-
Notifications
You must be signed in to change notification settings - Fork 1.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Throw exception when ClonedArguments allocation fails
https://bugs.webkit.org/show_bug.cgi?id=264511 rdar://118039984 Reviewed by Mark Lam. Currently, if we try and allocate a ClonedArguments object and run out of memory, we silently return nullptr. This can result in the creation of an empty JSValue being returned. This patch ensures that we check for and propagate the null result, in addition to throwing an OutOfMemory error. In cases where we can't throw an OutOfMemory error, specifically in operationMaterializeObjectInOSR, we RELEASE_ASSERT that the result is non-null to guarantee we crash instead of allowing the empty value to escape. * JSTests/stress/cloned-arguments-oom.js: Added. (Allocator): (Allocator.prototype.size): (Allocator.prototype.allocate): (createClonedArguments): (0x0.map.size.new.Allocator): (catch): * Source/JavaScriptCore/dfg/DFGOperations.cpp: (JSC::DFG::JSC_DEFINE_JIT_OPERATION): * Source/JavaScriptCore/ftl/FTLOperations.cpp: (JSC::FTL::JSC_DEFINE_JIT_OPERATION): * Source/JavaScriptCore/runtime/ClonedArguments.cpp: (JSC::ClonedArguments::createEmpty): (JSC::ClonedArguments::createWithInlineFrame): (JSC::ClonedArguments::createWithMachineFrame): (JSC::ClonedArguments::createByCopyingFrom): * Source/JavaScriptCore/runtime/CommonSlowPaths.cpp: (JSC::JSC_DEFINE_COMMON_SLOW_PATH): * Source/JavaScriptCore/runtime/FunctionPrototype.cpp: (JSC::JSC_DEFINE_CUSTOM_GETTER): Originally-landed-as: 267815.638@safari-7617-branch (dc9b30f). rdar://121478772 Canonical link: https://commits.webkit.org/273483@main
- Loading branch information
1 parent
17ee3e3
commit 9c7c233
Showing
5 changed files
with
32 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters