Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (264936 => 264937)
--- trunk/Source/_javascript_Core/ChangeLog 2020-07-27 18:41:55 UTC (rev 264936)
+++ trunk/Source/_javascript_Core/ChangeLog 2020-07-27 18:50:44 UTC (rev 264937)
@@ -1,3 +1,24 @@
+2020-07-27 Mark Lam <mark....@apple.com>
+
+ DisallowVMEntry needs a copy assignment operator, detected by gcc's -Wdeprecated-copy warning
+ https://bugs.webkit.org/show_bug.cgi?id=214809
+
+ Reviewed by Yusuke Suzuki.
+
+ According to https://en.cppreference.com/w/cpp/language/copy_assignment,
+ "The generation of the implicitly-defined copy assignment operator is deprecated
+ (since C++11) if T has a user-declared destructor or user-declared copy constructor."
+ DisallowVMEntry has both a user-declared destructor and a user-declared copy
+ constructor. Hence, it needs to define its own copy assignment operator to placate
+ the compiler.
+
+ This patch also adds back WTF_FORBID_HEAP_ALLOCATION to DisallowVMEntry.
+ DisallowVMEntry should always have forbid heap allocation. It was accidentally
+ removed in a prior patch.
+
+ * runtime/DisallowVMEntry.h:
+ (JSC::DisallowVMEntryImpl::operator=):
+
2020-07-27 Caio Lima <ticaiol...@gmail.com>
DoesGC failures in debug mode in 32bits
Modified: trunk/Source/_javascript_Core/runtime/DisallowVMEntry.h (264936 => 264937)
--- trunk/Source/_javascript_Core/runtime/DisallowVMEntry.h 2020-07-27 18:41:55 UTC (rev 264936)
+++ trunk/Source/_javascript_Core/runtime/DisallowVMEntry.h 2020-07-27 18:50:44 UTC (rev 264937)
@@ -25,6 +25,8 @@
#pragma once
+#include <wtf/ForbidHeapAllocation.h>
+
namespace JSC {
class VM;
@@ -36,6 +38,7 @@
template<typename VMType = VM>
class DisallowVMEntryImpl {
+ WTF_FORBID_HEAP_ALLOCATION;
public:
DisallowVMEntryImpl(VMType& vm)
: m_vm(&vm)
@@ -56,6 +59,18 @@
m_vm = nullptr;
}
+ DisallowVMEntryImpl& operator=(const DisallowVMEntryImpl& other)
+ {
+ RELEASE_ASSERT(m_vm && m_vm == other.m_vm);
+ RELEASE_ASSERT(m_vm->disallowVMEntryCount);
+ // Conceptually, we need to decrement the disallowVMEntryCount of the
+ // old m_vm, and increment the disallowVMEntryCount of the new m_vm.
+ // But since the old and the new m_vm should always be the same, the
+ // decrementing and incrementing cancels out, and there's nothing more
+ // to do here.
+ return *this;
+ }
+
private:
VMType* m_vm;
};
Modified: trunk/Source/WebCore/ChangeLog (264936 => 264937)
--- trunk/Source/WebCore/ChangeLog 2020-07-27 18:41:55 UTC (rev 264936)
+++ trunk/Source/WebCore/ChangeLog 2020-07-27 18:50:44 UTC (rev 264937)
@@ -1,3 +1,22 @@
+2020-07-27 Mark Lam <mark....@apple.com>
+
+ DisallowVMEntry needs a copy assignment operator, detected by gcc's -Wdeprecated-copy warning
+ https://bugs.webkit.org/show_bug.cgi?id=214809
+
+ Reviewed by Yusuke Suzuki.
+
+ Added handling of a possible VMInquiry failure in JSDOMWindow::getOwnPropertySlot()
+ after returning from Base::getOwnPropertySlot(). If a VMInquiry is requested and
+ Base::getOwnPropertySlot() returns false with slot.isTaintedByOpaqueObject() set,
+ then it means that Base::getOwnPropertySlot() failed to execute the VMInquiry,
+ not that it successfully determined that the property doesn't exist.
+
+ This issue was noticed while studying how JSDOMWindow::getOwnPropertySlot() uses
+ copy assignment of JSC::PropertySlots.
