Changeset 214005 in webkit
- Timestamp:
- Mar 15, 2017 1:19:35 PM (7 years ago)
- Location:
- trunk/Source/JavaScriptCore
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/JavaScriptCore/ChangeLog
r213978 r214005 1 2017-03-15 Mark Lam <mark.lam@apple.com> 2 3 Fix missing exception checks in Interpreter.cpp. 4 https://bugs.webkit.org/show_bug.cgi?id=164964 5 6 Reviewed by Saam Barati. 7 8 * interpreter/Interpreter.cpp: 9 (JSC::eval): 10 (JSC::sizeOfVarargs): 11 (JSC::sizeFrameForVarargs): 12 (JSC::Interpreter::executeProgram): 13 (JSC::Interpreter::executeCall): 14 (JSC::Interpreter::executeConstruct): 15 (JSC::Interpreter::prepareForRepeatCall): 16 (JSC::Interpreter::execute): 17 1 18 2017-03-15 Dean Jackson <dino@apple.com> 2 19 -
trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp
r213367 r214005 138 138 if (programSource.is8Bit()) { 139 139 LiteralParser<LChar> preparser(callFrame, programSource.characters8(), programSource.length(), NonStrictJSON); 140 if (JSValue parsedObject = preparser.tryLiteralParse()) 140 if (JSValue parsedObject = preparser.tryLiteralParse()) { 141 scope.release(); 141 142 return parsedObject; 143 } 142 144 } else { 143 145 LiteralParser<UChar> preparser(callFrame, programSource.characters16(), programSource.length(), NonStrictJSON); 144 if (JSValue parsedObject = preparser.tryLiteralParse()) 145 return parsedObject; 146 if (JSValue parsedObject = preparser.tryLiteralParse()) { 147 scope.release(); 148 return parsedObject; 149 } 146 150 } 147 151 } … … 153 157 JSScope::collectClosureVariablesUnderTDZ(callerScopeChain, variablesUnderTDZ); 154 158 eval = DirectEvalExecutable::create(callFrame, makeSource(programSource, callerCodeBlock->source()->sourceOrigin()), callerCodeBlock->isStrictMode(), derivedContextType, isArrowFunctionContext, evalContextType, &variablesUnderTDZ); 159 ASSERT(!!scope.exception() == !eval); 155 160 if (!eval) 156 161 return jsUndefined(); … … 161 166 JSValue thisValue = callerFrame->thisValue(); 162 167 Interpreter* interpreter = vm.interpreter; 168 scope.release(); 163 169 return interpreter->execute(eval, callFrame, thisValue, callerScopeChain); 164 170 } … … 194 200 RELEASE_ASSERT(arguments.isObject()); 195 201 length = getLength(callFrame, jsCast<JSObject*>(cell)); 196 RETURN_IF_EXCEPTION(scope, 0);197 202 break; 198 203 } 199 204 RETURN_IF_EXCEPTION(scope, 0); 200 205 201 206 if (length >= firstVarArgOffset) … … 224 229 225 230 unsigned length = sizeOfVarargs(callFrame, arguments, firstVarArgOffset); 226 231 RETURN_IF_EXCEPTION(scope, 0); 232 227 233 CallFrame* calleeFrame = calleeFrameForVarargs(callFrame, numUsedStackSlots, length + 1); 228 234 if (UNLIKELY(length > maxArguments || !vm.ensureStackCapacityFor(calleeFrame->registers()))) { … … 764 770 } 765 771 772 RETURN_IF_EXCEPTION(throwScope, { }); 766 773 if (parseResult) { 767 774 JSGlobalObject* globalObject = scope->globalObject(); … … 848 855 849 856 // Compile source to bytecode if necessary: 850 if (JSObject* error = program->initializeGlobalProperties(vm, callFrame, scope)) 857 JSObject* error = program->initializeGlobalProperties(vm, callFrame, scope); 858 ASSERT(!throwScope.exception() || !error); 859 if (UNLIKELY(error)) 851 860 return checkedReturn(throwException(callFrame, throwScope, error)); 852 861 … … 855 864 CodeBlock* tempCodeBlock; 856 865 JSObject* error = program->prepareForExecution<ProgramExecutable>(vm, nullptr, scope, CodeForCall, tempCodeBlock); 857 ASSERT( !throwScope.exception() || throwScope.exception() == jsDynamicCast<Exception*>(vm,error));858 if ( error)859 return checkedReturn( throwException(callFrame, throwScope, error));866 ASSERT(throwScope.exception() == reinterpret_cast<Exception*>(error)); 867 if (UNLIKELY(error)) 868 return checkedReturn(error); 860 869 codeBlock = jsCast<ProgramCodeBlock*>(tempCodeBlock); 861 870 } … … 876 885 877 886 // Execute the code: 887 throwScope.release(); 878 888 JSValue result = program->generatedJITCode()->execute(&vm, &protoCallFrame); 879 throwScope.release();880 889 return checkedReturn(result); 881 890 } … … 915 924 ASSERT(throwScope.exception() == reinterpret_cast<Exception*>(compileError)); 916 925 if (UNLIKELY(!!compileError)) 917 return checkedReturn( throwException(callFrame, throwScope, compileError));926 return checkedReturn(compileError); 918 927 919 928 ASSERT(!!newCodeBlock); … … 935 944 // Execute the code: 936 945 if (isJSCall) { 946 throwScope.release(); 937 947 result = callData.js.functionExecutable->generatedJITCodeForCall()->execute(&vm, &protoCallFrame); 938 throwScope.release();939 948 } else { 940 949 result = JSValue::decode(vmEntryToNative(reinterpret_cast<void*>(callData.native.function), &vm, &protoCallFrame)); … … 980 989 // Compile the callee: 981 990 JSObject* compileError = constructData.js.functionExecutable->prepareForExecution<FunctionExecutable>(vm, jsCast<JSFunction*>(constructor), scope, CodeForConstruct, newCodeBlock); 991 ASSERT(throwScope.exception() == reinterpret_cast<Exception*>(compileError)); 982 992 if (UNLIKELY(!!compileError)) 983 return checkedReturn( throwException(callFrame, throwScope, compileError));993 return checkedReturn(compileError); 984 994 985 995 ASSERT(!!newCodeBlock); … … 1019 1029 VM& vm = *scope->vm(); 1020 1030 auto throwScope = DECLARE_THROW_SCOPE(vm); 1021 ASSERT (!throwScope.exception());1031 ASSERT_UNUSED(throwScope, !throwScope.exception()); 1022 1032 1023 1033 if (vm.isCollectorBusyOnCurrentThread()) … … 1027 1037 CodeBlock* newCodeBlock; 1028 1038 JSObject* error = functionExecutable->prepareForExecution<FunctionExecutable>(vm, function, scope, CodeForCall, newCodeBlock); 1029 if (error) {1030 throwException(callFrame, throwScope, error);1039 ASSERT(throwScope.exception() == reinterpret_cast<Exception*>(error)); 1040 if (UNLIKELY(error)) 1031 1041 return CallFrameClosure(); 1032 }1033 1042 newCodeBlock->m_shouldAlwaysBeInlined = false; 1034 1043 … … 1060 1069 1061 1070 // Execute the code: 1071 throwScope.release(); 1062 1072 JSValue result = closure.functionExecutable->generatedJITCodeForCall()->execute(&vm, closure.protoCallFrame); 1063 1073 … … 1109 1119 CodeBlock* tempCodeBlock; 1110 1120 JSObject* compileError = eval->prepareForExecution<EvalExecutable>(vm, nullptr, scope, CodeForCall, tempCodeBlock); 1121 ASSERT(throwScope.exception() == reinterpret_cast<Exception*>(compileError)); 1111 1122 if (UNLIKELY(!!compileError)) 1112 return checkedReturn( throwException(callFrame, throwScope, compileError));1123 return checkedReturn(compileError); 1113 1124 codeBlock = jsCast<EvalCodeBlock*>(tempCodeBlock); 1114 1125 } … … 1144 1155 for (unsigned i = 0; i < numVariables; ++i) { 1145 1156 const Identifier& ident = codeBlock->variable(i); 1146 if (!variableObject->hasProperty(callFrame, ident)) { 1157 bool hasProperty = variableObject->hasProperty(callFrame, ident); 1158 RETURN_IF_EXCEPTION(throwScope, checkedReturn(throwScope.exception())); 1159 if (!hasProperty) { 1147 1160 PutPropertySlot slot(variableObject); 1148 1161 variableObject->methodTable()->put(variableObject, callFrame, ident, jsUndefined(), slot); 1162 RETURN_IF_EXCEPTION(throwScope, checkedReturn(throwScope.exception())); 1149 1163 } 1150 1164 } … … 1154 1168 PutPropertySlot slot(variableObject); 1155 1169 variableObject->methodTable()->put(variableObject, callFrame, function->name(), JSFunction::create(vm, function, scope), slot); 1170 RETURN_IF_EXCEPTION(throwScope, checkedReturn(throwScope.exception())); 1156 1171 } 1157 1172 } … … 1169 1184 1170 1185 // Execute the code: 1186 throwScope.release(); 1171 1187 JSValue result = eval->generatedJITCode()->execute(&vm, &protoCallFrame); 1172 1188 … … 1194 1210 CodeBlock* tempCodeBlock; 1195 1211 JSObject* compileError = executable->prepareForExecution<ModuleProgramExecutable>(vm, nullptr, scope, CodeForCall, tempCodeBlock); 1212 ASSERT(throwScope.exception() == reinterpret_cast<Exception*>(compileError)); 1196 1213 if (UNLIKELY(!!compileError)) 1197 return checkedReturn( throwException(callFrame, throwScope, compileError));1214 return checkedReturn(compileError); 1198 1215 codeBlock = jsCast<ModuleProgramCodeBlock*>(tempCodeBlock); 1199 1216 } … … 1217 1234 1218 1235 // Execute the code: 1236 throwScope.release(); 1219 1237 JSValue result = executable->generatedJITCode()->execute(&vm, &protoCallFrame); 1220 1238
Note: See TracChangeset
for help on using the changeset viewer.