Bug 1355046 - Don't reset column and line info when emitting useless statements in BCE. (r=jorendorff)
☠☠ backed out by 1d58c6daabed ☠ ☠
authorShu-yu Guo <shu@rfrn.org>
Wed, 24 May 2017 07:22:56 -0700
changeset 360375 8401a27059039469d23d3f692e4f3e5be036fd6d
parent 360374 cc599cd5dd8342e7469b19e5ed9898751dfad562
child 360376 4fc25ea324cae8d5534581a9d9213aa3df232e7b
push id90651
push usershu@rfrn.org
push dateWed, 24 May 2017 14:25:11 +0000
treeherdermozilla-inbound@8401a2705903 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjorendorff
bugs1355046
milestone55.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1355046 - Don't reset column and line info when emitting useless statements in BCE. (r=jorendorff)
js/src/frontend/BytecodeEmitter.cpp
js/src/frontend/BytecodeEmitter.h
js/src/jit-test/tests/parser/bug-1355046.js
--- a/js/src/frontend/BytecodeEmitter.cpp
+++ b/js/src/frontend/BytecodeEmitter.cpp
@@ -9129,18 +9129,16 @@ BytecodeEmitter::emitStatement(ParseNode
                 }
             }
 
             if (directive) {
                 if (!reportExtraWarning(pn2, JSMSG_CONTRARY_NONDIRECTIVE, directive))
                     return false;
             }
         } else {
-            current->currentLine = parser.tokenStream().srcCoords.lineNum(pn2->pn_pos.begin);
-            current->lastColumn = 0;
             if (!reportExtraWarning(pn2, JSMSG_USELESS_EXPR))
                 return false;
         }
     }
 
     return true;
 }
 
--- a/js/src/frontend/BytecodeEmitter.h
+++ b/js/src/frontend/BytecodeEmitter.h
@@ -186,19 +186,30 @@ struct MOZ_STACK_CLASS BytecodeEmitter
 
     Rooted<LazyScript*> lazyScript; /* the lazy script if mode is LazyFunction,
                                         nullptr otherwise. */
 
     struct EmitSection {
         BytecodeVector code;        /* bytecode */
         SrcNotesVector notes;       /* source notes, see below */
         ptrdiff_t   lastNoteOffset; /* code offset for last source note */
-        uint32_t    currentLine;    /* line number for tree-based srcnote gen */
-        uint32_t    lastColumn;     /* zero-based column index on currentLine of
-                                       last SRC_COLSPAN-annotated opcode */
+
+        // Line number for srcnotes.
+        //
+        // WARNING: If this becomes out of sync with already-emitted srcnotes,
+        // we can get undefined behavior.
+        uint32_t    currentLine;
+
+        // Zero-based column index on currentLine of last SRC_COLSPAN-annotated
+        // opcode.
+        //
+        // WARNING: If this becomes out of sync with already-emitted srcnotes,
+        // we can get undefined behavior.
+        uint32_t    lastColumn;
+
         JumpTarget lastTarget;      // Last jump target emitted.
 
         EmitSection(JSContext* cx, uint32_t lineNum)
           : code(cx), notes(cx), lastNoteOffset(0), currentLine(lineNum), lastColumn(0),
             lastTarget{ -1 - ptrdiff_t(JSOP_JUMPTARGET_LENGTH) }
         {}
     };
     EmitSection prologue, main, *current;
new file mode 100644
--- /dev/null
+++ b/js/src/jit-test/tests/parser/bug-1355046.js
@@ -0,0 +1,6 @@
+var localstr = "";
+for (var i = 0; i < 0xFFFC; ++i)
+  localstr += ('\f') + i + "; ";
+var arg = "x";
+var body = localstr + "for (var i = 0; i < 4; ++i) arr[i](x-1);";
+(new Function(arg, body))(1000);