WebAssembly: WasmB3IRGenerator should throw exceptions instead of crash
authorsbarati@apple.com <sbarati@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 16 Dec 2016 19:24:06 +0000 (19:24 +0000)
committersbarati@apple.com <sbarati@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 16 Dec 2016 19:24:06 +0000 (19:24 +0000)
commite8f79d5b8673acf8b613ab0b9b387a0e7efbd223
treeb60b7ac5eef5730e256e65f93e2fba1797ba1aca
parent4b143b0598e5571b3773528818bb8871f67eae64
WebAssembly: WasmB3IRGenerator should throw exceptions instead of crash
https://bugs.webkit.org/show_bug.cgi?id=165834

Reviewed by Keith Miller.

JSTests:

* wasm/function-tests/exceptions.js: Added.
(import.Builder.from.string_appeared_here.import.as.assert.from.string_appeared_here.makeInstance):
* wasm/function-tests/table-basic.js:
(i.i.42.throw.new.Error):

Source/JavaScriptCore:

This patch generalizes how we throw exceptions in the Wasm::B3IRGenerator.
There are still places where we need to throw exceptions and we don't, but
this patch removes most of those places inside the IR generator. There are
still a few places we need to throw exceptions inside the IR generator, like
div/mod by 0. Those will be done in a separate patch. Also, there are
still some stubs we need to throw exceptions from; those will also be
done in a separate patch.

All exceptions thrown from Wasm share a common stub. The ABI for the stub
is to move the Wasm::ExceptionType into argGPR1 and jump to the stub.
The stub will then throw an exception with an error message tailored
to the particular Wasm::ExceptionType failure.

This patch also refactors B3::Compilation. Before, B3::Compilation(VM, Procedure)
constructor would compile a B3 function. This patch makes B3::Compilation a simple
tuple that keeps the necessary bits of B3 function alive in order to be runnable.
There is a new function that actually does the compilation for you. It is:
Compilation B3::compile(VM&, Procedure&)
The reason for this change is that I'm now using B3::Compilation(CodeRef, OpaqueByproducts)
constructor in Wasm code. It is weird to have a class both have a
constructor that instantiates the tuple, and another that performs the
compilation and then instantiates the tuple. It's more straight
forward if Compilation's job wasn't to actually do the compilation
but just to hold the necessary bits to keep a compiled B3 alive.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* b3/B3Compilation.cpp:
(JSC::B3::Compilation::Compilation):
* b3/B3Compilation.h:
* b3/B3Compile.cpp: Added.
(JSC::B3::compile):
* b3/B3Compile.h: Added.
* b3/testb3.cpp:
(JSC::B3::compile):
* jit/ThunkGenerators.cpp:
(JSC::throwExceptionFromWasmThunkGenerator):
* jit/ThunkGenerators.h:
* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::B3IRGenerator):
(JSC::Wasm::B3IRGenerator::emitExceptionCheck):
(JSC::Wasm::createJSToWasmWrapper):
(JSC::Wasm::parseAndCompile):
* wasm/WasmExceptionType.h: Added.
(JSC::Wasm::errorMessageForExceptionType):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209928 268f45cc-cd09-0410-ab3c-d52691b4dbfc
15 files changed:
JSTests/ChangeLog
JSTests/wasm/function-tests/exceptions.js [new file with mode: 0644]
JSTests/wasm/function-tests/table-basic.js
Source/JavaScriptCore/CMakeLists.txt
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
Source/JavaScriptCore/b3/B3Compilation.cpp
Source/JavaScriptCore/b3/B3Compilation.h
Source/JavaScriptCore/b3/B3Compile.cpp [new file with mode: 0644]
Source/JavaScriptCore/b3/B3Compile.h [new file with mode: 0644]
Source/JavaScriptCore/b3/testb3.cpp
Source/JavaScriptCore/jit/ThunkGenerators.cpp
Source/JavaScriptCore/jit/ThunkGenerators.h
Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp
Source/JavaScriptCore/wasm/WasmExceptionType.h [new file with mode: 0644]