Unreviewed, fix exception checking, part 2
authorutatane.tea@gmail.com <utatane.tea@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 18 May 2018 18:55:35 +0000 (18:55 +0000)
committerutatane.tea@gmail.com <utatane.tea@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 18 May 2018 18:55:35 +0000 (18:55 +0000)
https://bugs.webkit.org/show_bug.cgi?id=185350

* dfg/DFGOperations.cpp:
(JSC::DFG::putByValInternal):
* jit/JITOperations.cpp:
* runtime/CommonSlowPaths.h:
(JSC::CommonSlowPaths::putDirectAccessorWithReify):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@231976 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/dfg/DFGOperations.cpp
Source/JavaScriptCore/jit/JITOperations.cpp
Source/JavaScriptCore/runtime/CommonSlowPaths.h

index 601b753..3594eb3 100644 (file)
@@ -1,3 +1,14 @@
+2018-05-18  Yusuke Suzuki  <utatane.tea@gmail.com>
+
+        Unreviewed, fix exception checking, part 2
+        https://bugs.webkit.org/show_bug.cgi?id=185350
+
+        * dfg/DFGOperations.cpp:
+        (JSC::DFG::putByValInternal):
+        * jit/JITOperations.cpp:
+        * runtime/CommonSlowPaths.h:
+        (JSC::CommonSlowPaths::putDirectAccessorWithReify):
+
 2018-05-16  Filip Pizlo  <fpizlo@apple.com>
 
         JSC should have InstanceOf inline caching
index 0b13124..9e7daf4 100644 (file)
@@ -145,6 +145,7 @@ ALWAYS_INLINE static void putByValInternal(ExecState* exec, VM& vm, EncodedJSVal
             baseObject->putDirectIndex(exec, index.value(), value, 0, strict ? PutDirectIndexShouldThrow : PutDirectIndexShouldNotThrow);
             return;
         }
+        scope.release();
         CommonSlowPaths::putDirectWithReify(vm, exec, baseObject, propertyName, value, slot);
         return;
     }
index 3d85ccd..bf1677e 100644 (file)
@@ -711,6 +711,7 @@ static void directPutByVal(CallFrame* callFrame, JSObject* baseObject, JSValue s
     if (byValInfo->stubInfo && (!isStringOrSymbol(subscript) || byValInfo->cachedId != property))
         byValInfo->tookSlowPath = true;
 
+    scope.release();
     PutPropertySlot slot(baseObject, isStrictMode);
     CommonSlowPaths::putDirectWithReify(vm, callFrame, baseObject, property, value, slot);
 }
index 1fd3bc4..db1eea9 100644 (file)
@@ -242,7 +242,6 @@ static ALWAYS_INLINE void putDirectAccessorWithReify(VM& vm, ExecState* exec, JS
 {
     auto scope = DECLARE_THROW_SCOPE(vm);
     if (baseObject->inherits<JSFunction>(vm)) {
-        auto scope = DECLARE_THROW_SCOPE(vm);
         jsCast<JSFunction*>(baseObject)->reifyLazyPropertyIfNeeded(vm, exec, propertyName);
         RETURN_IF_EXCEPTION(scope, void());
     }