Revert "v8binding: Do not hold a cross origin ScriptState in IDL callback function"

This reverts commit 756bea38.

Reason for revert: FindIt suspects that this is the culprit for a number of failures https://findit-for-me.appspot.com/waterfall/failure?url=https://build.chromium.org/p/chromium.webkit/builders/WebKit%20Linux%20Trusty%20ASAN/builds/18261

Original change's description:
> v8binding: Do not hold a cross origin ScriptState in IDL callback function
> 
> Make IDL callback function not hold a ScriptState of its
> creation context when it's cross origin from the incumbent
> realm.
> 
> Not holding a cross origin ScriptState, there is much
> less risk to access a cross origin context.
> 
> IDL callback interface will follow the same approach in
> a separate patch.
> 
> Bug: 892755, 886588, 904218
> Change-Id: Ie55b436fcc5f66f4ee053ef08ad98ea68fb3a2d6
> Reviewed-on: https://chromium-review.googlesource.com/c/1314023
> Reviewed-by: Kentaro Hara <haraken@chromium.org>
> Reviewed-by: Hitoshi Yoshida <peria@chromium.org>
> Commit-Queue: Yuki Shiino <yukishiino@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#609662}

TBR=peria@chromium.org,yukishiino@chromium.org,haraken@chromium.org

Change-Id: Ic0e5a3006a43f8a95202ac1d890f365307068877
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: 892755, 886588, 904218
Reviewed-on: https://chromium-review.googlesource.com/c/1343093Reviewed-by: Maxim Kolosovskiy <kolos@chromium.org>
Commit-Queue: Maxim Kolosovskiy <kolos@chromium.org>
Cr-Commit-Position: refs/heads/master@{#609678}

third_party/blink/renderer/bindings/core/v8/js_based_event_listener.cc

@@ -84,11 +84,10 @@ void JSBasedEventListener::Invoke(
       return;
   }
 
-  ScriptState* script_state_of_listener = GetScriptStateOrReportError("invoke");
-  if (!script_state_of_listener)
-    return;  // The error is already reported.
+  ScriptState* script_state_of_listener = GetScriptState();
+  DCHECK(script_state_of_listener);
   if (!script_state_of_listener->ContextIsValid())
-    return;  // Silently fail.
+    return;
 
   ScriptState::Scope listener_script_state_scope(script_state_of_listener);
 

third_party/blink/renderer/bindings/core/v8/js_based_event_listener.h

@@ -73,15 +73,7 @@ class CORE_EXPORT JSBasedEventListener : public EventListener {
  protected:
   explicit JSBasedEventListener(ListenerType);
   virtual v8::Isolate* GetIsolate() const = 0;
-  // Returns the ScriptState of the relevant realm of the callback object.
-  // Must be used only when it's sure that the callback object is the same
-  // origin-domain.
   virtual ScriptState* GetScriptState() const = 0;
-  // Returns the ScriptState of the relevant realm of the callback object iff
-  // the callback is the same origin-domain. Otherwise, reports the error and
-  // returns nullptr.
-  virtual ScriptState* GetScriptStateOrReportError(
-      const char* operation) const = 0;
   virtual DOMWrapperWorld& GetWorld() const = 0;
 
  private:

third_party/blink/renderer/bindings/core/v8/js_event_handler.h

@@ -71,13 +71,8 @@ class CORE_EXPORT JSEventHandler : public JSBasedEventListener {
   ScriptState* GetScriptState() const override {
     return event_handler_->CallbackRelevantScriptState();
   }
-  ScriptState* GetScriptStateOrReportError(
-      const char* operation) const override {
-    return event_handler_->CallbackRelevantScriptStateOrReportError(
-        "EventHandler", operation);
-  }
   DOMWrapperWorld& GetWorld() const override {
-    return event_handler_->GetWorld();
+    return event_handler_->CallbackRelevantScriptState()->World();
   }
 
   // Initializes |event_handler_| with |listener|. This method must be used only

third_party/blink/renderer/bindings/core/v8/js_event_listener.h

@@ -63,13 +63,8 @@ class CORE_EXPORT JSEventListener final : public JSBasedEventListener {
   ScriptState* GetScriptState() const override {
     return event_listener_->CallbackRelevantScriptState();
   }
-  ScriptState* GetScriptStateOrReportError(
-      const char* operation) const override {
-    return event_listener_->CallbackRelevantScriptStateOrReportError(
-        "EventListener", operation);
-  }
   DOMWrapperWorld& GetWorld() const override {
-    return event_listener_->GetWorld();
+    return event_listener_->CallbackRelevantScriptState()->World();
   }
 
  private:

third_party/blink/renderer/bindings/templates/callback_function.cc.tmpl

@@ -51,22 +51,22 @@ void {{cpp_class}}::InvokeAndReportException({{argument_declarations | join(', '
 
 {% if callback_function_name == 'EventHandlerNonNull' %}
 bool {{cpp_class}}::IsRunnableOrThrowException(IgnorePause ignore_pause) {
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptState();
-
   bool is_runnable =
       ignore_pause == IgnorePause::kIgnore ?
       IsCallbackFunctionRunnableIgnoringPause(
-          callback_relevant_script_state, IncumbentScriptState()) :
+          CallbackRelevantScriptState(), IncumbentScriptState()) :
       IsCallbackFunctionRunnable(
-          callback_relevant_script_state, IncumbentScriptState());
+          CallbackRelevantScriptState(), IncumbentScriptState());
   if (is_runnable)
     return true;
 
   // Wrapper-tracing for the callback function makes the function object and
   // its creation context alive. Thus it's safe to use the creation context
   // of the callback function here.
-  ScriptState::Scope scope(callback_relevant_script_state);
+  v8::HandleScope handle_scope(GetIsolate());
+  v8::Local<v8::Object> callback_object = CallbackObject();
+  CHECK(!callback_object.IsEmpty());
+  v8::Context::Scope context_scope(callback_object->CreationContext());
   V8ThrowException::ThrowError(
       GetIsolate(),
       ExceptionMessages::FailedToExecute(

third_party/blink/renderer/bindings/templates/callback_interface.cc.tmpl

@@ -112,22 +112,22 @@ void {{v8_class}}::InvokeAndReportException({{methods[0].argument_declarations |
 
 {% if interface_name == 'EventListener' %}
 bool {{v8_class}}::IsRunnableOrThrowException(IgnorePause ignore_pause) {
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptState();
-
   bool is_runnable =
       ignore_pause == IgnorePause::kIgnore ?
       IsCallbackFunctionRunnableIgnoringPause(
-          callback_relevant_script_state, IncumbentScriptState()) :
+          CallbackRelevantScriptState(), IncumbentScriptState()) :
       IsCallbackFunctionRunnable(
-          callback_relevant_script_state, IncumbentScriptState());
+          CallbackRelevantScriptState(), IncumbentScriptState());
   if (is_runnable)
     return true;
 
   // Wrapper-tracing for the callback function makes the function object and
   // its creation context alive. Thus it's safe to use the creation context
   // of the callback function here.
-  ScriptState::Scope scope(callback_relevant_script_state);
+  v8::HandleScope handle_scope(GetIsolate());
+  v8::Local<v8::Object> callback_object = CallbackObject();
+  CHECK(!callback_object.IsEmpty());
+  v8::Context::Scope context_scope(callback_object->CreationContext());
   V8ThrowException::ThrowError(
       GetIsolate(),
       ExceptionMessages::FailedToExecute(

third_party/blink/renderer/bindings/templates/callback_invoke.cc.tmpl

@@ -21,16 +21,8 @@
     return_cpp_type, return_native_value_traits_tag, arguments,
     is_treat_non_object_as_null, bypass_runnability_check,
     interface_name, operation_name) %}
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptStateOrThrowException(
-          "{{interface_name}}",
-          "{{operation_name}}");
-  if (!callback_relevant_script_state) {
-    return v8::Nothing<{{return_cpp_type}}>();
-  }
-
   {% if not bypass_runnability_check %}
-  if (!IsCallbackFunctionRunnable(callback_relevant_script_state,
+  if (!IsCallbackFunctionRunnable(CallbackRelevantScriptState(),
                                   IncumbentScriptState())) {
     // Wrapper-tracing for the callback function makes the function object and
     // its creation context alive. Thus it's safe to use the creation context
@@ -51,7 +43,7 @@
 
   // step: Prepare to run script with relevant settings.
   ScriptState::Scope callback_relevant_context_scope(
-      callback_relevant_script_state);
+      CallbackRelevantScriptState());
   // step: Prepare to run a callback with stored settings.
   v8::Context::BackupIncumbentScope backup_incumbent_scope(
       IncumbentScriptState()->GetContext());
@@ -117,7 +109,7 @@
     // step 9.2.2. If getResult is an abrupt completion, set completion to
     //   getResult and jump to the step labeled return.
     v8::Local<v8::Value> value;
-    if (!CallbackObject()->Get(callback_relevant_script_state->GetContext(),
+    if (!CallbackObject()->Get(CallbackRelevantScriptState()->GetContext(),
                                V8String(GetIsolate(), "{{operation_name}}"))
         .ToLocal(&value)) {
       return v8::Nothing<{{return_cpp_type}}>();
@@ -143,7 +135,7 @@
   {% endif %}
   {# Fill |this_arg|. #}
   {% if invoke_or_construct == 'invoke' %}
-  this_arg = ToV8(callback_this_value, callback_relevant_script_state);
+  this_arg = ToV8(callback_this_value, CallbackRelevantScriptState());
   {% elif interface_or_function == 'callback interface' %}
   if (!IsCallbackObjectCallable()) {
     // step 11. If value's interface is not a single operation callback
@@ -154,7 +146,7 @@
     // step 2. If thisArg was not given, let thisArg be undefined.
     this_arg = v8::Undefined(GetIsolate());
   } else {
-    this_arg = ToV8(callback_this_value, callback_relevant_script_state);
+    this_arg = ToV8(callback_this_value, CallbackRelevantScriptState());
   }
   {% endif %}
 
@@ -182,7 +174,7 @@
   //   labeled return.
   {% if arguments %}
   v8::Local<v8::Object> argument_creation_context =
-      callback_relevant_script_state->GetContext()->Global();
+      CallbackRelevantScriptState()->GetContext()->Global();
   ALLOW_UNUSED_LOCAL(argument_creation_context);
   {% set has_variadic_argument = arguments[-1].is_variadic %}
   {% set non_variadic_arguments = arguments | rejectattr('is_variadic') | list %}
@@ -217,7 +209,7 @@
   if (!V8ScriptRunner::CallAsConstructor(
           GetIsolate(),
           function,
-          ExecutionContext::From(callback_relevant_script_state),
+          ExecutionContext::From(CallbackRelevantScriptState()),
           argc,
           argv).ToLocal(&call_result)) {
     // step 11. If callResult is an abrupt completion, set completion to
@@ -228,7 +220,7 @@
   // step: Let callResult be Call(X, thisArg, esArgs).
   if (!V8ScriptRunner::CallFunction(
           function,
-          ExecutionContext::From(callback_relevant_script_state),
+          ExecutionContext::From(CallbackRelevantScriptState()),
           this_arg,
           argc,
           argv,

third_party/blink/renderer/bindings/tests/results/core/v8_any_callback_function_optional_any_arg.cc

@@ -28,15 +28,7 @@ const char* V8AnyCallbackFunctionOptionalAnyArg::NameInHeapSnapshot() const {
 }
 
 v8::Maybe<ScriptValue> V8AnyCallbackFunctionOptionalAnyArg::Invoke(ScriptWrappable* callback_this_value, ScriptValue optionalAnyArg) {
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptStateOrThrowException(
-          "AnyCallbackFunctionOptionalAnyArg",
-          "invoke");
-  if (!callback_relevant_script_state) {
-    return v8::Nothing<ScriptValue>();
-  }
-
-  if (!IsCallbackFunctionRunnable(callback_relevant_script_state,
+  if (!IsCallbackFunctionRunnable(CallbackRelevantScriptState(),
                                   IncumbentScriptState())) {
     // Wrapper-tracing for the callback function makes the function object and
     // its creation context alive. Thus it's safe to use the creation context
@@ -56,7 +48,7 @@ v8::Maybe<ScriptValue> V8AnyCallbackFunctionOptionalAnyArg::Invoke(ScriptWrappab
 
   // step: Prepare to run script with relevant settings.
   ScriptState::Scope callback_relevant_context_scope(
-      callback_relevant_script_state);
+      CallbackRelevantScriptState());
   // step: Prepare to run a callback with stored settings.
   v8::Context::BackupIncumbentScope backup_incumbent_scope(
       IncumbentScriptState()->GetContext());
@@ -70,14 +62,14 @@ v8::Maybe<ScriptValue> V8AnyCallbackFunctionOptionalAnyArg::Invoke(ScriptWrappab
   function = CallbackFunction();
 
   v8::Local<v8::Value> this_arg;
-  this_arg = ToV8(callback_this_value, callback_relevant_script_state);
+  this_arg = ToV8(callback_this_value, CallbackRelevantScriptState());
 
   // step: Let esArgs be the result of converting args to an ECMAScript
   //   arguments list. If this throws an exception, set completion to the
   //   completion value representing the thrown exception and jump to the step
   //   labeled return.
   v8::Local<v8::Object> argument_creation_context =
-      callback_relevant_script_state->GetContext()->Global();
+      CallbackRelevantScriptState()->GetContext()->Global();
   ALLOW_UNUSED_LOCAL(argument_creation_context);
   v8::Local<v8::Value> v8_optionalAnyArg = optionalAnyArg.V8Value();
   constexpr int argc = 1;
@@ -88,7 +80,7 @@ v8::Maybe<ScriptValue> V8AnyCallbackFunctionOptionalAnyArg::Invoke(ScriptWrappab
   // step: Let callResult be Call(X, thisArg, esArgs).
   if (!V8ScriptRunner::CallFunction(
           function,
-          ExecutionContext::From(callback_relevant_script_state),
+          ExecutionContext::From(CallbackRelevantScriptState()),
           this_arg,
           argc,
           argv,
@@ -116,15 +108,7 @@ v8::Maybe<ScriptValue> V8AnyCallbackFunctionOptionalAnyArg::Invoke(ScriptWrappab
 }
 
 v8::Maybe<ScriptValue> V8AnyCallbackFunctionOptionalAnyArg::Construct(ScriptValue optionalAnyArg) {
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptStateOrThrowException(
-          "AnyCallbackFunctionOptionalAnyArg",
-          "construct");
-  if (!callback_relevant_script_state) {
-    return v8::Nothing<ScriptValue>();
-  }
-
-  if (!IsCallbackFunctionRunnable(callback_relevant_script_state,
+  if (!IsCallbackFunctionRunnable(CallbackRelevantScriptState(),
                                   IncumbentScriptState())) {
     // Wrapper-tracing for the callback function makes the function object and
     // its creation context alive. Thus it's safe to use the creation context
@@ -144,7 +128,7 @@ v8::Maybe<ScriptValue> V8AnyCallbackFunctionOptionalAnyArg::Construct(ScriptValu
 
   // step: Prepare to run script with relevant settings.
   ScriptState::Scope callback_relevant_context_scope(
-      callback_relevant_script_state);
+      CallbackRelevantScriptState());
   // step: Prepare to run a callback with stored settings.
   v8::Context::BackupIncumbentScope backup_incumbent_scope(
       IncumbentScriptState()->GetContext());
@@ -177,7 +161,7 @@ v8::Maybe<ScriptValue> V8AnyCallbackFunctionOptionalAnyArg::Construct(ScriptValu
   //   completion value representing the thrown exception and jump to the step
   //   labeled return.
   v8::Local<v8::Object> argument_creation_context =
-      callback_relevant_script_state->GetContext()->Global();
+      CallbackRelevantScriptState()->GetContext()->Global();
   ALLOW_UNUSED_LOCAL(argument_creation_context);
   v8::Local<v8::Value> v8_optionalAnyArg = optionalAnyArg.V8Value();
   constexpr int argc = 1;
@@ -188,7 +172,7 @@ v8::Maybe<ScriptValue> V8AnyCallbackFunctionOptionalAnyArg::Construct(ScriptValu
   if (!V8ScriptRunner::CallAsConstructor(
           GetIsolate(),
           function,
-          ExecutionContext::From(callback_relevant_script_state),
+          ExecutionContext::From(CallbackRelevantScriptState()),
           argc,
           argv).ToLocal(&call_result)) {
     // step 11. If callResult is an abrupt completion, set completion to

third_party/blink/renderer/bindings/tests/results/core/v8_any_callback_function_variadic_any_args.cc

@@ -28,15 +28,7 @@ const char* V8AnyCallbackFunctionVariadicAnyArgs::NameInHeapSnapshot() const {
 }
 
 v8::Maybe<ScriptValue> V8AnyCallbackFunctionVariadicAnyArgs::Invoke(ScriptWrappable* callback_this_value, const Vector<ScriptValue>& arguments) {
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptStateOrThrowException(
-          "AnyCallbackFunctionVariadicAnyArgs",
-          "invoke");
-  if (!callback_relevant_script_state) {
-    return v8::Nothing<ScriptValue>();
-  }
-
-  if (!IsCallbackFunctionRunnable(callback_relevant_script_state,
+  if (!IsCallbackFunctionRunnable(CallbackRelevantScriptState(),
                                   IncumbentScriptState())) {
     // Wrapper-tracing for the callback function makes the function object and
     // its creation context alive. Thus it's safe to use the creation context
@@ -56,7 +48,7 @@ v8::Maybe<ScriptValue> V8AnyCallbackFunctionVariadicAnyArgs::Invoke(ScriptWrappa
 
   // step: Prepare to run script with relevant settings.
   ScriptState::Scope callback_relevant_context_scope(
-      callback_relevant_script_state);
+      CallbackRelevantScriptState());
   // step: Prepare to run a callback with stored settings.
   v8::Context::BackupIncumbentScope backup_incumbent_scope(
       IncumbentScriptState()->GetContext());
@@ -70,14 +62,14 @@ v8::Maybe<ScriptValue> V8AnyCallbackFunctionVariadicAnyArgs::Invoke(ScriptWrappa
   function = CallbackFunction();
 
   v8::Local<v8::Value> this_arg;
-  this_arg = ToV8(callback_this_value, callback_relevant_script_state);
+  this_arg = ToV8(callback_this_value, CallbackRelevantScriptState());
 
   // step: Let esArgs be the result of converting args to an ECMAScript
   //   arguments list. If this throws an exception, set completion to the
   //   completion value representing the thrown exception and jump to the step
   //   labeled return.
   v8::Local<v8::Object> argument_creation_context =
-      callback_relevant_script_state->GetContext()->Global();
+      CallbackRelevantScriptState()->GetContext()->Global();
   ALLOW_UNUSED_LOCAL(argument_creation_context);
   const int argc = 0 + arguments.size();
   v8::Local<v8::Value> argv[argc];
@@ -89,7 +81,7 @@ v8::Maybe<ScriptValue> V8AnyCallbackFunctionVariadicAnyArgs::Invoke(ScriptWrappa
   // step: Let callResult be Call(X, thisArg, esArgs).
   if (!V8ScriptRunner::CallFunction(
           function,
-          ExecutionContext::From(callback_relevant_script_state),
+          ExecutionContext::From(CallbackRelevantScriptState()),
           this_arg,
           argc,
           argv,
@@ -117,15 +109,7 @@ v8::Maybe<ScriptValue> V8AnyCallbackFunctionVariadicAnyArgs::Invoke(ScriptWrappa
 }
 
 v8::Maybe<ScriptValue> V8AnyCallbackFunctionVariadicAnyArgs::Construct(const Vector<ScriptValue>& arguments) {
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptStateOrThrowException(
-          "AnyCallbackFunctionVariadicAnyArgs",
-          "construct");
-  if (!callback_relevant_script_state) {
-    return v8::Nothing<ScriptValue>();
-  }
-
-  if (!IsCallbackFunctionRunnable(callback_relevant_script_state,
+  if (!IsCallbackFunctionRunnable(CallbackRelevantScriptState(),
                                   IncumbentScriptState())) {
     // Wrapper-tracing for the callback function makes the function object and
     // its creation context alive. Thus it's safe to use the creation context
@@ -145,7 +129,7 @@ v8::Maybe<ScriptValue> V8AnyCallbackFunctionVariadicAnyArgs::Construct(const Vec
 
   // step: Prepare to run script with relevant settings.
   ScriptState::Scope callback_relevant_context_scope(
-      callback_relevant_script_state);
+      CallbackRelevantScriptState());
   // step: Prepare to run a callback with stored settings.
   v8::Context::BackupIncumbentScope backup_incumbent_scope(
       IncumbentScriptState()->GetContext());
@@ -178,7 +162,7 @@ v8::Maybe<ScriptValue> V8AnyCallbackFunctionVariadicAnyArgs::Construct(const Vec
   //   completion value representing the thrown exception and jump to the step
   //   labeled return.
   v8::Local<v8::Object> argument_creation_context =
-      callback_relevant_script_state->GetContext()->Global();
+      CallbackRelevantScriptState()->GetContext()->Global();
   ALLOW_UNUSED_LOCAL(argument_creation_context);
   const int argc = 0 + arguments.size();
   v8::Local<v8::Value> argv[argc];
@@ -190,7 +174,7 @@ v8::Maybe<ScriptValue> V8AnyCallbackFunctionVariadicAnyArgs::Construct(const Vec
   if (!V8ScriptRunner::CallAsConstructor(
           GetIsolate(),
           function,
-          ExecutionContext::From(callback_relevant_script_state),
+          ExecutionContext::From(CallbackRelevantScriptState()),
           argc,
           argv).ToLocal(&call_result)) {
     // step 11. If callResult is an abrupt completion, set completion to

third_party/blink/renderer/bindings/tests/results/core/v8_long_callback_function.cc

@@ -28,15 +28,7 @@ const char* V8LongCallbackFunction::NameInHeapSnapshot() const {
 }
 
 v8::Maybe<int32_t> V8LongCallbackFunction::Invoke(ScriptWrappable* callback_this_value, int32_t num1, int32_t num2) {
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptStateOrThrowException(
-          "LongCallbackFunction",
-          "invoke");
-  if (!callback_relevant_script_state) {
-    return v8::Nothing<int32_t>();
-  }
-
-  if (!IsCallbackFunctionRunnable(callback_relevant_script_state,
+  if (!IsCallbackFunctionRunnable(CallbackRelevantScriptState(),
                                   IncumbentScriptState())) {
     // Wrapper-tracing for the callback function makes the function object and
     // its creation context alive. Thus it's safe to use the creation context
@@ -56,7 +48,7 @@ v8::Maybe<int32_t> V8LongCallbackFunction::Invoke(ScriptWrappable* callback_this
 
   // step: Prepare to run script with relevant settings.
   ScriptState::Scope callback_relevant_context_scope(
-      callback_relevant_script_state);
+      CallbackRelevantScriptState());
   // step: Prepare to run a callback with stored settings.
   v8::Context::BackupIncumbentScope backup_incumbent_scope(
       IncumbentScriptState()->GetContext());
@@ -70,14 +62,14 @@ v8::Maybe<int32_t> V8LongCallbackFunction::Invoke(ScriptWrappable* callback_this
   function = CallbackFunction();
 
   v8::Local<v8::Value> this_arg;
-  this_arg = ToV8(callback_this_value, callback_relevant_script_state);
+  this_arg = ToV8(callback_this_value, CallbackRelevantScriptState());
 
   // step: Let esArgs be the result of converting args to an ECMAScript
   //   arguments list. If this throws an exception, set completion to the
   //   completion value representing the thrown exception and jump to the step
   //   labeled return.
   v8::Local<v8::Object> argument_creation_context =
-      callback_relevant_script_state->GetContext()->Global();
+      CallbackRelevantScriptState()->GetContext()->Global();
   ALLOW_UNUSED_LOCAL(argument_creation_context);
   v8::Local<v8::Value> v8_num1 = v8::Integer::New(GetIsolate(), num1);
   v8::Local<v8::Value> v8_num2 = v8::Integer::New(GetIsolate(), num2);
@@ -89,7 +81,7 @@ v8::Maybe<int32_t> V8LongCallbackFunction::Invoke(ScriptWrappable* callback_this
   // step: Let callResult be Call(X, thisArg, esArgs).
   if (!V8ScriptRunner::CallFunction(
           function,
-          ExecutionContext::From(callback_relevant_script_state),
+          ExecutionContext::From(CallbackRelevantScriptState()),
           this_arg,
           argc,
           argv,

third_party/blink/renderer/bindings/tests/results/core/v8_string_sequence_callback_function_long_sequence_arg.cc

@@ -28,15 +28,7 @@ const char* V8StringSequenceCallbackFunctionLongSequenceArg::NameInHeapSnapshot(
 }
 
 v8::Maybe<Vector<String>> V8StringSequenceCallbackFunctionLongSequenceArg::Invoke(ScriptWrappable* callback_this_value, const Vector<int32_t>& arg) {
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptStateOrThrowException(
-          "StringSequenceCallbackFunctionLongSequenceArg",
-          "invoke");
-  if (!callback_relevant_script_state) {
-    return v8::Nothing<Vector<String>>();
-  }
-
-  if (!IsCallbackFunctionRunnable(callback_relevant_script_state,
+  if (!IsCallbackFunctionRunnable(CallbackRelevantScriptState(),
                                   IncumbentScriptState())) {
     // Wrapper-tracing for the callback function makes the function object and
     // its creation context alive. Thus it's safe to use the creation context
@@ -56,7 +48,7 @@ v8::Maybe<Vector<String>> V8StringSequenceCallbackFunctionLongSequenceArg::Invok
 
   // step: Prepare to run script with relevant settings.
   ScriptState::Scope callback_relevant_context_scope(
-      callback_relevant_script_state);
+      CallbackRelevantScriptState());
   // step: Prepare to run a callback with stored settings.
   v8::Context::BackupIncumbentScope backup_incumbent_scope(
       IncumbentScriptState()->GetContext());
@@ -70,14 +62,14 @@ v8::Maybe<Vector<String>> V8StringSequenceCallbackFunctionLongSequenceArg::Invok
   function = CallbackFunction();
 
   v8::Local<v8::Value> this_arg;
-  this_arg = ToV8(callback_this_value, callback_relevant_script_state);
+  this_arg = ToV8(callback_this_value, CallbackRelevantScriptState());
 
   // step: Let esArgs be the result of converting args to an ECMAScript
   //   arguments list. If this throws an exception, set completion to the
   //   completion value representing the thrown exception and jump to the step
   //   labeled return.
   v8::Local<v8::Object> argument_creation_context =
-      callback_relevant_script_state->GetContext()->Global();
+      CallbackRelevantScriptState()->GetContext()->Global();
   ALLOW_UNUSED_LOCAL(argument_creation_context);
   v8::Local<v8::Value> v8_arg = ToV8(arg, argument_creation_context, GetIsolate());
   constexpr int argc = 1;
@@ -88,7 +80,7 @@ v8::Maybe<Vector<String>> V8StringSequenceCallbackFunctionLongSequenceArg::Invok
   // step: Let callResult be Call(X, thisArg, esArgs).
   if (!V8ScriptRunner::CallFunction(
           function,
-          ExecutionContext::From(callback_relevant_script_state),
+          ExecutionContext::From(CallbackRelevantScriptState()),
           this_arg,
           argc,
           argv,

third_party/blink/renderer/bindings/tests/results/core/v8_test_legacy_callback_interface.cc

@@ -96,15 +96,7 @@ V8TestLegacyCallbackInterface* V8TestLegacyCallbackInterface::CreateOrNull(v8::L
 }
 
 v8::Maybe<uint16_t> V8TestLegacyCallbackInterface::acceptNode(ScriptWrappable* callback_this_value, Node* node) {
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptStateOrThrowException(
-          "TestLegacyCallbackInterface",
-          "acceptNode");
-  if (!callback_relevant_script_state) {
-    return v8::Nothing<uint16_t>();
-  }
-
-  if (!IsCallbackFunctionRunnable(callback_relevant_script_state,
+  if (!IsCallbackFunctionRunnable(CallbackRelevantScriptState(),
                                   IncumbentScriptState())) {
     // Wrapper-tracing for the callback function makes the function object and
     // its creation context alive. Thus it's safe to use the creation context
@@ -124,7 +116,7 @@ v8::Maybe<uint16_t> V8TestLegacyCallbackInterface::acceptNode(ScriptWrappable* c
 
   // step: Prepare to run script with relevant settings.
   ScriptState::Scope callback_relevant_context_scope(
-      callback_relevant_script_state);
+      CallbackRelevantScriptState());
   // step: Prepare to run a callback with stored settings.
   v8::Context::BackupIncumbentScope backup_incumbent_scope(
       IncumbentScriptState()->GetContext());
@@ -139,7 +131,7 @@ v8::Maybe<uint16_t> V8TestLegacyCallbackInterface::acceptNode(ScriptWrappable* c
     // step 9.2.2. If getResult is an abrupt completion, set completion to
     //   getResult and jump to the step labeled return.
     v8::Local<v8::Value> value;
-    if (!CallbackObject()->Get(callback_relevant_script_state->GetContext(),
+    if (!CallbackObject()->Get(CallbackRelevantScriptState()->GetContext(),
                                V8String(GetIsolate(), "acceptNode"))
         .ToLocal(&value)) {
       return v8::Nothing<uint16_t>();
@@ -169,7 +161,7 @@ v8::Maybe<uint16_t> V8TestLegacyCallbackInterface::acceptNode(ScriptWrappable* c
     // step 2. If thisArg was not given, let thisArg be undefined.
     this_arg = v8::Undefined(GetIsolate());
   } else {
-    this_arg = ToV8(callback_this_value, callback_relevant_script_state);
+    this_arg = ToV8(callback_this_value, CallbackRelevantScriptState());
   }
 
   // step: Let esArgs be the result of converting args to an ECMAScript
@@ -177,7 +169,7 @@ v8::Maybe<uint16_t> V8TestLegacyCallbackInterface::acceptNode(ScriptWrappable* c
   //   completion value representing the thrown exception and jump to the step
   //   labeled return.
   v8::Local<v8::Object> argument_creation_context =
-      callback_relevant_script_state->GetContext()->Global();
+      CallbackRelevantScriptState()->GetContext()->Global();
   ALLOW_UNUSED_LOCAL(argument_creation_context);
   v8::Local<v8::Value> v8_node = ToV8(node, argument_creation_context, GetIsolate());
   constexpr int argc = 1;
@@ -188,7 +180,7 @@ v8::Maybe<uint16_t> V8TestLegacyCallbackInterface::acceptNode(ScriptWrappable* c
   // step: Let callResult be Call(X, thisArg, esArgs).
   if (!V8ScriptRunner::CallFunction(
           function,
-          ExecutionContext::From(callback_relevant_script_state),
+          ExecutionContext::From(CallbackRelevantScriptState()),
           this_arg,
           argc,
           argv,

third_party/blink/renderer/bindings/tests/results/core/v8_treat_non_object_as_null_boolean_function.cc

@@ -27,15 +27,7 @@ const char* V8TreatNonObjectAsNullBooleanFunction::NameInHeapSnapshot() const {
 }
 
 v8::Maybe<bool> V8TreatNonObjectAsNullBooleanFunction::Invoke(ScriptWrappable* callback_this_value) {
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptStateOrThrowException(
-          "TreatNonObjectAsNullBooleanFunction",
-          "invoke");
-  if (!callback_relevant_script_state) {
-    return v8::Nothing<bool>();
-  }
-
-  if (!IsCallbackFunctionRunnable(callback_relevant_script_state,
+  if (!IsCallbackFunctionRunnable(CallbackRelevantScriptState(),
                                   IncumbentScriptState())) {
     // Wrapper-tracing for the callback function makes the function object and
     // its creation context alive. Thus it's safe to use the creation context
@@ -55,7 +47,7 @@ v8::Maybe<bool> V8TreatNonObjectAsNullBooleanFunction::Invoke(ScriptWrappable* c
 
