-
abarth@webkit.org authored
https://bugs.webkit.org/show_bug.cgi?id=106608 Source/WebCore: The patch adds a check at wrapper creation time to enuse that the object being wrapped is not already free, to the extent that we know the information about the type of the object as provided in the IDL. Patch by Tom Sepez <tsepez@chromium.org> on 2013-01-28 Reviewed by Adam Barth. Patch is correct if existing tests pass without new crashes. * bindings/scripts/CodeGeneratorV8.pm: (GenerateImplementation): (GenerateToV8Converters): (GetNativeTypeForConversions): (GetGnuVTableRefForInterface): (GetGnuVTableNameForInterface): (GetGnuMangledNameForInterface): (GetGnuVTableOffsetForType): (GetWinVTableRefForInterface): (GetWinVTableNameForInterface): (GetWinMangledNameForInterface): (GetNamespaceForInterface): (GetImplementationLacksVTableForInterface): (GetV8SkipVTableValidationForInterface): Update code generation to add object validity tests under the control of the ENABLE_BINDING_INTEGRITY option. * Modules/filesystem/DirectoryReader.idl: * Modules/filesystem/DirectoryReaderSync.idl: * Modules/filesystem/EntryArray.idl: * Modules/filesystem/EntryArraySync.idl: * Modules/filesystem/Metadata.idl: * Modules/gamepad/Gamepad.idl: * Modules/gamepad/GamepadList.idl: * Modules/geolocation/Geoposition.idl: * Modules/geolocation/PositionError.idl: * Modules/indexeddb/IDBFactory.idl: * Modules/indexeddb/IDBIndex.idl: * Modules/indexeddb/IDBKeyRange.idl: * Modules/indexeddb/IDBObjectStore.idl: * Modules/mediastream/RTCStatsElement.idl: * Modules/mediastream/RTCStatsReport.idl: * Modules/quota/StorageInfo.idl: * Modules/speech/SpeechGrammar.idl: * Modules/speech/SpeechGrammarList.idl: * Modules/speech/SpeechRecognitionAlternative.idl: * Modules/speech/SpeechRecognitionResult.idl: * Modules/speech/SpeechRecognitionResultList.idl: * Modules/webaudio/AudioBuffer.idl: * Modules/webaudio/AudioDestinationNode.idl: * Modules/webaudio/AudioListener.idl: * Modules/webaudio/AudioSourceNode.idl: * Modules/webaudio/WaveTable.idl: * Modules/webdatabase/SQLError.idl: * Modules/webdatabase/SQLException.idl: * Modules/webdatabase/SQLResultSet.idl: * Modules/webdatabase/SQLResultSetRowList.idl: * Modules/webdatabase/SQLTransaction.idl: * Modules/webdatabase/SQLTransactionSync.idl: * bindings/scripts/IDLAttributes.txt: * css/CSSPrimitiveValue.idl: * css/CSSRule.idl: * css/CSSRuleList.idl: * css/CSSStyleDeclaration.idl: * css/CSSValue.idl: * css/CSSValueList.idl: * css/Counter.idl: * css/MediaList.idl: * css/MediaQueryList.idl: * css/RGBColor.idl: * css/Rect.idl: * css/StyleSheetList.idl: * css/WebKitCSSFilterValue.idl: * css/WebKitCSSMixFunctionValue.idl: * css/WebKitCSSTransformValue.idl: * dom/ClientRect.idl: * dom/ClientRectList.idl: * dom/Clipboard.idl: * dom/DOMCoreException.idl: * dom/DOMError.idl: * dom/DOMImplementation.idl: * dom/DOMNamedFlowCollection.idl: * dom/DOMStringList.idl: * dom/DOMStringMap.idl: * dom/DataTransferItem.idl: * dom/DataTransferItemList.idl: * dom/DocumentFragment.idl: * dom/Element.idl: * dom/Entity.idl: * dom/Event.idl: * dom/EventException.idl: * dom/MessageChannel.idl: * dom/MouseEvent.idl: * dom/MutationObserver.idl: * dom/MutationRecord.idl: * dom/NamedNodeMap.idl: * dom/NodeFilter.idl: * dom/NodeIterator.idl: * dom/NodeList.idl: * dom/Range.idl: * dom/RangeException.idl: * dom/Touch.idl: * dom/TouchList.idl: * dom/TreeWalker.idl: * fileapi/FileError.idl: * fileapi/FileException.idl: * fileapi/FileList.idl: * html/DOMFormData.idl: * html/DOMTokenList.idl: * html/DOMURL.idl: * html/HTMLAllCollection.idl: * html/HTMLCollection.idl: * html/HTMLDialogElement.idl: * html/HTMLDivElement.idl: * html/HTMLDocument.idl: * html/HTMLElement.idl: * html/HTMLImageElement.idl: * html/HTMLInputElement.idl: * html/HTMLSelectElement.idl: * html/HTMLSpanElement.idl: * html/HTMLUnknownElement.idl: * html/ImageData.idl: * html/MediaError.idl: * html/MediaKeyError.idl: * html/TimeRanges.idl: * html/ValidityState.idl: * html/canvas/ArrayBuffer.idl: * html/canvas/ArrayBufferView.idl: * html/canvas/CanvasGradient.idl: * html/canvas/CanvasPattern.idl: * html/canvas/Float32Array.idl: * html/canvas/Float64Array.idl: * html/canvas/Int16Array.idl: * html/canvas/Int32Array.idl: * html/canvas/Int8Array.idl: * html/canvas/Uint16Array.idl: * html/canvas/Uint32Array.idl: * html/canvas/Uint8Array.idl: * html/canvas/Uint8ClampedArray.idl: * html/canvas/WebGLActiveInfo.idl: * html/canvas/WebGLShaderPrecisionFormat.idl: * html/track/TextTrack.idl: * html/track/TextTrackCue.idl: * html/track/TextTrackCueList.idl: * inspector/InjectedScriptHost.idl: * inspector/InspectorFrontendHost.idl: * inspector/JavaScriptCallFrame.idl: * page/Coordinates.idl: * page/Crypto.idl: * page/MemoryInfo.idl: * page/PagePopupController.idl: * page/PerformanceEntryList.idl: * page/SpeechInputResult.idl: * page/SpeechInputResultList.idl: * page/WebKitPoint.idl: * svg/SVGAnimatedAngle.idl: * svg/SVGAnimatedBoolean.idl: * svg/SVGAnimatedEnumeration.idl: * svg/SVGAnimatedInteger.idl: * svg/SVGAnimatedLength.idl: * svg/SVGAnimatedLengthList.idl: * svg/SVGAnimatedNumber.idl: * svg/SVGAnimatedNumberList.idl: * svg/SVGAnimatedPreserveAspectRatio.idl: * svg/SVGAnimatedRect.idl: * svg/SVGAnimatedString.idl: * svg/SVGAnimatedTransformList.idl: * svg/SVGColor.idl: * svg/SVGException.idl: * svg/SVGPaint.idl: * svg/SVGPathSeg.idl: * svg/SVGRenderingIntent.idl: * svg/SVGUnitTypes.idl: * svg/SVGZoomAndPan.idl: * testing/MallocStatistics.idl: * testing/TypeConversions.idl: * workers/WorkerLocation.idl: * xml/DOMParser.idl: * xml/XMLHttpRequestException.idl: * xml/XMLSerializer.idl: * xml/XPathEvaluator.idl: * xml/XPathException.idl: * xml/XPathExpression.idl: * xml/XPathNSResolver.idl: * xml/XPathResult.idl: * xml/XSLTProcessor.idl: Add exceptions to binding integrity checks to IDL. Source/WebKit/chromium: Patch by Tom Sepez <tsepez@chromium.org> on 2013-01-28 Reviewed by Adam Barth. * features.gypi: Added ENABLE_BINDING_INTEGRITY option. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@141034 268f45cc-cd09-0410-ab3c-d52691b4dbfc
7929995e