Changeset 222617 in webkit
- Timestamp:
- Sep 28, 2017 11:09:09 AM (7 years ago)
- Location:
- trunk/Source/JavaScriptCore
- Files:
-
- 14 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/JavaScriptCore/API/APIUtils.h
r218794 r222617 38 38 }; 39 39 40 inline ExceptionStatus handleExceptionIfNeeded(JSC:: ExecState* exec, JSValueRef* returnedExceptionRef)40 inline ExceptionStatus handleExceptionIfNeeded(JSC::CatchScope& scope, JSC::ExecState* exec, JSValueRef* returnedExceptionRef) 41 41 { 42 JSC::VM& vm = exec->vm();43 auto scope = DECLARE_CATCH_SCOPE(vm);44 42 if (UNLIKELY(scope.exception())) { 45 43 JSC::Exception* exception = scope.exception(); -
trunk/Source/JavaScriptCore/API/JSObjectRef.cpp
r222473 r222617 143 143 VM& vm = exec->vm(); 144 144 JSLockHolder locker(vm); 145 auto scope = DECLARE_CATCH_SCOPE(vm); 145 146 146 147 startingLineNumber = std::max(1, startingLineNumber); … … 154 155 auto sourceURLString = sourceURL ? sourceURL->string() : String(); 155 156 JSObject* result = constructFunction(exec, exec->lexicalGlobalObject(), args, nameID, SourceOrigin { sourceURLString }, sourceURLString, TextPosition(OrdinalNumber::fromOneBasedInt(startingLineNumber), OrdinalNumber())); 156 if (handleExceptionIfNeeded( exec, exception) == ExceptionStatus::DidThrow)157 if (handleExceptionIfNeeded(scope, exec, exception) == ExceptionStatus::DidThrow) 157 158 result = 0; 158 159 return toRef(result); … … 166 167 } 167 168 ExecState* exec = toJS(ctx); 168 JSLockHolder locker(exec); 169 VM& vm = exec->vm(); 170 JSLockHolder locker(vm); 171 auto scope = DECLARE_CATCH_SCOPE(vm); 169 172 170 173 JSObject* result; … … 178 181 result = constructEmptyArray(exec, 0); 179 182 180 if (handleExceptionIfNeeded( exec, exception) == ExceptionStatus::DidThrow)183 if (handleExceptionIfNeeded(scope, exec, exception) == ExceptionStatus::DidThrow) 181 184 result = 0; 182 185 … … 191 194 } 192 195 ExecState* exec = toJS(ctx); 193 JSLockHolder locker(exec); 196 VM& vm = exec->vm(); 197 JSLockHolder locker(vm); 198 auto scope = DECLARE_CATCH_SCOPE(vm); 194 199 195 200 MarkedArgumentBuffer argList; … … 198 203 199 204 JSObject* result = constructDate(exec, exec->lexicalGlobalObject(), JSValue(), argList); 200 if (handleExceptionIfNeeded( exec, exception) == ExceptionStatus::DidThrow)205 if (handleExceptionIfNeeded(scope, exec, exception) == ExceptionStatus::DidThrow) 201 206 result = 0; 202 207 … … 211 216 } 212 217 ExecState* exec = toJS(ctx); 213 JSLockHolder locker(exec); 218 VM& vm = exec->vm(); 219 JSLockHolder locker(vm); 220 auto scope = DECLARE_CATCH_SCOPE(vm); 214 221 215 222 JSValue message = argumentCount ? toJS(exec, arguments[0]) : jsUndefined(); … … 217 224 JSObject* result = ErrorInstance::create(exec, errorStructure, message); 218 225 219 if (handleExceptionIfNeeded( exec, exception) == ExceptionStatus::DidThrow)226 if (handleExceptionIfNeeded(scope, exec, exception) == ExceptionStatus::DidThrow) 220 227 result = 0; 221 228 … … 230 237 } 231 238 ExecState* exec = toJS(ctx); 232 JSLockHolder locker(exec); 239 VM& vm = exec->vm(); 240 JSLockHolder locker(vm); 241 auto scope = DECLARE_CATCH_SCOPE(vm); 233 242 234 243 MarkedArgumentBuffer argList; … … 237 246 238 247 JSObject* result = constructRegExp(exec, exec->lexicalGlobalObject(), argList); 239 if (handleExceptionIfNeeded( exec, exception) == ExceptionStatus::DidThrow)248 if (handleExceptionIfNeeded(scope, exec, exception) == ExceptionStatus::DidThrow) 240 249 result = 0; 241 250 … … 265 274 VM& vm = exec->vm(); 266 275 JSLockHolder locker(vm); 276 auto scope = DECLARE_CATCH_SCOPE(vm); 267 277 268 278 JSObject* jsObject = toJS(object); 269 279 JSValue jsValue = toJS(exec, value); 270 280 jsObject->setPrototype(vm, exec, jsValue.isObject() ? jsValue : jsNull()); 271 handleExceptionIfNeeded( exec, nullptr);281 handleExceptionIfNeeded(scope, exec, nullptr); 272 282 } 273 283 … … 296 306 VM& vm = exec->vm(); 297 307 JSLockHolder locker(vm); 308 auto scope = DECLARE_CATCH_SCOPE(vm); 298 309 299 310 JSObject* jsObject = toJS(object); 300 311 301 312 JSValue jsValue = jsObject->get(exec, propertyName->identifier(&vm)); 302 handleExceptionIfNeeded( exec, exception);313 handleExceptionIfNeeded(scope, exec, exception); 303 314 return toRef(exec, jsValue); 304 315 } … … 329 340 } 330 341 } 331 handleExceptionIfNeeded( exec, exception);342 handleExceptionIfNeeded(scope, exec, exception); 332 343 } 333 344 … … 339 350 } 340 351 ExecState* exec = toJS(ctx); 341 JSLockHolder locker(exec); 352 VM& vm = exec->vm(); 353 JSLockHolder locker(vm); 354 auto scope = DECLARE_CATCH_SCOPE(vm); 342 355 343 356 JSObject* jsObject = toJS(object); 344 357 345 358 JSValue jsValue = jsObject->get(exec, propertyIndex); 346 handleExceptionIfNeeded( exec, exception);359 handleExceptionIfNeeded(scope, exec, exception); 347 360 return toRef(exec, jsValue); 348 361 } … … 358 371 VM& vm = exec->vm(); 359 372 JSLockHolder locker(vm); 373 auto scope = DECLARE_CATCH_SCOPE(vm); 360 374 361 375 JSObject* jsObject = toJS(object); … … 363 377 364 378 jsObject->methodTable(vm)->putByIndex(jsObject, exec, propertyIndex, jsValue, false); 365 handleExceptionIfNeeded( exec, exception);379 handleExceptionIfNeeded(scope, exec, exception); 366 380 } 367 381 … … 375 389 VM& vm = exec->vm(); 376 390 JSLockHolder locker(vm); 391 auto scope = DECLARE_CATCH_SCOPE(vm); 377 392 378 393 JSObject* jsObject = toJS(object); 379 394 380 395 bool result = jsObject->methodTable(vm)->deleteProperty(jsObject, exec, propertyName->identifier(&vm)); 381 handleExceptionIfNeeded( exec, exception);396 handleExceptionIfNeeded(scope, exec, exception); 382 397 return result; 383 398 } … … 553 568 VM& vm = exec->vm(); 554 569 JSLockHolder locker(vm); 570 auto scope = DECLARE_CATCH_SCOPE(vm); 555 571 556 572 if (!object) … … 573 589 574 590 JSValueRef result = toRef(exec, profiledCall(exec, ProfilingReason::API, jsObject, callType, callData, jsThisObject, argList)); 575 if (handleExceptionIfNeeded( exec, exception) == ExceptionStatus::DidThrow)591 if (handleExceptionIfNeeded(scope, exec, exception) == ExceptionStatus::DidThrow) 576 592 result = 0; 577 593 return result; … … 592 608 VM& vm = exec->vm(); 593 609 JSLockHolder locker(vm); 610 auto scope = DECLARE_CATCH_SCOPE(vm); 594 611 595 612 if (!object) … … 608 625 609 626 JSObjectRef result = toRef(profiledConstruct(exec, ProfilingReason::API, jsObject, constructType, constructData, argList)); 610 if (handleExceptionIfNeeded( exec, exception) == ExceptionStatus::DidThrow)627 if (handleExceptionIfNeeded(scope, exec, exception) == ExceptionStatus::DidThrow) 611 628 result = 0; 612 629 return result; -
trunk/Source/JavaScriptCore/API/JSTypedArray.cpp
r221822 r222617 158 158 { 159 159 ExecState* exec = toJS(ctx); 160 JSLockHolder locker(exec); 160 VM& vm = exec->vm(); 161 JSLockHolder locker(vm); 162 auto scope = DECLARE_CATCH_SCOPE(vm); 161 163 162 164 if (arrayType == kJSTypedArrayTypeNone || arrayType == kJSTypedArrayTypeArrayBuffer) … … 167 169 auto buffer = ArrayBuffer::tryCreate(length, elementByteSize); 168 170 JSObject* result = createTypedArray(exec, arrayType, WTFMove(buffer), 0, length); 169 if (handleExceptionIfNeeded( exec, exception) == ExceptionStatus::DidThrow)171 if (handleExceptionIfNeeded(scope, exec, exception) == ExceptionStatus::DidThrow) 170 172 return nullptr; 171 173 return toRef(result); … … 175 177 { 176 178 ExecState* exec = toJS(ctx); 177 JSLockHolder locker(exec); 179 VM& vm = exec->vm(); 180 JSLockHolder locker(vm); 181 auto scope = DECLARE_CATCH_SCOPE(vm); 178 182 179 183 if (arrayType == kJSTypedArrayTypeNone || arrayType == kJSTypedArrayTypeArrayBuffer) … … 187 191 }); 188 192 JSObject* result = createTypedArray(exec, arrayType, WTFMove(buffer), 0, length / elementByteSize); 189 if (handleExceptionIfNeeded( exec, exception) == ExceptionStatus::DidThrow)193 if (handleExceptionIfNeeded(scope, exec, exception) == ExceptionStatus::DidThrow) 190 194 return nullptr; 191 195 return toRef(result); … … 197 201 VM& vm = exec->vm(); 198 202 JSLockHolder locker(vm); 203 auto scope = DECLARE_CATCH_SCOPE(vm); 199 204 200 205 if (arrayType == kJSTypedArrayTypeNone || arrayType == kJSTypedArrayTypeArrayBuffer) … … 211 216 212 217 JSObject* result = createTypedArray(exec, arrayType, WTFMove(buffer), 0, buffer->byteLength() / elementByteSize); 213 if (handleExceptionIfNeeded( exec, exception) == ExceptionStatus::DidThrow)218 if (handleExceptionIfNeeded(scope, exec, exception) == ExceptionStatus::DidThrow) 214 219 return nullptr; 215 220 return toRef(result); … … 221 226 VM& vm = exec->vm(); 222 227 JSLockHolder locker(vm); 228 auto scope = DECLARE_CATCH_SCOPE(vm); 223 229 224 230 if (arrayType == kJSTypedArrayTypeNone || arrayType == kJSTypedArrayTypeArrayBuffer) … … 232 238 233 239 JSObject* result = createTypedArray(exec, arrayType, jsBuffer->impl(), offset, length); 234 if (handleExceptionIfNeeded( exec, exception) == ExceptionStatus::DidThrow)240 if (handleExceptionIfNeeded(scope, exec, exception) == ExceptionStatus::DidThrow) 235 241 return nullptr; 236 242 return toRef(result); … … 306 312 VM& vm = exec->vm(); 307 313 JSLockHolder locker(vm); 314 auto scope = DECLARE_CATCH_SCOPE(vm); 308 315 309 316 auto buffer = ArrayBuffer::createFromBytes(bytes, byteLength, [=](void* p) { … … 313 320 314 321 JSArrayBuffer* jsBuffer = JSArrayBuffer::create(vm, exec->lexicalGlobalObject()->arrayBufferStructure(ArrayBufferSharingMode::Default), WTFMove(buffer)); 315 if (handleExceptionIfNeeded( exec, exception) == ExceptionStatus::DidThrow)322 if (handleExceptionIfNeeded(scope, exec, exception) == ExceptionStatus::DidThrow) 316 323 return nullptr; 317 324 -
trunk/Source/JavaScriptCore/API/JSValueRef.cpp
r211247 r222617 224 224 } 225 225 ExecState* exec = toJS(ctx); 226 JSLockHolder locker(exec); 226 VM& vm = exec->vm(); 227 JSLockHolder locker(vm); 228 auto scope = DECLARE_CATCH_SCOPE(vm); 227 229 228 230 JSValue jsA = toJS(exec, a); … … 230 232 231 233 bool result = JSValue::equal(exec, jsA, jsB); // false if an exception is thrown 232 handleExceptionIfNeeded( exec, exception);234 handleExceptionIfNeeded(scope, exec, exception); 233 235 234 236 return result; … … 257 259 } 258 260 ExecState* exec = toJS(ctx); 259 JSLockHolder locker(exec); 261 VM& vm = exec->vm(); 262 JSLockHolder locker(vm); 263 auto scope = DECLARE_CATCH_SCOPE(vm); 260 264 261 265 JSValue jsValue = toJS(exec, value); … … 265 269 return false; 266 270 bool result = jsConstructor->hasInstance(exec, jsValue); // false if an exception is thrown 267 handleExceptionIfNeeded( exec, exception);271 handleExceptionIfNeeded(scope, exec, exception); 268 272 return result; 269 273 } … … 354 358 } 355 359 ExecState* exec = toJS(ctx); 356 JSLockHolder locker(exec); 360 VM& vm = exec->vm(); 361 JSLockHolder locker(vm); 362 auto scope = DECLARE_CATCH_SCOPE(vm); 363 357 364 JSValue value = toJS(exec, apiValue); 358 365 String result = JSONStringify(exec, value, indent); 359 366 if (exception) 360 367 *exception = 0; 361 if (handleExceptionIfNeeded( exec, exception) == ExceptionStatus::DidThrow)368 if (handleExceptionIfNeeded(scope, exec, exception) == ExceptionStatus::DidThrow) 362 369 return 0; 363 370 return OpaqueJSString::create(result).leakRef(); … … 384 391 } 385 392 ExecState* exec = toJS(ctx); 386 JSLockHolder locker(exec); 393 VM& vm = exec->vm(); 394 JSLockHolder locker(vm); 395 auto scope = DECLARE_CATCH_SCOPE(vm); 387 396 388 397 JSValue jsValue = toJS(exec, value); 389 398 390 399 double number = jsValue.toNumber(exec); 391 if (handleExceptionIfNeeded( exec, exception) == ExceptionStatus::DidThrow)400 if (handleExceptionIfNeeded(scope, exec, exception) == ExceptionStatus::DidThrow) 392 401 number = PNaN; 393 402 return number; … … 401 410 } 402 411 ExecState* exec = toJS(ctx); 403 JSLockHolder locker(exec); 412 VM& vm = exec->vm(); 413 JSLockHolder locker(vm); 414 auto scope = DECLARE_CATCH_SCOPE(vm); 404 415 405 416 JSValue jsValue = toJS(exec, value); 406 417 407 418 auto stringRef(OpaqueJSString::create(jsValue.toWTFString(exec))); 408 if (handleExceptionIfNeeded( exec, exception) == ExceptionStatus::DidThrow)419 if (handleExceptionIfNeeded(scope, exec, exception) == ExceptionStatus::DidThrow) 409 420 stringRef = nullptr; 410 421 return stringRef.leakRef(); … … 418 429 } 419 430 ExecState* exec = toJS(ctx); 420 JSLockHolder locker(exec); 431 VM& vm = exec->vm(); 432 JSLockHolder locker(vm); 433 auto scope = DECLARE_CATCH_SCOPE(vm); 421 434 422 435 JSValue jsValue = toJS(exec, value); 423 436 424 437 JSObjectRef objectRef = toRef(jsValue.toObject(exec)); 425 if (handleExceptionIfNeeded( exec, exception) == ExceptionStatus::DidThrow)438 if (handleExceptionIfNeeded(scope, exec, exception) == ExceptionStatus::DidThrow) 426 439 objectRef = 0; 427 440 return objectRef; -
trunk/Source/JavaScriptCore/ChangeLog
r222607 r222617 1 2017-09-28 Mark Lam <mark.lam@apple.com> 2 3 Add missing exception checks and book-keeping for exception check validation. 4 https://bugs.webkit.org/show_bug.cgi?id=177609 5 <rdar://problem/34717972> 6 7 Reviewed by Keith Miller. 8 9 This resolves exception check validation failures when running test262 tests and 10 a few other tests. 11 12 * API/APIUtils.h: 13 (handleExceptionIfNeeded): 14 * API/JSObjectRef.cpp: 15 (JSObjectMakeFunction): 16 (JSObjectMakeArray): 17 (JSObjectMakeDate): 18 (JSObjectMakeError): 19 (JSObjectMakeRegExp): 20 (JSObjectSetPrototype): 21 (JSObjectGetProperty): 22 (JSObjectSetProperty): 23 (JSObjectGetPropertyAtIndex): 24 (JSObjectSetPropertyAtIndex): 25 (JSObjectDeleteProperty): 26 (JSObjectCallAsFunction): 27 (JSObjectCallAsConstructor): 28 * API/JSTypedArray.cpp: 29 (JSObjectMakeTypedArray): 30 (JSObjectMakeTypedArrayWithBytesNoCopy): 31 (JSObjectMakeTypedArrayWithArrayBuffer): 32 (JSObjectMakeTypedArrayWithArrayBufferAndOffset): 33 (JSObjectMakeArrayBufferWithBytesNoCopy): 34 * API/JSValueRef.cpp: 35 (JSValueIsEqual): 36 (JSValueIsInstanceOfConstructor): 37 (JSValueCreateJSONString): 38 (JSValueToNumber): 39 (JSValueToStringCopy): 40 (JSValueToObject): 41 * interpreter/Interpreter.cpp: 42 (JSC::Interpreter::executeProgram): 43 * llint/LLIntSlowPaths.cpp: 44 (JSC::LLInt::LLINT_SLOW_PATH_DECL): 45 * runtime/ArrayPrototype.cpp: 46 (JSC::arrayProtoFuncIndexOf): 47 (JSC::arrayProtoFuncLastIndexOf): 48 * runtime/DatePrototype.cpp: 49 (JSC::fillStructuresUsingTimeArgs): 50 (JSC::setNewValueFromDateArgs): 51 (JSC::dateProtoFuncSetYear): 52 * runtime/JSGenericTypedArrayViewConstructorInlines.h: 53 (JSC::constructGenericTypedArrayViewWithArguments): 54 * runtime/JSModuleEnvironment.cpp: 55 (JSC::JSModuleEnvironment::put): 56 * runtime/ProgramExecutable.cpp: 57 (JSC::ProgramExecutable::initializeGlobalProperties): 58 * runtime/ProxyObject.cpp: 59 (JSC::ProxyObject::toStringName): 60 * runtime/StringPrototype.cpp: 61 (JSC::stringProtoFuncCharAt): 62 (JSC::stringProtoFuncCharCodeAt): 63 (JSC::stringProtoFuncIndexOf): 64 (JSC::stringProtoFuncLastIndexOf): 65 (JSC::stringProtoFuncSlice): 66 (JSC::stringProtoFuncSplitFast): 67 (JSC::stringProtoFuncSubstr): 68 1 69 2017-09-27 Michael Saboff <msaboff@apple.com> 2 70 -
trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp
r221849 r222617 816 816 if (JSONPPath.size() == 1 && JSONPPath[0].m_type == JSONPPathEntryTypeDeclare) { 817 817 globalObject->addVar(callFrame, JSONPPath[0].m_pathEntryName); 818 RETURN_IF_EXCEPTION(throwScope, { }); 818 819 PutPropertySlot slot(globalObject); 819 820 globalObject->methodTable(vm)->put(globalObject, callFrame, JSONPPath[0].m_pathEntryName, JSONPValue, slot); 821 RETURN_IF_EXCEPTION(throwScope, { }); 820 822 result = jsUndefined(); 821 823 continue; -
trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp
r221849 r222617 932 932 couldDelete = baseObject->methodTable(vm)->deleteProperty(baseObject, exec, property); 933 933 } 934 934 LLINT_CHECK_EXCEPTION(); 935 935 936 if (!couldDelete && exec->codeBlock()->isStrictMode()) 936 937 LLINT_THROW(createTypeError(exec, UnableToDeletePropertyError)); -
trunk/Source/JavaScriptCore/runtime/ArrayPrototype.cpp
r222563 r222617 1121 1121 if (!e) 1122 1122 continue; 1123 if (JSValue::strictEqual(exec, searchElement, e)) 1123 bool isEqual = JSValue::strictEqual(exec, searchElement, e); 1124 RETURN_IF_EXCEPTION(scope, encodedJSValue()); 1125 if (isEqual) 1124 1126 return JSValue::encode(jsNumber(index)); 1125 RETURN_IF_EXCEPTION(scope, encodedJSValue());1126 1127 } 1127 1128 … … 1147 1148 JSValue fromValue = exec->uncheckedArgument(1); 1148 1149 double fromDouble = fromValue.toInteger(exec); 1150 RETURN_IF_EXCEPTION(scope, encodedJSValue()); 1149 1151 if (fromDouble < 0) { 1150 1152 fromDouble += length; -
trunk/Source/JavaScriptCore/runtime/DatePrototype.cpp
r222473 r222617 344 344 static bool fillStructuresUsingTimeArgs(ExecState* exec, int maxArgs, double* ms, GregorianDateTime* t) 345 345 { 346 VM& vm = exec->vm(); 347 auto scope = DECLARE_THROW_SCOPE(vm); 348 346 349 double milliseconds = 0; 347 350 bool ok = true; … … 357 360 t->setHour(0); 358 361 double hours = exec->uncheckedArgument(idx++).toIntegerPreserveNaN(exec); 362 RETURN_IF_EXCEPTION(scope, false); 359 363 ok = std::isfinite(hours); 360 364 milliseconds += hours * msPerHour; … … 365 369 t->setMinute(0); 366 370 double minutes = exec->uncheckedArgument(idx++).toIntegerPreserveNaN(exec); 371 RETURN_IF_EXCEPTION(scope, false); 367 372 ok = std::isfinite(minutes); 368 373 milliseconds += minutes * msPerMinute; … … 373 378 t->setSecond(0); 374 379 double seconds = exec->uncheckedArgument(idx++).toIntegerPreserveNaN(exec); 380 RETURN_IF_EXCEPTION(scope, false); 375 381 ok = std::isfinite(seconds); 376 382 milliseconds += seconds * msPerSecond; … … 383 389 if (idx < numArgs) { 384 390 double millis = exec->uncheckedArgument(idx).toIntegerPreserveNaN(exec); 391 RETURN_IF_EXCEPTION(scope, false); 385 392 ok = std::isfinite(millis); 386 393 milliseconds += millis; … … 1007 1014 } 1008 1015 1009 if (!fillStructuresUsingDateArgs(exec, numArgsToUse, &ms, &gregorianDateTime)) { 1016 bool success = fillStructuresUsingDateArgs(exec, numArgsToUse, &ms, &gregorianDateTime); 1017 RETURN_IF_EXCEPTION(scope, encodedJSValue()); 1018 if (!success) { 1010 1019 JSValue result = jsNaN(); 1011 1020 thisDateObj->setInternalValue(vm, result); … … 1120 1129 1121 1130 double year = exec->argument(0).toIntegerPreserveNaN(exec); 1131 RETURN_IF_EXCEPTION(scope, encodedJSValue()); 1122 1132 if (!std::isfinite(year)) { 1123 1133 JSValue result = jsNaN(); -
trunk/Source/JavaScriptCore/runtime/JSGenericTypedArrayViewConstructorInlines.h
r222473 r222617 162 162 || hasAnyArrayStorage(object->indexingType()))) { 163 163 164 scope.release(); 164 165 return constructGenericTypedArrayViewFromIterator<ViewClass>(exec, structure, object, iteratorFunc); 165 166 } -
trunk/Source/JavaScriptCore/runtime/JSModuleEnvironment.cpp
r222136 r222617 127 127 return false; 128 128 } 129 scope.release(); 129 130 return Base::put(thisObject, exec, propertyName, value, slot); 130 131 } -
trunk/Source/JavaScriptCore/runtime/ProgramExecutable.cpp
r222473 r222617 131 131 for (auto& entry : lexicalDeclarations) { 132 132 // The ES6 spec says that RestrictedGlobalProperty can't be shadowed. 133 if (hasRestrictedGlobalProperty(exec, globalObject, entry.key.get())) 133 bool hasProperty = hasRestrictedGlobalProperty(exec, globalObject, entry.key.get()); 134 RETURN_IF_EXCEPTION(throwScope, throwScope.exception()); 135 if (hasProperty) 134 136 return createSyntaxError(exec, makeString("Can't create duplicate variable that shadows a global property: '", String(entry.key.get()), "'")); 135 137 136 boolhasProperty = globalLexicalEnvironment->hasProperty(exec, entry.key.get());138 hasProperty = globalLexicalEnvironment->hasProperty(exec, entry.key.get()); 137 139 RETURN_IF_EXCEPTION(throwScope, throwScope.exception()); 138 140 if (hasProperty) { -
trunk/Source/JavaScriptCore/runtime/ProxyObject.cpp
r222473 r222617 59 59 while (proxy) { 60 60 const JSObject* target = proxy->target(); 61 if (isArray(exec, target)) 62 return target->classInfo(vm)->methodTable.toStringName(target, exec); 61 bool targetIsArray = isArray(exec, target); 63 62 if (UNLIKELY(scope.exception())) 64 63 break; 64 if (targetIsArray) { 65 scope.release(); 66 return target->classInfo(vm)->methodTable.toStringName(target, exec); 67 } 65 68 66 69 proxy = jsDynamicCast<const ProxyObject*>(vm, target); -
trunk/Source/JavaScriptCore/runtime/StringPrototype.cpp
r222473 r222617 1021 1021 } 1022 1022 double dpos = a0.toInteger(exec); 1023 RETURN_IF_EXCEPTION(scope, encodedJSValue()); 1023 1024 if (dpos >= 0 && dpos < view.length()) 1024 1025 return JSValue::encode(jsSingleCharacterString(exec, view[static_cast<unsigned>(dpos)])); … … 1045 1046 } 1046 1047 double dpos = a0.toInteger(exec); 1048 RETURN_IF_EXCEPTION(scope, encodedJSValue()); 1047 1049 if (dpos >= 0 && dpos < view.length()) 1048 1050 return JSValue::encode(jsNumber(view[static_cast<int>(dpos)])); … … 1115 1117 else { 1116 1118 double dpos = a1.toInteger(exec); 1119 RETURN_IF_EXCEPTION(scope, encodedJSValue()); 1117 1120 if (dpos < 0) 1118 1121 dpos = 0; … … 1155 1158 1156 1159 double dpos = a1.toIntegerPreserveNaN(exec); 1160 RETURN_IF_EXCEPTION(scope, encodedJSValue()); 1157 1161 unsigned startPosition; 1158 1162 if (dpos < 0) … … 1197 1201 // The arg processing is very much like ArrayProtoFunc::Slice 1198 1202 double start = a0.toInteger(exec); 1203 RETURN_IF_EXCEPTION(scope, encodedJSValue()); 1199 1204 double end = a1.isUndefined() ? len : a1.toInteger(exec); 1205 RETURN_IF_EXCEPTION(scope, encodedJSValue()); 1200 1206 double from = start < 0 ? len + start : start; 1201 1207 double to = end < 0 ? len + end : end; … … 1269 1275 JSValue limitValue = exec->uncheckedArgument(1); 1270 1276 unsigned limit = limitValue.isUndefined() ? 0xFFFFFFFFu : limitValue.toUInt32(exec); 1277 RETURN_IF_EXCEPTION(scope, encodedJSValue()); 1271 1278 1272 1279 // 8. Let p = 0. … … 1404 1411 1405 1412 double start = a0.toInteger(exec); 1413 RETURN_IF_EXCEPTION(scope, encodedJSValue()); 1406 1414 double length = a1.isUndefined() ? len : a1.toInteger(exec); 1415 RETURN_IF_EXCEPTION(scope, encodedJSValue()); 1407 1416 if (start >= len || length <= 0) 1408 1417 return JSValue::encode(jsEmptyString(exec));
Note: See TracChangeset
for help on using the changeset viewer.