change recent FailFasts to use ReportFatalException

lib/Common/Exceptions/ReportError.cpp

@@ -106,4 +106,16 @@ __declspec(noinline) void FromDOM_NoScriptScope_fatal_error()
     ReportFatalException(NULL, E_UNEXPECTED, EnterScript_FromDOM_NoScriptScope, scenario);
 }
 
+__declspec(noinline) void EntryExitRecord_Corrupted_fatal_error()
+{
+    int scenario = 6;
+    ReportFatalException(NULL, E_UNEXPECTED, Fatal_EntryExitRecordCorruption, scenario);
+}
+
+__declspec(noinline) void UnexpectedExceptionHandling_fatal_error(EXCEPTION_POINTERS * originalException)
+{
+    int scenario = 7;
+    ReportFatalException(NULL, E_UNEXPECTED, Fatal_UnexpectedExceptionHandling, scenario);
+}
+
 #pragma optimize("",on)

lib/Common/Exceptions/ReportError.h

@@ -19,7 +19,9 @@ enum ErrorReason
     MarkStack_OUTOFMEMORY = 11,
     EnterScript_FromDOM_NoScriptScope = 12,
     Fatal_FailedToBox_OUTOFMEMORY = 13,
-    Fatal_Recycler_MemoryCorruption = 14
+    Fatal_Recycler_MemoryCorruption = 14,
+    Fatal_EntryExitRecordCorruption = 15,
+    Fatal_UnexpectedExceptionHandling = 16
 };
 
 extern "C" void ReportFatalException(
@@ -52,6 +54,8 @@ void MarkStack_OOM_fatal_error();
 
 void Binary_Inconsistency_fatal_error();
 void Version_Inconsistency_fatal_error();
+void EntryExitRecord_Corrupted_fatal_error();
+void UnexpectedExceptionHandling_fatal_error(EXCEPTION_POINTERS * originalException);
 
 #ifdef LARGEHEAPBLOCK_ENCODING
 void LargeHeapBlock_Metadata_Corrupted(

lib/Runtime/Base/ThreadContext.cpp

@@ -1874,9 +1874,9 @@ ThreadContext::PushEntryExitRecord(Js::ScriptEntryExitRecord * record)
         record->next = lastRecord;
 
         // these are on stack, which grows down. if this condition doesn't hold, then the list somehow got messed up
-        if ((uintptr_t)record > (uintptr_t)lastRecord)
+        if (!IsOnStack(lastRecord) || (uintptr_t)record >= (uintptr_t)lastRecord)
         {
-            RaiseFailFastException(nullptr, nullptr, 0);
+            EntryExitRecord_Corrupted_fatal_error();
         }
     }
 
@@ -1888,12 +1888,13 @@ void ThreadContext::PopEntryExitRecord(Js::ScriptEntryExitRecord * record)
     AssertMsg(record && record == this->entryExitRecord, "Mismatch script entry/exit");
 
     // these are on stack, which grows down. if this condition doesn't hold, then the list somehow got messed up
-    if (this->entryExitRecord->next && (uintptr_t)this->entryExitRecord > (uintptr_t)this->entryExitRecord->next)
+    Js::ScriptEntryExitRecord * next = this->entryExitRecord->next;
+    if (next && (!IsOnStack(next) || (uintptr_t)this->entryExitRecord >= (uintptr_t)next))
     {
-        RaiseFailFastException(nullptr, nullptr, 0);
+        EntryExitRecord_Corrupted_fatal_error();
     }
 
-    this->entryExitRecord = this->entryExitRecord->next;
+    this->entryExitRecord = next;
 }
 
 BOOL ThreadContext::ReserveStaticTypeIds(__in int first, __in int last)

lib/Runtime/Library/JavascriptFunction.cpp

@@ -642,10 +642,8 @@ namespace Js
             // 0xE06D7363 is C++ exception code
             if (exceptionCode != 0 && !IsDebuggerPresent() && exceptionCode != 0xE06D7363 && exceptionAction != EXCEPTION_CONTINUE_EXECUTION)
             {
-                exceptionInfo;
-
                 // ensure that hosts are not doing SEH across Chakra frames, as that can lead to bad state (e.g. destructors not being called)
-                RaiseFailFastException(nullptr, nullptr, 0);
+                UnexpectedExceptionHandling_fatal_error(&exceptionInfo);
             }
         }
         //ret should never be null here