[webkit-changes] [258453] trunk/Source/JavaScriptCore

[ysuzuki]

Title: [258453] trunk/Source/_javascript_Core

Revision

258453

Author

ysuz...@apple.com

Date

2020-03-13 18:01:23 -0700 (Fri, 13 Mar 2020)

Log Message

Unreviewed, fix JSC / test262 tests
https://bugs.webkit.org/show_bug.cgi?id=209033
<rdar://problem/58946936>

Follow-up change for DisallowGC causes crash because CodeBlock is nullptr when function call is non JS calls.

* interpreter/Interpreter.cpp:
(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):

Modified Paths

• trunk/Source/_javascript_Core/ChangeLog
• trunk/Source/_javascript_Core/interpreter/Interpreter.cpp

Diff

Modified: trunk/Source/_javascript_Core/ChangeLog (258452 => 258453)

--- trunk/Source/_javascript_Core/ChangeLog	2020-03-14 00:19:24 UTC (rev 258452)
+++ trunk/Source/_javascript_Core/ChangeLog	2020-03-14 01:01:23 UTC (rev 258453)
@@ -1,3 +1,15 @@
+2020-03-13  Yusuke Suzuki  <ysuz...@apple.com>
+
+        Unreviewed, fix JSC / test262 tests
+        https://bugs.webkit.org/show_bug.cgi?id=209033
+        <rdar://problem/58946936>
+
+        Follow-up change for DisallowGC causes crash because CodeBlock is nullptr when function call is non JS calls.
+
+        * interpreter/Interpreter.cpp:
+        (JSC::Interpreter::executeCall):
+        (JSC::Interpreter::executeConstruct):
+
 2020-03-13  Tadeu Zagallo  <tzaga...@apple.com>
 
         Missing arithMode for ArithAbs and ArithNegate in DFGClobberize

Modified: trunk/Source/_javascript_Core/interpreter/Interpreter.cpp (258452 => 258453)

--- trunk/Source/_javascript_Core/interpreter/Interpreter.cpp	2020-03-14 00:19:24 UTC (rev 258452)
+++ trunk/Source/_javascript_Core/interpreter/Interpreter.cpp	2020-03-14 01:01:23 UTC (rev 258453)
@@ -905,7 +905,9 @@
 
     DisallowGC disallowGC; // Ensure no GC happens. GC can replace CodeBlock in Executable.
 
-    RefPtr<JITCode> jitCode = callData.js.functionExecutable->generatedJITCodeForCall();
+    RefPtr<JITCode> jitCode;
+    if (isJSCall)
+        jitCode = callData.js.functionExecutable->generatedJITCodeForCall();
 
     ProtoCallFrame protoCallFrame;
     protoCallFrame.init(newCodeBlock, globalObject, function, thisValue, argsCount, args.data());
@@ -981,7 +983,9 @@
 
     DisallowGC disallowGC; // Ensure no GC happens. GC can replace CodeBlock in Executable.
 
-    RefPtr<JITCode> jitCode = constructData.js.functionExecutable->generatedJITCodeForConstruct();
+    RefPtr<JITCode> jitCode;
+    if (isJSConstruct)
+        jitCode = constructData.js.functionExecutable->generatedJITCodeForConstruct();
 
     ProtoCallFrame protoCallFrame;
     protoCallFrame.init(newCodeBlock, globalObject, constructor, newTarget, argsCount, args.data());

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes