map->IsJSProxyMap()) {	619 if (map->IsJSProxyMap()) {

613 // Do not leak private property names.	620 // Do not leak private property names.

614 if (!name_.is_null() && name_->IsPrivate()) return NOT_FOUND;	621 if (IsElement() \|\| !name_->IsPrivate()) return JSPROXY;

615 return JSPROXY;

616 }	622 }

617 if (map->is_access_check_needed() &&	623 if (map->is_access_check_needed() &&

618 (IsElement() \|\| !isolate_->IsInternallyUsedPropertyName(name_))) {	624 (IsElement() \|\| !isolate_->IsInternallyUsedPropertyName(name_))) {

619 return ACCESS_CHECK;	625 return ACCESS_CHECK;

620 }	626 }

621 // Fall through.	627 // Fall through.

622 case ACCESS_CHECK:	628 case ACCESS_CHECK:

623 if (exotic_index_state_ != ExoticIndexState::kNotExotic &&	629 if (exotic_index_state_ != ExoticIndexState::kNotExotic &&

624 holder->IsJSTypedArray() && IsIntegerIndexedExotic(holder)) {	630 holder->IsJSTypedArray() && IsIntegerIndexedExotic(holder)) {

625 return INTEGER_INDEXED_EXOTIC;	631 return INTEGER_INDEXED_EXOTIC;

(...skipping 35 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
661 } else if (map->IsJSGlobalObjectMap()) {	667 } else if (map->IsJSGlobalObjectMap()) {

662 GlobalDictionary* dict = JSObject::cast(holder)->global_dictionary();	668 GlobalDictionary* dict = JSObject::cast(holder)->global_dictionary();

663 int number = dict->FindEntry(name_);	669 int number = dict->FindEntry(name_);

664 if (number == GlobalDictionary::kNotFound) return NOT_FOUND;	670 if (number == GlobalDictionary::kNotFound) return NOT_FOUND;

665 number_ = static_cast<uint32_t>(number);	671 number_ = static_cast<uint32_t>(number);

666 DCHECK(dict->ValueAt(number_)->IsPropertyCell());	672 DCHECK(dict->ValueAt(number_)->IsPropertyCell());

667 PropertyCell* cell = PropertyCell::cast(dict->ValueAt(number_));	673 PropertyCell* cell = PropertyCell::cast(dict->ValueAt(number_));

668 if (cell->value()->IsTheHole()) return NOT_FOUND;	674 if (cell->value()->IsTheHole()) return NOT_FOUND;

669 property_details_ = cell->property_details();	675 property_details_ = cell->property_details();

670 } else {	676 } else {

671 NameDictionary* dict = JSObject::cast(holder)->property_dictionary();	677 NameDictionary* dict = holder->property_dictionary();

672 int number = dict->FindEntry(name_);	678 int number = dict->FindEntry(name_);

673 if (number == NameDictionary::kNotFound) return NOT_FOUND;	679 if (number == NameDictionary::kNotFound) return NOT_FOUND;

674 number_ = static_cast<uint32_t>(number);	680 number_ = static_cast<uint32_t>(number);

675 property_details_ = dict->DetailsAt(number_);	681 property_details_ = dict->DetailsAt(number_);

676 }	682 }

677 has_property_ = true;	683 has_property_ = true;

678 switch (property_details_.kind()) {	684 switch (property_details_.kind()) {

679 case v8::internal::kData:	685 case v8::internal::kData:

680 return DATA;	686 return DATA;

681 case v8::internal::kAccessor:	687 case v8::internal::kAccessor:

(...skipping 23 matching lines...) Expand all Loading...
705 // Fall through.	711 // Fall through.

706 default:	712 default:

707 return NOT_FOUND;	713 return NOT_FOUND;

708 }	714 }

709 UNREACHABLE();	715 UNREACHABLE();

710 return state_;	716 return state_;

711 }	717 }

712	718

713 } // namespace internal	719 } // namespace internal

714 } // namespace v8	720 } // namespace v8

OLD	NEW

« no previous file with comments | « no previous file | src/objects.h » ('j') | src/objects.cc » ('J')