Title: [255017] branches/safari-609-branch
- Revision
- 255017
- Author
- [email protected]
- Date
- 2020-01-23 13:43:58 -0800 (Thu, 23 Jan 2020)
Log Message
Cherry-pick r254687. rdar://problem/58811365
operationToObject() should check for a null errorMessage.
https://bugs.webkit.org/show_bug.cgi?id=206339
<rdar://problem/58449666>
Reviewed by Yusuke Suzuki.
JSTests:
* stress/operationToObject-should-check-for-null-errorMessage.js: Added.
Source/_javascript_Core:
r224280 introduced operationToObject() with an option to specify a custom error
message. r254252 added a scenario where the passed in error message is null but
did not update operationToObject() to allow for this. This patch adds the
missing null check.
* dfg/DFGOperations.cpp:
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254687 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
Added Paths
Diff
Modified: branches/safari-609-branch/JSTests/ChangeLog (255016 => 255017)
--- branches/safari-609-branch/JSTests/ChangeLog 2020-01-23 21:43:55 UTC (rev 255016)
+++ branches/safari-609-branch/JSTests/ChangeLog 2020-01-23 21:43:58 UTC (rev 255017)
@@ -1,3 +1,40 @@
+2020-01-23 Russell Epstein <[email protected]>
+
+ Cherry-pick r254687. rdar://problem/58811365
+
+ operationToObject() should check for a null errorMessage.
+ https://bugs.webkit.org/show_bug.cgi?id=206339
+ <rdar://problem/58449666>
+
+ Reviewed by Yusuke Suzuki.
+
+ JSTests:
+
+ * stress/operationToObject-should-check-for-null-errorMessage.js: Added.
+
+ Source/_javascript_Core:
+
+ r224280 introduced operationToObject() with an option to specify a custom error
+ message. r254252 added a scenario where the passed in error message is null but
+ did not update operationToObject() to allow for this. This patch adds the
+ missing null check.
+
+ * dfg/DFGOperations.cpp:
+
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254687 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2020-01-16 Mark Lam <[email protected]>
+
+ operationToObject() should check for a null errorMessage.
+ https://bugs.webkit.org/show_bug.cgi?id=206339
+ <rdar://problem/58449666>
+
+ Reviewed by Yusuke Suzuki.
+
+ * stress/operationToObject-should-check-for-null-errorMessage.js: Added.
+
2020-01-21 Alan Coon <[email protected]>
Cherry-pick r254632. rdar://problem/58764714
Added: branches/safari-609-branch/JSTests/stress/operationToObject-should-check-for-null-errorMessage.js (0 => 255017)
--- branches/safari-609-branch/JSTests/stress/operationToObject-should-check-for-null-errorMessage.js (rev 0)
+++ branches/safari-609-branch/JSTests/stress/operationToObject-should-check-for-null-errorMessage.js 2020-01-23 21:43:58 UTC (rev 255017)
@@ -0,0 +1,9 @@
+function foo() {
+ for (let j = 0; j < 5; j++) {}
+ new Promise(()=> {
+ new Promise([].values);
+ });
+}
+
+for (let i = 0; i < 10000; i++)
+ foo();
Modified: branches/safari-609-branch/Source/_javascript_Core/ChangeLog (255016 => 255017)
--- branches/safari-609-branch/Source/_javascript_Core/ChangeLog 2020-01-23 21:43:55 UTC (rev 255016)
+++ branches/safari-609-branch/Source/_javascript_Core/ChangeLog 2020-01-23 21:43:58 UTC (rev 255017)
@@ -1,5 +1,47 @@
2020-01-23 Russell Epstein <[email protected]>
+ Cherry-pick r254687. rdar://problem/58811365
+
+ operationToObject() should check for a null errorMessage.
+ https://bugs.webkit.org/show_bug.cgi?id=206339
+ <rdar://problem/58449666>
+
+ Reviewed by Yusuke Suzuki.
+
+ JSTests:
+
+ * stress/operationToObject-should-check-for-null-errorMessage.js: Added.
+
+ Source/_javascript_Core:
+
+ r224280 introduced operationToObject() with an option to specify a custom error
+ message. r254252 added a scenario where the passed in error message is null but
+ did not update operationToObject() to allow for this. This patch adds the
+ missing null check.
+
+ * dfg/DFGOperations.cpp:
+
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254687 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2020-01-16 Mark Lam <[email protected]>
+
+ operationToObject() should check for a null errorMessage.
+ https://bugs.webkit.org/show_bug.cgi?id=206339
+ <rdar://problem/58449666>
+
+ Reviewed by Yusuke Suzuki.
+
+ r224280 introduced operationToObject() with an option to specify a custom error
+ message. r254252 added a scenario where the passed in error message is null but
+ did not update operationToObject() to allow for this. This patch adds the
+ missing null check.
+
+ * dfg/DFGOperations.cpp:
+
+2020-01-23 Russell Epstein <[email protected]>
+
Cherry-pick r254523. rdar://problem/58606225
Web Inspector: crash in DumpRenderTree at com.apple._javascript_Core: WTF::RefCountedBase::hasOneRef const
Modified: branches/safari-609-branch/Source/_javascript_Core/dfg/DFGOperations.cpp (255016 => 255017)
--- branches/safari-609-branch/Source/_javascript_Core/dfg/DFGOperations.cpp 2020-01-23 21:43:55 UTC (rev 255016)
+++ branches/safari-609-branch/Source/_javascript_Core/dfg/DFGOperations.cpp 2020-01-23 21:43:58 UTC (rev 255017)
@@ -454,7 +454,7 @@
ASSERT(!value.isObject());
if (UNLIKELY(value.isUndefinedOrNull())) {
- if (errorMessage->length()) {
+ if (errorMessage && errorMessage->length()) {
throwVMTypeError(globalObject, scope, errorMessage);
return nullptr;
}
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
