Blink-in-JS: Allow a stackoverflow error thrown by private scripts

Currently standard JS errors thrown by private scripts are treated as real errors of the private scripts and crash the renderer. However, we need to special-case a stackoverflow error because user's script can create code that causes a stackoverflow error in private scripts. BUG=412143 TEST=fast/dom/private_script_unittest.html Review URL: https://codereview.chromium.org/553983007 git-svn-id: svn://svn.chromium.org/blink/trunk@181603 bbb929c8-8fbe-4397-9dbb-9b2b20218538

Blink-in-JS: Allow a stackoverflow error thrown by private scripts
Currently standard JS errors thrown by private scripts are treated as real errors of the private scripts and crash the renderer. However, we need to special-case a stackoverflow error because user's script can create code that causes a stackoverflow error in private scripts. BUG=412143 TEST=fast/dom/private_script_unittest.html Review URL: https://codereview.chromium.org/553983007 git-svn-id: svn://svn.chromium.org/blink/trunk@181603 bbb929c8-8fbe-4397-9dbb-9b2b20218538
14ff6627 · haraken@chromium.org · 721bdd59 · 14ff6627 · 14ff6627 · 14ff6627
Commit 14ff6627 authored Sep 09, 2014 by haraken@chromium.org
5 changed files
--- a/third_party/WebKit/LayoutTests/fast/dom/private_script_unittest-expected.txt
+++ b/third_party/WebKit/LayoutTests/fast/dom/private_script_unittest-expected.txt
@@ -36,6 +36,7 @@ PASS privateScriptTest.voidMethodThrowsTypeError() threw exception TypeError: Fa
 PASS privateScriptTest.voidMethodThrowsRangeError() threw exception RangeError: Failed to execute 'voidMethodThrowsRangeError' on 'PrivateScriptTest': method threw RangeError.
 PASS privateScriptTest.voidMethodThrowsSyntaxError() threw exception SyntaxError: Failed to execute 'voidMethodThrowsSyntaxError' on 'PrivateScriptTest': method threw SyntaxError.
 PASS privateScriptTest.voidMethodThrowsReferenceError() threw exception ReferenceError: Failed to execute 'voidMethodThrowsReferenceError' on 'PrivateScriptTest': method threw ReferenceError.
+PASS privateScriptTest.voidMethodThrowsStackOverflowError() threw exception RangeError: Failed to execute 'voidMethodThrowsStackOverflowError' on 'PrivateScriptTest': Maximum call stack size exceeded.
 PASS privateScriptTest.addIntegerImplementedInCPP(111, 222) is 333
 PASS privateScriptTest.stringAttributeImplementedInCPP is "undefined"
 PASS privateScriptTest.stringAttributeImplementedInCPP is "foo"

--- a/third_party/WebKit/LayoutTests/fast/dom/private_script_unittest.html
+++ b/third_party/WebKit/LayoutTests/fast/dom/private_script_unittest.html
@@ -70,6 +70,7 @@ shouldThrow('privateScriptTest.voidMethodThrowsTypeError()');
 shouldThrow('privateScriptTest.voidMethodThrowsRangeError()');
 shouldThrow('privateScriptTest.voidMethodThrowsSyntaxError()');
 shouldThrow('privateScriptTest.voidMethodThrowsReferenceError()');
+shouldThrow('privateScriptTest.voidMethodThrowsStackOverflowError()');

 shouldBe('privateScriptTest.addIntegerImplementedInCPP(111, 222)', '333');
 shouldBeEqualToString('privateScriptTest.stringAttributeImplementedInCPP', 'undefined');

--- a/third_party/WebKit/Source/bindings/core/v8/PrivateScriptRunner.cpp
+++ b/third_party/WebKit/Source/bindings/core/v8/PrivateScriptRunner.cpp
@@ -254,6 +254,16 @@ void PrivateScriptRunner::rethrowExceptionInPrivateScript(v8::Isolate* isolate,
        return;
    }

+    // Standard JS errors thrown by a private script are treated as real errors
+    // of the private script and crash the renderer, except for a stack overflow
+    // error. A stack overflow error can happen in a valid private script
+    // if user's script can create a recursion that involves the private script.
+    if (exceptionName == "RangeError" && messageString.contains("Maximum call stack size exceeded")) {
+        exceptionState.throwDOMException(V8RangeError, messageString);
+        exceptionState.throwIfNeeded();
+        return;
+    }
+
    fprintf(stderr, "Private script error: %s was thrown.\n", exceptionName.utf8().data());
    dumpV8Message(tryCatchMessage);
    RELEASE_ASSERT_NOT_REACHED();

--- a/third_party/WebKit/Source/core/testing/PrivateScriptTest.idl
+++ b/third_party/WebKit/Source/core/testing/PrivateScriptTest.idl
@@ -35,6 +35,7 @@
    [ImplementedInPrivateScript] void voidMethodThrowsRangeError();
    [ImplementedInPrivateScript] void voidMethodThrowsSyntaxError();
    [ImplementedInPrivateScript] void voidMethodThrowsReferenceError();
+    [ImplementedInPrivateScript] void voidMethodThrowsStackOverflowError();
    [ImplementedInPrivateScript, OnlyExposedToPrivateScript] short addIntegerForPrivateScriptOnly(short value1, short value2);
    [ImplementedInPrivateScript, OnlyExposedToPrivateScript] attribute DOMString stringAttributeForPrivateScriptOnly;
    [ImplementedInPrivateScript] short addIntegerImplementedInCPP(short value1, short value2);

--- a/third_party/WebKit/Source/core/testing/PrivateScriptTest.js
+++ b/third_party/WebKit/Source/core/testing/PrivateScriptTest.js
@@ -143,6 +143,11 @@ installClass("PrivateScriptTest", function(PrivateScriptTestPrototype) {
        throwException(PrivateScriptJSError.ReferenceError, "method threw ReferenceError");
    }

+    PrivateScriptTestPrototype.voidMethodThrowsStackOverflowError = function() {
+        function f() { f(); }
+        f();
+    }
+
    PrivateScriptTestPrototype.addIntegerForPrivateScriptOnly = function(value1, value2) {
        return value1 + value2;
    }