Skip to content

Fix free of NULL value in function ecma_typedarray_helper_dispatch_construct #4473

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 18, 2021
Merged

Fix free of NULL value in function ecma_typedarray_helper_dispatch_construct #4473

merged 1 commit into from
Jan 18, 2021

Conversation

lygstate
Copy link
Contributor

@lygstate lygstate commented Jan 15, 2021
edited
Loading

Fix free of NULL value in function ecma_typedarray_helper_dispatch_construct

Currently, ecma_op_get_prototype_from_constructor may return NULL
and the function didn't raise that exception.
Also optimize multiple assignment of prototype_obj_p and
multiple access of JERRY_CONTEXT (current_new_target) out.

This fixes the esnext tests

--- a/tests/test262-esnext-excludelist.xml
+++ b/tests/test262-esnext-excludelist.xml
@@ -198,24 +198,14 @@
   <test id="built-ins/TypedArray/prototype/toLocaleString/BigInt/get-length-uses-internal-arraylength.js"><reason></reason></test>
   <test id="built-ins/TypedArray/prototype/toLocaleString/BigInt/return-result.js"><reason></reason></test>
   <test id="built-ins/TypedArrayConstructors/ctors-bigint/buffer-arg/byteoffset-is-negative-zero.js"><reason></reason></test>
-  <test id="built-ins/TypedArrayConstructors/ctors-bigint/buffer-arg/custom-proto-access-throws.js"><reason></reason></test>
   <test id="built-ins/TypedArrayConstructors/ctors-bigint/buffer-arg/defined-negative-length.js"><reason></reason></test>
   <test id="built-ins/TypedArrayConstructors/ctors-bigint/buffer-arg/toindex-byteoffset.js"><reason></reason></test>
-  <test id="built-ins/TypedArrayConstructors/ctors-bigint/length-arg/custom-proto-access-throws.js"><reason></reason></test>
   <test id="built-ins/TypedArrayConstructors/ctors-bigint/length-arg/toindex-length.js"><reason></reason></test>
-  <test id="built-ins/TypedArrayConstructors/ctors-bigint/no-args/custom-proto-access-throws.js"><reason></reason></test>
-  <test id="built-ins/TypedArrayConstructors/ctors-bigint/object-arg/custom-proto-access-throws.js"><reason></reason></test>
-  <test id="built-ins/TypedArrayConstructors/ctors-bigint/typedarray-arg/custom-proto-access-throws.js"><reason></reason></test>
   <test id="built-ins/TypedArrayConstructors/ctors/buffer-arg/byteoffset-is-negative-zero.js"><reason></reason></test>
-  <test id="built-ins/TypedArrayConstructors/ctors/buffer-arg/custom-proto-access-throws.js"><reason></reason></test>
   <test id="built-ins/TypedArrayConstructors/ctors/buffer-arg/defined-negative-length.js"><reason></reason></test>
   <test id="built-ins/TypedArrayConstructors/ctors/buffer-arg/toindex-byteoffset.js"><reason></reason></test>
-  <test id="built-ins/TypedArrayConstructors/ctors/length-arg/custom-proto-access-throws.js"><reason></reason></test>
   <test id="built-ins/TypedArrayConstructors/ctors/length-arg/toindex-length.js"><reason></reason></test>
-  <test id="built-ins/TypedArrayConstructors/ctors/no-args/custom-proto-access-throws.js"><reason></reason></test>
-  <test id="built-ins/TypedArrayConstructors/ctors/object-arg/custom-proto-access-throws.js"><reason></reason></test>
   <test id="built-ins/TypedArrayConstructors/ctors/object-arg/returns.js"><reason></reason></test>
-  <test id="built-ins/TypedArrayConstructors/ctors/typedarray-arg/custom-proto-access-throws.js"><reason></reason></test>
   <test id="built-ins/TypedArrayConstructors/from/BigInt/custom-ctor-returns-other-instance.js"><reason></reason></test>
   <test id="built-ins/TypedArrayConstructors/from/BigInt/custom-ctor.js"><reason></reason></test>
   <test id="built-ins/TypedArrayConstructors/from/BigInt/new-instance-using-custom-ctor.js"><reason></reason></test>

NOTE:This depeds on #4478 (review)

JerryScript-DCO-1.0-Signed-off-by: Yonggang Luo luoyonggang@gmail.com

@lygstate lygstate changed the title Fix free of NULL value in function ecma_typedarray_helper_dispatch_co… Fix free of NULL value in function ecma_typedarray_helper_dispatch_construct Jan 15, 2021
@lygstate lygstate force-pushed the fix-null-typedarray-prototype branch from b1208f8 to 285461b Compare January 15, 2021 15:45
rerobika
rerobika approved these changes Jan 15, 2021
View reviewed changes
Copy link
Member

@rerobika rerobika left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

galpeter
galpeter reviewed Jan 15, 2021
View reviewed changes
Copy link
Contributor

@galpeter galpeter left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we have a JS test case of this?

