AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity

[protectors] Move PromiseSpeciesProtector to Protectors

Browse Source 
Bug: v8:9463
Change-Id: I49d74c5103f4ee2e09114a609cffe82c838655dc
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792782
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Joshua Litt <joshualitt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#63646}
This commit is contained in:
Joshua Litt 2019-09-09 05:19:02 -07:00 committed by Commit Bot
parent a6db4bd048
commit 0b324dd4f5
5 changed files with 10 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/execution/isolate-inl.h
View File

@ -119,13 +119,6 @@ bool Isolate::IsArrayConstructorIntact() {
return array_constructor_cell.value() == Smi::FromInt(kProtectorValid);
}
bool Isolate::IsPromiseSpeciesLookupChainIntact() {
PropertyCell species_cell =
PropertyCell::cast(root(RootIndex::kPromiseSpeciesProtector));
return species_cell.value().IsSmi() &&
Smi::ToInt(species_cell.value()) == kProtectorValid;
}
bool Isolate::IsStringLengthOverflowIntact() {
Cell string_length_cell = Cell::cast(root(RootIndex::kStringLengthProtector));
return string_length_cell.value() == Smi::FromInt(kProtectorValid);

9
src/execution/isolate.cc
View File

@ -4000,15 +4000,6 @@ void Isolate::InvalidateArrayConstructorProtector() {
DCHECK(!IsArrayConstructorIntact());
}
void Isolate::InvalidatePromiseSpeciesProtector() {
DCHECK(factory()->promise_species_protector()->value().IsSmi());
DCHECK(IsPromiseSpeciesLookupChainIntact());
PropertyCell::SetValueWithInvalidation(
this, "promise_species_protector", factory()->promise_species_protector(),
handle(Smi::FromInt(kProtectorInvalid), this));
DCHECK(!IsPromiseSpeciesLookupChainIntact());
}
void Isolate::InvalidateStringLengthOverflowProtector() {
DCHECK(factory()->string_length_protector()->value().IsSmi());
DCHECK(IsStringLengthOverflowIntact());

7
src/execution/isolate.h
View File

@ -1176,12 +1176,6 @@ class Isolate final : private HiddenFactory {
bool IsArrayOrObjectOrStringPrototype(Object object);
// Check that the @@species protector is intact, which guards the lookup of
// "constructor" on JSPromise instances, whose [[Prototype]] is the initial
// %PromisePrototype%, and the Symbol.species lookup on the
// %PromisePrototype%.
inline bool IsPromiseSpeciesLookupChainIntact();
bool IsIsConcatSpreadableLookupChainIntact();
bool IsIsConcatSpreadableLookupChainIntact(JSReceiver receiver);
inline bool IsStringLengthOverflowIntact();
@ -1262,7 +1256,6 @@ class Isolate final : private HiddenFactory {
void InvalidateArrayConstructorProtector();
void InvalidateRegExpSpeciesProtector(Handle<NativeContext> native_context);
void InvalidatePromiseSpeciesProtector();
void InvalidateIsConcatSpreadableProtector();
void InvalidateStringLengthOverflowProtector();
void InvalidateArrayIteratorProtector();

2
src/execution/protectors.h
View File

@ -20,6 +20,8 @@ class Protectors : public AllStatic {
#define DECLARED_PROTECTORS_ON_ISOLATE(V) \
V(ArraySpeciesLookupChain, ArraySpeciesProtector, array_species_protector) \
V(PromiseSpeciesLookupChain, PromiseSpeciesProtector, \
promise_species_protector) \
V(TypedArraySpeciesLookupChain, TypedArraySpeciesProtector, \
typed_array_species_protector)

16
src/objects/lookup.cc
View File

@ -248,7 +248,7 @@ void LookupIterator::InternalUpdateProtector() {
}
if (!Protectors::IsArraySpeciesLookupChainIntact(isolate_) &&
!isolate_->IsPromiseSpeciesLookupChainIntact() &&
!Protectors::IsPromiseSpeciesLookupChainIntact(isolate_) &&
!Protectors::IsRegExpSpeciesLookupChainProtectorIntact(
native_context) &&
!Protectors::IsTypedArraySpeciesLookupChainIntact(isolate_)) {
@ -262,8 +262,8 @@ void LookupIterator::InternalUpdateProtector() {
Protectors::InvalidateArraySpeciesLookupChain(isolate_);
return;
} else if (receiver->IsJSPromise(isolate_)) {
if (!isolate_->IsPromiseSpeciesLookupChainIntact()) return;
isolate_->InvalidatePromiseSpeciesProtector();
if (!Protectors::IsPromiseSpeciesLookupChainIntact(isolate_)) return;
Protectors::InvalidatePromiseSpeciesLookupChain(isolate_);
return;
} else if (receiver->IsJSRegExp(isolate_)) {
if (!Protectors::IsRegExpSpeciesLookupChainProtectorIntact(
@ -293,8 +293,8 @@ void LookupIterator::InternalUpdateProtector() {
Protectors::InvalidateArraySpeciesLookupChain(isolate_);
} else if (isolate_->IsInAnyContext(*receiver,
Context::PROMISE_PROTOTYPE_INDEX)) {
if (!isolate_->IsPromiseSpeciesLookupChainIntact()) return;
isolate_->InvalidatePromiseSpeciesProtector();
if (!Protectors::IsPromiseSpeciesLookupChainIntact(isolate_)) return;
Protectors::InvalidatePromiseSpeciesLookupChain(isolate_);
} else if (isolate_->IsInAnyContext(*receiver,
Context::REGEXP_PROTOTYPE_INDEX)) {
if (!Protectors::IsRegExpSpeciesLookupChainProtectorIntact(
@ -344,7 +344,7 @@ void LookupIterator::InternalUpdateProtector() {
}
if (!Protectors::IsArraySpeciesLookupChainIntact(isolate_) &&
!isolate_->IsPromiseSpeciesLookupChainIntact() &&
!Protectors::IsPromiseSpeciesLookupChainIntact(isolate_) &&
!Protectors::IsRegExpSpeciesLookupChainProtectorIntact(
native_context) &&
!Protectors::IsTypedArraySpeciesLookupChainIntact(isolate_)) {
@ -359,8 +359,8 @@ void LookupIterator::InternalUpdateProtector() {
Protectors::InvalidateArraySpeciesLookupChain(isolate_);
} else if (isolate_->IsInAnyContext(*receiver,
Context::PROMISE_FUNCTION_INDEX)) {
if (!isolate_->IsPromiseSpeciesLookupChainIntact()) return;
isolate_->InvalidatePromiseSpeciesProtector();
if (!Protectors::IsPromiseSpeciesLookupChainIntact(isolate_)) return;
Protectors::InvalidatePromiseSpeciesLookupChain(isolate_);
} else if (isolate_->IsInAnyContext(*receiver,
Context::REGEXP_FUNCTION_INDEX)) {
if (!Protectors::IsRegExpSpeciesLookupChainProtectorIntact(