Changeset 51801 in webkit for trunk/JavaScriptCore/runtime/JSString.h

Timestamp:

Dec 7, 2009, 3:14:04 PM (15 years ago)

Author:

[email protected]

Message:

​https://bugs.webkit.org/show_bug.cgi?id=32184
Handle out-of-memory conditions with JSC Ropes with a JS exception, rather than crashing.
Switch from using fastMalloc to tryFastMalloc, pass an ExecState to record the exception on.

Reviewed by Oliver Hunt.

JavaScriptCore:

• API/JSCallbackObjectFunctions.h:

(JSC::::toString):

• API/JSValueRef.cpp:

(JSValueIsStrictEqual):

• JavaScriptCore.exp:
• bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitEqualityOp):

• debugger/DebuggerCallFrame.cpp:

(JSC::DebuggerCallFrame::functionName):
(JSC::DebuggerCallFrame::calculatedFunctionName):

• interpreter/Interpreter.cpp:

(JSC::Interpreter::callEval):
(JSC::Interpreter::privateExecute):

• jit/JITStubs.cpp:

(JSC::DEFINE_STUB_FUNCTION):

• profiler/ProfileGenerator.cpp:

(JSC::ProfileGenerator::addParentForConsoleStart):

• profiler/Profiler.cpp:

(JSC::Profiler::willExecute):
(JSC::Profiler::didExecute):
(JSC::Profiler::createCallIdentifier):
(JSC::createCallIdentifierFromFunctionImp):

• profiler/Profiler.h:
• runtime/ArrayPrototype.cpp:

(JSC::arrayProtoFuncIndexOf):
(JSC::arrayProtoFuncLastIndexOf):

• runtime/DateConstructor.cpp:

(JSC::constructDate):

• runtime/FunctionPrototype.cpp:

(JSC::functionProtoFuncToString):

• runtime/InternalFunction.cpp:

(JSC::InternalFunction::name):
(JSC::InternalFunction::displayName):
(JSC::InternalFunction::calculatedDisplayName):

• runtime/InternalFunction.h:
• runtime/JSCell.cpp:

(JSC::JSCell::getString):

• runtime/JSCell.h:

(JSC::JSValue::getString):

• runtime/JSONObject.cpp:

(JSC::gap):
(JSC::Stringifier::Stringifier):
(JSC::Stringifier::appendStringifiedValue):

• runtime/JSObject.cpp:

(JSC::JSObject::putDirectFunction):
(JSC::JSObject::putDirectFunctionWithoutTransition):
(JSC::JSObject::defineOwnProperty):

• runtime/JSObject.h:
• runtime/JSPropertyNameIterator.cpp:

(JSC::JSPropertyNameIterator::get):

• runtime/JSString.cpp:

(JSC::JSString::Rope::~Rope):
(JSC::JSString::resolveRope):
(JSC::JSString::getPrimitiveNumber):
(JSC::JSString::toNumber):
(JSC::JSString::toString):
(JSC::JSString::toThisString):
(JSC::JSString::getStringPropertyDescriptor):

• runtime/JSString.h:

(JSC::JSString::Rope::createOrNull):
(JSC::JSString::Rope::operator new):
(JSC::JSString::value):
(JSC::JSString::tryGetValue):
(JSC::JSString::getIndex):
(JSC::JSString::getStringPropertySlot):
(JSC::JSValue::toString):

• runtime/JSValue.h:
• runtime/NativeErrorConstructor.cpp:

(JSC::NativeErrorConstructor::NativeErrorConstructor):

• runtime/Operations.cpp:

(JSC::JSValue::strictEqualSlowCase):

• runtime/Operations.h:

(JSC::JSValue::equalSlowCaseInline):
(JSC::JSValue::strictEqualSlowCaseInline):
(JSC::JSValue::strictEqual):
(JSC::jsLess):
(JSC::jsLessEq):
(JSC::jsAdd):
(JSC::concatenateStrings):

• runtime/PropertyDescriptor.cpp:

(JSC::PropertyDescriptor::equalTo):

• runtime/PropertyDescriptor.h:
• runtime/StringPrototype.cpp:

(JSC::stringProtoFuncReplace):
(JSC::stringProtoFuncToLowerCase):
(JSC::stringProtoFuncToUpperCase):

WebCore:

• bindings/ScriptControllerBase.cpp:

(WebCore::ScriptController::executeIfJavaScriptURL):

• bindings/js/JSCanvasRenderingContext2DCustom.cpp:

(WebCore::toHTMLCanvasStyle):
(WebCore::JSCanvasRenderingContext2D::setFillColor):
(WebCore::JSCanvasRenderingContext2D::setStrokeColor):
(WebCore::JSCanvasRenderingContext2D::setShadow):

• bindings/js/ScriptCallStack.cpp:

(WebCore::ScriptCallStack::ScriptCallStack):
(WebCore::ScriptCallStack::initialize):

• bindings/js/ScriptValue.cpp:

(WebCore::ScriptValue::getString):

• bindings/js/ScriptValue.h:
• bindings/js/SerializedScriptValue.cpp:

(WebCore::SerializingTreeWalker::convertIfTerminal):

• bindings/objc/WebScriptObject.mm:

(+[WebScriptObject _convertValueToObjcValue:originRootObject:rootObject:]):

• page/Console.cpp:

(WebCore::Console::addMessage):

WebKit/mac:

• WebView/WebView.mm:

(aeDescFromJSValue):

File:

• trunk/JavaScriptCore/runtime/JSString.h (modified) (9 diffs)

trunk/JavaScriptCore/runtime/JSString.h

@@ -87 +87 @@
             // Creates a Rope comprising of 'ropeLength' Fibers.
             // The Rope is constructed in an uninitialized state - initialize must be called for each Fiber in the Rope.
-            static PassRefPtr<Rope> create(unsigned ropeLength) { return adoptRef(new (ropeLength) Rope(ropeLength)); }
+            static PassRefPtr<Rope> createOrNull(unsigned ropeLength)
+            {
+                void* allocation;
+                if (tryFastMalloc(sizeof(Rope) + (ropeLength - 1) * sizeof(Fiber)).getValue(allocation))
+                    return adoptRef(new (allocation) Rope(ropeLength));
+                return 0;
+            }
 
             ~Rope();
@@ -117 +123 @@
         private:
             Rope(unsigned ropeLength) : m_ropeLength(ropeLength), m_stringLength(0) {}
-            void* operator new(size_t, unsigned ropeLength) { return fastMalloc(sizeof(Rope) + (ropeLength - 1) * sizeof(UString::Rep*)); }
+            void* operator new(size_t, void* inPlace) { return inPlace; }
             
             unsigned m_ropeLength;
@@ -151 +157 @@
         {
         }
-        
-        const UString& value() const
+
+        const UString& value(ExecState* exec) const
         {
             if (m_rope)
-                resolveRope();
+                resolveRope(exec);
+            return m_value;
+        }
+        const UString tryGetValue() const
+        {
+            if (m_rope)
+                UString();
             return m_value;
         }
@@ -169 +181 @@
 
         bool canGetIndex(unsigned i) { return i < m_length; }
-        JSString* getIndex(JSGlobalData*, unsigned);
+        JSString* getIndex(ExecState*, unsigned);
 
         static PassRefPtr<Structure> createStructure(JSValue proto) { return Structure::create(proto, TypeInfo(StringType, OverridesGetOwnPropertySlot | NeedsThisConversion)); }
@@ -180 +192 @@
         }
 
-        void resolveRope() const;
+        void resolveRope(ExecState*) const;
 
         virtual JSValue toPrimitive(ExecState*, PreferredPrimitiveType) const;
@@ -247 +259 @@
     }
 
-    inline JSString* JSString::getIndex(JSGlobalData* globalData, unsigned i)
+    inline JSString* JSString::getIndex(ExecState* exec, unsigned i)
     {
         ASSERT(canGetIndex(i));
-        return jsSingleCharacterSubstring(globalData, value(), i);
+        return jsSingleCharacterSubstring(&exec->globalData(), value(exec), i);
     }
 
@@ -313 +325 @@
         unsigned i = propertyName.toStrictUInt32(&isStrictUInt32);
         if (isStrictUInt32 && i < m_length) {
-            slot.setValue(jsSingleCharacterSubstring(exec, value(), i));
+            slot.setValue(jsSingleCharacterSubstring(exec, value(exec), i));
             return true;
         }
@@ -323 +335 @@
     {
         if (propertyName < m_length) {
-            slot.setValue(jsSingleCharacterSubstring(exec, value(), propertyName));
+            slot.setValue(jsSingleCharacterSubstring(exec, value(exec), propertyName));
             return true;
         }
@@ -342 +354 @@
     {
         if (isString())
-            return static_cast<JSString*>(asCell())->value();
+            return static_cast<JSString*>(asCell())->value(exec);
         if (isInt32())
             return exec->globalData().numericStrings.add(asInt32());