2009-02-27 Anders Carlsson <andersca@apple.com>

        Reviewed by Geoffrey Garen.

        <rdar://problem/6631436>
        CrashTracer: [USER] 1 crash in Safari at com.apple.WebKit • WebKit::NetscapePluginInstanceProxy::addValueToArray + 55

        Port the NPN_Evaluate code over from WebCore instead of using the frame loader.

        * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
        (WebKit::NetscapePluginInstanceProxy::evaluate):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@41303 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/WebKit/mac/ChangeLog b/WebKit/mac/ChangeLog
index 29de1f5e4d9a7f622a08230727e500291ad89abe..61cfd715bde0401be2ba9de118b3d79eb1cd8fc1 100644 (file)
--- a/WebKit/mac/ChangeLog
+++ b/WebKit/mac/ChangeLog
@@ -1,3 +1,15 @@
+2009-02-27  Anders Carlsson  <andersca@apple.com>
+
+        Reviewed by Geoffrey Garen.
+
+        <rdar://problem/6631436>
+        CrashTracer: [USER] 1 crash in Safari at com.apple.WebKit • WebKit::NetscapePluginInstanceProxy::addValueToArray + 55
+        
+        Port the NPN_Evaluate code over from WebCore instead of using the frame loader.
+        
+        * Plugins/Hosted/NetscapePluginInstanceProxy.mm:
+        (WebKit::NetscapePluginInstanceProxy::evaluate):
+
 2009-02-27  Anders Carlsson  <andersca@apple.com>
 
         Reviewed by Geoffrey Garen.

diff --git a/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm b/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm
index 086bb3e4491e1fa35bef3ac7ffe6775b463c8eec..6d54646c1dec8bbec3f44ea979937ec44541b457 100644 (file)
--- a/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm
+++ b/WebKit/mac/Plugins/Hosted/NetscapePluginInstanceProxy.mm
@@ -576,11 +576,25 @@ bool NetscapePluginInstanceProxy::evaluate(uint32_t objectID, const String& scri
     Frame* frame = core([m_pluginView webFrame]);
     if (!frame)
         return false;
+
+    JSLock lock(false);
     
-    ExecState* exec = frame->script()->globalObject()->globalExec();
-    JSValuePtr value = frame->loader()->executeScript(script).jsValue();
+    ProtectedPtr<JSGlobalObject> globalObject = frame->script()->globalObject();
+    ExecState* exec = globalObject->globalExec();
+
+    globalObject->globalData()->timeoutChecker.start();
+    Completion completion = JSC::evaluate(exec, globalObject->globalScopeChain(), makeSource(script));
+    globalObject->globalData()->timeoutChecker.stop();
+    ComplType type = completion.complType();
     
-    marshalValue(exec, value, resultData, resultLength);
+    JSValuePtr result;
+    if (type == Normal)
+        result = completion.value();
+    
+    if (!result)
+        result = jsUndefined();
+    
+    marshalValue(exec, result, resultData, resultLength);
     exec->clearException();
     return true;
 }