-
abarth@webkit.org authored
https://bugs.webkit.org/show_bug.cgi?id=106608 Source/WebCore: The patch adds a check at wrapper creation time to enuse that the object being wrapped is not already free, to the extent that we know the information about the type of the object as provided in the IDL. Patch by Tom Sepez <tsepez@chromium.org> on 2013-01-28 Reviewed by Adam Barth. Patch is correct if existing tests pass without new crashes. * bindings/scripts/CodeGeneratorV8.pm: (GenerateImplementation): (GenerateToV8Converters): (GetNativeTypeForConversions): (GetGnuVTableRefForInterface): (GetGnuVTableNameForInterface): (GetGnuMangledNameForInterface): (GetGnuVTableOffsetForType): (GetWinVTableRefForInterface): (GetWinVTableNameForInterface): (GetWinMangledNameForInterface): (GetNamespaceForInterface): (GetImplementationLacksVTableForInterface): (GetV8SkipVTableValidationForInterface): Update code generation to add object validity tests under the control of the ENABLE_BINDING_INTEGRITY option. * Modules/filesystem/DirectoryReader.idl: * Modules/filesystem/DirectoryReaderSync.idl: * Modules/filesystem/EntryArray.idl: * Modules/filesystem/EntryArraySync.idl: * Modules/filesystem/Metadata.idl: * Modules/gamepad/Gamepad.idl: * Modules/gamepad/GamepadList.idl: * Modules/geolocation/Geoposition.idl: * Modules/geolocation/PositionError.idl: * Modules/indexeddb/IDBFactory.idl: * Modules/indexeddb/IDBIndex.idl: * Modules/indexeddb/IDBKeyRange.idl: * Modules/indexeddb/IDBObjectStore.idl: * Modules/mediastream/RTCStatsElement.idl: * Modules/mediastream/RTCStatsReport.idl: * Modules/quota/StorageInfo.idl: * Modules/speech/SpeechGrammar.idl: * Modules/speech/SpeechGrammarList.idl: * Modules/speech/SpeechRecognitionAlternative.idl: * Modules/speech/SpeechRecognitionResult.idl: * Modules/speech/SpeechRecognitionResultList.idl: * Modules/webaudio/AudioBuffer.idl: * Modules/webaudio/AudioDestinationNode.idl: * Modules/webaudio/AudioListener.idl: * Modules/webaudio/AudioSourceNode.idl: * Modules/webaudio/WaveTable.idl: * Modules/webdatabase/SQLError.idl: * Modules/webdatabase/SQLException.idl: * Modules/webdatabase/SQLResultSet.idl: * Modules/webdatabase/SQLResultSetRowList.idl: * Modules/webdatabase/SQLTransaction.idl: * Modules/webdatabase/SQLTransactionSync.idl: * bindings/scripts/IDLAttributes.txt: * css/CSSPrimitiveValue.idl: * css/CSSRule.idl: * css/CSSRuleList.idl: * css/CSSStyleDeclaration.idl: * css/CSSValue.idl: * css/CSSValueList.idl: * css/Counter.idl: * css/MediaList.idl: * css/MediaQueryList.idl: * css/RGBColor.idl: * css/Rect.idl: * css/StyleSheetList.idl: * css/WebKitCSSFilterValue.idl: * css/WebKitCSSMixFunctionValue.idl: * css/WebKitCSSTransformValue.idl: * dom/ClientRect.idl: * dom/ClientRectList.idl: * dom/Clipboard.idl: * dom/DOMCoreException.idl: * dom/DOMError.idl: * dom/DOMImplementation.idl: * dom/DOMNamedFlowCollection.idl: * dom/DOMStringList.idl: * dom/DOMStringMap.idl: * dom/DataTransferItem.idl: * dom/DataTransferItemList.idl: * dom/DocumentFragment.idl: * dom/Element.idl: * dom/Entity.idl: * dom/Event.idl: * dom/EventException.idl: * dom/MessageChannel.idl: * dom/MouseEvent.idl: * dom/MutationObserver.idl: * dom/MutationRecord.idl: * dom/NamedNodeMap.idl: * dom/NodeFilter.idl: * dom/NodeIterator.idl: * dom/NodeList.idl: * dom/Range.idl: * dom/RangeException.idl: * dom/Touch.idl: * dom/TouchList.idl: * dom/TreeWalker.idl: * fileapi/FileError.idl: * fileapi/FileException.idl: * fileapi/FileList.idl: * html/DOMFormData.idl: * html/DOMTokenList.idl: * html/DOMURL.idl: * html/HTMLAllCollection.idl: * html/HTMLCollection.idl: * html/HTMLDialogElement.idl: * html/HTMLDivElement.idl: * html/HTMLDocument.idl: * html/HTMLElement.idl: * html/HTMLImageElement.idl: * html/HTMLInputElement.idl: * html/HTMLSelectElement.idl: * html/HTMLSpanElement.idl: * html/HTMLUnknownElement.idl: * html/ImageData.idl: * html/MediaError.idl: * html/MediaKeyError.idl: * html/TimeRanges.idl: * html/ValidityState.idl: * html/canvas/ArrayBuffer.idl: * html/canvas/ArrayBufferView.idl: * html/canvas/CanvasGradient.idl: * html/canvas/CanvasPattern.idl: * html/canvas/Float32Array.idl: * html/canvas/Float64Array.idl: * html/canvas/Int16Array.idl: * html/canvas/Int32Array.idl: * html/canvas/Int8Array.idl: * html/canvas/Uint16Array.idl: * html/canvas/Uint32Array.idl: * html/canvas/Uint8Array.idl: * html/canvas/Uint8ClampedArray.idl: * html/canvas/WebGLActiveInfo.idl: * html/canvas/WebGLShaderPrecisionFormat.idl: * html/track/TextTrack.idl: * html/track/TextTrackCue.idl: * html/track/TextTrackCueList.idl: * inspector/InjectedScriptHost.idl: * inspector/InspectorFrontendHost.idl: * inspector/JavaScriptCallFrame.idl: * page/Coordinates.idl: * page/Crypto.idl: * page/MemoryInfo.idl: * page/PagePopupController.idl: * page/PerformanceEntryList.idl: * page/SpeechInputResult.idl: * page/SpeechInputResultList.idl: * page/WebKitPoint.idl: * svg/SVGAnimatedAngle.idl: * svg/SVGAnimatedBoolean.idl: * svg/SVGAnimatedEnumeration.idl: * svg/SVGAnimatedInteger.idl: * svg/SVGAnimatedLength.idl: * svg/SVGAnimatedLengthList.idl: * svg/SVGAnimatedNumber.idl: * svg/SVGAnimatedNumberList.idl: * svg/SVGAnimatedPreserveAspectRatio.idl: * svg/SVGAnimatedRect.idl: * svg/SVGAnimatedString.idl: * svg/SVGAnimatedTransformList.idl: * svg/SVGColor.idl: * svg/SVGException.idl: * svg/SVGPaint.idl: * svg/SVGPathSeg.idl: * svg/SVGRenderingIntent.idl: * svg/SVGUnitTypes.idl: * svg/SVGZoomAndPan.idl: * testing/MallocStatistics.idl: * testing/TypeConversions.idl: * workers/WorkerLocation.idl: * xml/DOMParser.idl: * xml/XMLHttpRequestException.idl: * xml/XMLSerializer.idl: * xml/XPathEvaluator.idl: * xml/XPathException.idl: * xml/XPathExpression.idl: * xml/XPathNSResolver.idl: * xml/XPathResult.idl: * xml/XSLTProcessor.idl: Add exceptions to binding integrity checks to IDL. Source/WebKit/chromium: Patch by Tom Sepez <tsepez@chromium.org> on 2013-01-28 Reviewed by Adam Barth. * features.gypi: Added ENABLE_BINDING_INTEGRITY option. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@141034 268f45cc-cd09-0410-ab3c-d52691b4dbfc
