<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[189920] trunk/Source</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/189920">189920</a></dd>
<dt>Author</dt> <dd>saambarati1@gmail.com</dd>
<dt>Date</dt> <dd>2015-09-17 11:30:04 -0700 (Thu, 17 Sep 2015)</dd>
</dl>
<h3>Log Message</h3>
<pre>Interpreter::unwind() shouldn't be responsible for filtering out uncatchable exceptions
https://bugs.webkit.org/show_bug.cgi?id=149228
Reviewed by Mark Lam.
Source/JavaScriptCore:
op_catch is now responsible for filtering exceptions that
aren't catchable. When op_catch encounters an uncatchable
exception, it will call back into genericUnwind and throw
the exception further down the call stack. This is necessary
in a later patch that will implement exception handling
in the DFG, and part of that patch includes exception
handling that doesn't go through genericUnwind. The DFG try/catch
patch will not go through genericUnwind when it knows that
an exception check after a callOperation will be caught inside the
machine frame or any inlined frames. This patch enables that
patch by destroying the notion that all exception handling must
filter through genericUnwind.
This patch maintains compatibility with the debugger and
profiler by ensuring we notify the debugger when an
exception is thrown inside VM::throwException and not
in genericUnwind. It also notifies the profiler that we've
potentially changed call frames inside op_catch.
* debugger/Debugger.cpp:
(JSC::Debugger::pauseIfNeeded):
* interpreter/Interpreter.cpp:
(JSC::unwindCallFrame):
(JSC::getStackFrameCodeType):
(JSC::UnwindFunctor::operator()):
(JSC::Interpreter::unwind):
(JSC::Interpreter::notifyDebuggerOfExceptionToBeThrown):
(JSC::checkedReturn):
* interpreter/Interpreter.h:
(JSC::SuspendExceptionScope::SuspendExceptionScope):
(JSC::SuspendExceptionScope::~SuspendExceptionScope):
(JSC::Interpreter::sampler):
* jit/JIT.h:
* jit/JITInlines.h:
(JSC::JIT::callOperation):
(JSC::JIT::callOperationNoExceptionCheck):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_catch):
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::emit_op_catch):
* jit/JITOperations.cpp:
* jit/JITOperations.h:
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
(JSC::LLInt::llint_throw_stack_overflow_error):
* llint/LLIntSlowPaths.h:
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:
* runtime/ExceptionHelpers.cpp:
(JSC::isTerminatedExecutionException):
* runtime/VM.cpp:
(JSC::VM::throwException):
* runtime/VM.h:
(JSC::VM::targetMachinePCForThrowOffset):
(JSC::VM::restorePreviousException):
(JSC::VM::clearException):
(JSC::VM::clearLastException):
(JSC::VM::exception):
(JSC::VM::addressOfException):
(JSC::VM::setException):
Source/WebCore:
No new tests, already covered by current tests. This is not an observable behavior change.
* bindings/js/JSNodeFilterCustom.cpp:
(WebCore::JSNodeFilter::acceptNode):</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceJavaScriptCoreChangeLog">trunk/Source/JavaScriptCore/ChangeLog</a></li>
<li><a href="#trunkSourceJavaScriptCoredebuggerDebuggercpp">trunk/Source/JavaScriptCore/debugger/Debugger.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreinterpreterInterpretercpp">trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreinterpreterInterpreterh">trunk/Source/JavaScriptCore/interpreter/Interpreter.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITh">trunk/Source/JavaScriptCore/jit/JIT.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITInlinesh">trunk/Source/JavaScriptCore/jit/JITInlines.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITOpcodescpp">trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITOpcodes32_64cpp">trunk/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITOperationscpp">trunk/Source/JavaScriptCore/jit/JITOperations.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITOperationsh">trunk/Source/JavaScriptCore/jit/JITOperations.h</a></li>
<li><a href="#trunkSourceJavaScriptCorellintLLIntSlowPathscpp">trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorellintLLIntSlowPathsh">trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.h</a></li>
<li><a href="#trunkSourceJavaScriptCorellintLowLevelInterpreter32_64asm">trunk/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm</a></li>
<li><a href="#trunkSourceJavaScriptCorellintLowLevelInterpreter64asm">trunk/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeExceptionHelperscpp">trunk/Source/JavaScriptCore/runtime/ExceptionHelpers.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeVMcpp">trunk/Source/JavaScriptCore/runtime/VM.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeVMh">trunk/Source/JavaScriptCore/runtime/VM.h</a></li>
<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>
<li><a href="#trunkSourceWebCorebindingsjsJSNodeFilterCustomcpp">trunk/Source/WebCore/bindings/js/JSNodeFilterCustom.cpp</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceJavaScriptCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ChangeLog (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ChangeLog 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/JavaScriptCore/ChangeLog 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -1,3 +1,71 @@
</span><ins>+2015-09-17 Saam barati <sbarati@apple.com>
+
+ Interpreter::unwind() shouldn't be responsible for filtering out uncatchable exceptions
+ https://bugs.webkit.org/show_bug.cgi?id=149228
+
+ Reviewed by Mark Lam.
+
+ op_catch is now responsible for filtering exceptions that
+ aren't catchable. When op_catch encounters an uncatchable
+ exception, it will call back into genericUnwind and throw
+ the exception further down the call stack. This is necessary
+ in a later patch that will implement exception handling
+ in the DFG, and part of that patch includes exception
+ handling that doesn't go through genericUnwind. The DFG try/catch
+ patch will not go through genericUnwind when it knows that
+ an exception check after a callOperation will be caught inside the
+ machine frame or any inlined frames. This patch enables that
+ patch by destroying the notion that all exception handling must
+ filter through genericUnwind.
+
+ This patch maintains compatibility with the debugger and
+ profiler by ensuring we notify the debugger when an
+ exception is thrown inside VM::throwException and not
+ in genericUnwind. It also notifies the profiler that we've
+ potentially changed call frames inside op_catch.
+
+ * debugger/Debugger.cpp:
+ (JSC::Debugger::pauseIfNeeded):
+ * interpreter/Interpreter.cpp:
+ (JSC::unwindCallFrame):
+ (JSC::getStackFrameCodeType):
+ (JSC::UnwindFunctor::operator()):
+ (JSC::Interpreter::unwind):
+ (JSC::Interpreter::notifyDebuggerOfExceptionToBeThrown):
+ (JSC::checkedReturn):
+ * interpreter/Interpreter.h:
+ (JSC::SuspendExceptionScope::SuspendExceptionScope):
+ (JSC::SuspendExceptionScope::~SuspendExceptionScope):
+ (JSC::Interpreter::sampler):
+ * jit/JIT.h:
+ * jit/JITInlines.h:
+ (JSC::JIT::callOperation):
+ (JSC::JIT::callOperationNoExceptionCheck):
+ * jit/JITOpcodes.cpp:
+ (JSC::JIT::emit_op_catch):
+ * jit/JITOpcodes32_64.cpp:
+ (JSC::JIT::emit_op_catch):
+ * jit/JITOperations.cpp:
+ * jit/JITOperations.h:
+ * llint/LLIntSlowPaths.cpp:
+ (JSC::LLInt::LLINT_SLOW_PATH_DECL):
+ (JSC::LLInt::llint_throw_stack_overflow_error):
+ * llint/LLIntSlowPaths.h:
+ * llint/LowLevelInterpreter32_64.asm:
+ * llint/LowLevelInterpreter64.asm:
+ * runtime/ExceptionHelpers.cpp:
+ (JSC::isTerminatedExecutionException):
+ * runtime/VM.cpp:
+ (JSC::VM::throwException):
+ * runtime/VM.h:
+ (JSC::VM::targetMachinePCForThrowOffset):
+ (JSC::VM::restorePreviousException):
+ (JSC::VM::clearException):
+ (JSC::VM::clearLastException):
+ (JSC::VM::exception):
+ (JSC::VM::addressOfException):
+ (JSC::VM::setException):
+
</ins><span class="cx"> 2015-09-17 Sukolsak Sakshuwong <sukolsak@gmail.com>
</span><span class="cx">
</span><span class="cx"> Calling a float function on x86 in WebAssembly incorrectly returns a double
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredebuggerDebuggercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/debugger/Debugger.cpp (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/debugger/Debugger.cpp 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/JavaScriptCore/debugger/Debugger.cpp 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -625,6 +625,7 @@
</span><span class="cx"> {
</span><span class="cx"> PauseReasonDeclaration reason(*this, didHitBreakpoint ? PausedForBreakpoint : m_reasonForPause);
</span><span class="cx"> handlePause(vmEntryGlobalObject, m_reasonForPause);
</span><ins>+ RELEASE_ASSERT(!callFrame->hadException());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> m_pausingBreakpointID = noBreakpointID;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreinterpreterInterpretercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -448,7 +448,8 @@
</span><span class="cx"> ASSERT(!callFrame->hadException());
</span><span class="cx"> }
</span><span class="cx">
</span><del>- return !visitor->callerIsVMEntryFrame();
</del><ins>+ bool shouldContinueUnwinding = !visitor->callerIsVMEntryFrame();
+ return shouldContinueUnwinding;
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> static StackFrameCodeType getStackFrameCodeType(StackVisitor& visitor)
</span><span class="lines">@@ -646,17 +647,24 @@
</span><span class="cx"> m_codeBlock = visitor->codeBlock();
</span><span class="cx"> unsigned bytecodeOffset = visitor->bytecodeOffset();
</span><span class="cx">
</span><del>- if (m_isTermination || !(m_handler = (m_codeBlock && !isWebAssemblyExecutable(m_codeBlock->ownerExecutable())) ? m_codeBlock->handlerForBytecodeOffset(bytecodeOffset) : nullptr)) {
- if (!unwindCallFrame(visitor)) {
- if (LegacyProfiler* profiler = vm.enabledProfiler())
- profiler->exceptionUnwind(m_callFrame);
</del><ins>+ m_handler = nullptr;
+ if (!m_isTermination) {
+ if (m_codeBlock && !isWebAssemblyExecutable(m_codeBlock->ownerExecutable()))
+ m_handler = m_codeBlock->handlerForBytecodeOffset(bytecodeOffset);
+ }
</ins><span class="cx">
</span><del>- copyCalleeSavesToVMCalleeSavesBuffer(visitor);
</del><ins>+ if (m_handler)
+ return StackVisitor::Done;
</ins><span class="cx">
</span><del>- return StackVisitor::Done;
- }
- } else
</del><ins>+ bool shouldContinueUnwinding = unwindCallFrame(visitor);
+ if (!shouldContinueUnwinding) {
+ if (LegacyProfiler* profiler = vm.enabledProfiler())
+ profiler->exceptionUnwind(m_callFrame);
+
+ copyCalleeSavesToVMCalleeSavesBuffer(visitor);
+
</ins><span class="cx"> return StackVisitor::Done;
</span><ins>+ }
</ins><span class="cx">
</span><span class="cx"> copyCalleeSavesToVMCalleeSavesBuffer(visitor);
</span><span class="cx">
</span><span class="lines">@@ -716,7 +724,6 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> CodeBlock* codeBlock = callFrame->codeBlock();
</span><del>- bool isTermination = false;
</del><span class="cx">
</span><span class="cx"> JSValue exceptionValue = exception->value();
</span><span class="cx"> ASSERT(!exceptionValue.isEmpty());
</span><span class="lines">@@ -726,16 +733,23 @@
</span><span class="cx"> if (exceptionValue.isEmpty() || (exceptionValue.isCell() && !exceptionValue.asCell()))
</span><span class="cx"> exceptionValue = jsNull();
</span><span class="cx">
</span><del>- if (exceptionValue.isObject())
- isTermination = isTerminatedExecutionException(exception);
-
</del><span class="cx"> ASSERT(vm.exception() && vm.exception()->stack().size());
</span><span class="cx">
</span><ins>+ // Calculate an exception handler vPC, unwinding call frames as necessary.
+ HandlerInfo* handler = nullptr;
+ UnwindFunctor functor(callFrame, isTerminatedExecutionException(exception), codeBlock, handler);
+ callFrame->iterate(functor);
+ if (!handler)
+ return nullptr;
+
+ return handler;
+}
+
+void Interpreter::notifyDebuggerOfExceptionToBeThrown(CallFrame* callFrame, Exception* exception)
+{
+ bool isTermination = isTerminatedExecutionException(exception);
</ins><span class="cx"> Debugger* debugger = callFrame->vmEntryGlobalObject()->debugger();
</span><span class="cx"> if (debugger && debugger->needsExceptionCallbacks() && !exception->didNotifyInspectorOfThrow()) {
</span><del>- // We need to clear the exception here in order to see if a new exception happens.
- // Afterwards, the values are put back to continue processing this error.
- SuspendExceptionScope scope(&vm);
</del><span class="cx"> // This code assumes that if the debugger is enabled then there is no inlining.
</span><span class="cx"> // If that assumption turns out to be false then we'll ignore the inlined call
</span><span class="cx"> // frames.
</span><span class="lines">@@ -752,22 +766,9 @@
</span><span class="cx"> hasCatchHandler = !!handler;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- debugger->exception(callFrame, exceptionValue, hasCatchHandler);
- ASSERT(!callFrame->hadException());
</del><ins>+ debugger->exception(callFrame, exception->value(), hasCatchHandler);
</ins><span class="cx"> }
</span><span class="cx"> exception->setDidNotifyInspectorOfThrow();
</span><del>-
- // Calculate an exception handler vPC, unwinding call frames as necessary.
- HandlerInfo* handler = nullptr;
- UnwindFunctor functor(callFrame, isTermination, codeBlock, handler);
- callFrame->iterate(functor);
- if (!handler)
- return nullptr;
-
- if (LegacyProfiler* profiler = vm.enabledProfiler())
- profiler->exceptionUnwind(callFrame);
-
- return handler;
</del><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> static inline JSValue checkedReturn(JSValue returnValue)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreinterpreterInterpreterh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/interpreter/Interpreter.h (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/interpreter/Interpreter.h 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/JavaScriptCore/interpreter/Interpreter.h 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -116,7 +116,7 @@
</span><span class="cx"> }
</span><span class="cx"> ~SuspendExceptionScope()
</span><span class="cx"> {
</span><del>- m_vm->setException(oldException);
</del><ins>+ m_vm->restorePreviousException(oldException);
</ins><span class="cx"> }
</span><span class="cx"> private:
</span><span class="cx"> Exception* oldException;
</span><span class="lines">@@ -226,6 +226,7 @@
</span><span class="cx"> SamplingTool* sampler() { return m_sampler.get(); }
</span><span class="cx">
</span><span class="cx"> NEVER_INLINE HandlerInfo* unwind(VM&, CallFrame*&, Exception*, UnwindStart);
</span><ins>+ void notifyDebuggerOfExceptionToBeThrown(CallFrame*, Exception*);
</ins><span class="cx"> NEVER_INLINE void debug(CallFrame*, DebugHookID);
</span><span class="cx"> JSString* stackTraceAsString(ExecState*, Vector<StackFrame>);
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JIT.h (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JIT.h 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/JavaScriptCore/jit/JIT.h 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -776,6 +776,7 @@
</span><span class="cx"> MacroAssembler::Call callOperation(V_JITOperation_EZSymtabJ, int, SymbolTable*, RegisterID);
</span><span class="cx"> MacroAssembler::Call callOperation(J_JITOperation_EZSymtabJ, int, SymbolTable*, RegisterID);
</span><span class="cx"> MacroAssembler::Call callOperation(V_JITOperation_EJ, RegisterID);
</span><ins>+ MacroAssembler::Call callOperationNoExceptionCheck(Z_JITOperation_E);
</ins><span class="cx"> #if USE(JSVALUE64)
</span><span class="cx"> MacroAssembler::Call callOperationNoExceptionCheck(V_JITOperation_EJ, RegisterID);
</span><span class="cx"> #else
