Changeset 64479 in webkit
- Timestamp:
- Aug 2, 2010 11:28:07 AM (14 years ago)
- Location:
- trunk
- Files:
-
- 3 added
- 13 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r64478 r64479 1 2010-08-02 Anders Carlsson <andersca@apple.com> 2 3 Reviewed by Sam Weinig. 4 5 Cache JSNPObjects and fix bugs in the object map 6 https://bugs.webkit.org/show_bug.cgi?id=43368 7 8 * plugins/npruntime/object-from-destroyed-plugin-expected.txt: Added. 9 * plugins/npruntime/object-from-destroyed-plugin.html: Added. 10 1 11 2010-08-02 Chris Fleizach <cfleizach@apple.com> 2 12 -
trunk/WebKit2/ChangeLog
r64462 r64479 1 2010-08-02 Anders Carlsson <andersca@apple.com> 2 3 Reviewed by Sam Weinig. 4 5 Cache JSNPObjects and fix bugs in the object map 6 https://bugs.webkit.org/show_bug.cgi?id=43368 7 8 * WebProcess/Plugins/JSNPObject.cpp: 9 (WebKit::JSNPObject::JSNPObject): 10 Assert that we're not trying to wrap an NPJSObject. 11 12 (WebKit::JSNPObject::~JSNPObject): 13 Tell the object map that we're gone. 14 15 (WebKit::JSNPObject::invalidate): 16 Release the NPObject and null out the pointer. 17 18 * WebProcess/Plugins/NPJSObject.cpp: 19 (WebKit::NPJSObject::create): 20 Assert that we're not trying to wrap a JSNPObject. 21 22 * WebProcess/Plugins/NPRuntimeObjectMap.cpp: 23 (WebKit::NPRuntimeObjectMap::getOrCreateNPObject): 24 If we're passed a JSNPObject, just extract its NPObject. 25 26 (WebKit::NPRuntimeObjectMap::getOrCreateJSObject): 27 If we're passed an NPJSObject, just extract its JSObject. Otherwise, check if we already have 28 a JSObject for this NPObject and return it. 29 30 (WebKit::NPRuntimeObjectMap::jsNPObjectDestroyed): 31 Remove the object from the map. 32 33 (WebKit::NPRuntimeObjectMap::convertNPVariantToJSValue): 34 getOrCreateJSObject now checks for wrapped objects. 35 36 (WebKit::NPRuntimeObjectMap::convertJSValueToNPVariant): 37 getOrCreateNPObject now checks for wrapped objects. 38 39 (WebKit::NPRuntimeObjectMap::invalidate): 40 Invalidate JSNPObjects as well. 41 1 42 2010-08-02 Jeremy Orlow <jorlow@chromium.org> 2 43 -
trunk/WebKit2/WebProcess/Plugins/JSNPObject.cpp
r64449 r64479 27 27 28 28 #include "JSNPMethod.h" 29 #include "NPJSObject.h" 29 30 #include "NPRuntimeObjectMap.h" 30 31 #include "NPRuntimeUtilities.h" … … 36 37 #include <WebCore/PlatformString.h> 37 38 39 using namespace JSC; 38 40 using namespace WebCore; 39 using namespace JSC;40 41 41 42 namespace WebKit { … … 53 54 , m_npObject(npObject) 54 55 { 56 // We should never have an NPJSObject inside a JSNPObject. 57 ASSERT(!NPJSObject::isNPJSObject(m_npObject)); 58 55 59 retainNPObject(m_npObject); 56 60 } … … 58 62 JSNPObject::~JSNPObject() 59 63 { 60 // FIXME: Implement. 64 if (!m_npObject) 65 return; 66 67 m_objectMap->jsNPObjectDestroyed(this); 68 releaseNPObject(m_npObject); 69 } 70 71 void JSNPObject::invalidate() 72 { 73 ASSERT(m_npObject); 74 75 releaseNPObject(m_npObject); 76 m_npObject = 0; 61 77 } 62 78 -
trunk/WebKit2/WebProcess/Plugins/JSNPObject.h
r64447 r64479 43 43 ~JSNPObject(); 44 44 45 void invalidate(); 46 45 47 JSC::JSValue callMethod(JSC::ExecState*, NPIdentifier methodName); 46 48 JSC::JSValue callObject(JSC::ExecState*); -
trunk/WebKit2/WebProcess/Plugins/NPJSObject.cpp
r64444 r64479 26 26 #include "NPJSObject.h" 27 27 28 #include "JSNPObject.h" 28 29 #include "NPRuntimeObjectMap.h" 29 30 #include "NPRuntimeUtilities.h" … … 43 44 NPJSObject* NPJSObject::create(NPRuntimeObjectMap* objectMap, JSObject* jsObject) 44 45 { 46 // We should never have a JSNPObject inside an NPJSObject. 47 ASSERT(!jsObject->inherits(&JSNPObject::s_info)); 48 45 49 NPJSObject* npJSObject = toNPJSObject(createNPObject(0, npClass())); 46 50 npJSObject->initialize(objectMap, jsObject); -
trunk/WebKit2/WebProcess/Plugins/NPRuntimeObjectMap.cpp
r64449 r64479 49 49 NPObject* NPRuntimeObjectMap::getOrCreateNPObject(JSObject* jsObject) 50 50 { 51 // If this is a JSNPObject, we can just get its underlying NPObject. 52 if (jsObject->classInfo() == &JSNPObject::s_info) { 53 JSNPObject* jsNPObject = static_cast<JSNPObject*>(jsObject); 54 NPObject* npObject = jsNPObject->npObject(); 55 56 retainNPObject(npObject); 57 return npObject; 58 } 59 51 60 // First, check if we already know about this object. 52 if (NPJSObject* npJSObject = m_ objects.get(jsObject)) {61 if (NPJSObject* npJSObject = m_npJSObjects.get(jsObject)) { 53 62 retainNPObject(npJSObject); 54 63 return npJSObject; … … 56 65 57 66 NPJSObject* npJSObject = NPJSObject::create(this, jsObject); 58 m_ objects.set(jsObject, npJSObject);67 m_npJSObjects.set(jsObject, npJSObject); 59 68 60 69 return npJSObject; … … 64 73 { 65 74 // Remove the object from the map. 66 ASSERT(m_ objects.contains(npJSObject->jsObject()));67 m_ objects.remove(npJSObject->jsObject());75 ASSERT(m_npJSObjects.contains(npJSObject->jsObject())); 76 m_npJSObjects.remove(npJSObject->jsObject()); 68 77 } 69 78 70 79 JSObject* NPRuntimeObjectMap::getOrCreateJSObject(JSGlobalObject* globalObject, NPObject* npObject) 71 80 { 72 // FIXME: Check if we already have a wrapper for this NPObject! 73 return new (globalObject->globalData()) JSNPObject(globalObject, this, npObject); 81 // If this is an NPJSObject, we can just get the JSObject that it's wrapping. 82 if (NPJSObject::isNPJSObject(npObject)) 83 return NPJSObject::toNPJSObject(npObject)->jsObject(); 84 85 if (JSNPObject* jsNPObject = m_jsNPObjects.get(npObject)) 86 return jsNPObject; 87 88 JSNPObject* jsNPObject = new (globalObject->globalData()) JSNPObject(globalObject, this, npObject); 89 m_jsNPObjects.set(npObject, jsNPObject); 90 91 return jsNPObject; 74 92 } 75 93 76 94 void NPRuntimeObjectMap::jsNPObjectDestroyed(JSNPObject* jsNPObject) 77 95 { 78 // FIXME: Implement. 96 // Remove the object from the map. 97 ASSERT(m_jsNPObjects.contains(jsNPObject->npObject())); 98 m_jsNPObjects.remove(jsNPObject->npObject()); 79 99 } 80 100 … … 100 120 return jsString(exec, String::fromUTF8WithLatin1Fallback(variant.value.stringValue.UTF8Characters, 101 121 variant.value.stringValue.UTF8Length)); 102 case NPVariantType_Object: { 103 NPObject* npObject = variant.value.objectValue; 104 105 // Just get the object from the NPJSObject. 106 if (NPJSObject::isNPJSObject(npObject)) 107 return NPJSObject::toNPJSObject(npObject)->jsObject(); 108 109 ASSERT(globalObject); 110 111 return getOrCreateJSObject(globalObject, npObject); 112 } 122 case NPVariantType_Object: 123 return getOrCreateJSObject(globalObject, variant.value.objectValue); 113 124 } 114 125 … … 155 166 156 167 if (value.isObject()) { 157 JSObject* jsObject = asObject(value); 158 159 if (jsObject->classInfo() == &JSNPObject::s_info) { 160 JSNPObject* jsNPObject = static_cast<JSNPObject*>(jsObject); 161 NPObject* npObject = jsNPObject->npObject(); 162 163 retainNPObject(npObject); 164 OBJECT_TO_NPVARIANT(npObject, variant); 165 return; 166 } 167 168 NPObject* npObject = getOrCreateNPObject(jsObject); 168 NPObject* npObject = getOrCreateNPObject(asObject(value)); 169 169 OBJECT_TO_NPVARIANT(npObject, variant); 170 170 return; … … 208 208 { 209 209 Vector<NPJSObject*> npJSObjects; 210 copyValuesToVector(m_ objects, npJSObjects);210 copyValuesToVector(m_npJSObjects, npJSObjects); 211 211 212 212 // Deallocate all the object wrappers so we won't leak any JavaScript objects. … … 214 214 deallocateNPObject(npJSObjects[i]); 215 215 216 // We shouldn't have any objects left now. 217 ASSERT(m_objects.isEmpty()); 216 // We shouldn't have any NPJSObjects left now. 217 ASSERT(m_npJSObjects.isEmpty()); 218 219 Vector<JSNPObject*> jsNPObjects; 220 copyValuesToVector(m_jsNPObjects, jsNPObjects); 221 222 // Invalidate all the JSObjects that wrap NPObjects. 223 for (size_t i = 0; i < jsNPObjects.size(); ++i) 224 jsNPObjects[i]->invalidate(); 225 226 m_jsNPObjects.clear(); 218 227 } 219 228 -
trunk/WebKit2/WebProcess/Plugins/NPRuntimeObjectMap.h
r64449 r64479 80 80 PluginView* m_pluginView; 81 81 82 HashMap<JSC::JSObject*, NPJSObject*> m_objects; 82 HashMap<JSC::JSObject*, NPJSObject*> m_npJSObjects; 83 HashMap<NPObject*, JSNPObject*> m_jsNPObjects; 83 84 }; 84 85 -
trunk/WebKitTools/ChangeLog
r64470 r64479 1 2010-08-02 Anders Carlsson <andersca@apple.com> 2 3 Reviewed by Sam Weinig. 4 5 Cache JSNPObjects and fix bugs in the object map 6 https://bugs.webkit.org/show_bug.cgi?id=43368 7 8 Test that we correctly throw exceptions when trying to do things to a JSObject that used to 9 wrap an NPObject that came from a plug-in that is now destroyed. 10 11 * DumpRenderTree/DumpRenderTree.xcodeproj/project.pbxproj: 12 * DumpRenderTree/TestNetscapePlugIn/PluginTest.h: 13 (PluginTest::Object::getProperty): 14 (PluginTest::Object::NP_GetProperty): 15 (PluginTest::Object::npClass): 16 * DumpRenderTree/TestNetscapePlugIn/Tests/NPRuntimeObjectFromDestroyedPlugin.cpp: Added. 17 (NPRuntimeObjectFromDestroyedPlugin::NPRuntimeObjectFromDestroyedPlugin): 18 (NPRuntimeObjectFromDestroyedPlugin::ScriptableObject::hasProperty): 19 (NPRuntimeObjectFromDestroyedPlugin::ScriptableObject::getProperty): 20 (NPRuntimeObjectFromDestroyedPlugin::NPP_GetValue): 21 * DumpRenderTree/TestNetscapePlugIn/win/TestNetscapePlugin.vcproj: 22 * DumpRenderTree/qt/TestNetscapePlugin/TestNetscapePlugin.pro: 23 * GNUmakefile.am: 24 1 25 2010-08-02 Martin Robinson <mrobinson@igalia.com> 2 26 -
trunk/WebKitTools/DumpRenderTree/DumpRenderTree.xcodeproj/project.pbxproj
r64444 r64479 36 36 1A215A8211F2609C008AD0F5 /* PluginTest.h in Headers */ = {isa = PBXBuildFile; fileRef = 1A215A8011F2609C008AD0F5 /* PluginTest.h */; }; 37 37 1A215BE711F27658008AD0F5 /* DocumentOpenInDestroyStream.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 1A215A7511F26072008AD0F5 /* DocumentOpenInDestroyStream.cpp */; }; 38 1A24BAA9120734EE00FBB059 /* NPRuntimeObjectFromDestroyedPlugin.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 1A24BAA8120734EE00FBB059 /* NPRuntimeObjectFromDestroyedPlugin.cpp */; }; 38 39 1A8F02E80BB9B4EC008CFA34 /* TestObject.h in Headers */ = {isa = PBXBuildFile; fileRef = 1A8F024C0BB9B056008CFA34 /* TestObject.h */; }; 39 40 1AC6C8490D07638600CD3161 /* main.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 1AC6C77F0D07589B00CD3161 /* main.cpp */; }; … … 194 195 1A215A7F11F2609C008AD0F5 /* PluginTest.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = PluginTest.cpp; sourceTree = "<group>"; }; 195 196 1A215A8011F2609C008AD0F5 /* PluginTest.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PluginTest.h; sourceTree = "<group>"; }; 197 1A24BAA8120734EE00FBB059 /* NPRuntimeObjectFromDestroyedPlugin.