Commit 0e3a6ace authored by mark.lam@apple.com's avatar mark.lam@apple.com

Added ExpressionRangeInfo for BinaryOpNodes that can throw exceptions

due to type coersion.
https://bugs.webkit.org/show_bug.cgi?id=116853.

Reviewed by Geoffrey Garen.

Source/JavaScriptCore: 

* bytecompiler/NodesCodegen.cpp:
(JSC::BinaryOpNode::emitBytecode):
- Added expression info for the strcat and the general binary op cases.
  I did not add expression info for the "compare with null" case because
  that comparison cannot trigger type coersion, and hence it won't throw
  any exceptions and doesn't need the expression info.

LayoutTests: 

Added the test case from bugzilla which exercises the general binary op
type coersion case, plus another for exercising the strcat case.

* fast/js/line-column-numbers-expected.txt:
* fast/js/line-column-numbers.html:
* fast/js/script-tests/line-column-numbers.js:



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153073 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent d483f707
2013-07-23 Mark Lam <mark.lam@apple.com>
Added ExpressionRangeInfo for BinaryOpNodes that can throw exceptions
due to type coersion.
https://bugs.webkit.org/show_bug.cgi?id=116853.
Reviewed by Geoffrey Garen.
Added the test case from bugzilla which exercises the general binary op
type coersion case, plus another for exercising the strcat case.
* fast/js/line-column-numbers-expected.txt:
* fast/js/line-column-numbers.html:
* fast/js/script-tests/line-column-numbers.js:
2013-07-22 Ryosuke Niwa <rniwa@webkit.org>
The computed values of fix length padding should be subpixel precision like margin
......@@ -93,6 +93,50 @@ On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE
2 eval at [native code]
3 global code at line-column-numbers.html:155:5
--> Case 19 Stack Trace:
0 toString at line-column-numbers.html:170:26
1 toString at line-column-numbers.html:170:26
2 toString at line-column-numbers.html:170:26
3 toString at line-column-numbers.html:170:26
4 toString at line-column-numbers.html:170:26
5 toString at line-column-numbers.html:170:26
6 toString at line-column-numbers.html:170:26
7 toString at line-column-numbers.html:170:26
8 toString at line-column-numbers.html:170:26
9 toString at line-column-numbers.html:170:26
10 toString at line-column-numbers.html:170:26
11 toString at line-column-numbers.html:170:26
12 toString at line-column-numbers.html:170:26
13 toString at line-column-numbers.html:170:26
14 toString at line-column-numbers.html:170:26
15 toString at line-column-numbers.html:170:26
16 toString at line-column-numbers.html:170:26
17 toString at line-column-numbers.html:170:26
18 toString at line-column-numbers.html:170:26
19 toString at line-column-numbers.html:170:26
--> Case 20 Stack Trace:
0 g at line-column-numbers.html:190:17
1 g at line-column-numbers.html:190:30
2 g at line-column-numbers.html:190:30
3 g at line-column-numbers.html:190:30
4 g at line-column-numbers.html:190:30
5 g at line-column-numbers.html:190:30
6 g at line-column-numbers.html:190:30
7 g at line-column-numbers.html:190:30
8 g at line-column-numbers.html:190:30
9 g at line-column-numbers.html:190:30
10 g at line-column-numbers.html:190:30
11 g at line-column-numbers.html:190:30
12 g at line-column-numbers.html:190:30
13 g at line-column-numbers.html:190:30
14 g at line-column-numbers.html:190:30
15 g at line-column-numbers.html:190:30
16 g at line-column-numbers.html:190:30
17 g at line-column-numbers.html:190:30
18 g at line-column-numbers.html:190:30
19 g at line-column-numbers.html:190:30
--> Case 1 Stack Trace:
0 global code at line-column-numbers.js:3:28
......@@ -183,6 +227,50 @@ On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE
2 eval at [native code]
3 global code at line-column-numbers.js:96:5
--> Case 19 Stack Trace:
0 toString at line-column-numbers.js:109:26
1 toString at line-column-numbers.js:109:26
2 toString at line-column-numbers.js:109:26
3 toString at line-column-numbers.js:109:26
4 toString at line-column-numbers.js:109:26
5 toString at line-column-numbers.js:109:26
6 toString at line-column-numbers.js:109:26
7 toString at line-column-numbers.js:109:26
8 toString at line-column-numbers.js:109:26
9 toString at line-column-numbers.js:109:26
10 toString at line-column-numbers.js:109:26
11 toString at line-column-numbers.js:109:26
12 toString at line-column-numbers.js:109:26
13 toString at line-column-numbers.js:109:26
14 toString at line-column-numbers.js:109:26
15 toString at line-column-numbers.js:109:26
