Changeset 129984 in webkit

Timestamp:

Sep 29, 2012, 1:29:34 PM (13 years ago)

Author:

commit-queue@webkit.org

Message:

Unreviewed, rolling out r129965.
​http://trac.webkit.org/changeset/129965
​https://bugs.webkit.org/show_bug.cgi?id=97970

Causes ASSERTs in workers (Requested by abarth on #webkit).

Patch by Sheriff Bot <​webkit.review.bot@gmail.com> on 2012-09-29

• bindings/v8/DOMData.cpp:

(WebCore::DOMData::getCurrentStore):

• bindings/v8/ScopedPersistent.h:
• bindings/v8/ScriptController.cpp:

(WebCore::ScriptController::resetIsolatedWorlds):
(WebCore::ScriptController::evaluateInIsolatedWorld):
(WebCore::ScriptController::currentWorldContext):

• bindings/v8/V8Binding.cpp:

(WebCore::perContextDataForCurrentWorld):

• bindings/v8/V8DOMWindowShell.cpp:

(WebCore::setIsolatedWorldField):
(WebCore::V8DOMWindowShell::enteredIsolatedWorldContext):
(WebCore::V8DOMWindowShell::destroyIsolatedShell):
(WebCore):
(WebCore::isolatedContextWeakCallback):
(WebCore::V8DOMWindowShell::disposeContext):
(WebCore::V8DOMWindowShell::initializeIfNeeded):
(WebCore::V8DOMWindowShell::setIsolatedWorldSecurityOrigin):

• bindings/v8/V8DOMWindowShell.h:

(V8DOMWindowShell):
(WebCore::V8DOMWindowShell::getEntered):

• bindings/v8/V8DOMWrapper.h:

(WebCore::V8DOMWrapper::getCachedWrapper):

• bindings/v8/WorldContextHandle.cpp:

(WebCore::WorldContextHandle::WorldContextHandle):

• bindings/v8/custom/V8DocumentCustom.cpp:

(WebCore::toV8):

• bindings/v8/custom/V8HTMLDocumentCustom.cpp:

(WebCore::toV8):

• bindings/v8/custom/V8SVGDocumentCustom.cpp:

(WebCore::toV8):

• bindings/v8/custom/V8XMLHttpRequestConstructor.cpp:

(WebCore::V8XMLHttpRequest::constructorCallback):

Location:

trunk/Source/WebCore

Files:

• ChangeLog (modified) (1 diff)
• bindings/v8/DOMData.cpp (modified) (1 diff)
• bindings/v8/ScopedPersistent.h (modified) (1 diff)
• bindings/v8/ScriptController.cpp (modified) (3 diffs)
• bindings/v8/V8Binding.cpp (modified) (1 diff)
• bindings/v8/V8DOMWindowShell.cpp (modified) (7 diffs)
• bindings/v8/V8DOMWindowShell.h (modified) (4 diffs)
• bindings/v8/V8DOMWrapper.h (modified) (2 diffs)
• bindings/v8/WorldContextHandle.cpp (modified) (1 diff)
• bindings/v8/custom/V8DocumentCustom.cpp (modified) (1 diff)
• bindings/v8/custom/V8HTMLDocumentCustom.cpp (modified) (1 diff)
• bindings/v8/custom/V8SVGDocumentCustom.cpp (modified) (1 diff)
• bindings/v8/custom/V8XMLHttpRequestConstructor.cpp (modified) (1 diff)

