Unreviewed, fix exception checking
authorutatane.tea@gmail.com <utatane.tea@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 18 May 2018 16:15:50 +0000 (16:15 +0000)
committerutatane.tea@gmail.com <utatane.tea@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 18 May 2018 16:15:50 +0000 (16:15 +0000)
https://bugs.webkit.org/show_bug.cgi?id=185350

* runtime/CommonSlowPaths.h:
(JSC::CommonSlowPaths::putDirectWithReify):
(JSC::CommonSlowPaths::putDirectAccessorWithReify):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@231957 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/runtime/CommonSlowPaths.h

index e26319e..33ef424 100644 (file)
@@ -1,3 +1,12 @@
+2018-05-18  Yusuke Suzuki  <utatane.tea@gmail.com>
+
+        Unreviewed, fix exception checking
+        https://bugs.webkit.org/show_bug.cgi?id=185350
+
+        * runtime/CommonSlowPaths.h:
+        (JSC::CommonSlowPaths::putDirectWithReify):
+        (JSC::CommonSlowPaths::putDirectAccessorWithReify):
+
 2018-05-17  Michael Saboff  <msaboff@apple.com>
 
         We don't throw SyntaxErrors for runtime generated regular expressions with errors
index dc395a1..1fd3bc4 100644 (file)
@@ -227,23 +227,26 @@ inline bool canAccessArgumentIndexQuickly(JSObject& object, uint32_t index)
 
 static ALWAYS_INLINE void putDirectWithReify(VM& vm, ExecState* exec, JSObject* baseObject, PropertyName propertyName, JSValue value, PutPropertySlot& slot, Structure** result = nullptr)
 {
+    auto scope = DECLARE_THROW_SCOPE(vm);
     if (baseObject->inherits<JSFunction>(vm)) {
-        auto scope = DECLARE_THROW_SCOPE(vm);
         jsCast<JSFunction*>(baseObject)->reifyLazyPropertyIfNeeded(vm, exec, propertyName);
         RETURN_IF_EXCEPTION(scope, void());
     }
     if (result)
         *result = baseObject->structure(vm);
+    scope.release();
     baseObject->putDirect(vm, propertyName, value, slot);
 }
 
 static ALWAYS_INLINE void putDirectAccessorWithReify(VM& vm, ExecState* exec, JSObject* baseObject, PropertyName propertyName, GetterSetter* accessor, unsigned attribute)
 {
+    auto scope = DECLARE_THROW_SCOPE(vm);
     if (baseObject->inherits<JSFunction>(vm)) {
         auto scope = DECLARE_THROW_SCOPE(vm);
         jsCast<JSFunction*>(baseObject)->reifyLazyPropertyIfNeeded(vm, exec, propertyName);
         RETURN_IF_EXCEPTION(scope, void());
     }
+    scope.release();
     baseObject->putDirectAccessor(exec, propertyName, accessor, attribute);
 }