[api] Introduce v8::Object::GetPrototypeV2()/SetPrototypeV2()

isheludko · V8 LUCI CQ · commit 5e139e98d1e4 · 2024-04-11T16:16:43.000Z
... as a replacement for soon to be deprecated v8::Object::GetPrototype() and v8::Object::SetPrototype(). The new versions will act just like getting/setting of "__proto__" property, i.e. they will never return or accept JSGlobalObject. This is a first step towards never exposing so-called hidden prototype (i.e. JSGlobalObject) via the V8 Api. This will make the JSGlobalObject a V8 internal thing and make the V8 Api closer to JavaScript spec. Bug: chromium:333672197 Change-Id: Ic850d6a041f443392586b868eccde637ded801d3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/5447696 Commit-Queue: Igor Sheludko <ishell@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#93325}
diff --git a/include/v8-object.h b/include/v8-object.h
@@ -433,16 +433,41 @@ class V8_EXPORT Object : public Value {
    * be skipped by __proto__ and it does not consult the security
    * handler.
    */
+  // V8_DEPRECATE_SOON(
+  //     "V8 will stop providing access to hidden prototype (i.e. "
+  //     "JSGlobalObject). Use GetPrototypeV2() instead. "
+  //     "See http://crbug.com/333672197.")
   Local<Value> GetPrototype();
 
+  /**
+   * Get the prototype object (same as getting __proto__ property).  This does
+   * not consult the security handler.
+   * TODO(333672197): rename back to GetPrototype() once the old version goes
+   * through the deprecation process and is removed.
+   */
+  Local<Value> GetPrototypeV2();
+
   /**
    * Set the prototype object.  This does not skip objects marked to
    * be skipped by __proto__ and it does not consult the security
    * handler.
    */
+  // V8_DEPRECATE_SOON(
+  //     "V8 will stop providing access to hidden prototype (i.e. "
+  //     "JSGlobalObject). Use SetPrototypeV2() instead. "
+  //     "See http://crbug.com/333672197.")
   V8_WARN_UNUSED_RESULT Maybe<bool> SetPrototype(Local<Context> context,
                                                  Local<Value> prototype);
 
+  /**
+   * Set the prototype object (same as setting __proto__ property).  This does
+   * does not consult the security handler.
+   * TODO(333672197): rename back to SetPrototype() once the old version goes
+   * through the deprecation process and is removed.
+   */
+  V8_WARN_UNUSED_RESULT Maybe<bool> SetPrototypeV2(Local<Context> context,
+                                                   Local<Value> prototype);
+
   /**
    * Finds an instance of the given function template in the prototype
    * chain.
diff --git a/src/api/api.cc b/src/api/api.cc
@@ -4737,31 +4737,65 @@ Local<Value> v8::Object::GetPrototype() {
   return Utils::ToLocal(i::PrototypeIterator::GetCurrent(iter));
 }
 
-Maybe<bool> v8::Object::SetPrototype(Local<Context> context,
-                                     Local<Value> value) {
-  auto i_isolate = reinterpret_cast<i::Isolate*>(context->GetIsolate());
+Local<Value> v8::Object::GetPrototypeV2() {
   auto self = Utils::OpenHandle(this);
+  auto i_isolate = self->GetIsolate();
+  i::PrototypeIterator iter(i_isolate, self);
+  if (i::IsJSGlobalProxy(*self)) {
+    // Skip hidden prototype (i.e. JSGlobalObject).
+    iter.Advance();
+  }
+  DCHECK(!i::IsJSGlobalObject(*i::PrototypeIterator::GetCurrent(iter)));
+  return Utils::ToLocal(i::PrototypeIterator::GetCurrent(iter));
+}
+
+namespace {
+
+Maybe<bool> SetPrototypeImpl(v8::Object* this_, Local<Context> context,
+                             Local<Value> value, bool from_javascript) {
+  auto i_isolate = reinterpret_cast<i::Isolate*>(context->GetIsolate());
+  auto self = Utils::OpenHandle(this_);
   auto value_obj = Utils::OpenHandle(*value);
+  // TODO(333672197): turn this to DCHECK once it's no longer possible
+  // to get JSGlobalObject via API.
+  CHECK_IMPLIES(from_javascript, !i::IsJSGlobalObject(*value_obj));
   if (i::IsJSProxy(*self)) {
     ENTER_V8(i_isolate, context, Object, SetPrototype, i::HandleScope);
     // We do not allow exceptions thrown while setting the prototype
     // to propagate outside.
     TryCatch try_catch(reinterpret_cast<v8::Isolate*>(i_isolate));
     auto result =
         i::JSProxy::SetPrototype(i_isolate, i::Handle<i::JSProxy>::cast(self),
-                                 value_obj, false, i::kThrowOnError);
+                                 value_obj, from_javascript, i::kThrowOnError);
     has_exception = result.IsNothing();
     RETURN_ON_FAILED_EXECUTION_PRIMITIVE(bool);
   } else {
     ENTER_V8_NO_SCRIPT_NO_EXCEPTION(i_isolate);
+    // TODO(333672197): turn this to DCHECK once it's no longer possible
+    // to get JSGlobalObject via API.
+    CHECK_IMPLIES(from_javascript, !i::IsJSGlobalObject(*self));
     auto result =
         i::JSObject::SetPrototype(i_isolate, i::Handle<i::JSObject>::cast(self),
-                                  value_obj, false, i::kDontThrow);
+                                  value_obj, from_javascript, i::kDontThrow);
     if (!result.FromJust()) return Nothing<bool>();
   }
   return Just(true);
 }
 
+}  // namespace
+
+Maybe<bool> v8::Object::SetPrototype(Local<Context> context,
+                                     Local<Value> value) {
+  static constexpr bool from_javascript = false;
+  return SetPrototypeImpl(this, context, value, from_javascript);
+}
+
+Maybe<bool> v8::Object::SetPrototypeV2(Local<Context> context,
+                                       Local<Value> value) {
+  static constexpr bool from_javascript = true;
+  return SetPrototypeImpl(this, context, value, from_javascript);
+}
+
 Local<Object> v8::Object::FindInstanceInPrototypeChain(
     v8::Local<FunctionTemplate> tmpl) {
   auto self = Utils::OpenDirectHandle(this);
diff --git a/test/unittests/objects/global-object-unittest.cc b/test/unittests/objects/global-object-unittest.cc
@@ -41,9 +41,10 @@ TEST_F(GlobalObjectTest, StrictUndeclaredGlobalVariable) {
   Local<String> var_name = NewString("x");
   TryCatch try_catch(isolate());
   Local<Object> proto = Object::New(isolate());
-  Local<Object> global = context()->Global()->GetPrototype().As<Object>();
+  Local<Object> global = context()->Global();
   proto->Set(context(), var_name, Number::New(isolate(), 100)).FromJust();
-  global->SetPrototype(context(), proto).FromJust();
+  global->SetPrototypeV2(context(), proto).FromJust();
+  CHECK_EQ(global->GetPrototypeV2(), proto);
   CHECK(TryRunJS("\"use strict\"; x = 42;").IsEmpty());
   CHECK(try_catch.HasCaught());
   String::Utf8Value exception(isolate(), try_catch.Exception());
@@ -108,11 +109,11 @@ TEST_F(GlobalObjectTest, KeysGlobalObject_SetPrototype) {
   env2->SetSecurityToken(token);
 
   // Create a reference to env2 global from env1 global.
-  env1->Global()
-      ->GetPrototype()
-      .As<Object>()
-      ->SetPrototype(env1, env2->Global()->GetPrototype())
-      .FromJust();
+  env1->Global()->SetPrototypeV2(env1, env2->Global()).FromJust();
+  CHECK_EQ(env1->Global()->GetPrototypeV2(), env2->Global());
+  CHECK_EQ(env1->Global()->GetPrototype().As<Object>()->GetPrototype(),
+           env2->Global());
+
   // Set some global variables in global2
   env2->Global()->Set(env2, NewString("a"), NewString("a")).FromJust();
   env2->Global()->Set(env2, NewString("42"), NewString("42")).FromJust();