abarth@webkit.org authoredhttps://bugs.webkit.org/show_bug.cgi?id=106608 Source/WebCore: The patch adds a check at wrapper creation time to enuse that the object being wrapped is not already free, to the extent that we know the information about the type of the object as provided in the IDL. Patch by Tom Sepez <tsepez@chromium.org> on 2013-01-28 Reviewed by Adam Barth. Patch is correct if existing tests pass without new crashes. * bindings/scripts/CodeGeneratorV8.pm: (GenerateImplementation): (GenerateToV8Converters): (GetNativeTypeForConversions): (GetGnuVTableRefForInterface): (GetGnuVTableNameForInterface): (GetGnuMangledNameForInterface): (GetGnuVTableOffsetForType): (GetWinVTableRefForInterface): (GetWinVTableNameForInterface): (GetWinMangledNameForInterface): (GetNamespaceForInterface): (GetImplementationLacksVTableForInterface): (GetV8SkipVTableValidationForInterface): Update code generation to add object validity tests under the control of the ENABLE_BINDING_INTEGRITY option. * Modules/filesystem/DirectoryReader.idl: * Modules/filesystem/DirectoryReaderSync.idl: * Modules/filesystem/EntryArray.idl: * Modules/filesystem/EntryArraySync.idl: * Modules/filesystem/Metadata.idl: * Modules/gamepad/Gamepad.idl: * Modules/gamepad/GamepadList.idl: * Modules/geolocation/Geoposition.idl: * Modules/geolocation/PositionError.idl: * Modules/indexeddb/IDBFactory.idl: * Modules/indexeddb/IDBIndex.idl: * Modules/indexeddb/IDBKeyRange.idl: * Modules/indexeddb/IDBObjectStore.idl: * Modules/mediastream/RTCStatsElement.idl: * Modules/mediastream/RTCStatsReport.idl: * Modules/quota/StorageInfo.idl: * Modules/speech/SpeechGrammar.idl: * Modules/speech/SpeechGrammarList.idl: * Modules/speech/SpeechRecognitionAlternative.idl: * Modules/speech/SpeechRecognitionResult.idl: * Modules/speech/SpeechRecognitionResultList.idl: * Modules/webaudio/AudioBuffer.idl: * Modules/webaudio/AudioDestinationNode.idl: * Modules/webaudio/AudioListener.idl: * Modules/webaudio/AudioSourceNode.idl: * Modules/webaudio/WaveTable.idl: * Modules/webdatabase/SQLError.idl: * Modules/webdatabase/SQLException.idl: * Modules/webdatabase/SQLResultSet.idl: * Modules/webdatabase/SQLResultSetRowList.idl: * Modules/webdatabase/SQLTransaction.idl: * Modules/webdatabase/SQLTransactionSync.idl: * bindings/scripts/IDLAttributes.txt: * css/CSSPrimitiveValue.idl: * css/CSSRule.idl: * css/CSSRuleList.idl: * css/CSSStyleDeclaration.idl: * css/CSSValue.idl: * css/CSSValueList.idl: * css/Counter.idl: * css/MediaList.idl: * css/MediaQueryList.idl: * css/RGBColor.idl: * css/Rect.idl: * css/StyleSheetList.idl: * css/WebKitCSSFilterValue.idl: * css/WebKitCSSMixFunctionValue.idl: * css/WebKitCSSTransformValue.idl: * dom/ClientRect.idl: * dom/ClientRectList.idl: * dom/Clipboard.idl: * dom/DOMCoreException.idl: * dom/DOMError.idl: * dom/DOMImplementation.idl: * dom/DOMNamedFlowCollection.idl: * dom/DOMStringList.idl: * dom/DOMStringMap.idl: * dom/DataTransferItem.idl: * dom/DataTransferItemList.idl: * dom/DocumentFragment.idl: * dom/Element.idl: * dom/Entity.idl: * dom/Event.idl: * dom/EventException.idl: * dom/MessageChannel.idl: * dom/MouseEvent.idl: * dom/MutationObserver.idl: * dom/MutationRecord.idl: * dom/NamedNodeMap.idl: * dom/NodeFilter.idl: * dom/NodeIterator.idl: * dom/NodeList.idl: * dom/Range.idl: * dom/RangeException.idl: * dom/Touch.idl: * dom/TouchList.idl: * dom/TreeWalker.idl: * fileapi/FileError.idl: * fileapi/FileException.idl: * fileapi/FileList.idl: * html/DOMFormData.idl: * html/DOMTokenList.idl: * html/DOMURL.idl: * html/HTMLAllCollection.idl: * html/HTMLCollection.idl: * html/HTMLDialogElement.idl: * html/HTMLDivElement.idl: * html/HTMLDocument.idl: * html/HTMLElement.idl: * html/HTMLImageElement.idl: * html/HTMLInputElement.idl: * html/HTMLSelectElement.idl: * html/HTMLSpanElement.idl: * html/HTMLUnknownElement.idl: * html/ImageData.idl: * html/MediaError.idl: * html/MediaKeyError.idl: * html/TimeRanges.idl: * html/ValidityState.idl: * html/canvas/ArrayBuffer.idl: * html/canvas/ArrayBufferView.idl: * html/canvas/CanvasGradient.idl: * html/canvas/CanvasPattern.idl: * html/canvas/Float32Array.idl: * html/canvas/Float64Array.idl: * html/canvas/Int16Array.idl: * html/canvas/Int32Array.idl: * html/canvas/Int8Array.idl: * html/canvas/Uint16Array.idl: * html/canvas/Uint32Array.idl: * html/canvas/Uint8Array.idl: * html/canvas/Uint8ClampedArray.idl: * html/canvas/WebGLActiveInfo.idl: * html/canvas/WebGLShaderPrecisionFormat.idl: * html/track/TextTrack.idl: * html/track/TextTrackCue.idl: * html/track/TextTrackCueList.idl: * inspector/InjectedScriptHost.idl: * inspector/InspectorFrontendHost.idl: * inspector/JavaScriptCallFrame.idl: * page/Coordinates.idl: * page/Crypto.idl: * page/MemoryInfo.idl: * page/PagePopupController.idl: * page/PerformanceEntryList.idl: * page/SpeechInputResult.idl: * page/SpeechInputResultList.idl: * page/WebKitPoint.idl: * svg/SVGAnimatedAngle.idl: * svg/SVGAnimatedBoolean.idl: * svg/SVGAnimatedEnumeration.idl: * svg/SVGAnimatedInteger.idl: * svg/SVGAnimatedLength.idl: * svg/SVGAnimatedLengthList.idl: * svg/SVGAnimatedNumber.idl: * svg/SVGAnimatedNumberList.idl: * svg/SVGAnimatedPreserveAspectRatio.idl: * svg/SVGAnimatedRect.idl: * svg/SVGAnimatedString.idl: * svg/SVGAnimatedTransformList.idl: * svg/SVGColor.idl: * svg/SVGException.idl: * svg/SVGPaint.idl: * svg/SVGPathSeg.idl: * svg/SVGRenderingIntent.idl: * svg/SVGUnitTypes.idl: * svg/SVGZoomAndPan.idl: * testing/MallocStatistics.idl: * testing/TypeConversions.idl: * workers/WorkerLocation.idl: * xml/DOMParser.idl: * xml/XMLHttpRequestException.idl: * xml/XMLSerializer.idl: * xml/XPathEvaluator.idl: * xml/XPathException.idl: * xml/XPathExpression.idl: * xml/XPathNSResolver.idl: * xml/XPathResult.idl: * xml/XSLTProcessor.idl: Add exceptions to binding integrity checks to IDL. Source/WebKit/chromium: Patch by Tom Sepez <tsepez@chromium.org> on 2013-01-28 Reviewed by Adam Barth. * features.gypi: Added ENABLE_BINDING_INTEGRITY option. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@141034 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Loading