Title: [122488] trunk/Source/WebCore
- Revision
- 122488
- Author
- [email protected]
- Date
- 2012-07-12 11:31:09 -0700 (Thu, 12 Jul 2012)
Log Message
storage tests are flaky (crashing) on windows
https://bugs.webkit.org/show_bug.cgi?id=90469
Patch by James Weatherall <[email protected]> on 2012-07-12
Reviewed by Kentaro Hara.
Add a missing check that the underlying V8 object reference in a V8 NPObject is valid, and zero the NPObject's rootObject member when disposing it, to ensure that it won't be mistakenly touched after that point.
This patch is intended to resolve flakiness in the storage tests including:
storage/indexeddb/mozilla/indexes.html
storage/indexeddb/mozilla/key-requirements-inline-and-passed.html
storage/websql/multiple-databases-garbage-collection.html
* bindings/v8/NPV8Object.cpp:
(WebCore::disposeUnderlyingV8Object):
Zero the NPObject's underlying rootObject.
(_NPN_EvaluateHelper):
Add check that the underlying V8 object reference is valid.
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (122487 => 122488)
--- trunk/Source/WebCore/ChangeLog 2012-07-12 18:24:50 UTC (rev 122487)
+++ trunk/Source/WebCore/ChangeLog 2012-07-12 18:31:09 UTC (rev 122488)
@@ -1,3 +1,23 @@
+2012-07-12 James Weatherall <[email protected]>
+
+ storage tests are flaky (crashing) on windows
+ https://bugs.webkit.org/show_bug.cgi?id=90469
+
+ Reviewed by Kentaro Hara.
+
+ Add a missing check that the underlying V8 object reference in a V8 NPObject is valid, and zero the NPObject's rootObject member when disposing it, to ensure that it won't be mistakenly touched after that point.
+
+ This patch is intended to resolve flakiness in the storage tests including:
+ storage/indexeddb/mozilla/indexes.html
+ storage/indexeddb/mozilla/key-requirements-inline-and-passed.html
+ storage/websql/multiple-databases-garbage-collection.html
+
+ * bindings/v8/NPV8Object.cpp:
+ (WebCore::disposeUnderlyingV8Object):
+ Zero the NPObject's underlying rootObject.
+ (_NPN_EvaluateHelper):
+ Add check that the underlying V8 object reference is valid.
+
2012-07-12 No'am Rosenthal <[email protected]>
Move TextureMapperAnimation and texmap/LayerTransform to platform/graphics
Modified: trunk/Source/WebCore/bindings/v8/NPV8Object.cpp (122487 => 122488)
--- trunk/Source/WebCore/bindings/v8/NPV8Object.cpp 2012-07-12 18:24:50 UTC (rev 122487)
+++ trunk/Source/WebCore/bindings/v8/NPV8Object.cpp 2012-07-12 18:31:09 UTC (rev 122488)
@@ -186,6 +186,7 @@
#endif
v8NpObject->v8Object.Dispose();
v8NpObject->v8Object.Clear();
+ v8NpObject->rootObject = 0;
}
} // namespace WebCore
@@ -320,6 +321,9 @@
if (npObject->_class != npScriptObjectClass)
return false;
+ V8NPObject* v8NpObject = reinterpret_cast<V8NPObject*>(npObject);
+ if (v8NpObject->v8Object.IsEmpty())
+ return false;
v8::HandleScope handleScope;
v8::Handle<v8::Context> context = toV8Context(npp, npObject);
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo/webkit-changes
