[v8] wrapSlow methods should ref underlying object before creating wrapper
authoradamk@chromium.org <adamk@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 23 Mar 2012 02:38:05 +0000 (02:38 +0000)
committeradamk@chromium.org <adamk@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 23 Mar 2012 02:38:05 +0000 (02:38 +0000)
commit602c1cb4d84dec1c630d55d29941f6c1cdc39c1a
treea2f32f7dd569b251d29a2189b0da3ce5bbc6f0dc
parente3b8269eaa743e3929e89bb0f830e602bfc8220e
[v8] wrapSlow methods should ref underlying object before creating wrapper
https://bugs.webkit.org/show_bug.cgi?id=81919

Reviewed by Adam Barth.

Because instatiating the wrapper can trigger GC, it's important that
wrapSlow() hold a reference to an object when creating a wrapper for
that object. Once the V8 wrapper exists and is associated with the object,
the reference can be handed off (via leakRef) to be handled by the normal
binding code logic (where derefObject is called if the handle is GCed).

Binding tests have been updated to reflect this change.

Testing the change directly is hard. Any test landed today would only
be a valid test until V8's logic about when to GC changes, at which point
it would become dead weight. So I don't think it's worth landing a
layout test along with this.

* bindings/scripts/CodeGeneratorV8.pm:
(GenerateHeader): Make wrapSlow take a PassRefPtr for RefCounted objects.
(GenerateToV8Converters): Get rid of the explicit call to ref() and
instead call leakRef() when adding a RefCounted object to the DOM map.
(GetPassRefPtrType): Helper to generate "PassRefPtr<T>", or "PassRefPtr<T<U> >" as appropriate.
* bindings/scripts/test/V8/V8Float64Array.cpp:
(WebCore::V8Float64Array::wrapSlow):
* bindings/scripts/test/V8/V8Float64Array.h:
(V8Float64Array):
* bindings/scripts/test/V8/V8TestActiveDOMObject.cpp:
(WebCore::V8TestActiveDOMObject::wrapSlow):
* bindings/scripts/test/V8/V8TestActiveDOMObject.h:
(V8TestActiveDOMObject):
* bindings/scripts/test/V8/V8TestCustomNamedGetter.cpp:
(WebCore::V8TestCustomNamedGetter::wrapSlow):
* bindings/scripts/test/V8/V8TestCustomNamedGetter.h:
(V8TestCustomNamedGetter):
* bindings/scripts/test/V8/V8TestEventConstructor.cpp:
(WebCore::V8TestEventConstructor::wrapSlow):
* bindings/scripts/test/V8/V8TestEventConstructor.h:
(V8TestEventConstructor):
* bindings/scripts/test/V8/V8TestEventTarget.cpp:
(WebCore::V8TestEventTarget::wrapSlow):
* bindings/scripts/test/V8/V8TestEventTarget.h:
(V8TestEventTarget):
* bindings/scripts/test/V8/V8TestInterface.cpp:
(WebCore::V8TestInterface::wrapSlow):
* bindings/scripts/test/V8/V8TestInterface.h:
(V8TestInterface):
* bindings/scripts/test/V8/V8TestMediaQueryListListener.cpp:
(WebCore::V8TestMediaQueryListListener::wrapSlow):
* bindings/scripts/test/V8/V8TestMediaQueryListListener.h:
(V8TestMediaQueryListListener):
* bindings/scripts/test/V8/V8TestNamedConstructor.cpp:
(WebCore::V8TestNamedConstructor::wrapSlow):
* bindings/scripts/test/V8/V8TestNamedConstructor.h:
(V8TestNamedConstructor):
* bindings/scripts/test/V8/V8TestObj.cpp:
(WebCore::V8TestObj::wrapSlow):
* bindings/scripts/test/V8/V8TestObj.h:
(V8TestObj):
* bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.cpp:
(WebCore::V8TestSerializedScriptValueInterface::wrapSlow):
* bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.h:
(V8TestSerializedScriptValueInterface):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@111813 268f45cc-cd09-0410-ab3c-d52691b4dbfc
22 files changed:
Source/WebCore/ChangeLog
Source/WebCore/bindings/scripts/CodeGeneratorV8.pm
Source/WebCore/bindings/scripts/test/V8/V8Float64Array.cpp
Source/WebCore/bindings/scripts/test/V8/V8Float64Array.h
Source/WebCore/bindings/scripts/test/V8/V8TestActiveDOMObject.cpp
Source/WebCore/bindings/scripts/test/V8/V8TestActiveDOMObject.h
Source/WebCore/bindings/scripts/test/V8/V8TestCustomNamedGetter.cpp
Source/WebCore/bindings/scripts/test/V8/V8TestCustomNamedGetter.h
Source/WebCore/bindings/scripts/test/V8/V8TestEventConstructor.cpp
Source/WebCore/bindings/scripts/test/V8/V8TestEventConstructor.h
Source/WebCore/bindings/scripts/test/V8/V8TestEventTarget.cpp
Source/WebCore/bindings/scripts/test/V8/V8TestEventTarget.h
Source/WebCore/bindings/scripts/test/V8/V8TestInterface.cpp
Source/WebCore/bindings/scripts/test/V8/V8TestInterface.h
Source/WebCore/bindings/scripts/test/V8/V8TestMediaQueryListListener.cpp
Source/WebCore/bindings/scripts/test/V8/V8TestMediaQueryListListener.h
Source/WebCore/bindings/scripts/test/V8/V8TestNamedConstructor.cpp
Source/WebCore/bindings/scripts/test/V8/V8TestNamedConstructor.h
Source/WebCore/bindings/scripts/test/V8/V8TestObj.cpp
Source/WebCore/bindings/scripts/test/V8/V8TestObj.h
Source/WebCore/bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.cpp
Source/WebCore/bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.h