JavaScriptCore:
authorggaren <ggaren@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 16 Feb 2006 06:34:49 +0000 (06:34 +0000)
committerggaren <ggaren@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 16 Feb 2006 06:34:49 +0000 (06:34 +0000)
commit72a9184e99e3978cfdaf40f2adad833dc547217e
tree72858be9c88d64142fb5bad5f7b9c53aad1d3123
parent4973f6b5982abf9f5bf70c71a5b3f7c58ce498de
JavaScriptCore:

        Reviewed by Maciej, Eric.

        - WebCore half of fix for <rdar://problem/4176077> CrashTracer: 6569
        crashes in DashboardClient at com.apple.JavaScriptCore:
        KJS::Bindings::ObjcFallbackObjectImp::type()

        WebCore and JavaScriptCore weren't sharing Instance objects very
        nicely. I made them use RefPtrs, and sent them to bed without dessert.

        * bindings/jni/jni_instance.cpp: Made _instance a RefPtr
        (JavaInstance::~JavaInstance):
        (JObjectWrapper::JObjectWrapper):
        * bindings/jni/jni_instance.h:
        (KJS::Bindings::JObjectWrapper::ref):
        (KJS::Bindings::JObjectWrapper::deref):
        * bindings/jni/jni_runtime.cpp: Made _array a RefPtr
        (JavaArray::~JavaArray):
        (JavaArray::JavaArray):
        * bindings/jni/jni_runtime.h:
        (KJS::Bindings::JavaArray::operator=):
        * bindings/objc/objc_runtime.h:
        - Prohibited copying because that would muss the ref count.
        - Prohibited construction without instance because an instance wrapper
        without an instance is almost certainly a bug.
        * bindings/objc/objc_runtime.mm:
        (ObjcFallbackObjectImp::ObjcFallbackObjectImp):
        * bindings/runtime.cpp:
        (KJS::Bindings::Instance::Instance):
        (KJS::Bindings::Instance::createBindingForLanguageInstance):
        (KJS::Bindings::Instance::createRuntimeObject):
        * bindings/runtime.h:
        (KJS::Bindings::Instance::ref):
        (KJS::Bindings::Instance::deref):
        * bindings/runtime_object.cpp:
        (RuntimeObjectImp::RuntimeObjectImp):
        (RuntimeObjectImp::fallbackObjectGetter):
        (RuntimeObjectImp::fieldGetter):
        (RuntimeObjectImp::methodGetter):
        (RuntimeObjectImp::getOwnPropertySlot):
        (RuntimeObjectImp::put):
        (RuntimeObjectImp::canPut):
        * bindings/runtime_object.h:
        - Removed ownsInstance data member because RefPtr takes care of
        instance lifetime now.
        - Prohibited copying because that would muss the ref count.
        - Prohibited construction without instance because an instance wrapper
        without an instance is almost certainly a bug.
        (KJS::RuntimeObjectImp::getInternalInstance):

LayoutTests:

        Reviewed by Eric.

        - Layout test for <rdar://problem/4176077> CrashTracer: 6569
        crashes in DashboardClient at com.apple.JavaScriptCore:
        KJS::Bindings::ObjcFallbackObjectImp::type()

        * plugins: Added.
        * plugins/undefined-property-crash-expected.txt: Added.
        * plugins/undefined-property-crash.html: Added.

WebCore:

        Reviewed by Maciej, Eric.

        - WebCore half of fix for <rdar://problem/4176077> CrashTracer: 6569
        crashes in DashboardClient at com.apple.JavaScriptCore:
        KJS::Bindings::ObjcFallbackObjectImp::type()

        WebCore and JavaScriptCore weren't sharing Instance objects very
        nicely. I made them use RefPtrs, and sent them to bed without dessert.

        * khtml/html/html_objectimpl.cpp:
        (WebCore::HTMLAppletElementImpl::HTMLAppletElementImpl): Made
        appletInstance a RefPtr
        (WebCore::HTMLAppletElementImpl::getAppletInstance):
        (WebCore::HTMLAppletElementImpl::detach):
        (WebCore::HTMLEmbedElementImpl::HTMLEmbedElementImpl): Made
        embedInstance a RefPtr
        (WebCore::HTMLEmbedElementImpl::getEmbedInstance):
        (WebCore::HTMLEmbedElementImpl::detach):
        (WebCore::HTMLObjectElementImpl::HTMLObjectElementImpl): Made
        objectInstance a RefPtr
        (WebCore::HTMLObjectElementImpl::getObjectInstance):
        (WebCore::HTMLObjectElementImpl::detach):
        * bindings/js/JSDOMCore.cpp:
        * khtml/ecma/kjs_dom.cpp:
        (KJS::getRuntimeObject):
        * khtml/html/html_objectimpl.h:

WebKitTools:

        Reviewed by Eric.

        * DumpRenderTree/DumpRenderTree.m:
        (-[LayoutTestController invokeUndefinedMethodFromWebScript:withArguments:]):
        Added a dummy method for the sake of LayoutTests/plugins/
        undefined-property-crash.html. (It tests a crash due to fallback
        object use. WebCore won't create a fallback object if the method is
        not defined.)

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@12840 268f45cc-cd09-0410-ab3c-d52691b4dbfc
20 files changed:
JavaScriptCore/ChangeLog
JavaScriptCore/bindings/jni/jni_instance.cpp
JavaScriptCore/bindings/jni/jni_instance.h
JavaScriptCore/bindings/jni/jni_runtime.cpp
JavaScriptCore/bindings/jni/jni_runtime.h
JavaScriptCore/bindings/objc/objc_runtime.h
JavaScriptCore/bindings/objc/objc_runtime.mm
JavaScriptCore/bindings/runtime.cpp
JavaScriptCore/bindings/runtime.h
JavaScriptCore/bindings/runtime_object.cpp
JavaScriptCore/bindings/runtime_object.h
LayoutTests/ChangeLog
LayoutTests/plugins/undefined-property-crash-expected.txt [new file with mode: 0644]
LayoutTests/plugins/undefined-property-crash.html [new file with mode: 0644]
WebCore/ChangeLog
WebCore/khtml/ecma/kjs_dom.cpp
WebCore/khtml/html/html_objectimpl.cpp
WebCore/khtml/html/html_objectimpl.h
WebKitTools/ChangeLog
WebKitTools/DumpRenderTree/DumpRenderTree.m