From 21b6e077fadc7edb27ee0d947cef4bfd47020cab Mon Sep 17 00:00:00 2001
From: mstarzinger <mstarzinger@chromium.org>
Date: Mon, 25 Jan 2016 08:18:09 -0800
Subject: [PATCH] [interpreter] Fix lookup of overlapping handler ranges.

This fixes corner cases where the start offsets of exception handler
regions within the handler table fall together. This assumption was
based on full-codegen code and no longer holds with the interpreter.
The tables however are still well nested and code has been added to
verify that in debug mode.

R=rmcilroy@chromium.org
BUG=v8:4674
LOG=n

Review URL: https://codereview.chromium.org/1633573002

Cr-Commit-Position: refs/heads/master@{#33495}
---
 src/objects.cc              | 10 +++++++++-
 test/mjsunit/mjsunit.status |  7 -------
 test/test262/test262.status | 16 +---------------
 3 files changed, 10 insertions(+), 23 deletions(-)

diff --git a/src/objects.cc b/src/objects.cc
index 6c2ff15bed..b7f4edceb6 100644
--- a/src/objects.cc
+++ b/src/objects.cc
@@ -10952,6 +10952,11 @@ Handle<LiteralsArray> LiteralsArray::New(Isolate* isolate,
 int HandlerTable::LookupRange(int pc_offset, int* stack_depth_out,
                               CatchPrediction* prediction_out) {
   int innermost_handler = -1, innermost_start = -1;
+#ifdef DEBUG
+  // Assuming that ranges are well nested, we don't need to track the innermost
+  // end offset. This is just to verify that the table is actually well nested.
+  int innermost_end = std::numeric_limits<int>::max();
+#endif
   for (int i = 0; i < length(); i += kRangeEntrySize) {
     int start_offset = Smi::cast(get(i + kRangeStartIndex))->value();
     int end_offset = Smi::cast(get(i + kRangeEndIndex))->value();
@@ -10960,10 +10965,13 @@ int HandlerTable::LookupRange(int pc_offset, int* stack_depth_out,
     CatchPrediction prediction = HandlerPredictionField::decode(handler_field);
     int stack_depth = Smi::cast(get(i + kRangeDepthIndex))->value();
     if (pc_offset > start_offset && pc_offset <= end_offset) {
-      DCHECK_NE(start_offset, innermost_start);
       if (start_offset < innermost_start) continue;
+      DCHECK_LT(end_offset, innermost_end);
       innermost_handler = handler_offset;
       innermost_start = start_offset;
+#ifdef DEBUG
+      innermost_end = end_offset;
+#endif
       *stack_depth_out = stack_depth;
       if (prediction_out) *prediction_out = prediction;
     }
diff --git a/test/mjsunit/mjsunit.status b/test/mjsunit/mjsunit.status
index 1166112222..1ec88b1444 100644
--- a/test/mjsunit/mjsunit.status
+++ b/test/mjsunit/mjsunit.status
@@ -755,13 +755,6 @@
   # TODO(bradnelson): Figure out why these tests fail with ignition.
   'wasm/*': [SKIP],
 
-  # TODO(mstarzinger,4674): Beginning of two "try" statements can overlap.
-  'regress/regress-1213516': [SKIP],
-  'regress/regress-444805': [SKIP],
-  'regress/regress-86': [SKIP],
-  'regress/regress-binop': [SKIP],
-  'string-charat': [SKIP],
-
   # TODO(4684): Support for "with" statements is missing.
   'regress/regress-1528': [FAIL],
   'regress/regress-2594': [FAIL],
diff --git a/test/test262/test262.status b/test/test262/test262.status
index 6c9380c7c8..388e1cfeea 100644
--- a/test/test262/test262.status
+++ b/test/test262/test262.status
@@ -589,21 +589,6 @@
   'language/statements/generators/*': [SKIP],
   'language/statements/with/*': [SKIP],
 
-  # TODO(mstarzinger,4674): Beginning of two "try" statements can overlap.
-  'language/statements/try/*': [SKIP],
-  'built-ins/Object/defineProperties/15.2.3.7-2-18': [SKIP],
-  'built-ins/Promise/S25.4.3.1_A2.3_T1': [SKIP],
-  'built-ins/Promise/S25.4.3.1_A2.4_T1': [SKIP],
-  'built-ins/Promise/S25.4.3.1_A4.1_T1': [SKIP],
-  'built-ins/Promise/exception-after-resolve-in-executor': [SKIP],
-  'built-ins/Promise/prototype/catch/S25.4.5.1_A3.1_T2': [SKIP],
-  'built-ins/Promise/prototype/then/S25.4.2.1_A2.1_T1': [SKIP],
-  'built-ins/Promise/prototype/then/S25.4.5.3_A4.1_T2': [SKIP],
-  'built-ins/Promise/prototype/then/S25.4.5.3_A4.2_T2': [SKIP],
-  'built-ins/Promise/prototype/then/on-fulfilled-throw': [SKIP],
-  'language/block-scope/leave/finally-block-let-declaration-only-shadows-outer-parameter-value-2': [SKIP],
-  'language/block-scope/leave/verify-context-in-finally-block': [SKIP],
-
   'built-ins/Array/prototype/concat/Array.prototype.concat_non-array': [SKIP],
   'built-ins/Date/prototype/toISOString/15.9.5.43-0-13': [SKIP],
   'built-ins/Object/prototype/hasOwnProperty/S15.2.4.5_A12': [SKIP],
@@ -732,6 +717,7 @@
   'language/statements/let/global-closure-set-before-initialization': [SKIP],
   'language/statements/let/global-use-before-initialization-in-declaration-statement': [SKIP],
   'language/statements/let/global-use-before-initialization-in-prior-statement': [SKIP],
+  'language/statements/try/S12.14_A14': [SKIP],
   'language/statements/while/S12.6.2_A4_T5': [SKIP],
 
 }],  # ignition == True