Changeset 126004 in webkit

Timestamp:

Aug 20, 2012 12:47:27 AM (12 years ago)

Author:

haraken@chromium.org

Message:

[V8] Move V8Proxy::newInstance() to V8ObjectConstructor
​https://bugs.webkit.org/show_bug.cgi?id=94443

Reviewed by Adam Barth.

To kill V8Proxy, this patch moves V8Proxy::newInstance() to
V8ObjectConstructor::newInstanceInFrame().
In addition, this patch does the following things:

• For consistency with V8ObjectConstructor::newInstanceInFrame(),

this patch inserts an if(v8::V8::IsDead()) check to just after
Function::NewInstance(). The check is done by V8Binding::assertIfV8IsDead().

• To avoid #include circular dependency, this patch de-inline

V8ObjectConstructor::newInstance()s. I didn't observe any perf regression.
I don't think these methods are worth being inlined, because
these methods call Function::NewInstance(), which is not inlined
and calls a bunch of heavy mehtods in V8.

No tests. No change in behavior.

• bindings/v8/NPV8Object.cpp:

(_NPN_Construct):

• bindings/v8/V8Binding.cpp:

(WebCore::assertIfV8IsDead):
(WebCore):

• bindings/v8/V8Binding.h:

(WebCore):

• bindings/v8/V8ObjectConstructor.cpp:

(WebCore::V8ObjectConstructor::newInstance):
(WebCore):
(WebCore::V8ObjectConstructor::newInstanceInFrame):

• bindings/v8/V8ObjectConstructor.h:

(WebCore):
(V8ObjectConstructor):

• bindings/v8/V8Proxy.cpp:

(WebCore::V8Proxy::runScript):
(WebCore::V8Proxy::instrumentedCallFunction):

Location:

trunk/Source/WebCore

Files:

• ChangeLog (modified) (1 diff)
• bindings/v8/NPV8Object.cpp (modified) (1 diff)
• bindings/v8/V8Binding.cpp (modified) (1 diff)
• bindings/v8/V8Binding.h (modified) (1 diff)
• bindings/v8/V8ObjectConstructor.cpp (modified) (1 diff)
• bindings/v8/V8ObjectConstructor.h (modified) (2 diffs)
• bindings/v8/V8Proxy.cpp (modified) (3 diffs)

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2012-08-20  Kentaro Hara  <haraken@chromium.org>
+
+        [V8] Move V8Proxy::newInstance() to V8ObjectConstructor
+        https://bugs.webkit.org/show_bug.cgi?id=94443
+
+        Reviewed by Adam Barth.
+
+        To kill V8Proxy, this patch moves V8Proxy::newInstance() to
+        V8ObjectConstructor::newInstanceInFrame().
+        In addition, this patch does the following things:
+
+        - For consistency with V8ObjectConstructor::newInstanceInFrame(),
+        this patch inserts an if(v8::V8::IsDead()) check to just after
+        Function::NewInstance(). The check is done by V8Binding::assertIfV8IsDead().
+
+        - To avoid #include circular dependency, this patch de-inline
+        V8ObjectConstructor::newInstance()s. I didn't observe any perf regression.
+        I don't think these methods are worth being inlined, because
+        these methods call Function::NewInstance(), which is not inlined
+        and calls a bunch of heavy mehtods in V8.
+
+        No tests. No change in behavior.
+
+        * bindings/v8/NPV8Object.cpp:
+        (_NPN_Construct):
+        * bindings/v8/V8Binding.cpp:
+        (WebCore::assertIfV8IsDead):
+        (WebCore):
+        * bindings/v8/V8Binding.h:
+        (WebCore):
+        * bindings/v8/V8ObjectConstructor.cpp:
+        (WebCore::V8ObjectConstructor::newInstance):
+        (WebCore):
+        (WebCore::V8ObjectConstructor::newInstanceInFrame):
+        * bindings/v8/V8ObjectConstructor.h:
+        (WebCore):
+        (V8ObjectConstructor):
+        * bindings/v8/V8Proxy.cpp:
+        (WebCore::V8Proxy::runScript):
+        (WebCore::V8Proxy::instrumentedCallFunction):
+
 2012-08-20  Kentaro Hara  <haraken@chromium.org>
 

