149467 2015-09-22 10:29:19 -0700 the toInt32 operation inside DFGSpeculativeJIT.cpp can't throw so we shouldn't emit an exceptionCheck after it. 2015-09-22 12:33:34 -0700 1 1 1 Unclassified WebKit JavaScriptCore WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED P2 Normal --- 1 saam saam benjamin commit-queue fpizlo ggaren gskachkov keith_miller mark.lam msaboff oliver sukolsak ysuzuki oldest_to_newest 1128024 0 saam 2015-09-22 10:29:19 -0700 The callOperation won't store a code origin on the call frame. Therefore, if this is the first callOperation in the current compilation, and we emit an exception check inside a try block, we will hit an assertion claiming that we must have some codeOrigins.size() be > 0 to ask for the last call site. 1128030 1 261750 saam 2015-09-22 10:54:59 -0700 Created attachment 261750 patch 1128031 2 261750 saam 2015-09-22 10:55:29 -0700 Comment on attachment 261750 patch View in context: https://bugs.webkit.org/attachment.cgi?id=261750&action=review > Source/JavaScriptCore/dfg/DFGCommonData.cpp:62 > + RELEASE_ASSERT(codeOrigins.size()); I think moving this to a RELEASE_ASSERT should help us find any remaining callOperation call sites that also run into this problem. 1128033 3 261750 mark.lam 2015-09-22 10:56:20 -0700 Comment on attachment 261750 patch r=me 1128081 4 261750 commit-queue 2015-09-22 12:33:29 -0700 Comment on attachment 261750 patch Clearing flags on attachment: 261750 Committed r190128: <http://trac.webkit.org/changeset/190128> 1128083 5 commit-queue 2015-09-22 12:33:34 -0700 All reviewed patches have been landed. Closing bug. 261750 2015-09-22 10:54:59 -0700 2015-09-22 12:33:29 -0700 patch c-backup.diff text/plain 3875 saam SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMTkwMTIwKQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDI0IEBA CisyMDE1LTA5LTIyICBTYWFtIGJhcmF0aSAgPHNiYXJhdGlAYXBwbGUuY29tPgorCisgICAgICAg IHRoZSB0b0ludDMyIG9wZXJhdGlvbiBpbnNpZGUgREZHU3BlY3VsYXRpdmVKSVQuY3BwIGNhbid0 IHRocm93IHNvIHdlIHNob3VsZG4ndCBlbWl0IGFuIGV4Y2VwdGlvbkNoZWNrIGFmdGVyIGl0Lgor ICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MTQ5NDY3CisK KyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgVGhlIGNhbGxP cGVyYXRpb24gZm9yIHRvSW50MzIgd29uJ3Qgc3RvcmUgYSBjYWxsIHNpdGUgaW5kZXggaW4gdGhl IGNhbGwgZnJhbWUuCisgICAgICAgIFRoZXJlZm9yZSwgaWYgdGhpcyBpcyB0aGUgZmlyc3QgY2Fs bE9wZXJhdGlvbiBpbiB0aGUgY3VycmVudCBjb21waWxhdGlvbiwgCisgICAgICAgIGFuZCB3ZSBl bWl0IGFuIGV4Y2VwdGlvbiBjaGVjayBpbnNpZGUgYSB0cnkgYmxvY2ssIHdlIHdpbGwgaGl0IGFu IGFzc2VydGlvbiAKKyAgICAgICAgc2F5aW5nIHRoYXQgd2UgbXVzdCBoYXZlIERGR0NvbW1vbkRh dGE6OmNvZGVPcmlnaW5zLnNpemUoKSBiZSA+IDAgaW5zaWRlCisgICAgICAgIERGR0NvbW1vbkRh dGE6Omxhc3RDYWxsU2l0ZSgpLiBUaGVyZWZvcmUsIGl0IGlzIGltcGVyYXRpdmUgdGhhdCB3ZSBk b24ndCAKKyAgICAgICAgZW1pdCBleGNlcHRpb24gY2hlY2tzIGZvciBjYWxsT3BlcmF0aW9ucyB0 aGF0IGRvbid0IHRocm93IGV4Y2VwdGlvbnMgYW5kIAorICAgICAgICBkb24ndCBzdG9yZSBhIGNh bGwgc2l0ZSBpbmRleCBpbiB0aGUgY2FsbCBmcmFtZS4KKworICAgICAgICAqIGRmZy9ERkdDb21t b25EYXRhLmNwcDoKKyAgICAgICAgKEpTQzo6REZHOjpDb21tb25EYXRhOjpsYXN0Q2FsbFNpdGUp OgorICAgICAgICAqIGRmZy9ERkdTcGVjdWxhdGl2ZUpJVC5jcHA6CisgICAgICAgIChKU0M6OkRG Rzo6U3BlY3VsYXRpdmVKSVQ6OmNvbXBpbGVWYWx1ZVRvSW50MzIpOgorICAgICAgICAoSlNDOjpE Rkc6OlNwZWN1bGF0aXZlSklUOjpjb21waWxlUHV0QnlWYWxGb3JJbnRUeXBlZEFycmF5KToKKwog MjAxNS0wOS0yMiAgQ29tbWl0IFF1ZXVlICA8Y29tbWl0LXF1ZXVlQHdlYmtpdC5vcmc+CiAKICAg ICAgICAgVW5yZXZpZXdlZCwgcm9sbGluZyBvdXQgcjE4OTYxNi4KSW5kZXg6IFNvdXJjZS9KYXZh U2NyaXB0Q29yZS9kZmcvREZHQ29tbW9uRGF0YS5jcHAKPT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291cmNlL0ph dmFTY3JpcHRDb3JlL2RmZy9ERkdDb21tb25EYXRhLmNwcAkocmV2aXNpb24gMTkwMDk4KQorKysg U291cmNlL0phdmFTY3JpcHRDb3JlL2RmZy9ERkdDb21tb25EYXRhLmNwcAkod29ya2luZyBjb3B5 KQpAQCAtNTksNyArNTksNyBAQCBDYWxsU2l0ZUluZGV4IENvbW1vbkRhdGE6OmFkZENvZGVPcmln aW4oCiAKIENhbGxTaXRlSW5kZXggQ29tbW9uRGF0YTo6bGFzdENhbGxTaXRlKCkgY29uc3QKIHsK LSAgICBBU1NFUlQoY29kZU9yaWdpbnMuc2l6ZSgpKTsKKyAgICBSRUxFQVNFX0FTU0VSVChjb2Rl T3JpZ2lucy5zaXplKCkpOwogICAgIHJldHVybiBDYWxsU2l0ZUluZGV4KGNvZGVPcmlnaW5zLnNp emUoKSAtIDEpOwogfQogCkluZGV4OiBTb3VyY2UvSmF2YVNjcmlwdENvcmUvZGZnL0RGR1NwZWN1 bGF0aXZlSklULmNwcAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvSmF2YVNjcmlwdENvcmUvZGZnL0RG R1NwZWN1bGF0aXZlSklULmNwcAkocmV2aXNpb24gMTkwMDk4KQorKysgU291cmNlL0phdmFTY3Jp cHRDb3JlL2RmZy9ERkdTcGVjdWxhdGl2ZUpJVC5jcHAJKHdvcmtpbmcgY29weSkKQEAgLTE5Mjgs NyArMTkyOCw3IEBAIHZvaWQgU3BlY3VsYXRpdmVKSVQ6OmNvbXBpbGVWYWx1ZVRvSW50MzIKICAg ICAgICAgR1BSUmVnIGdwciA9IHJlc3VsdC5ncHIoKTsKICAgICAgICAgSklUQ29tcGlsZXI6Okp1 bXAgbm90VHJ1bmNhdGVkVG9JbnRlZ2VyID0gbV9qaXQuYnJhbmNoVHJ1bmNhdGVEb3VibGVUb0lu dDMyKGZwciwgZ3ByLCBKSVRDb21waWxlcjo6QnJhbmNoSWZUcnVuY2F0ZUZhaWxlZCk7CiAgICAg ICAgIAotICAgICAgICBhZGRTbG93UGF0aEdlbmVyYXRvcihzbG93UGF0aENhbGwobm90VHJ1bmNh dGVkVG9JbnRlZ2VyLCB0aGlzLCB0b0ludDMyLCBncHIsIGZwcikpOworICAgICAgICBhZGRTbG93 UGF0aEdlbmVyYXRvcihzbG93UGF0aENhbGwobm90VHJ1bmNhdGVkVG9JbnRlZ2VyLCB0aGlzLCB0 b0ludDMyLCBncHIsIGZwciwgTmVlZFRvU3BpbGwsIEV4Y2VwdGlvbkNoZWNrUmVxdWlyZW1lbnQ6 OkNoZWNrTm90TmVlZGVkKSk7CiAgICAgICAgIAogICAgICAgICBpbnQzMlJlc3VsdChncHIsIG5v ZGUpOwogICAgICAgICByZXR1cm47CkBAIC0xOTgyLDcgKzE5ODIsNiBAQCB2b2lkIFNwZWN1bGF0 aXZlSklUOjpjb21waWxlVmFsdWVUb0ludDMyCiAgICAgICAgICAgICBzaWxlbnRTcGlsbEFsbFJl Z2lzdGVycyhyZXN1bHRHcHIpOwogICAgICAgICAgICAgY2FsbE9wZXJhdGlvbih0b0ludDMyLCBy ZXN1bHRHcHIsIGZwcik7CiAgICAgICAgICAgICBzaWxlbnRGaWxsQWxsUmVnaXN0ZXJzKHJlc3Vs dEdwcik7Ci0gICAgICAgICAgICBtX2ppdC5leGNlcHRpb25DaGVjaygpOwogCiAgICAgICAgICAg ICBjb252ZXJ0ZWQuYXBwZW5kKG1faml0Lmp1bXAoKSk7CiAKQEAgLTIwNDIsNyArMjA0MSw2IEBA IHZvaWQgU3BlY3VsYXRpdmVKSVQ6OmNvbXBpbGVWYWx1ZVRvSW50MzIKICAgICAgICAgICAgICAg ICBzaWxlbnRTcGlsbEFsbFJlZ2lzdGVycyhyZXN1bHRHcHIpOwogICAgICAgICAgICAgICAgIGNh bGxPcGVyYXRpb24odG9JbnQzMiwgcmVzdWx0R3ByLCBmcHIpOwogICAgICAgICAgICAgICAgIHNp bGVudEZpbGxBbGxSZWdpc3RlcnMocmVzdWx0R3ByKTsKLSAgICAgICAgICAgICAgICBtX2ppdC5l eGNlcHRpb25DaGVjaygpOwogCiAgICAgICAgICAgICAgICAgY29udmVydGVkLmFwcGVuZChtX2pp dC5qdW1wKCkpOwogCkBAIC0yNTc3LDcgKzI1NzUsNyBAQCB2b2lkIFNwZWN1bGF0aXZlSklUOjpj b21waWxlUHV0QnlWYWxGb3JJCiAgICAgICAgICAgICAgICAgTWFjcm9Bc3NlbWJsZXI6Okp1bXAg ZmFpbGVkID0gbV9qaXQuYnJhbmNoVHJ1bmNhdGVEb3VibGVUb0ludDMyKAogICAgICAgICAgICAg ICAgICAgICBmcHIsIGdwciwgTWFjcm9Bc3NlbWJsZXI6OkJyYW5jaElmVHJ1bmNhdGVGYWlsZWQp OwogICAgICAgICAgICAgICAgIAotICAgICAgICAgICAgICAgIGFkZFNsb3dQYXRoR2VuZXJhdG9y KHNsb3dQYXRoQ2FsbChmYWlsZWQsIHRoaXMsIHRvSW50MzIsIGdwciwgZnByKSk7CisgICAgICAg ICAgICAgICAgYWRkU2xvd1BhdGhHZW5lcmF0b3Ioc2xvd1BhdGhDYWxsKGZhaWxlZCwgdGhpcywg dG9JbnQzMiwgZ3ByLCBmcHIsIE5lZWRUb1NwaWxsLCBFeGNlcHRpb25DaGVja1JlcXVpcmVtZW50 OjpDaGVja05vdE5lZWRlZCkpOwogICAgICAgICAgICAgICAgIAogICAgICAgICAgICAgICAgIGZp eGVkLmxpbmsoJm1faml0KTsKICAgICAgICAgICAgICAgICB2YWx1ZS5hZG9wdChyZXN1bHQpOwo=