wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

[INFER] Restore frame pointer at exception block entry before invoking any trap, bug 658491.

Browse Source
This commit is contained in:
Brian Hackett 2011-05-20 21:12:06 -07:00
parent c602e73bb5
commit 02ba3d730b
2 changed files with 18 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
js/src/jit-test/tests/basic/bug657975.js
View File

@ -37,3 +37,10 @@ function f6() {
}
trap(f6, 10, '')
f6()
// bug 658491
function f7() {
try { y = w; } catch(y) {}
}
trap(f7, 16, '')
f7()

22
js/src/methodjit/Compiler.cpp
View File

@ -1510,6 +1510,17 @@ mjit::Compiler::generateMethod()
SPEW_OPCODE();
JS_ASSERT(frame.stackDepth() == opinfo->stackDepth);
// If this is an exception entry point, then jsl_InternalThrow has set
// VMFrame::fp to the correct fp for the entry point. We need to copy
// that value here to FpReg so that FpReg also has the correct sp.
// Otherwise, we would simply be using a stale FpReg value.
// Additionally, we check the interrupt flag to allow interrupting
// deeply nested exception handling.
if (op == JSOP_ENTERBLOCK && analysis->getCode(PC).exceptionEntry) {
masm.loadPtr(FrameAddress(VMFrame::offsetOfFp), JSFrameReg);
interruptCheckHelper();
}
if (trap) {
prepareStubCall(Uses(0));
masm.move(Imm32(trap), Registers::ArgReg1);
@ -6661,17 +6672,6 @@ mjit::Compiler::jumpAndTrace(Jump j, jsbytecode *target, Jump *slow, bool *tramp
void
mjit::Compiler::enterBlock(JSObject *obj)
{
// If this is an exception entry point, then jsl_InternalThrow has set
// VMFrame::fp to the correct fp for the entry point. We need to copy
// that value here to FpReg so that FpReg also has the correct sp.
// Otherwise, we would simply be using a stale FpReg value.
// Additionally, we check the interrupt flag to allow interrupting
// deeply nested exception handling.
if (analysis->getCode(PC).exceptionEntry) {
masm.loadPtr(FrameAddress(VMFrame::offsetOfFp), JSFrameReg);
interruptCheckHelper();
}
/* For now, don't bother doing anything for this opcode. */
frame.syncAndForgetEverything();
masm.move(ImmPtr(obj), Registers::ArgReg1);