Title: [237641] trunk
- Revision
- 237641
- Author
- tzaga...@apple.com
- Date
- 2018-10-31 09:39:06 -0700 (Wed, 31 Oct 2018)
Log Message
REGRESSION(r237547): Exception handlers should be aware of wide opcodes
https://bugs.webkit.org/show_bug.cgi?id=191108
<rdar://problem/45690700>
Reviewed by Saam Barati.
JSTests:
* stress/wide-op_catch.js: Added.
(catch):
Source/_javascript_Core:
When linking the handler, we need to check whether the target op_catch is
wide or narrow in order to chose the right code pointer for the handler.
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::finishCreation):
Modified Paths
Added Paths
Diff
Modified: trunk/JSTests/ChangeLog (237640 => 237641)
--- trunk/JSTests/ChangeLog 2018-10-31 16:33:01 UTC (rev 237640)
+++ trunk/JSTests/ChangeLog 2018-10-31 16:39:06 UTC (rev 237641)
@@ -1,3 +1,14 @@
+2018-10-31 Tadeu Zagallo <tzaga...@apple.com>
+
+ REGRESSION(r237547): Exception handlers should be aware of wide opcodes
+ https://bugs.webkit.org/show_bug.cgi?id=191108
+ <rdar://problem/45690700>
+
+ Reviewed by Saam Barati.
+
+ * stress/wide-op_catch.js: Added.
+ (catch):
+
2018-10-29 Mark Lam <mark....@apple.com>
Correctly detect string overflow when using the 'Function' constructor.
Added: trunk/JSTests/stress/wide-op_catch.js (0 => 237641)
--- trunk/JSTests/stress/wide-op_catch.js (rev 0)
+++ trunk/JSTests/stress/wide-op_catch.js 2018-10-31 16:39:06 UTC (rev 237641)
@@ -0,0 +1,257 @@
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { } catch (e) { }
+try { throw ''; } catch (e) {}
Modified: trunk/Source/_javascript_Core/ChangeLog (237640 => 237641)
--- trunk/Source/_javascript_Core/ChangeLog 2018-10-31 16:33:01 UTC (rev 237640)
+++ trunk/Source/_javascript_Core/ChangeLog 2018-10-31 16:39:06 UTC (rev 237641)
@@ -1,3 +1,17 @@
+2018-10-31 Tadeu Zagallo <tzaga...@apple.com>
+
+ REGRESSION(r237547): Exception handlers should be aware of wide opcodes
+ https://bugs.webkit.org/show_bug.cgi?id=191108
+ <rdar://problem/45690700>
+
+ Reviewed by Saam Barati.
+
+ When linking the handler, we need to check whether the target op_catch is
+ wide or narrow in order to chose the right code pointer for the handler.
+
+ * bytecode/CodeBlock.cpp:
+ (JSC::CodeBlock::finishCreation):
+
2018-10-31 Dominik Infuehr <dinfu...@igalia.com>
Align entries in metadata table
Modified: trunk/Source/_javascript_Core/bytecode/CodeBlock.cpp (237640 => 237641)
--- trunk/Source/_javascript_Core/bytecode/CodeBlock.cpp 2018-10-31 16:33:01 UTC (rev 237640)
+++ trunk/Source/_javascript_Core/bytecode/CodeBlock.cpp 2018-10-31 16:39:06 UTC (rev 237641)
@@ -459,7 +459,10 @@
const UnlinkedHandlerInfo& unlinkedHandler = unlinkedCodeBlock->exceptionHandler(i);
HandlerInfo& handler = m_rareData->m_exceptionHandlers[i];
#if ENABLE(JIT)
- handler.initialize(unlinkedHandler, CodeLocationLabel<ExceptionHandlerPtrTag>(LLInt::getCodePtr<BytecodePtrTag>(op_catch).retagged<ExceptionHandlerPtrTag>()));
+ MacroAssemblerCodePtr<BytecodePtrTag> codePtr = m_instructions->at(unlinkedHandler.target)->isWide()
+ ? LLInt::getWideCodePtr<BytecodePtrTag>(op_catch)
+ : LLInt::getCodePtr<BytecodePtrTag>(op_catch);
+ handler.initialize(unlinkedHandler, CodeLocationLabel<ExceptionHandlerPtrTag>(codePtr.retagged<ExceptionHandlerPtrTag>()));
#else
handler.initialize(unlinkedHandler);
#endif
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
