[webkit-changes] [WebKit/WebKit] 2e7a7b: Cherry-pick 272448.917 at safari-7618-branch (1e58c93...
David Degazio
noreply at github.com
Tue May 28 17:09:37 PDT 2024
Branch: refs/heads/webkitglib/2.44
Home: https://github.com/WebKit/WebKit
Commit: 2e7a7b504ca22598698b11f3be3257e8042c0b1d
https://github.com/WebKit/WebKit/commit/2e7a7b504ca22598698b11f3be3257e8042c0b1d
Author: David Degazio <d_degazio at apple.com>
Date: 2024-05-28 (Tue, 28 May 2024)
Changed paths:
A JSTests/wasm/stress/inlinee-may-have-exception-handlers.js
A JSTests/wasm/stress/rethrow-should-set-callsite-index.js
A JSTests/wasm/stress/throw-should-set-callsite-index.js
M Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp
M Source/JavaScriptCore/wasm/WasmB3IRGenerator.h
M Source/JavaScriptCore/wasm/WasmIRGeneratorHelpers.h
M Source/JavaScriptCore/wasm/WasmOMGPlan.cpp
M Source/JavaScriptCore/wasm/WasmOSREntryPlan.cpp
Log Message:
-----------
Cherry-pick 272448.917 at safari-7618-branch (1e58c9386ed9). https://bugs.webkit.org/show_bug.cgi?id=272106
[JSC] Inlined functions in OMG may have exception handlers
https://bugs.webkit.org/show_bug.cgi?id=272106
rdar://125181187
Reviewed by Justin Michaud and Yusuke Suzuki.
Primarily fixes a bug where any WebAssembly function inlined in OMG was
assumed to not have exception handlers. We now propagate a reference to
the Wasm::CalleeGroup from the OMGPlan/OSREntryPlan to the B3IRGenerator,
and read the hasExceptionHandlers() property from the inlined function's
callee, similar to how the top-level function's generator is initialized
in the plan.
In addition to this, we also change when we set the callsite index.
Currently we don't set the callsite index for any call or throw outside
of a try block, which means that we might throw with an old callsite
index set, and erroneously catch the exception in a previous block. To
fix this, we now set a bool in the IR generator after a try or catch block
ends, and set the callsite index for the first call/throw after a try/catch
ends.
Finally, consistent with BBQ, we don't write invalid callsite indices
except for during the function prologue (before our first call/throw). We
also don't write the callsite index at all in the case that we are known
to be in a function without exception handlers.
* JSTests/wasm/stress/inlinee-may-have-exception-handlers.js: Added.
(async test):
* JSTests/wasm/stress/rethrow-should-set-callsite-index.js: Added.
(async test):
* JSTests/wasm/stress/throw-should-set-callsite-index.js: Added.
(async test):
* Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::shouldSetCallSiteIndexAfterTry const):
(JSC::Wasm::B3IRGenerator::didSetCallSiteIndexAfterTry):
(JSC::Wasm::B3IRGenerator::B3IRGenerator):
(JSC::Wasm::B3IRGenerator::preparePatchpointForExceptions):
(JSC::Wasm::B3IRGenerator::addThrow):
(JSC::Wasm::B3IRGenerator::addRethrow):
(JSC::Wasm::B3IRGenerator::addEndToUnreachable):
(JSC::Wasm::B3IRGenerator::emitInlineDirectCall):
(JSC::Wasm::parseAndCompileB3):
* Source/JavaScriptCore/wasm/WasmB3IRGenerator.h:
* Source/JavaScriptCore/wasm/WasmIRGeneratorHelpers.h:
(JSC::Wasm::PatchpointExceptionHandle::PatchpointExceptionHandle):
(JSC::Wasm::PatchpointExceptionHandle::generate const):
* Source/JavaScriptCore/wasm/WasmOMGPlan.cpp:
(JSC::Wasm::OMGPlan::work):
* Source/JavaScriptCore/wasm/WasmOSREntryPlan.cpp:
(JSC::Wasm::OSREntryPlan::work):
Canonical link: https://commits.webkit.org/272448.917@safari-7618-branch
Canonical link: https://commits.webkit.org/274313.285@webkitglib/2.44
To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications
More information about the webkit-changes
mailing list