[INFER] Fix rejoin point for JSOP_DEFLOCALFUN* and JSOP_IN, bug 653397. r=bhackett
authorJan de Mooij <jandemooij@gmail.com>
Thu, 05 May 2011 10:04:31 +0200
changeset 74998 4f15ed48c44e35f03a6d4de8f0a285e7191b91ee
parent 74997 728a27bccb86ee836e2d475916be090db16120e4
child 74999 8436c7bca2e99176a4433d97607cf6387b5e79b4
push id2
push userbsmedberg@mozilla.com
push dateFri, 19 Aug 2011 14:38:13 +0000
reviewersbhackett
bugs653397
milestone6.0a1
[INFER] Fix rejoin point for JSOP_DEFLOCALFUN* and JSOP_IN, bug 653397. r=bhackett
js/src/jit-test/tests/jaeger/bug653397.js
js/src/methodjit/Compiler.cpp
new file mode 100644
--- /dev/null
+++ b/js/src/jit-test/tests/jaeger/bug653397.js
@@ -0,0 +1,16 @@
+try {
+    function testSlowArrayPopMultiFrame() {
+        a = undefined;
+        function parent(a, i) { i };
+        function gramps(a, i) {
+            return parent;
+        }
+        var last;
+        for (var i = 0; ; gramps++) {
+            last = gramps(a, i)
+        }
+    }(testSlowArrayPopMultiFrame(), 23);
+    assertEq(0, 1);
+} catch(e) {
+    assertEq(e instanceof TypeError, true);
+}
--- a/js/src/methodjit/Compiler.cpp
+++ b/js/src/methodjit/Compiler.cpp
@@ -2411,19 +2411,21 @@ mjit::Compiler::generateMethod()
           BEGIN_CASE(JSOP_THROW)
             prepareStubCall(Uses(1));
             INLINE_STUBCALL_NO_REJOIN(stubs::Throw);
             frame.pop();
           END_CASE(JSOP_THROW)
 
           BEGIN_CASE(JSOP_IN)
           {
-            REJOIN_SITE_ANY();
             prepareStubCall(Uses(2));
-            INLINE_STUBCALL(stubs::In);
+            {
+                REJOIN_SITE_ANY();
+                INLINE_STUBCALL(stubs::In);
+            }
             frame.popn(2);
             frame.takeReg(Registers::ReturnReg);
             frame.pushTypedPayload(JSVAL_TYPE_BOOLEAN, Registers::ReturnReg);
           }
           END_CASE(JSOP_IN)
 
           BEGIN_CASE(JSOP_INSTANCEOF)
             if (!jsop_instanceof())
@@ -2516,23 +2518,25 @@ mjit::Compiler::generateMethod()
             prepareStubCall(Uses(1));
             masm.move(ImmPtr(atom), Registers::ArgReg1);
             INLINE_STUBCALL(stubs::SetConst);
           }
           END_CASE(JSOP_SETCONST)
 
           BEGIN_CASE(JSOP_DEFLOCALFUN_FC)
           {
-            REJOIN_SITE_ANY();
             updateVarType();
             uint32 slot = GET_SLOTNO(PC);
             JSFunction *fun = script->getFunction(fullAtomIndex(&PC[SLOTNO_LEN]));
             prepareStubCall(Uses(frame.frameSlots()));
             masm.move(ImmPtr(fun), Registers::ArgReg1);
-            INLINE_STUBCALL(stubs::DefLocalFun_FC);
+            {
+                REJOIN_SITE_ANY();
+                INLINE_STUBCALL(stubs::DefLocalFun_FC);
+            }
             frame.takeReg(Registers::ReturnReg);
             frame.pushTypedPayload(JSVAL_TYPE_OBJECT, Registers::ReturnReg);
             frame.storeLocal(slot, JSVAL_TYPE_OBJECT, true);
             frame.pop();
           }
           END_CASE(JSOP_DEFLOCALFUN_FC)
 
           BEGIN_CASE(JSOP_LAMBDA)
@@ -2619,23 +2623,25 @@ mjit::Compiler::generateMethod()
             prepareStubCall(Uses(0));
             INLINE_STUBCALL(stubs::ArgCnt);
             pushSyncedEntry(0);
           }
           END_CASE(JSOP_ARGCNT)
 
           BEGIN_CASE(JSOP_DEFLOCALFUN)
           {
-            REJOIN_SITE_ANY();
             updateVarType();
             uint32 slot = GET_SLOTNO(PC);
             JSFunction *fun = script->getFunction(fullAtomIndex(&PC[SLOTNO_LEN]));
             prepareStubCall(Uses(0));
             masm.move(ImmPtr(fun), Registers::ArgReg1);
-            INLINE_STUBCALL(stubs::DefLocalFun);
+            {
+                REJOIN_SITE_ANY();
+                INLINE_STUBCALL(stubs::DefLocalFun);
+            }
             frame.takeReg(Registers::ReturnReg);
             frame.pushTypedPayload(JSVAL_TYPE_OBJECT, Registers::ReturnReg);
             frame.storeLocal(slot, JSVAL_TYPE_OBJECT, true);
             frame.pop();
           }
           END_CASE(JSOP_DEFLOCALFUN)
 
           BEGIN_CASE(JSOP_RETRVAL)