[webkit-dev] ExecState::thisObject()

Eric Seidel eric at webkit.org
Mon Jul 13 13:27:35 PDT 2009 

Re-sending from correct address.

On Mon, Jul 13, 2009 at 1:23 PM, Eric Seidel<eseidel at google.com> wrote:
> I'm looking at this more today.
>
> I'm first fixing JSCell::new subclasses to make sure they're always
> allocating in the correct heap.  If we're to map from objects to the
> associated globalobject via the heap, we need to fix allocation first.
>
> I started by just removing all versions of new (and jsNumberCell,
> etc.) which used ExecState instead of JSGlobalData*
>
>
> I'm wondering if I should instead be changing ExecState to carry a
> "current global object" member (the global object which carries the
> heap that objects should be allocated in, and prototypes should be
> looked up from.  This is different from either the lexical or global
> objects).  That would require fixing many callsites, but probably
> fewer than my current approach.
>
> -eric
>
> On Fri, Jul 10, 2009 at 11:08 PM, Adam Barth<abarth at webkit.org> wrote:
>> On Fri, Jul 10, 2009 at 6:29 PM, Maciej Stachowiak<mjs at apple.com> wrote:
>>> On Jul 10, 2009, at 6:10 PM, Adam Barth wrote:
>>>> That's correct.  Other browser's get this case right.  Here are a
>>>> couple test cases you might find interesting:
>>>>
>>>> http://webblaze.org/abarth/tests/protoconfused/test1.html
>>>> http://webblaze.org/abarth/tests/protoconfused/test2.html
>>>>
>>>> The question is how to compute the correct wrapper context in all
>>>> cases.  There are a bunch of approaches that cover 80% of the cases.
>>>> The trick is finding an approach that works for 100% of the causes.
>>>
>>> Well, for DOM Nodes you can almost always chase backpointers all the way up
>>> to the Document and from there to the Window, but this could be inefficient.
>>> And there's objects in the DOM that are not Nodes at all, and can't readily
>>> reach a Node.
>>
>> We tried this approach for a while, but we came across CSSValue, which
>> has no obvious back pointers.  It's a bit unclear how to do this for
>> all Nodes even.  For example, DocType Nodes might not have an
>> associated Document.
>>
>> It's possible we could change WebCore to have all the appropriate back
>> pointers.  However, it might be easier to have all the wrapper objects
>> hold the global object directly (or indirectly via their heap
>> placement).
>>
>>> I will ask Sam and Geoff for their thoughts in person if they don't chime in
>>> on the list.
>>
>> Thanks.
>>
>> Adam
>> _______________________________________________
>> webkit-dev mailing list
>> webkit-dev at lists.webkit.org
>> http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
>>
>

More information about the webkit-dev mailing list