[webkit-changes] [215383] branches/safari-603-branch/Source/JavaScriptCore

[jmarcell]

Title: [215383] branches/safari-603-branch/Source/_javascript_Core

Revision

215383

Author

jmarc...@apple.com

Date

2017-04-14 17:18:38 -0700 (Fri, 14 Apr 2017)

Log Message

Cherry-pick r214637. rdar://problem/31615783

Modified Paths

branches/safari-603-branch/Source/_javascript_Core/ChangeLog
branches/safari-603-branch/Source/_javascript_Core/runtime/IntlObject.cpp

Diff

Modified: branches/safari-603-branch/Source/_javascript_Core/ChangeLog (215382 => 215383)

--- branches/safari-603-branch/Source/_javascript_Core/ChangeLog	2017-04-15 00:17:09 UTC (rev 215382)
+++ branches/safari-603-branch/Source/_javascript_Core/ChangeLog	2017-04-15 00:18:38 UTC (rev 215383)
@@ -1,3 +1,22 @@
+2017-04-14  Jason Marcell  <jmarc...@apple.com>
+
+        Cherry-pick r214637. rdar://problem/31615783
+
+    2017-03-30  Mark Lam  <mark....@apple.com>
+
+            IntlObject should not be using JSArray::initializeIndex().
+            https://bugs.webkit.org/show_bug.cgi?id=170302
+            <rdar://problem/31356918>
+
+            Reviewed by Saam Barati.
+
+            JSArray::initializeIndex() is only meant to be used with arrays created using
+            JSArray::tryCreateForInitializationPrivate() under very constrained conditions.
+
+            * runtime/IntlObject.cpp:
+            (JSC::canonicalizeLocaleList):
+            (JSC::intlObjectFuncGetCanonicalLocales):
+
 2017-04-03  Jason Marcell  <jmarc...@apple.com>
 
         Cherry-pick r214684. rdar://problem/31402752

Modified: branches/safari-603-branch/Source/_javascript_Core/runtime/IntlObject.cpp (215382 => 215383)

--- branches/safari-603-branch/Source/_javascript_Core/runtime/IntlObject.cpp	2017-04-15 00:17:09 UTC (rev 215382)
+++ branches/safari-603-branch/Source/_javascript_Core/runtime/IntlObject.cpp	2017-04-15 00:18:38 UTC (rev 215383)
@@ -548,13 +548,15 @@
     JSObject* localesObject;
     if (locales.isString()) {
         //  a. Let aLocales be CreateArrayFromList(«locales»).
-        JSArray* localesArray = JSArray::tryCreate(vm, globalObject->arrayStructureForIndexingTypeDuringAllocation(ArrayWithContiguous), 1);
+        JSArray* localesArray = JSArray::tryCreate(vm, globalObject->arrayStructureForIndexingTypeDuringAllocation(ArrayWithContiguous));
         if (!localesArray) {
             throwOutOfMemoryError(&state, scope);
             RETURN_IF_EXCEPTION(scope, Vector<String>());
         }
 
-        localesArray->initializeIndex(vm, 0, locales);
+        localesArray->push(&state, locales);
+        RETURN_IF_EXCEPTION(scope, Vector<String>());
+
         // 4. Let O be ToObject(aLocales).
         localesObject = localesArray;
     } else {
@@ -1036,7 +1038,7 @@
 
     // 2. Return CreateArrayFromList(ll).
     JSGlobalObject* globalObject = state->jsCallee()->globalObject();
-    JSArray* localeArray = JSArray::tryCreate(vm, globalObject->arrayStructureForIndexingTypeDuringAllocation(ArrayWithContiguous), localeList.size());
+    JSArray* localeArray = JSArray::tryCreate(vm, globalObject->arrayStructureForIndexingTypeDuringAllocation(ArrayWithContiguous));
     if (!localeArray) {
         throwOutOfMemoryError(state, scope);
         return encodedJSValue();
@@ -1044,7 +1046,7 @@
 
     auto length = localeList.size();
     for (size_t i = 0; i < length; ++i) {
-        localeArray->initializeIndex(vm, i, jsString(state, localeList[i]));
+        localeArray->push(state, jsString(state, localeList[i]));
         RETURN_IF_EXCEPTION(scope, encodedJSValue());
     }
     return JSValue::encode(localeArray);

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes