Changeset 233377 in webkit for trunk/Source/JavaScriptCore/parser/Nodes.cpp

Timestamp:

Jun 29, 2018, 4:40:25 PM (7 years ago)

Author:

[email protected]

Message:

We shouldn't recurse into the parser when gathering metadata about various function offsets
​https://bugs.webkit.org/show_bug.cgi?id=184074
<rdar://problem/37165897>

Reviewed by Mark Lam.

JSTests:

• microbenchmarks/try-get-by-id-basic.js:

(const.bench.f.const.fooPlusBar.createBuiltin):

• microbenchmarks/try-get-by-id-polymorphic.js:

(fooPlusBar.createBuiltin):

• stress/array-push-with-force-exit.js:
• stress/dont-crash-on-stack-overflow-when-parsing-builtin.js: Added.

(f):

• stress/dont-crash-on-stack-overflow-when-parsing-default-constructor.js: Added.

(foo):
(prototype.runNearStackLimit):

• stress/is-constructor.js:
• stress/tailCallForwardArguments.js:

(putFuncToPrivateName.createBuiltin):

Source/JavaScriptCore:

Prior to this patch, when we made a builtin, we had to make an UnlinkedFunctionExecutable
for that builtin. This required calling into the parser. However, the parser
may throw a stack overflow. We were not able to recover from that. The only
reason we called into the parser here is that we were gathering text offsets
and various metadata for things in the builtin function. This patch writes a
mini parser that figures this information out without calling into the full
parser. (I've also added a debug assert that verifies the mini parser stays in
sync with the full parser.) The result of this is that BuiltinExecutbles::createExecutable
always succeeds.

• builtins/AsyncFromSyncIteratorPrototype.js:

(globalPrivate.createAsyncFromSyncIterator):
(globalPrivate.AsyncFromSyncIteratorConstructor):

• builtins/BuiltinExecutables.cpp:

(JSC::BuiltinExecutables::createExecutable):

• builtins/GlobalOperations.js:

(globalPrivate.getter.overriddenName.string_appeared_here.speciesGetter):
(globalPrivate.speciesConstructor):
(globalPrivate.copyDataProperties):
(globalPrivate.copyDataPropertiesNoExclusions):

• builtins/PromiseOperations.js:

(globalPrivate.newHandledRejectedPromise):

• builtins/RegExpPrototype.js:

(globalPrivate.hasObservableSideEffectsForRegExpMatch):
(globalPrivate.hasObservableSideEffectsForRegExpSplit):

• builtins/StringPrototype.js:

(globalPrivate.hasObservableSideEffectsForStringReplace):
(globalPrivate.getDefaultCollator):

• parser/Nodes.cpp:

(JSC::FunctionMetadataNode::FunctionMetadataNode):
(JSC::FunctionMetadataNode::operator== const):
(JSC::FunctionMetadataNode::dump const):

• parser/Nodes.h:
• parser/Parser.h:

(JSC::parse):

• parser/ParserError.h:

(JSC::ParserError::type const):

• parser/ParserTokens.h:

(JSC::JSTextPosition::operator== const):
(JSC::JSTextPosition::operator!= const):

• parser/SourceCode.h:

(JSC::SourceCode::operator== const):
(JSC::SourceCode::operator!= const):
(JSC::SourceCode::subExpression const):
(JSC::SourceCode::subExpression): Deleted.

File:

• trunk/Source/JavaScriptCore/parser/Nodes.cpp (modified) (2 diffs)

trunk/Source/JavaScriptCore/parser/Nodes.cpp

@@ -215 +215 @@
 }
 
+FunctionMetadataNode::FunctionMetadataNode(
+    const JSTokenLocation& startLocation, 
+    const JSTokenLocation& endLocation, unsigned startColumn, unsigned endColumn, 
+    int functionKeywordStart, int functionNameStart, int parametersStart, bool isInStrictContext, 
+    ConstructorKind constructorKind, SuperBinding superBinding, unsigned parameterCount, SourceParseMode mode, bool isArrowFunctionBodyExpression)
+        : Node(endLocation)
+        , m_startColumn(startColumn)
+        , m_endColumn(endColumn)
+        , m_functionKeywordStart(functionKeywordStart)
+        , m_functionNameStart(functionNameStart)
+        , m_parametersStart(parametersStart)
+        , m_startStartOffset(startLocation.startOffset)
+        , m_parameterCount(parameterCount)
+        , m_parseMode(mode)
+        , m_isInStrictContext(isInStrictContext)
+        , m_superBinding(static_cast<unsigned>(superBinding))
+        , m_constructorKind(static_cast<unsigned>(constructorKind))
+        , m_isArrowFunctionBodyExpression(isArrowFunctionBodyExpression)
+{
+    ASSERT(m_superBinding == static_cast<unsigned>(superBinding));
+    ASSERT(m_constructorKind == static_cast<unsigned>(constructorKind));
+}
+
 void FunctionMetadataNode::finishParsing(const SourceCode& source, const Identifier& ident, FunctionMode functionMode)
 {
@@ -226 +249 @@
     m_lastLine = position.line;
     m_endColumn = position.offset - position.lineStartOffset;
+}
+
+bool FunctionMetadataNode::operator==(const FunctionMetadataNode& other) const
+{
+    return m_ident == other.m_ident
+        && m_ecmaName == other.m_ecmaName
+        && m_inferredName == other.m_inferredName
+        && m_functionMode== other.m_functionMode
+        && m_startColumn== other.m_startColumn
+        && m_endColumn== other.m_endColumn
+        && m_functionKeywordStart== other.m_functionKeywordStart
+        && m_functionNameStart== other.m_functionNameStart
+        && m_parametersStart== other.m_parametersStart
+        && m_source== other.m_source
+        && m_classSource== other.m_classSource
+        && m_startStartOffset== other.m_startStartOffset
+        && m_parameterCount== other.m_parameterCount
+        && m_lastLine== other.m_lastLine
+        && m_parseMode== other.m_parseMode
+        && m_isInStrictContext == other.m_isInStrictContext 
+        && m_superBinding == other.m_superBinding 
+        && m_constructorKind == other.m_constructorKind 
+        && m_isArrowFunctionBodyExpression == other.m_isArrowFunctionBodyExpression
+        && m_position == other.m_position;
+}
+
+void FunctionMetadataNode::dump(PrintStream& stream) const
+{
+    stream.println("m_ident ", m_ident);
+    stream.println("m_ecmaName ", m_ecmaName);
+    stream.println("m_inferredName ", m_inferredName);
+    stream.println("m_functionMode ", static_cast<uint32_t>(m_functionMode));
+    stream.println("m_startColumn ", m_startColumn);
+    stream.println("m_endColumn ", m_endColumn);
+    stream.println("m_functionKeywordStart ", m_functionKeywordStart);
+    stream.println("m_functionNameStart ", m_functionNameStart);
+    stream.println("m_parametersStart ", m_parametersStart);
+    stream.println("m_classSource.isNull() ", m_classSource.isNull());
+    stream.println("m_startStartOffset ", m_startStartOffset);
+    stream.println("m_parameterCount ", m_parameterCount);
+    stream.println("m_lastLine ", m_lastLine);
+    stream.println("m_parseMode ", static_cast<uint32_t>(m_parseMode));
+    stream.println("m_isInStrictContext ", m_isInStrictContext);
+    stream.println("m_superBinding ", m_superBinding);
+    stream.println("m_constructorKind ", m_constructorKind);
+    stream.println("m_isArrowFunctionBodyExpression ", m_isArrowFunctionBodyExpression);
+    stream.println("position().line ", position().line);
+    stream.println("position().offset ", position().offset);
+    stream.println("position().lineStartOffset ", position().lineStartOffset);
 }