Bug 164964 - Fix missing exception checks in Interpreter.cpp.
Summary: Fix missing exception checks in Interpreter.cpp.
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: WebKit Local Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Mark Lam
URL:
Keywords: InRadar
Depends on:
Blocks: 162351
  Show dependency treegraph
 
Reported: 2016-11-18 15:44 PST by Mark Lam
Modified: 2017-03-15 13:20 PDT (History)
9 users (show)

See Also:


Attachments
proposed patch. (11.40 KB, patch)
2016-11-18 15:49 PST, Mark Lam
no flags Details | Formatted Diff | Diff
proposed patch: updated to use return { } where possible. (11.40 KB, patch)
2016-11-21 11:54 PST, Mark Lam
sbarati: review+
Details | Formatted Diff | Diff
Re-based patch for landing. (11.40 KB, patch)
2017-03-15 11:58 PDT, Mark Lam
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Mark Lam 2016-11-18 15:44:27 PST
Patch coming.
Comment 1 Mark Lam 2016-11-18 15:49:45 PST
Created attachment 295204 [details]
proposed patch.
Comment 2 Mark Lam 2016-11-21 11:54:09 PST
Created attachment 295308 [details]
proposed patch: updated to use return { } where possible.
Comment 3 Saam Barati 2016-11-21 15:18:03 PST
Comment on attachment 295308 [details]
proposed patch: updated to use return { } where possible.

View in context: https://bugs.webkit.org/attachment.cgi?id=295308&action=review

> Source/JavaScriptCore/interpreter/Interpreter.cpp:140
> +                    scope.release();

Why wouldn't this be an ASSERT(!scope.exception())?
Seems weird to have it be successful and throw an exception.

> Source/JavaScriptCore/interpreter/Interpreter.cpp:146
> +                    scope.release();

Ditto
Comment 4 Mark Lam 2017-03-15 11:29:25 PDT
Comment on attachment 295308 [details]
proposed patch: updated to use return { } where possible.

View in context: https://bugs.webkit.org/attachment.cgi?id=295308&action=review

>> Source/JavaScriptCore/interpreter/Interpreter.cpp:140
>> +                    scope.release();
> 
> Why wouldn't this be an ASSERT(!scope.exception())?
> Seems weird to have it be successful and throw an exception.

The literal parser allocates objects, and can therefore throw OutOfMemoryErrors, StackOverflowErrors, etc.

I'm going to update and land this patch.
Comment 5 Mark Lam 2017-03-15 11:58:25 PDT
Created attachment 304522 [details]
Re-based patch for landing.
Comment 6 Radar WebKit Bug Importer 2017-03-15 13:17:18 PDT
<rdar://problem/31071591>
Comment 7 Mark Lam 2017-03-15 13:20:46 PDT
Thanks for the review.  Landed in r214005: <http://trac.webkit.org/r214005>.