From e432675850161570a8562f8c617da039f51f706d Mon Sep 17 00:00:00 2001
From: Tom Sepez <tsepez@chromium.org>
Date: Thu, 24 Mar 2016 09:13:17 -0700
Subject: Preserve m_pDynamicObjsMap until FXJS_PerIsolateData is destroyed.

BUG=594120
R=jochen@chromium.org

Review URL: https://codereview.chromium.org/1822423002 .
---
 fpdfsdk/jsapi/fxjs_v8.cpp              | 13 +++---
 fpdfsdk/jsapi/fxjs_v8_embeddertest.cpp | 74 ++++++++++++++++++++++++++++++----
 2 files changed, 72 insertions(+), 15 deletions(-)

diff --git a/fpdfsdk/jsapi/fxjs_v8.cpp b/fpdfsdk/jsapi/fxjs_v8.cpp
index 473b546318..adbdeb12e6 100644
--- a/fpdfsdk/jsapi/fxjs_v8.cpp
+++ b/fpdfsdk/jsapi/fxjs_v8.cpp
@@ -371,11 +371,6 @@ void FXJS_ReleaseRuntime(v8::Isolate* pIsolate,
       v8::Local<v8::Context>::New(pIsolate, *pV8PersistentContext);
   v8::Context::Scope context_scope(context);
 
-  FXJS_PerIsolateData* pData = FXJS_PerIsolateData::Get(pIsolate);
-  if (!pData)
-    return;
-  pData->ReleaseDynamicObjsMap();
-
   int maxID = CFXJS_ObjDefinition::MaxID(pIsolate);
   for (int i = 0; i < maxID; ++i) {
     CFXJS_ObjDefinition* pObjDef = CFXJS_ObjDefinition::ForID(pIsolate, i);
@@ -402,8 +397,12 @@ void FXJS_ReleaseRuntime(v8::Isolate* pIsolate,
   for (int i = 0; i < maxID; ++i)
     delete CFXJS_ObjDefinition::ForID(pIsolate, i);
 
-  pIsolate->SetData(g_embedderDataSlot, nullptr);
-  delete pData;
+  FXJS_PerIsolateData* pData = FXJS_PerIsolateData::Get(pIsolate);
+  if (pData) {
+    pData->ReleaseDynamicObjsMap();
+    pIsolate->SetData(g_embedderDataSlot, nullptr);
+    delete pData;
+  }
 }
 
 IJS_Runtime* FXJS_GetRuntimeFromIsolate(v8::Isolate* pIsolate) {
diff --git a/fpdfsdk/jsapi/fxjs_v8_embeddertest.cpp b/fpdfsdk/jsapi/fxjs_v8_embeddertest.cpp
index b7700c8b60..e89bb28113 100644
--- a/fpdfsdk/jsapi/fxjs_v8_embeddertest.cpp
+++ b/fpdfsdk/jsapi/fxjs_v8_embeddertest.cpp
@@ -7,11 +7,32 @@
 
 namespace {
 
-const wchar_t kScript[] = L"fred = 7";
+const double kExpected0 = 6.0;
+const double kExpected1 = 7.0;
+const double kExpected2 = 8.0;
+
+const wchar_t kScript0[] = L"fred = 6";
+const wchar_t kScript1[] = L"fred = 7";
+const wchar_t kScript2[] = L"fred = 8";
 
 }  // namespace
 
-class FXJSV8EmbedderTest : public JSEmbedderTest {};
+class FXJSV8EmbedderTest : public JSEmbedderTest {
+ public:
+  void ExecuteInCurrentContext(const wchar_t* script) {
+    FXJSErr error;
+    int sts = FXJS_Execute(isolate(), nullptr, script, &error);
+    EXPECT_EQ(0, sts);
+  }
+  void CheckAssignmentInCurrentContext(double expected) {
+    v8::Local<v8::Object> This = FXJS_GetThisObj(isolate());
+    v8::Local<v8::Value> fred = FXJS_GetObjectElement(isolate(), This, L"fred");
+    EXPECT_TRUE(fred->IsNumber());
+    EXPECT_EQ(expected, fred->ToNumber(isolate()->GetCurrentContext())
+                            .ToLocalChecked()
+                            ->Value());
+  }
+};
 
 TEST_F(FXJSV8EmbedderTest, Getters) {
   v8::Isolate::Scope isolate_scope(isolate());
@@ -21,11 +42,48 @@ TEST_F(FXJSV8EmbedderTest, Getters) {
   v8::HandleScope handle_scope(isolate());
   v8::Context::Scope context_scope(GetV8Context());
 
-  FXJSErr error;
-  int sts = FXJS_Execute(isolate(), nullptr, kScript, &error);
-  EXPECT_EQ(0, sts);
+  ExecuteInCurrentContext(kScript1);
+  CheckAssignmentInCurrentContext(kExpected1);
+}
+
+TEST_F(FXJSV8EmbedderTest, MultipleRutimes) {
+  v8::Isolate::Scope isolate_scope(isolate());
+#ifdef PDF_ENABLE_XFA
+  v8::Locker locker(isolate());
+#endif  // PDF_ENABLE_XFA
+  v8::HandleScope handle_scope(isolate());
+
+  v8::Global<v8::Context> global_context1;
+  std::vector<v8::Global<v8::Object>*> static_objects1;
+  FXJS_InitializeRuntime(isolate(), nullptr, &global_context1,
+                         &static_objects1);
+
+  v8::Global<v8::Context> global_context2;
+  std::vector<v8::Global<v8::Object>*> static_objects2;
+  FXJS_InitializeRuntime(isolate(), nullptr, &global_context2,
+                         &static_objects2);
+
+  v8::Context::Scope context_scope(GetV8Context());
+  ExecuteInCurrentContext(kScript0);
+  CheckAssignmentInCurrentContext(kExpected0);
+
+  {
+    v8::Local<v8::Context> context1 =
+        v8::Local<v8::Context>::New(isolate(), global_context1);
+    v8::Context::Scope context_scope(context1);
+    ExecuteInCurrentContext(kScript1);
+    CheckAssignmentInCurrentContext(kExpected1);
+  }
+  FXJS_ReleaseRuntime(isolate(), &global_context1, &static_objects1);
+
+  {
+    v8::Local<v8::Context> context2 =
+        v8::Local<v8::Context>::New(isolate(), global_context2);
+    v8::Context::Scope context_scope(context2);
+    ExecuteInCurrentContext(kScript2);
+    CheckAssignmentInCurrentContext(kExpected2);
+  }
+  FXJS_ReleaseRuntime(isolate(), &global_context2, &static_objects2);
 
-  v8::Local<v8::Object> This = FXJS_GetThisObj(isolate());
-  v8::Local<v8::Value> fred = FXJS_GetObjectElement(isolate(), This, L"fred");
-  EXPECT_TRUE(fred->IsNumber());
+  CheckAssignmentInCurrentContext(kExpected0);
 }
-- 
cgit v1.2.3