trunk/Source/WebCore/bindings/v8/NPV8Object.cpp

@@ -592 +592 @@
         v8::Handle<v8::Function> ctor(v8::Function::Cast(*ctorObj));
         if (!ctor->IsNull()) {
-            V8Proxy* proxy = toV8Proxy(npObject);
-            ASSERT(proxy);
-
+            Frame* frame = object->rootObject->frame();
+            ASSERT(frame);
             OwnArrayPtr<v8::Handle<v8::Value> > argv = createValueListFromVariantArgs(arguments, argumentCount, npObject);
-            resultObject = proxy->newInstance(ctor, argumentCount, argv.get());
+            resultObject = V8ObjectConstructor::newInstanceInDocument(ctor, argumentCount, argv.get(), frame ? frame->document() : 0);
         }
 

trunk/Source/WebCore/bindings/v8/V8Binding.cpp

@@ -382 +382 @@
 }
 
+void crashIfV8IsDead()
+{
+    if (v8::V8::IsDead()) {
+        // FIXME: We temporarily deal with V8 internal error situations
+        // such as out-of-memory by crashing the renderer.
+        CRASH();
+    }
+}
+
 } // namespace WebCore

trunk/Source/WebCore/bindings/v8/V8Binding.h

@@ -369 +369 @@
     PassRefPtr<DOMStringList> toDOMStringList(v8::Handle<v8::Value>);
 
+    void crashIfV8IsDead();
+
     class V8ParameterBase {
     public:

trunk/Source/WebCore/bindings/v8/V8ObjectConstructor.cpp

@@ -26 +26 @@
 #include "V8ObjectConstructor.h"
 
+#include "Frame.h"
 #include "V8Binding.h"
+#include "V8RecursionScope.h"
+
+#if PLATFORM(CHROMIUM)
+#include "TraceEvent.h"
+#endif
 
 namespace WebCore {
+
+v8::Local<v8::Object> V8ObjectConstructor::newInstance(v8::Handle<v8::Function> function)
+{
+    if (function.IsEmpty())
+        return v8::Local<v8::Object>();
+    ConstructorMode constructorMode;
+    V8RecursionScope::MicrotaskSuppression scope;
+    v8::Local<v8::Object> result = function->NewInstance();
+    crashIfV8IsDead();
+    return result;
+}
+
+v8::Local<v8::Object> V8ObjectConstructor::newInstance(v8::Handle<v8::ObjectTemplate> objectTemplate)
+{
+    if (objectTemplate.IsEmpty())
+        return v8::Local<v8::Object>();
+    ConstructorMode constructorMode;
+    V8RecursionScope::MicrotaskSuppression scope;
+    v8::Local<v8::Object> result = objectTemplate->NewInstance();
+    crashIfV8IsDead();
+    return result;
+}
+
+v8::Local<v8::Object> V8ObjectConstructor::newInstance(v8::Handle<v8::Function> function, int argc, v8::Handle<v8::Value> argv[])
+{
+    if (function.IsEmpty())
+        return v8::Local<v8::Object>();
+    ConstructorMode constructorMode;
+    V8RecursionScope::MicrotaskSuppression scope;
+    v8::Local<v8::Object> result = function->NewInstance(argc, argv);
+    crashIfV8IsDead();
+    return result;
+}
+
+v8::Local<v8::Object> V8ObjectConstructor::newInstanceInDocument(v8::Handle<v8::Function> function, int argc, v8::Handle<v8::Value> argv[], Document* document)
+{
+#if PLATFORM(CHROMIUM)
+    TRACE_EVENT0("v8", "v8.newInstance");
+#endif
+
+    // No artificial limitations on the depth of recursion, see comment in
+    // V8Proxy::callFunction.
+    V8RecursionScope recursionScope(document);
+    v8::Local<v8::Object> result = function->NewInstance(argc, argv);
+    crashIfV8IsDead();
+    return result;
+}
 
 v8::Handle<v8::Value> V8ObjectConstructor::isValidConstructorMode(const v8::Arguments& args)

trunk/Source/WebCore/bindings/v8/V8ObjectConstructor.h

@@ -33 +33 @@
 
 #include "V8PerIsolateData.h"
-#include "V8RecursionScope.h"
 
