Handle stack overflows in NoSideEffectToString

src/objects.cc

 // Copyright 2015 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "src/objects.h"
 
 #include <cmath>
 #include <iomanip>
 #include <memory>
 #include <sstream>
@@ skipping 218 matching lines @@
 }
 
 Handle<String> NoSideEffectsErrorToString(Isolate* isolate,
                                           Handle<Object> input) {
   Handle<JSReceiver> receiver = Handle<JSReceiver>::cast(input);
 
   Handle<Name> name_key = isolate->factory()->name_string();
   Handle<Object> name = JSReceiver::GetDataProperty(receiver, name_key);
   Handle<String> name_str = (name->IsUndefined(isolate))
                                 ? isolate->factory()->Error_string()
                                 : Object::NoSideEffectsToString(isolate, name);

[Yang, 2016/08/04 06:36:19]

Can we simply break the recursion by not calling NoSideEffectsToString, and
instead just use empty string for name or msg if the property is not already a
string?

[jgruber, 2016/08/04 07:12:05]

Done.

 
   Handle<Name> msg_key = isolate->factory()->message_string();
   Handle<Object> msg = JSReceiver::GetDataProperty(receiver, msg_key);
   Handle<String> msg_str = (msg->IsUndefined(isolate))
                                ? isolate->factory()->empty_string()
                                : Object::NoSideEffectsToString(isolate, msg);
 
   if (name_str->length() == 0) return msg_str;
   if (msg_str->length() == 0) return name_str;
 
   IncrementalStringBuilder builder(isolate);
   builder.AppendString(name_str);
   builder.AppendCString(": ");
   builder.AppendString(msg_str);
 
   return builder.Finish().ToHandleChecked();
 }
 
 }  // namespace
 
 // static
 Handle<String> Object::NoSideEffectsToString(Isolate* isolate,
                                              Handle<Object> input) {
+  StackLimitCheck stack_check(isolate);
+  if (stack_check.HasOverflowed()) {
+    return isolate->factory()->NewStringFromAsciiChecked("<stack overflow>");
+  }
+
   DisallowJavascriptExecution no_js(isolate);
 
   if (input->IsString() || input->IsNumber() || input->IsOddball() ||
       input->IsSimd128Value()) {
     return Object::ToString(isolate, input).ToHandleChecked();
   } else if (input->IsFunction()) {
     // -- F u n c t i o n
     Handle<String> fun_str;
     if (input->IsJSBoundFunction()) {
       fun_str = JSBoundFunction::ToString(Handle<JSBoundFunction>::cast(input));
@@ skipping 41 matching lines @@
           receiver, isolate->factory()->constructor_string());
       if (ctor->IsFunction()) {
         Handle<String> ctor_name;
         if (ctor->IsJSBoundFunction()) {
           ctor_name = JSBoundFunction::GetName(
                           isolate, Handle<JSBoundFunction>::cast(ctor))
                           .ToHandleChecked();
         } else if (ctor->IsJSFunction()) {
           Handle<Object> ctor_name_obj =
               JSFunction::GetName(isolate, Handle<JSFunction>::cast(ctor));
           ctor_name = NoSideEffectsToString(isolate, ctor_name_obj);

[Yang, 2016/08/04 06:36:19]

Same here.

[jgruber, 2016/08/04 07:12:05]

Done.

         }
 
         if (ctor_name->length() != 0) {
           IncrementalStringBuilder builder(isolate);
           builder.AppendCString("#<");
           builder.AppendString(ctor_name);
           builder.AppendCString(">");
 
           return builder.Finish().ToHandleChecked();
         }
@@ skipping 18850 matching lines @@
   for (PrototypeIterator iter(isolate, this, kStartAtReceiver,
                               PrototypeIterator::END_AT_NULL);
        !iter.IsAtEnd(); iter.AdvanceIgnoringProxies()) {
     if (iter.GetCurrent<Object>()->IsJSProxy()) return true;
   }
   return false;
 }
 
 }  // namespace internal
 }  // namespace v8