We should only check for traps that we're able to handle.
authormark.lam@apple.com <mark.lam@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 3 Mar 2017 17:48:42 +0000 (17:48 +0000)
committermark.lam@apple.com <mark.lam@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 3 Mar 2017 17:48:42 +0000 (17:48 +0000)
commit0562156cae961f29eb78f204af051709b78b4fe8
treebfe56735834f92d5848a6e7311a9536b8263a1fa
parentcd15db6c6872425c30f45955453310e3d76e04e6
We should only check for traps that we're able to handle.
https://bugs.webkit.org/show_bug.cgi?id=169136

Reviewed by Michael Saboff.

The execute methods in interpreter were checking for the existence of any traps
(without masking) and only handling a subset of those via a mask.  This can
result in a failed assertion on debug builds.

This patch fixes this by applying the same mask for both the needTrapHandling()
check and the handleTraps() call.  Also added a few assertions.

* interpreter/Interpreter.cpp:
(JSC::Interpreter::executeProgram):
(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):
(JSC::Interpreter::execute):
* jit/JITOperations.cpp:
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@213367 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/interpreter/Interpreter.cpp
Source/JavaScriptCore/jit/JITOperations.cpp
Source/JavaScriptCore/llint/LLIntSlowPaths.cpp