@lygstate lygstate force-pushed the fix-null-typedarray-prototype branch from 285461b to 5ea1bba Compare January 15, 2021 17:24
zherczeg
zherczeg requested changes Jan 15, 2021
View reviewed changes
jerry-core/ecma/builtin-objects/typedarray/ecma-builtin-typedarray-helpers.c Outdated

if (JERRY_CONTEXT (current_new_target))
if (current_new_target)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

current_new_target != NULL

jerry-core/ecma/builtin-objects/typedarray/ecma-builtin-typedarray-helpers.c Outdated
@@ -40,11 +41,20 @@ ecma_typedarray_helper_dispatch_construct (const ecma_value_t *arguments_list_p,
{
JERRY_ASSERT (arguments_list_len == 0 || arguments_list_p != NULL);
ecma_builtin_id_t proto_id = ecma_typedarray_helper_get_prototype_id (typedarray_id);
ecma_object_t *prototype_obj_p = ecma_builtin_get (proto_id);
ecma_object_t *current_new_target = JERRY_CONTEXT (current_new_target);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

current_new_target_p

jerry-core/ecma/builtin-objects/typedarray/ecma-builtin-typedarray-helpers.c Outdated
@@ -53,7 +63,7 @@ ecma_typedarray_helper_dispatch_construct (const ecma_value_t *arguments_list_p,
ecma_typedarray_helper_get_shift_size (typedarray_id),
typedarray_id);

if (JERRY_CONTEXT (current_new_target))
if (current_new_target)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

current_new_target != NULL

@lygstate
Copy link
Contributor Author

Could we have a JS test case of this?

Not sure about that, this tends to be un-implement feature, just not crash it.
If we add test and then the feature are implemented how to handle that?

@lygstate lygstate force-pushed the fix-null-typedarray-prototype branch 4 times, most recently from d0f7aea to 6593ccc Compare January 15, 2021 19:07
@lygstate
Copy link
Contributor Author

Could we have a JS test case of this?

You are right, test case are needed:) I've add one,
I am not sure if prototype_obj_p may be NULL,
if NULL are not possible then JERRY_ASSERT may better.

rerobika
rerobika requested changes Jan 15, 2021
View reviewed changes
jerry-core/ecma/builtin-objects/typedarray/ecma-builtin-typedarray-helpers.c Outdated
prototype_obj_p = ecma_builtin_get (proto_id);
}

if (prototype_obj_p == NULL)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This if is not needed, since ecma_builtin_get (proto_id); never returns NULL

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

OK, then I nested into the if statement

@lygstate lygstate force-pushed the fix-null-typedarray-prototype branch 2 times, most recently from 8401c63 to 9a5254e Compare January 15, 2021 19:39
rerobika
rerobika requested changes Jan 15, 2021
View reviewed changes
jerry-core/ecma/builtin-objects/typedarray/ecma-builtin-typedarray-helpers.c Outdated
{
prototype_obj_p = ecma_op_get_prototype_from_constructor (JERRY_CONTEXT (current_new_target), proto_id);
prototype_obj_p = ecma_op_get_prototype_from_constructor (current_new_target_p, proto_id);
if (jcontext_has_pending_exception ())
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This if is unneccessary. If ecma_op_get_prototype_from_constructor return NULL it means there is already a raised exception on the context.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So what should I do, like this?

    if (prototype_obj_p == NULL)
    {
      return ECMA_VALUE_ERROR;
    }

@lygstate lygstate force-pushed the fix-null-typedarray-prototype branch from 9a5254e to 8e216a2 Compare January 15, 2021 19:58
@lygstate lygstate requested a review from rerobika January 15, 2021 20:21
lygstate
lygstate commented Jan 15, 2021
View reviewed changes
jerry-core/ecma/builtin-objects/typedarray/ecma-builtin-typedarray-helpers.c Outdated
@@ -20,6 +20,7 @@
#include "ecma-builtins.h"
#include "ecma-gc.h"
#include "ecma-objects.h"
#include "ecma-exceptions.h"
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should not include

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah it's unnecessary. But please for the lord use whole sentences and punctuation marks rather than halfwords.

@lygstate lygstate force-pushed the fix-null-typedarray-prototype branch 2 times, most recently from 6c9f073 to f292b4c Compare January 17, 2021 05:44
@lygstate lygstate mentioned this pull request Jan 17, 2021
Merged
@lygstate
Fix free of NULL value in function ecma_typedarray_helper_dispatch_co…
0c52980 
…nstruct

Currently, ecma_op_get_prototype_from_constructor may return NULL
and the function didn't raise that exception.
Also optimize multiple assignment of prototype_obj_p and
multiple access of JERRY_CONTEXT (current_new_target) out.

This fixes jerryscript-project#4463

JerryScript-DCO-1.0-Signed-off-by: Yonggang Luo luoyonggang@gmail.com
@lygstate lygstate force-pushed the fix-null-typedarray-prototype branch from f292b4c to 0c52980 Compare January 17, 2021 14:39
rerobika
rerobika approved these changes Jan 18, 2021
View reviewed changes
Copy link
Member

@rerobika rerobika left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@rerobika rerobika requested a review from zherczeg January 18, 2021 09:27
@rerobika rerobika added the bug Undesired behaviour label Jan 18, 2021
zherczeg
zherczeg approved these changes Jan 18, 2021
View reviewed changes
Copy link
Member

@zherczeg zherczeg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@zherczeg zherczeg merged commit 90d206d into jerryscript-project:master Jan 18, 2021
@lygstate lygstate deleted the fix-null-typedarray-prototype branch January 18, 2021 10:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@galpeter galpeter galpeter left review comments

@zherczeg zherczeg zherczeg approved these changes

@rerobika rerobika rerobika approved these changes

Assignees
No one assigned
Labels
bug Undesired behaviour
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@lygstate @zherczeg @galpeter @rerobika