Bug 109523

Summary: [V8] ScheduledAction::m_context can be empty, so we shouldn't retrieve an Isolate by using m_context->GetIsolate()
Product: WebKit Reporter: Kentaro Hara <haraken>
Component: WebCore JavaScriptAssignee: Kentaro Hara <haraken>
Status: RESOLVED FIXED    
Severity: Normal CC: abarth, dcarney, japhet, webkit.review.bot
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Description Kentaro Hara 2013-02-11 17:08:39 PST 
Chromium bug: https://code.google.com/p/chromium/issues/detail?id=175307#makechanges

Currently ScheduledAction is retrieving an Isolate by using m_context->GetIsolate(). This can crash because ScheduledAction::m_context can be empty. Specifically, ScheduledAction::m_context is set to ScriptController::currentWorldContext(), which can return an empty handle when a frame does not exist. In addition, 'if(context.IsEmpty())' in ScheduledAction.cpp implies that it can be empty.

Alternately, we should pass an Isolate explicitly when a ScheduledAction is instantiated.
Comment 1 Kentaro Hara 2013-02-11 17:11:54 PST 
Created attachment 187730 [details]
Patch
Comment 2 Adam Barth 2013-02-11 17:17:02 PST 
Comment on attachment 187730 [details]
Patch

ok
Comment 3 Kentaro Hara 2013-02-11 17:17:28 PST 
Comment on attachment 187730 [details]
Patch

Thanks!
Comment 4 WebKit Review Bot 2013-02-11 18:07:51 PST 
Comment on attachment 187730 [details]
Patch

Clearing flags on attachment: 187730

Committed r142565: <http://trac.webkit.org/changeset/142565>
Comment 5 WebKit Review Bot 2013-02-11 18:07:55 PST 
All reviewed patches have been landed.  Closing bug.