[webkit-changes] [165224] branches/safari-537.75-branch

Thu, 06 Mar 2014 15:32:53 -0800

Title: [165224] branches/safari-537.75-branch
Revision
165224
Author
[email protected]
Date
2014-03-06 15:37:50 -0800 (Thu, 06 Mar 2014)

Log Message

Merge r164077, r164089: <rdar://problem/16136637>

    2014-02-13  Mark Lam  <[email protected]>

    The JSContainerConvertor and ObjcContainerConvertor need to protect JSValueRefs. Part 2.
    <https://webkit.org/b/128764>

    Reviewed by Mark Hahnenberg.

    toJS() is the wrong cast function to use. We need to use toJSForGC() instead.
    Also we need to acquire the JSLock to prevent concurrent accesses to the
    Strong handle list.

    * API/JSValue.mm:
    (JSContainerConvertor::add):
    (containerValueToObject):
    (ObjcContainerConvertor::add):
    (objectToValue):

    2014-02-13  Mark Lam  <[email protected]>

    The JSContainerConvertor and ObjcContainerConvertor need to protect JSValueRefs.
    <https://webkit.org/b/128764>

    Reviewed by Mark Hahnenberg.

    Added a vector of Strong<Unknown> references in the 2 containers, and append
    the newly created JSValues to those vectors. This will keep all those JS objects
    alive for the duration of the conversion.

    * API/JSValue.mm:
    (JSContainerConvertor::add):
    (ObjcContainerConvertor::add):

Modified Paths

Property Changed

Diff

Property changes: branches/safari-537.75-branch

Modified: svn:mergeinfo

+ /trunk:53455,153629,154395,154470,155471,157607,164077,164089

Modified: branches/safari-537.75-branch/Source/_javascript_Core/API/JSValue.mm (165223 => 165224)


--- branches/safari-537.75-branch/Source/_javascript_Core/API/JSValue.mm	2014-03-06 23:32:11 UTC (rev 165223)
+++ branches/safari-537.75-branch/Source/_javascript_Core/API/JSValue.mm	2014-03-06 23:37:50 UTC (rev 165224)
@@ -37,6 +37,7 @@
 #import "ObjcRuntimeExtras.h"
 #import "Operations.h"
 #import "JSCJSValue.h"
+#import "StrongInlines.h"
 #import <wtf/HashMap.h>
 #import <wtf/HashSet.h>
 #import <wtf/ObjcRuntimeExtras.h>
@@ -595,6 +596,7 @@
     JSGlobalContextRef m_context;
     HashMap<JSValueRef, id> m_objectMap;
     Vector<Task> m_worklist;
+    Vector<JSC::Strong<JSC::Unknown>> m_jsValues;
 };
 
 inline id JSContainerConvertor::convert(JSValueRef value)
@@ -611,6 +613,8 @@
 
 void JSContainerConvertor::add(Task task)
 {
+    JSC::ExecState* exec = toJS(m_context);
+    m_jsValues.append(JSC::Strong<JSC::Unknown>(exec->vm(), toJSForGC(exec, task.js)));
     m_objectMap.add(task.js, task.objc);
     if (task.type != ContainerNone)
         m_worklist.append(task);
@@ -667,6 +671,7 @@
 static id containerValueToObject(JSGlobalContextRef context, JSContainerConvertor::Task task)
 {
     ASSERT(task.type != ContainerNone);
+    JSC::APIEntryShim entryShim(toJS(context));
     JSContainerConvertor convertor(context);
     convertor.add(task);
     ASSERT(!convertor.isWorkListEmpty());
@@ -817,6 +822,7 @@
     JSContext *m_context;
     HashMap<id, JSValueRef> m_objectMap;
     Vector<Task> m_worklist;
+    Vector<JSC::Strong<JSC::Unknown>> m_jsValues;
 };
 
 JSValueRef ObjcContainerConvertor::convert(id object)
@@ -834,6 +840,8 @@
 
 void ObjcContainerConvertor::add(ObjcContainerConvertor::Task task)
 {
+    JSC::ExecState* exec = toJS(m_context.JSGlobalContextRef);
+    m_jsValues.append(JSC::Strong<JSC::Unknown>(exec->vm(), toJSForGC(exec, task.js)));
     m_objectMap.add(task.objc, task.js);
     if (task.type != ContainerNone)
         m_worklist.append(task);
@@ -913,6 +921,7 @@
     if (task.type == ContainerNone)
         return task.js;
 
+    JSC::APIEntryShim entryShim(toJS(contextRef));
     ObjcContainerConvertor convertor(context);
     convertor.add(task);
     ASSERT(!convertor.isWorkListEmpty());

Modified: branches/safari-537.75-branch/Source/_javascript_Core/ChangeLog (165223 => 165224)


--- branches/safari-537.75-branch/Source/_javascript_Core/ChangeLog	2014-03-06 23:32:11 UTC (rev 165223)
+++ branches/safari-537.75-branch/Source/_javascript_Core/ChangeLog	2014-03-06 23:37:50 UTC (rev 165224)
@@ -1,3 +1,39 @@
+2014-03-06  Mark Lam  <[email protected]>
+
+        Merge r164077, r164089: <rdar://problem/16136637>
+
+    2014-02-13  Mark Lam  <[email protected]>
+
+            The JSContainerConvertor and ObjcContainerConvertor need to protect JSValueRefs. Part 2.
+            <https://webkit.org/b/128764>
+
+            Reviewed by Mark Hahnenberg.
+
+            toJS() is the wrong cast function to use. We need to use toJSForGC() instead.
+            Also we need to acquire the JSLock to prevent concurrent accesses to the
+            Strong handle list.
+
+            * API/JSValue.mm:
+            (JSContainerConvertor::add):
+            (containerValueToObject):
+            (ObjcContainerConvertor::add):
+            (objectToValue):
+
+    2014-02-13  Mark Lam  <[email protected]>
+
+            The JSContainerConvertor and ObjcContainerConvertor need to protect JSValueRefs.
+            <https://webkit.org/b/128764>
+
+            Reviewed by Mark Hahnenberg.
+
+            Added a vector of Strong<Unknown> references in the 2 containers, and append
+            the newly created JSValues to those vectors. This will keep all those JS objects
+            alive for the duration of the conversion.
+
+            * API/JSValue.mm:
+            (JSContainerConvertor::add):
+            (ObjcContainerConvertor::add):
+
 2014-03-03  Brent Fulgham  <[email protected]>
 
         Unreviewed build fix.

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to