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITInlinesh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITInlines.h (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITInlines.h 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/JavaScriptCore/jit/JITInlines.h 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -201,6 +201,13 @@
</span><span class="cx"> return appendCallWithExceptionCheck(operation);
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+ALWAYS_INLINE MacroAssembler::Call JIT::callOperationNoExceptionCheck(Z_JITOperation_E operation)
+{
+ setupArgumentsExecState();
+ updateTopCallFrame();
+ return appendCall(operation);
+}
+
</ins><span class="cx"> ALWAYS_INLINE MacroAssembler::Call JIT::callOperation(C_JITOperation_E operation)
</span><span class="cx"> {
</span><span class="cx"> setupArgumentsExecState();
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITOpcodescpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -504,6 +504,12 @@
</span><span class="cx">
</span><span class="cx"> addPtr(TrustedImm32(stackPointerOffsetFor(codeBlock()) * sizeof(Register)), callFrameRegister, stackPointerRegister);
</span><span class="cx">
</span><ins>+ callOperationNoExceptionCheck(operationCheckIfExceptionIsUncatchableAndNotifyProfiler);
+ Jump isCatchableException = branchTest32(Zero, returnValueGPR);
+ jumpToExceptionHandler();
+ isCatchableException.link(this);
+
+ move(TrustedImmPtr(m_vm), regT3);
</ins><span class="cx"> load64(Address(regT3, VM::exceptionOffset()), regT0);
</span><span class="cx"> store64(TrustedImm64(JSValue::encode(JSValue())), Address(regT3, VM::exceptionOffset()));
</span><span class="cx"> emitPutVirtualRegister(currentInstruction[1].u.operand);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITOpcodes32_64cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -810,6 +810,13 @@
</span><span class="cx">
</span><span class="cx"> addPtr(TrustedImm32(stackPointerOffsetFor(codeBlock()) * sizeof(Register)), callFrameRegister, stackPointerRegister);
</span><span class="cx">
</span><ins>+ callOperationNoExceptionCheck(operationCheckIfExceptionIsUncatchableAndNotifyProfiler);
+ Jump isCatchableException = branchTest32(Zero, returnValueGPR);
+ jumpToExceptionHandler();
+ isCatchableException.link(this);
+
+ move(TrustedImmPtr(m_vm), regT3);
+
</ins><span class="cx"> // Now store the exception returned by operationThrow.
</span><span class="cx"> load32(Address(regT3, VM::exceptionOffset()), regT2);
</span><span class="cx"> move(TrustedImm32(JSValue::CellTag), regT1);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITOperationscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITOperations.cpp (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITOperations.cpp 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/JavaScriptCore/jit/JITOperations.cpp 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -2135,6 +2135,22 @@
</span><span class="cx"> exec->vm().typeProfilerLog()->processLogEntries(ASCIILiteral("Log Full, called from inside baseline JIT"));
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+int32_t JIT_OPERATION operationCheckIfExceptionIsUncatchableAndNotifyProfiler(ExecState* exec)
+{
+ VM& vm = exec->vm();
+ NativeCallFrameTracer tracer(&vm, exec);
+ RELEASE_ASSERT(!!vm.exception());
+
+ if (LegacyProfiler* profiler = vm.enabledProfiler())
+ profiler->exceptionUnwind(exec);
+
+ if (isTerminatedExecutionException(vm.exception())) {
+ genericUnwind(&vm, exec);
+ return 1;
+ } else
+ return 0;
+}
+
</ins><span class="cx"> } // extern "C"
</span><span class="cx">
</span><span class="cx"> // Note: getHostCallReturnValueWithExecState() needs to be placed before the
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITOperationsh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITOperations.h (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITOperations.h 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/JavaScriptCore/jit/JITOperations.h 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -357,6 +357,8 @@
</span><span class="cx">
</span><span class="cx"> void JIT_OPERATION operationExceptionFuzz(ExecState*);
</span><span class="cx">
</span><ins>+int32_t JIT_OPERATION operationCheckIfExceptionIsUncatchableAndNotifyProfiler(ExecState*);
+
</ins><span class="cx"> EncodedJSValue JIT_OPERATION operationHasGenericProperty(ExecState*, EncodedJSValue, JSCell*);
</span><span class="cx"> EncodedJSValue JIT_OPERATION operationHasIndexedProperty(ExecState*, JSCell*, int32_t);
</span><span class="cx"> JSCell* JIT_OPERATION operationGetPropertyEnumerator(ExecState*, JSCell*);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorellintLLIntSlowPathscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -1454,6 +1454,19 @@
</span><span class="cx"> LLINT_END();
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+LLINT_SLOW_PATH_DECL(slow_path_check_if_exception_is_uncatchable_and_notify_profiler)
+{
+ LLINT_BEGIN();
+ RELEASE_ASSERT(!!vm.exception());
+
+ if (LegacyProfiler* profiler = vm.enabledProfiler())
+ profiler->exceptionUnwind(exec);
+
+ if (isTerminatedExecutionException(vm.exception()))
+ LLINT_RETURN_TWO(pc, bitwise_cast<void*>(static_cast<uintptr_t>(1)));
+ LLINT_RETURN_TWO(pc, 0);
+}
+
</ins><span class="cx"> extern "C" SlowPathReturnType llint_throw_stack_overflow_error(VM* vm, ProtoCallFrame* protoFrame)
</span><span class="cx"> {
</span><span class="cx"> ExecState* exec = vm->topCallFrame;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorellintLLIntSlowPathsh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.h (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.h 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.h 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -118,6 +118,7 @@
</span><span class="cx"> LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_handle_exception);
</span><span class="cx"> LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_get_from_scope);
</span><span class="cx"> LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_put_to_scope);
</span><ins>+LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_check_if_exception_is_uncatchable_and_notify_profiler);
</ins><span class="cx"> extern "C" SlowPathReturnType llint_throw_stack_overflow_error(VM*, ProtoCallFrame*) WTF_INTERNAL;
</span><span class="cx"> #if !ENABLE(JIT)
</span><span class="cx"> extern "C" SlowPathReturnType llint_stack_check_at_vm_entry(VM*, Register*) WTF_INTERNAL;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorellintLowLevelInterpreter32_64asm"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -1840,6 +1840,16 @@
</span><span class="cx"> restoreStackPointerAfterCall()
</span><span class="cx">
</span><span class="cx"> loadi VM::targetInterpreterPCForThrow[t3], PC
</span><ins>+
+ callSlowPath(_llint_slow_path_check_if_exception_is_uncatchable_and_notify_profiler)
+ bpeq r1, 0, .isCatchableException
+ jmp _llint_throw_from_slow_path_trampoline
+
+.isCatchableException:
+ loadp Callee + PayloadOffset[cfr], t3
+ andp MarkedBlockMask, t3
+ loadp MarkedBlock::m_weakSet + WeakSet::m_vm[t3], t3
+
</ins><span class="cx"> loadi VM::m_exception[t3], t0
</span><span class="cx"> storei 0, VM::m_exception[t3]
</span><span class="cx"> loadi 4[PC], t2
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorellintLowLevelInterpreter64asm"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -1731,6 +1731,15 @@
</span><span class="cx"> subp PB, PC
</span><span class="cx"> rshiftp 3, PC
</span><span class="cx">
</span><ins>+ callSlowPath(_llint_slow_path_check_if_exception_is_uncatchable_and_notify_profiler)
+ bpeq r1, 0, .isCatchableException
+ jmp _llint_throw_from_slow_path_trampoline
+
+.isCatchableException:
+ loadp Callee[cfr], t3
+ andp MarkedBlockMask, t3
+ loadp MarkedBlock::m_weakSet + WeakSet::m_vm[t3], t3
+
</ins><span class="cx"> loadq VM::m_exception[t3], t0
</span><span class="cx"> storeq 0, VM::m_exception[t3]
</span><span class="cx"> loadisFromInstruction(1, t2)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeExceptionHelperscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/ExceptionHelpers.cpp (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/ExceptionHelpers.cpp 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/JavaScriptCore/runtime/ExceptionHelpers.cpp 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -62,6 +62,9 @@
</span><span class="cx">
</span><span class="cx"> bool isTerminatedExecutionException(Exception* exception)
</span><span class="cx"> {
</span><ins>+ if (!exception->value().isObject())
+ return false;
+
</ins><span class="cx"> return exception->value().inherits(TerminatedExecutionError::info());
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeVMcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/VM.cpp (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/VM.cpp 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/JavaScriptCore/runtime/VM.cpp 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -531,8 +531,11 @@
</span><span class="cx"> dataLog("In call frame ", RawPointer(exec), " for code block ", *exec->codeBlock(), "\n");
</span><span class="cx"> CRASH();
</span><span class="cx"> }
</span><del>-
</del><ins>+
</ins><span class="cx"> ASSERT(exec == topCallFrame || exec == exec->lexicalGlobalObject()->globalExec() || exec == exec->vmEntryGlobalObject()->globalExec());
</span><ins>+
+ interpreter->notifyDebuggerOfExceptionToBeThrown(exec, exception);
+
</ins><span class="cx"> setException(exception);
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeVMh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/VM.h (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/VM.h 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/JavaScriptCore/runtime/VM.h 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -402,15 +402,11 @@
</span><span class="cx"> return OBJECT_OFFSETOF(VM, targetMachinePCForThrow);
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+ void restorePreviousException(Exception* exception) { setException(exception); }
+
</ins><span class="cx"> void clearException() { m_exception = nullptr; }
</span><span class="cx"> void clearLastException() { m_lastException = nullptr; }
</span><span class="cx">
</span><del>- void setException(Exception* exception)
- {
- m_exception = exception;
- m_lastException = exception;
- }
-
</del><span class="cx"> Exception* exception() const { return m_exception; }
</span><span class="cx"> JSCell** addressOfException() { return reinterpret_cast<JSCell**>(&m_exception); }
</span><span class="cx">
</span><span class="lines">@@ -589,6 +585,12 @@
</span><span class="cx">
</span><span class="cx"> void updateStackLimit();
</span><span class="cx">
</span><ins>+ void setException(Exception* exception)
+ {
+ m_exception = exception;
+ m_lastException = exception;
+ }
+
</ins><span class="cx"> #if ENABLE(ASSEMBLER)
</span><span class="cx"> bool m_canUseAssembler;
</span><span class="cx"> #endif
</span></span></pre></div>
<a id="trunkSourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/ChangeLog 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/WebCore/ChangeLog 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -1,3 +1,15 @@
</span><ins>+2015-09-17 Saam barati <sbarati@apple.com>
+
+ Interpreter::unwind() shouldn't be responsible for filtering out uncatchable exceptions
+ https://bugs.webkit.org/show_bug.cgi?id=149228
+
+ Reviewed by Mark Lam.
+
+ No new tests, already covered by current tests. This is not an observable behavior change.
+
+ * bindings/js/JSNodeFilterCustom.cpp:
+ (WebCore::JSNodeFilter::acceptNode):
+
</ins><span class="cx"> 2015-09-17 Zalan Bujtas <zalan@apple.com>
</span><span class="cx">
</span><span class="cx"> column-rule-style: outset/inset doesn't work
</span></span></pre></div>
<a id="trunkSourceWebCorebindingsjsJSNodeFilterCustomcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/bindings/js/JSNodeFilterCustom.cpp (189919 => 189920)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/bindings/js/JSNodeFilterCustom.cpp 2015-09-17 18:22:56 UTC (rev 189919)
+++ trunk/Source/WebCore/bindings/js/JSNodeFilterCustom.cpp 2015-09-17 18:30:04 UTC (rev 189920)
</span><span class="lines">@@ -53,7 +53,7 @@
</span><span class="cx"> JSValue value = m_data->invokeCallback(args, JSCallbackData::CallbackType::FunctionOrObject, Identifier::fromString(exec, "acceptNode"), returnedException);
</span><span class="cx"> if (returnedException) {
</span><span class="cx"> // Rethrow exception.
</span><del>- exec->vm().setException(returnedException);
</del><ins>+ exec->vm().throwException(exec, returnedException);
</ins><span class="cx">
</span><span class="cx"> return NodeFilter::FILTER_REJECT;
</span><span class="cx"> }
</span></span></pre>
</div>
</div>
</body>
</html>