From 86837e3c32d142838518c3be6516c7f47208b690 Mon Sep 17 00:00:00 2001 From: Aaron Kennedy Date: Thu, 27 Oct 2011 11:31:56 +0100 Subject: [V8] Add a "fallback" mode for named property interceptors By default interceptors are called before the normal property resolution on objects. When an interceptor is installed as a "fallback" interceptor, it is only called if the object doesn't already have the property. In the case of a global object having an fallback interceptor, the interceptor is not invoked at all for var or function declarations. Change-Id: Iac09d4243b0407a7b3e9ba9149f8d447b7af7766 Reviewed-by: Simon Hausmann --- src/3rdparty/v8/include/v8.h | 7 ++++++ src/3rdparty/v8/src/api.cc | 29 ++++++++++++++++++++++++ src/3rdparty/v8/src/factory.cc | 4 ++++ src/3rdparty/v8/src/hydrogen-instructions.cc | 2 ++ src/3rdparty/v8/src/objects-inl.h | 9 ++++++++ src/3rdparty/v8/src/objects.cc | 33 ++++++++++++++++++++-------- src/3rdparty/v8/src/objects.h | 23 ++++++++++++++----- src/3rdparty/v8/src/runtime.cc | 14 +++++++----- 8 files changed, 101 insertions(+), 20 deletions(-) diff --git a/src/3rdparty/v8/include/v8.h b/src/3rdparty/v8/include/v8.h index 175df14..3cb7a3a 100644 --- a/src/3rdparty/v8/include/v8.h +++ b/src/3rdparty/v8/include/v8.h @@ -2388,6 +2388,7 @@ class V8EXPORT FunctionTemplate : public Template { NamedPropertyQuery query, NamedPropertyDeleter remover, NamedPropertyEnumerator enumerator, + bool is_fallback, Handle data); void SetIndexedInstancePropertyHandler(IndexedPropertyGetter getter, IndexedPropertySetter setter, @@ -2478,6 +2479,12 @@ class V8EXPORT ObjectTemplate : public Template { NamedPropertyDeleter deleter = 0, NamedPropertyEnumerator enumerator = 0, Handle data = Handle()); + void SetFallbackPropertyHandler(NamedPropertyGetter getter, + NamedPropertySetter setter = 0, + NamedPropertyQuery query = 0, + NamedPropertyDeleter deleter = 0, + NamedPropertyEnumerator enumerator = 0, + Handle data = Handle()); /** * Sets an indexed property handler on the object template. diff --git a/src/3rdparty/v8/src/api.cc b/src/3rdparty/v8/src/api.cc index 8921c0b..3e2f1bd 100644 --- a/src/3rdparty/v8/src/api.cc +++ b/src/3rdparty/v8/src/api.cc @@ -1207,6 +1207,7 @@ void FunctionTemplate::SetNamedInstancePropertyHandler( NamedPropertyQuery query, NamedPropertyDeleter remover, NamedPropertyEnumerator enumerator, + bool is_fallback, Handle data) { i::Isolate* isolate = Utils::OpenHandle(this)->GetIsolate(); if (IsDeadCheck(isolate, @@ -1225,6 +1226,7 @@ void FunctionTemplate::SetNamedInstancePropertyHandler( if (query != 0) SET_FIELD_WRAPPED(obj, set_query, query); if (remover != 0) SET_FIELD_WRAPPED(obj, set_deleter, remover); if (enumerator != 0) SET_FIELD_WRAPPED(obj, set_enumerator, enumerator); + obj->set_is_fallback(i::Smi::FromInt(is_fallback)); if (data.IsEmpty()) data = v8::Undefined(); obj->set_data(*Utils::OpenHandle(*data)); @@ -1371,6 +1373,33 @@ void ObjectTemplate::SetNamedPropertyHandler(NamedPropertyGetter getter, query, remover, enumerator, + false, + data); +} + + +void ObjectTemplate::SetFallbackPropertyHandler(NamedPropertyGetter getter, + NamedPropertySetter setter, + NamedPropertyQuery query, + NamedPropertyDeleter remover, + NamedPropertyEnumerator enumerator, + Handle data) { + i::Isolate* isolate = Utils::OpenHandle(this)->GetIsolate(); + if (IsDeadCheck(isolate, "v8::ObjectTemplate::SetNamedPropertyHandler()")) { + return; + } + ENTER_V8(isolate); + i::HandleScope scope(isolate); + EnsureConstructor(this); + i::FunctionTemplateInfo* constructor = + i::FunctionTemplateInfo::cast(Utils::OpenHandle(this)->constructor()); + i::Handle cons(constructor); + Utils::ToLocal(cons)->SetNamedInstancePropertyHandler(getter, + setter, + query, + remover, + enumerator, + true, data); } diff --git a/src/3rdparty/v8/src/factory.cc b/src/3rdparty/v8/src/factory.cc index a2bb939..c74ca54 100644 --- a/src/3rdparty/v8/src/factory.cc +++ b/src/3rdparty/v8/src/factory.cc @@ -1270,6 +1270,10 @@ Handle Factory::CreateApiFunction( // Set interceptor information in the map. if (!obj->named_property_handler()->IsUndefined()) { map->set_has_named_interceptor(); + InterceptorInfo *nph = InterceptorInfo::cast(obj->named_property_handler()); + bool is_fallback = + nph->is_fallback()->IsUndefined()?false:nph->is_fallback()->value(); + map->set_named_interceptor_is_fallback(is_fallback); } if (!obj->indexed_property_handler()->IsUndefined()) { map->set_has_indexed_interceptor(); diff --git a/src/3rdparty/v8/src/hydrogen-instructions.cc b/src/3rdparty/v8/src/hydrogen-instructions.cc index feac1be..f93b930 100644 --- a/src/3rdparty/v8/src/hydrogen-instructions.cc +++ b/src/3rdparty/v8/src/hydrogen-instructions.cc @@ -1783,6 +1783,8 @@ HLoadNamedFieldPolymorphic::HLoadNamedFieldPolymorphic(HValue* context, // (which would just be a map check and return undefined). !map->is_dictionary_map() && !map->has_named_interceptor() && + // TODO Do we really need this? (since version 3.13.0) + //!map->named_interceptor_is_fallback() && PrototypeChainCanNeverResolve(map, name)) { negative_lookups.Add(types->at(i), zone); } diff --git a/src/3rdparty/v8/src/objects-inl.h b/src/3rdparty/v8/src/objects-inl.h index 62de787..702a25d 100644 --- a/src/3rdparty/v8/src/objects-inl.h +++ b/src/3rdparty/v8/src/objects-inl.h @@ -3126,6 +3126,14 @@ bool Map::is_shared() { return IsShared::decode(bit_field3()); } +void Map::set_named_interceptor_is_fallback(bool value) { + set_bit_field3(NamedInterceptorIsFallback::update(bit_field3(), value)); +} + +bool Map::named_interceptor_is_fallback() { + return NamedInterceptorIsFallback::decode(bit_field3()); +} + void Map::set_dictionary_map(bool value) { set_bit_field3(DictionaryMap::update(bit_field3(), value)); @@ -3856,6 +3864,7 @@ ACCESSORS(InterceptorInfo, query, Object, kQueryOffset) ACCESSORS(InterceptorInfo, deleter, Object, kDeleterOffset) ACCESSORS(InterceptorInfo, enumerator, Object, kEnumeratorOffset) ACCESSORS(InterceptorInfo, data, Object, kDataOffset) +ACCESSORS(InterceptorInfo, is_fallback, Smi, kFallbackOffset) ACCESSORS(CallHandlerInfo, callback, Object, kCallbackOffset) ACCESSORS(CallHandlerInfo, data, Object, kDataOffset) diff --git a/src/3rdparty/v8/src/objects.cc b/src/3rdparty/v8/src/objects.cc index 66ced63..104ee97 100644 --- a/src/3rdparty/v8/src/objects.cc +++ b/src/3rdparty/v8/src/objects.cc @@ -1937,9 +1937,11 @@ Handle JSReceiver::SetProperty(Handle object, Handle key, Handle value, PropertyAttributes attributes, - StrictModeFlag strict_mode) { + StrictModeFlag strict_mode, + bool skip_fallback_interceptor) { CALL_HEAP_FUNCTION(object->GetIsolate(), - object->SetProperty(*key, *value, attributes, strict_mode), + object->SetProperty(*key, *value, attributes, strict_mode, + MAY_BE_STORE_FROM_KEYED, skip_fallback_interceptor), Object); } @@ -1948,9 +1950,10 @@ MaybeObject* JSReceiver::SetProperty(String* name, Object* value, PropertyAttributes