Changeset 132143 in webkit for trunk/Source/JavaScriptCore/interpreter/JSStack.cpp

Timestamp:

Oct 22, 2012, 3:09:58 PM (13 years ago)

Author:

[email protected]

Message:

Change stack recursion checks to be based on stack availability.
​https://bugs.webkit.org/show_bug.cgi?id=99872.

Reviewed by Filip Pizlo and Geoffrey Garen.

Source/JavaScriptCore:

• Remove m_reentryDepth, ThreadStackType which are now obsolete.
• Replaced the reentryDepth checks with a StackBounds check.
• Added the Interpreter::StackPolicy class to compute a reasonable stack capacity requirement given the native stack that the interpreter is executing on at that time.
• Reserved an amount of JSStack space for the use of error handling and enable its use (using Interpreter::ErrorHandlingMode) when we're about to throw or report an exception.
• Interpreter::StackPolicy also allows more native stack space to be used when in ErrorHandlingMode. This is needed in the case of native stack overflows.
• Fixed the parser so that it throws a StackOverflowError instead of a SyntaxError when it encounters a stack overflow.

• API/JSContextRef.cpp:

(JSContextGroupCreate):
(JSGlobalContextCreateInGroup):

• JavaScriptCore.order:
• JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
• interpreter/Interpreter.cpp:

(JSC::Interpreter::ErrorHandlingMode::ErrorHandlingMode):
(JSC):
(JSC::Interpreter::ErrorHandlingMode::~ErrorHandlingMode):
(JSC::Interpreter::StackPolicy::StackPolicy):
(JSC::Interpreter::Interpreter):
(JSC::Interpreter::execute):
(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):
(JSC::Interpreter::prepareForRepeatCall):

• interpreter/Interpreter.h:

(JSC):
(Interpreter):
(ErrorHandlingMode):
(StackPolicy):
(JSC::Interpreter::StackPolicy::requiredCapacity):

• interpreter/JSStack.cpp:

(JSC):
(JSC::JSStack::JSStack):
(JSC::JSStack::growSlowCase):
(JSC::JSStack::enableErrorStackReserve):
(JSC::JSStack::disableErrorStackReserve):

• interpreter/JSStack.h:

(JSStack):
(JSC::JSStack::reservationEnd):
(JSC):

• jsc.cpp:

(jscmain):

• parser/Parser.cpp:

(JSC::::Parser):

• parser/Parser.h:

(Parser):
(JSC::::parse):

• runtime/ExceptionHelpers.cpp:

(JSC::throwStackOverflowError):

• runtime/JSGlobalData.cpp:

(JSC::JSGlobalData::JSGlobalData):
(JSC::JSGlobalData::createContextGroup):
(JSC::JSGlobalData::create):
(JSC::JSGlobalData::createLeaked):
(JSC::JSGlobalData::sharedInstance):

• runtime/JSGlobalData.h:

(JSC):
(JSGlobalData):

• runtime/StringRecursionChecker.h:

(JSC::StringRecursionChecker::performCheck):

• testRegExp.cpp:

(realMain):

Source/WebCore:

Removed the use of ThreadStackType. Enabled the reserved JSStack space
for error processing before doing work in reportException().

• bindings/js/JSDOMBinding.cpp:

(WebCore::reportException):

• bindings/js/JSDOMWindowBase.cpp:

(WebCore::JSDOMWindowBase::commonJSGlobalData):

• bindings/js/WorkerScriptController.cpp:

(WebCore::WorkerScriptController::WorkerScriptController):

LayoutTests:

Updated test baseline.

• fast/js/global-recursion-on-full-stack-expected.txt:
• fast/xmlhttprequest/xmlhttprequest-recursive-sync-event-expected.txt:

File:

• trunk/Source/JavaScriptCore/interpreter/JSStack.cpp (modified) (4 diffs)

trunk/Source/JavaScriptCore/interpreter/JSStack.cpp

@@ -42 +42 @@
     return staticMutex;
 }    
-    
+
+JSStack::JSStack(size_t capacity)
+    : m_end(0)
+{
+    ASSERT(capacity && isPageAligned(capacity));
+
+    m_reservation = PageReservation::reserve(roundUpAllocationSize(capacity * sizeof(Register), commitSize), OSAllocator::JSVMStackPages);
+    m_end = static_cast<Register*>(m_reservation.base());
+    m_commitEnd = static_cast<Register*>(m_reservation.base());
+
+    disableErrorStackReserve();
+}
+
 JSStack::~JSStack()
 {
@@ -53 +65 @@
 bool JSStack::growSlowCase(Register* newEnd)
 {
+    // If we have already committed enough memory to satisfy this request,
+    // just update the end pointer and return.
     if (newEnd <= m_commitEnd) {
         m_end = newEnd;
@@ -58 +72 @@
     }
 
+    // Compute the chunk size of additional memory to commit, and see if we
+    // have it is still within our budget. If not, we'll fail to grow and
+    // return false.
     long delta = roundUpAllocationSize(reinterpret_cast<char*>(newEnd) - reinterpret_cast<char*>(m_commitEnd), commitSize);
-    if (reinterpret_cast<char*>(m_commitEnd) + delta > static_cast<char*>(m_reservation.base()) + m_reservation.size())
+    if (reinterpret_cast<char*>(m_commitEnd) + delta > reinterpret_cast<char*>(m_useableEnd))
         return false;
 
+    // Otherwise, the growth is still within our budget. Go ahead and commit
+    // it and return true.
     m_reservation.commit(m_commitEnd, delta);
     addToCommittedByteCount(delta);
@@ -105 +124 @@
 }
 
+void JSStack::enableErrorStackReserve()
+{
+    m_useableEnd = reservationEnd();
+}
+
+void JSStack::disableErrorStackReserve()
+{
+    char* useableEnd = reinterpret_cast<char*>(reservationEnd()) - commitSize;
+    m_useableEnd = reinterpret_cast<Register*>(useableEnd);
+
+    // By the time we get here, we are guaranteed to be destructing the last
+    // Interpreter::ErrorHandlingMode that enabled this reserve in the first
+    // place. That means the stack space beyond m_useableEnd before we
+    // enabled the reserve was not previously in use. Hence, it is safe to
+    // shrink back to that m_useableEnd.
+    if (m_end > m_useableEnd)
+        shrink(m_useableEnd);
+}
+
 } // namespace JSC