+
+ * bindings/js/JSDOMWindowCustom.cpp:
+ (WebCore::JSDOMWindow::getOwnPropertySlot):
+
2020-07-27 Dean Jackson <d...@apple.com>
Repeatable WebContent crash: WebCore::jsWebGLRenderingContextPrototypeFunctionGetError
Modified: trunk/Source/WebCore/bindings/js/JSDOMWindowCustom.cpp (264936 => 264937)
--- trunk/Source/WebCore/bindings/js/JSDOMWindowCustom.cpp 2020-07-27 18:41:55 UTC (rev 264936)
+++ trunk/Source/WebCore/bindings/js/JSDOMWindowCustom.cpp 2020-07-27 18:50:44 UTC (rev 264937)
@@ -209,8 +209,10 @@
if (!isShowModalDialogAndShouldHide)
return true;
slot = slotCopy;
- }
+ } else if (UNLIKELY(slot.isVMInquiry() && slot.isTaintedByOpaqueObject()))
+ return false;
+
#if ENABLE(USER_MESSAGE_HANDLERS)
if (propertyName == static_cast<JSVMClientData*>(lexicalGlobalObject->vm().clientData)->builtinNames().webkitPublicName() && thisObject->wrapped().shouldHaveWebKitNamespaceForWorld(thisObject->world())) {
slot.setCacheableCustom(thisObject, JSC::PropertyAttribute::DontDelete | JSC::PropertyAttribute::ReadOnly, jsDOMWindowWebKit);
Modified: trunk/Tools/ChangeLog (264936 => 264937)
--- trunk/Tools/ChangeLog 2020-07-27 18:41:55 UTC (rev 264936)
+++ trunk/Tools/ChangeLog 2020-07-27 18:50:44 UTC (rev 264937)
@@ -1,3 +1,21 @@
+2020-07-27 Mark Lam <mark....@apple.com>
+
+ DisallowVMEntry needs a copy assignment operator, detected by gcc's -Wdeprecated-copy warning
+ https://bugs.webkit.org/show_bug.cgi?id=214809
+
+ Reviewed by Yusuke Suzuki.
+
+ Added test case for JSC's DisallowVMEntry and PropertySlot mainly for the copy
+ assignment operation used in JSDOMWindow::getOwnPropertySlot().
+
+ * TestWebKitAPI/CMakeLists.txt:
+ * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
+ * TestWebKitAPI/Tests/_javascript_Core/DisallowVMEntry.cpp: Added.
+ (TestWebKitAPI::enterScope):
+ (TestWebKitAPI::TEST):
+ * TestWebKitAPI/Tests/_javascript_Core/PropertySlot.cpp: Added.
+ (TestWebKitAPI::TEST):
+
2020-07-27 Carlos Garcia Campos <cgar...@igalia.com>
Unreviewed. Fix GTK build with GLib < 2.62
Modified: trunk/Tools/TestWebKitAPI/CMakeLists.txt (264936 => 264937)
--- trunk/Tools/TestWebKitAPI/CMakeLists.txt 2020-07-27 18:41:55 UTC (rev 264936)
+++ trunk/Tools/TestWebKitAPI/CMakeLists.txt 2020-07-27 18:50:44 UTC (rev 264937)
@@ -122,6 +122,31 @@
WEBKIT_EXECUTABLE_DECLARE(TestWTF)
+# TestJavaScriptCore definitions
+if (ENABLE_JAVASCRIPTCORE)
+ set(TestJavaScriptCore_SOURCES
+ TestsController.cpp
+ WTFStringUtilities.cpp
+
+ Tests/_javascript_Core/DisallowVMEntry.cpp
+ Tests/_javascript_Core/PropertySlot.cpp
+ )
+
+ set(TestJavaScriptCore_LIBRARIES
+ WebKit::_javascript_Core
+ gtest
+ )
+
+ set(TestJavaScriptCore_PRIVATE_INCLUDE_DIRECTORIES
+ ${CMAKE_BINARY_DIR}
+ ${TESTWEBKITAPI_DIR}
+ ${THIRDPARTY_DIR}/gtest/include
+ ${_javascript_CoreCore_PRIVATE_FRAMEWORK_HEADERS_DIR}
+ )
+
+ WEBKIT_EXECUTABLE_DECLARE(TestJavaScriptCore)
+endif ()
+
# TestWebCore definitions
if (ENABLE_WEBCORE)
set(TestWebCore_SOURCES
@@ -356,6 +381,11 @@
# TestWTF target
WEBKIT_TEST(TestWTF)
+# TestJavaScriptCore target
+if (ENABLE_JAVASCRIPTCORE)
+ WEBKIT_TEST(TestJavaScriptCore)
+endif ()
+
# TestWebCore target
if (ENABLE_WEBCORE)
WEBKIT_TEST(TestWebCore)
Modified: trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj (264936 => 264937)
--- trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj 2020-07-27 18:41:55 UTC (rev 264936)
+++ trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj 2020-07-27 18:50:44 UTC (rev 264937)
@@ -1177,6 +1177,8 @@
F6FDDDD614241C6F004F1729 /* push-state.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = F6FDDDD514241C48004F1729 /* push-state.html */; };
FE2BCDC72470FDA300DEC33B /* StdLibExtras.cpp in Sources */ = {isa = PBXBuildFile; fileRef = FE2BCDC62470FC7000DEC33B /* StdLibExtras.cpp */; };
FE2D9474245EB2F400E48135 /* Bitmap.cpp in Sources */ = {isa = PBXBuildFile; fileRef = FE2D9473245EB2DF00E48135 /* Bitmap.cpp */; };
+ FEC2A85424CE975F00ADBC35 /* DisallowVMEntry.cpp in Sources */ = {isa = PBXBuildFile; fileRef = FEC2A85324CE974E00ADBC35 /* DisallowVMEntry.cpp */; };
+ FEC2A85624CEB65F00ADBC35 /* PropertySlot.cpp in Sources */ = {isa = PBXBuildFile; fileRef = FEC2A85524CEB65F00ADBC35 /* PropertySlot.cpp */; };
/* End PBXBuildFile section */
/* Begin PBXContainerItemProxy section */
@@ -2894,6 +2896,8 @@
FE2BCDC62470FC7000DEC33B /* StdLibExtras.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = StdLibExtras.cpp; sourceTree = "<group>"; };
FE2D9473245EB2DF00E48135 /* Bitmap.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = Bitmap.cpp; sourceTree = "<group>"; };
FEB6F74E1B2BA44E009E4922 /* NakedPtr.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = NakedPtr.cpp; sourceTree = "<group>"; };
+ FEC2A85324CE974E00ADBC35 /* DisallowVMEntry.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = DisallowVMEntry.cpp; sourceTree = "<group>"; };
+ FEC2A85524CEB65F00ADBC35 /* PropertySlot.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = PropertySlot.cpp; sourceTree = "<group>"; };
/* End PBXFileReference section */
/* Begin PBXFrameworksBuildPhase section */
@@ -3076,7 +3080,9 @@
14CC42E024B8D7E700E64F48 /* _javascript_Core */ = {
isa = PBXGroup;
children = (
+ FEC2A85324CE974E00ADBC35 /* DisallowVMEntry.cpp */,
14CC42E524B8D8FA00E64F48 /* JSRunLoopTimer.mm */,
+ FEC2A85524CEB65F00ADBC35 /* PropertySlot.cpp */,
);
path = _javascript_Core;
sourceTree = "<group>";
@@ -5244,6 +5250,7 @@
7C83E0C11D0A652F00FEBCF3 /* ProvisionalURLNotChange.mm in Sources */,
5CFACF65226FD2DC0056C7D0 /* Proxy.mm in Sources */,
041A1E34216FFDBC00789E0A /* PublicSuffix.cpp in Sources */,
+ FEC2A85424CE975F00ADBC35 /* DisallowVMEntry.cpp in Sources */,
7C83E0C21D0A653500FEBCF3 /* QuickLook.mm in Sources */,
6B4E861C2220A5520022F389 /* RegistrableDomain.cpp in Sources */,
7CCE7F0D1A411AE600447C4C /* ReloadPageAfterCrash.cpp in Sources */,
@@ -5428,6 +5435,7 @@
7C83E0B51D0A649300FEBCF3 /* WKRetainPtr.cpp in Sources */,
5E4B1D2E1D404C6100053621 /* WKScrollViewDelegate.mm in Sources */,
F43E3BBF20DADA1E00A4E7ED /* WKScrollViewTests.mm in Sources */,
+ FEC2A85624CEB65F00ADBC35 /* PropertySlot.cpp in Sources */,
4628C8E92367ABD100B073F0 /* WKSecurityOrigin.cpp in Sources */,
7CCE7F221A411AE600447C4C /* WKString.cpp in Sources */,
7CCE7F1E1A411AE600447C4C /* WKStringJSString.cpp in Sources */,
Added: trunk/Tools/TestWebKitAPI/Tests/_javascript_Core/DisallowVMEntry.cpp (0 => 264937)
--- trunk/Tools/TestWebKitAPI/Tests/_javascript_Core/DisallowVMEntry.cpp (rev 0)
+++ trunk/Tools/TestWebKitAPI/Tests/_javascript_Core/DisallowVMEntry.cpp 2020-07-27 18:50:44 UTC (rev 264937)
@@ -0,0 +1,114 @@
+/*
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include <_javascript_Core/DisallowVMEntry.h>
+#include <_javascript_Core/InitializeThreading.h>
+#include <_javascript_Core/VM.h>
+
+namespace TestWebKitAPI {
+
+using JSC::DisallowVMEntry;
+using JSC::JSLockHolder;
+using JSC::LargeHeap;
+using JSC::VM;
+
+static void enterScope(VM& vm, unsigned entryCount, unsigned remainingEntries)
+{
+ DisallowVMEntry disallowVMEntry(vm);
+ EXPECT_EQ(vm.disallowVMEntryCount, entryCount);
+
+ if (--remainingEntries)
+ enterScope(vm, entryCount + 1, remainingEntries);
+
+ EXPECT_EQ(vm.disallowVMEntryCount, entryCount);
+}
+
+TEST(_javascript_Core_DisallowVMEntry, NestedScopes)
+{
+ WTF::initializeMainThread();
+ JSC::initialize();
+
+ VM& vm = VM::create(LargeHeap).leakRef();
+ {
+ JSLockHolder locker(vm);
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+ enterScope(vm, 1, 10);
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+ }
+}
+
+TEST(_javascript_Core_DisallowVMEntry, CopyConstruction)
+{
+ WTF::initializeMainThread();
+ JSC::initialize();
+
+ VM& vm = VM::create(LargeHeap).leakRef();
+ {
+ JSLockHolder locker(vm);
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+
+ {
+ DisallowVMEntry disallowVMEntry(vm);
+ EXPECT_EQ(vm.disallowVMEntryCount, 1u);
+ {
+ DisallowVMEntry disallowVMEntry2(disallowVMEntry);
+ EXPECT_EQ(vm.disallowVMEntryCount, 2u);
+ }
+ EXPECT_EQ(vm.disallowVMEntryCount, 1u);
+ }
+
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+ }
+}
+
+TEST(_javascript_Core_DisallowVMEntry, CopyAssignment)
+{
+ WTF::initializeMainThread();
+ JSC::initialize();
+
+ VM& vm = VM::create(LargeHeap).leakRef();
+ {
+ JSLockHolder locker(vm);
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+
+ {
+ DisallowVMEntry disallowVMEntry(vm);
+ EXPECT_EQ(vm.disallowVMEntryCount, 1u);
+ {
+ DisallowVMEntry disallowVMEntry2 = disallowVMEntry;
+ EXPECT_EQ(vm.disallowVMEntryCount, 2u);
+
+ disallowVMEntry = disallowVMEntry2;
+ EXPECT_EQ(vm.disallowVMEntryCount, 2u);
+ }
+ EXPECT_EQ(vm.disallowVMEntryCount, 1u);
+ }
+
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+ }
+}
+
+} // namespace TestWebKitAPI
Added: trunk/Tools/TestWebKitAPI/Tests/_javascript_Core/PropertySlot.cpp (0 => 264937)
--- trunk/Tools/TestWebKitAPI/Tests/_javascript_Core/PropertySlot.cpp (rev 0)
+++ trunk/Tools/TestWebKitAPI/Tests/_javascript_Core/PropertySlot.cpp 2020-07-27 18:50:44 UTC (rev 264937)
@@ -0,0 +1,162 @@
+/*
+ * Copyright (C) 2020 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include <_javascript_Core/InitializeThreading.h>
+#include <_javascript_Core/JSCJSValueInlines.h>
+#include <_javascript_Core/PropertySlot.h>
+#include <_javascript_Core/VM.h>
+
+namespace TestWebKitAPI {
+
+using JSC::JSLockHolder;
+using JSC::LargeHeap;
+using JSC::PropertySlot;
+using JSC::VM;
+using JSC::jsUndefined;
+
+TEST(_javascript_Core_PropertySlot, DisallowVMEntryCountBasic)
+{
+ WTF::initializeMainThread();
+ JSC::initialize();
+
+ VM& vm = VM::create(LargeHeap).leakRef();
+ {
+ JSLockHolder locker(vm);
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+ {
