Bug 1274499 - Skip jump target opcodes while looking for a JOF_DETECTING opcode. r=jorendorff
authorNicolas B. Pierron <nicolas.b.pierron@mozilla.com>
Thu, 26 May 2016 10:25:09 +0000
changeset 299120 432400265fed0d1b578877a181f45bc77ab2329e
parent 299119 0f9c0cf0905b749ab833d6295f0748e0f24a5c43
child 299121 b8adc67d8f4a5ddef0e021cff33b64d20508204f
push id77444
push usernpierron@mozilla.com
push dateThu, 26 May 2016 10:25:57 +0000
treeherdermozilla-inbound@432400265fed [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjorendorff
bugs1274499
milestone49.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1274499 - Skip jump target opcodes while looking for a JOF_DETECTING opcode. r=jorendorff
js/src/jit-test/tests/basic/undefined-warning-bug1274499.js
js/src/jit-test/tests/basic/undefined-warning-bug565202.js
js/src/jit-test/tests/jaeger/bug565202.js
js/src/vm/NativeObject.cpp
new file mode 100644
--- /dev/null
+++ b/js/src/jit-test/tests/basic/undefined-warning-bug1274499.js
@@ -0,0 +1,13 @@
+options("strict", "werror");
+
+var o = {};
+var failureCode = 0;
+
+try {
+    // Don't throw here.
+    if (o.a || o.b)
+        failureCode = 1;
+} catch (e) {
+    failureCode = 2
+}
+assertEq(failureCode, 0);
rename from js/src/jit-test/tests/jaeger/bug565202.js
rename to js/src/jit-test/tests/basic/undefined-warning-bug565202.js
--- a/js/src/vm/NativeObject.cpp
+++ b/js/src/vm/NativeObject.cpp
@@ -1819,16 +1819,24 @@ js::NativeGetExistingProperty(JSContext*
  * access is "property-detecting" -- that is, if we shouldn't warn about it
  * even if no such property is found and strict warnings are enabled.
  */
 static bool
 Detecting(JSContext* cx, JSScript* script, jsbytecode* pc)
 {
     MOZ_ASSERT(script->containsPC(pc));
 
+    // Skip jump target opcodes.
+    while (pc < script->codeEnd() && BytecodeIsJumpTarget(JSOp(*pc)))
+        pc = GetNextPc(pc);
+
+    MOZ_ASSERT(script->containsPC(pc));
+    if (pc >= script->codeEnd())
+        return false;
+
     // General case: a branch or equality op follows the access.
     JSOp op = JSOp(*pc);
     if (CodeSpec[op].format & JOF_DETECTING)
         return true;
 
     jsbytecode* endpc = script->codeEnd();
 
     if (op == JSOP_NULL) {