16 toString at line-column-numbers.js:109:26
17 toString at line-column-numbers.js:109:26
18 toString at line-column-numbers.js:109:26
19 toString at line-column-numbers.js:109:26
--> Case 20 Stack Trace:
0 g at line-column-numbers.js:127:17
1 g at line-column-numbers.js:127:30
2 g at line-column-numbers.js:127:30
3 g at line-column-numbers.js:127:30
4 g at line-column-numbers.js:127:30
5 g at line-column-numbers.js:127:30
6 g at line-column-numbers.js:127:30
7 g at line-column-numbers.js:127:30
8 g at line-column-numbers.js:127:30
9 g at line-column-numbers.js:127:30
10 g at line-column-numbers.js:127:30
11 g at line-column-numbers.js:127:30
12 g at line-column-numbers.js:127:30
13 g at line-column-numbers.js:127:30
14 g at line-column-numbers.js:127:30
15 g at line-column-numbers.js:127:30
16 g at line-column-numbers.js:127:30
17 g at line-column-numbers.js:127:30
18 g at line-column-numbers.js:127:30
19 g at line-column-numbers.js:127:30
PASS successfullyParsed is true
TEST COMPLETE
......
......@@ -21,7 +21,7 @@ testId = 0;
function printStack(stackTrace) {
debug("--> Case " + testId + " Stack Trace:")
stackTrace = stackTrace.split("\n");
var length = Math.min(stackTrace.length, 100);
var length = Math.min(stackTrace.length, 20);
for (var i = 0; i < length; i++) {
var indexOfAt = stackTrace[i].indexOf('@')
var indexOfLastSlash = stackTrace[i].lastIndexOf('/');
......@@ -161,6 +161,43 @@ eval("\n" +
"");
</script>
<!-- Case 19: Binary op with type coersion on strcat. -->
<script>testId++;</script>
<script>
try {
testObj19 = {
toString: function() {
var result = ("Hello " + "World") + this;
b = 5;
return result;
},
run: function() {
return testObj19.toString();
}
};
testObj19.run();
} catch(e) {
printStack(e.stack);
}
</script>
<!-- Case 20: BinaryOp with type coersion on comparison. -->
<script>testId++;</script>
<script>
try {
function test20() {
var f = function g() {
if (this != 10) f();
};
var a = f();
}
test20();
} catch(e) {
printStack(e.stack);
}
</script>
<!-- Now do it all over with a loaded script file. -->
<script>testId = 0;</script>
<script src="script-tests/line-column-numbers.js"></script>
......
......@@ -101,4 +101,37 @@ eval("\n" +
"}\n" +
"");
// Case 19: Binary op with type coersion on strcat.
testId++;
try {
testObj19b = {
toString: function() {
var result = ("Hello " + "World") + this;
b19 = 5;
return result;
},
run: function() {
return testObj19b.toString();
}
};
testObj19b.run();
} catch(e) {
printStack(e.stack);
}
// Case 20: BinaryOp with type coersion on comparison.
testId++;
try {
function test20b() {
var f = function g() {
if (this != 10) f();
};
var a = f();
}
test20b();
} catch(e) {
printStack(e.stack);
}
successfullyParsed = true;
2013-07-23 Mark Lam <mark.lam@apple.com>
Added ExpressionRangeInfo for BinaryOpNodes that can throw exceptions
due to type coersion.
https://bugs.webkit.org/show_bug.cgi?id=116853.
Reviewed by Geoffrey Garen.
* bytecompiler/NodesCodegen.cpp:
(JSC::BinaryOpNode::emitBytecode):
- Added expression info for the strcat and the general binary op cases.
I did not add expression info for the "compare with null" case because
that comparison cannot trigger type coersion, and hence it won't throw
any exceptions and doesn't need the expression info.
2013-07-23 Mark Lam <mark.lam@apple.com>
Removed unused sourceOffset from JSTokenLocation.
......
......@@ -1095,8 +1095,10 @@ RegisterID* BinaryOpNode::emitBytecode(BytecodeGenerator& generator, RegisterID*
{
OpcodeID opcodeID = this->opcodeID();
if (opcodeID == op_add && m_expr1->isAdd() && m_expr1->resultDescriptor().definitelyIsString())
if (opcodeID == op_add && m_expr1->isAdd() && m_expr1->resultDescriptor().definitelyIsString()) {
generator.emitExpressionInfo(startOffset(), 0, 0, lineNo(), lineStartOffset());
return emitStrcat(generator, dst);
}
if (opcodeID == op_neq) {
if (m_expr1->isNull() || m_expr2->isNull()) {
......@@ -1116,6 +1118,7 @@ RegisterID* BinaryOpNode::emitBytecode(BytecodeGenerator& generator, RegisterID*
RefPtr<RegisterID> src1 = generator.emitNodeForLeftHandSide(left, m_rightHasAssignments, right->isPure(generator));
bool wasTypeof = generator.m_lastOpcodeID == op_typeof;
RegisterID* src2 = generator.emitNode(right);
generator.emitExpressionInfo(startOffset(), 0, 0, lineNo(), lineStartOffset());
if (wasTypeof && (opcodeID == op_neq || opcodeID == op_nstricteq)) {
RefPtr<RegisterID> tmp = generator.tempDestination(dst);
if (opcodeID == op_neq)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment