Merge 'wip/next' into dev

Change-Id: Iff9ee5e23bb326c4371ec8ed81d56f2f05d680e9

1 files changed, 34 insertions, 23 deletions

diff --git a/Source/JavaScriptCore/jit/JITExceptions.cpp b/Source/JavaScriptCore/jit/JITExceptions.cpp
index 46f59a3a9..cf2ea28af 100644
--- a/Source/JavaScriptCore/jit/JITExceptions.cpp
+++ b/Source/JavaScriptCore/jit/JITExceptions.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2012 Apple Inc. All rights reserved.
+ * Copyright (C) 2012, 2013 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -30,43 +30,54 @@
 #include "CodeBlock.h"
 #include "Interpreter.h"
 #include "JSCJSValue.h"
+#include "LLIntData.h"
+#include "LLIntOpcode.h"
+#include "LLIntThunks.h"
+#include "Opcode.h"
+#include "JSCInlines.h"
 #include "VM.h"
-#include "Operations.h"
-
-#if ENABLE(JIT) || ENABLE(LLINT)
 
 namespace JSC {
 
-ExceptionHandler genericThrow(VM* vm, ExecState* callFrame, JSValue exceptionValue, unsigned vPCIndex)
+void genericUnwind(VM* vm, ExecState* callFrame, UnwindStart unwindStart)
 {
-    RELEASE_ASSERT(exceptionValue);
+    if (Options::breakOnThrow()) {
+        CodeBlock* codeBlock = callFrame->codeBlock();
+        if (codeBlock)
+            dataLog("In call frame ", RawPointer(callFrame), " for code block ", *codeBlock, "\n");
+        else
+            dataLog("In call frame ", RawPointer(callFrame), " with null CodeBlock\n");
+        CRASH();
+    }
     
-    vm->exception = JSValue();
-    HandlerInfo* handler = vm->interpreter->throwException(callFrame, exceptionValue, vPCIndex); // This may update callFrame & exceptionValue!
-    vm->exception = exceptionValue;
+    Exception* exception = vm->exception();
+    RELEASE_ASSERT(exception);
+    HandlerInfo* handler = vm->interpreter->unwind(*vm, callFrame, exception, unwindStart); // This may update callFrame.
 
     void* catchRoutine;
     Instruction* catchPCForInterpreter = 0;
     if (handler) {
-        catchPCForInterpreter = &callFrame->codeBlock()->instructions()[handler->target];
-        catchRoutine = ExecutableBase::catchRoutineFor(handler, catchPCForInterpreter);
+        // handler->target is meaningless for getting a code offset when catching
+        // the exception in a DFG/FTL frame. This bytecode target offset could be
+        // something that's in an inlined frame, which means an array access
+        // with this bytecode offset in the machine frame is utterly meaningless
+        // and can cause an overflow. OSR exit properly exits to handler->target
+        // in the proper frame.
+        if (!JITCode::isOptimizingJIT(callFrame->codeBlock()->jitType()))
+            catchPCForInterpreter = &callFrame->codeBlock()->instructions()[handler->target];
+#if ENABLE(JIT)
+        catchRoutine = handler->nativeCode.executableAddress();
+#else
+        catchRoutine = catchPCForInterpreter->u.pointer;
+#endif
     } else
-        catchRoutine = FunctionPtr(LLInt::getCodePtr(ctiOpThrowNotCaught)).value();
+        catchRoutine = LLInt::getCodePtr(handleUncaughtException);
     
-    vm->callFrameForThrow = callFrame;
+    vm->callFrameForCatch = callFrame;
     vm->targetMachinePCForThrow = catchRoutine;
     vm->targetInterpreterPCForThrow = catchPCForInterpreter;
     
     RELEASE_ASSERT(catchRoutine);
-    ExceptionHandler exceptionHandler = { catchRoutine, callFrame };
-    return exceptionHandler;
-}
-
-ExceptionHandler jitThrow(VM* vm, ExecState* callFrame, JSValue exceptionValue, ReturnAddressPtr faultLocation)
-{
-    return genericThrow(vm, callFrame, exceptionValue, callFrame->codeBlock()->bytecodeOffset(callFrame, faultLocation));
-}
-
 }
 
-#endif
+} // namespace JSC