[webkit-changes] [WebKit/WebKit] bc5bcf: [JSC] Inlined functions in OMG may have exception ...
David Degazio
noreply at github.com
Thu May 23 16:28:48 PDT 2024
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: bc5bcf116eef81d7f61706d5e157e921461757ee
https://github.com/WebKit/WebKit/commit/bc5bcf116eef81d7f61706d5e157e921461757ee
Author: David Degazio <d_degazio at apple.com>
Date: 2024-05-23 (Thu, 23 May 2024)
Changed paths:
A JSTests/wasm/stress/inlinee-may-have-exception-handlers.js
A JSTests/wasm/stress/rethrow-should-set-callsite-index.js
A JSTests/wasm/stress/throw-should-set-callsite-index.js
M Source/JavaScriptCore/wasm/WasmCompilationContext.h
M Source/JavaScriptCore/wasm/WasmIRGeneratorHelpers.h
M Source/JavaScriptCore/wasm/WasmOMGIRGenerator.cpp
M Source/JavaScriptCore/wasm/WasmOMGIRGenerator.h
M Source/JavaScriptCore/wasm/WasmOMGPlan.cpp
M Source/JavaScriptCore/wasm/WasmOSREntryPlan.cpp
Log Message:
-----------
[JSC] Inlined functions in OMG may have exception handlers
https://bugs.webkit.org/show_bug.cgi?id=272106
rdar://125181187
Reviewed by Justin Michaud and Yusuke Suzuki.
Primarily fixes a bug where any WebAssembly function inlined in OMG was
assumed to not have exception handlers. We now propagate a reference to
the Wasm::CalleeGroup from the OMGPlan/OSREntryPlan to the B3IRGenerator,
and read the hasExceptionHandlers() property from the inlined function's
callee, similar to how the top-level function's generator is initialized
in the plan.
In addition to this, we also change when we set the callsite index.
Currently we don't set the callsite index for any call or throw outside
of a try block, which means that we might throw with an old callsite
index set, and erroneously catch the exception in a previous block. To
fix this, we now set a bool in the IR generator after a try or catch block
ends, and set the callsite index for the first call/throw after a try/catch
ends.
Finally, consistent with BBQ, we don't write invalid callsite indices
except for during the function prologue (before our first call/throw). We
also don't write the callsite index at all in the case that we are known
to be in a function without exception handlers.
* JSTests/wasm/stress/inlinee-may-have-exception-handlers.js: Added.
(async test):
* JSTests/wasm/stress/rethrow-should-set-callsite-index.js: Added.
(async test):
* JSTests/wasm/stress/throw-should-set-callsite-index.js: Added.
(async test):
* Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::shouldSetCallSiteIndexAfterTry const):
(JSC::Wasm::B3IRGenerator::didSetCallSiteIndexAfterTry):
(JSC::Wasm::B3IRGenerator::B3IRGenerator):
(JSC::Wasm::B3IRGenerator::preparePatchpointForExceptions):
(JSC::Wasm::B3IRGenerator::addThrow):
(JSC::Wasm::B3IRGenerator::addRethrow):
(JSC::Wasm::B3IRGenerator::addEndToUnreachable):
(JSC::Wasm::B3IRGenerator::emitInlineDirectCall):
(JSC::Wasm::parseAndCompileB3):
* Source/JavaScriptCore/wasm/WasmB3IRGenerator.h:
* Source/JavaScriptCore/wasm/WasmIRGeneratorHelpers.h:
(JSC::Wasm::PatchpointExceptionHandle::PatchpointExceptionHandle):
(JSC::Wasm::PatchpointExceptionHandle::generate const):
* Source/JavaScriptCore/wasm/WasmOMGPlan.cpp:
(JSC::Wasm::OMGPlan::work):
* Source/JavaScriptCore/wasm/WasmOSREntryPlan.cpp:
(JSC::Wasm::OSREntryPlan::work):
Originally-landed-as: 272448.917 at safari-7618-branch (1e58c9386ed9). rdar://128572165
Canonical link: https://commits.webkit.org/279242@main
To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications
More information about the webkit-changes
mailing list