- Revision
- 153073
- Author
- [email protected]
- Date
- 2013-07-23 17:56:52 -0700 (Tue, 23 Jul 2013)
Log Message
Added ExpressionRangeInfo for BinaryOpNodes that can throw exceptions
due to type coersion.
https://bugs.webkit.org/show_bug.cgi?id=116853.
Reviewed by Geoffrey Garen.
Source/_javascript_Core:
* bytecompiler/NodesCodegen.cpp:
(JSC::BinaryOpNode::emitBytecode):
- Added _expression_ info for the strcat and the general binary op cases.
I did not add _expression_ info for the "compare with null" case because
that comparison cannot trigger type coersion, and hence it won't throw
any exceptions and doesn't need the _expression_ info.
LayoutTests:
Added the test case from bugzilla which exercises the general binary op
type coersion case, plus another for exercising the strcat case.
* fast/js/line-column-numbers-expected.txt:
* fast/js/line-column-numbers.html:
* fast/js/script-tests/line-column-numbers.js:
Modified Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (153072 => 153073)
--- trunk/LayoutTests/ChangeLog 2013-07-24 00:53:57 UTC (rev 153072)
+++ trunk/LayoutTests/ChangeLog 2013-07-24 00:56:52 UTC (rev 153073)
@@ -1,3 +1,18 @@
+2013-07-23 Mark Lam <[email protected]>
+
+ Added ExpressionRangeInfo for BinaryOpNodes that can throw exceptions
+ due to type coersion.
+ https://bugs.webkit.org/show_bug.cgi?id=116853.
+
+ Reviewed by Geoffrey Garen.
+
+ Added the test case from bugzilla which exercises the general binary op
+ type coersion case, plus another for exercising the strcat case.
+
+ * fast/js/line-column-numbers-expected.txt:
+ * fast/js/line-column-numbers.html:
+ * fast/js/script-tests/line-column-numbers.js:
+
2013-07-22 Ryosuke Niwa <[email protected]>
The computed values of fix length padding should be subpixel precision like margin
Modified: trunk/LayoutTests/fast/js/line-column-numbers-expected.txt (153072 => 153073)
--- trunk/LayoutTests/fast/js/line-column-numbers-expected.txt 2013-07-24 00:53:57 UTC (rev 153072)
+++ trunk/LayoutTests/fast/js/line-column-numbers-expected.txt 2013-07-24 00:56:52 UTC (rev 153073)
@@ -93,6 +93,50 @@
2 eval at [native code]
3 global code at line-column-numbers.html:155:5
+--> Case 19 Stack Trace:
+ 0 toString at line-column-numbers.html:170:26
+ 1 toString at line-column-numbers.html:170:26
+ 2 toString at line-column-numbers.html:170:26
+ 3 toString at line-column-numbers.html:170:26
+ 4 toString at line-column-numbers.html:170:26
+ 5 toString at line-column-numbers.html:170:26
+ 6 toString at line-column-numbers.html:170:26
+ 7 toString at line-column-numbers.html:170:26
+ 8 toString at line-column-numbers.html:170:26
+ 9 toString at line-column-numbers.html:170:26
+ 10 toString at line-column-numbers.html:170:26
+ 11 toString at line-column-numbers.html:170:26
+ 12 toString at line-column-numbers.html:170:26
+ 13 toString at line-column-numbers.html:170:26
+ 14 toString at line-column-numbers.html:170:26
+ 15 toString at line-column-numbers.html:170:26
+ 16 toString at line-column-numbers.html:170:26
+ 17 toString at line-column-numbers.html:170:26
+ 18 toString at line-column-numbers.html:170:26
+ 19 toString at line-column-numbers.html:170:26
+
+--> Case 20 Stack Trace:
+ 0 g at line-column-numbers.html:190:17
+ 1 g at line-column-numbers.html:190:30
+ 2 g at line-column-numbers.html:190:30
+ 3 g at line-column-numbers.html:190:30
+ 4 g at line-column-numbers.html:190:30
+ 5 g at line-column-numbers.html:190:30
+ 6 g at line-column-numbers.html:190:30
+ 7 g at line-column-numbers.html:190:30
+ 8 g at line-column-numbers.html:190:30
+ 9 g at line-column-numbers.html:190:30
+ 10 g at line-column-numbers.html:190:30
+ 11 g at line-column-numbers.html:190:30
+ 12 g at line-column-numbers.html:190:30
+ 13 g at line-column-numbers.html:190:30
+ 14 g at line-column-numbers.html:190:30
+ 15 g at line-column-numbers.html:190:30
+ 16 g at line-column-numbers.html:190:30
+ 17 g at line-column-numbers.html:190:30
+ 18 g at line-column-numbers.html:190:30
+ 19 g at line-column-numbers.html:190:30
+
--> Case 1 Stack Trace:
0 global code at line-column-numbers.js:3:28
@@ -183,6 +227,50 @@
2 eval at [native code]
3 global code at line-column-numbers.js:96:5
+--> Case 19 Stack Trace:
+ 0 toString at line-column-numbers.js:109:26
+ 1 toString at line-column-numbers.js:109:26
+ 2 toString at line-column-numbers.js:109:26
+ 3 toString at line-column-numbers.js:109:26
+ 4 toString at line-column-numbers.js:109:26
+ 5 toString at line-column-numbers.js:109:26
+ 6 toString at line-column-numbers.js:109:26
+ 7 toString at line-column-numbers.js:109:26
+ 8 toString at line-column-numbers.js:109:26
+ 9 toString at line-column-numbers.js:109:26
+ 10 toString at line-column-numbers.js:109:26
+ 11 toString at line-column-numbers.js:109:26
+ 12 toString at line-column-numbers.js:109:26
+ 13 toString at line-column-numbers.js:109:26
+ 14 toString at line-column-numbers.js:109:26
+ 15 toString at line-column-numbers.js:109:26
+ 16 toString at line-column-numbers.js:109:26
+ 17 toString at line-column-numbers.js:109:26
+ 18 toString at line-column-numbers.js:109:26
+ 19 toString at line-column-numbers.js:109:26
+
+--> Case 20 Stack Trace:
+ 0 g at line-column-numbers.js:127:17
+ 1 g at line-column-numbers.js:127:30
+ 2 g at line-column-numbers.js:127:30
+ 3 g at line-column-numbers.js:127:30
+ 4 g at line-column-numbers.js:127:30
+ 5 g at line-column-numbers.js:127:30
+ 6 g at line-column-numbers.js:127:30
+ 7 g at line-column-numbers.js:127:30
+ 8 g at line-column-numbers.js:127:30
+ 9 g at line-column-numbers.js:127:30
+ 10 g at line-column-numbers.js:127:30
+ 11 g at line-column-numbers.js:127:30
+ 12 g at line-column-numbers.js:127:30
+ 13 g at line-column-numbers.js:127:30
+ 14 g at line-column-numbers.js:127:30
+ 15 g at line-column-numbers.js:127:30
+ 16 g at line-column-numbers.js:127:30
+ 17 g at line-column-numbers.js:127:30
+ 18 g at line-column-numbers.js:127:30
+ 19 g at line-column-numbers.js:127:30
+
PASS successfullyParsed is true
TEST COMPLETE
Modified: trunk/LayoutTests/fast/js/line-column-numbers.html (153072 => 153073)
--- trunk/LayoutTests/fast/js/line-column-numbers.html 2013-07-24 00:53:57 UTC (rev 153072)
+++ trunk/LayoutTests/fast/js/line-column-numbers.html 2013-07-24 00:56:52 UTC (rev 153073)
@@ -21,7 +21,7 @@
function printStack(stackTrace) {
debug("--> Case " + testId + " Stack Trace:")
stackTrace = stackTrace.split("\n");
- var length = Math.min(stackTrace.length, 100);
+ var length = Math.min(stackTrace.length, 20);
for (var i = 0; i < length; i++) {
var indexOfAt = stackTrace[i].indexOf('@')
var indexOfLastSlash = stackTrace[i].lastIndexOf('/');
@@ -161,6 +161,43 @@
"");
</script>
+<!-- Case 19: Binary op with type coersion on strcat. -->
+<script>testId++;</script>
+<script>
+try {
+ testObj19 = {
+ toString: function() {
+ var result = ("Hello " + "World") + this;
+ b = 5;
+ return result;
+ },
+ run: function() {
+ return testObj19.toString();
+ }
+ };
+ testObj19.run();
+} catch(e) {
+ printStack(e.stack);
+}
+</script>
+
+<!-- Case 20: BinaryOp with type coersion on comparison. -->
+<script>testId++;</script>
+<script>
+try {
+ function test20() {
+ var f = function g() {
+ if (this != 10) f();
+ };
+ var a = f();
+ }
+
+ test20();
+} catch(e) {
+ printStack(e.stack);
+}
+</script>
+
<!-- Now do it all over with a loaded script file. -->
<script>testId = 0;</script>
<script src=""
Modified: trunk/LayoutTests/fast/js/script-tests/line-column-numbers.js (153072 => 153073)
--- trunk/LayoutTests/fast/js/script-tests/line-column-numbers.js 2013-07-24 00:53:57 UTC (rev 153072)
+++ trunk/LayoutTests/fast/js/script-tests/line-column-numbers.js 2013-07-24 00:56:52 UTC (rev 153073)
@@ -101,4 +101,37 @@
"}\n" +
"");
+// Case 19: Binary op with type coersion on strcat.
+testId++;
+try {
+ testObj19b = {
+ toString: function() {
+ var result = ("Hello " + "World") + this;
+ b19 = 5;
+ return result;
+ },
+ run: function() {
+ return testObj19b.toString();
+ }
+ };
+ testObj19b.run();
+} catch(e) {
+ printStack(e.stack);
+}
+
+// Case 20: BinaryOp with type coersion on comparison.
+testId++;
+try {
+ function test20b() {
+ var f = function g() {
+ if (this != 10) f();
+ };
+ var a = f();
+ }
+
+ test20b();
+} catch(e) {
+ printStack(e.stack);
+}
+
successfullyParsed = true;
Modified: trunk/Source/_javascript_Core/ChangeLog (153072 => 153073)
--- trunk/Source/_javascript_Core/ChangeLog 2013-07-24 00:53:57 UTC (rev 153072)
+++ trunk/Source/_javascript_Core/ChangeLog 2013-07-24 00:56:52 UTC (rev 153073)
@@ -1,5 +1,20 @@
2013-07-23 Mark Lam <[email protected]>
+ Added ExpressionRangeInfo for BinaryOpNodes that can throw exceptions
+ due to type coersion.
+ https://bugs.webkit.org/show_bug.cgi?id=116853.
+
+ Reviewed by Geoffrey Garen.
+
+ * bytecompiler/NodesCodegen.cpp:
+ (JSC::BinaryOpNode::emitBytecode):
+ - Added _expression_ info for the strcat and the general binary op cases.
+ I did not add _expression_ info for the "compare with null" case because
+ that comparison cannot trigger type coersion, and hence it won't throw
+ any exceptions and doesn't need the _expression_ info.
+
+2013-07-23 Mark Lam <[email protected]>
+
Removed unused sourceOffset from JSTokenLocation.
https://bugs.webkit.org/show_bug.cgi?id=118996.
Modified: trunk/Source/_javascript_Core/bytecompiler/NodesCodegen.cpp (153072 => 153073)
--- trunk/Source/_javascript_Core/bytecompiler/NodesCodegen.cpp 2013-07-24 00:53:57 UTC (rev 153072)
+++ trunk/Source/_javascript_Core/bytecompiler/NodesCodegen.cpp 2013-07-24 00:56:52 UTC (rev 153073)
@@ -1095,8 +1095,10 @@
{
OpcodeID opcodeID = this->opcodeID();
- if (opcodeID == op_add && m_expr1->isAdd() && m_expr1->resultDescriptor().definitelyIsString())
+ if (opcodeID == op_add && m_expr1->isAdd() && m_expr1->resultDescriptor().definitelyIsString()) {
+ generator.emitExpressionInfo(startOffset(), 0, 0, lineNo(), lineStartOffset());
return emitStrcat(generator, dst);
+ }
if (opcodeID == op_neq) {
if (m_expr1->isNull() || m_expr2->isNull()) {
@@ -1116,6 +1118,7 @@
RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(left, m_rightHasAssignments, right->isPure(generator));
bool wasTypeof = generator.m_lastOpcodeID == op_typeof;
RegisterID* src2 = generator.emitNode(right);
+ generator.emitExpressionInfo(startOffset(), 0, 0, lineNo(), lineStartOffset());
if (wasTypeof && (opcodeID == op_neq || opcodeID == op_nstricteq)) {
RefPtr<RegisterID> tmp = generator.tempDestination(dst);
if (opcodeID == op_neq)
