RESOLVED FIXED 97703
[V8] Make v8NPObjectMap per Context 
https://bugs.webkit.org/show_bug.cgi?id=97703
Summary [V8] Make v8NPObjectMap per Context
Fady Samuel
Reported 2012-09-26 11:01:45 PDT
[Chromium] Cache hash of global object in V8NPObject so that it can be cleared from staticNPObjectMap after the global object has been disposed
Attachments
Patch (4.21 KB, patch)
2012-09-26 11:08 PDT, Fady Samuel 		no flags
DetailsFormatted DiffDiff
Patch (4.36 KB, patch)
2012-09-26 11:45 PDT, Fady Samuel 		no flags
DetailsFormatted DiffDiff
Patch (4.28 KB, patch)
2012-09-26 11:47 PDT, Fady Samuel 		no flags
DetailsFormatted DiffDiff
Patch (6.89 KB, patch)
2012-09-27 13:24 PDT, Fady Samuel 		no flags
DetailsFormatted DiffDiff
Patch (6.76 KB, patch)
2012-09-28 08:32 PDT, Fady Samuel 		no flags
DetailsFormatted DiffDiff
Patch (6.75 KB, patch)
2012-09-28 11:34 PDT, Fady Samuel 		no flags
DetailsFormatted DiffDiff
Show Obsolete (5) View All Add attachment proposed patch, testcase, etc.
Fady Samuel
Comment 1 2012-09-26 11:08:30 PDT
Created attachment 165835 [details] Patch
Adam Barth
Comment 2 2012-09-26 11:19:07 PDT
Can we write a test for this issue?
Fady Samuel
Comment 3 2012-09-26 11:45:18 PDT
Created attachment 165841 [details] Patch
Fady Samuel
Comment 4 2012-09-26 11:46:21 PDT
(In reply to comment #2) > Can we write a test for this issue? I will try. I updated the Changelog description according to a discussion with wez@.
Fady Samuel
Comment 5 2012-09-26 11:47:17 PDT
Created attachment 165842 [details] Patch
Fady Samuel
Comment 6 2012-09-27 13:24:21 PDT
Created attachment 166051 [details] Patch
Adam Barth
Comment 7 2012-09-27 14:16:21 PDT
Comment on attachment 166051 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=166051&action=review > Source/WebCore/bindings/v8/NPV8Object.cpp:77 > + if (!v8NpObject->v8Object->CreationContext().IsEmpty()) { How can the creation context be empty? That doesn't make any sense. Every object must have been created in a context. > Source/WebCore/bindings/v8/NPV8Object.cpp:80 > + if (int v8ObjectHash = v8NpObject->v8Object->GetIdentityHash()) { Can this > Source/WebCore/bindings/v8/NPV8Object.cpp:93 > + } else > + ASSERT_NOT_REACHED(); Rather than structuring this as an if-then-else NOT REACHED, we should just ASSERT the condition in the if-block and continue. > Source/WebCore/bindings/v8/NPV8Object.cpp:96 > + ASSERT(!v8::Context::InContext()); > + v8NPObjectMap->clear(); Can this case occur now? I would expect that the perContextData would be gone before the hashes start turning into zeros.
Adam Barth
Comment 8 2012-09-27 14:17:03 PDT
Would you be willing to write a chromium-side test for this issue? Also, I would run this patch through the Chromium try servers to see if that uncovers any issues with this approach.
Fady Samuel
Comment 9 2012-09-28 08:32:29 PDT
Created attachment 166258 [details] Patch
Fady Samuel
Comment 10 2012-09-28 08:33:04 PDT
Comment on attachment 166051 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=166051&action=review >> Source/WebCore/bindings/v8/NPV8Object.cpp:77 >> + if (!v8NpObject->v8Object->CreationContext().IsEmpty()) { > > How can the creation context be empty? That doesn't make any sense. Every object must have been created in a context. Changing it to an ASSERT instead. >> Source/WebCore/bindings/v8/NPV8Object.cpp:80 >> + if (int v8ObjectHash = v8NpObject->v8Object->GetIdentityHash()) { > > Can this I've added an ASSERT(v8ObjectHash) instead. >> Source/WebCore/bindings/v8/NPV8Object.cpp:93 >> + ASSERT_NOT_REACHED(); > > Rather than structuring this as an if-then-else NOT REACHED, we should just ASSERT the condition in the if-block and continue. Done. >> Source/WebCore/bindings/v8/NPV8Object.cpp:96 >> + v8NPObjectMap->clear(); > > Can this case occur now? I would expect that the perContextData would be gone before the hashes start turning into zeros. Yup, added an ASSERT that the hash is non-zero.
Adam Barth
Comment 11 2012-09-28 09:09:37 PDT
Comment on attachment 166258 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=166258&action=review This looks great. I don't have a complete enough understanding of how plugins work to know if this is going to work in all cases, but I think we should give it a try. > Source/WebCore/bindings/v8/NPV8Object.cpp:79 > + V8NPObjectMap* v8NPObjectMap = perContextData->getV8NPObjectMap(); getV8NPObjectMap -> v8NPObjectMap We tend to avoid the "get" prefix in names because it doesn't really mean anything.
Fady Samuel
Comment 12 2012-09-28 11:34:48 PDT
Created attachment 166285 [details] Patch
WebKit Review Bot
Comment 13 2012-09-28 12:38:30 PDT
Comment on attachment 166285 [details] Patch Clearing flags on attachment: 166285 Committed r129933: <http://trac.webkit.org/changeset/129933>
WebKit Review Bot
Comment 14 2012-09-28 12:38:34 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.