attributes, StrictModeFlag strict_mode, - JSReceiver::StoreFromKeyed store_mode) { + JSReceiver::StoreFromKeyed store_mode, + bool skip_fallback_interceptor) { LookupResult result(GetIsolate()); - LocalLookup(name, &result); + LocalLookup(name, &result, skip_fallback_interceptor); if (!result.IsFound()) { map()->LookupTransition(JSObject::cast(this), name, &result); } @@ -4523,7 +4526,8 @@ AccessorDescriptor* Map::FindAccessor(String* name) { } -void JSReceiver::LocalLookup(String* name, LookupResult* result) { +void JSReceiver::LocalLookup(String* name, LookupResult* result, + bool skip_fallback_interceptor) { ASSERT(name->IsString()); Heap* heap = GetHeap(); @@ -4555,23 +4559,34 @@ void JSReceiver::LocalLookup(String* name, LookupResult* result) { } // Check for lookup interceptor except when bootstrapping. - if (js_object->HasNamedInterceptor() && - !heap->isolate()->bootstrapper()->IsActive()) { + bool wouldIntercept = js_object->HasNamedInterceptor() && + !heap->isolate()->bootstrapper()->IsActive(); + if (wouldIntercept && !map()->named_interceptor_is_fallback()) { result->InterceptorResult(js_object); return; } js_object->LocalLookupRealNamedProperty(name, result); + + if (wouldIntercept && !skip_fallback_interceptor && !result->IsProperty() && + map()->named_interceptor_is_fallback()) { + result->InterceptorResult(js_object); + return; + } } -void JSReceiver::Lookup(String* name, LookupResult* result) { +void JSReceiver::Lookup(String* name, + LookupResult* result, + bool skip_fallback_interceptor) { // Ecma-262 3rd 8.6.2.4 Heap* heap = GetHeap(); for (Object* current = this; current != heap->null_value(); current = JSObject::cast(current)->GetPrototype()) { - JSReceiver::cast(current)->LocalLookup(name, result); + JSReceiver::cast(current)->LocalLookup(name, + result, + skip_fallback_interceptor); if (result->IsFound()) return; } result->NotFound(); diff --git a/src/3rdparty/v8/src/objects.h b/src/3rdparty/v8/src/objects.h index 9e45a72..52166f0 100644 --- a/src/3rdparty/v8/src/objects.h +++ b/src/3rdparty/v8/src/objects.h @@ -1438,14 +1438,16 @@ class JSReceiver: public HeapObject { Handle key, Handle value, PropertyAttributes attributes, - StrictModeFlag strict_mode); + StrictModeFlag strict_mode, + bool skip_fallback_interceptor = false); // Can cause GC. MUST_USE_RESULT MaybeObject* SetProperty( String* key, Object* value, PropertyAttributes attributes, StrictModeFlag strict_mode, - StoreFromKeyed store_from_keyed = MAY_BE_STORE_FROM_KEYED); + StoreFromKeyed store_from_keyed = MAY_BE_STORE_FROM_KEYED, + bool skip_fallback_interceptor = false); MUST_USE_RESULT MaybeObject* SetProperty( LookupResult* result, String* key, @@ -1507,8 +1509,12 @@ class JSReceiver: public HeapObject { // Lookup a property. If found, the result is valid and has // detailed information. - void LocalLookup(String* name, LookupResult* result); - void Lookup(String* name, LookupResult* result); + void LocalLookup(String* name, + LookupResult* result, + bool skip_fallback_interceptor = false); + void Lookup(String* name, + LookupResult* result, + bool skip_fallback_interceptor = false); protected: Smi* GenerateIdentityHash(); @@ -4775,6 +4781,7 @@ class Map: public HeapObject { class DictionaryMap: public BitField {}; class OwnsDescriptors: public BitField {}; class IsObserved: public BitField {}; + class NamedInterceptorIsFallback: public BitField {}; // Tells whether the object in the prototype property will be used // for instances created from this function. If the prototype @@ -4933,6 +4940,10 @@ class Map: public HeapObject { inline void set_is_access_check_needed(bool access_check_needed); inline bool is_access_check_needed(); + // Whether the named interceptor is a fallback interceptor or not + inline void set_named_interceptor_is_fallback(bool value); + inline bool named_interceptor_is_fallback(); + // [prototype]: implicit prototype object. DECL_ACCESSORS(prototype, Object) @@ -8602,6 +8613,7 @@ class InterceptorInfo: public Struct { DECL_ACCESSORS(deleter, Object) DECL_ACCESSORS(enumerator, Object) DECL_ACCESSORS(data, Object) + DECL_ACCESSORS(is_fallback, Smi) static inline InterceptorInfo* cast(Object* obj); @@ -8619,7 +8631,8 @@ class InterceptorInfo: public Struct { static const int kDeleterOffset = kQueryOffset + kPointerSize; static const int kEnumeratorOffset = kDeleterOffset + kPointerSize; static const int kDataOffset = kEnumeratorOffset + kPointerSize; - static const int kSize = kDataOffset + kPointerSize; + static const int kFallbackOffset = kDataOffset + kPointerSize; + static const int kSize = kFallbackOffset + kPointerSize; private: DISALLOW_IMPLICIT_CONSTRUCTORS(InterceptorInfo); diff --git a/src/3rdparty/v8/src/runtime.cc b/src/3rdparty/v8/src/runtime.cc index 11ba4c8..a0d8326 100644 --- a/src/3rdparty/v8/src/runtime.cc +++ b/src/3rdparty/v8/src/runtime.cc @@ -1388,13 +1388,13 @@ RUNTIME_FUNCTION(MaybeObject*, Runtime_DeclareGlobals) { if (FLAG_es52_globals) { Object* obj = *global; do { - JSObject::cast(obj)->LocalLookup(*name, &lookup); + JSObject::cast(obj)->LocalLookup(*name, &lookup, true); if (lookup.IsFound()) break; obj = obj->GetPrototype(); } while (obj->IsJSObject() && JSObject::cast(obj)->map()->is_hidden_prototype()); } else { - global->Lookup(*name, &lookup); + global->Lookup(*name, &lookup, true); } if (lookup.IsFound()) { // We found an existing property. Unless it was an interceptor @@ -1416,7 +1416,7 @@ RUNTIME_FUNCTION(MaybeObject*, Runtime_DeclareGlobals) { } LookupResult lookup(isolate); - global->LocalLookup(*name, &lookup); + global->LocalLookup(*name, &lookup, true); // Compute the property attributes. According to ECMA-262, // the property must be non-configurable except in eval. @@ -1453,7 +1453,8 @@ RUNTIME_FUNCTION(MaybeObject*, Runtime_DeclareGlobals) { RETURN_IF_EMPTY_HANDLE(isolate, JSObject::SetProperty( global, name, value, static_cast(attr), - language_mode == CLASSIC_MODE ? kNonStrictMode : kStrictMode)); + language_mode == CLASSIC_MODE ? kNonStrictMode : kStrictMode, + true)); } } @@ -1598,7 +1599,7 @@ RUNTIME_FUNCTION(MaybeObject*, Runtime_InitializeVarGlobal) { while (object->IsJSObject() && JSObject::cast(object)->map()->is_hidden_prototype()) { JSObject* raw_holder = JSObject::cast(object); - raw_holder->LocalLookup(*name, &lookup); + raw_holder->LocalLookup(*name, &lookup, true); if (lookup.IsInterceptor()) { HandleScope handle_scope(isolate); Handle holder(raw_holder); @@ -1621,7 +1622,8 @@ RUNTIME_FUNCTION(MaybeObject*, Runtime_InitializeVarGlobal) { // Reload global in case the loop above performed a GC. global = isolate->context()->global_object(); if (assign) { - return global->SetProperty(*name, args[2], attributes, strict_mode_flag); + return global->SetProperty( + *name, args[2], attributes, strict_mode_flag, JSReceiver::MAY_BE_STORE_FROM_KEYED, true); } return isolate->heap()->undefined_value(); } -- cgit v1.2.1