Bug 1355046 - Don't reset column and line info when emitting useless statements in BCE. (r=jorendorff)
authorShu-yu Guo <shu@rfrn.org>
Tue, 30 May 2017 13:38:05 -0700
changeset 361366 f5bcb4ddb655e64a8c444c1a708ef053f7d07407
parent 361365 ca2c5adc69103786df47a74c9f402851ccca0f08
child 361367 7c81893927912f8f38ae85199b85a807966728fc
push id90838
push usershu@rfrn.org
push dateTue, 30 May 2017 20:40:53 +0000
treeherdermozilla-inbound@f5bcb4ddb655 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjorendorff
bugs1355046
milestone55.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1355046 - Don't reset column and line info when emitting useless statements in BCE. (r=jorendorff)
js/src/frontend/BytecodeEmitter.cpp
js/src/frontend/BytecodeEmitter.h
js/src/jit-test/tests/parser/bug-1355046.js
--- a/js/src/frontend/BytecodeEmitter.cpp
+++ b/js/src/frontend/BytecodeEmitter.cpp
@@ -9129,18 +9129,16 @@ BytecodeEmitter::emitStatement(ParseNode
                 }
             }
 
             if (directive) {
                 if (!reportExtraWarning(pn2, JSMSG_CONTRARY_NONDIRECTIVE, directive))
                     return false;
             }
         } else {
-            current->currentLine = parser.tokenStream().srcCoords.lineNum(pn2->pn_pos.begin);
-            current->lastColumn = 0;
             if (!reportExtraWarning(pn2, JSMSG_USELESS_EXPR))
                 return false;
         }
     }
 
     return true;
 }
 
--- a/js/src/frontend/BytecodeEmitter.h
+++ b/js/src/frontend/BytecodeEmitter.h
@@ -186,19 +186,30 @@ struct MOZ_STACK_CLASS BytecodeEmitter
 
     Rooted<LazyScript*> lazyScript; /* the lazy script if mode is LazyFunction,
                                         nullptr otherwise. */
 
     struct EmitSection {
         BytecodeVector code;        /* bytecode */
         SrcNotesVector notes;       /* source notes, see below */
         ptrdiff_t   lastNoteOffset; /* code offset for last source note */
-        uint32_t    currentLine;    /* line number for tree-based srcnote gen */
-        uint32_t    lastColumn;     /* zero-based column index on currentLine of
-                                       last SRC_COLSPAN-annotated opcode */
+
+        // Line number for srcnotes.
+        //
+        // WARNING: If this becomes out of sync with already-emitted srcnotes,
+        // we can get undefined behavior.
+        uint32_t    currentLine;
+
+        // Zero-based column index on currentLine of last SRC_COLSPAN-annotated
+        // opcode.
+        //
+        // WARNING: If this becomes out of sync with already-emitted srcnotes,
+        // we can get undefined behavior.
+        uint32_t    lastColumn;
+
         JumpTarget lastTarget;      // Last jump target emitted.
 
         EmitSection(JSContext* cx, uint32_t lineNum)
           : code(cx), notes(cx), lastNoteOffset(0), currentLine(lineNum), lastColumn(0),
             lastTarget{ -1 - ptrdiff_t(JSOP_JUMPTARGET_LENGTH) }
         {}
     };
     EmitSection prologue, main, *current;
new file mode 100644
--- /dev/null
+++ b/js/src/jit-test/tests/parser/bug-1355046.js
@@ -0,0 +1,8 @@
+// |jit-test| error: ReferenceError
+
+var localstr = "";
+for (var i = 0; i < 0xFFFC; ++i)
+  localstr += ('\f') + i + "; ";
+var arg = "x";
+var body = localstr + "for (var i = 0; i < 4; ++i) arr[i](x-1);";
+(new Function(arg, body))(1000);