RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 02:37:36 +00:00
Code Issues Activity Actions

LibJS: Do not invoke Cell::vm in constructors before Cell is constructed

Browse source 
In a subclass of Cell, we cannot use Cell::vm() before the base Cell
object itself is constructed. Use the Realm's VM instead.

This was caught by UBSAN with vptr sanitation enabled.
This commit is contained in:
Timothy Flynn 2022-09-14 19:10:27 -04:00 committed by Andreas Kling
parent 3efe611dbf
commit 85e313077a
46 changed files with 97 additions and 97 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Userland/Libraries/LibJS/Runtime/Intl/CollatorConstructor.cpp
View file

@ -131,7 +131,7 @@ static ThrowCompletionOr<Collator*> initialize_collator(VM& vm, Collator& collat
// 10.1 The Intl.Collator Constructor, https://tc39.es/ecma402/#sec-the-intl-collator-constructor
CollatorConstructor::CollatorConstructor(Realm& realm)
: NativeFunction(vm().names.Collator.as_string(), *realm.intrinsics().function_prototype())
: NativeFunction(realm.vm().names.Collator.as_string(), *realm.intrinsics().function_prototype())
{
}

2
Userland/Libraries/LibJS/Runtime/Intl/DateTimeFormatConstructor.cpp
View file

@ -18,7 +18,7 @@ namespace JS::Intl {
// 11.1 The Intl.DateTimeFormat Constructor, https://tc39.es/ecma402/#sec-intl-datetimeformat-constructor
DateTimeFormatConstructor::DateTimeFormatConstructor(Realm& realm)
: NativeFunction(vm().names.DateTimeFormat.as_string(), *realm.intrinsics().function_prototype())
: NativeFunction(realm.vm().names.DateTimeFormat.as_string(), *realm.intrinsics().function_prototype())
{
}

2
Userland/Libraries/LibJS/Runtime/Intl/DisplayNamesConstructor.cpp
View file

@ -17,7 +17,7 @@ namespace JS::Intl {
// 12.1 The Intl.DisplayNames Constructor, https://tc39.es/ecma402/#sec-intl-displaynames-constructor
DisplayNamesConstructor::DisplayNamesConstructor(Realm& realm)
: NativeFunction(vm().names.DisplayNames.as_string(), *realm.intrinsics().function_prototype())
: NativeFunction(realm.vm().names.DisplayNames.as_string(), *realm.intrinsics().function_prototype())
{
}

2
Userland/Libraries/LibJS/Runtime/Intl/DurationFormatConstructor.cpp
View file

@ -16,7 +16,7 @@ namespace JS::Intl {
// 1.2 The Intl.DurationFormat Constructor, https://tc39.es/proposal-intl-duration-format/#sec-intl-durationformat-constructor
DurationFormatConstructor::DurationFormatConstructor(Realm& realm)
: NativeFunction(vm().names.DurationFormat.as_string(), *realm.intrinsics().function_prototype())
: NativeFunction(realm.vm().names.DurationFormat.as_string(), *realm.intrinsics().function_prototype())
{
}

2
Userland/Libraries/LibJS/Runtime/Intl/ListFormatConstructor.cpp
View file

@ -16,7 +16,7 @@ namespace JS::Intl {
// 13.1 The Intl.ListFormat Constructor, https://tc39.es/ecma402/#sec-intl-listformat-constructor
ListFormatConstructor::ListFormatConstructor(Realm& realm)
: NativeFunction(vm().names.ListFormat.as_string(), *realm.intrinsics().function_prototype())
: NativeFunction(realm.vm().names.ListFormat.as_string(), *realm.intrinsics().function_prototype())
{
}

2
Userland/Libraries/LibJS/Runtime/Intl/LocaleConstructor.cpp
View file

@ -217,7 +217,7 @@ static LocaleAndKeys apply_unicode_extension_to_tag(StringView tag, LocaleAndKey
// 14.1 The Intl.Locale Constructor, https://tc39.es/ecma402/#sec-intl-locale-constructor
LocaleConstructor::LocaleConstructor(Realm& realm)
: NativeFunction(vm().names.Locale.as_string(), *realm.intrinsics().function_prototype())
: NativeFunction(realm.vm().names.Locale.as_string(), *realm.intrinsics().function_prototype())
{
}

2
Userland/Libraries/LibJS/Runtime/Intl/NumberFormatConstructor.cpp
View file

@ -15,7 +15,7 @@ namespace JS::Intl {
// 15.1 The Intl.NumberFormat Constructor, https://tc39.es/ecma402/#sec-intl-numberformat-constructor
NumberFormatConstructor::NumberFormatConstructor(Realm& realm)
: NativeFunction(vm().names.NumberFormat.as_string(), *realm.intrinsics().function_prototype())
: NativeFunction(realm.vm().names.NumberFormat.as_string(), *realm.intrinsics().function_prototype())
{
}

2
Userland/Libraries/LibJS/Runtime/Intl/PluralRulesConstructor.cpp
View file

@ -17,7 +17,7 @@ namespace JS::Intl {
// 16.1 The Intl.PluralRules Constructor, https://tc39.es/ecma402/#sec-intl-pluralrules-constructor
PluralRulesConstructor::PluralRulesConstructor(Realm& realm)
: NativeFunction(vm().names.PluralRules.as_string(), *realm.intrinsics().function_prototype())
: NativeFunction(realm.vm().names.PluralRules.as_string(), *realm.intrinsics().function_prototype())
{
}

2
Userland/Libraries/LibJS/Runtime/Intl/RelativeTimeFormatConstructor.cpp
View file

@ -20,7 +20,7 @@ namespace JS::Intl {
// 17.1 The Intl.RelativeTimeFormat Constructor, https://tc39.es/ecma402/#sec-intl-relativetimeformat-constructor
RelativeTimeFormatConstructor::RelativeTimeFormatConstructor(Realm& realm)
: NativeFunction(vm().names.RelativeTimeFormat.as_string(), *realm.intrinsics().function_prototype())
: NativeFunction(realm.vm().names.RelativeTimeFormat.as_string(), *realm.intrinsics().function_prototype())
{
}

2
Userland/Libraries/LibJS/Runtime/Intl/SegmenterConstructor.cpp
View file

@ -16,7 +16,7 @@ namespace JS::Intl {
// 18.1 The Intl.Segmenter Constructor, https://tc39.es/ecma402/#sec-intl-segmenter-constructor
SegmenterConstructor::SegmenterConstructor(Realm& realm)
: NativeFunction(vm().names.Segmenter.as_string(), *realm.intrinsics().function_prototype())
: NativeFunction(realm.vm().names.Segmenter.as_string(), *realm.intrinsics().function_prototype())
{
}