+ PropertySlot slot(jsUndefined(), PropertySlot::InternalMethodType::Get);
+ EXPECT_FALSE(!!slot.disallowVMEntry);
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+ }
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+ {
+ PropertySlot slot(jsUndefined(), PropertySlot::InternalMethodType::HasProperty);
+ EXPECT_FALSE(!!slot.disallowVMEntry);
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+ }
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+ {
+ PropertySlot slot(jsUndefined(), PropertySlot::InternalMethodType::GetOwnProperty);
+ EXPECT_FALSE(!!slot.disallowVMEntry);
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+ }
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+ {
+ PropertySlot slot(jsUndefined(), PropertySlot::InternalMethodType::VMInquiry, &vm);
+ EXPECT_TRUE(!!slot.disallowVMEntry);
+ EXPECT_EQ(vm.disallowVMEntryCount, 1u);
+ }
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+ }
+}
+
+TEST(_javascript_Core_PropertySlot, VMInquiryReset)
+{
+ WTF::initializeMainThread();
+ JSC::initialize();
+
+ VM& vm = VM::create(LargeHeap).leakRef();
+ {
+ JSLockHolder locker(vm);
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+
+ {
+ PropertySlot slot(jsUndefined(), PropertySlot::InternalMethodType::VMInquiry, &vm);
+ EXPECT_TRUE(!!slot.disallowVMEntry);
+ EXPECT_EQ(vm.disallowVMEntryCount, 1u);
+
+ slot.disallowVMEntry.reset();
+ EXPECT_FALSE(!!slot.disallowVMEntry);
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+ }
+
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+ }
+}
+
+TEST(_javascript_Core_PropertySlot, CopyAssignment)
+{
+ WTF::initializeMainThread();
+ JSC::initialize();
+
+ VM& vm = VM::create(LargeHeap).leakRef();
+ {
+ JSLockHolder locker(vm);
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+
+ {
+ PropertySlot slot(jsUndefined(), PropertySlot::InternalMethodType::Get);
+ EXPECT_FALSE(slot.isVMInquiry());
+ EXPECT_FALSE(!!slot.disallowVMEntry);
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+
+ {
+ PropertySlot slot2 = slot;
+ EXPECT_FALSE(slot.isVMInquiry());
+ EXPECT_FALSE(!!slot.disallowVMEntry);
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+
+ slot = slot2;
+ EXPECT_FALSE(slot.isVMInquiry());
+ EXPECT_FALSE(!!slot.disallowVMEntry);
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+ }
+
+ EXPECT_FALSE(slot.isVMInquiry());
+ EXPECT_FALSE(!!slot.disallowVMEntry);
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+ }
+
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+
+ {
+ PropertySlot slot(jsUndefined(), PropertySlot::InternalMethodType::VMInquiry, &vm);
+ EXPECT_TRUE(slot.isVMInquiry());
+ EXPECT_TRUE(!!slot.disallowVMEntry);
+ EXPECT_EQ(vm.disallowVMEntryCount, 1u);
+
+ {
+ PropertySlot slot2 = slot;
+ EXPECT_TRUE(slot2.isVMInquiry());
+ EXPECT_TRUE(!!slot2.disallowVMEntry);
+ EXPECT_EQ(vm.disallowVMEntryCount, 2u);
+
+ slot = slot2;
+ EXPECT_TRUE(slot.isVMInquiry());
+ EXPECT_TRUE(!!slot.disallowVMEntry);
+ EXPECT_EQ(vm.disallowVMEntryCount, 2u);
+ }
+
+ EXPECT_TRUE(slot.isVMInquiry());
+ EXPECT_TRUE(!!slot.disallowVMEntry);
+ EXPECT_EQ(vm.disallowVMEntryCount, 1u);
+ }
+
+ EXPECT_EQ(vm.disallowVMEntryCount, 0u);
+ }
+}
+
+} // namespace TestWebKitAPI
