Skip to site navigation (Press enter)

[webkit-changes] [164400] trunk/Source/JavaScriptCore

ggaren Wed, 19 Feb 2014 15:46:30 -0800

Title: [164400] trunk/Source/_javascript_Core

Revision: 164400
Author: [email protected]
Date: 2014-02-19 15:51:34 -0800 (Wed, 19 Feb 2014)

Log Message

Crash after -[JSContext evaluateScript:] when initializing JSContext with JSVirtualMachine
https://bugs.webkit.org/show_bug.cgi?id=129070


Reviewed by Mark Hahnenberg.

Clear our exception explicitly before throwing away the VM because our
exception references VM memory.

* API/JSContext.mm:
(-[JSContext dealloc]):
* API/tests/testapi.mm:
(testObjectiveCAPI):

Modified Paths

trunk/Source/_javascript_Core/API/JSContext.mm
trunk/Source/_javascript_Core/API/tests/testapi.mm
trunk/Source/_javascript_Core/ChangeLog

Diff

Modified: trunk/Source/_javascript_Core/API/JSContext.mm (164399 => 164400)


--- trunk/Source/_javascript_Core/API/JSContext.mm	2014-02-19 23:47:53 UTC (rev 164399)
+++ trunk/Source/_javascript_Core/API/JSContext.mm	2014-02-19 23:51:34 UTC (rev 164400)
@@ -80,6 +80,7 @@
 
 - (void)dealloc
 {
+    m_exception.clear();
     [m_wrapperMap release];
     JSGlobalContextRelease(m_context);
     [m_virtualMachine release];

Modified: trunk/Source/_javascript_Core/API/tests/testapi.mm (164399 => 164400)


--- trunk/Source/_javascript_Core/API/tests/testapi.mm	2014-02-19 23:47:53 UTC (rev 164399)
+++ trunk/Source/_javascript_Core/API/tests/testapi.mm	2014-02-19 23:51:34 UTC (rev 164400)
@@ -474,6 +474,12 @@
     NSLog(@"Testing Objective-C API");
 
     @autoreleasepool {
+        JSVirtualMachine* vm = [[JSVirtualMachine alloc] init];
+        JSContext* context = [[JSContext alloc] initWithVirtualMachine:vm];
+        [context evaluateScript:@"bad"];
+    }
+
+    @autoreleasepool {
         JSContext *context = [[JSContext alloc] init];
         JSValue *result = [context evaluateScript:@"2 + 2"];
         checkResult(@"2 + 2", [result isNumber] && [result toInt32] == 4);

Modified: trunk/Source/_javascript_Core/ChangeLog (164399 => 164400)


--- trunk/Source/_javascript_Core/ChangeLog	2014-02-19 23:47:53 UTC (rev 164399)
+++ trunk/Source/_javascript_Core/ChangeLog	2014-02-19 23:51:34 UTC (rev 164400)
@@ -1,3 +1,18 @@
+2014-02-19  Geoffrey Garen  <[email protected]>
+
+        Crash after -[JSContext evaluateScript:] when initializing JSContext with JSVirtualMachine
+        https://bugs.webkit.org/show_bug.cgi?id=129070
+
+        Reviewed by Mark Hahnenberg.
+
+        Clear our exception explicitly before throwing away the VM because our
+        exception references VM memory.
+
+        * API/JSContext.mm:
+        (-[JSContext dealloc]):
+        * API/tests/testapi.mm:
+        (testObjectiveCAPI):
+
 2014-02-19  Brent Fulgham  <[email protected]>
 
         Unreviewed build fix after r164391

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes