147759 2015-08-06 17:33:18 -0700 jsc-tailcall: REGRESSION(r188071): Crash when handling exception in Release builds 2015-09-14 10:59:38 -0700 1 1 1 Unclassified WebKit JavaScriptCore 528+ (Nightly build) Unspecified Unspecified RESOLVED INVALID P2 Normal --- 148076 147747 1 msaboff msaboff basile_clement oldest_to_newest 1115568 0 msaboff 2015-08-06 17:33:18 -0700 Looks like we are overwriting a callee save from a C++ caller. 1118104 1 259147 msaboff 2015-08-17 07:28:32 -0700 Created attachment 259147 Patch 1118277 2 259147 basile_clement 2015-08-17 15:57:17 -0700 Comment on attachment 259147 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=259147&action=review > Source/JavaScriptCore/interpreter/Interpreter.cpp:638 > + copyCalleeSavesToVMCalleeSavesBuffer(visitor); Why don't we need this in the else branch? Otherwise, LGTM. 1118289 3 259147 msaboff 2015-08-17 16:34:20 -0700 Comment on attachment 259147 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=259147&action=review >> Source/JavaScriptCore/interpreter/Interpreter.cpp:638 >> + copyCalleeSavesToVMCalleeSavesBuffer(visitor); > > Why don't we need this in the else branch? > > Otherwise, LGTM. This is the case that we found a handler, i.e. catch block, in the current frame. We don't process that frame's callee saves. 1118320 4 msaboff 2015-08-17 16:59:08 -0700 Committed r188556: <http://trac.webkit.org/changeset/188556> 1125647 5 259147 ossy 2015-09-14 10:59:38 -0700 Comment on attachment 259147 Patch Cleared review? from attachment 259147 so that this bug does not appear in http://webkit.org/pending-review. If you would like this patch reviewed, please attach it to a new bug (or re-open this bug before marking it for review again). 259147 2015-08-17 07:28:32 -0700 2015-09-14 10:59:38 -0700 Patch 147759.patch text/plain 5140 msaboff SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMTg4NTIxKQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDMwIEBA CisyMDE1LTA4LTE3ICBNaWNoYWVsIFNhYm9mZiAgPG1zYWJvZmZAYXBwbGUuY29tPgorCisgICAg ICAgIGpzYy10YWlsY2FsbDogUkVHUkVTU0lPTihyMTg4MDcxKTogQ3Jhc2ggd2hlbiBoYW5kbGlu ZyBleGNlcHRpb24gaW4gUmVsZWFzZSBidWlsZHMKKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtp dC5vcmcvc2hvd19idWcuY2dpP2lkPTE0Nzc1OQorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9E WSAoT09QUyEpLgorCisgICAgICAgIEZpeCBhIGNvdXBsZSBvZiBpc3N1ZSB0byBwcm9wZXJseSBz YXZlIGFuZCB1bndpbmQgY2FsbGVlIHNhdmUgcmVnaXN0ZXJzLgorCisgICAgICAgICogZGZnL0RG R1NwZWN1bGF0aXZlSklULmNwcDoKKyAgICAgICAgKEpTQzo6REZHOjpTcGVjdWxhdGl2ZUpJVDo6 dXNlZFJlZ2lzdGVycyk6IE5lZWQgdG8gaW5jbHVkZSB0aGUgY2FsbGVlIHNhdmUgcmVnaXN0ZXJz IGluIHRoZQorICAgICAgICBzZXQgb2YgcmVnaXN0ZXJzIG5vdCBhdmFpbGJsZSBmb3IgbWFraW5n IHRodW5rcy4KKworICAgICAgICAqIGRmZy9ERkdTcGVjdWxhdGl2ZUpJVDY0LmNwcDoKKyAgICAg ICAgKEpTQzo6REZHOjpTcGVjdWxhdGl2ZUpJVDo6ZW1pdENhbGwpOiBOZWVkIHRvIHJlc3RvcmUg Y2FsbGVlIHNhdmUgcmVnaXN0ZXJzIGJlZm9yZSBtYWtpbmcKKyAgICAgICAgYSBzbG93IHBhdGgg dGFpbCBjYWxsLgorCisgICAgICAgICogaW50ZXJwcmV0ZXIvSW50ZXJwcmV0ZXIuY3BwOgorICAg ICAgICAoSlNDOjpVbndpbmRGdW5jdG9yOjpvcGVyYXRvcigpKTogV2UgbmVlZCB0byBjb3B5IHRo ZSBjdXJyZW50IGZyYW1lcyBjYWxsZWUgc2F2ZXMgdG8gdGhlIFZNCisgICAgICAgIGNhbGxlZSBz YXZlIHJlZ2lzdGVyIGJ1ZmZlciB3aGVuIHdlIGhhdmUgZm91bmQgdGhlIGZyYW1lIHdpdGggdGhl IGNhdGNoIGJsb2NrLgorCisgICAgICAgICogaml0L0Fzc2VtYmx5SGVscGVycy5oOiBDaGFuZ2Vk IHRvIG1hdGVyaWFsaXplIHRoZSBWTTo6Y2FsbGVlU2F2ZVJlZ3NpdGVyQnVmZmVyIHdpdGggb25l IGltbWVkaWF0ZSBtb3ZlLgorCisgICAgICAgICogbGxpbnQvTG93TGV2ZWxJbnRlcnByZXRlcjY0 LmFzbToKKyAgICAgICAgKGxsaW50X3Rocm93X2Zyb21fc2xvd19wYXRoX3RyYW1wb2xpbmUpOiBX ZSBuZWVkIHRvIHRoZSBjdXJyZW50IGNhbGxlZSBzYXZlcyByZWdpc3RlcnMgdG8gdGhlCisgICAg ICAgIFZNOjpjYWxsZWVTYXZlUmVnc2l0ZXJCdWZmZXIgYmVmb3JlIHdlIHByb2Nlc3MgdGhlIGV4 Y2VwdGlvbi4KKwogMjAxNS0wOC0xMSAgQmFzaWxlIENsZW1lbnQgIDxiYXNpbGVfY2xlbWVudEBh cHBsZS5jb20+CiAKICAgICAgICAganNjLXRhaWxjYWxsOiBBcml0eSBmaXh1cCBzaG91bGQgbWFr ZSB1c2Ugb2YgdGhlIHBvc3NpYmxlIGV4dHJhIGVtcHR5IHNsb3RzIGF0IHRvcCBvZiB0aGUgZnJh bWUKSW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9kZmcvREZHU3BlY3VsYXRpdmVKSVQ2NC5j cHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PQotLS0gU291cmNlL0phdmFTY3JpcHRDb3JlL2RmZy9ERkdTcGVjdWxhdGl2 ZUpJVDY0LmNwcAkocmV2aXNpb24gMTg4NDEyKQorKysgU291cmNlL0phdmFTY3JpcHRDb3JlL2Rm Zy9ERkdTcGVjdWxhdGl2ZUpJVDY0LmNwcAkod29ya2luZyBjb3B5KQpAQCAtODMyLDYgKzgzMiw5 IEBAIHZvaWQgU3BlY3VsYXRpdmVKSVQ6OmVtaXRDYWxsKE5vZGUqIG5vZGUKICAgICAKICAgICBz bG93UGF0aC5saW5rKCZtX2ppdCk7CiAgICAgCisgICAgaWYgKGlzVGFpbCkKKyAgICAgICAgbV9q aXQuZW1pdFJlc3RvcmVDYWxsZWVTYXZlcygpOworCiAgICAgbV9qaXQubW92ZShjYWxsZWVHUFIs IEdQUkluZm86OnJlZ1QwKTsgLy8gQ2FsbGVlIG5lZWRzIHRvIGJlIGluIHJlZ1QwCiAgICAgbV9q aXQubW92ZShNYWNyb0Fzc2VtYmxlcjo6VHJ1c3RlZEltbVB0cihjYWxsTGlua0luZm8pLCBHUFJJ bmZvOjpyZWdUMik7IC8vIExpbmsgaW5mbyBuZWVkcyB0byBiZSBpbiByZWdUMgogICAgIEpJVENv bXBpbGVyOjpDYWxsIHNsb3dDYWxsID0gbV9qaXQubmVhckNhbGwoKTsKSW5kZXg6IFNvdXJjZS9K YXZhU2NyaXB0Q29yZS9kZmcvREZHU3BlY3VsYXRpdmVKSVQuY3BwCj09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFNv dXJjZS9KYXZhU2NyaXB0Q29yZS9kZmcvREZHU3BlY3VsYXRpdmVKSVQuY3BwCShyZXZpc2lvbiAx ODg0MTIpCisrKyBTb3VyY2UvSmF2YVNjcmlwdENvcmUvZGZnL0RGR1NwZWN1bGF0aXZlSklULmNw cAkod29ya2luZyBjb3B5KQpAQCAtMzIyLDcgKzMyMiw3IEBAIFJlZ2lzdGVyU2V0IFNwZWN1bGF0 aXZlSklUOjp1c2VkUmVnaXN0ZXIKICAgICAgICAgICAgIHJlc3VsdC5zZXQoZnByKTsKICAgICB9 CiAgICAgCi0gICAgcmVzdWx0Lm1lcmdlKFJlZ2lzdGVyU2V0OjpzcGVjaWFsUmVnaXN0ZXJzKCkp OworICAgIHJlc3VsdC5tZXJnZShSZWdpc3RlclNldDo6bm9uVGVtcFJlZ2lzdGVycygpKTsKICAg ICAKICAgICByZXR1cm4gcmVzdWx0OwogfQpJbmRleDogU291cmNlL0phdmFTY3JpcHRDb3JlL2lu dGVycHJldGVyL0ludGVycHJldGVyLmNwcAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvSmF2YVNjcmlw dENvcmUvaW50ZXJwcmV0ZXIvSW50ZXJwcmV0ZXIuY3BwCShyZXZpc2lvbiAxODg0MTIpCisrKyBT b3VyY2UvSmF2YVNjcmlwdENvcmUvaW50ZXJwcmV0ZXIvSW50ZXJwcmV0ZXIuY3BwCSh3b3JraW5n IGNvcHkpCkBAIC02MzQsNiArNjM0LDkgQEAgcHVibGljOgogICAgICAgICAgICAgaWYgKCF1bndp bmRDYWxsRnJhbWUodmlzaXRvcikpIHsKICAgICAgICAgICAgICAgICBpZiAoTGVnYWN5UHJvZmls ZXIqIHByb2ZpbGVyID0gdm0uZW5hYmxlZFByb2ZpbGVyKCkpCiAgICAgICAgICAgICAgICAgICAg IHByb2ZpbGVyLT5leGNlcHRpb25VbndpbmQobV9jYWxsRnJhbWUpOworCisgICAgICAgICAgICAg ICAgY29weUNhbGxlZVNhdmVzVG9WTUNhbGxlZVNhdmVzQnVmZmVyKHZpc2l0b3IpOworCiAgICAg ICAgICAgICAgICAgcmV0dXJuIFN0YWNrVmlzaXRvcjo6RG9uZTsKICAgICAgICAgICAgIH0KICAg ICAgICAgfSBlbHNlCkluZGV4OiBTb3VyY2UvSmF2YVNjcmlwdENvcmUvaml0L0Fzc2VtYmx5SGVs cGVycy5oCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT0KLS0tIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9qaXQvQXNzZW1ibHlI