Bug 223231

Summary: [WebIDL] Fix convertRecord() to throw on enumerable symbol |key|
Product: WebKit Reporter: Alexey Shvayka <ashvayka>
Component: BindingsAssignee: Alexey Shvayka <ashvayka>
Status: RESOLVED FIXED    
Severity: Trivial CC: cdumez, darin, ews-watchlist, keith_miller, mark.lam, msaboff, saam, sam, tzagallo, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: All   
OS: All   
See Also: https://bugs.webkit.org/show_bug.cgi?id=223219
Attachments:
Description Flags
Patch
none
Patch none

Description Alexey Shvayka 2021-03-15 18:17:50 PDT 
[WebIDL] Fix convertRecord() to throw on enumerable symbol |key|
Comment 1 Alexey Shvayka 2021-03-15 18:25:16 PDT 
Created attachment 423276 [details]
Patch
Comment 2 Darin Adler 2021-03-16 14:30:22 PDT 
Comment on attachment 423276 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=423276&action=review

> Source/WebCore/bindings/js/JSDOMConvertStrings.cpp:38
> +    VM& vm = lexicalGlobalObject.vm();
> +    auto scope = DECLARE_THROW_SCOPE(vm);

Is there any performance benefit to moving this inside the if statement?

> Source/WebCore/bindings/js/JSDOMConvertStrings.cpp:103
> +    if (!string)
> +        return { };

This seems like an unimportant optimization. I would leave it out; the stringToUSVString function can handle the null string without causing any problems. Then this can just be a one-liner. Also, we generally write string.isNull() instead of !string. Not sure why.

    return stringToUSVString(identifierToString(lexicalGlobalObject, identifier));
Comment 3 Alexey Shvayka 2021-03-16 15:24:40 PDT 
Created attachment 423404 [details]
Patch

Add UNLIKELY, move DECLARE_THROW_SCOPE into branch, and make identifierToUSVString() a one-liner.
Comment 4 Alexey Shvayka 2021-03-16 15:25:57 PDT 
(In reply to Darin Adler from comment #2)

Thank you for reviewing convertRecord() changes!

> Is there any performance benefit to moving this inside the if statement?

I've found a few precedents of ThrowScope() created inside a branch, in hot inlined methods.
This won't break validation of exception checks.

Also, added an UNLIKELY, which is merely a compiler hint on how to emits jumps so common case is optimized.

> This seems like an unimportant optimization. I would leave it out; the
> stringToUSVString function can handle the null string without causing any
> problems. Then this can just be a one-liner. Also, we generally write
> string.isNull() instead of !string. Not sure why.
> 
>     return stringToUSVString(identifierToString(lexicalGlobalObject,
> identifier));

Nice, fixed.
Comment 5 EWS 2021-03-17 09:01:44 PDT 
Committed r274561: <https://commits.webkit.org/r274561>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 423404 [details].
Comment 6 Radar WebKit Bug Importer 2021-03-17 09:02:16 PDT 
<rdar://problem/75528251>