Fix Runtime.executionContextCreated for crafted iframes.

Source/core/inspector/PageRuntimeAgent.cpp

 /*
  * Copyright (C) 2011 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  *     * Redistributions in binary form must reproduce the above
@@ skipping 67 matching lines @@
 {
     if (m_enabled)
         return;
 
     InspectorRuntimeAgent::enable(errorString);
 
     // Only report existing contexts if the page did commit load, otherwise we may
     // unintentionally initialize contexts in the frames which may trigger some listeners
     // that are expected to be triggered only after the load is committed, see http://crbug.com/131623
     if (m_mainWorldContextCreated)
-        reportExecutionContextCreation();
+        reportExecutionContextsToFrontend();
 }
 
 void PageRuntimeAgent::run(ErrorString* errorString)
 {
     m_client->resumeStartup();
 }
 
 void PageRuntimeAgent::didClearDocumentOfWindowObject(LocalFrame* frame)
 {
     m_mainWorldContextCreated = true;
 
     if (!m_enabled)
         return;
     ASSERT(m_frontend);
 
     if (frame == m_inspectedPage->mainFrame()) {
         m_scriptStateToId.clear();
         m_frontend->executionContextsCleared();
     }
+    registerMainWorldContext(frame);
+}
+
+void PageRuntimeAgent::registerMainWorldContext(LocalFrame* frame)
+{
+    if (!frame->script().isMainWorldInitialized())
+        return;
+
     String frameId = m_pageAgent->frameId(frame);
     addExecutionContextToFrontend(ScriptState::forMainWorld(frame), true, "", frameId);
 }
 
+void PageRuntimeAgent::didCreateMainWorldContext(LocalFrame* frame, ScriptState* scriptState, SecurityOrigin* origin)
+{
+    if (!m_enabled)
+        return;
+    ASSERT(m_frontend);
+    base::debug::StackTrace().Print();

[vsevik, 2014/10/31 14:58:07]

remove

[eustas, 2014/11/03 20:14:16]

Done.

+    String frameId = m_pageAgent->frameId(frame);
+    addExecutionContextToFrontend(scriptState, true, origin->toRawString(), frameId);
+}
+
 void PageRuntimeAgent::didCreateIsolatedContext(LocalFrame* frame, ScriptState* scriptState, SecurityOrigin* origin)
 {
     if (!m_enabled)
         return;
     ASSERT(m_frontend);
     String frameId = m_pageAgent->frameId(frame);
     addExecutionContextToFrontend(scriptState, false, origin->toRawString(), frameId);
 }
 
 InjectedScript PageRuntimeAgent::injectedScriptForEval(ErrorString* errorString, const int* executionContextId)
@@ skipping 14 matching lines @@
 void PageRuntimeAgent::muteConsole()
 {
     FrameConsole::mute();
 }
 
 void PageRuntimeAgent::unmuteConsole()
 {
     FrameConsole::unmute();
 }
 
-void PageRuntimeAgent::reportExecutionContextCreation()
+void PageRuntimeAgent::reportExecutionContextsToFrontend()
 {
     Vector<std::pair<ScriptState*, SecurityOrigin*> > isolatedContexts;
     for (Frame* frame = m_inspectedPage->mainFrame(); frame; frame = frame->tree().traverseNext()) {
         if (!frame->isLocalFrame())
             continue;
         LocalFrame* localFrame = toLocalFrame(frame);
         if (!localFrame->script().canExecuteScripts(NotAboutToExecuteScript))
             continue;
         String frameId = m_pageAgent->frameId(localFrame);
 
-        ScriptState* scriptState = ScriptState::forMainWorld(localFrame);
-        addExecutionContextToFrontend(scriptState, true, "", frameId);
+        registerMainWorldContext(localFrame);

[yurys, 2014/10/31 15:08:03]

Am I right that now we may end up with 0 contexts reported to the front-end if
there are no scripts in the inspected page?

[eustas, 2014/11/03 20:14:16]

Yes and no.
Theoretically - yes.
But I've examined different cases (see stack-trace dumper Vsevolod requests to
remove), and found that there are no way for loaded page to live without context
(even on scriptless page). So, paractically - no.

         localFrame->script().collectIsolatedContexts(isolatedContexts);
         if (isolatedContexts.isEmpty())
             continue;
         for (size_t i = 0; i< isolatedContexts.size(); i++)
             addExecutionContextToFrontend(isolatedContexts[i].first, false, isolatedContexts[i].second->toRawString(), frameId);
         isolatedContexts.clear();
     }
 }
 
 void PageRuntimeAgent::frameWindowDiscarded(LocalDOMWindow* window)
 {
     Vector<RefPtr<ScriptState> > scriptStatesToRemove;
     for (ScriptStateToId::iterator it = m_scriptStateToId.begin(); it != m_scriptStateToId.end(); ++it) {
         RefPtr<ScriptState> scriptState = it->key;
         if (!scriptState->contextIsValid() || window == scriptState->domWindow()) {
             scriptStatesToRemove.append(scriptState);
             m_frontend->executionContextDestroyed(it->value);
         }
     }
     m_scriptStateToId.removeAll(scriptStatesToRemove);
     injectedScriptManager()->discardInjectedScriptsFor(window);
 }
 
 } // namespace blink