Title: [254687] trunk
- Revision
- 254687
- Author
- [email protected]
- Date
- 2020-01-16 09:26:21 -0800 (Thu, 16 Jan 2020)
Log Message
operationToObject() should check for a null errorMessage.
https://bugs.webkit.org/show_bug.cgi?id=206339
<rdar://problem/58449666>
Reviewed by Yusuke Suzuki.
JSTests:
* stress/operationToObject-should-check-for-null-errorMessage.js: Added.
Source/_javascript_Core:
r224280 introduced operationToObject() with an option to specify a custom error
message. r254252 added a scenario where the passed in error message is null but
did not update operationToObject() to allow for this. This patch adds the
missing null check.
* dfg/DFGOperations.cpp:
Modified Paths
Added Paths
Diff
Modified: trunk/JSTests/ChangeLog (254686 => 254687)
--- trunk/JSTests/ChangeLog 2020-01-16 17:06:42 UTC (rev 254686)
+++ trunk/JSTests/ChangeLog 2020-01-16 17:26:21 UTC (rev 254687)
@@ -1,3 +1,13 @@
+2020-01-16 Mark Lam <[email protected]>
+
+ operationToObject() should check for a null errorMessage.
+ https://bugs.webkit.org/show_bug.cgi?id=206339
+ <rdar://problem/58449666>
+
+ Reviewed by Yusuke Suzuki.
+
+ * stress/operationToObject-should-check-for-null-errorMessage.js: Added.
+
2020-01-15 Caitlin Potter <[email protected]>
[JSC] Add support for public class fields
Added: trunk/JSTests/stress/operationToObject-should-check-for-null-errorMessage.js (0 => 254687)
--- trunk/JSTests/stress/operationToObject-should-check-for-null-errorMessage.js (rev 0)
+++ trunk/JSTests/stress/operationToObject-should-check-for-null-errorMessage.js 2020-01-16 17:26:21 UTC (rev 254687)
@@ -0,0 +1,9 @@
+function foo() {
+ for (let j = 0; j < 5; j++) {}
+ new Promise(()=> {
+ new Promise([].values);
+ });
+}
+
+for (let i = 0; i < 10000; i++)
+ foo();
Modified: trunk/Source/_javascript_Core/ChangeLog (254686 => 254687)
--- trunk/Source/_javascript_Core/ChangeLog 2020-01-16 17:06:42 UTC (rev 254686)
+++ trunk/Source/_javascript_Core/ChangeLog 2020-01-16 17:26:21 UTC (rev 254687)
@@ -1,3 +1,18 @@
+2020-01-16 Mark Lam <[email protected]>
+
+ operationToObject() should check for a null errorMessage.
+ https://bugs.webkit.org/show_bug.cgi?id=206339
+ <rdar://problem/58449666>
+
+ Reviewed by Yusuke Suzuki.
+
+ r224280 introduced operationToObject() with an option to specify a custom error
+ message. r254252 added a scenario where the passed in error message is null but
+ did not update operationToObject() to allow for this. This patch adds the
+ missing null check.
+
+ * dfg/DFGOperations.cpp:
+
2020-01-16 Per Arne Vollan <[email protected]>
[Win] Fix AppleWin build
Modified: trunk/Source/_javascript_Core/dfg/DFGOperations.cpp (254686 => 254687)
--- trunk/Source/_javascript_Core/dfg/DFGOperations.cpp 2020-01-16 17:06:42 UTC (rev 254686)
+++ trunk/Source/_javascript_Core/dfg/DFGOperations.cpp 2020-01-16 17:26:21 UTC (rev 254687)
@@ -455,7 +455,7 @@
ASSERT(!value.isObject());
if (UNLIKELY(value.isUndefinedOrNull())) {
- if (errorMessage->length()) {
+ if (errorMessage && errorMessage->length()) {
throwVMTypeError(globalObject, scope, errorMessage);
return nullptr;
}
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
