Diff
Modified: releases/WebKitGTK/webkit-2.22/JSTests/ChangeLog (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/JSTests/ChangeLog 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/JSTests/ChangeLog 2018-11-16 23:22:29 UTC (rev 238316)
@@ -1,3 +1,13 @@
+2018-08-27 Mark Lam <mark....@apple.com>
+
+ Fix exception throwing code so that topCallFrame and topEntryFrame stay true to their names.
+ https://bugs.webkit.org/show_bug.cgi?id=188577
+ <rdar://problem/42985684>
+
+ Reviewed by Saam Barati.
+
+ * stress/regress-188577.js: Added.
+
2018-10-26 Mark Lam <mark....@apple.com>
Fix missing edge cases with JSGlobalObjects having a bad time.
Added: releases/WebKitGTK/webkit-2.22/JSTests/stress/regress-188577.js (0 => 238316)
--- releases/WebKitGTK/webkit-2.22/JSTests/stress/regress-188577.js (rev 0)
+++ releases/WebKitGTK/webkit-2.22/JSTests/stress/regress-188577.js 2018-11-16 23:22:29 UTC (rev 238316)
@@ -0,0 +1,20 @@
+//@ requireOptions("--maxPerThreadStackUsage=262144")
+
+var exception;
+try {
+ var i = 25000;
+ var args = [];
+ var v3;
+ while (i--)
+ args[i] = "a";
+ var argsList = args.join();
+ setter = Function(argsList, "");
+ Object.defineProperty(args, '0', {set: setter});
+ args.sort();
+
+} catch (e) {
+ exception = e;
+}
+
+if (exception != "RangeError: Maximum call stack size exceeded.")
+ throw "FAILED";
Modified: releases/WebKitGTK/webkit-2.22/LayoutTests/ChangeLog (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/LayoutTests/ChangeLog 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/LayoutTests/ChangeLog 2018-11-16 23:22:29 UTC (rev 238316)
@@ -1,3 +1,13 @@
+2018-08-27 Mark Lam <mark....@apple.com>
+
+ Fix exception throwing code so that topCallFrame and topEntryFrame stay true to their names.
+ https://bugs.webkit.org/show_bug.cgi?id=188577
+ <rdar://problem/42985684>
+
+ Reviewed by Saam Barati.
+
+ * http/tests/misc/large-js-program-expected.txt:
+
2018-11-15 Antti Koivisto <an...@apple.com>
Remove fonts from CSSFontFaceSet safely
Modified: releases/WebKitGTK/webkit-2.22/LayoutTests/http/tests/misc/large-js-program-expected.txt (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/LayoutTests/http/tests/misc/large-js-program-expected.txt 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/LayoutTests/http/tests/misc/large-js-program-expected.txt 2018-11-16 23:22:29 UTC (rev 238316)
@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: line 27: RangeError: Maximum call stack size exceeded.
+CONSOLE MESSAGE: RangeError: Maximum call stack size exceeded.
This tests verifies that a large program doesn't crash _javascript_.
This test should generate an out of stack exception, but have no other output.
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/CMakeLists.txt (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/CMakeLists.txt 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/CMakeLists.txt 2018-11-16 23:22:29 UTC (rev 238316)
@@ -611,7 +611,9 @@
interpreter/AbstractPC.h
interpreter/CallFrame.h
+ interpreter/CallFrameInlines.h
interpreter/CalleeBits.h
+ interpreter/EntryFrame.h
interpreter/FrameTracers.h
interpreter/Register.h
interpreter/ShadowChicken.h
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/ChangeLog (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/ChangeLog 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/ChangeLog 2018-11-16 23:22:29 UTC (rev 238316)
@@ -1,3 +1,103 @@
+2018-08-27 Mark Lam <mark....@apple.com>
+
+ Fix exception throwing code so that topCallFrame and topEntryFrame stay true to their names.
+ https://bugs.webkit.org/show_bug.cgi?id=188577
+ <rdar://problem/42985684>
+
+ Reviewed by Saam Barati.
+
+ 1. Introduced CallFrame::convertToStackOverflowFrame() which converts the current
+ (top) CallFrame (which may not have a valid callee) into a StackOverflowFrame.
+
+ The StackOverflowFrame is a sentinel frame that the low level code (exception
+ throwing code, stack visitor, and stack unwinding code) will know to skip
+ over. The StackOverflowFrame will also have a valid JSCallee so that client
+ code can compute the globalObject or VM from this frame.
+
+ As a result, client code that throws StackOverflowErrors no longer need to
+ compute the caller frame to throw from: it just converts the top frame into
+ a StackOverflowFrame and everything should *Just Work*.
+
+ 2. NativeCallFrameTracerWithRestore is now obsolete.
+
+ Instead, client code should always call convertToStackOverflowFrame() on the
+ frame before instantiating a NativeCallFrameTracer with it.
+
+ This means that topCallFrame will always point to the top CallFrame (which
+ may be a StackOverflowFrame), and topEntryFrame will always point to the top
+ EntryFrame. We'll never temporarily point them to the previous EntryFrame
+ (which we used to do with NativeCallFrameTracerWithRestore).
+
+ 3. genericUnwind() and Interpreter::unwind() will now always unwind from the top
+ CallFrame, and will know how to handle a StackOverflowFrame if they see one.
+
+ This obsoletes the UnwindStart flag.
+
+ * CMakeLists.txt:
+ * _javascript_Core.xcodeproj/project.pbxproj:
+ * Sources.txt:
+ * debugger/Debugger.cpp:
+ (JSC::Debugger::pauseIfNeeded):
+ * interpreter/CallFrame.cpp:
+ (JSC::CallFrame::callerFrame const):
+ (JSC::CallFrame::unsafeCallerFrame const):
+ (JSC::CallFrame::convertToStackOverflowFrame):
+ (JSC::CallFrame::callerFrame): Deleted.
+ (JSC::CallFrame::unsafeCallerFrame): Deleted.
+ * interpreter/CallFrame.h:
+ (JSC::ExecState::iterate):
+ * interpreter/CallFrameInlines.h: Added.
+ (JSC::CallFrame::isStackOverflowFrame const):
+ (JSC::CallFrame::isWasmFrame const):
+ * interpreter/EntryFrame.h: Added.
+ (JSC::EntryFrame::vmEntryRecordOffset):
+ (JSC::EntryFrame::calleeSaveRegistersBufferOffset):
+ * interpreter/FrameTracers.h:
+ (JSC::NativeCallFrameTracerWithRestore::NativeCallFrameTracerWithRestore): Deleted.
+ (JSC::NativeCallFrameTracerWithRestore::~NativeCallFrameTracerWithRestore): Deleted.
+ * interpreter/Interpreter.cpp:
+ (JSC::Interpreter::unwind):
+ * interpreter/Interpreter.h:
+ * interpreter/StackVisitor.cpp:
+ (JSC::StackVisitor::StackVisitor):
+ * interpreter/StackVisitor.h:
+ (JSC::StackVisitor::visit):
+ (JSC::StackVisitor::topEntryFrameIsEmpty const):
+ * interpreter/VMEntryRecord.h:
+ (JSC::VMEntryRecord::callee const):
+ (JSC::EntryFrame::vmEntryRecordOffset): Deleted.
+ (JSC::EntryFrame::calleeSaveRegistersBufferOffset): Deleted.
+ * jit/AssemblyHelpers.h:
+ * jit/JITExceptions.cpp:
+ (JSC::genericUnwind):
+ * jit/JITExceptions.h:
+ * jit/JITOperations.cpp:
+ * llint/LLIntOffsetsExtractor.cpp:
+ * llint/LLIntSlowPaths.cpp:
+ (JSC::LLInt::LLINT_SLOW_PATH_DECL):
+ * llint/LowLevelInterpreter.asm:
+ * llint/LowLevelInterpreter32_64.asm:
+ * llint/LowLevelInterpreter64.asm:
+ * runtime/CallData.cpp:
+ * runtime/CommonSlowPaths.cpp:
+ (JSC::throwArityCheckStackOverflowError):
+ (JSC::SLOW_PATH_DECL):
+ * runtime/CommonSlowPathsExceptions.cpp: Removed.
+ * runtime/CommonSlowPathsExceptions.h: Removed.
+ * runtime/Completion.cpp:
+ (JSC::evaluateWithScopeExtension):
+ * runtime/JSGeneratorFunction.h:
+ * runtime/JSGlobalObject.cpp:
+ (JSC::JSGlobalObject::init):
+ (JSC::JSGlobalObject::visitChildren):
+ * runtime/JSGlobalObject.h:
+ (JSC::JSGlobalObject::stackOverflowFrameCallee const):
+ * runtime/VM.cpp:
+ (JSC::VM::throwException):
+ * runtime/VM.h:
+ * runtime/VMInlines.h:
+ (JSC::VM::topJSCallFrame const):
+
2018-08-22 Michael Saboff <msab...@apple.com>
https://bugs.webkit.org/show_bug.cgi?id=188859
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/_javascript_Core.xcodeproj/project.pbxproj (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/_javascript_Core.xcodeproj/project.pbxproj 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/_javascript_Core.xcodeproj/project.pbxproj 2018-11-16 23:22:29 UTC (rev 238316)
@@ -1076,7 +1076,6 @@
6511230714046B0A002B101D /* testRegExp.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 651122E5140469BA002B101D /* testRegExp.cpp */; };
6514F21918B3E1670098FF8B /* Bytecodes.h in Headers */ = {isa = PBXBuildFile; fileRef = 6514F21718B3E1670098FF8B /* Bytecodes.h */; settings = {ATTRIBUTES = (Private, ); }; };
65303D641447B9E100D3F904 /* ParserTokens.h in Headers */ = {isa = PBXBuildFile; fileRef = 65303D631447B9E100D3F904 /* ParserTokens.h */; settings = {ATTRIBUTES = (Private, ); }; };
- 6553A33217A1F1EE008CF6F3 /* CommonSlowPathsExceptions.h in Headers */ = {isa = PBXBuildFile; fileRef = 6553A33017A1F1EE008CF6F3 /* CommonSlowPathsExceptions.h */; };
65570F5A1AA4C3EA009B3C23 /* Regress141275.mm in Sources */ = {isa = PBXBuildFile; fileRef = 65570F591AA4C00A009B3C23 /* Regress141275.mm */; };
657CF45919BF6662004ACBF2 /* JSCallee.h in Headers */ = {isa = PBXBuildFile; fileRef = 657CF45719BF6662004ACBF2 /* JSCallee.h */; settings = {ATTRIBUTES = (Private, ); }; };
658824AF1E5CFDB000FB7359 /* ConfigFile.h in Headers */ = {isa = PBXBuildFile; fileRef = 658824AE1E5CFDB000FB7359 /* ConfigFile.h */; settings = {ATTRIBUTES = (Private, ); }; };
@@ -1749,6 +1748,7 @@
E49DC16C12EF294E00184A1F /* SourceProviderCache.h in Headers */ = {isa = PBXBuildFile; fileRef = E49DC15112EF272200184A1F /* SourceProviderCache.h */; settings = {ATTRIBUTES = (Private, ); }; };
E49DC16D12EF295300184A1F /* SourceProviderCacheItem.h in Headers */ = {isa = PBXBuildFile; fileRef = E49DC14912EF261A00184A1F /* SourceProviderCacheItem.h */; settings = {ATTRIBUTES = (Private, ); }; };
FE05FAFD1FE4CEDA00093230 /* DeprecatedInspectorValues.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 992D6A111FBD491D000245F4 /* DeprecatedInspectorValues.cpp */; };
+ FE086BCA2123DEFB003F2929 /* EntryFrame.h in Headers */ = {isa = PBXBuildFile; fileRef = FE086BC92123DEFA003F2929 /* EntryFrame.h */; settings = {ATTRIBUTES = (Private, ); }; };
FE0D4A061AB8DD0A002F54BF /* ExecutionTimeLimitTest.cpp in Sources */ = {isa = PBXBuildFile; fileRef = FE0D4A041AB8DD0A002F54BF /* ExecutionTimeLimitTest.cpp */; };
FE0D4A091ABA2437002F54BF /* GlobalContextWithFinalizerTest.cpp in Sources */ = {isa = PBXBuildFile; fileRef = FE0D4A071ABA2437002F54BF /* GlobalContextWithFinalizerTest.cpp */; };
FE10AAEB1F44D528009DEDC5 /* ProbeStack.h in Headers */ = {isa = PBXBuildFile; fileRef = FE10AAEA1F44D512009DEDC5 /* ProbeStack.h */; settings = {ATTRIBUTES = (Private, ); }; };
@@ -1801,6 +1801,7 @@
FEA08620182B7A0400F6D851 /* Breakpoint.h in Headers */ = {isa = PBXBuildFile; fileRef = FEA0861E182B7A0400F6D851 /* Breakpoint.h */; settings = {ATTRIBUTES = (Private, ); }; };
FEA08621182B7A0400F6D851 /* DebuggerPrimitives.h in Headers */ = {isa = PBXBuildFile; fileRef = FEA0861F182B7A0400F6D851 /* DebuggerPrimitives.h */; settings = {ATTRIBUTES = (Private, ); }; };
FEA0C4031CDD7D1D00481991 /* FunctionWhitelist.h in Headers */ = {isa = PBXBuildFile; fileRef = FEA0C4011CDD7D0E00481991 /* FunctionWhitelist.h */; };
+ FEA3BBA8212B655900E93AD1 /* CallFrameInlines.h in Headers */ = {isa = PBXBuildFile; fileRef = FEA3BBA7212B655800E93AD1 /* CallFrameInlines.h */; settings = {ATTRIBUTES = (Private, ); }; };
FEA3BBAC212C97CB00E93AD1 /* DFGCFG.h in Headers */ = {isa = PBXBuildFile; fileRef = FEA3BBAB212C97CB00E93AD1 /* DFGCFG.h */; };
FEB51F6C1A97B688001F921C /* Regress141809.mm in Sources */ = {isa = PBXBuildFile; fileRef = FEB51F6B1A97B688001F921C /* Regress141809.mm */; };
FEB58C15187B8B160098EF0B /* ErrorHandlingScope.h in Headers */ = {isa = PBXBuildFile; fileRef = FEB58C13187B8B160098EF0B /* ErrorHandlingScope.h */; settings = {ATTRIBUTES = (Private, ); }; };
@@ -3565,8 +3566,6 @@
654788421C937D2C000781A0 /* RegExpPrototype.js */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode._javascript_; path = RegExpPrototype.js; sourceTree = "<group>"; };
65525FC31A6DD3B3007B5495 /* NullSetterFunction.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = NullSetterFunction.cpp; sourceTree = "<group>"; };
65525FC41A6DD3B3007B5495 /* NullSetterFunction.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = NullSetterFunction.h; sourceTree = "<group>"; };
- 6553A32F17A1F1EE008CF6F3 /* CommonSlowPathsExceptions.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CommonSlowPathsExceptions.cpp; sourceTree = "<group>"; };
- 6553A33017A1F1EE008CF6F3 /* CommonSlowPathsExceptions.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CommonSlowPathsExceptions.h; sourceTree = "<group>"; };
65570F581AA4C00A009B3C23 /* Regress141275.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = Regress141275.h; path = API/tests/Regress141275.h; sourceTree = "<group>"; };
65570F591AA4C00A009B3C23 /* Regress141275.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; name = Regress141275.mm; path = API/tests/Regress141275.mm; sourceTree = "<group>"; };
655EB29A10CE2581001A990E /* NodesCodegen.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = NodesCodegen.cpp; sourceTree = "<group>"; };
@@ -4679,6 +4678,7 @@
F692A87E0255597D01FF60F7 /* RegExp.h */ = {isa = PBXFileReference; fileEncoding = 30; indentWidth = 4; lastKnownFileType = sourcecode.c.h; path = RegExp.h; sourceTree = "<group>"; tabWidth = 8; };
F692A8870255597D01FF60F7 /* JSCJSValue.cpp */ = {isa = PBXFileReference; fileEncoding = 30; indentWidth = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSCJSValue.cpp; sourceTree = "<group>"; tabWidth = 8; };
F73926918DC64330AFCDF0D7 /* JSSourceCode.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSSourceCode.cpp; sourceTree = "<group>"; };
+ FE086BC92123DEFA003F2929 /* EntryFrame.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = EntryFrame.h; sourceTree = "<group>"; };
FE0D4A041AB8DD0A002F54BF /* ExecutionTimeLimitTest.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = ExecutionTimeLimitTest.cpp; path = API/tests/ExecutionTimeLimitTest.cpp; sourceTree = "<group>"; };
FE0D4A051AB8DD0A002F54BF /* ExecutionTimeLimitTest.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ExecutionTimeLimitTest.h; path = API/tests/ExecutionTimeLimitTest.h; sourceTree = "<group>"; };
FE0D4A071ABA2437002F54BF /* GlobalContextWithFinalizerTest.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = GlobalContextWithFinalizerTest.cpp; path = API/tests/GlobalContextWithFinalizerTest.cpp; sourceTree = "<group>"; };
@@ -4768,7 +4768,8 @@
FEA0861F182B7A0400F6D851 /* DebuggerPrimitives.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DebuggerPrimitives.h; sourceTree = "<group>"; };
FEA0C4001CDD7D0E00481991 /* FunctionWhitelist.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = FunctionWhitelist.cpp; sourceTree = "<group>"; };
FEA0C4011CDD7D0E00481991 /* FunctionWhitelist.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = FunctionWhitelist.h; sourceTree = "<group>"; };
- FEA3BBAB212C97CB00E93AD1 /* DFGCFG.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = DFGCFG.h; path = dfg/DFGCFG.h; sourceTree = "<group>"; };
+ FEA3BBA7212B655800E93AD1 /* CallFrameInlines.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CallFrameInlines.h; sourceTree = "<group>"; };
+ FEA3BBAB212C97CB00E93AD1 /* DFGCFG.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DFGCFG.h; sourceTree = "<group>"; };
FEB137561BB11EEE00CD5100 /* MacroAssemblerARM64.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = MacroAssemblerARM64.cpp; sourceTree = "<group>"; };
FEB41CCB1F73284200C5481E /* ProbeFrame.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ProbeFrame.h; sourceTree = "<group>"; };
FEB51F6A1A97B688001F921C /* Regress141809.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = Regress141809.h; path = API/tests/Regress141809.h; sourceTree = "<group>"; };
@@ -5503,10 +5504,12 @@
796DAA2A1E89CCD6005DF24A /* CalleeBits.h */,
1429D8DB0ED2205B00B89619 /* CallFrame.cpp */,
1429D8DC0ED2205B00B89619 /* CallFrame.h */,
+ FEA3BBA7212B655800E93AD1 /* CallFrameInlines.h */,
A7F869EC0F95C2EC00558697 /* CallFrameClosure.h */,
1429D85B0ED218E900B89619 /* CLoopStack.cpp */,
14D792640DAA03FB001A9F05 /* CLoopStack.h */,
A7C1EAEB17987AB600299DB2 /* CLoopStackInlines.h */,
+ FE086BC92123DEFA003F2929 /* EntryFrame.h */,
E34EDBF61DB5FFC100DC87A5 /* FrameTracers.h */,
1429D7D30ED2128200B89619 /* Interpreter.cpp */,
1429D77B0ED20D7300B89619 /* Interpreter.h */,
@@ -6501,8 +6504,6 @@
65EA73630BAE35D1001BB560 /* CommonIdentifiers.h */,
A709F2F117A0AC2A00512E98 /* CommonSlowPaths.cpp */,
0F15F15D14B7A73A005DE37D /* CommonSlowPaths.h */,
- 6553A32F17A1F1EE008CF6F3 /* CommonSlowPathsExceptions.cpp */,
- 6553A33017A1F1EE008CF6F3 /* CommonSlowPathsExceptions.h */,
A7E5A3A51797432D00E893C0 /* CompilationResult.cpp */,
A7E5A3A61797432D00E893C0 /* CompilationResult.h */,
969A09220ED1E09C00F1F681 /* Completion.cpp */,
@@ -8436,6 +8437,7 @@
99DA00A31BD5993100F4575C /* builtins_generator.py in Headers */,
99DA00A41BD5993100F4575C /* builtins_model.py in Headers */,
99DA00A51BD5993100F4575C /* builtins_templates.py in Headers */,
+ FEA3BBA8212B655900E93AD1 /* CallFrameInlines.h in Headers */,
41DEA1321B9F3163006D65DD /* BuiltinUtils.h in Headers */,
9E72940B190F0514001A91B5 /* BundlePath.h in Headers */,
0FB7F39715ED8E4600F167B2 /* Butterfly.h in Headers */,
@@ -8497,7 +8499,6 @@
A53243981856A489002ED692 /* CombinedDomains.json in Headers */,
BC18C3F30E16F5CD00B34460 /* CommonIdentifiers.h in Headers */,
0F15F15F14B7A73E005DE37D /* CommonSlowPaths.h in Headers */,
- 6553A33217A1F1EE008CF6F3 /* CommonSlowPathsExceptions.h in Headers */,
A7E5A3A81797432D00E893C0 /* CompilationResult.h in Headers */,
0F4F11E8209BCDAB00709654 /* CompilerTimingScope.h in Headers */,
0FDCE12A1FAFA85F006F3901 /* CompleteSubspace.h in Headers */,
@@ -9087,6 +9088,7 @@
978801411471AD920041B016 /* JSDateMath.h in Headers */,
C2A7F688160432D400F76B98 /* JSDestructibleObject.h in Headers */,
0F7DF13C1E2971130095951B /* JSDestructibleObjectHeapCellType.h in Headers */,
+ FE086BCA2123DEFB003F2929 /* EntryFrame.h in Headers */,
FE384EE61ADDB7AD0055DE2C /* JSDollarVM.h in Headers */,
86E3C614167BABD7006D760A /* JSExport.h in Headers */,
A7B4ACAF1484C9CE00B38A36 /* JSExportMacros.h in Headers */,
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/Sources.txt (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/Sources.txt 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/Sources.txt 2018-11-16 23:22:29 UTC (rev 238316)
@@ -715,7 +715,6 @@
runtime/CodeSpecializationKind.cpp
runtime/CommonIdentifiers.cpp
runtime/CommonSlowPaths.cpp
-runtime/CommonSlowPathsExceptions.cpp
runtime/CompilationResult.cpp
tools/CompilerTimingScope.cpp
runtime/Completion.cpp
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/debugger/Debugger.cpp (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/debugger/Debugger.cpp 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/debugger/Debugger.cpp 2018-11-16 23:22:29 UTC (rev 238316)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2008-2017 Apple Inc. All rights reserved.
+ * Copyright (C) 2008-2018 Apple Inc. All rights reserved.
* Copyright (C) 1999-2001 Harri Porten (por...@kde.org)
* Copyright (C) 2001 Peter Kelly (p...@post.com)
*
@@ -686,6 +686,7 @@
{
VM& vm = m_vm;
auto scope = DECLARE_THROW_SCOPE(vm);
+ ASSERT(callFrame);
if (m_isPaused)
return;
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/CallFrame.cpp (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/CallFrame.cpp 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/CallFrame.cpp 2018-11-16 23:22:29 UTC (rev 238316)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2008-2017 Apple Inc. All Rights Reserved.
+ * Copyright (C) 2008-2018 Apple Inc. All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -213,7 +213,7 @@
return false;
}
-CallFrame* CallFrame::callerFrame(EntryFrame*& currEntryFrame)
+CallFrame* CallFrame::callerFrame(EntryFrame*& currEntryFrame) const
{
if (callerFrameOrEntryFrame() == currEntryFrame) {
VMEntryRecord* currVMEntryRecord = vmEntryRecord(currEntryFrame);
@@ -223,7 +223,7 @@
return static_cast<CallFrame*>(callerFrameOrEntryFrame());
}
-SUPPRESS_ASAN CallFrame* CallFrame::unsafeCallerFrame(EntryFrame*& currEntryFrame)
+SUPPRESS_ASAN CallFrame* CallFrame::unsafeCallerFrame(EntryFrame*& currEntryFrame) const
{
if (unsafeCallerFrameOrEntryFrame() == currEntryFrame) {
VMEntryRecord* currVMEntryRecord = vmEntryRecord(currEntryFrame);
@@ -337,4 +337,22 @@
return buffer;
}
+void CallFrame::convertToStackOverflowFrame(VM& vm)
+{
+ ASSERT(!isGlobalExec());
+
+ EntryFrame* entryFrame = vm.topEntryFrame;
+ CallFrame* throwOriginFrame = this;
+ do {
+ throwOriginFrame = throwOriginFrame->callerFrame(entryFrame);
+ } while (throwOriginFrame && throwOriginFrame->callee().isWasm());
+
+ JSObject* originCallee = throwOriginFrame ? throwOriginFrame->jsCallee() : vmEntryRecord(vm.topEntryFrame)->callee();
+ JSObject* stackOverflowCallee = originCallee->globalObject()->stackOverflowFrameCallee();
+
+ setCodeBlock(nullptr);
+ setCallee(stackOverflowCallee);
+ setArgumentCountIncludingThis(0);
+}
+
} // namespace JSC
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/CallFrame.h (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/CallFrame.h 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/CallFrame.h 2018-11-16 23:22:29 UTC (rev 238316)
@@ -140,8 +140,8 @@
void* callerFrameOrEntryFrame() const { return callerFrameAndPC().callerFrame; }
SUPPRESS_ASAN void* unsafeCallerFrameOrEntryFrame() const { return unsafeCallerFrameAndPC().callerFrame; }
- CallFrame* unsafeCallerFrame(EntryFrame*&);
- JS_EXPORT_PRIVATE CallFrame* callerFrame(EntryFrame*&);
+ CallFrame* unsafeCallerFrame(EntryFrame*&) const;
+ JS_EXPORT_PRIVATE CallFrame* callerFrame(EntryFrame*&) const;
JS_EXPORT_PRIVATE SourceOrigin callerSourceOrigin();
@@ -256,6 +256,10 @@
return callerFrameAndPC().callerFrame == noCaller() && callerFrameAndPC().pc == nullptr;
}
+ void convertToStackOverflowFrame(VM&);
+ inline bool isStackOverflowFrame() const;
+ inline bool isWasmFrame() const;
+
void setArgumentCountIncludingThis(int count) { static_cast<Register*>(this)[CallFrameSlot::argumentCount].payload() = count; }
void setCallee(JSObject* callee) { static_cast<Register*>(this)[CallFrameSlot::callee] = callee; }
void setCodeBlock(CodeBlock* codeBlock) { static_cast<Register*>(this)[CallFrameSlot::codeBlock] = codeBlock; }
@@ -268,7 +272,7 @@
// FIXME: This method is improper. We rely on the fact that we can call it with a null
// receiver. We should always be using StackVisitor directly.
// It's only valid to call this from a non-wasm top frame.
- template <typename Functor> void iterate(const Functor& functor)
+ template <StackVisitor::EmptyEntryFrameAction action = "" typename Functor> void iterate(const Functor& functor)
{
VM* vm;
void* rawThis = this;
@@ -277,7 +281,7 @@
vm = &this->vm();
} else
vm = nullptr;
- StackVisitor::visit<Functor>(this, vm, functor);
+ StackVisitor::visit<action, Functor>(this, vm, functor);
}
void dump(PrintStream&);
Copied: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/CallFrameInlines.h (from rev 238315, releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/CommonSlowPathsExceptions.h) (0 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/CallFrameInlines.h (rev 0)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/CallFrameInlines.h 2018-11-16 23:22:29 UTC (rev 238316)
@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2018 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#include "CallFrame.h"
+
+namespace JSC {
+
+inline bool CallFrame::isStackOverflowFrame() const
+{
+ if (callee().isWasm())
+ return false;
+ return jsCallee() == jsCallee()->globalObject()->stackOverflowFrameCallee();
+}
+
+inline bool CallFrame::isWasmFrame() const
+{
+ return callee().isWasm();
+}
+
+} // namespace JSC
Copied: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/EntryFrame.h (from rev 238315, releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/VMEntryRecord.h) (0 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/EntryFrame.h (rev 0)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/EntryFrame.h 2018-11-16 23:22:29 UTC (rev 238316)
@@ -0,0 +1,50 @@
+/*
+ * Copyright (C) 2018 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#include "StackAlignment.h"
+#include "VMEntryRecord.h"
+
+namespace JSC {
+
+struct EntryFrame {
+#if ENABLE(JIT) && NUMBER_OF_CALLEE_SAVES_REGISTERS > 0
+ static ptrdiff_t vmEntryRecordOffset()
+ {
+ EntryFrame* fakeEntryFrame = reinterpret_cast<EntryFrame*>(0x1000);
+ VMEntryRecord* record = vmEntryRecord(fakeEntryFrame);
+ return static_cast<ptrdiff_t>(
+ reinterpret_cast<char*>(record) - reinterpret_cast<char*>(fakeEntryFrame));
+ }
+
+ static ptrdiff_t calleeSaveRegistersBufferOffset()
+ {
+ return vmEntryRecordOffset() + OBJECT_OFFSETOF(VMEntryRecord, calleeSaveRegistersBuffer);
+ }
+#endif
+};
+
+} // namespace JSC
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/FrameTracers.h (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/FrameTracers.h 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/FrameTracers.h 2018-11-16 23:22:29 UTC (rev 238316)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2016-2017 Apple Inc. All rights reserved.
+ * Copyright (C) 2016-2018 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -93,30 +93,4 @@
}
};
-class NativeCallFrameTracerWithRestore {
-public:
- ALWAYS_INLINE NativeCallFrameTracerWithRestore(VM* vm, EntryFrame* EntryFrame, CallFrame* callFrame)
- : m_vm(vm)
- {
- ASSERT(vm);
- ASSERT(callFrame);
- assertStackPointerIsAligned();
- m_savedTopEntryFrame = vm->topEntryFrame;
- m_savedTopCallFrame = vm->topCallFrame;
- vm->topEntryFrame = EntryFrame;
- vm->topCallFrame = callFrame;
- }
-
- ALWAYS_INLINE ~NativeCallFrameTracerWithRestore()
- {
- m_vm->topEntryFrame = m_savedTopEntryFrame;
- m_vm->topCallFrame = m_savedTopCallFrame;
- }
-
-private:
- VM* m_vm;
- EntryFrame* m_savedTopEntryFrame;
- CallFrame* m_savedTopCallFrame;
-};
-
-}
+} // namespace JSC
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/Interpreter.cpp (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/Interpreter.cpp 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/Interpreter.cpp 2018-11-16 23:22:29 UTC (rev 238316)
@@ -718,18 +718,11 @@
HandlerInfo*& m_handler;
};
-NEVER_INLINE HandlerInfo* Interpreter::unwind(VM& vm, CallFrame*& callFrame, Exception* exception, UnwindStart unwindStart)
+NEVER_INLINE HandlerInfo* Interpreter::unwind(VM& vm, CallFrame*& callFrame, Exception* exception)
{
auto scope = DECLARE_CATCH_SCOPE(vm);
- if (unwindStart == UnwindFromCallerFrame) {
- if (callFrame->callerFrameOrEntryFrame() == vm.topEntryFrame)
- return nullptr;
-
- callFrame = callFrame->callerFrame();
- vm.topCallFrame = callFrame;
- }
-
+ ASSERT(reinterpret_cast<void*>(callFrame) != vm.topEntryFrame);
CodeBlock* codeBlock = callFrame->codeBlock();
JSValue exceptionValue = exception->value();
@@ -740,12 +733,12 @@
if (exceptionValue.isEmpty() || (exceptionValue.isCell() && !exceptionValue.asCell()))
exceptionValue = jsNull();
- EXCEPTION_ASSERT_UNUSED(scope, scope.exception() && (!Options::exceptionStackTraceLimit() || scope.exception()->stack().size()));
+ EXCEPTION_ASSERT_UNUSED(scope, scope.exception());
// Calculate an exception handler vPC, unwinding call frames as necessary.
HandlerInfo* handler = nullptr;
UnwindFunctor functor(vm, callFrame, isTerminatedExecutionException(vm, exception), codeBlock, handler);
- StackVisitor::visit(callFrame, &vm, functor);
+ StackVisitor::visit<StackVisitor::TerminateIfTopEntryFrameIsEmpty>(callFrame, &vm, functor);
if (!handler)
return nullptr;
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/Interpreter.h (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/Interpreter.h 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/Interpreter.h 2018-11-16 23:22:29 UTC (rev 238316)
@@ -64,8 +64,6 @@
struct ProtoCallFrame;
struct UnlinkedInstruction;
- enum UnwindStart : uint8_t { UnwindFromCurrentFrame, UnwindFromCallerFrame };
-
enum DebugHookType {
WillExecuteProgram,
DidExecuteProgram,
@@ -116,8 +114,8 @@
JSValue execute(EvalExecutable*, CallFrame*, JSValue thisValue, JSScope*);
void getArgumentsData(CallFrame*, JSFunction*&, ptrdiff_t& firstParameterIndex, Register*& argv, int& argc);
-
- NEVER_INLINE HandlerInfo* unwind(VM&, CallFrame*&, Exception*, UnwindStart);
+
+ NEVER_INLINE HandlerInfo* unwind(VM&, CallFrame*&, Exception*);
void notifyDebuggerOfExceptionToBeThrown(VM&, CallFrame*, Exception*);
NEVER_INLINE void debug(CallFrame*, DebugHookType);
static String stackTraceAsString(VM&, const Vector<StackFrame>&);
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/StackVisitor.cpp (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/StackVisitor.cpp 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/StackVisitor.cpp 2018-11-16 23:22:29 UTC (rev 238316)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2013, 2015-2017 Apple Inc. All rights reserved.
+ * Copyright (C) 2013-2018 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -44,13 +44,18 @@
CallFrame* topFrame;
if (startFrame) {
ASSERT(vm);
+ ASSERT(!vm->topCallFrame || reinterpret_cast<void*>(vm->topCallFrame) != vm->topEntryFrame);
+
m_frame.m_entryFrame = vm->topEntryFrame;
topFrame = vm->topCallFrame;
-
- if (topFrame && static_cast<void*>(m_frame.m_entryFrame) == static_cast<void*>(topFrame)) {
- topFrame = vmEntryRecord(m_frame.m_entryFrame)->m_prevTopCallFrame;
- m_frame.m_entryFrame = vmEntryRecord(m_frame.m_entryFrame)->m_prevTopEntryFrame;
+
+ if (topFrame && topFrame->isStackOverflowFrame()) {
+ topFrame = topFrame->callerFrame(m_frame.m_entryFrame);
+ m_topEntryFrameIsEmpty = (m_frame.m_entryFrame != vm->topEntryFrame);
+ if (startFrame == vm->topCallFrame)
+ startFrame = topFrame;
}
+
} else {
m_frame.m_entryFrame = 0;
topFrame = 0;
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/StackVisitor.h (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/StackVisitor.h 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/StackVisitor.h 2018-11-16 23:22:29 UTC (rev 238316)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2013-2017 Apple Inc. All rights reserved.
+ * Copyright (C) 2013-2018 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -26,7 +26,6 @@
#pragma once
#include "CalleeBits.h"
-#include "VMEntryRecord.h"
#include "WasmIndexOrName.h"
#include <wtf/Function.h>
#include <wtf/Indenter.h>
@@ -35,6 +34,7 @@
namespace JSC {
struct CodeOrigin;
+struct EntryFrame;
struct InlineCallFrame;
class CodeBlock;
@@ -136,10 +136,17 @@
// StackVisitor::visit() expects a Functor that implements the following method:
// Status operator()(StackVisitor&) const;
- template <typename Functor>
+ enum EmptyEntryFrameAction {
+ ContinueIfTopEntryFrameIsEmpty,
+ TerminateIfTopEntryFrameIsEmpty,
+ };
+
+ template <EmptyEntryFrameAction action = "" typename Functor>
static void visit(CallFrame* startFrame, VM* vm, const Functor& functor)
{
StackVisitor visitor(startFrame, vm);
+ if (action == TerminateIfTopEntryFrameIsEmpty && visitor.topEntryFrameIsEmpty())
+ return;
while (visitor->callFrame()) {
Status status = functor(visitor);
if (status != Continue)
@@ -152,6 +159,8 @@
ALWAYS_INLINE Frame* operator->() { return &m_frame; }
void unwindToMachineCodeBlockFrame();
+ bool topEntryFrameIsEmpty() const { return m_topEntryFrameIsEmpty; }
+
private:
JS_EXPORT_PRIVATE StackVisitor(CallFrame* startFrame, VM*);
@@ -164,6 +173,7 @@
#endif
Frame m_frame;
+ bool m_topEntryFrameIsEmpty { false };
};
class CallerFunctor {
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/VMEntryRecord.h (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/VMEntryRecord.h 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/interpreter/VMEntryRecord.h 2018-11-16 23:22:29 UTC (rev 238316)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2014-2017 Apple Inc. All rights reserved.
+ * Copyright (C) 2014-2018 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -31,6 +31,7 @@
struct EntryFrame;
class ExecState;
+class JSObject;
class VM;
struct VMEntryRecord {
@@ -41,7 +42,10 @@
VM* m_vm;
ExecState* m_prevTopCallFrame;
EntryFrame* m_prevTopEntryFrame;
+ JSObject* m_callee;
+ JSObject* callee() const { return m_callee; }
+
#if ENABLE(JIT) && NUMBER_OF_CALLEE_SAVES_REGISTERS > 0
intptr_t calleeSaveRegistersBuffer[NUMBER_OF_CALLEE_SAVES_REGISTERS];
#endif
@@ -55,21 +59,4 @@
extern "C" VMEntryRecord* vmEntryRecord(EntryFrame*);
-struct EntryFrame {
-#if ENABLE(JIT) && NUMBER_OF_CALLEE_SAVES_REGISTERS > 0
- static ptrdiff_t vmEntryRecordOffset()
- {
- EntryFrame* fakeEntryFrame = reinterpret_cast<EntryFrame*>(0x1000);
- VMEntryRecord* record = vmEntryRecord(fakeEntryFrame);
- return static_cast<ptrdiff_t>(
- reinterpret_cast<char*>(record) - reinterpret_cast<char*>(fakeEntryFrame));
- }
-
- static ptrdiff_t calleeSaveRegistersBufferOffset()
- {
- return vmEntryRecordOffset() + OBJECT_OFFSETOF(VMEntryRecord, calleeSaveRegistersBuffer);
- }
-#endif
-};
-
} // namespace JSC
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/jit/AssemblyHelpers.h (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/jit/AssemblyHelpers.h 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/jit/AssemblyHelpers.h 2018-11-16 23:22:29 UTC (rev 238316)
@@ -28,6 +28,7 @@
#if ENABLE(JIT)
#include "CodeBlock.h"
+#include "EntryFrame.h"
#include "FPRInfo.h"
#include "GPRInfo.h"
#include "Heap.h"
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/jit/JITExceptions.cpp (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/jit/JITExceptions.cpp 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/jit/JITExceptions.cpp 2018-11-16 23:22:29 UTC (rev 238316)
@@ -30,6 +30,7 @@
#include "CatchScope.h"
#include "CodeBlock.h"
#include "Disassembler.h"
+#include "EntryFrame.h"
#include "Interpreter.h"
#include "JSCInlines.h"
#include "JSCJSValue.h"
@@ -38,32 +39,25 @@
#include "LLIntThunks.h"
#include "Opcode.h"
#include "ShadowChicken.h"
-#include "VM.h"
+#include "VMInlines.h"
namespace JSC {
-void genericUnwind(VM* vm, ExecState* callFrame, UnwindStart unwindStart)
+void genericUnwind(VM* vm, ExecState* callFrame)
{
auto scope = DECLARE_CATCH_SCOPE(*vm);
+ CallFrame* topJSCallFrame = vm->topJSCallFrame();
if (Options::breakOnThrow()) {
- CodeBlock* codeBlock = callFrame->codeBlock();
- if (codeBlock)
- dataLog("In call frame ", RawPointer(callFrame), " for code block ", *codeBlock, "\n");
- else
- dataLog("In call frame ", RawPointer(callFrame), " with null CodeBlock\n");
+ CodeBlock* codeBlock = topJSCallFrame->codeBlock();
+ dataLog("In call frame ", RawPointer(topJSCallFrame), " for code block ", codeBlock, "\n");
CRASH();
}
- ExecState* shadowChickenTopFrame = callFrame;
- if (unwindStart == UnwindFromCallerFrame) {
- EntryFrame* topEntryFrame = vm->topEntryFrame;
- shadowChickenTopFrame = callFrame->callerFrame(topEntryFrame);
- }
- vm->shadowChicken().log(*vm, shadowChickenTopFrame, ShadowChicken::Packet::throwPacket());
-
+ vm->shadowChicken().log(*vm, topJSCallFrame, ShadowChicken::Packet::throwPacket());
+
Exception* exception = scope.exception();
RELEASE_ASSERT(exception);
- HandlerInfo* handler = vm->interpreter->unwind(*vm, callFrame, exception, unwindStart); // This may update callFrame.
+ HandlerInfo* handler = vm->interpreter->unwind(*vm, callFrame, exception); // This may update callFrame.
void* catchRoutine;
Instruction* catchPCForInterpreter = 0;
@@ -83,7 +77,7 @@
#endif
} else
catchRoutine = LLInt::getCodePtr<ExceptionHandlerPtrTag>(handleUncaughtException).executableAddress();
-
+
ASSERT(bitwise_cast<uintptr_t>(callFrame) < bitwise_cast<uintptr_t>(vm->topEntryFrame));
assertIsTaggedWith(catchRoutine, ExceptionHandlerPtrTag);
@@ -94,9 +88,4 @@
RELEASE_ASSERT(catchRoutine);
}
-void genericUnwind(VM* vm, ExecState* callFrame)
-{
- genericUnwind(vm, callFrame, UnwindFromCurrentFrame);
-}
-
} // namespace JSC
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/jit/JITExceptions.h (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/jit/JITExceptions.h 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/jit/JITExceptions.h 2018-11-16 23:22:29 UTC (rev 238316)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2012 Apple Inc. All rights reserved.
+ * Copyright (C) 2012-2018 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -27,12 +27,9 @@
namespace JSC {
-enum UnwindStart : uint8_t;
-
class ExecState;
class VM;
-void genericUnwind(VM*, ExecState*, UnwindStart);
void genericUnwind(VM*, ExecState*);
} // namespace JSC
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/jit/JITOperations.cpp (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/jit/JITOperations.cpp 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/jit/JITOperations.cpp 2018-11-16 23:22:29 UTC (rev 238316)
@@ -102,16 +102,9 @@
// We pass in our own code block, because the callframe hasn't been populated.
VM* vm = codeBlock->vm();
auto scope = DECLARE_THROW_SCOPE(*vm);
-
- EntryFrame* entryFrame = vm->topEntryFrame;
- CallFrame* callerFrame = exec->callerFrame(entryFrame);
- if (!callerFrame) {
- callerFrame = exec;
- entryFrame = vm->topEntryFrame;
- }
-
- NativeCallFrameTracerWithRestore tracer(vm, entryFrame, callerFrame);
- throwStackOverflowError(callerFrame, scope);
+ exec->convertToStackOverflowFrame(*vm);
+ NativeCallFrameTracer tracer(vm, exec);
+ throwStackOverflowError(exec, scope);
}
int32_t JIT_OPERATION operationCallArityCheck(ExecState* exec)
@@ -121,10 +114,9 @@
int32_t missingArgCount = CommonSlowPaths::arityCheckFor(exec, *vm, CodeForCall);
if (missingArgCount < 0) {
- EntryFrame* entryFrame = vm->topEntryFrame;
- CallFrame* callerFrame = exec->callerFrame(entryFrame);
- NativeCallFrameTracerWithRestore tracer(vm, entryFrame, callerFrame);
- throwStackOverflowError(callerFrame, scope);
+ exec->convertToStackOverflowFrame(*vm);
+ NativeCallFrameTracer tracer(vm, exec);
+ throwStackOverflowError(vm->topCallFrame, scope);
}
return missingArgCount;
@@ -137,10 +129,9 @@
int32_t missingArgCount = CommonSlowPaths::arityCheckFor(exec, *vm, CodeForConstruct);
if (missingArgCount < 0) {
- EntryFrame* entryFrame = vm->topEntryFrame;
- CallFrame* callerFrame = exec->callerFrame(entryFrame);
- NativeCallFrameTracerWithRestore tracer(vm, entryFrame, callerFrame);
- throwStackOverflowError(callerFrame, scope);
+ exec->convertToStackOverflowFrame(*vm);
+ NativeCallFrameTracer tracer(vm, exec);
+ throwStackOverflowError(vm->topCallFrame, scope);
}
return missingArgCount;
@@ -2449,9 +2440,8 @@
void JIT_OPERATION lookupExceptionHandlerFromCallerFrame(VM* vm, ExecState* exec)
{
- vm->topCallFrame = exec->callerFrame();
- genericUnwind(vm, exec, UnwindFromCallerFrame);
- ASSERT(vm->targetMachinePCForThrow);
+ exec->convertToStackOverflowFrame(*vm);
+ lookupExceptionHandler(vm, exec);
}
void JIT_OPERATION operationVMHandleException(ExecState* exec)
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/llint/LLIntOffsetsExtractor.cpp (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/llint/LLIntOffsetsExtractor.cpp 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/llint/LLIntOffsetsExtractor.cpp 2018-11-16 23:22:29 UTC (rev 238316)
@@ -58,7 +58,6 @@
#include "TypeProfiler.h"
#include "TypeProfilerLog.h"
#include "VM.h"
-#include "VMEntryRecord.h"
#include "ValueProfile.h"
#include "Watchdog.h"
#include <wtf/text/StringImpl.h>
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/llint/LLIntSlowPaths.cpp (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/llint/LLIntSlowPaths.cpp 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/llint/LLIntSlowPaths.cpp 2018-11-16 23:22:29 UTC (rev 238316)
@@ -29,7 +29,6 @@
#include "ArrayConstructor.h"
#include "CallFrame.h"
#include "CommonSlowPaths.h"
-#include "CommonSlowPathsExceptions.h"
#include "Error.h"
#include "ErrorHandlingScope.h"
#include "EvalCodeBlock.h"
@@ -526,13 +525,10 @@
VM& vm = exec->vm();
auto throwScope = DECLARE_THROW_SCOPE(vm);
- EntryFrame* topEntryFrame = vm.topEntryFrame;
- CallFrame* callerFrame = exec->callerFrame(topEntryFrame);
- if (!callerFrame) {
- callerFrame = exec;
- topEntryFrame = vm.topEntryFrame;
- }
- NativeCallFrameTracerWithRestore tracer(&vm, topEntryFrame, callerFrame);
+ // It's ok to create the NativeCallFrameTracer here before we
+ // convertToStackOverflowFrame() because this function is always called
+ // after the frame has been propulated with a proper CodeBlock and callee.
+ NativeCallFrameTracer tracer(&vm, exec);
LLINT_SET_PC_FOR_STUBS();
@@ -564,9 +560,10 @@
}
#endif
+ exec->convertToStackOverflowFrame(vm);
ErrorHandlingScope errorScope(vm);
- throwStackOverflowError(callerFrame, throwScope);
- pc = returnToThrow(callerFrame);
+ throwStackOverflowError(exec, throwScope);
+ pc = returnToThrow(exec);
LLINT_RETURN_TWO(pc, exec);
}
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/llint/LowLevelInterpreter.asm (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/llint/LowLevelInterpreter.asm 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/llint/LowLevelInterpreter.asm 2018-11-16 23:22:29 UTC (rev 238316)
@@ -1076,8 +1076,14 @@
subp maxFrameExtentForSlowPathCall, sp
callSlowPath(_llint_stack_check)
bpeq r1, 0, .stackHeightOKGetCodeBlock
+
+ # We're throwing before the frame is fully set up. This frame will be
+ # ignored by the unwinder. So, let's restore the callee saves before we
+ # start unwinding. We need to do this before we change the cfr.
+ restoreCalleeSavesUsedByLLInt()
+
move r1, cfr
- dispatch(0) # Go to exception handler in PC
+ jmp _llint_throw_from_slow_path_trampoline
.stackHeightOKGetCodeBlock:
# Stack check slow path returned that the stack was ok.
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/llint/LowLevelInterpreter32_64.asm (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/llint/LowLevelInterpreter32_64.asm 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/llint/LowLevelInterpreter32_64.asm 2018-11-16 23:22:29 UTC (rev 238316)
@@ -127,6 +127,8 @@
storep t4, VMEntryRecord::m_prevTopCallFrame[sp]
loadp VM::topEntryFrame[vm], t4
storep t4, VMEntryRecord::m_prevTopEntryFrame[sp]
+ loadp ProtoCallFrame::calleeValue[protoCallFrame], t4
+ storep t4, VMEntryRecord::m_callee[sp]
# Align stack pointer
if X86_WIN or MIPS
@@ -307,11 +309,9 @@
andp MarkedBlockMask, t3
loadp MarkedBlockFooterOffset + MarkedBlock::Footer::m_vm[t3], t3
restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer(t3, t0)
- loadp VM::callFrameForCatch[t3], cfr
storep 0, VM::callFrameForCatch[t3]
- loadp CallerFrame[cfr], cfr
-
+ loadp VM::topEntryFrame[t3], cfr
if ARMv7
vmEntryRecord(cfr, t3)
move t3, sp
@@ -573,6 +573,12 @@
move PC, a1
cCall2(slowPath) # This slowPath has a simple protocol: t0 = 0 => no error, t0 != 0 => error
btiz r0, .noError
+
+ # We're throwing before the frame is fully set up. This frame will be
+ # ignored by the unwinder. So, let's restore the callee saves before we
+ # start unwinding. We need to do this before we change the cfr.
+ restoreCalleeSavesUsedByLLInt()
+
move r1, cfr # r1 contains caller frame
jmp _llint_throw_from_slow_path_trampoline
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/llint/LowLevelInterpreter64.asm (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/llint/LowLevelInterpreter64.asm 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/llint/LowLevelInterpreter64.asm 2018-11-16 23:22:29 UTC (rev 238316)
@@ -132,6 +132,8 @@
storep t4, VMEntryRecord::m_prevTopCallFrame[sp]
loadp VM::topEntryFrame[vm], t4
storep t4, VMEntryRecord::m_prevTopEntryFrame[sp]
+ loadp ProtoCallFrame::calleeValue[protoCallFrame], t4
+ storep t4, VMEntryRecord::m_callee[sp]
loadi ProtoCallFrame::paddedArgCount[protoCallFrame], t4
addp CallFrameHeaderSlots, t4, t4
@@ -223,7 +225,6 @@
popCalleeSaves()
functionEpilogue()
-
ret
.throwStackOverflow:
@@ -280,10 +281,9 @@
andp MarkedBlockMask, t3
loadp MarkedBlockFooterOffset + MarkedBlock::Footer::m_vm[t3], t3
restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer(t3, t0)
- loadp VM::callFrameForCatch[t3], cfr
storep 0, VM::callFrameForCatch[t3]
- loadp CallerFrame[cfr], cfr
+ loadp VM::topEntryFrame[t3], cfr
vmEntryRecord(cfr, t2)
loadp VMEntryRecord::m_vm[t2], t3
@@ -506,6 +506,12 @@
move PC, a1
cCall2(slowPath) # This slowPath has the protocol: r0 = 0 => no error, r0 != 0 => error
btiz r0, .noError
+
+ # We're throwing before the frame is fully set up. This frame will be
+ # ignored by the unwinder. So, let's restore the callee saves before we
+ # start unwinding. We need to do this before we change the cfr.
+ restoreCalleeSavesUsedByLLInt()
+
move r1, cfr # r1 contains caller frame
jmp _llint_throw_from_slow_path_trampoline
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/CallData.cpp (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/CallData.cpp 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/CallData.cpp 2018-11-16 23:22:29 UTC (rev 238316)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2008, 2016 Apple Inc. All Rights Reserved.
+ * Copyright (C) 2008-2018 Apple Inc. All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/CommonSlowPaths.cpp (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/CommonSlowPaths.cpp 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/CommonSlowPaths.cpp 2018-11-16 23:22:29 UTC (rev 238316)
@@ -33,7 +33,6 @@
#include "CallFrame.h"
#include "ClonedArguments.h"
#include "CodeProfiling.h"
-#include "CommonSlowPathsExceptions.h"
#include "DefinePropertyAttributes.h"
#include "DirectArguments.h"
#include "Error.h"
@@ -164,16 +163,26 @@
CALL_END_IMPL(cceExec, LLInt::callToThrow(cceExec), ExceptionHandlerPtrTag); \
} while (false)
+static void throwArityCheckStackOverflowError(ExecState* exec, ThrowScope& scope)
+{
+ JSObject* error = createStackOverflowError(exec);
+ throwException(exec, scope, error);
+#if LLINT_TRACING
+ if (UNLIKELY(Options::traceLLIntSlowPath()))
+ dataLog("Throwing exception ", JSValue(scope.exception()), ".\n");
+#endif
+}
+
SLOW_PATH_DECL(slow_path_call_arityCheck)
{
BEGIN();
int slotsToAdd = CommonSlowPaths::arityCheckFor(exec, vm, CodeForCall);
if (slotsToAdd < 0) {
- exec = exec->callerFrame();
- vm.topCallFrame = exec;
+ exec->convertToStackOverflowFrame(vm);
+ NativeCallFrameTracer tracer(&vm, exec);
ErrorHandlingScope errorScope(vm);
throwScope.release();
- CommonSlowPaths::interpreterThrowInCaller(exec, createStackOverflowError(exec));
+ throwArityCheckStackOverflowError(exec, throwScope);
RETURN_TWO(bitwise_cast<void*>(static_cast<uintptr_t>(1)), exec);
}
RETURN_TWO(0, bitwise_cast<void*>(static_cast<uintptr_t>(slotsToAdd)));
@@ -184,10 +193,10 @@
BEGIN();
int slotsToAdd = CommonSlowPaths::arityCheckFor(exec, vm, CodeForConstruct);
if (slotsToAdd < 0) {
- exec = exec->callerFrame();
- vm.topCallFrame = exec;
+ exec->convertToStackOverflowFrame(vm);
+ NativeCallFrameTracer tracer(&vm, exec);
ErrorHandlingScope errorScope(vm);
- CommonSlowPaths::interpreterThrowInCaller(exec, createStackOverflowError(exec));
+ throwArityCheckStackOverflowError(exec, throwScope);
RETURN_TWO(bitwise_cast<void*>(static_cast<uintptr_t>(1)), exec);
}
RETURN_TWO(0, bitwise_cast<void*>(static_cast<uintptr_t>(slotsToAdd)));
Deleted: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/CommonSlowPathsExceptions.cpp (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/CommonSlowPathsExceptions.cpp 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/CommonSlowPathsExceptions.cpp 2018-11-16 23:22:29 UTC (rev 238316)
@@ -1,56 +0,0 @@
-/*
- * Copyright (C) 2013, 2016 Apple Inc. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
- * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
- * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "config.h"
-#include "CommonSlowPathsExceptions.h"
-
-#include "CallFrame.h"
-#include "CodeBlock.h"
-#include "FrameTracers.h"
-#include "Interpreter.h"
-#include "JITExceptions.h"
-#include "LLIntCommon.h"
-#include "JSCInlines.h"
-
-#if LLINT_TRACING
-#include "Exception.h"
-#endif
-
-namespace JSC { namespace CommonSlowPaths {
-
-void interpreterThrowInCaller(ExecState* exec, JSObject* error)
-{
- VM* vm = &exec->vm();
- NativeCallFrameTracer tracer(vm, exec);
- auto scope = DECLARE_THROW_SCOPE(*vm);
-
- throwException(exec, scope, error);
-#if LLINT_TRACING
- if (UNLIKELY(Options::traceLLIntSlowPath()))
- dataLog("Throwing exception ", JSValue(scope.exception()), ".\n");
-#endif
-}
-
-} } // namespace JSC::LLInt
Deleted: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/CommonSlowPathsExceptions.h (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/CommonSlowPathsExceptions.h 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/CommonSlowPathsExceptions.h 2018-11-16 23:22:29 UTC (rev 238316)
@@ -1,38 +0,0 @@
-/*
- * Copyright (C) 2013 Apple Inc. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
- * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
- * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
- * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#pragma once
-
-namespace JSC {
-
-class ExecState;
-class JSObject;
-
-namespace CommonSlowPaths {
-
-// Throw the currently active exception in the context of the caller's call frame.
-void interpreterThrowInCaller(ExecState* callerFrame, JSObject*);
-
-} } // namespace JSC::CommonSlowPaths
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/Completion.cpp (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/Completion.cpp 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/Completion.cpp 2018-11-16 23:22:29 UTC (rev 238316)
@@ -1,7 +1,7 @@
/*
* Copyright (C) 1999-2001 Harri Porten (por...@kde.org)
* Copyright (C) 2001 Peter Kelly (p...@post.com)
- * Copyright (C) 2003-2017 Apple Inc.
+ * Copyright (C) 2003-2018 Apple Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Library General Public
@@ -126,7 +126,7 @@
if (scopeExtensionObject) {
JSScope* ignoredPreviousScope = globalObject->globalScope();
- globalObject->setGlobalScopeExtension(JSWithScope::create(exec->vm(), globalObject, ignoredPreviousScope, scopeExtensionObject));
+ globalObject->setGlobalScopeExtension(JSWithScope::create(vm, globalObject, ignoredPreviousScope, scopeExtensionObject));
}
JSValue returnValue = JSC::evaluate(globalObject->globalExec(), source, globalObject, returnedException);
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/JSGeneratorFunction.h (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/JSGeneratorFunction.h 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/JSGeneratorFunction.h 2018-11-16 23:22:29 UTC (rev 238316)
@@ -32,7 +32,6 @@
class JSGlobalObject;
class LLIntOffsetsExtractor;
-class LLIntDesiredOffsets;
class JSGeneratorFunction final : public JSFunction {
friend class JIT;
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/JSGlobalObject.cpp (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/JSGlobalObject.cpp 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/JSGlobalObject.cpp 2018-11-16 23:22:29 UTC (rev 238316)
@@ -416,6 +416,9 @@
ExecState::initGlobalExec(JSGlobalObject::globalExec(), globalCallee);
ExecState* exec = JSGlobalObject::globalExec();
+ JSCallee* stackOverflowFrameCallee = JSCallee::create(vm, this, globalScope());
+ m_stackOverflowFrameCallee.set(vm, this, stackOverflowFrameCallee);
+
m_hostFunctionStructure.set(vm, this, JSFunction::createStructure(vm, this, m_functionPrototype.get()));
auto initFunctionStructures = [&] (FunctionStructures& structures) {
@@ -1537,6 +1540,7 @@
visitor.append(thisObject->m_globalLexicalEnvironment);
visitor.append(thisObject->m_globalScopeExtension);
visitor.append(thisObject->m_globalCallee);
+ visitor.append(thisObject->m_stackOverflowFrameCallee);
visitor.append(thisObject->m_regExpConstructor);
visitor.append(thisObject->m_errorConstructor);
visitor.append(thisObject->m_nativeErrorPrototypeStructure);
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/JSGlobalObject.h (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/JSGlobalObject.h 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/JSGlobalObject.h 2018-11-16 23:22:29 UTC (rev 238316)
@@ -83,6 +83,7 @@
class JSArrayBuffer;
class JSArrayBufferConstructor;
class JSArrayBufferPrototype;
+class JSCallee;
class JSGlobalObjectDebuggable;
class JSInternalPromise;
class JSModuleLoader;
@@ -256,7 +257,8 @@
WriteBarrier<JSGlobalLexicalEnvironment> m_globalLexicalEnvironment;
WriteBarrier<JSScope> m_globalScopeExtension;
- WriteBarrier<JSObject> m_globalCallee;
+ WriteBarrier<JSCallee> m_globalCallee;
+ WriteBarrier<JSCallee> m_stackOverflowFrameCallee;
WriteBarrier<RegExpConstructor> m_regExpConstructor;
WriteBarrier<ErrorConstructor> m_errorConstructor;
WriteBarrier<Structure> m_nativeErrorPrototypeStructure;
@@ -442,6 +444,8 @@
WeakRandom m_weakRandom;
+ JSCallee* stackOverflowFrameCallee() const { return m_stackOverflowFrameCallee.get(); }
+
InlineWatchpointSet& arrayIteratorProtocolWatchpoint() { return m_arrayIteratorProtocolWatchpoint; }
InlineWatchpointSet& mapIteratorProtocolWatchpoint() { return m_mapIteratorProtocolWatchpoint; }
InlineWatchpointSet& setIteratorProtocolWatchpoint() { return m_setIteratorProtocolWatchpoint; }
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/VM.cpp (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/VM.cpp 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/VM.cpp 2018-11-16 23:22:29 UTC (rev 238316)
@@ -143,6 +143,7 @@
#include "TypeProfilerLog.h"
#include "UnlinkedCodeBlock.h"
#include "VMEntryScope.h"
+#include "VMInlines.h"
#include "VMInspector.h"
#include "VariableEnvironment.h"
#include "WasmWorklist.h"
@@ -830,16 +831,17 @@
void VM::throwException(ExecState* exec, Exception* exception)
{
+ ASSERT(exec == topCallFrame || exec->isGlobalExec());
+ CallFrame* throwOriginFrame = exec->isGlobalExec() ? exec : topJSCallFrame();
+
if (Options::breakOnThrow()) {
- CodeBlock* codeBlock = exec->codeBlock();
- dataLog("Throwing exception in call frame ", RawPointer(exec), " for code block ", codeBlock, "\n");
+ CodeBlock* codeBlock = throwOriginFrame ? throwOriginFrame->codeBlock() : nullptr;
+ dataLog("Throwing exception in call frame ", RawPointer(throwOriginFrame), " for code block ", codeBlock, "\n");
CRASH();
}
- ASSERT(exec == topCallFrame || exec->isGlobalExec());
+ interpreter->notifyDebuggerOfExceptionToBeThrown(*this, throwOriginFrame, exception);
- interpreter->notifyDebuggerOfExceptionToBeThrown(*this, exec, exception);
-
setException(exception);
#if ENABLE(EXCEPTION_SCOPE_VERIFICATION)
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/VM.h (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/VM.h 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/VM.h 2018-11-16 23:22:29 UTC (rev 238316)
@@ -51,7 +51,6 @@
#include "SmallStrings.h"
#include "Strong.h"
#include "StructureCache.h"
-#include "VMEntryRecord.h"
#include "VMTraps.h"
#include "WasmContext.h"
#include "Watchpoint.h"
@@ -168,6 +167,7 @@
class Signature;
}
+struct EntryFrame;
struct HashTable;
struct Instruction;
struct ValueProfile;
@@ -295,6 +295,8 @@
unsigned id() const { return m_id; }
bool isEntered() const { return !!entryScope; }
+ inline CallFrame* topJSCallFrame() const;
+
// Global object in which execution began.
JS_EXPORT_PRIVATE JSGlobalObject* vmEntryGlobalObject(const CallFrame*) const;
Modified: releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/VMInlines.h (238315 => 238316)
--- releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/VMInlines.h 2018-11-16 23:22:18 UTC (rev 238315)
+++ releases/WebKitGTK/webkit-2.22/Source/_javascript_Core/runtime/VMInlines.h 2018-11-16 23:22:29 UTC (rev 238316)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2015-2017 Apple Inc. All rights reserved.
+ * Copyright (C) 2015-2018 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -25,6 +25,8 @@
#pragma once
+#include "CallFrameInlines.h"
+#include "EntryFrame.h"
#include "ProfilerDatabase.h"
#include "VM.h"
#include "Watchdog.h"
@@ -60,4 +62,19 @@
m_perBytecodeProfiler->logEvent(codeBlock, summary, func());
}
+inline CallFrame* VM::topJSCallFrame() const
+{
+ CallFrame* frame = topCallFrame;
+ if (UNLIKELY(!frame))
+ return frame;
+ if (LIKELY(!frame->isWasmFrame() && !frame->isStackOverflowFrame()))
+ return frame;
+ EntryFrame* entryFrame = topEntryFrame;
+ do {
+ frame = frame->callerFrame(entryFrame);
+ ASSERT(!frame || !frame->isStackOverflowFrame());
+ } while (frame && frame->isWasmFrame());
+ return frame;
+}
+
} // namespace JSC
