blink: Remove kV8PrototypeTypeIndex.

The value is never read, and storing it makes context snapshot writing nondeterministic. A comment claims that the mere presence of the field is needed to identify prototypes, with a link to https://bugs.webkit.org/show_bug.cgi?id=110436 The code in that patch does indeed use v8PrototypeInternalFieldcount to identify prototypes (see CustomElementHelpers::findWrapperType in that patch), but the corresponding code in modern blink is V0CustomElementConstructorBuilder::HasValidPrototypeChainFor which instead uses a pointer comparison with script_state_->PerContextData()->PrototypeForType(type). However, V0CustomElementConstructorBuilder::PrototypeIsValid() does check `prototype_->InternalFieldCount()` to check if a prototype is already registered -- so keep kV8PrototypeInternalFieldcount around and just keep the uninitialized default value (the code only cares about the number of fields being > 0, not about the value of the field). TBR=peria (who lg'd this, but Gerrit lost the LG) Bug: 870584 Change-Id: If5474f37499121047c4b0232a85435f139e5cbc0 Reviewed-on: https://chromium-review.googlesource.com/c/1292385 Commit-Queue: Nico Weber <thakis@chromium.org> Reviewed-by: Nico Weber <thakis@chromium.org> Cr-Commit-Position: refs/heads/master@{#601464}

blink: Remove kV8PrototypeTypeIndex.
The value is never read, and storing it makes context snapshot writing nondeterministic. A comment claims that the mere presence of the field is needed to identify prototypes, with a link to https://bugs.webkit.org/show_bug.cgi?id=110436 The code in that patch does indeed use v8PrototypeInternalFieldcount to identify prototypes (see CustomElementHelpers::findWrapperType in that patch), but the corresponding code in modern blink is V0CustomElementConstructorBuilder::HasValidPrototypeChainFor which instead uses a pointer comparison with script_state_->PerContextData()->PrototypeForType(type). However, V0CustomElementConstructorBuilder::PrototypeIsValid() does check `prototype_->InternalFieldCount()` to check if a prototype is already registered -- so keep kV8PrototypeInternalFieldcount around and just keep the uninitialized default value (the code only cares about the number of fields being > 0, not about the value of the field). TBR=peria (who lg'd this, but Gerrit lost the LG) Bug: 870584 Change-Id: If5474f37499121047c4b0232a85435f139e5cbc0 Reviewed-on: https://chromium-review.googlesource.com/c/1292385 Commit-Queue: Nico Weber <thakis@chromium.org> Reviewed-by: Nico Weber <thakis@chromium.org> Cr-Commit-Position: refs/heads/master@{#601464}
c9dd6b7d · Nico Weber · Commit Bot · 098dfd90 · c9dd6b7d · c9dd6b7d
Commit c9dd6b7d authored Oct 22, 2018 by Nico Weber Committed by Commit Bot Oct 22, 2018
3 changed files
--- a/third_party/blink/renderer/bindings/core/v8/v8_dom_configuration.cc
+++ b/third_party/blink/renderer/bindings/core/v8/v8_dom_configuration.cc
@@ -811,6 +811,7 @@ void V8DOMConfiguration::InitializeDOMInterfaceTemplate(
    // This is needed since bug 110436 asks WebKit to tell native-initiated
    // prototypes from pure-JS ones.  This doesn't mark kinds "root" classes
    // like Node, where setting this changes prototype chain structure.
+    // The value of this field is not used, only the count.
    prototype_template->SetInternalFieldCount(kV8PrototypeInternalFieldcount);
  }
 }

--- a/third_party/blink/renderer/platform/bindings/v8_object_constructor.cc
+++ b/third_party/blink/renderer/platform/bindings/v8_object_constructor.cc
@@ -102,11 +102,6 @@ v8::Local<v8::Function> V8ObjectConstructor::CreateInterfaceObject(
    CHECK(prototype_value->IsObject());
    prototype_object = prototype_value.As<v8::Object>();
-    if (prototype_object->InternalFieldCount() ==
-        kV8PrototypeInternalFieldcount) {
-      prototype_object->SetAlignedPointerInInternalField(
-          kV8PrototypeTypeIndex, const_cast<WrapperTypeInfo*>(type));
-    }
  }
  if (creation_mode == CreationMode::kInstallConditionalFeatures) {

--- a/third_party/blink/renderer/platform/bindings/wrapper_type_info.h
+++ b/third_party/blink/renderer/platform/bindings/wrapper_type_info.h
@@ -55,7 +55,8 @@ static const int kV8DOMWrapperObjectIndex =
    static_cast<int>(gin::kEncodedValueIndex);
 static const int kV8DefaultWrapperInternalFieldCount =
    static_cast<int>(gin::kNumberOfInternalFields);
-static const int kV8PrototypeTypeIndex = 0;
+// The value of the following field isn't used (only its presence), hence no
+// corresponding Index constant exists for it.
 static const int kV8PrototypeInternalFieldcount = 1;
 typedef v8::Local<v8::FunctionTemplate> (