Changeset 271766 in webkit for trunk/Source/JavaScriptCore/runtime/JSGlobalObjectFunctions.cpp

Timestamp:

Jan 22, 2021, 4:07:28 PM (5 years ago)

Author:

[email protected]

Message:

REGRESSION (r271731): Unchecked JS exception under GlobalObject::moduleLoaderFetch
​https://bugs.webkit.org/show_bug.cgi?id=220868

Reviewed by Mark Lam.

Because TerminatedExecutionError needs to be uncaught, CatchScope's semantics does not work well.
So, we extend ThrowScope to implement CatchScope's feature, and use ThrowScope etc.
We also add JSPromise::rejectWithCaughtException since this pattern is common enough.

• API/JSAPIGlobalObject.mm:

(JSC::JSAPIGlobalObject::moduleLoaderImportModule):
(JSC::JSAPIGlobalObject::moduleLoaderFetch):

• jsc.cpp:

(GlobalObject::moduleLoaderImportModule):
(GlobalObject::moduleLoaderFetch):

• runtime/Completion.cpp:

(JSC::rejectPromise):
(JSC::loadAndEvaluateModule):
(JSC::loadModule):

• runtime/JSGlobalObjectFunctions.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

• runtime/JSInternalPromise.cpp:

(JSC::JSInternalPromise::rejectWithCaughtException):

• runtime/JSInternalPromise.h:
• runtime/JSModuleLoader.cpp:

(JSC::JSModuleLoader::importModule):
(JSC::JSModuleLoader::resolve):
(JSC::JSModuleLoader::fetch):
(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::reject): Deleted.

• runtime/JSPromise.cpp:

(JSC::JSPromise::rejectWithCaughtException):

• runtime/JSPromise.h:
• runtime/ThrowScope.h:

(JSC::ThrowScope::clearException):

• wasm/js/JSWebAssembly.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::resolve):
(JSC::JSWebAssembly::webAssemblyModuleValidateAsync):
(JSC::instantiate):
(JSC::compileAndInstantiate):
(JSC::JSWebAssembly::webAssemblyModuleInstantinateAsync):
(JSC::reject): Deleted.
(JSC::webAssemblyModuleValidateAsyncInternal): Deleted.
(JSC::webAssemblyModuleInstantinateAsyncInternal): Deleted.

File:

• trunk/Source/JavaScriptCore/runtime/JSGlobalObjectFunctions.cpp (modified) (3 diffs)

trunk/Source/JavaScriptCore/runtime/JSGlobalObjectFunctions.cpp

@@ -27 +27 @@
 
 #include "CallFrame.h"
-#include "CatchScope.h"
 #include "IndirectEvalExecutable.h"
 #include "Interpreter.h"
@@ -799 +798 @@
     auto* promise = JSPromise::create(vm, globalObject->promiseStructure());
 
-    auto catchScope = DECLARE_CATCH_SCOPE(vm);
-
-    auto reject = [&](Exception* exception) {
-        if (UNLIKELY(isTerminatedExecutionException(vm, exception)))
-            return promise;
-        JSValue error = exception->value();
-        catchScope.clearException();
-        promise->reject(globalObject, error);
-        return promise;
-    };
+    auto scope = DECLARE_THROW_SCOPE(vm);
 
     auto sourceOrigin = callFrame->callerSourceOrigin(vm);
     RELEASE_ASSERT(callFrame->argumentCount() == 1);
     auto* specifier = callFrame->uncheckedArgument(0).toString(globalObject);
-    if (Exception* exception = catchScope.exception())
-        return JSValue::encode(reject(exception));
+    RETURN_IF_EXCEPTION(scope, JSValue::encode(promise->rejectWithCaughtException(globalObject, scope)));
 
     // We always specify parameters as undefined. Once dynamic import() starts accepting fetching parameters,
@@ -820 +809 @@
     JSValue parameters = jsUndefined();
     auto* internalPromise = globalObject->moduleLoader()->importModule(globalObject, specifier, parameters, sourceOrigin);
-    if (Exception* exception = catchScope.exception())
-        return JSValue::encode(reject(exception));
-
+    RETURN_IF_EXCEPTION(scope, JSValue::encode(promise->rejectWithCaughtException(globalObject, scope)));
+
+    scope.release();
     promise->resolve(globalObject, internalPromise);
     return JSValue::encode(promise);