Commit 3c2d4de2 authored by msaboff@apple.com's avatar msaboff@apple.com

2011-01-10 Michael Saboff <msaboff@apple.com>

        Reviewed by Geoffrey Garen.

        ASSERTION Failure in JSC::binaryChop
        https://bugs.webkit.org/show_bug.cgi?id=25614

        Changed JITStubs::cti_register_file_check() to use the current stack's
        return PC to find the bytecode for handling the exception in the prior
        frame.  Also added the appropriate arrity check routine call to the
        JIT to bytecode vector (m_callReturnIndexVector) in the CodeBlock.

        * jit/JIT.cpp:
        (JSC::JIT::privateCompile): Changed the arrity check call location
        so that it gets added to the m_calls list so that it's included in
        CodeBlock::m_callReturnIndexVector.
        * jit/JITStubs.cpp:
        (JSC::DEFINE_STUB_FUNCTION): Use the current call frame's return PC.
2011-01-11  Michael Saboff  <msaboff@apple.com>

        Reviewed by Geoffrey Garen.

        ASSERTION Failure in JSC::binaryChop
        https://bugs.webkit.org/show_bug.cgi?id=25614

        Added new test to check for proper handling of stack overflow 
        exceptions and arrity exceptions while close to the top of the stack.

        * fast/js/script-tests/stack-overflow-arrity-catch.js: Added.
        (fWithTwoArgs):
        (test):
        * fast/js/script-tests/stack-overflow-catch.js: Added.
        (test):
        * fast/js/stack-overflow-arrity-catch-expected.txt: Added.
        * fast/js/stack-overflow-arrity-catch.html: Added.
        * fast/js/stack-overflow-catch-expected.txt: Added.
        * fast/js/stack-overflow-catch.html: Added.


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@75510 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent 521d138f
2011-01-11 Michael Saboff <msaboff@apple.com>
Reviewed by Geoffrey Garen.
ASSERTION Failure in JSC::binaryChop
https://bugs.webkit.org/show_bug.cgi?id=25614
Added new test to check for proper handling of stack overflow
exceptions and arrity exceptions while close to the top of the stack.
* fast/js/script-tests/stack-overflow-arrity-catch.js: Added.
(fWithTwoArgs):
(test):
* fast/js/script-tests/stack-overflow-catch.js: Added.
(test):
* fast/js/stack-overflow-arrity-catch-expected.txt: Added.
* fast/js/stack-overflow-arrity-catch.html: Added.
* fast/js/stack-overflow-catch-expected.txt: Added.
* fast/js/stack-overflow-catch.html: Added.
2011-01-11 Stephen White <senorblanco@chromium.org>
Unreviewed; new chromium GPU test baselines.
......
description('Test that if an arrity check causes a stack overflow, the exception goes to the right catch');
function funcWith20Args(arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8,
arg9, arg10, arg11, arg12, arg13, arg14, arg15,
arg16, arg17, arg18, arg19, arg20)
{
debug("ERROR: Shouldn't arrive in 20 arg function!");
}
gotRightCatch = false;
function test1()
{
try {
test2();
} catch (err) {
// Should get here because of stack overflow,
// now cause a stack overflow exception due to arrity processing
try {
var dummy = new RegExp('a|b|c');
} catch(err) {
debug('Should not get here #1!');
}
try {
funcWith20Args(1, 2, 3);
} catch (err2) {
gotRightCatch = true;
}
}
}
function test2()
{
try {
var dummy = new Date();
} catch(err) {
debug('Should not get here #2!');
}
try {
test1();
} catch (err) {
// Should get here because of stack overflow,
// now cause a stack overflow exception due to arrity processing
try {
funcWith20Args(1, 2, 3, 4, 5, 6);
} catch (err2) {
gotRightCatch = true;
}
}
}
test1();
shouldBeTrue("gotRightCatch");
var successfullyParsed = true;
description('Test that when the stack overflows, the exception goes to the last frame before the overflow');
var level = 0;
var stackLevel = 0;
var gotWrongCatch = false;
function test1()
{
var myLevel = level;
var dummy;
try {
level = level + 1;
// Dummy code to make this funciton different from test2()
dummy = level * level + 1;
if (dummy == 0)
debug('Should never get here!!!!');
} catch(err) {
gotWrongCatch = true;
}
try {
test2();
} catch(err) {
stackLevel = myLevel;
}
}
function test2()
{
var myLevel = level;
// Dummy code to make this funciton different from test1()
if (gotWrongCatch)
debug('Should never get here!!!!');
try {
level = level + 1;
} catch(err) {
gotWrongCatch = true;
}
try {
test1();
} catch(err) {
stackLevel = myLevel;
}
}
test1();
shouldBeFalse("gotWrongCatch");
shouldBe("(stackLevel)", "(level - 1)");
var successfullyParsed = true;
Test that if an arrity check causes a stack overflow, the exception goes to the right catch
On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
PASS gotRightCatch is true
PASS successfullyParsed is true
TEST COMPLETE
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>
<head>
<link rel="stylesheet" href="resources/js-test-style.css">
<script src="resources/js-test-pre.js"></script>
</head>
<body>
<p id="description"></p>
<div id="console"></div>
<script src="script-tests/stack-overflow-arrity-catch.js"></script>
<script src="resources/js-test-post.js"></script>
</body>
</html>
Test that when the stack overflows, the exception goes to the last frame before the overflow
On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
PASS gotWrongCatch is false
PASS (stackLevel) is (level - 1)
PASS successfullyParsed is true
TEST COMPLETE
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>
<head>
<link rel="stylesheet" href="resources/js-test-style.css">
<script src="resources/js-test-pre.js"></script>
</head>
<body>
<p id="description"></p>
<div id="console"></div>
<script src="script-tests/stack-overflow-catch.js"></script>
<script src="resources/js-test-post.js"></script>
</body>
</html>
2011-01-10 Michael Saboff <msaboff@apple.com>
Reviewed by Geoffrey Garen.
ASSERTION Failure in JSC::binaryChop
https://bugs.webkit.org/show_bug.cgi?id=25614
Changed JITStubs::cti_register_file_check() to use the current stack's
return PC to find the bytecode for handling the exception in the prior
frame. Also added the appropriate arrity check routine call to the
JIT to bytecode vector (m_callReturnIndexVector) in the CodeBlock.
* jit/JIT.cpp:
(JSC::JIT::privateCompile): Changed the arrity check call location
so that it gets added to the m_calls list so that it's included in
CodeBlock::m_callReturnIndexVector.
* jit/JITStubs.cpp:
(JSC::DEFINE_STUB_FUNCTION): Use the current call frame's return PC.
2011-01-10 Daniel Bates <dbates@rim.com>
Reviewed by Martin Robinson.
......
......@@ -489,7 +489,6 @@ JITCode JIT::privateCompile(CodePtr* functionEntryArityCheck)
privateCompileSlowCases();
Label arityCheck;
Call callArityCheck;
if (m_codeBlock->codeType() == FunctionCode) {
registerFileCheck.link(this);
m_bytecodeOffset = 0;
......@@ -504,8 +503,9 @@ JITCode JIT::privateCompile(CodePtr* functionEntryArityCheck)
emitPutToCallFrameHeader(regT2, RegisterFile::ReturnPC);
branch32(Equal, regT1, Imm32(m_codeBlock->m_numParameters)).linkTo(beginLabel, this);
restoreArgumentReference();
callArityCheck = call();
move(regT0, callFrameRegister);
JITStubCall(this, m_codeBlock->m_isConstructor ? cti_op_construct_arityCheck : cti_op_call_arityCheck).call(callFrameRegister);
jump(beginLabel);
}
......@@ -585,10 +585,8 @@ JITCode JIT::privateCompile(CodePtr* functionEntryArityCheck)
info.callReturnLocation = m_codeBlock->structureStubInfo(m_methodCallCompilationInfo[i].propertyAccessIndex).callReturnLocation;
}
if (m_codeBlock->codeType() == FunctionCode && functionEntryArityCheck) {
patchBuffer.link(callArityCheck, FunctionPtr(m_codeBlock->m_isConstructor ? cti_op_construct_arityCheck : cti_op_call_arityCheck));
if (m_codeBlock->codeType() == FunctionCode && functionEntryArityCheck)
*functionEntryArityCheck = patchBuffer.locationOf(arityCheck);
}
return patchBuffer.finalizeCode();
}
......
......@@ -1431,7 +1431,7 @@ DEFINE_STUB_FUNCTION(void*, register_file_check)
// Rewind to the previous call frame because op_call already optimistically
// moved the call frame forward.
CallFrame* oldCallFrame = callFrame->callerFrame();
ExceptionHandler handler = jitThrow(stackFrame.globalData, oldCallFrame, createStackOverflowError(oldCallFrame), ReturnAddressPtr(oldCallFrame->returnPC()));
ExceptionHandler handler = jitThrow(stackFrame.globalData, oldCallFrame, createStackOverflowError(oldCallFrame), ReturnAddressPtr(callFrame->returnPC()));
STUB_SET_RETURN_ADDRESS(handler.catchRoutine);
callFrame = handler.callFrame;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment