Changeset 243824 in webkit
- Timestamp:
- Apr 3, 2019 1:37:22 PM (5 years ago)
- Location:
- trunk/Source/WebCore
- Files:
-
- 2 edited
-
ChangeLog (modified) (1 diff)
-
bindings/js/JSIDBRequestCustom.cpp (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r243821 r243824 1 2019-04-03 Sihui Liu <sihui_liu@apple.com> 2 3 Follow up fix for r243807: Use MarkedArgumentBuffer instead of Vector for JSValue 4 https://bugs.webkit.org/show_bug.cgi?id=196547 5 6 Reviewed by Geoffrey Garen. 7 8 JSValue in Vector could be garbage collected because GC doesn't know Vector memory on C++ heap. 9 10 * bindings/js/JSIDBRequestCustom.cpp: 11 (WebCore::JSIDBRequest::result const): 12 1 13 2019-04-03 Chris Dumez <cdumez@apple.com> 2 14 -
trunk/Source/WebCore/bindings/js/JSIDBRequestCustom.cpp
r243807 r243824 65 65 auto& values = getAllResult.values(); 66 66 auto& keyPath = getAllResult.keyPath(); 67 Vector<JSC::JSValue> results; 67 auto scope = DECLARE_THROW_SCOPE(state.vm()); 68 JSC::MarkedArgumentBuffer list; 68 69 for (unsigned i = 0; i < values.size(); i ++) { 69 70 auto result = deserializeIDBValueWithKeyInjection(state, values[i], keys[i], keyPath); 70 71 if (!result) 71 72 return jsNull(); 72 results.append(result.value()); 73 list.append(result.value()); 74 if (UNLIKELY(list.hasOverflowed())) { 75 propagateException(state, scope, Exception(UnknownError)); 76 return jsNull(); 77 } 73 78 } 74 return JSValue(JSC::constructArray(&state, nullptr, state.lexicalGlobalObject(), results.data(), results.size()));79 return JSValue(JSC::constructArray(&state, nullptr, state.lexicalGlobalObject(), list)); 75 80 }, [] (uint64_t number) { 76 81 return toJS<IDLUnsignedLongLong>(number);
Note: See TracChangeset
for help on using the changeset viewer.