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2012-09-29  Sheriff Bot  <webkit.review.bot@gmail.com>
+
+        Unreviewed, rolling out r129965.
+        http://trac.webkit.org/changeset/129965
+        https://bugs.webkit.org/show_bug.cgi?id=97970
+
+        Causes ASSERTs in workers (Requested by abarth on #webkit).
+
+        * bindings/v8/DOMData.cpp:
+        (WebCore::DOMData::getCurrentStore):
+        * bindings/v8/ScopedPersistent.h:
+        * bindings/v8/ScriptController.cpp:
+        (WebCore::ScriptController::resetIsolatedWorlds):
+        (WebCore::ScriptController::evaluateInIsolatedWorld):
+        (WebCore::ScriptController::currentWorldContext):
+        * bindings/v8/V8Binding.cpp:
+        (WebCore::perContextDataForCurrentWorld):
+        * bindings/v8/V8DOMWindowShell.cpp:
+        (WebCore::setIsolatedWorldField):
+        (WebCore::V8DOMWindowShell::enteredIsolatedWorldContext):
+        (WebCore::V8DOMWindowShell::destroyIsolatedShell):
+        (WebCore):
+        (WebCore::isolatedContextWeakCallback):
+        (WebCore::V8DOMWindowShell::disposeContext):
+        (WebCore::V8DOMWindowShell::initializeIfNeeded):
+        (WebCore::V8DOMWindowShell::setIsolatedWorldSecurityOrigin):
+        * bindings/v8/V8DOMWindowShell.h:
+        (V8DOMWindowShell):
+        (WebCore::V8DOMWindowShell::getEntered):
+        * bindings/v8/V8DOMWrapper.h:
+        (WebCore::V8DOMWrapper::getCachedWrapper):
+        * bindings/v8/WorldContextHandle.cpp:
+        (WebCore::WorldContextHandle::WorldContextHandle):
+        * bindings/v8/custom/V8DocumentCustom.cpp:
+        (WebCore::toV8):
+        * bindings/v8/custom/V8HTMLDocumentCustom.cpp:
+        (WebCore::toV8):
+        * bindings/v8/custom/V8SVGDocumentCustom.cpp:
+        (WebCore::toV8):
+        * bindings/v8/custom/V8XMLHttpRequestConstructor.cpp:
+        (WebCore::V8XMLHttpRequest::constructorCallback):
+
 2012-09-29  Emil A Eklund  <eae@chromium.org>
 

trunk/Source/WebCore/bindings/v8/DOMData.cpp

@@ -44 +44 @@
     if (UNLIKELY(data->domDataStore() != 0))
         return *data->domDataStore();
-    V8DOMWindowShell::IsolatedContextData* isolatedData = V8DOMWindowShell::enteredIsolatedContextData();
-    if (UNLIKELY(!!isolatedData))
-        return *isolatedData->world()->domDataStore();
+    V8DOMWindowShell* context = V8DOMWindowShell::getEntered();
+    if (UNLIKELY(context != 0))
+        return *context->world()->domDataStore();
     return defaultStore;
 }

trunk/Source/WebCore/bindings/v8/ScopedPersistent.h

@@ -79 +79 @@
     }
 
-    v8::Persistent<T> leakHandle()
-    {
-        v8::Persistent<T> handle = m_handle;
-        m_handle.Clear();
-        return handle;
-    }
-
 private:
     v8::Persistent<T> m_handle;

trunk/Source/WebCore/bindings/v8/ScriptController.cpp

@@ -147 +147 @@
     for (IsolatedWorldMap::iterator iter = m_isolatedWorlds.begin();
          iter != m_isolatedWorlds.end(); ++iter) {
-        iter->second->clearIsolatedShell();
-        delete iter->second;
+        iter->second->destroyIsolatedShell();
     }
     m_isolatedWorlds.clear();
@@ -392 +391 @@
         }
 
-        // Destroy temporary world.
+        // Mark temporary shell for weak destruction.
         if (worldID == DOMWrapperWorld::uninitializedWorldId) {
             int actualWorldId = isolatedWorldShell->world()->worldId();
             m_isolatedWorlds.remove(actualWorldId);
-            isolatedWorldShell->clearIsolatedShell();
-            delete isolatedWorldShell;
+            isolatedWorldShell->destroyIsolatedShell();
         }
 
@@ -432 +430 @@
 v8::Local<v8::Context> ScriptController::currentWorldContext()
 {
-    V8DOMWindowShell::IsolatedContextData* isolatedContextData = V8DOMWindowShell::enteredIsolatedContextData();
-    if (UNLIKELY(!!isolatedContextData)) {
-        V8DOMWindowShell* isolatedShell = existingWindowShellInternal(isolatedContextData->world());
-        // A temporary isolated world has been deleted, so use the current context.
-        if (UNLIKELY(!isolatedShell)) {
-            v8::Handle<v8::Context> context = v8::Context::GetEntered();
-            if (m_frame != toFrameIfNotDetached(context))
-                return v8::Local<v8::Context>();
-            return v8::Local<v8::Context>::New(context);
-        }
-        // The shell exists, but potentially it has a new context, so use it.
-        if (isolatedShell->context().IsEmpty() || m_frame != toFrameIfNotDetached(isolatedShell->context()))
+    if (V8DOMWindowShell* isolatedShell = V8DOMWindowShell::getEntered()) {
+        v8::Persistent<v8::Context> context = isolatedShell->context();
+        if (context.IsEmpty() || m_frame != toFrameIfNotDetached(context))
             return v8::Local<v8::Context>();
-        return v8::Local<v8::Context>::New(isolatedShell->context());
+        return v8::Local<v8::Context>::New(context);
     }
     windowShell()->initializeIfNeeded();