ZWxwZXJzLmgJKHJldmlzaW9uIDE4ODQxMikKKysrIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9qaXQv QXNzZW1ibHlIZWxwZXJzLmgJKHdvcmtpbmcgY29weSkKQEAgLTI4OSw4ICsyODksNyBAQCBwdWJs aWM6CiAgICAgICAgIEFTU0VSVChjb2RlQmxvY2soKSk7CiAKICAgICAgICAgLy8gQ29weSBzYXZl ZCBjYWxsZWVTYXZlcyBvbiBzdGFjayBvciB1bnNhdmVkIGNhbGxlZVNhdmVzIGluIHJlZ2lzdGVy IHRvIHZtIGNhbGxlZVNhdmUgYnVmZmVyCi0gICAgICAgIG1vdmUoVHJ1c3RlZEltbVB0cihtX3Zt KSwgdGVtcDEpOwotICAgICAgICBhZGRQdHIoVHJ1c3RlZEltbTMyKFZNOjpjYWxsZWVTYXZlUmVn aXN0ZXJzQnVmZmVyT2Zmc2V0KCkpLCB0ZW1wMSk7CisgICAgICAgIG1vdmUoVHJ1c3RlZEltbVB0 cihtX3ZtLT5jYWxsZWVTYXZlUmVnaXN0ZXJzQnVmZmVyKSwgdGVtcDEpOwogCiAgICAgICAgIFJl Z2lzdGVyU2F2ZU1hcCogYWxsQ2FsbGVlU2F2ZXNNYXAgPSBtX3ZtLT5nZXRBbGxDYWxsZWVTYXZl UmVnaXN0ZXJzTWFwKCk7CiAgICAgICAgIFJlZ2lzdGVyU2F2ZU1hcCogY3VycmVudENhbGxlZVNh dmVzID0gY29kZUJsb2NrKCktPmNhbGxlZVNhdmVSZWdpc3RlcnMoKTsKSW5kZXg6IFNvdXJjZS9K YXZhU2NyaXB0Q29yZS9sbGludC9Mb3dMZXZlbEludGVycHJldGVyNjQuYXNtCj09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0K LS0tIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9sbGludC9Mb3dMZXZlbEludGVycHJldGVyNjQuYXNt CShyZXZpc2lvbiAxODg0MTIpCisrKyBTb3VyY2UvSmF2YVNjcmlwdENvcmUvbGxpbnQvTG93TGV2 ZWxJbnRlcnByZXRlcjY0LmFzbQkod29ya2luZyBjb3B5KQpAQCAtMTgwOCw2ICsxODA4LDExIEBA IF9sbGludF9vcF9lbmQ6CiAKIAogX2xsaW50X3Rocm93X2Zyb21fc2xvd19wYXRoX3RyYW1wb2xp bmU6CisgICAgbG9hZHAgQ2FsbGVlW2Nmcl0sIHQxCisgICAgYW5kcCBNYXJrZWRCbG9ja01hc2ss IHQxCisgICAgbG9hZHAgTWFya2VkQmxvY2s6Om1fd2Vha1NldCArIFdlYWtTZXQ6Om1fdm1bdDFd LCB0MQorICAgIGNvcHlDYWxsZWVTYXZlc1RvVk1DYWxsZWVTYXZlc0J1ZmZlcih0MSwgdDIpCisK ICAgICBjYWxsU2xvd1BhdGgoX2xsaW50X3Nsb3dfcGF0aF9oYW5kbGVfZXhjZXB0aW9uKQogCiAg ICAgIyBXaGVuIHRocm93aW5nIGZyb20gdGhlIGludGVycHJldGVyIChpLmUuIHRocm93aW5nIGZy b20gTExJbnRTbG93UGF0aHMpLCBzbwpAQCAtMTgxNiw3ICsxODIxLDYgQEAgX2xsaW50X3Rocm93 X2Zyb21fc2xvd19wYXRoX3RyYW1wb2xpbmU6CiAgICAgbG9hZHAgQ2FsbGVlW2Nmcl0sIHQxCiAg ICAgYW5kcCBNYXJrZWRCbG9ja01hc2ssIHQxCiAgICAgbG9hZHAgTWFya2VkQmxvY2s6Om1fd2Vh a1NldCArIFdlYWtTZXQ6Om1fdm1bdDFdLCB0MQotICAgIGNvcHlDYWxsZWVTYXZlc1RvVk1DYWxs ZWVTYXZlc0J1ZmZlcih0MSwgdDIpCiAgICAgam1wIFZNOjp0YXJnZXRNYWNoaW5lUENGb3JUaHJv d1t0MV0KIAogCg==