Title: [214637] trunk/Source/_javascript_Core
- Revision
- 214637
- Author
- mark....@apple.com
- Date
- 2017-03-30 16:06:21 -0700 (Thu, 30 Mar 2017)
Log Message
IntlObject should not be using JSArray::initializeIndex().
https://bugs.webkit.org/show_bug.cgi?id=170302
<rdar://problem/31356918>
Reviewed by Saam Barati.
JSArray::initializeIndex() is only meant to be used with arrays created using
JSArray::tryCreateForInitializationPrivate() under very constrained conditions.
* runtime/IntlObject.cpp:
(JSC::canonicalizeLocaleList):
(JSC::intlObjectFuncGetCanonicalLocales):
Modified Paths
Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (214636 => 214637)
--- trunk/Source/_javascript_Core/ChangeLog 2017-03-30 22:55:44 UTC (rev 214636)
+++ trunk/Source/_javascript_Core/ChangeLog 2017-03-30 23:06:21 UTC (rev 214637)
@@ -1,3 +1,18 @@
+2017-03-30 Mark Lam <mark....@apple.com>
+
+ IntlObject should not be using JSArray::initializeIndex().
+ https://bugs.webkit.org/show_bug.cgi?id=170302
+ <rdar://problem/31356918>
+
+ Reviewed by Saam Barati.
+
+ JSArray::initializeIndex() is only meant to be used with arrays created using
+ JSArray::tryCreateForInitializationPrivate() under very constrained conditions.
+
+ * runtime/IntlObject.cpp:
+ (JSC::canonicalizeLocaleList):
+ (JSC::intlObjectFuncGetCanonicalLocales):
+
2017-03-30 Filip Pizlo <fpi...@apple.com>
Air should support linear scan for optLevel<2
Modified: trunk/Source/_javascript_Core/runtime/IntlObject.cpp (214636 => 214637)
--- trunk/Source/_javascript_Core/runtime/IntlObject.cpp 2017-03-30 22:55:44 UTC (rev 214636)
+++ trunk/Source/_javascript_Core/runtime/IntlObject.cpp 2017-03-30 23:06:21 UTC (rev 214637)
@@ -548,13 +548,15 @@
JSObject* localesObject;
if (locales.isString()) {
// a. Let aLocales be CreateArrayFromList(«locales»).
- JSArray* localesArray = JSArray::tryCreate(vm, globalObject->arrayStructureForIndexingTypeDuringAllocation(ArrayWithContiguous), 1);
+ JSArray* localesArray = JSArray::tryCreate(vm, globalObject->arrayStructureForIndexingTypeDuringAllocation(ArrayWithContiguous));
if (!localesArray) {
throwOutOfMemoryError(&state, scope);
RETURN_IF_EXCEPTION(scope, Vector<String>());
}
- localesArray->initializeIndex(vm, 0, locales);
+ localesArray->push(&state, locales);
+ RETURN_IF_EXCEPTION(scope, Vector<String>());
+
// 4. Let O be ToObject(aLocales).
localesObject = localesArray;
} else {
@@ -1036,7 +1038,7 @@
// 2. Return CreateArrayFromList(ll).
JSGlobalObject* globalObject = state->jsCallee()->globalObject();
- JSArray* localeArray = JSArray::tryCreate(vm, globalObject->arrayStructureForIndexingTypeDuringAllocation(ArrayWithContiguous), localeList.size());
+ JSArray* localeArray = JSArray::tryCreate(vm, globalObject->arrayStructureForIndexingTypeDuringAllocation(ArrayWithContiguous));
if (!localeArray) {
throwOutOfMemoryError(state, scope);
return encodedJSValue();
@@ -1044,7 +1046,7 @@
auto length = localeList.size();
for (size_t i = 0; i < length; ++i) {
- localeArray->initializeIndex(vm, i, jsString(state, localeList[i]));
+ localeArray->push(state, jsString(state, localeList[i]));
RETURN_IF_EXCEPTION(scope, encodedJSValue());
}
return JSValue::encode(localeArray);
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
