Changeset 209027 in webkit


Ignore:
Timestamp:
Nov 28, 2016 3:07:33 PM (7 years ago)
Author:
mark.lam@apple.com
Message:

Fix exception scope verification failures in JSTypedArrayViewPrototype.cpp.
https://bugs.webkit.org/show_bug.cgi?id=165049

Reviewed by Saam Barati.

  • runtime/JSTypedArrayViewPrototype.cpp:

(JSC::typedArrayViewPrivateFuncSort):
(JSC::typedArrayViewProtoFuncSet):
(JSC::typedArrayViewProtoFuncCopyWithin):
(JSC::typedArrayViewProtoFuncIncludes):
(JSC::typedArrayViewProtoFuncLastIndexOf):
(JSC::typedArrayViewProtoFuncIndexOf):
(JSC::typedArrayViewProtoFuncJoin):
(JSC::typedArrayViewProtoGetterFuncBuffer):
(JSC::typedArrayViewProtoGetterFuncLength):
(JSC::typedArrayViewProtoGetterFuncByteLength):
(JSC::typedArrayViewProtoGetterFuncByteOffset):
(JSC::typedArrayViewProtoFuncReverse):
(JSC::typedArrayViewPrivateFuncSubarrayCreate):
(JSC::typedArrayViewProtoFuncSlice):

Location:
trunk/Source/JavaScriptCore
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/ChangeLog

    r209026 r209027  
     12016-11-28  Mark Lam  <mark.lam@apple.com>
     2
     3        Fix exception scope verification failures in JSTypedArrayViewPrototype.cpp.
     4        https://bugs.webkit.org/show_bug.cgi?id=165049
     5
     6        Reviewed by Saam Barati.
     7
     8        * runtime/JSTypedArrayViewPrototype.cpp:
     9        (JSC::typedArrayViewPrivateFuncSort):
     10        (JSC::typedArrayViewProtoFuncSet):
     11        (JSC::typedArrayViewProtoFuncCopyWithin):
     12        (JSC::typedArrayViewProtoFuncIncludes):
     13        (JSC::typedArrayViewProtoFuncLastIndexOf):
     14        (JSC::typedArrayViewProtoFuncIndexOf):
     15        (JSC::typedArrayViewProtoFuncJoin):
     16        (JSC::typedArrayViewProtoGetterFuncBuffer):
     17        (JSC::typedArrayViewProtoGetterFuncLength):
     18        (JSC::typedArrayViewProtoGetterFuncByteLength):
     19        (JSC::typedArrayViewProtoGetterFuncByteOffset):
     20        (JSC::typedArrayViewProtoFuncReverse):
     21        (JSC::typedArrayViewPrivateFuncSubarrayCreate):
     22        (JSC::typedArrayViewProtoFuncSlice):
     23
    1242016-11-28  Mark Lam  <mark.lam@apple.com>
    225

  • trunk/Source/JavaScriptCore/runtime/JSTypedArrayViewPrototype.cpp

    r205462 r209027  
    101101    auto scope = DECLARE_THROW_SCOPE(vm);
    102102    JSValue thisValue = exec->argument(0);
     103    scope.release();
    103104    CALL_GENERIC_TYPEDARRAY_PROTOTYPE_FUNCTION(genericTypedArrayViewPrivateFuncSort);
    104105}
     
    111112    if (UNLIKELY(!thisValue.isObject()))
    112113        return throwVMTypeError(exec, scope, ASCIILiteral("Receiver should be a typed array view but was not an object"));
     114    scope.release();
    113115    CALL_GENERIC_TYPEDARRAY_PROTOTYPE_FUNCTION(genericTypedArrayViewProtoFuncSet);
    114116}
     
    121123    if (!thisValue.isObject())
    122124        return throwVMTypeError(exec, scope, ASCIILiteral("Receiver should be a typed array view but was not an object"));
     125    scope.release();
    123126    CALL_GENERIC_TYPEDARRAY_PROTOTYPE_FUNCTION(genericTypedArrayViewProtoFuncCopyWithin);
    124127}
     
    131134    if (!thisValue.isObject())
    132135        return throwVMError(exec, scope, createTypeError(exec, "Receiver should be a typed array view but was not an object"));
     136    scope.release();
    133137    CALL_GENERIC_TYPEDARRAY_PROTOTYPE_FUNCTION(genericTypedArrayViewProtoFuncIncludes);
    134138}
     
    141145    if (!thisValue.isObject())
    142146        return throwVMTypeError(exec, scope, ASCIILiteral("Receiver should be a typed array view but was not an object"));
     147    scope.release();
    143148    CALL_GENERIC_TYPEDARRAY_PROTOTYPE_FUNCTION(genericTypedArrayViewProtoFuncLastIndexOf);
    144149}
     
    151156    if (!thisValue.isObject())
    152157        return throwVMTypeError(exec, scope, ASCIILiteral("Receiver should be a typed array view but was not an object"));
     158    scope.release();
    153159    CALL_GENERIC_TYPEDARRAY_PROTOTYPE_FUNCTION(genericTypedArrayViewProtoFuncIndexOf);
    154160}
     
    161167    if (!thisValue.isObject())
    162168        return throwVMTypeError(exec, scope, ASCIILiteral("Receiver should be a typed array view but was not an object"));
     169    scope.release();
    163170    CALL_GENERIC_TYPEDARRAY_PROTOTYPE_FUNCTION(genericTypedArrayViewProtoFuncJoin);
    164171}
     
    171178    if (!thisValue.isObject())
    172179        return throwVMTypeError(exec, scope, ASCIILiteral("Receiver should be a typed array view but was not an object"));
     180    scope.release();
    173181    CALL_GENERIC_TYPEDARRAY_PROTOTYPE_FUNCTION(genericTypedArrayViewProtoGetterFuncBuffer);
    174182}
     
    181189    if (!thisValue.isObject())
    182190        return throwVMTypeError(exec, scope, ASCIILiteral("Receiver should be a typed array view but was not an object"));
     191    scope.release();
    183192    CALL_GENERIC_TYPEDARRAY_PROTOTYPE_FUNCTION(genericTypedArrayViewProtoGetterFuncLength);
    184193}
     
    191200    if (!thisValue.isObject())
    192201        return throwVMTypeError(exec, scope, ASCIILiteral("Receiver should be a typed array view but was not an object"));
     202    scope.release();
    193203    CALL_GENERIC_TYPEDARRAY_PROTOTYPE_FUNCTION(genericTypedArrayViewProtoGetterFuncByteLength);
    194204}
     
    201211    if (!thisValue.isObject())
    202212        return throwVMTypeError(exec, scope, ASCIILiteral("Receiver should be a typed array view but was not an object"));
     213    scope.release();
    203214    CALL_GENERIC_TYPEDARRAY_PROTOTYPE_FUNCTION(genericTypedArrayViewProtoGetterFuncByteOffset);
    204215}
     
    211222    if (!thisValue.isObject())
    212223        return throwVMTypeError(exec, scope, ASCIILiteral("Receiver should be a typed array view but was not an object"));
     224    scope.release();
    213225    CALL_GENERIC_TYPEDARRAY_PROTOTYPE_FUNCTION(genericTypedArrayViewProtoFuncReverse);
    214226}
     
    221233    if (!thisValue.isObject())
    222234        return throwVMTypeError(exec, scope, ASCIILiteral("Receiver should be a typed array view but was not an object"));
     235    scope.release();
    223236    CALL_GENERIC_TYPEDARRAY_PROTOTYPE_FUNCTION(genericTypedArrayViewPrivateFuncSubarrayCreate);
    224237}
     
    231244    if (!thisValue.isObject())
    232245        return throwVMTypeError(exec, scope, ASCIILiteral("Receiver should be a typed array view but was not an object"));
     246    scope.release();
    233247    CALL_GENERIC_TYPEDARRAY_PROTOTYPE_FUNCTION(genericTypedArrayViewProtoFuncSlice);
    234248}
Note: See TracChangeset for help on using the changeset viewer.