Bug 1548625 part 1. Get rid of some ExposeObjectToActiveJS calls in nsGlobalWindowOuter. r=mccr8,jonco
authorBoris Zbarsky <bzbarsky@mit.edu>
Fri, 03 May 2019 10:08:20 +0000
changeset 531320 66f4abcb9d406257dcae595e839469331f74f1a8
parent 531319 1622d158818f55c1a0a3d97ff7b259977a58134f
child 531321 aee3238950ca2c51c282739c319644718651ad38
push id11265
push userffxbld-merge
push dateMon, 13 May 2019 10:53:39 +0000
treeherdermozilla-beta@77e0fe8dbdd3 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmccr8, jonco
bugs1548625
milestone68.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1548625 part 1. Get rid of some ExposeObjectToActiveJS calls in nsGlobalWindowOuter. r=mccr8,jonco We store newInnerGlobal in a Rooted, so as long as we expose on all codepaths that assign to that variable (which with this patch we do, typically via GetWrapper() calls), there's no need to expose explicitly. Differential Revision: https://phabricator.services.mozilla.com/D29718
dom/base/nsGlobalWindowOuter.cpp
--- a/dom/base/nsGlobalWindowOuter.cpp
+++ b/dom/base/nsGlobalWindowOuter.cpp
@@ -1988,25 +1988,25 @@ nsresult nsGlobalWindowOuter::SetNewDocu
   bool thisChrome = IsChromeWindow();
 
   nsCOMPtr<WindowStateHolder> wsh = do_QueryInterface(aState);
   NS_ASSERTION(!aState || wsh,
                "What kind of weird state are you giving me here?");
 
   bool doomCurrentInner = false;
 
+  // Only non-gray (i.e. exposed to JS) objects should be assigned to
+  // newInnerGlobal.
   JS::Rooted<JSObject*> newInnerGlobal(cx);
   if (reUseInnerWindow) {
     // We're reusing the current inner window.
     NS_ASSERTION(!currentInner->IsFrozen(),
                  "We should never be reusing a shared inner window");
     newInnerWindow = currentInner;
-    newInnerGlobal = currentInner->GetWrapperPreserveColor();
-
-    JS::ExposeObjectToActiveJS(newInnerGlobal);
+    newInnerGlobal = currentInner->GetWrapper();
 
     // We're reusing the inner window, but this still counts as a navigation,
     // so all expandos and such defined on the outer window should go away.
     // Force all Xray wrappers to be recomputed.
     JS::Rooted<JSObject*> rootedObject(cx, GetWrapper());
     if (!JS_RefreshCrossCompartmentWrappers(cx, rootedObject)) {
       return NS_ERROR_FAILURE;
     }
@@ -2023,17 +2023,17 @@ nsresult nsGlobalWindowOuter::SetNewDocu
     aDocument->NodePrincipal()->Equals(existing, &sameOrigin);
     MOZ_ASSERT(sameOrigin);
 #endif
     JS::SetRealmPrincipals(realm,
                            nsJSPrincipals::get(aDocument->NodePrincipal()));
   } else {
     if (aState) {
       newInnerWindow = wsh->GetInnerWindow();
-      newInnerGlobal = newInnerWindow->GetWrapperPreserveColor();
+      newInnerGlobal = newInnerWindow->GetWrapper();
     } else {
       newInnerWindow = nsGlobalWindowInner::Create(this, thisChrome);
       if (StaticPrefs::dom_timeout_defer_during_load()) {
         // ensure the initial loading state is known
         newInnerWindow->SetActiveLoadingState(
             aDocument->GetReadyStateEnum() ==
             Document::ReadyState::READYSTATE_LOADING);
       }
@@ -2090,17 +2090,16 @@ nsresult nsGlobalWindowOuter::SetNewDocu
                                js::PrivateValue(ToSupports(this)));
 
       // Inform the nsJSContext, which is the canonical holder of the outer.
       mContext->SetWindowProxy(outer);
       mContext->DidInitializeContext();
 
       SetWrapper(mContext->GetWindowProxy());
     } else {
-      JS::ExposeObjectToActiveJS(newInnerGlobal);
       JS::Rooted<JSObject*> outerObject(
           cx, NewOuterWindowProxy(cx, newInnerGlobal, thisChrome));
       if (!outerObject) {
         NS_ERROR("out of memory");
         return NS_ERROR_FAILURE;
       }
 
       JS::Rooted<JSObject*> obj(cx, GetWrapper());