WebKit Bugzilla
Attachment 348021 Details for
Bug 188577
: Fix exception throwing code so that topCallFrame and topEntryFrame stay true to their names.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
patch for EWS testing.
temp.patch (text/plain), 66.85 KB, created by
Mark Lam
on 2018-08-24 10:33:29 PDT
(
hide
)
Description:
patch for EWS testing.
Filename:
MIME Type:
Creator:
Mark Lam
Created:
2018-08-24 10:33:29 PDT
Size:
66.85 KB
patch
obsolete
>Index: JSTests/ChangeLog >=================================================================== >--- JSTests/ChangeLog (revision 235254) >+++ JSTests/ChangeLog (working copy) >@@ -1,3 +1,13 @@ >+2018-08-23 Mark Lam <mark.lam@apple.com> >+ >+ Fix exception throwing code so that topCallFrame and topEntryFrame stay true to their names. >+ https://bugs.webkit.org/show_bug.cgi?id=188577 >+ <rdar://problem/42985684> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * stress/regress-188577.js: Added. >+ > 2018-08-22 Saam barati <sbarati@apple.com> > > Make data-view-access.js run less time to prevent timeouts on 32-bit >Index: JSTests/stress/regress-188577.js >=================================================================== >--- JSTests/stress/regress-188577.js (nonexistent) >+++ JSTests/stress/regress-188577.js (working copy) >@@ -0,0 +1,20 @@ >+//@ requireOptions("--maxPerThreadStackUsage=262144") >+ >+var exception; >+try { >+ var i = 25000; >+ var args = []; >+ var v3; >+ while (i--) >+ args[i] = "a"; >+ var argsList = args.join(); >+ setter = Function(argsList, ""); >+ Object.defineProperty(args, '0', {set: setter}); >+ args.sort(); >+ >+} catch (e) { >+ exception = e; >+} >+ >+if (exception != "RangeError: Maximum call stack size exceeded.") >+ throw "FAILED"; >Index: Source/JavaScriptCore/ChangeLog >=================================================================== >--- Source/JavaScriptCore/ChangeLog (revision 235254) >+++ Source/JavaScriptCore/ChangeLog (working copy) >@@ -1,3 +1,80 @@ >+2018-08-23 Mark Lam <mark.lam@apple.com> >+ >+ Fix exception throwing code so that topCallFrame and topEntryFrame stay true to their names. >+ https://bugs.webkit.org/show_bug.cgi?id=188577 >+ <rdar://problem/42985684> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * JavaScriptCore.xcodeproj/project.pbxproj: >+ * CMakeLists.txt: >+ * Sources.txt: >+ * debugger/Debugger.cpp: >+ (JSC::Debugger::pauseIfNeeded): >+ * interpreter/CallFrame.cpp: >+ (JSC::CallFrame::vmEntryGlobalObject): >+ (JSC::CallFrame::callerFrame const): >+ (JSC::CallFrame::unsafeCallerFrame const): >+ (JSC::CallFrame::convertToSkipFrame): >+ (JSC::CallFrame::isSkipFrame const): >+ (JSC::CallFrame::callerFrame): Deleted. >+ (JSC::CallFrame::unsafeCallerFrame): Deleted. >+ * interpreter/CallFrame.h: >+ (JSC::ExecState::noCaller): >+ (JSC::ExecState::isGlobalExec const): >+ (JSC::ExecState::iterate): >+ * interpreter/EntryFrame.h: Added. >+ (JSC::EntryFrame::vmEntryRecordOffset): >+ (JSC::EntryFrame::calleeSaveRegistersBufferOffset): >+ * interpreter/FrameTracers.h: >+ (JSC::NativeCallFrameTracerWithRestore::NativeCallFrameTracerWithRestore): Deleted. >+ (JSC::NativeCallFrameTracerWithRestore::~NativeCallFrameTracerWithRestore): Deleted. >+ * interpreter/Interpreter.cpp: >+ (JSC::Interpreter::unwind): >+ (JSC::Interpreter::notifyDebuggerOfExceptionToBeThrown): >+ * interpreter/Interpreter.h: >+ * interpreter/StackVisitor.cpp: >+ (JSC::StackVisitor::StackVisitor): >+ * interpreter/StackVisitor.h: >+ (JSC::StackVisitor::visit): >+ (JSC::StackVisitor::topEntryFrameIsEmpty const): >+ * interpreter/VMEntryRecord.h: >+ (JSC::EntryFrame::vmEntryRecordOffset): Deleted. >+ (JSC::EntryFrame::calleeSaveRegistersBufferOffset): Deleted. >+ * jit/AssemblyHelpers.h: >+ * jit/JITExceptions.cpp: >+ (JSC::genericUnwind): >+ * jit/JITExceptions.h: >+ * jit/JITOperations.cpp: >+ * llint/LLIntOffsetsExtractor.cpp: >+ * llint/LLIntSlowPaths.cpp: >+ (JSC::LLInt::LLINT_SLOW_PATH_DECL): >+ * llint/LowLevelInterpreter.asm: >+ * llint/LowLevelInterpreter32_64.asm: >+ * llint/LowLevelInterpreter64.asm: >+ * runtime/CommonSlowPaths.cpp: >+ (JSC::slowPathThrowStackOverflowError): >+ (JSC::SLOW_PATH_DECL): >+ * runtime/CommonSlowPathsExceptions.cpp: Removed. >+ * runtime/CommonSlowPathsExceptions.h: Removed. >+ * runtime/Error.cpp: >+ (JSC::getStackTrace): >+ * runtime/ExceptionHelpers.cpp: >+ (JSC::createStackOverflowError): >+ * runtime/JSGeneratorFunction.h: >+ * runtime/JSGlobalObject.cpp: >+ (JSC::JSGlobalObject::init): >+ (JSC::JSGlobalObject::visitChildren): >+ * runtime/JSGlobalObject.h: >+ (JSC::JSGlobalObject::skipFrameCallee const): >+ * runtime/VM.cpp: >+ (JSC::VM::throwException): >+ (JSC::VM::callerGlobalObjectForThrow const): >+ (JSC::VM::vmEntryGlobalObject const): >+ * runtime/VM.h: >+ * runtime/VMInlines.h: >+ (JSC::VM::topJSCallFrame const): >+ > 2018-08-23 Mark Lam <mark.lam@apple.com> > > Move vmEntryGlobalObject() to VM from CallFrame. >Index: Source/JavaScriptCore/CMakeLists.txt >=================================================================== >--- Source/JavaScriptCore/CMakeLists.txt (revision 235254) >+++ Source/JavaScriptCore/CMakeLists.txt (working copy) >@@ -611,7 +611,9 @@ set(JavaScriptCore_PRIVATE_FRAMEWORK_HEA > > interpreter/AbstractPC.h > interpreter/CallFrame.h >+ interpreter/CallFrameInlines.h > interpreter/CalleeBits.h >+ interpreter/EntryFrame.h > interpreter/FrameTracers.h > interpreter/Register.h > interpreter/ShadowChicken.h >Index: Source/JavaScriptCore/Sources.txt >=================================================================== >--- Source/JavaScriptCore/Sources.txt (revision 235254) >+++ Source/JavaScriptCore/Sources.txt (working copy) >@@ -715,7 +715,6 @@ runtime/CodeCache.cpp > runtime/CodeSpecializationKind.cpp > runtime/CommonIdentifiers.cpp > runtime/CommonSlowPaths.cpp >-runtime/CommonSlowPathsExceptions.cpp > runtime/CompilationResult.cpp > tools/CompilerTimingScope.cpp > runtime/Completion.cpp >Index: Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj >=================================================================== >--- Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj (revision 235254) >+++ Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj (working copy) >@@ -1076,7 +1076,6 @@ > 6511230714046B0A002B101D /* testRegExp.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 651122E5140469BA002B101D /* testRegExp.cpp */; }; > 6514F21918B3E1670098FF8B /* Bytecodes.h in Headers */ = {isa = PBXBuildFile; fileRef = 6514F21718B3E1670098FF8B /* Bytecodes.h */; settings = {ATTRIBUTES = (Private, ); }; }; > 65303D641447B9E100D3F904 /* ParserTokens.h in Headers */ = {isa = PBXBuildFile; fileRef = 65303D631447B9E100D3F904 /* ParserTokens.h */; settings = {ATTRIBUTES = (Private, ); }; }; >- 6553A33217A1F1EE008CF6F3 /* CommonSlowPathsExceptions.h in Headers */ = {isa = PBXBuildFile; fileRef = 6553A33017A1F1EE008CF6F3 /* CommonSlowPathsExceptions.h */; }; > 65570F5A1AA4C3EA009B3C23 /* Regress141275.mm in Sources */ = {isa = PBXBuildFile; fileRef = 65570F591AA4C00A009B3C23 /* Regress141275.mm */; }; > 657CF45919BF6662004ACBF2 /* JSCallee.h in Headers */ = {isa = PBXBuildFile; fileRef = 657CF45719BF6662004ACBF2 /* JSCallee.h */; settings = {ATTRIBUTES = (Private, ); }; }; > 658824AF1E5CFDB000FB7359 /* ConfigFile.h in Headers */ = {isa = PBXBuildFile; fileRef = 658824AE1E5CFDB000FB7359 /* ConfigFile.h */; settings = {ATTRIBUTES = (Private, ); }; }; >@@ -1749,6 +1748,7 @@ > E49DC16C12EF294E00184A1F /* SourceProviderCache.h in Headers */ = {isa = PBXBuildFile; fileRef = E49DC15112EF272200184A1F /* SourceProviderCache.h */; settings = {ATTRIBUTES = (Private, ); }; }; > E49DC16D12EF295300184A1F /* SourceProviderCacheItem.h in Headers */ = {isa = PBXBuildFile; fileRef = E49DC14912EF261A00184A1F /* SourceProviderCacheItem.h */; settings = {ATTRIBUTES = (Private, ); }; }; > FE05FAFD1FE4CEDA00093230 /* DeprecatedInspectorValues.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 992D6A111FBD491D000245F4 /* DeprecatedInspectorValues.cpp */; }; >+ FE086BCA2123DEFB003F2929 /* EntryFrame.h in Headers */ = {isa = PBXBuildFile; fileRef = FE086BC92123DEFA003F2929 /* EntryFrame.h */; settings = {ATTRIBUTES = (Private, ); }; }; > FE0D4A061AB8DD0A002F54BF /* ExecutionTimeLimitTest.cpp in Sources */ = {isa = PBXBuildFile; fileRef = FE0D4A041AB8DD0A002F54BF /* ExecutionTimeLimitTest.cpp */; }; > FE0D4A091ABA2437002F54BF /* GlobalContextWithFinalizerTest.cpp in Sources */ = {isa = PBXBuildFile; fileRef = FE0D4A071ABA2437002F54BF /* GlobalContextWithFinalizerTest.cpp */; }; > FE10AAEB1F44D528009DEDC5 /* ProbeStack.h in Headers */ = {isa = PBXBuildFile; fileRef = FE10AAEA1F44D512009DEDC5 /* ProbeStack.h */; settings = {ATTRIBUTES = (Private, ); }; }; >@@ -1800,6 +1800,7 @@ > FEA08620182B7A0400F6D851 /* Breakpoint.h in Headers */ = {isa = PBXBuildFile; fileRef = FEA0861E182B7A0400F6D851 /* Breakpoint.h */; settings = {ATTRIBUTES = (Private, ); }; }; > FEA08621182B7A0400F6D851 /* DebuggerPrimitives.h in Headers */ = {isa = PBXBuildFile; fileRef = FEA0861F182B7A0400F6D851 /* DebuggerPrimitives.h */; settings = {ATTRIBUTES = (Private, ); }; }; > FEA0C4031CDD7D1D00481991 /* FunctionWhitelist.h in Headers */ = {isa = PBXBuildFile; fileRef = FEA0C4011CDD7D0E00481991 /* FunctionWhitelist.h */; }; >+ FEA3BBA8212B655900E93AD1 /* CallFrameInlines.h in Headers */ = {isa = PBXBuildFile; fileRef = FEA3BBA7212B655800E93AD1 /* CallFrameInlines.h */; settings = {ATTRIBUTES = (Private, ); }; }; > FEA3BBAC212C97CB00E93AD1 /* DFGCFG.h in Headers */ = {isa = PBXBuildFile; fileRef = FEA3BBAB212C97CB00E93AD1 /* DFGCFG.h */; }; > FEB51F6C1A97B688001F921C /* Regress141809.mm in Sources */ = {isa = PBXBuildFile; fileRef = FEB51F6B1A97B688001F921C /* Regress141809.mm */; }; > FEB58C15187B8B160098EF0B /* ErrorHandlingScope.h in Headers */ = {isa = PBXBuildFile; fileRef = FEB58C13187B8B160098EF0B /* ErrorHandlingScope.h */; settings = {ATTRIBUTES = (Private, ); }; }; >@@ -3564,8 +3565,6 @@ > 654788421C937D2C000781A0 /* RegExpPrototype.js */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.javascript; path = RegExpPrototype.js; sourceTree = "<group>"; }; > 65525FC31A6DD3B3007B5495 /* NullSetterFunction.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = NullSetterFunction.cpp; sourceTree = "<group>"; }; > 65525FC41A6DD3B3007B5495 /* NullSetterFunction.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = NullSetterFunction.h; sourceTree = "<group>"; }; >- 6553A32F17A1F1EE008CF6F3 /* CommonSlowPathsExceptions.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CommonSlowPathsExceptions.cpp; sourceTree = "<group>"; }; >- 6553A33017A1F1EE008CF6F3 /* CommonSlowPathsExceptions.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CommonSlowPathsExceptions.h; sourceTree = "<group>"; }; > 65570F581AA4C00A009B3C23 /* Regress141275.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = Regress141275.h; path = API/tests/Regress141275.h; sourceTree = "<group>"; }; > 65570F591AA4C00A009B3C23 /* Regress141275.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; name = Regress141275.mm; path = API/tests/Regress141275.mm; sourceTree = "<group>"; }; > 655EB29A10CE2581001A990E /* NodesCodegen.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = NodesCodegen.cpp; sourceTree = "<group>"; }; >@@ -4678,6 +4677,7 @@ > F692A87E0255597D01FF60F7 /* RegExp.h */ = {isa = PBXFileReference; fileEncoding = 30; indentWidth = 4; lastKnownFileType = sourcecode.c.h; path = RegExp.h; sourceTree = "<group>"; tabWidth = 8; }; > F692A8870255597D01FF60F7 /* JSCJSValue.cpp */ = {isa = PBXFileReference; fileEncoding = 30; indentWidth = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSCJSValue.cpp; sourceTree = "<group>"; tabWidth = 8; }; > F73926918DC64330AFCDF0D7 /* JSSourceCode.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSSourceCode.cpp; sourceTree = "<group>"; }; >+ FE086BC92123DEFA003F2929 /* EntryFrame.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = EntryFrame.h; sourceTree = "<group>"; }; > FE0D4A041AB8DD0A002F54BF /* ExecutionTimeLimitTest.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = ExecutionTimeLimitTest.cpp; path = API/tests/ExecutionTimeLimitTest.cpp; sourceTree = "<group>"; }; > FE0D4A051AB8DD0A002F54BF /* ExecutionTimeLimitTest.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ExecutionTimeLimitTest.h; path = API/tests/ExecutionTimeLimitTest.h; sourceTree = "<group>"; }; > FE0D4A071ABA2437002F54BF /* GlobalContextWithFinalizerTest.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = GlobalContextWithFinalizerTest.cpp; path = API/tests/GlobalContextWithFinalizerTest.cpp; sourceTree = "<group>"; }; >@@ -4766,7 +4766,8 @@ > FEA0861F182B7A0400F6D851 /* DebuggerPrimitives.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DebuggerPrimitives.h; sourceTree = "<group>"; }; > FEA0C4001CDD7D0E00481991 /* FunctionWhitelist.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = FunctionWhitelist.cpp; sourceTree = "<group>"; }; > FEA0C4011CDD7D0E00481991 /* FunctionWhitelist.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = FunctionWhitelist.h; sourceTree = "<group>"; }; >- FEA3BBAB212C97CB00E93AD1 /* DFGCFG.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = DFGCFG.h; path = dfg/DFGCFG.h; sourceTree = "<group>"; }; >+ FEA3BBA7212B655800E93AD1 /* CallFrameInlines.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CallFrameInlines.h; sourceTree = "<group>"; }; >+ FEA3BBAB212C97CB00E93AD1 /* DFGCFG.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DFGCFG.h; sourceTree = "<group>"; }; > FEB137561BB11EEE00CD5100 /* MacroAssemblerARM64.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = MacroAssemblerARM64.cpp; sourceTree = "<group>"; }; > FEB41CCB1F73284200C5481E /* ProbeFrame.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ProbeFrame.h; sourceTree = "<group>"; }; > FEB51F6A1A97B688001F921C /* Regress141809.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = Regress141809.h; path = API/tests/Regress141809.h; sourceTree = "<group>"; }; >@@ -5501,10 +5502,12 @@ > 796DAA2A1E89CCD6005DF24A /* CalleeBits.h */, > 1429D8DB0ED2205B00B89619 /* CallFrame.cpp */, > 1429D8DC0ED2205B00B89619 /* CallFrame.h */, >+ FEA3BBA7212B655800E93AD1 /* CallFrameInlines.h */, > A7F869EC0F95C2EC00558697 /* CallFrameClosure.h */, > 1429D85B0ED218E900B89619 /* CLoopStack.cpp */, > 14D792640DAA03FB001A9F05 /* CLoopStack.h */, > A7C1EAEB17987AB600299DB2 /* CLoopStackInlines.h */, >+ FE086BC92123DEFA003F2929 /* EntryFrame.h */, > E34EDBF61DB5FFC100DC87A5 /* FrameTracers.h */, > 1429D7D30ED2128200B89619 /* Interpreter.cpp */, > 1429D77B0ED20D7300B89619 /* Interpreter.h */, >@@ -6499,8 +6502,6 @@ > 65EA73630BAE35D1001BB560 /* CommonIdentifiers.h */, > A709F2F117A0AC2A00512E98 /* CommonSlowPaths.cpp */, > 0F15F15D14B7A73A005DE37D /* CommonSlowPaths.h */, >- 6553A32F17A1F1EE008CF6F3 /* CommonSlowPathsExceptions.cpp */, >- 6553A33017A1F1EE008CF6F3 /* CommonSlowPathsExceptions.h */, > A7E5A3A51797432D00E893C0 /* CompilationResult.cpp */, > A7E5A3A61797432D00E893C0 /* CompilationResult.h */, > 969A09220ED1E09C00F1F681 /* Completion.cpp */, >@@ -8433,6 +8434,7 @@ > 99DA00A31BD5993100F4575C /* builtins_generator.py in Headers */, > 99DA00A41BD5993100F4575C /* builtins_model.py in Headers */, > 99DA00A51BD5993100F4575C /* builtins_templates.py in Headers */, >+ FEA3BBA8212B655900E93AD1 /* CallFrameInlines.h in Headers */, > 41DEA1321B9F3163006D65DD /* BuiltinUtils.h in Headers */, > 9E72940B190F0514001A91B5 /* BundlePath.h in Headers */, > 0FB7F39715ED8E4600F167B2 /* Butterfly.h in Headers */, >@@ -8494,7 +8496,6 @@ > A53243981856A489002ED692 /* CombinedDomains.json in Headers */, > BC18C3F30E16F5CD00B34460 /* CommonIdentifiers.h in Headers */, > 0F15F15F14B7A73E005DE37D /* CommonSlowPaths.h in Headers */, >- 6553A33217A1F1EE008CF6F3 /* CommonSlowPathsExceptions.h in Headers */, > A7E5A3A81797432D00E893C0 /* CompilationResult.h in Headers */, > 0F4F11E8209BCDAB00709654 /* CompilerTimingScope.h in Headers */, > 0FDCE12A1FAFA85F006F3901 /* CompleteSubspace.h in Headers */, >@@ -9084,6 +9085,7 @@ > 978801411471AD920041B016 /* JSDateMath.h in Headers */, > C2A7F688160432D400F76B98 /* JSDestructibleObject.h in Headers */, > 0F7DF13C1E2971130095951B /* JSDestructibleObjectHeapCellType.h in Headers */, >+ FE086BCA2123DEFB003F2929 /* EntryFrame.h in Headers */, > FE384EE61ADDB7AD0055DE2C /* JSDollarVM.h in Headers */, > 86E3C614167BABD7006D760A /* JSExport.h in Headers */, > A7B4ACAF1484C9CE00B38A36 /* JSExportMacros.h in Headers */, >Index: Source/JavaScriptCore/debugger/Debugger.cpp >=================================================================== >--- Source/JavaScriptCore/debugger/Debugger.cpp (revision 235254) >+++ Source/JavaScriptCore/debugger/Debugger.cpp (working copy) >@@ -1,5 +1,5 @@ > /* >- * Copyright (C) 2008-2017 Apple Inc. All rights reserved. >+ * Copyright (C) 2008-2018 Apple Inc. All rights reserved. > * Copyright (C) 1999-2001 Harri Porten (porten@kde.org) > * Copyright (C) 2001 Peter Kelly (pmk@post.com) > * >@@ -686,6 +686,7 @@ void Debugger::pauseIfNeeded(CallFrame* > { > VM& vm = m_vm; > auto scope = DECLARE_THROW_SCOPE(vm); >+ ASSERT(callFrame); > > if (m_isPaused) > return; >Index: Source/JavaScriptCore/interpreter/CallFrame.cpp >=================================================================== >--- Source/JavaScriptCore/interpreter/CallFrame.cpp (revision 235254) >+++ Source/JavaScriptCore/interpreter/CallFrame.cpp (working copy) >@@ -1,5 +1,5 @@ > /* >- * Copyright (C) 2008-2017 Apple Inc. All Rights Reserved. >+ * Copyright (C) 2008-2018 Apple Inc. All Rights Reserved. > * > * Redistribution and use in source and binary forms, with or without > * modification, are permitted provided that the following conditions >@@ -213,7 +213,7 @@ bool CallFrame::isAnyWasmCallee() > return false; > } > >-CallFrame* CallFrame::callerFrame(EntryFrame*& currEntryFrame) >+CallFrame* CallFrame::callerFrame(EntryFrame*& currEntryFrame) const > { > if (callerFrameOrEntryFrame() == currEntryFrame) { > VMEntryRecord* currVMEntryRecord = vmEntryRecord(currEntryFrame); >@@ -223,7 +223,7 @@ CallFrame* CallFrame::callerFrame(EntryF > return static_cast<CallFrame*>(callerFrameOrEntryFrame()); > } > >-SUPPRESS_ASAN CallFrame* CallFrame::unsafeCallerFrame(EntryFrame*& currEntryFrame) >+SUPPRESS_ASAN CallFrame* CallFrame::unsafeCallerFrame(EntryFrame*& currEntryFrame) const > { > if (unsafeCallerFrameOrEntryFrame() == currEntryFrame) { > VMEntryRecord* currVMEntryRecord = vmEntryRecord(currEntryFrame); >@@ -337,4 +337,13 @@ const char* CallFrame::describeFrame() > return buffer; > } > >+void CallFrame::convertToSkipFrame(VM& vm) >+{ >+ ASSERT(!isGlobalExec()); >+ JSGlobalObject* globalObject = vm.callerGlobalObjectForThrow(this); >+ setCodeBlock(nullptr); >+ setCallee(globalObject->skipFrameCallee()); >+ setArgumentCountIncludingThis(0); >+} >+ > } // namespace JSC >Index: Source/JavaScriptCore/interpreter/CallFrame.h >=================================================================== >--- Source/JavaScriptCore/interpreter/CallFrame.h (revision 235254) >+++ Source/JavaScriptCore/interpreter/CallFrame.h (working copy) >@@ -140,8 +140,8 @@ namespace JSC { > void* callerFrameOrEntryFrame() const { return callerFrameAndPC().callerFrame; } > SUPPRESS_ASAN void* unsafeCallerFrameOrEntryFrame() const { return unsafeCallerFrameAndPC().callerFrame; } > >- CallFrame* unsafeCallerFrame(EntryFrame*&); >- JS_EXPORT_PRIVATE CallFrame* callerFrame(EntryFrame*&); >+ CallFrame* unsafeCallerFrame(EntryFrame*&) const; >+ JS_EXPORT_PRIVATE CallFrame* callerFrame(EntryFrame*&) const; > > JS_EXPORT_PRIVATE SourceOrigin callerSourceOrigin(); > >@@ -256,6 +256,10 @@ namespace JSC { > return callerFrameAndPC().callerFrame == noCaller() && callerFrameAndPC().pc == nullptr; > } > >+ void convertToSkipFrame(VM&); >+ inline bool isSkipFrame() const; >+ inline bool isWasmFrame() const; >+ > void setArgumentCountIncludingThis(int count) { static_cast<Register*>(this)[CallFrameSlot::argumentCount].payload() = count; } > void setCallee(JSObject* callee) { static_cast<Register*>(this)[CallFrameSlot::callee] = callee; } > void setCodeBlock(CodeBlock* codeBlock) { static_cast<Register*>(this)[CallFrameSlot::codeBlock] = codeBlock; } >@@ -268,7 +272,7 @@ namespace JSC { > // FIXME: This method is improper. We rely on the fact that we can call it with a null > // receiver. We should always be using StackVisitor directly. > // It's only valid to call this from a non-wasm top frame. >- template <typename Functor> void iterate(const Functor& functor) >+ template <StackVisitor::EmptyEntryFrameAction action = StackVisitor::ContinueIfTopEntryFrameIsEmpty, typename Functor> void iterate(const Functor& functor) > { > VM* vm; > void* rawThis = this; >@@ -277,7 +281,7 @@ namespace JSC { > vm = &this->vm(); > } else > vm = nullptr; >- StackVisitor::visit<Functor>(this, vm, functor); >+ StackVisitor::visit<action, Functor>(this, vm, functor); > } > > void dump(PrintStream&); >Index: Source/JavaScriptCore/interpreter/CallFrameInlines.h >=================================================================== >--- Source/JavaScriptCore/interpreter/CallFrameInlines.h (nonexistent) >+++ Source/JavaScriptCore/interpreter/CallFrameInlines.h (working copy) >@@ -0,0 +1,44 @@ >+/* >+ * Copyright (C) 2018 Apple Inc. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY >+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE >+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR >+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, >+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, >+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR >+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY >+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT >+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE >+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#pragma once >+ >+#include "CallFrame.h" >+ >+namespace JSC { >+ >+inline bool CallFrame::isSkipFrame() const >+{ >+ if (callee().isWasm()) >+ return false; >+ return jsCallee() == jsCallee()->globalObject()->skipFrameCallee(); >+} >+ >+inline bool CallFrame::isWasmFrame() const >+{ >+ return callee().isWasm(); >+} >+ >+} // namespace JSC >Index: Source/JavaScriptCore/interpreter/EntryFrame.h >=================================================================== >--- Source/JavaScriptCore/interpreter/EntryFrame.h (nonexistent) >+++ Source/JavaScriptCore/interpreter/EntryFrame.h (working copy) >@@ -0,0 +1,50 @@ >+/* >+ * Copyright (C) 2018 Apple Inc. All rights reserved. >+ * >+ * Redistribution and use in source and binary forms, with or without >+ * modification, are permitted provided that the following conditions >+ * are met: >+ * 1. Redistributions of source code must retain the above copyright >+ * notice, this list of conditions and the following disclaimer. >+ * 2. Redistributions in binary form must reproduce the above copyright >+ * notice, this list of conditions and the following disclaimer in the >+ * documentation and/or other materials provided with the distribution. >+ * >+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY >+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE >+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR >+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, >+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, >+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR >+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY >+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT >+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE >+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >+ */ >+ >+#pragma once >+ >+#include "StackAlignment.h" >+#include "VMEntryRecord.h" >+ >+namespace JSC { >+ >+struct EntryFrame { >+#if ENABLE(JIT) && NUMBER_OF_CALLEE_SAVES_REGISTERS > 0 >+ static ptrdiff_t vmEntryRecordOffset() >+ { >+ EntryFrame* fakeEntryFrame = reinterpret_cast<EntryFrame*>(0x1000); >+ VMEntryRecord* record = vmEntryRecord(fakeEntryFrame); >+ return static_cast<ptrdiff_t>( >+ reinterpret_cast<char*>(record) - reinterpret_cast<char*>(fakeEntryFrame)); >+ } >+ >+ static ptrdiff_t calleeSaveRegistersBufferOffset() >+ { >+ return vmEntryRecordOffset() + OBJECT_OFFSETOF(VMEntryRecord, calleeSaveRegistersBuffer); >+ } >+#endif >+}; >+ >+} // namespace JSC >Index: Source/JavaScriptCore/interpreter/FrameTracers.h >=================================================================== >--- Source/JavaScriptCore/interpreter/FrameTracers.h (revision 235254) >+++ Source/JavaScriptCore/interpreter/FrameTracers.h (working copy) >@@ -1,5 +1,5 @@ > /* >- * Copyright (C) 2016-2017 Apple Inc. All rights reserved. >+ * Copyright (C) 2016-2018 Apple Inc. All rights reserved. > * > * Redistribution and use in source and binary forms, with or without > * modification, are permitted provided that the following conditions >@@ -93,30 +93,4 @@ public: > } > }; > >-class NativeCallFrameTracerWithRestore { >-public: >- ALWAYS_INLINE NativeCallFrameTracerWithRestore(VM* vm, EntryFrame* EntryFrame, CallFrame* callFrame) >- : m_vm(vm) >- { >- ASSERT(vm); >- ASSERT(callFrame); >- assertStackPointerIsAligned(); >- m_savedTopEntryFrame = vm->topEntryFrame; >- m_savedTopCallFrame = vm->topCallFrame; >- vm->topEntryFrame = EntryFrame; >- vm->topCallFrame = callFrame; >- } >- >- ALWAYS_INLINE ~NativeCallFrameTracerWithRestore() >- { >- m_vm->topEntryFrame = m_savedTopEntryFrame; >- m_vm->topCallFrame = m_savedTopCallFrame; >- } >- >-private: >- VM* m_vm; >- EntryFrame* m_savedTopEntryFrame; >- CallFrame* m_savedTopCallFrame; >-}; >- >-} >+} // namespace JSC >Index: Source/JavaScriptCore/interpreter/Interpreter.cpp >=================================================================== >--- Source/JavaScriptCore/interpreter/Interpreter.cpp (revision 235254) >+++ Source/JavaScriptCore/interpreter/Interpreter.cpp (working copy) >@@ -718,18 +718,11 @@ private: > HandlerInfo*& m_handler; > }; > >-NEVER_INLINE HandlerInfo* Interpreter::unwind(VM& vm, CallFrame*& callFrame, Exception* exception, UnwindStart unwindStart) >+NEVER_INLINE HandlerInfo* Interpreter::unwind(VM& vm, CallFrame*& callFrame, Exception* exception) > { > auto scope = DECLARE_CATCH_SCOPE(vm); > >- if (unwindStart == UnwindFromCallerFrame) { >- if (callFrame->callerFrameOrEntryFrame() == vm.topEntryFrame) >- return nullptr; >- >- callFrame = callFrame->callerFrame(); >- vm.topCallFrame = callFrame; >- } >- >+ ASSERT(reinterpret_cast<void*>(callFrame) != vm.topEntryFrame); > CodeBlock* codeBlock = callFrame->codeBlock(); > > JSValue exceptionValue = exception->value(); >@@ -740,12 +733,12 @@ NEVER_INLINE HandlerInfo* Interpreter::u > if (exceptionValue.isEmpty() || (exceptionValue.isCell() && !exceptionValue.asCell())) > exceptionValue = jsNull(); > >- EXCEPTION_ASSERT_UNUSED(scope, scope.exception() && (!Options::exceptionStackTraceLimit() || scope.exception()->stack().size())); >+ EXCEPTION_ASSERT_UNUSED(scope, scope.exception()); > > // Calculate an exception handler vPC, unwinding call frames as necessary. > HandlerInfo* handler = nullptr; > UnwindFunctor functor(vm, callFrame, isTerminatedExecutionException(vm, exception), codeBlock, handler); >- StackVisitor::visit(callFrame, &vm, functor); >+ StackVisitor::visit<StackVisitor::TerminateIfTopEntryFrameIsEmpty>(callFrame, &vm, functor); > if (!handler) > return nullptr; > >Index: Source/JavaScriptCore/interpreter/Interpreter.h >=================================================================== >--- Source/JavaScriptCore/interpreter/Interpreter.h (revision 235254) >+++ Source/JavaScriptCore/interpreter/Interpreter.h (working copy) >@@ -64,8 +64,6 @@ namespace JSC { > struct ProtoCallFrame; > struct UnlinkedInstruction; > >- enum UnwindStart : uint8_t { UnwindFromCurrentFrame, UnwindFromCallerFrame }; >- > enum DebugHookType { > WillExecuteProgram, > DidExecuteProgram, >@@ -116,8 +114,8 @@ namespace JSC { > JSValue execute(EvalExecutable*, CallFrame*, JSValue thisValue, JSScope*); > > void getArgumentsData(CallFrame*, JSFunction*&, ptrdiff_t& firstParameterIndex, Register*& argv, int& argc); >- >- NEVER_INLINE HandlerInfo* unwind(VM&, CallFrame*&, Exception*, UnwindStart); >+ >+ NEVER_INLINE HandlerInfo* unwind(VM&, CallFrame*&, Exception*); > void notifyDebuggerOfExceptionToBeThrown(VM&, CallFrame*, Exception*); > NEVER_INLINE void debug(CallFrame*, DebugHookType); > static String stackTraceAsString(VM&, const Vector<StackFrame>&); >Index: Source/JavaScriptCore/interpreter/StackVisitor.cpp >=================================================================== >--- Source/JavaScriptCore/interpreter/StackVisitor.cpp (revision 235254) >+++ Source/JavaScriptCore/interpreter/StackVisitor.cpp (working copy) >@@ -1,5 +1,5 @@ > /* >- * Copyright (C) 2013, 2015-2017 Apple Inc. All rights reserved. >+ * Copyright (C) 2013-2018 Apple Inc. All rights reserved. > * > * Redistribution and use in source and binary forms, with or without > * modification, are permitted provided that the following conditions >@@ -44,13 +44,18 @@ StackVisitor::StackVisitor(CallFrame* st > CallFrame* topFrame; > if (startFrame) { > ASSERT(vm); >+ ASSERT(!vm->topCallFrame || reinterpret_cast<void*>(vm->topCallFrame) != vm->topEntryFrame); >+ > m_frame.m_entryFrame = vm->topEntryFrame; > topFrame = vm->topCallFrame; >- >- if (topFrame && static_cast<void*>(m_frame.m_entryFrame) == static_cast<void*>(topFrame)) { >- topFrame = vmEntryRecord(m_frame.m_entryFrame)->m_prevTopCallFrame; >- m_frame.m_entryFrame = vmEntryRecord(m_frame.m_entryFrame)->m_prevTopEntryFrame; >+ >+ if (topFrame && topFrame->isSkipFrame()) { >+ topFrame = topFrame->callerFrame(m_frame.m_entryFrame); >+ m_topEntryFrameIsEmpty = (m_frame.m_entryFrame != vm->topEntryFrame); >+ if (startFrame == vm->topCallFrame) >+ startFrame = topFrame; > } >+ > } else { > m_frame.m_entryFrame = 0; > topFrame = 0; >Index: Source/JavaScriptCore/interpreter/StackVisitor.h >=================================================================== >--- Source/JavaScriptCore/interpreter/StackVisitor.h (revision 235254) >+++ Source/JavaScriptCore/interpreter/StackVisitor.h (working copy) >@@ -1,5 +1,5 @@ > /* >- * Copyright (C) 2013-2017 Apple Inc. All rights reserved. >+ * Copyright (C) 2013-2018 Apple Inc. All rights reserved. > * > * Redistribution and use in source and binary forms, with or without > * modification, are permitted provided that the following conditions >@@ -26,7 +26,6 @@ > #pragma once > > #include "CalleeBits.h" >-#include "VMEntryRecord.h" > #include "WasmIndexOrName.h" > #include <wtf/Function.h> > #include <wtf/Indenter.h> >@@ -35,6 +34,7 @@ > namespace JSC { > > struct CodeOrigin; >+struct EntryFrame; > struct InlineCallFrame; > > class CodeBlock; >@@ -136,10 +136,17 @@ public: > // StackVisitor::visit() expects a Functor that implements the following method: > // Status operator()(StackVisitor&) const; > >- template <typename Functor> >+ enum EmptyEntryFrameAction { >+ ContinueIfTopEntryFrameIsEmpty, >+ TerminateIfTopEntryFrameIsEmpty, >+ }; >+ >+ template <EmptyEntryFrameAction action = ContinueIfTopEntryFrameIsEmpty, typename Functor> > static void visit(CallFrame* startFrame, VM* vm, const Functor& functor) > { > StackVisitor visitor(startFrame, vm); >+ if (action == TerminateIfTopEntryFrameIsEmpty && visitor.topEntryFrameIsEmpty()) >+ return; > while (visitor->callFrame()) { > Status status = functor(visitor); > if (status != Continue) >@@ -152,6 +159,8 @@ public: > ALWAYS_INLINE Frame* operator->() { return &m_frame; } > void unwindToMachineCodeBlockFrame(); > >+ bool topEntryFrameIsEmpty() const { return m_topEntryFrameIsEmpty; } >+ > private: > JS_EXPORT_PRIVATE StackVisitor(CallFrame* startFrame, VM*); > >@@ -164,6 +173,7 @@ private: > #endif > > Frame m_frame; >+ bool m_topEntryFrameIsEmpty { false }; > }; > > class CallerFunctor { >Index: Source/JavaScriptCore/interpreter/VMEntryRecord.h >=================================================================== >--- Source/JavaScriptCore/interpreter/VMEntryRecord.h (revision 235254) >+++ Source/JavaScriptCore/interpreter/VMEntryRecord.h (working copy) >@@ -1,5 +1,5 @@ > /* >- * Copyright (C) 2014-2017 Apple Inc. All rights reserved. >+ * Copyright (C) 2014-2018 Apple Inc. All rights reserved. > * > * Redistribution and use in source and binary forms, with or without > * modification, are permitted provided that the following conditions >@@ -31,6 +31,7 @@ namespace JSC { > > struct EntryFrame; > class ExecState; >+class JSObject; > class VM; > > struct VMEntryRecord { >@@ -41,6 +42,7 @@ struct VMEntryRecord { > VM* m_vm; > ExecState* m_prevTopCallFrame; > EntryFrame* m_prevTopEntryFrame; >+ JSObject* m_callee; > > #if ENABLE(JIT) && NUMBER_OF_CALLEE_SAVES_REGISTERS > 0 > intptr_t calleeSaveRegistersBuffer[NUMBER_OF_CALLEE_SAVES_REGISTERS]; >@@ -55,21 +57,4 @@ struct VMEntryRecord { > > extern "C" VMEntryRecord* vmEntryRecord(EntryFrame*); > >-struct EntryFrame { >-#if ENABLE(JIT) && NUMBER_OF_CALLEE_SAVES_REGISTERS > 0 >- static ptrdiff_t vmEntryRecordOffset() >- { >- EntryFrame* fakeEntryFrame = reinterpret_cast<EntryFrame*>(0x1000); >- VMEntryRecord* record = vmEntryRecord(fakeEntryFrame); >- return static_cast<ptrdiff_t>( >- reinterpret_cast<char*>(record) - reinterpret_cast<char*>(fakeEntryFrame)); >- } >- >- static ptrdiff_t calleeSaveRegistersBufferOffset() >- { >- return vmEntryRecordOffset() + OBJECT_OFFSETOF(VMEntryRecord, calleeSaveRegistersBuffer); >- } >-#endif >-}; >- > } // namespace JSC >Index: Source/JavaScriptCore/jit/AssemblyHelpers.h >=================================================================== >--- Source/JavaScriptCore/jit/AssemblyHelpers.h (revision 235254) >+++ Source/JavaScriptCore/jit/AssemblyHelpers.h (working copy) >@@ -28,6 +28,7 @@ > #if ENABLE(JIT) > > #include "CodeBlock.h" >+#include "EntryFrame.h" > #include "FPRInfo.h" > #include "GPRInfo.h" > #include "Heap.h" >Index: Source/JavaScriptCore/jit/JITExceptions.cpp >=================================================================== >--- Source/JavaScriptCore/jit/JITExceptions.cpp (revision 235254) >+++ Source/JavaScriptCore/jit/JITExceptions.cpp (working copy) >@@ -30,6 +30,7 @@ > #include "CatchScope.h" > #include "CodeBlock.h" > #include "Disassembler.h" >+#include "EntryFrame.h" > #include "Interpreter.h" > #include "JSCInlines.h" > #include "JSCJSValue.h" >@@ -42,28 +43,21 @@ > > namespace JSC { > >-void genericUnwind(VM* vm, ExecState* callFrame, UnwindStart unwindStart) >+void genericUnwind(VM* vm, ExecState* callFrame) > { > auto scope = DECLARE_CATCH_SCOPE(*vm); >+ CallFrame* topJSCallFrame = vm->topJSCallFrame(); > if (Options::breakOnThrow()) { >- CodeBlock* codeBlock = callFrame->codeBlock(); >- if (codeBlock) >- dataLog("In call frame ", RawPointer(callFrame), " for code block ", *codeBlock, "\n"); >- else >- dataLog("In call frame ", RawPointer(callFrame), " with null CodeBlock\n"); >+ CodeBlock* codeBlock = topJSCallFrame->codeBlock(); >+ dataLog("In call frame ", RawPointer(topJSCallFrame), " for code block ", codeBlock, "\n"); > CRASH(); > } > >- ExecState* shadowChickenTopFrame = callFrame; >- if (unwindStart == UnwindFromCallerFrame) { >- EntryFrame* topEntryFrame = vm->topEntryFrame; >- shadowChickenTopFrame = callFrame->callerFrame(topEntryFrame); >- } >- vm->shadowChicken().log(*vm, shadowChickenTopFrame, ShadowChicken::Packet::throwPacket()); >- >+ vm->shadowChicken().log(*vm, topJSCallFrame, ShadowChicken::Packet::throwPacket()); >+ > Exception* exception = scope.exception(); > RELEASE_ASSERT(exception); >- HandlerInfo* handler = vm->interpreter->unwind(*vm, callFrame, exception, unwindStart); // This may update callFrame. >+ HandlerInfo* handler = vm->interpreter->unwind(*vm, callFrame, exception); // This may update callFrame. > > void* catchRoutine; > Instruction* catchPCForInterpreter = 0; >@@ -83,7 +77,7 @@ void genericUnwind(VM* vm, ExecState* ca > #endif > } else > catchRoutine = LLInt::getCodePtr<ExceptionHandlerPtrTag>(handleUncaughtException).executableAddress(); >- >+ > ASSERT(bitwise_cast<uintptr_t>(callFrame) < bitwise_cast<uintptr_t>(vm->topEntryFrame)); > > assertIsTaggedWith(catchRoutine, ExceptionHandlerPtrTag); >@@ -94,9 +88,4 @@ void genericUnwind(VM* vm, ExecState* ca > RELEASE_ASSERT(catchRoutine); > } > >-void genericUnwind(VM* vm, ExecState* callFrame) >-{ >- genericUnwind(vm, callFrame, UnwindFromCurrentFrame); >-} >- > } // namespace JSC >Index: Source/JavaScriptCore/jit/JITExceptions.h >=================================================================== >--- Source/JavaScriptCore/jit/JITExceptions.h (revision 235254) >+++ Source/JavaScriptCore/jit/JITExceptions.h (working copy) >@@ -1,5 +1,5 @@ > /* >- * Copyright (C) 2012 Apple Inc. All rights reserved. >+ * Copyright (C) 2012-2018 Apple Inc. All rights reserved. > * > * Redistribution and use in source and binary forms, with or without > * modification, are permitted provided that the following conditions >@@ -27,12 +27,9 @@ > > namespace JSC { > >-enum UnwindStart : uint8_t; >- > class ExecState; > class VM; > >-void genericUnwind(VM*, ExecState*, UnwindStart); > void genericUnwind(VM*, ExecState*); > > } // namespace JSC >Index: Source/JavaScriptCore/jit/JITOperations.cpp >=================================================================== >--- Source/JavaScriptCore/jit/JITOperations.cpp (revision 235254) >+++ Source/JavaScriptCore/jit/JITOperations.cpp (working copy) >@@ -102,16 +102,9 @@ void JIT_OPERATION operationThrowStackOv > // We pass in our own code block, because the callframe hasn't been populated. > VM* vm = codeBlock->vm(); > auto scope = DECLARE_THROW_SCOPE(*vm); >- >- EntryFrame* entryFrame = vm->topEntryFrame; >- CallFrame* callerFrame = exec->callerFrame(entryFrame); >- if (!callerFrame) { >- callerFrame = exec; >- entryFrame = vm->topEntryFrame; >- } >- >- NativeCallFrameTracerWithRestore tracer(vm, entryFrame, callerFrame); >- throwStackOverflowError(callerFrame, scope); >+ exec->convertToSkipFrame(*vm); >+ NativeCallFrameTracer tracer(vm, exec); >+ throwStackOverflowError(exec, scope); > } > > int32_t JIT_OPERATION operationCallArityCheck(ExecState* exec) >@@ -121,10 +114,9 @@ int32_t JIT_OPERATION operationCallArity > > int32_t missingArgCount = CommonSlowPaths::arityCheckFor(exec, *vm, CodeForCall); > if (missingArgCount < 0) { >- EntryFrame* entryFrame = vm->topEntryFrame; >- CallFrame* callerFrame = exec->callerFrame(entryFrame); >- NativeCallFrameTracerWithRestore tracer(vm, entryFrame, callerFrame); >- throwStackOverflowError(callerFrame, scope); >+ exec->convertToSkipFrame(*vm); >+ NativeCallFrameTracer tracer(vm, exec); >+ throwStackOverflowError(vm->topCallFrame, scope); > } > > return missingArgCount; >@@ -137,10 +129,9 @@ int32_t JIT_OPERATION operationConstruct > > int32_t missingArgCount = CommonSlowPaths::arityCheckFor(exec, *vm, CodeForConstruct); > if (missingArgCount < 0) { >- EntryFrame* entryFrame = vm->topEntryFrame; >- CallFrame* callerFrame = exec->callerFrame(entryFrame); >- NativeCallFrameTracerWithRestore tracer(vm, entryFrame, callerFrame); >- throwStackOverflowError(callerFrame, scope); >+ exec->convertToSkipFrame(*vm); >+ NativeCallFrameTracer tracer(vm, exec); >+ throwStackOverflowError(vm->topCallFrame, scope); > } > > return missingArgCount; >@@ -2449,9 +2440,8 @@ void JIT_OPERATION lookupExceptionHandle > > void JIT_OPERATION lookupExceptionHandlerFromCallerFrame(VM* vm, ExecState* exec) > { >- vm->topCallFrame = exec->callerFrame(); >- genericUnwind(vm, exec, UnwindFromCallerFrame); >- ASSERT(vm->targetMachinePCForThrow); >+ exec->convertToSkipFrame(*vm); >+ lookupExceptionHandler(vm, exec); > } > > void JIT_OPERATION operationVMHandleException(ExecState* exec) >Index: Source/JavaScriptCore/llint/LLIntOffsetsExtractor.cpp >=================================================================== >--- Source/JavaScriptCore/llint/LLIntOffsetsExtractor.cpp (revision 235254) >+++ Source/JavaScriptCore/llint/LLIntOffsetsExtractor.cpp (working copy) >@@ -58,7 +58,6 @@ > #include "TypeProfiler.h" > #include "TypeProfilerLog.h" > #include "VM.h" >-#include "VMEntryRecord.h" > #include "ValueProfile.h" > #include "Watchdog.h" > #include <wtf/text/StringImpl.h> >Index: Source/JavaScriptCore/llint/LLIntSlowPaths.cpp >=================================================================== >--- Source/JavaScriptCore/llint/LLIntSlowPaths.cpp (revision 235254) >+++ Source/JavaScriptCore/llint/LLIntSlowPaths.cpp (working copy) >@@ -29,7 +29,6 @@ > #include "ArrayConstructor.h" > #include "CallFrame.h" > #include "CommonSlowPaths.h" >-#include "CommonSlowPathsExceptions.h" > #include "Error.h" > #include "ErrorHandlingScope.h" > #include "EvalCodeBlock.h" >@@ -524,14 +523,7 @@ LLINT_SLOW_PATH_DECL(stack_check) > { > VM& vm = exec->vm(); > auto throwScope = DECLARE_THROW_SCOPE(vm); >- >- EntryFrame* topEntryFrame = vm.topEntryFrame; >- CallFrame* callerFrame = exec->callerFrame(topEntryFrame); >- if (!callerFrame) { >- callerFrame = exec; >- topEntryFrame = vm.topEntryFrame; >- } >- NativeCallFrameTracerWithRestore tracer(&vm, topEntryFrame, callerFrame); >+ NativeCallFrameTracer tracer(&vm, exec); > > LLINT_SET_PC_FOR_STUBS(); > >@@ -563,9 +555,10 @@ LLINT_SLOW_PATH_DECL(stack_check) > } > #endif > >+ exec->convertToSkipFrame(vm); > ErrorHandlingScope errorScope(vm); >- throwStackOverflowError(callerFrame, throwScope); >- pc = returnToThrow(callerFrame); >+ throwStackOverflowError(exec, throwScope); >+ pc = returnToThrow(exec); > LLINT_RETURN_TWO(pc, exec); > } > >Index: Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm >=================================================================== >--- Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm (revision 235254) >+++ Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm (working copy) >@@ -127,6 +127,8 @@ macro doVMEntry(makeCall) > storep t4, VMEntryRecord::m_prevTopCallFrame[sp] > loadp VM::topEntryFrame[vm], t4 > storep t4, VMEntryRecord::m_prevTopEntryFrame[sp] >+ loadp ProtoCallFrame::calleeValue[protoCallFrame], t4 >+ storep t4, VMEntryRecord::m_callee[sp] > > # Align stack pointer > if X86_WIN or MIPS >@@ -312,8 +314,7 @@ _handleUncaughtException: > loadp VM::callFrameForCatch[t3], cfr > storep 0, VM::callFrameForCatch[t3] > >- loadp CallerFrame[cfr], cfr >- >+ loadp VM::topEntryFrame[t3], cfr > if ARMv7 > vmEntryRecord(cfr, t3) > move t3, sp >@@ -575,6 +576,12 @@ macro functionArityCheck(doneLabel, slow > move PC, a1 > cCall2(slowPath) # This slowPath has a simple protocol: t0 = 0 => no error, t0 != 0 => error > btiz r0, .noError >+ >+ # We're throwing before the frame is fully set up. This frame will be >+ # ignored by the unwinder. So, let's restore the callee saves before we >+ # start unwinding. We need to do this before we change the cfr. >+ restoreCalleeSavesUsedByLLInt() >+ > move r1, cfr # r1 contains caller frame > jmp _llint_throw_from_slow_path_trampoline > >Index: Source/JavaScriptCore/llint/LowLevelInterpreter64.asm >=================================================================== >--- Source/JavaScriptCore/llint/LowLevelInterpreter64.asm (revision 235254) >+++ Source/JavaScriptCore/llint/LowLevelInterpreter64.asm (working copy) >@@ -132,6 +132,8 @@ macro doVMEntry(makeCall) > storep t4, VMEntryRecord::m_prevTopCallFrame[sp] > loadp VM::topEntryFrame[vm], t4 > storep t4, VMEntryRecord::m_prevTopEntryFrame[sp] >+ loadp ProtoCallFrame::calleeValue[protoCallFrame], t4 >+ storep t4, VMEntryRecord::m_callee[sp] > > loadi ProtoCallFrame::paddedArgCount[protoCallFrame], t4 > addp CallFrameHeaderSlots, t4, t4 >@@ -244,7 +246,6 @@ macro doVMEntry(makeCall) > > popCalleeSaves() > functionEpilogue() >- > ret > end > >@@ -285,7 +286,7 @@ _handleUncaughtException: > loadp VM::callFrameForCatch[t3], cfr > storep 0, VM::callFrameForCatch[t3] > >- loadp CallerFrame[cfr], cfr >+ loadp VM::topEntryFrame[t3], cfr > vmEntryRecord(cfr, t2) > > loadp VMEntryRecord::m_vm[t2], t3 >@@ -508,6 +509,12 @@ macro functionArityCheck(doneLabel, slow > move PC, a1 > cCall2(slowPath) # This slowPath has the protocol: r0 = 0 => no error, r0 != 0 => error > btiz r0, .noError >+ >+ # We're throwing before the frame is fully set up. This frame will be >+ # ignored by the unwinder. So, let's restore the callee saves before we >+ # start unwinding. We need to do this before we change the cfr. >+ restoreCalleeSavesUsedByLLInt() >+ > move r1, cfr # r1 contains caller frame > jmp _llint_throw_from_slow_path_trampoline > >Index: Source/JavaScriptCore/llint/LowLevelInterpreter.asm >=================================================================== >--- Source/JavaScriptCore/llint/LowLevelInterpreter.asm (revision 235254) >+++ Source/JavaScriptCore/llint/LowLevelInterpreter.asm (working copy) >@@ -1076,8 +1076,14 @@ macro prologue(codeBlockGetter, codeBloc > subp maxFrameExtentForSlowPathCall, sp > callSlowPath(_llint_stack_check) > bpeq r1, 0, .stackHeightOKGetCodeBlock >+ >+ # We're throwing before the frame is fully set up. This frame will be >+ # ignored by the unwinder. So, let's restore the callee saves before we >+ # start unwinding. We need to do this before we change the cfr. >+ restoreCalleeSavesUsedByLLInt() >+ > move r1, cfr >- dispatch(0) # Go to exception handler in PC >+ jmp _llint_throw_from_slow_path_trampoline > > .stackHeightOKGetCodeBlock: > # Stack check slow path returned that the stack was ok. >Index: Source/JavaScriptCore/runtime/CallData.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/CallData.cpp (revision 235254) >+++ Source/JavaScriptCore/runtime/CallData.cpp (working copy) >@@ -1,5 +1,5 @@ > /* >- * Copyright (C) 2008, 2016 Apple Inc. All Rights Reserved. >+ * Copyright (C) 2008-2018 Apple Inc. All Rights Reserved. > * > * Redistribution and use in source and binary forms, with or without > * modification, are permitted provided that the following conditions >Index: Source/JavaScriptCore/runtime/CommonSlowPaths.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/CommonSlowPaths.cpp (revision 235254) >+++ Source/JavaScriptCore/runtime/CommonSlowPaths.cpp (working copy) >@@ -33,7 +33,6 @@ > #include "CallFrame.h" > #include "ClonedArguments.h" > #include "CodeProfiling.h" >-#include "CommonSlowPathsExceptions.h" > #include "DefinePropertyAttributes.h" > #include "DirectArguments.h" > #include "Error.h" >@@ -163,16 +162,26 @@ namespace JSC { > CALL_END_IMPL(cceExec, LLInt::callToThrow(cceExec), ExceptionHandlerPtrTag); \ > } while (false) > >+static void slowPathThrowStackOverflowError(ExecState* exec, ThrowScope& scope) >+{ >+ JSObject* error = createStackOverflowError(exec); >+ throwException(exec, scope, error); >+#if LLINT_TRACING >+ if (UNLIKELY(Options::traceLLIntSlowPath())) >+ dataLog("Throwing exception ", JSValue(scope.exception()), ".\n"); >+#endif >+} >+ > SLOW_PATH_DECL(slow_path_call_arityCheck) > { > BEGIN(); > int slotsToAdd = CommonSlowPaths::arityCheckFor(exec, vm, CodeForCall); > if (slotsToAdd < 0) { >- exec = exec->callerFrame(); >- vm.topCallFrame = exec; >+ exec->convertToSkipFrame(vm); >+ NativeCallFrameTracer tracer(&vm, exec); > ErrorHandlingScope errorScope(vm); > throwScope.release(); >- CommonSlowPaths::interpreterThrowInCaller(exec, createStackOverflowError(exec)); >+ slowPathThrowStackOverflowError(exec, throwScope); > RETURN_TWO(bitwise_cast<void*>(static_cast<uintptr_t>(1)), exec); > } > RETURN_TWO(0, bitwise_cast<void*>(static_cast<uintptr_t>(slotsToAdd))); >@@ -183,10 +192,10 @@ SLOW_PATH_DECL(slow_path_construct_arity > BEGIN(); > int slotsToAdd = CommonSlowPaths::arityCheckFor(exec, vm, CodeForConstruct); > if (slotsToAdd < 0) { >- exec = exec->callerFrame(); >- vm.topCallFrame = exec; >+ exec->convertToSkipFrame(vm); >+ NativeCallFrameTracer tracer(&vm, exec); > ErrorHandlingScope errorScope(vm); >- CommonSlowPaths::interpreterThrowInCaller(exec, createStackOverflowError(exec)); >+ slowPathThrowStackOverflowError(exec, throwScope); > RETURN_TWO(bitwise_cast<void*>(static_cast<uintptr_t>(1)), exec); > } > RETURN_TWO(0, bitwise_cast<void*>(static_cast<uintptr_t>(slotsToAdd))); >Index: Source/JavaScriptCore/runtime/CommonSlowPathsExceptions.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/CommonSlowPathsExceptions.cpp (revision 235254) >+++ Source/JavaScriptCore/runtime/CommonSlowPathsExceptions.cpp (nonexistent) >@@ -1,56 +0,0 @@ >-/* >- * Copyright (C) 2013, 2016 Apple Inc. All rights reserved. >- * >- * Redistribution and use in source and binary forms, with or without >- * modification, are permitted provided that the following conditions >- * are met: >- * 1. Redistributions of source code must retain the above copyright >- * notice, this list of conditions and the following disclaimer. >- * 2. Redistributions in binary form must reproduce the above copyright >- * notice, this list of conditions and the following disclaimer in the >- * documentation and/or other materials provided with the distribution. >- * >- * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY >- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE >- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR >- * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, >- * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, >- * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR >- * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY >- * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT >- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE >- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >- */ >- >-#include "config.h" >-#include "CommonSlowPathsExceptions.h" >- >-#include "CallFrame.h" >-#include "CodeBlock.h" >-#include "FrameTracers.h" >-#include "Interpreter.h" >-#include "JITExceptions.h" >-#include "LLIntCommon.h" >-#include "JSCInlines.h" >- >-#if LLINT_TRACING >-#include "Exception.h" >-#endif >- >-namespace JSC { namespace CommonSlowPaths { >- >-void interpreterThrowInCaller(ExecState* exec, JSObject* error) >-{ >- VM* vm = &exec->vm(); >- NativeCallFrameTracer tracer(vm, exec); >- auto scope = DECLARE_THROW_SCOPE(*vm); >- >- throwException(exec, scope, error); >-#if LLINT_TRACING >- if (UNLIKELY(Options::traceLLIntSlowPath())) >- dataLog("Throwing exception ", JSValue(scope.exception()), ".\n"); >-#endif >-} >- >-} } // namespace JSC::LLInt >Index: Source/JavaScriptCore/runtime/CommonSlowPathsExceptions.h >=================================================================== >--- Source/JavaScriptCore/runtime/CommonSlowPathsExceptions.h (revision 235254) >+++ Source/JavaScriptCore/runtime/CommonSlowPathsExceptions.h (nonexistent) >@@ -1,38 +0,0 @@ >-/* >- * Copyright (C) 2013 Apple Inc. All rights reserved. >- * >- * Redistribution and use in source and binary forms, with or without >- * modification, are permitted provided that the following conditions >- * are met: >- * 1. Redistributions of source code must retain the above copyright >- * notice, this list of conditions and the following disclaimer. >- * 2. Redistributions in binary form must reproduce the above copyright >- * notice, this list of conditions and the following disclaimer in the >- * documentation and/or other materials provided with the distribution. >- * >- * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY >- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE >- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR >- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR >- * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, >- * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, >- * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR >- * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY >- * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT >- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE >- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >- */ >- >-#pragma once >- >-namespace JSC { >- >-class ExecState; >-class JSObject; >- >-namespace CommonSlowPaths { >- >-// Throw the currently active exception in the context of the caller's call frame. >-void interpreterThrowInCaller(ExecState* callerFrame, JSObject*); >- >-} } // namespace JSC::CommonSlowPaths >Index: Source/JavaScriptCore/runtime/Completion.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/Completion.cpp (revision 235254) >+++ Source/JavaScriptCore/runtime/Completion.cpp (working copy) >@@ -1,7 +1,7 @@ > /* > * Copyright (C) 1999-2001 Harri Porten (porten@kde.org) > * Copyright (C) 2001 Peter Kelly (pmk@post.com) >- * Copyright (C) 2003-2017 Apple Inc. >+ * Copyright (C) 2003-2018 Apple Inc. > * > * This library is free software; you can redistribute it and/or > * modify it under the terms of the GNU Library General Public >@@ -126,7 +126,7 @@ JSValue evaluateWithScopeExtension(ExecS > > if (scopeExtensionObject) { > JSScope* ignoredPreviousScope = globalObject->globalScope(); >- globalObject->setGlobalScopeExtension(JSWithScope::create(exec->vm(), globalObject, ignoredPreviousScope, scopeExtensionObject)); >+ globalObject->setGlobalScopeExtension(JSWithScope::create(vm, globalObject, ignoredPreviousScope, scopeExtensionObject)); > } > > JSValue returnValue = JSC::evaluate(globalObject->globalExec(), source, globalObject, returnedException); >Index: Source/JavaScriptCore/runtime/Error.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/Error.cpp (revision 235254) >+++ Source/JavaScriptCore/runtime/Error.cpp (working copy) >@@ -1,7 +1,7 @@ > /* > * Copyright (C) 1999-2001 Harri Porten (porten@kde.org) > * Copyright (C) 2001 Peter Kelly (pmk@post.com) >- * Copyright (C) 2003-2017 Apple Inc. All rights reserved. >+ * Copyright (C) 2003-2018 Apple Inc. All rights reserved. > * Copyright (C) 2007 Eric Seidel (eric@webkit.org) > * > * This library is free software; you can redistribute it and/or >@@ -39,6 +39,7 @@ > #include "SourceCode.h" > #include "StackFrame.h" > #include "SuperSampler.h" >+#include "VMInlines.h" > > namespace JSC { > >Index: Source/JavaScriptCore/runtime/ExceptionHelpers.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/ExceptionHelpers.cpp (revision 235254) >+++ Source/JavaScriptCore/runtime/ExceptionHelpers.cpp (working copy) >@@ -1,5 +1,5 @@ > /* >- * Copyright (C) 2008-2017 Apple Inc. All rights reserved. >+ * Copyright (C) 2008-2018 Apple Inc. All rights reserved. > * > * Redistribution and use in source and binary forms, with or without > * modification, are permitted provided that the following conditions >@@ -29,7 +29,6 @@ > #include "config.h" > #include "ExceptionHelpers.h" > >-#include "CallFrame.h" > #include "CatchScope.h" > #include "CodeBlock.h" > #include "ErrorHandlingScope.h" >@@ -38,6 +37,7 @@ > #include "JSCInlines.h" > #include "JSGlobalObjectFunctions.h" > #include "RuntimeType.h" >+#include "VMInlines.h" > #include <wtf/text/StringBuilder.h> > #include <wtf/text/StringView.h> > >@@ -69,7 +69,9 @@ bool isTerminatedExecutionException(VM& > > JSObject* createStackOverflowError(ExecState* exec) > { >- return createStackOverflowError(exec, exec->lexicalGlobalObject()); >+ VM& vm = exec->vm(); >+ JSGlobalObject* globalObject = vm.callerGlobalObjectForThrow(exec); >+ return createStackOverflowError(exec, globalObject); > } > > JSObject* createStackOverflowError(ExecState* exec, JSGlobalObject* globalObject) >Index: Source/JavaScriptCore/runtime/JSGeneratorFunction.h >=================================================================== >--- Source/JavaScriptCore/runtime/JSGeneratorFunction.h (revision 235254) >+++ Source/JavaScriptCore/runtime/JSGeneratorFunction.h (working copy) >@@ -32,7 +32,6 @@ namespace JSC { > > class JSGlobalObject; > class LLIntOffsetsExtractor; >-class LLIntDesiredOffsets; > > class JSGeneratorFunction final : public JSFunction { > friend class JIT; >Index: Source/JavaScriptCore/runtime/JSGlobalObject.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/JSGlobalObject.cpp (revision 235254) >+++ Source/JavaScriptCore/runtime/JSGlobalObject.cpp (working copy) >@@ -416,6 +416,9 @@ void JSGlobalObject::init(VM& vm) > ExecState::initGlobalExec(JSGlobalObject::globalExec(), globalCallee); > ExecState* exec = JSGlobalObject::globalExec(); > >+ JSCallee* skipFrameCallee = JSCallee::create(vm, this, globalScope()); >+ m_skipFrameCallee.set(vm, this, skipFrameCallee); >+ > m_hostFunctionStructure.set(vm, this, JSFunction::createStructure(vm, this, m_functionPrototype.get())); > > auto initFunctionStructures = [&] (FunctionStructures& structures) { >@@ -1327,6 +1330,7 @@ void JSGlobalObject::visitChildren(JSCel > visitor.append(thisObject->m_globalLexicalEnvironment); > visitor.append(thisObject->m_globalScopeExtension); > visitor.append(thisObject->m_globalCallee); >+ visitor.append(thisObject->m_skipFrameCallee); > visitor.append(thisObject->m_regExpConstructor); > visitor.append(thisObject->m_errorConstructor); > visitor.append(thisObject->m_nativeErrorPrototypeStructure); >Index: Source/JavaScriptCore/runtime/JSGlobalObject.h >=================================================================== >--- Source/JavaScriptCore/runtime/JSGlobalObject.h (revision 235254) >+++ Source/JavaScriptCore/runtime/JSGlobalObject.h (working copy) >@@ -83,6 +83,7 @@ class InputCursor; > class JSArrayBuffer; > class JSArrayBufferConstructor; > class JSArrayBufferPrototype; >+class JSCallee; > class JSGlobalObjectDebuggable; > class JSInternalPromise; > class JSModuleLoader; >@@ -256,7 +257,8 @@ public: > > WriteBarrier<JSGlobalLexicalEnvironment> m_globalLexicalEnvironment; > WriteBarrier<JSScope> m_globalScopeExtension; >- WriteBarrier<JSObject> m_globalCallee; >+ WriteBarrier<JSCallee> m_globalCallee; >+ WriteBarrier<JSCallee> m_skipFrameCallee; > WriteBarrier<RegExpConstructor> m_regExpConstructor; > WriteBarrier<ErrorConstructor> m_errorConstructor; > WriteBarrier<Structure> m_nativeErrorPrototypeStructure; >@@ -442,6 +444,8 @@ public: > > WeakRandom m_weakRandom; > >+ JSCallee* skipFrameCallee() const { return m_skipFrameCallee.get(); } >+ > InlineWatchpointSet& arrayIteratorProtocolWatchpoint() { return m_arrayIteratorProtocolWatchpoint; } > InlineWatchpointSet& mapIteratorProtocolWatchpoint() { return m_mapIteratorProtocolWatchpoint; } > InlineWatchpointSet& setIteratorProtocolWatchpoint() { return m_setIteratorProtocolWatchpoint; } >Index: Source/JavaScriptCore/runtime/VM.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/VM.cpp (revision 235254) >+++ Source/JavaScriptCore/runtime/VM.cpp (working copy) >@@ -826,15 +826,16 @@ void VM::clearSourceProviderCaches() > > void VM::throwException(ExecState* exec, Exception* exception) > { >+ ASSERT(exec == topCallFrame || exec->isGlobalExec()); >+ CallFrame* throwFrame = exec->isGlobalExec() ? exec : topJSCallFrame(); >+ > if (Options::breakOnThrow()) { >- CodeBlock* codeBlock = exec->codeBlock(); >- dataLog("Throwing exception in call frame ", RawPointer(exec), " for code block ", codeBlock, "\n"); >+ CodeBlock* codeBlock = throwFrame ? throwFrame->codeBlock() : nullptr; >+ dataLog("Throwing exception in call frame ", RawPointer(throwFrame), " for code block ", codeBlock, "\n"); > CRASH(); > } > >- ASSERT(exec == topCallFrame || exec->isGlobalExec()); >- >- interpreter->notifyDebuggerOfExceptionToBeThrown(*this, exec, exception); >+ interpreter->notifyDebuggerOfExceptionToBeThrown(*this, throwFrame, exception); > > setException(exception); > >@@ -1263,15 +1264,37 @@ void VM::clearScratchBuffers() > scratchBuffer->setActiveLength(0); > } > >+JSGlobalObject* VM::callerGlobalObjectForThrow(const CallFrame* callFrame) const >+{ >+ auto calleeForComputingGlobalObject = [] (const VM& vm, const CallFrame* callFrame) { >+ if (callFrame->isGlobalExec()) >+ return callFrame->jsCallee(); >+ >+ EntryFrame* entryFrame = vm.topEntryFrame; >+ do { >+ callFrame = callFrame->callerFrame(entryFrame); >+ } while (callFrame && callFrame->callee().isWasm()); >+ >+ if (callFrame) >+ return callFrame->jsCallee(); >+ >+ return vmEntryRecord(vm.topEntryFrame)->m_callee; >+ }; >+ >+ return calleeForComputingGlobalObject(*this, callFrame)->globalObject(); >+} >+ > JSGlobalObject* VM::vmEntryGlobalObject(const CallFrame* callFrame) const > { > if (callFrame && callFrame->isGlobalExec()) { >- ASSERT(callFrame->callee().isCell() && callFrame->callee().asCell()->isObject()); >- ASSERT(callFrame == callFrame->lexicalGlobalObject()->globalExec()); >+ RELEASE_ASSERT(callFrame->callee().isCell() && callFrame->callee().asCell()->isObject()); // mlam Make ASSERT >+ RELEASE_ASSERT(callFrame == callFrame->lexicalGlobalObject()->globalExec()); // mlam Make ASSERT > return callFrame->lexicalGlobalObject(); > } >- ASSERT(entryScope); >+ RELEASE_ASSERT(entryScope); // mlam Make ASSERT > return entryScope->globalObject(); >+// RELEASE_ASSERT(topEntryFrame); >+// return vmEntryRecord(topEntryFrame)->m_callee->globalObject(); > } > > } // namespace JSC >Index: Source/JavaScriptCore/runtime/VM.h >=================================================================== >--- Source/JavaScriptCore/runtime/VM.h (revision 235254) >+++ Source/JavaScriptCore/runtime/VM.h (working copy) >@@ -51,7 +51,6 @@ > #include "SmallStrings.h" > #include "Strong.h" > #include "StructureCache.h" >-#include "VMEntryRecord.h" > #include "VMTraps.h" > #include "WasmContext.h" > #include "Watchpoint.h" >@@ -168,6 +167,7 @@ namespace DOMJIT { > class Signature; > } > >+struct EntryFrame; > struct HashTable; > struct Instruction; > struct ValueProfile; >@@ -295,6 +295,9 @@ public: > unsigned id() const { return m_id; } > bool isEntered() const { return !!entryScope; } > >+ inline CallFrame* topJSCallFrame() const; >+ JSGlobalObject* callerGlobalObjectForThrow(const CallFrame*) const; >+ > // Global object in which execution began. > JS_EXPORT_PRIVATE JSGlobalObject* vmEntryGlobalObject(const CallFrame*) const; > >Index: Source/JavaScriptCore/runtime/VMInlines.h >=================================================================== >--- Source/JavaScriptCore/runtime/VMInlines.h (revision 235254) >+++ Source/JavaScriptCore/runtime/VMInlines.h (working copy) >@@ -1,5 +1,5 @@ > /* >- * Copyright (C) 2015-2017 Apple Inc. All rights reserved. >+ * Copyright (C) 2015-2018 Apple Inc. All rights reserved. > * > * Redistribution and use in source and binary forms, with or without > * modification, are permitted provided that the following conditions >@@ -25,6 +25,8 @@ > > #pragma once > >+#include "CallFrameInlines.h" >+#include "EntryFrame.h" > #include "ProfilerDatabase.h" > #include "VM.h" > #include "Watchdog.h" >@@ -60,4 +62,19 @@ void VM::logEvent(CodeBlock* codeBlock, > m_perBytecodeProfiler->logEvent(codeBlock, summary, func()); > } > >+inline CallFrame* VM::topJSCallFrame() const >+{ >+ CallFrame* frame = topCallFrame; >+ if (!frame) >+ return frame; >+ if (!frame->isWasmFrame() && !frame->isSkipFrame()) >+ return frame; >+ EntryFrame* entryFrame = topEntryFrame; >+ do { >+ frame = frame->callerFrame(entryFrame); >+ ASSERT(!frame || !frame->isSkipFrame()); >+ } while (frame && frame->isWasmFrame()); >+ return frame; >+} >+ > } // namespace JSC >Index: LayoutTests/ChangeLog >=================================================================== >--- LayoutTests/ChangeLog (revision 235254) >+++ LayoutTests/ChangeLog (working copy) >@@ -1,3 +1,13 @@ >+2018-08-23 Mark Lam <mark.lam@apple.com> >+ >+ Fix exception throwing code so that topCallFrame and topEntryFrame stay true to their names. >+ https://bugs.webkit.org/show_bug.cgi?id=188577 >+ <rdar://problem/42985684> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ * http/tests/misc/large-js-program-expected.txt: >+ > 2018-08-23 Andy Estes <aestes@apple.com> > > [Apple Pay] Introduce Apple Pay JS v4 on iOS 12 and macOS Mojave >Index: LayoutTests/http/tests/misc/large-js-program-expected.txt >=================================================================== >--- LayoutTests/http/tests/misc/large-js-program-expected.txt (revision 235254) >+++ LayoutTests/http/tests/misc/large-js-program-expected.txt (working copy) >@@ -1,4 +1,4 @@ >-CONSOLE MESSAGE: line 27: RangeError: Maximum call stack size exceeded. >+CONSOLE MESSAGE: RangeError: Maximum call stack size exceeded. > This tests verifies that a large program doesn't crash JavaScript. > > This test should generate an out of stack exception, but have no other output.
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=348021">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 188577
:
347320
|
347321
|
347329
|
347330
|
347332
|
347364
|
347370
|
347372
|
347523
|
347542
|
347574
|
347604
|
348021
|
348047
|
348059