   // step: Prepare to run script with relevant settings.
   ScriptState::Scope callback_relevant_context_scope(
-      callback_relevant_script_state);
+      CallbackRelevantScriptState());
   // step: Prepare to run a callback with stored settings.
   v8::Context::BackupIncumbentScope backup_incumbent_scope(
       IncumbentScriptState()->GetContext());
@@ -83,7 +75,7 @@ v8::Maybe<bool> V8TreatNonObjectAsNullBooleanFunction::Invoke(ScriptWrappable* c
   function = CallbackFunction();
 
   v8::Local<v8::Value> this_arg;
-  this_arg = ToV8(callback_this_value, callback_relevant_script_state);
+  this_arg = ToV8(callback_this_value, CallbackRelevantScriptState());
 
   // step: Let esArgs be the result of converting args to an ECMAScript
   //   arguments list. If this throws an exception, set completion to the
@@ -96,7 +88,7 @@ v8::Maybe<bool> V8TreatNonObjectAsNullBooleanFunction::Invoke(ScriptWrappable* c
   // step: Let callResult be Call(X, thisArg, esArgs).
   if (!V8ScriptRunner::CallFunction(
           function,
-          ExecutionContext::From(callback_relevant_script_state),
+          ExecutionContext::From(CallbackRelevantScriptState()),
           this_arg,
           argc,
           argv,

third_party/blink/renderer/bindings/tests/results/core/v8_treat_non_object_as_null_void_function.cc

@@ -27,15 +27,7 @@ const char* V8TreatNonObjectAsNullVoidFunction::NameInHeapSnapshot() const {
 }
 
 v8::Maybe<void> V8TreatNonObjectAsNullVoidFunction::Invoke(ScriptWrappable* callback_this_value) {
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptStateOrThrowException(
-          "TreatNonObjectAsNullVoidFunction",
-          "invoke");
-  if (!callback_relevant_script_state) {
-    return v8::Nothing<void>();
-  }
-
-  if (!IsCallbackFunctionRunnable(callback_relevant_script_state,
+  if (!IsCallbackFunctionRunnable(CallbackRelevantScriptState(),
                                   IncumbentScriptState())) {
     // Wrapper-tracing for the callback function makes the function object and
     // its creation context alive. Thus it's safe to use the creation context
@@ -55,7 +47,7 @@ v8::Maybe<void> V8TreatNonObjectAsNullVoidFunction::Invoke(ScriptWrappable* call
 
   // step: Prepare to run script with relevant settings.
   ScriptState::Scope callback_relevant_context_scope(
-      callback_relevant_script_state);
+      CallbackRelevantScriptState());
   // step: Prepare to run a callback with stored settings.
   v8::Context::BackupIncumbentScope backup_incumbent_scope(
       IncumbentScriptState()->GetContext());
@@ -72,7 +64,7 @@ v8::Maybe<void> V8TreatNonObjectAsNullVoidFunction::Invoke(ScriptWrappable* call
   function = CallbackFunction();
 
   v8::Local<v8::Value> this_arg;
-  this_arg = ToV8(callback_this_value, callback_relevant_script_state);
+  this_arg = ToV8(callback_this_value, CallbackRelevantScriptState());
 
   // step: Let esArgs be the result of converting args to an ECMAScript
   //   arguments list. If this throws an exception, set completion to the
@@ -85,7 +77,7 @@ v8::Maybe<void> V8TreatNonObjectAsNullVoidFunction::Invoke(ScriptWrappable* call
   // step: Let callResult be Call(X, thisArg, esArgs).
   if (!V8ScriptRunner::CallFunction(
           function,
-          ExecutionContext::From(callback_relevant_script_state),
+          ExecutionContext::From(CallbackRelevantScriptState()),
           this_arg,
           argc,
           argv,

third_party/blink/renderer/bindings/tests/results/core/v8_void_callback_function.cc

@@ -27,15 +27,7 @@ const char* V8VoidCallbackFunction::NameInHeapSnapshot() const {
 }
 
 v8::Maybe<void> V8VoidCallbackFunction::Invoke(ScriptWrappable* callback_this_value) {
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptStateOrThrowException(
-          "VoidCallbackFunction",
-          "invoke");
-  if (!callback_relevant_script_state) {
-    return v8::Nothing<void>();
-  }
-
-  if (!IsCallbackFunctionRunnable(callback_relevant_script_state,
+  if (!IsCallbackFunctionRunnable(CallbackRelevantScriptState(),
                                   IncumbentScriptState())) {
     // Wrapper-tracing for the callback function makes the function object and
     // its creation context alive. Thus it's safe to use the creation context
@@ -55,7 +47,7 @@ v8::Maybe<void> V8VoidCallbackFunction::Invoke(ScriptWrappable* callback_this_va
 
   // step: Prepare to run script with relevant settings.
   ScriptState::Scope callback_relevant_context_scope(
-      callback_relevant_script_state);
+      CallbackRelevantScriptState());
   // step: Prepare to run a callback with stored settings.
   v8::Context::BackupIncumbentScope backup_incumbent_scope(
       IncumbentScriptState()->GetContext());
@@ -69,7 +61,7 @@ v8::Maybe<void> V8VoidCallbackFunction::Invoke(ScriptWrappable* callback_this_va
   function = CallbackFunction();
 
   v8::Local<v8::Value> this_arg;
-  this_arg = ToV8(callback_this_value, callback_relevant_script_state);
+  this_arg = ToV8(callback_this_value, CallbackRelevantScriptState());
 
   // step: Let esArgs be the result of converting args to an ECMAScript
   //   arguments list. If this throws an exception, set completion to the
@@ -82,7 +74,7 @@ v8::Maybe<void> V8VoidCallbackFunction::Invoke(ScriptWrappable* callback_this_va
   // step: Let callResult be Call(X, thisArg, esArgs).
   if (!V8ScriptRunner::CallFunction(
           function,
-          ExecutionContext::From(callback_relevant_script_state),
+          ExecutionContext::From(CallbackRelevantScriptState()),
           this_arg,
           argc,
           argv,

third_party/blink/renderer/bindings/tests/results/core/v8_void_callback_function_dictionary_arg.cc

@@ -28,15 +28,7 @@ const char* V8VoidCallbackFunctionDictionaryArg::NameInHeapSnapshot() const {
 }
 
 v8::Maybe<void> V8VoidCallbackFunctionDictionaryArg::Invoke(ScriptWrappable* callback_this_value, const TestDictionary*& arg) {
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptStateOrThrowException(
-          "VoidCallbackFunctionDictionaryArg",
-          "invoke");
-  if (!callback_relevant_script_state) {
-    return v8::Nothing<void>();
-  }
-
-  if (!IsCallbackFunctionRunnable(callback_relevant_script_state,
+  if (!IsCallbackFunctionRunnable(CallbackRelevantScriptState(),
                                   IncumbentScriptState())) {
     // Wrapper-tracing for the callback function makes the function object and
     // its creation context alive. Thus it's safe to use the creation context
@@ -56,7 +48,7 @@ v8::Maybe<void> V8VoidCallbackFunctionDictionaryArg::Invoke(ScriptWrappable* cal
 
   // step: Prepare to run script with relevant settings.
   ScriptState::Scope callback_relevant_context_scope(
-      callback_relevant_script_state);
+      CallbackRelevantScriptState());
   // step: Prepare to run a callback with stored settings.
   v8::Context::BackupIncumbentScope backup_incumbent_scope(
       IncumbentScriptState()->GetContext());
@@ -70,14 +62,14 @@ v8::Maybe<void> V8VoidCallbackFunctionDictionaryArg::Invoke(ScriptWrappable* cal
   function = CallbackFunction();
 
   v8::Local<v8::Value> this_arg;
-  this_arg = ToV8(callback_this_value, callback_relevant_script_state);
+  this_arg = ToV8(callback_this_value, CallbackRelevantScriptState());
 
   // step: Let esArgs be the result of converting args to an ECMAScript
   //   arguments list. If this throws an exception, set completion to the
   //   completion value representing the thrown exception and jump to the step
   //   labeled return.
   v8::Local<v8::Object> argument_creation_context =
-      callback_relevant_script_state->GetContext()->Global();
+      CallbackRelevantScriptState()->GetContext()->Global();
   ALLOW_UNUSED_LOCAL(argument_creation_context);
   v8::Local<v8::Value> v8_arg = ToV8(arg, argument_creation_context, GetIsolate());
   constexpr int argc = 1;
@@ -88,7 +80,7 @@ v8::Maybe<void> V8VoidCallbackFunctionDictionaryArg::Invoke(ScriptWrappable* cal
   // step: Let callResult be Call(X, thisArg, esArgs).
   if (!V8ScriptRunner::CallFunction(
           function,
-          ExecutionContext::From(callback_relevant_script_state),
+          ExecutionContext::From(CallbackRelevantScriptState()),
           this_arg,
           argc,
           argv,

third_party/blink/renderer/bindings/tests/results/core/v8_void_callback_function_enum_arg.cc

@@ -28,15 +28,7 @@ const char* V8VoidCallbackFunctionEnumArg::NameInHeapSnapshot() const {
 }
 
 v8::Maybe<void> V8VoidCallbackFunctionEnumArg::Invoke(ScriptWrappable* callback_this_value, const String& arg) {
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptStateOrThrowException(
-          "VoidCallbackFunctionEnumArg",
-          "invoke");
-  if (!callback_relevant_script_state) {
-    return v8::Nothing<void>();
-  }
-
-  if (!IsCallbackFunctionRunnable(callback_relevant_script_state,
+  if (!IsCallbackFunctionRunnable(CallbackRelevantScriptState(),
                                   IncumbentScriptState())) {
     // Wrapper-tracing for the callback function makes the function object and
     // its creation context alive. Thus it's safe to use the creation context
@@ -56,7 +48,7 @@ v8::Maybe<void> V8VoidCallbackFunctionEnumArg::Invoke(ScriptWrappable* callback_
 
   // step: Prepare to run script with relevant settings.
   ScriptState::Scope callback_relevant_context_scope(
-      callback_relevant_script_state);
+      CallbackRelevantScriptState());
   // step: Prepare to run a callback with stored settings.
   v8::Context::BackupIncumbentScope backup_incumbent_scope(
       IncumbentScriptState()->GetContext());
@@ -70,7 +62,7 @@ v8::Maybe<void> V8VoidCallbackFunctionEnumArg::Invoke(ScriptWrappable* callback_
   function = CallbackFunction();
 
   v8::Local<v8::Value> this_arg;
-  this_arg = ToV8(callback_this_value, callback_relevant_script_state);
+  this_arg = ToV8(callback_this_value, CallbackRelevantScriptState());
 
   // Enum values provided by Blink must be valid, otherwise typo.
 #if DCHECK_IS_ON()
@@ -97,7 +89,7 @@ v8::Maybe<void> V8VoidCallbackFunctionEnumArg::Invoke(ScriptWrappable* callback_
   //   completion value representing the thrown exception and jump to the step
   //   labeled return.
   v8::Local<v8::Object> argument_creation_context =
-      callback_relevant_script_state->GetContext()->Global();
+      CallbackRelevantScriptState()->GetContext()->Global();
   ALLOW_UNUSED_LOCAL(argument_creation_context);
   v8::Local<v8::Value> v8_arg = V8String(GetIsolate(), arg);
   constexpr int argc = 1;
@@ -108,7 +100,7 @@ v8::Maybe<void> V8VoidCallbackFunctionEnumArg::Invoke(ScriptWrappable* callback_
   // step: Let callResult be Call(X, thisArg, esArgs).
   if (!V8ScriptRunner::CallFunction(
           function,
-          ExecutionContext::From(callback_relevant_script_state),
+          ExecutionContext::From(CallbackRelevantScriptState()),
           this_arg,
           argc,
           argv,

third_party/blink/renderer/bindings/tests/results/core/v8_void_callback_function_interface_arg.cc

@@ -28,15 +28,7 @@ const char* V8VoidCallbackFunctionInterfaceArg::NameInHeapSnapshot() const {
 }
 
 v8::Maybe<void> V8VoidCallbackFunctionInterfaceArg::Invoke(ScriptWrappable* callback_this_value, HTMLDivElement* divElement) {
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptStateOrThrowException(
-          "VoidCallbackFunctionInterfaceArg",
-          "invoke");
-  if (!callback_relevant_script_state) {
-    return v8::Nothing<void>();
-  }
-
-  if (!IsCallbackFunctionRunnable(callback_relevant_script_state,
+  if (!IsCallbackFunctionRunnable(CallbackRelevantScriptState(),
                                   IncumbentScriptState())) {
     // Wrapper-tracing for the callback function makes the function object and
     // its creation context alive. Thus it's safe to use the creation context
@@ -56,7 +48,7 @@ v8::Maybe<void> V8VoidCallbackFunctionInterfaceArg::Invoke(ScriptWrappable* call
 
   // step: Prepare to run script with relevant settings.
   ScriptState::Scope callback_relevant_context_scope(
-      callback_relevant_script_state);
+      CallbackRelevantScriptState());
   // step: Prepare to run a callback with stored settings.
   v8::Context::BackupIncumbentScope backup_incumbent_scope(
       IncumbentScriptState()->GetContext());
@@ -70,14 +62,14 @@ v8::Maybe<void> V8VoidCallbackFunctionInterfaceArg::Invoke(ScriptWrappable* call
   function = CallbackFunction();
 
   v8::Local<v8::Value> this_arg;
-  this_arg = ToV8(callback_this_value, callback_relevant_script_state);
+  this_arg = ToV8(callback_this_value, CallbackRelevantScriptState());
 
   // step: Let esArgs be the result of converting args to an ECMAScript
   //   arguments list. If this throws an exception, set completion to the
   //   completion value representing the thrown exception and jump to the step
   //   labeled return.
   v8::Local<v8::Object> argument_creation_context =
-      callback_relevant_script_state->GetContext()->Global();
+      CallbackRelevantScriptState()->GetContext()->Global();
   ALLOW_UNUSED_LOCAL(argument_creation_context);
   v8::Local<v8::Value> v8_divElement = ToV8(divElement, argument_creation_context, GetIsolate());
   constexpr int argc = 1;
@@ -88,7 +80,7 @@ v8::Maybe<void> V8VoidCallbackFunctionInterfaceArg::Invoke(ScriptWrappable* call
   // step: Let callResult be Call(X, thisArg, esArgs).
   if (!V8ScriptRunner::CallFunction(
           function,
-          ExecutionContext::From(callback_relevant_script_state),
+          ExecutionContext::From(CallbackRelevantScriptState()),
           this_arg,
           argc,
           argv,

third_party/blink/renderer/bindings/tests/results/core/v8_void_callback_function_test_interface_sequence_arg.cc

@@ -29,15 +29,7 @@ const char* V8VoidCallbackFunctionTestInterfaceSequenceArg::NameInHeapSnapshot()
 }
 
 v8::Maybe<void> V8VoidCallbackFunctionTestInterfaceSequenceArg::Invoke(ScriptWrappable* callback_this_value, const HeapVector<Member<TestInterfaceImplementation>>& arg) {
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptStateOrThrowException(
-          "VoidCallbackFunctionTestInterfaceSequenceArg",
-          "invoke");
-  if (!callback_relevant_script_state) {
-    return v8::Nothing<void>();
-  }
-
-  if (!IsCallbackFunctionRunnable(callback_relevant_script_state,
+  if (!IsCallbackFunctionRunnable(CallbackRelevantScriptState(),
                                   IncumbentScriptState())) {
     // Wrapper-tracing for the callback function makes the function object and
     // its creation context alive. Thus it's safe to use the creation context
@@ -57,7 +49,7 @@ v8::Maybe<void> V8VoidCallbackFunctionTestInterfaceSequenceArg::Invoke(ScriptWra
 
   // step: Prepare to run script with relevant settings.
   ScriptState::Scope callback_relevant_context_scope(
-      callback_relevant_script_state);
+      CallbackRelevantScriptState());
   // step: Prepare to run a callback with stored settings.
   v8::Context::BackupIncumbentScope backup_incumbent_scope(
       IncumbentScriptState()->GetContext());
@@ -71,14 +63,14 @@ v8::Maybe<void> V8VoidCallbackFunctionTestInterfaceSequenceArg::Invoke(ScriptWra
   function = CallbackFunction();
 
   v8::Local<v8::Value> this_arg;
-  this_arg = ToV8(callback_this_value, callback_relevant_script_state);
+  this_arg = ToV8(callback_this_value, CallbackRelevantScriptState());
 
   // step: Let esArgs be the result of converting args to an ECMAScript
   //   arguments list. If this throws an exception, set completion to the
   //   completion value representing the thrown exception and jump to the step
   //   labeled return.
   v8::Local<v8::Object> argument_creation_context =
-      callback_relevant_script_state->GetContext()->Global();
+      CallbackRelevantScriptState()->GetContext()->Global();
   ALLOW_UNUSED_LOCAL(argument_creation_context);
   v8::Local<v8::Value> v8_arg = ToV8(arg, argument_creation_context, GetIsolate());
   constexpr int argc = 1;
@@ -89,7 +81,7 @@ v8::Maybe<void> V8VoidCallbackFunctionTestInterfaceSequenceArg::Invoke(ScriptWra
   // step: Let callResult be Call(X, thisArg, esArgs).
   if (!V8ScriptRunner::CallFunction(
           function,
-          ExecutionContext::From(callback_relevant_script_state),
+          ExecutionContext::From(CallbackRelevantScriptState()),
           this_arg,
           argc,
           argv,

third_party/blink/renderer/bindings/tests/results/core/v8_void_callback_function_typedef.cc

@@ -28,15 +28,7 @@ const char* V8VoidCallbackFunctionTypedef::NameInHeapSnapshot() const {
 }
 
 v8::Maybe<void> V8VoidCallbackFunctionTypedef::Invoke(ScriptWrappable* callback_this_value, const String& arg) {
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptStateOrThrowException(
-          "VoidCallbackFunctionTypedef",
-          "invoke");
-  if (!callback_relevant_script_state) {
-    return v8::Nothing<void>();
-  }
-
-  if (!IsCallbackFunctionRunnable(callback_relevant_script_state,
+  if (!IsCallbackFunctionRunnable(CallbackRelevantScriptState(),
                                   IncumbentScriptState())) {
     // Wrapper-tracing for the callback function makes the function object and
     // its creation context alive. Thus it's safe to use the creation context
@@ -56,7 +48,7 @@ v8::Maybe<void> V8VoidCallbackFunctionTypedef::Invoke(ScriptWrappable* callback_
 
   // step: Prepare to run script with relevant settings.
   ScriptState::Scope callback_relevant_context_scope(
-      callback_relevant_script_state);
+      CallbackRelevantScriptState());
   // step: Prepare to run a callback with stored settings.
   v8::Context::BackupIncumbentScope backup_incumbent_scope(
       IncumbentScriptState()->GetContext());
@@ -70,14 +62,14 @@ v8::Maybe<void> V8VoidCallbackFunctionTypedef::Invoke(ScriptWrappable* callback_
   function = CallbackFunction();
 
   v8::Local<v8::Value> this_arg;
-  this_arg = ToV8(callback_this_value, callback_relevant_script_state);
+  this_arg = ToV8(callback_this_value, CallbackRelevantScriptState());
 
   // step: Let esArgs be the result of converting args to an ECMAScript
   //   arguments list. If this throws an exception, set completion to the
   //   completion value representing the thrown exception and jump to the step
   //   labeled return.
   v8::Local<v8::Object> argument_creation_context =
-      callback_relevant_script_state->GetContext()->Global();
+      CallbackRelevantScriptState()->GetContext()->Global();
   ALLOW_UNUSED_LOCAL(argument_creation_context);
   v8::Local<v8::Value> v8_arg = V8String(GetIsolate(), arg);
   constexpr int argc = 1;
@@ -88,7 +80,7 @@ v8::Maybe<void> V8VoidCallbackFunctionTypedef::Invoke(ScriptWrappable* callback_
   // step: Let callResult be Call(X, thisArg, esArgs).
   if (!V8ScriptRunner::CallFunction(
           function,
-          ExecutionContext::From(callback_relevant_script_state),
+          ExecutionContext::From(CallbackRelevantScriptState()),
           this_arg,
           argc,
           argv,

third_party/blink/renderer/bindings/tests/results/modules/v8_void_callback_function_modules.cc

@@ -27,15 +27,7 @@ const char* V8VoidCallbackFunctionModules::NameInHeapSnapshot() const {
 }
 
 v8::Maybe<void> V8VoidCallbackFunctionModules::Invoke(ScriptWrappable* callback_this_value) {
-  ScriptState* callback_relevant_script_state =
-      CallbackRelevantScriptStateOrThrowException(
-          "VoidCallbackFunctionModules",
-          "invoke");
-  if (!callback_relevant_script_state) {
-    return v8::Nothing<void>();
-  }
-
-  if (!IsCallbackFunctionRunnable(callback_relevant_script_state,
+  if (!IsCallbackFunctionRunnable(CallbackRelevantScriptState(),
                                   IncumbentScriptState())) {
     // Wrapper-tracing for the callback function makes the function object and
     // its creation context alive. Thus it's safe to use the creation context
@@ -55,7 +47,7 @@ v8::Maybe<void> V8VoidCallbackFunctionModules::Invoke(ScriptWrappable* callback_
 
   // step: Prepare to run script with relevant settings.
   ScriptState::Scope callback_relevant_context_scope(
-      callback_relevant_script_state);
+      CallbackRelevantScriptState());
   // step: Prepare to run a callback with stored settings.
   v8::Context::BackupIncumbentScope backup_incumbent_scope(
       IncumbentScriptState()->GetContext());
@@ -69,7 +61,7 @@ v8::Maybe<void> V8VoidCallbackFunctionModules::Invoke(ScriptWrappable* callback_
   function = CallbackFunction();
 
   v8::Local<v8::Value> this_arg;
-  this_arg = ToV8(callback_this_value, callback_relevant_script_state);
+  this_arg = ToV8(callback_this_value, CallbackRelevantScriptState());
 
   // step: Let esArgs be the result of converting args to an ECMAScript
   //   arguments list. If this throws an exception, set completion to the
@@ -82,7 +74,7 @@ v8::Maybe<void> V8VoidCallbackFunctionModules::Invoke(ScriptWrappable* callback_
   // step: Let callResult be Call(X, thisArg, esArgs).
   if (!V8ScriptRunner::CallFunction(
           function,
-          ExecutionContext::From(callback_relevant_script_state),
+          ExecutionContext::From(CallbackRelevantScriptState()),
           this_arg,
           argc,
           argv,

third_party/blink/renderer/modules/nfc/nfc.cc

@@ -859,10 +859,8 @@ void NFC::OnWatch(const Vector<uint32_t>& ids,
     auto it = callbacks_.find(id);
     if (it != callbacks_.end()) {
       V8MessageCallback* callback = it->value;
-      ScriptState* script_state =
-          callback->CallbackRelevantScriptStateOrReportError("NFC", "watch");
-      if (!script_state)
-        continue;
+      ScriptState* script_state = callback->CallbackRelevantScriptState();
+      DCHECK(script_state);
       ScriptState::Scope scope(script_state);
       const NFCMessage* nfc_message = ToNFCMessage(script_state, message);
       callback->InvokeAndReportException(nullptr, nfc_message);

third_party/blink/renderer/platform/bindings/callback_function_base.cc

@@ -4,30 +4,18 @@
 
 #include "third_party/blink/renderer/platform/bindings/callback_function_base.h"
 
-#include "third_party/blink/renderer/platform/bindings/binding_security_for_platform.h"
-#include "third_party/blink/renderer/platform/bindings/exception_state.h"
-
 namespace blink {
 
 CallbackFunctionBase::CallbackFunctionBase(
     v8::Local<v8::Object> callback_function) {
   DCHECK(!callback_function.IsEmpty());
 
-  v8::Isolate* isolate = callback_function->GetIsolate();
-  callback_function_.Set(isolate, callback_function);
+  callback_relevant_script_state_ =
+      ScriptState::From(callback_function->CreationContext());
+  v8::Isolate* isolate = callback_relevant_script_state_->GetIsolate();
 
+  callback_function_.Set(isolate, callback_function);
   incumbent_script_state_ = ScriptState::From(isolate->GetIncumbentContext());
-
-  // Set |callback_relevant_script_state_| iff the creation context and the
-  // incumbent context are the same origin-domain. Otherwise, leave it as
-  // nullptr.
-  v8::Local<v8::Context> creation_context =
-      callback_function->CreationContext();
-  if (BindingSecurityForPlatform::ShouldAllowAccessToV8Context(
-          incumbent_script_state_->GetContext(), creation_context,
-          BindingSecurityForPlatform::ErrorReportOption::kDoNotReport)) {
-    callback_relevant_script_state_ = ScriptState::From(creation_context);
-  }
 }
 
 void CallbackFunctionBase::Trace(Visitor* visitor) {
@@ -36,40 +24,6 @@ void CallbackFunctionBase::Trace(Visitor* visitor) {
   visitor->Trace(incumbent_script_state_);
 }
 
-ScriptState* CallbackFunctionBase::CallbackRelevantScriptStateOrReportError(
-    const char* interface,
-    const char* operation) {
-  if (callback_relevant_script_state_)
-    return callback_relevant_script_state_;
-
-  // Report a SecurityError due to a cross origin callback object.
-  v8::TryCatch try_catch(GetIsolate());
-  try_catch.SetVerbose(true);
-  ExceptionState exception_state(
-      GetIsolate(), ExceptionState::kExecutionContext, interface, operation);
-  ScriptState::Scope incumbent_scope(incumbent_script_state_);
-  exception_state.ThrowSecurityError(
-      "An invocation of the provided callback failed due to cross origin "
-      "access.");
-  return nullptr;
-}
-
-ScriptState* CallbackFunctionBase::CallbackRelevantScriptStateOrThrowException(
-    const char* interface,
-    const char* operation) {
-  if (callback_relevant_script_state_)
-    return callback_relevant_script_state_;
-
-  // Throw a SecurityError due to a cross origin callback object.
-  ExceptionState exception_state(
-      GetIsolate(), ExceptionState::kExecutionContext, interface, operation);
-  ScriptState::Scope incumbent_scope(incumbent_script_state_);
-  exception_state.ThrowSecurityError(
-      "An invocation of the provided callback failed due to cross origin "
-      "access.");
-  return nullptr;
-}
-
 V8PersistentCallbackFunctionBase::V8PersistentCallbackFunctionBase(
     CallbackFunctionBase* callback_function)
     : callback_function_(callback_function) {

third_party/blink/renderer/platform/bindings/callback_function_base.h

@@ -36,35 +36,13 @@ class PLATFORM_EXPORT CallbackFunctionBase
   }
 
   v8::Isolate* GetIsolate() const {
-    return incumbent_script_state_->GetIsolate();
+    return callback_relevant_script_state_->GetIsolate();
   }
 
-  // Returns the ScriptState of the relevant realm of the callback object.
-  //
-  // NOTE: This function must be used only when it's pretty sure that the
-  // callcack object is the same origin-domain. Otherwise,
-  // |CallbackRelevantScriptStateOrReportError| or
-  // |CallbackRelevantScriptStateOrThrowException| must be used instead.
   ScriptState* CallbackRelevantScriptState() {
-    DCHECK(callback_relevant_script_state_);
     return callback_relevant_script_state_;
   }
 
-  // Returns the ScriptState of the relevant realm of the callback object iff
-  // the callback is the same origin-domain. Otherwise, reports an error and
-  // returns nullptr.
-  ScriptState* CallbackRelevantScriptStateOrReportError(const char* interface,
-                                                        const char* operation);
-
-  // Returns the ScriptState of the relevant realm of the callback object iff
-  // the callback is the same origin-domain. Otherwise, throws an exception and
-  // returns nullptr.
-  ScriptState* CallbackRelevantScriptStateOrThrowException(
-      const char* interface,
-      const char* operation);
-
-  DOMWrapperWorld& GetWorld() const { return incumbent_script_state_->World(); }
-
   // Returns true if the ES function has a [[Construct]] internal method.
   bool IsConstructor() const { return CallbackFunction()->IsConstructor(); }
 
@@ -74,7 +52,6 @@ class PLATFORM_EXPORT CallbackFunctionBase
   v8::Local<v8::Function> CallbackFunction() const {
     return callback_function_.NewLocal(GetIsolate()).As<v8::Function>();
   }
-
   ScriptState* IncumbentScriptState() { return incumbent_script_state_; }
 
  private:
@@ -82,8 +59,7 @@ class PLATFORM_EXPORT CallbackFunctionBase
   // Use v8::Object instead of v8::Function in order to handle
   // [TreatNonObjectAsNull].
   TraceWrapperV8Reference<v8::Object> callback_function_;
-  // The associated Realm of the callback function type value iff it's the same
-  // origin-domain. Otherwise, nullptr.
+  // The associated Realm of the callback function type value.
   Member<ScriptState> callback_relevant_script_state_;
   // The callback context, i.e. the incumbent Realm when an ECMAScript value is
   // converted to an IDL value.

third_party/blink/renderer/platform/bindings/callback_interface_base.cc

@@ -31,20 +31,6 @@ void CallbackInterfaceBase::Trace(Visitor* visitor) {
   visitor->Trace(incumbent_script_state_);
 }
 
-ScriptState* CallbackInterfaceBase::CallbackRelevantScriptStateOrReportError(
-    const char* interface,
-    const char* operation) {
-  // TODO(yukishiino): Implement this function.
-  return callback_relevant_script_state_;
-}
-
-ScriptState* CallbackInterfaceBase::CallbackRelevantScriptStateOrThrowException(
-    const char* interface,
-    const char* operation) {
-  // TODO(yukishiino): Implement this function.
-  return callback_relevant_script_state_;
-}
-
 V8PersistentCallbackInterfaceBase::V8PersistentCallbackInterfaceBase(
     CallbackInterfaceBase* callback_interface)
     : callback_interface_(callback_interface) {

third_party/blink/renderer/platform/bindings/callback_interface_base.h

@@ -49,34 +49,14 @@ class PLATFORM_EXPORT CallbackInterfaceBase
     return callback_object_.NewLocal(GetIsolate());
   }
 
-  v8::Isolate* GetIsolate() { return incumbent_script_state_->GetIsolate(); }
-
-  // Returns the ScriptState of the relevant realm of the callback object.
-  //
-  // NOTE: This function must be used only when it's pretty sure that the
-  // callcack object is the same origin-domain. Otherwise,
-  // |CallbackRelevantScriptStateOrReportError| or
-  // |CallbackRelevantScriptStateOrThrowException| must be used instead.
+  v8::Isolate* GetIsolate() {
+    return callback_relevant_script_state_->GetIsolate();
+  }
+
   ScriptState* CallbackRelevantScriptState() {
-    DCHECK(callback_relevant_script_state_);
     return callback_relevant_script_state_;
   }
 
-  // Returns the ScriptState of the relevant realm of the callback object iff
-  // the callback is the same origin-domain. Otherwise, reports an error and
-  // returns nullptr.
-  ScriptState* CallbackRelevantScriptStateOrReportError(const char* interface,
-                                                        const char* operation);
-
-  // Returns the ScriptState of the relevant realm of the callback object iff
-  // the callback is the same origin-domain. Otherwise, throws an exception and
-  // returns nullptr.
-  ScriptState* CallbackRelevantScriptStateOrThrowException(
-      const char* interface,
-      const char* operation);
-
-  DOMWrapperWorld& GetWorld() const { return incumbent_script_state_->World(); }
-
   // NodeIteratorBase counts the invocation of those which are callable and
   // those which are not.
   bool IsCallbackObjectCallableForNodeIteratorBase() const {

third_party/blink/renderer/platform/bindings/to_v8.h

@@ -46,11 +46,10 @@ inline v8::Local<v8::Value> ToV8(CallbackFunctionBase* callback,
                                  v8::Isolate* isolate) {
   // |creation_context| is intentionally ignored. Callback functions are not
   // wrappers nor clonable. ToV8 on a callback function must be used only when
-  // it's in the same world.
-  DCHECK(!callback ||
-         (&callback->GetWorld() ==
-          &ScriptState::From(creation_context->CreationContext())->World()));
-  return callback ? callback->CallbackObject().As<v8::Value>()
+  // it's the same origin-domain in the same world.
+  DCHECK(!callback || (callback->CallbackRelevantScriptState()->GetContext() ==
+                       creation_context->CreationContext()));
+  return callback ? callback->CallbackFunction().As<v8::Value>()
                   : v8::Null(isolate).As<v8::Value>();
 }