trunk/Source/WebCore/bindings/v8/V8Binding.cpp

@@ -312 +312 @@
 V8PerContextData* perContextDataForCurrentWorld(Frame* frame)
 {
-    V8DOMWindowShell::IsolatedContextData* isolatedShellData = 0;
-    if (UNLIKELY(!!(isolatedShellData = V8DOMWindowShell::enteredIsolatedContextData())))
-        return isolatedShellData->perContextData();
+    V8DOMWindowShell* isolatedShell;
+    if (UNLIKELY(!!(isolatedShell = V8DOMWindowShell::getEntered())))
+        return isolatedShell->perContextData();
     return frame->script()->windowShell()->perContextData();
 }

trunk/Source/WebCore/bindings/v8/V8DOMWindowShell.cpp

@@ -171 +171 @@
 }
 
-static void setIsolatedWorldField(V8DOMWindowShell::IsolatedContextData* data, v8::Handle<v8::Context> context)
-{
-    toInnerGlobalObject(context)->SetPointerInInternalField(V8DOMWindow::enteredIsolatedWorldIndex, data);
-}
-
-V8DOMWindowShell::IsolatedContextData* V8DOMWindowShell::toIsolatedContextData(v8::Handle<v8::Object> innerGlobal)
-{
-    ASSERT(innerGlobal->InternalFieldCount() >= V8DOMWindow::enteredIsolatedWorldIndex);
-    return static_cast<IsolatedContextData*>(innerGlobal->GetPointerFromInternalField(V8DOMWindow::enteredIsolatedWorldIndex));
+static void setIsolatedWorldField(V8DOMWindowShell* shell, v8::Local<v8::Context> context)
+{
+    toInnerGlobalObject(context)->SetPointerInInternalField(V8DOMWindow::enteredIsolatedWorldIndex, shell);
+}
+
+V8DOMWindowShell* V8DOMWindowShell::enteredIsolatedWorldContext()
+{
+    return static_cast<V8DOMWindowShell*>(toInnerGlobalObject(v8::Context::GetEntered())->GetPointerFromInternalField(V8DOMWindow::enteredIsolatedWorldIndex));
 }
 
@@ -209 +208 @@
 }
 
+void V8DOMWindowShell::destroyIsolatedShell()
+{
+    disposeContext(true);
+}
+
 static void isolatedContextWeakCallback(v8::Persistent<v8::Value> object, void* parameter)
 {
-    object.Dispose();
-    delete static_cast<V8DOMWindowShell::IsolatedContextData*>(parameter);
-}
-
-void V8DOMWindowShell::disposeContext()
-{
+    // Handle will be disposed in delete.
+    delete static_cast<V8DOMWindowShell*>(parameter);
+}
+
+void V8DOMWindowShell::disposeContext(bool weak)
+{
+    ASSERT(!m_context.get().IsWeak());
     m_perContextData.clear();
 
@@ -224 +229 @@
     m_frame->loader()->client()->willReleaseScriptContext(m_context.get(), m_world->worldId());
 
-    if (m_isolatedContextData) {
+    if (!weak)
+        m_context.clear();
+    else {
         ASSERT(!m_world->isMainWorld());
-        // Here we must intentionally leak the per context data pointer as it gets deleted in isolatedContextWeakCallback.
-        m_context.leakHandle().MakeWeak(m_isolatedContextData.leakPtr(), isolatedContextWeakCallback);
-        // The global handle keeps a reference to the context, so it must be removed.
-        m_global.clear();
-    } else
-        m_context.clear();
+        destroyGlobal();
+        m_frame = 0;
+        m_context.get().MakeWeak(this, isolatedContextWeakCallback);
+    }
 
     // It's likely that disposing the context has created a lot of
@@ -245 +250 @@
 {
     m_global.clear();
-}
-
-void V8DOMWindowShell::clearIsolatedShell()
-{
-    disposeContext();
 }
 
@@ -346 +346 @@
     }
 
-    m_perContextData = V8PerContextData::create(m_context.get());
-    if (!m_perContextData->init()) {
-        disposeContext();
-        return false;
-    }
-
     // Flag context as isolated.
     if (!isMainWorld) {
@@ -358 +352 @@
         if (!mainWindow->context().IsEmpty())
             setInjectedScriptContextDebugId(m_context.get(), m_frame->script()->contextDebugId(mainWindow->context()));
-        m_isolatedContextData = IsolatedContextData::create(m_world, m_perContextData.release(), m_isolatedWorldShellSecurityOrigin);
-        setIsolatedWorldField(m_isolatedContextData.get(), context);
+        setIsolatedWorldField(this, context);
+    }
+
+    m_perContextData = V8PerContextData::create(m_context.get());
+    if (!m_perContextData->init()) {
+        disposeContext();
+        return false;
     }
 
@@ -619 +618 @@
     }
     m_isolatedWorldShellSecurityOrigin = securityOrigin;
-    if (m_isolatedContextData)
-        m_isolatedContextData->setSecurityOrigin(m_isolatedWorldShellSecurityOrigin);
 }
 

trunk/Source/WebCore/bindings/v8/V8DOMWindowShell.h

@@ -54 +54 @@
 class V8DOMWindowShell {
 public:
-
-    // This class holds all the data that is accessible from a context for an isolated shell.
-    // It survives until the context is deleted.
-    class IsolatedContextData {
-        WTF_MAKE_NONCOPYABLE(IsolatedContextData);
-    public:
-        static PassOwnPtr<IsolatedContextData> create(PassRefPtr<DOMWrapperWorld> world, PassOwnPtr<V8PerContextData> perContextData, PassRefPtr<SecurityOrigin> securityOrigin)
-        {
-            return adoptPtr(new IsolatedContextData(world, perContextData, securityOrigin));
-        }
-        DOMWrapperWorld* world() { return m_world.get(); }
-        V8PerContextData* perContextData() { return m_perContextData.get(); }
-        void setSecurityOrigin(PassRefPtr<SecurityOrigin> origin) { m_securityOrigin = origin; }
-        SecurityOrigin* securityOrigin() { return m_securityOrigin.get(); }
-
-    private:
-        IsolatedContextData(PassRefPtr<DOMWrapperWorld> world, PassOwnPtr<V8PerContextData> perContextData, PassRefPtr<SecurityOrigin> securityOrigin)
-            : m_world(world)
-            , m_perContextData(perContextData)
-            , m_securityOrigin(securityOrigin)
-        {
-        }
-
-        RefPtr<DOMWrapperWorld> m_world;
-        OwnPtr<V8PerContextData> m_perContextData;
-        RefPtr<SecurityOrigin> m_securityOrigin;
-    };
-
     static PassOwnPtr<V8DOMWindowShell> create(Frame*, PassRefPtr<DOMWrapperWorld>);
 
@@ -105 +77 @@
     void clearForNavigation();
     void clearForClose();
-    void clearIsolatedShell();
 
     void destroyGlobal();
@@ -120 +91 @@
     };
 
-    inline static IsolatedContextData* enteredIsolatedContextData()
+    // Returns the isolated world associated with
+    // v8::Context::GetEntered(). Because worlds are isolated, the entire
+    // JavaScript call stack should be from the same isolated world.
+    // Returns 0 if the entered context is from the main world.
+    //
+    // FIXME: Consider edge cases with DOM mutation events that might
+    // violate this invariant.
+    //
+    // FIXME: This is poorly named after the deletion of isolated contexts.
+    static V8DOMWindowShell* getEntered()
     {
-        if (LIKELY(!DOMWrapperWorld::isolatedWorldsExist()))
+        if (!DOMWrapperWorld::isolatedWorldsExist())
             return 0;
         if (!v8::Context::InContext())
             return 0;
-        v8::Handle<v8::Object> innerGlobal = v8::Handle<v8::Object>::Cast(v8::Context::GetEntered()->Global()->GetPrototype());
-        IsolatedContextData* isolatedContextData = toIsolatedContextData(innerGlobal);
-        if (LIKELY(!isolatedContextData))
-            return 0;
-        return isolatedContextData;
+        return enteredIsolatedWorldContext();
     }
 
-    static IsolatedContextData* toIsolatedContextData(v8::Handle<v8::Object> innerGlobal);
-
+    void destroyIsolatedShell();
 private:
     V8DOMWindowShell(Frame*, PassRefPtr<DOMWrapperWorld>);
 
-    void disposeContext();
+    void disposeContext(bool weak = false);
 
     void setSecurityToken();
@@ -152 +127 @@
     bool installDOMWindow();
 
+    static V8DOMWindowShell* enteredIsolatedWorldContext();
+
     Frame* m_frame;
     RefPtr<DOMWrapperWorld> m_world;
 
     OwnPtr<V8PerContextData> m_perContextData;
-    OwnPtr<IsolatedContextData> m_isolatedContextData;
 
