RESOLVED FIXED68122
Unzip initialization lists and constructors in JSCell hierarchy (7/7) 
https://bugs.webkit.org/show_bug.cgi?id=68122
Summary Unzip initialization lists and constructors in JSCell hierarchy (7/7)
Mark Hahnenberg
Reported 2011-09-14 15:12:06 PDT
This is the seventh (and final) level of the unzipping process described in https://bugs.webkit.org/show_bug.cgi?id=66567.
Attachments
Patch (31.88 KB, patch)
2011-09-14 17:05 PDT, Mark Hahnenberg 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Mark Hahnenberg
Comment 1 2011-09-14 17:05:58 PDT
Created attachment 107424 [details] Patch
Geoffrey Garen
Comment 2 2011-09-15 11:39:25 PDT
Comment on attachment 107424 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=107424&action=review r=me > Source/WebKit/mac/Plugins/Hosted/ProxyInstance.mm:188 > // FIXME: deprecatedGetDOMStructure uses the prototype off of the wrong global object > // exec-globalData() is also likely wrong. > Structure* domStructure = deprecatedGetDOMStructure<ProxyRuntimeMethod>(exec); Can you remove this FIXME? > Source/WebKit/mac/Plugins/Hosted/ProxyRuntimeObject.h:46 > // FIXME: deprecatedGetDOMStructure uses the prototype off of the wrong global object. > // exec->globalData() is also likely wrong. > JSC::Structure* structure = WebCore::deprecatedGetDOMStructure<ProxyRuntimeObject>(exec); Ditto.
Mark Hahnenberg
Comment 3 2011-09-15 12:53:34 PDT
> > Source/WebKit/mac/Plugins/Hosted/ProxyInstance.mm:188 > > // FIXME: deprecatedGetDOMStructure uses the prototype off of the wrong global object > > // exec-globalData() is also likely wrong. > > Structure* domStructure = deprecatedGetDOMStructure<ProxyRuntimeMethod>(exec); > > Can you remove this FIXME? I talked to Oliver, and I think it still needs to be fixed. We can probably just use the JSGlobalObject that's passed into the create method, but we should ASSERT that the JSGlobalObject is indeed a JSDOMGlobalObject. It's probably better to do as a separate patch.
Oliver Hunt
Comment 4 2011-09-15 13:01:46 PDT
(In reply to comment #3) > > > Source/WebKit/mac/Plugins/Hosted/ProxyInstance.mm:188 > > > // FIXME: deprecatedGetDOMStructure uses the prototype off of the wrong global object > > > // exec-globalData() is also likely wrong. > > > Structure* domStructure = deprecatedGetDOMStructure<ProxyRuntimeMethod>(exec); > > > > Can you remove this FIXME? > I talked to Oliver, and I think it still needs to be fixed. We can probably just use the JSGlobalObject that's passed into the create method, but we should ASSERT that the JSGlobalObject is indeed a JSDOMGlobalObject. It's probably better to do as a separate patch. No, you should be using the global object that comes from this, e.g.. this->globalObject() -- that ensure the method from a runtime object has the same origin global object (and hence prototypes, etc) as the actual object being accessed.
Mark Hahnenberg
Comment 5 2011-09-15 13:34:07 PDT
> No, you should be using the global object that comes from this, e.g.. this->globalObject() -- that ensure the method from a runtime object has the same origin global object (and hence prototypes, etc) as the actual object being accessed. Bottom line: this is still broken and will take at least an additional patch to fix, along with some info from Anders about how we currently store RootObjects for plugins.
WebKit Review Bot
Comment 6 2011-09-15 18:18:57 PDT
Comment on attachment 107424 [details] Patch Clearing flags on attachment: 107424 Committed r95250: <http://trac.webkit.org/changeset/95250>
WebKit Review Bot
Comment 7 2011-09-15 18:19:01 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.