 #include <v8.h>
 
 namespace WebCore {
+
+class Document;
 
 class ConstructorMode {
@@ -67 +68 @@
 class V8ObjectConstructor {
 public:
-    static inline v8::Local<v8::Object> newInstance(v8::Handle<v8::Function>);
-    static inline v8::Local<v8::Object> newInstance(v8::Handle<v8::ObjectTemplate>);
-    static inline v8::Local<v8::Object> newInstance(v8::Handle<v8::Function>, int argc, v8::Handle<v8::Value> argv[]);
+    static v8::Local<v8::Object> newInstance(v8::Handle<v8::Function>);
+    static v8::Local<v8::Object> newInstance(v8::Handle<v8::ObjectTemplate>);
+    static v8::Local<v8::Object> newInstance(v8::Handle<v8::Function>, int, v8::Handle<v8::Value> argv[]);
+    static v8::Local<v8::Object> newInstanceInDocument(v8::Handle<v8::Function>, int, v8::Handle<v8::Value> argv[], Document*);
 
     static v8::Handle<v8::Value> isValidConstructorMode(const v8::Arguments&);
 };
 
-v8::Local<v8::Object> V8ObjectConstructor::newInstance(v8::Handle<v8::Function> function)
-{
-    if (function.IsEmpty())
-        return v8::Local<v8::Object>();
-    ConstructorMode constructorMode;
-    V8RecursionScope::MicrotaskSuppression scope;
-    return function->NewInstance();
-}
-
-v8::Local<v8::Object> V8ObjectConstructor::newInstance(v8::Handle<v8::ObjectTemplate> objectTemplate)
-{
-    if (objectTemplate.IsEmpty())
-        return v8::Local<v8::Object>();
-    ConstructorMode constructorMode;
-    V8RecursionScope::MicrotaskSuppression scope;
-    return objectTemplate->NewInstance();
-}
-
-v8::Local<v8::Object> V8ObjectConstructor::newInstance(v8::Handle<v8::Function> function, int argc, v8::Handle<v8::Value> argv[])
-{
-    if (function.IsEmpty())
-        return v8::Local<v8::Object>();
-    ConstructorMode constructorMode;
-    V8RecursionScope::MicrotaskSuppression scope;
-    return function->NewInstance(argc, argv);
-}
-
 } // namespace WebCore
 

trunk/Source/WebCore/bindings/v8/V8Proxy.cpp

@@ -106 +106 @@
 }
 
-static void handleFatalErrorInV8()
-{
-    // FIXME: We temporarily deal with V8 internal error situations
-    // such as out-of-memory by crashing the renderer.
-    CRASH();
-}
-
 static v8::Local<v8::Value> handleMaxRecursionDepthExceeded()
 {
@@ -263 +256 @@
         return v8::Local<v8::Value>();
 
-    if (v8::V8::IsDead())
-        handleFatalErrorInV8();
-
+    crashIfV8IsDead();
     return result;
 }
@@ -321 +312 @@
 
     InspectorInstrumentation::didCallFunction(cookie);
-
-    if (v8::V8::IsDead())
-        handleFatalErrorInV8();
-
-    return result;
-}
-
-v8::Local<v8::Value> V8Proxy::newInstance(v8::Handle<v8::Function> constructor, int argc, v8::Handle<v8::Value> args[])
-{
-#if PLATFORM(CHROMIUM)
-    TRACE_EVENT0("v8", "v8.newInstance");
-#endif
-
-    // No artificial limitations on the depth of recursion, see comment in
-    // V8Proxy::callFunction.
-    v8::Local<v8::Value> result;
-    {
-        V8RecursionScope recursionScope(frame() ? frame()->document() : 0);
-        result = constructor->NewInstance(argc, args);
-    }
-
-    if (v8::V8::IsDead())
-        handleFatalErrorInV8();
-
+    crashIfV8IsDead();
     return result;
 }