     ScopedPersistent<v8::Context> m_context;

trunk/Source/WebCore/bindings/v8/V8DOMWrapper.h

@@ -119 +119 @@
             }
 
-            V8DOMWindowShell::IsolatedContextData* isolatedData = V8DOMWindowShell::enteredIsolatedContextData();
-            if (LIKELY(!isolatedData)) {
+            V8DOMWindowShell* context = V8DOMWindowShell::getEntered();
+            if (LIKELY(!context)) {
                 v8::Persistent<v8::Object>* wrapper = node->wrapper();
                 if (!wrapper)
@@ -126 +126 @@
                 return *wrapper;
             }
-            DOMDataStore* store = isolatedData->world()->domDataStore();
+            DOMDataStore* store = context->world()->domDataStore();
             DOMNodeMapping& domNodeMap = node->isActiveNode() ? store->activeDomNodeMap() : store->domNodeMap();
             return domNodeMap.get(node);

trunk/Source/WebCore/bindings/v8/WorldContextHandle.cpp

@@ -45 +45 @@
         return;
 
-    if (!v8::Context::InContext()) {
+#if ENABLE(WORKERS)
+    // FIXME We are duplicating a lot of effort here checking the context for the worker and for the isolated world.
+    if (v8::Context::InContext()) {
+        v8::Handle<v8::Context> context = v8::Context::GetCurrent();
+        if (!context.IsEmpty()) {
+            if (UNLIKELY(!V8DOMWrapper::isWrapperOfType(toInnerGlobalObject(context), &V8DOMWindow::info))) {
+                m_worldToUse = UseWorkerWorld;
+                return;
+            }
+        }
+    }
+#endif
+
+    V8DOMWindowShell* shell = V8DOMWindowShell::getEntered();
+    if (LIKELY(!shell)) {
         m_worldToUse = UseMainWorld;
         return;
     }
 
-    v8::Handle<v8::Context> context = v8::Context::GetCurrent();
-    ASSERT(!context.IsEmpty());
-    v8::Handle<v8::Object> innerGlobal = toInnerGlobalObject(context);
-#if ENABLE(WORKERS)
-    if (UNLIKELY(!V8DOMWrapper::isWrapperOfType(innerGlobal, &V8DOMWindow::info))) {
-        m_worldToUse = UseWorkerWorld;
-        return;
-    }
-#endif
-
-    V8DOMWindowShell::IsolatedContextData* data = V8DOMWindowShell::toIsolatedContextData(innerGlobal);
-    if (LIKELY(!data)) {
-        m_worldToUse = UseMainWorld;
-        return;
-    }
-
-    m_context = SharedPersistent<v8::Context>::create(context);
+    ASSERT(!shell->context().IsEmpty());
+    m_context = SharedPersistent<v8::Context>::create(shell->context());
 }
 

trunk/Source/WebCore/bindings/v8/custom/V8DocumentCustom.cpp

@@ -109 +109 @@
     if (wrapper.IsEmpty())
         return wrapper;
-    if (!V8DOMWindowShell::enteredIsolatedContextData()) {
+    if (!V8DOMWindowShell::getEntered()) {
         if (Frame* frame = impl->frame())
             frame->script()->windowShell()->updateDocumentWrapper(wrapper);

trunk/Source/WebCore/bindings/v8/custom/V8HTMLDocumentCustom.cpp

@@ -184 +184 @@
     if (wrapper.IsEmpty())
         return wrapper;
-    if (!V8DOMWindowShell::enteredIsolatedContextData()) {
+    if (!V8DOMWindowShell::getEntered()) {
         if (Frame* frame = impl->frame())
             frame->script()->windowShell()->updateDocumentWrapper(wrapper);

trunk/Source/WebCore/bindings/v8/custom/V8SVGDocumentCustom.cpp

@@ -46 +46 @@
     if (wrapper.IsEmpty())
         return wrapper;
-    if (!V8DOMWindowShell::enteredIsolatedContextData()) {
+    if (!V8DOMWindowShell::getEntered()) {
         if (Frame* frame = impl->frame())
             frame->script()->windowShell()->updateDocumentWrapper(wrapper);

trunk/Source/WebCore/bindings/v8/custom/V8XMLHttpRequestConstructor.cpp

@@ -56 +56 @@
 
     RefPtr<SecurityOrigin> securityOrigin;
-    if (V8DOMWindowShell::IsolatedContextData* isolatedContextData = V8DOMWindowShell::enteredIsolatedContextData())
-        securityOrigin = isolatedContextData->securityOrigin();
+    if (V8DOMWindowShell* isolatedWorldShell = V8DOMWindowShell::getEntered())
+        securityOrigin = isolatedWorldShell->isolatedWorldSecurityOrigin();
 
     RefPtr<XMLHttpRequest> xmlHttpRequest = XMLHttpRequest::create(context, securityOrigin);