| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2008, 2009, 2011 Google Inc. All rights reserved. | 2 * Copyright (C) 2008, 2009, 2011 Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 15 matching lines...) Expand all Loading... |
| 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | 26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | 27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 28 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 29 */ | 29 */ |
| 30 | 30 |
| 31 #include "bindings/core/v8/WindowProxy.h" | 31 #include "bindings/core/v8/WindowProxy.h" |
| 32 | 32 |
| 33 #include <utility> | 33 #include <utility> |
| 34 | 34 |
| 35 #include "bindings/core/v8/V8DOMWrapper.h" | 35 #include "bindings/core/v8/V8DOMWrapper.h" |
| 36 #include "bindings/core/v8/V8Window.h" |
| 36 #include "core/frame/Frame.h" | 37 #include "core/frame/Frame.h" |
| 37 #include "v8/include/v8.h" | 38 #include "v8/include/v8.h" |
| 38 #include "wtf/Assertions.h" | 39 #include "wtf/Assertions.h" |
| 40 #include "wtf/debug/Alias.h" |
| 39 | 41 |
| 40 namespace blink { | 42 namespace blink { |
| 41 | 43 |
| 42 WindowProxy::~WindowProxy() { | 44 WindowProxy::~WindowProxy() { |
| 43 // clearForClose() or clearForNavigation() must be invoked before destruction | 45 // clearForClose() or clearForNavigation() must be invoked before destruction |
| 44 // starts. | 46 // starts. |
| 45 DCHECK(m_lifecycle != Lifecycle::ContextInitialized); | 47 DCHECK(m_lifecycle != Lifecycle::ContextInitialized); |
| 46 } | 48 } |
| 47 | 49 |
| 48 DEFINE_TRACE(WindowProxy) { | 50 DEFINE_TRACE(WindowProxy) { |
| (...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 123 // has a security token which is the domain. The outer window cannot | 125 // has a security token which is the domain. The outer window cannot |
| 124 // have its own properties. window.foo = 'x' is delegated to the | 126 // have its own properties. window.foo = 'x' is delegated to the |
| 125 // inner window. | 127 // inner window. |
| 126 // | 128 // |
| 127 // When a frame navigates to a new page, the inner window is cut off | 129 // When a frame navigates to a new page, the inner window is cut off |
| 128 // the outer window, and the outer window identify is preserved for | 130 // the outer window, and the outer window identify is preserved for |
| 129 // the frame. However, a new inner window is created for the new page. | 131 // the frame. However, a new inner window is created for the new page. |
| 130 // If there are JS code holds a closure to the old inner window, | 132 // If there are JS code holds a closure to the old inner window, |
| 131 // it won't be able to reach the outer window via its global object. | 133 // it won't be able to reach the outer window via its global object. |
| 132 void WindowProxy::initializeIfNeeded() { | 134 void WindowProxy::initializeIfNeeded() { |
| 135 v8::HandleScope handleScope(m_isolate); |
| 136 Lifecycle oldLifecycle = m_lifecycle; |
| 137 DOMWindow* window = m_frame->domWindow(); |
| 138 bool isLocal = window->isLocalDOMWindow(); |
| 139 // Prevent these locals from getting optimized out, and hopefully, the heap |
| 140 // contents captured into minidumps. |
| 141 WTF::debug::alias(&oldLifecycle); |
| 142 WTF::debug::alias(&window); |
| 143 WTF::debug::alias(&isLocal); |
| 144 |
| 133 // TODO(haraken): It is wrong to re-initialize an already detached window | 145 // TODO(haraken): It is wrong to re-initialize an already detached window |
| 134 // proxy. This must be 'if(m_lifecycle == Lifecycle::ContextUninitialized)'. | 146 // proxy. This must be 'if(m_lifecycle == Lifecycle::ContextUninitialized)'. |
| 135 if (m_lifecycle != Lifecycle::ContextInitialized) { | 147 if (m_lifecycle != Lifecycle::ContextInitialized) { |
| 136 initialize(); | 148 initialize(); |
| 149 // Note: this set of CHECKs is intentionally duplicated below to distinguish |
| 150 // between initializing the global with null internal fields or returning a |
| 151 // global that claims to be initialized but has null internal fields. |
| 152 v8::Local<v8::Object> globalProxy = m_globalProxy.newLocal(m_isolate); |
| 153 CHECK(!globalProxy.IsEmpty()); |
| 154 CHECK(V8Window::hasInstance(globalProxy, m_isolate)); |
| 155 CHECK(window); |
| 156 CHECK_EQ(window, V8Window::toImpl(globalProxy)); |
| 157 } else { |
| 158 v8::Local<v8::Object> globalProxy = m_globalProxy.newLocal(m_isolate); |
| 159 CHECK(!globalProxy.IsEmpty()); |
| 160 CHECK(V8Window::hasInstance(globalProxy, m_isolate)); |
| 161 CHECK(window); |
| 162 CHECK_EQ(window, V8Window::toImpl(globalProxy)); |
| 137 } | 163 } |
| 164 |
| 165 // Sanity check: WindowProxy's frame's window should still be the same |
| 166 DOMWindow* window2 = m_frame->domWindow(); |
| 167 WTF::debug::alias(&window2); |
| 168 CHECK_EQ(window, window2); |
| 138 } | 169 } |
| 139 | 170 |
| 140 } // namespace blink | 171 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2736533002:
Add CHECKs to try to narrow down cause of bad internal fields in Window DOM wrapper (Closed)