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = NPRuntimeObjectFromDestroyedPlugin.cpp; sourceTree = "<group>"; }; 196 198 1A8F024C0BB9B056008CFA34 /* TestObject.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = TestObject.h; sourceTree = "<group>"; }; 197 199 1AC6C77F0D07589B00CD3161 /* main.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = main.cpp; sourceTree = "<group>"; }; … … 439 441 children = ( 440 442 1A215A7511F26072008AD0F5 /* DocumentOpenInDestroyStream.cpp */, 443 1A24BAA8120734EE00FBB059 /* NPRuntimeObjectFromDestroyedPlugin.cpp */, 441 444 1AC77DCE120605B6005C19EF /* NPRuntimeRemoveProperty.cpp */, 442 445 1AD9D2FD12028409001A70D1 /* PluginScriptableNPObjectInvokeDefault.cpp */, … … 713 716 1AD9D2FE12028409001A70D1 /* PluginScriptableNPObjectInvokeDefault.cpp in Sources */, 714 717 1AC77DCF120605B6005C19EF /* NPRuntimeRemoveProperty.cpp in Sources */, 718 1A24BAA9120734EE00FBB059 /* NPRuntimeObjectFromDestroyedPlugin.cpp in Sources */, 715 719 ); 716 720 runOnlyForDeploymentPostprocessing = 0; -
trunk/WebKitTools/DumpRenderTree/TestNetscapePlugIn/PluginTest.h
r64444 r64479 48 48 DEFINE_HAS_MEMBER_CHECK(invokeDefault, bool, (const NPVariant*, uint32_t, NPVariant* result)); 49 49 DEFINE_HAS_MEMBER_CHECK(hasProperty, bool, (NPIdentifier propertyName)); 50 DEFINE_HAS_MEMBER_CHECK(getProperty, bool, (NPIdentifier propertyName, NPVariant* result)); 50 51 51 52 class PluginTest { … … 122 123 } 123 124 125 bool getProperty(NPIdentifier propertyName, NPVariant* result) 126 { 127 assert(false); 128 return false; 129 } 130 124 131 protected: 125 132 Object() … … 164 171 return static_cast<T*>(npObject)->hasProperty(propertyName); 165 172 } 166 173 174 static bool NP_GetProperty(NPObject* npObject, NPIdentifier propertyName, NPVariant* result) 175 { 176 return static_cast<T*>(npObject)->getProperty(propertyName, result); 177 } 178 167 179 static NPClass* npClass() 168 180 { … … 176 188 has_member_invokeDefault<T>::value ? NP_InvokeDefault : 0, 177 189 has_member_hasProperty<T>::value ? NP_HasProperty : 0, 178 0, // NPClass::getProperty190 has_member_getProperty<T>::value ? NP_GetProperty : 0, 179 191 0, // NPClass::setProperty 180 192 0, // NPClass::removeProperty -
trunk/WebKitTools/DumpRenderTree/TestNetscapePlugIn/win/TestNetscapePlugin.vcproj
r64444 r64479 464 464 > 465 465 </File> 466 <File 467 RelativePath="..\Tests\NPRuntimeObjectFromDestroyedPlugin.cpp" 468 > 469 </File> 466 470 <File 467 471 RelativePath="..\Tests\NPRuntimeRemoveProperty.cpp" -
trunk/WebKitTools/DumpRenderTree/qt/TestNetscapePlugin/TestNetscapePlugin.pro
r64444 r64479 30 30 TestObject.cpp \ 31 31 Tests/DocumentOpenInDestroyStream.cpp \ 32 Tests/NPRuntimeObjectFromDestroyedPlugin.cpp \ 32 33 Tests/NPRuntimeRemoveProperty.cpp \ 33 34 Tests/PluginScriptableNPObjectInvokeDefault.cpp -
trunk/WebKitTools/GNUmakefile.am
r64444 r64479 160 160 WebKitTools/DumpRenderTree/unix/TestNetscapePlugin/TestNetscapePlugin.cpp \ 161 161 WebKitTools/DumpRenderTree/TestNetscapePlugIn/Tests/DocumentOpenInDestroyStream.cpp \ 162 WebKitTools/DumpRenderTree/TestNetscapePlugIn/Tests/NPRuntimeObjectFromDestroyedPlugin.cpp \ 162 163 WebKitTools/DumpRenderTree/TestNetscapePlugIn/Tests/NPRuntimeRemoveProperty.cpp \ 163 164 WebKitTools/DumpRenderTree/TestNetscapePlugIn/Tests/PluginScriptableNPObjectInvokeDefault.cpp \
Note: See TracChangeset
for help on using the changeset viewer.