Reviewed by Darin Adler.
authorap@webkit.org <ap@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 16 Oct 2008 08:00:53 +0000 (08:00 +0000)
committerap@webkit.org <ap@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 16 Oct 2008 08:00:53 +0000 (08:00 +0000)
commita89bd1e2b23a2a8d31c907d752fbcfb14fd05604
tree562a7f700ef42c6bda6aa604cdd4c4ca00497482
parent7acc29ced0a6376e7f1e4b51a023ceb6a76f771f
    Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=21609
        Make MessagePorts protect their peers across heaps

JavaScriptCore:
        * JavaScriptCore.exp:
        * kjs/JSGlobalObject.cpp:
        (JSC::JSGlobalObject::markCrossHeapDependentObjects):
        * kjs/JSGlobalObject.h:
        * kjs/collector.cpp:
        (JSC::Heap::collect):
        Before GC sweep phase, a function supplied by global object is now called for all global
        objects in the heap, making it possible to implement cross-heap dependencies.

WebCore:
        * dom/MessagePort.cpp:
        (WebCore::MessagePort::MessagePort):
        * dom/MessagePort.h:
        (WebCore::MessagePort::setJSWrapperIsKnownToBeInaccessible):
        (WebCore::MessagePort::jsWrapperIsKnownToBeInaccessible):
        Track objects whose JS wrappers are no longer reachable in MessagePort. Unfortunately, this
        means that the implementation object knows about JS bindings - but it is not possible to
        access JS wrappers from another heap/thread.

        * bindings/js/JSDOMBinding.cpp:
        (WebCore::markCrossHeapDependentObjectsForDocument):
        * bindings/js/JSDOMBinding.h:
        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::markCrossHeapDependentObjects):
        * bindings/js/JSDOMWindowBase.h:
        Implement cross-heap dependency tracking for entangled MessagePorts. If a wrapper object
        hasn't been marked normally, it is marked as inaccessible. It is then marked manually,
        as long as its entangled port is accessible itself.

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@37631 268f45cc-cd09-0410-ab3c-d52691b4dbfc
12 files changed:
JavaScriptCore/ChangeLog
JavaScriptCore/JavaScriptCore.exp
JavaScriptCore/kjs/JSGlobalObject.cpp
JavaScriptCore/kjs/JSGlobalObject.h
JavaScriptCore/kjs/collector.cpp
WebCore/ChangeLog
WebCore/bindings/js/JSDOMBinding.cpp
WebCore/bindings/js/JSDOMBinding.h
WebCore/bindings/js/JSDOMWindowBase.cpp
WebCore/bindings/js/JSDOMWindowBase.h
WebCore/dom/MessagePort.cpp
WebCore/dom/MessagePort.h