Don't assume calls with ignored return values will produce undefined, bug 786491. r=luke
authorBrian Hackett <bhackett1024@gmail.com>
Tue, 28 Aug 2012 17:39:01 -0600
changeset 105763 ce700bebd73c4853358b61257c2af2afbed2f2ca
parent 105762 f24546b76f3e8b3d462c7df75a11f203e4ee1592
child 105764 87a187376b3c95a18d4e7dc47a5de2b77dde9a17
push id55
push usershu@rfrn.org
push dateThu, 30 Aug 2012 01:33:09 +0000
reviewersluke
bugs786491
milestone18.0a1
Don't assume calls with ignored return values will produce undefined, bug 786491. r=luke
js/src/jsinfer.cpp
--- a/js/src/jsinfer.cpp
+++ b/js/src/jsinfer.cpp
@@ -3888,20 +3888,16 @@ ScriptAnalysis::analyzeTypesBytecode(JSC
         /*
          * Mark FUNCALL and FUNAPPLY sites as monitored. The method JIT may
          * lower these into normal calls, and we need to make sure the
          * callee's argument types are checked on entry.
          */
         if (op == JSOP_FUNCALL || op == JSOP_FUNAPPLY)
             cx->compartment->types.monitorBytecode(cx, script, pc - script->code);
 
-        /* Speculate that calls whose result is ignored may return undefined. */
-        if (JSOP_POP == *(pc + GetBytecodeLength(pc)))
-            seen->addType(cx, Type::UndefinedType());
-
         poppedTypes(pc, argCount + 1)->addCall(cx, callsite);
         break;
       }
 
       case JSOP_NEWINIT:
       case JSOP_NEWARRAY:
       case JSOP_NEWOBJECT: {
         StackTypeSet *types = script->analysis()->bytecodeTypes(pc);
@@ -5107,17 +5103,19 @@ TypeDynamicResult(JSContext *cx, JSScrip
      * expression that cancels out integer overflow, i.e.'OP & -1' or 'OP | 0',
      * the new type will only affect OP and the bitwise operation.
      *
      * This can prevent a significant amount of recompilation in scripts which
      * use these operations extensively, principally autotranslated code.
      */
 
     jsbytecode *ignorePC = pc + GetBytecodeLength(pc);
-    if (*ignorePC == JSOP_INT8 && GET_INT8(ignorePC) == -1) {
+    if (*ignorePC == JSOP_POP) {
+        /* Value is ignored. */
+    } if (*ignorePC == JSOP_INT8 && GET_INT8(ignorePC) == -1) {
         ignorePC += JSOP_INT8_LENGTH;
         if (*ignorePC != JSOP_BITAND)
             ignorePC = NULL;
     } else if (*ignorePC == JSOP_ZERO) {
         ignorePC += JSOP_ZERO_LENGTH;
         if (*ignorePC != JSOP_BITOR)
             ignorePC = NULL;
     } else {