Closed Bug 834785 Opened 11 years ago Closed 11 years ago

Toplevel script ion compilation fails due to popv opcode if DOM methods/properties used

Categories

(Core :: DOM: Core & HTML, defect)

Product:
Core
Component:
DOM: Core & HTML
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla21

People

(Reporter: bzbarsky, Assigned: bzbarsky)

References

Details

Attachments

(2 files)

Testcase
197 bytes, text/html
Details
Make sure to not ask the JS engine for return values in toplevel scripts, so it'll be able to ion-compile them as needed.
6.18 KB, patch
bholley
: review+
Details | Diff | Splinter Review
Attached file Testcase 
A simple testcase is attached.  When I run this in a debug build with IONFLAGS=aborts I get:

[Abort] Unsupported opcode: popv (line 8)
[Abort] aborted @ file:///private/tmp/test.html:8
[Abort] Builder failed to build.
[Abort] IM Compilation failed.
[Abort] Disabling Ion compilation of script file:///private/tmp/test.html:3

Wrapping the loop in a function makes it compile fine.
Boris, can we compile global scripts with JSOPTION_NO_SCRIPT_RVAL? That's what the shell uses as well (except for interactive mode of course), and may be the easiest fix...
Hmm.  That's a JSContext option not a CompileOptions option?

I guess we could do that too, actually, but is there a reason it's on the cx?
Flags: needinfo?(jdemooij)
(In reply to Boris Zbarsky (:bz) from comment #2)
> Hmm.  That's a JSContext option not a CompileOptions option?
> 
> I guess we could do that too, actually, but is there a reason it's on the cx?

There is a CompileOptions option too (noScriptRval). Its default value comes from the cx JSOPTION_NO_SCRIPT_RVAL flag, but you can override it using CompileOptions::setNoScriptRval.
Flags: needinfo?(jdemooij)
Hmm.  So thing is... setting noScriptRval on the options doesn't work because JS::Evaluate happily clobbers it.

So it looks like we need to explicitly pass a null rval to JS::Evaluate here...
This is a regression from bug 824864.  We used to pass in a null vp before then.
Assignee: general → nobody
Blocks: 824864
Component: JavaScript Engine → DOM
Whiteboard: [need review]
Assignee: nobody → bzbarsky
Comment on attachment 707401 [details] [diff] [review]
Make sure to not ask the JS engine for return values in toplevel scripts, so it'll be able to ion-compile them as needed.

Review of attachment 707401 [details] [diff] [review]:
-----------------------------------------------------------------

This patch makes me sad, but I can't think of another way. r=bholley

::: dom/base/nsJSEnvironment.cpp
@@ +1255,4 @@
>    NS_ENSURE_TRUE(mIsInitialized, NS_ERROR_NOT_INITIALIZED);
> +  if (aRetValue) {
> +    *aRetValue = JSVAL_VOID;
> +  }

Can you add a comment here as well explaining why it's necessary to support null here?
Attachment #707401 - Flags: review?(bobbyholley+bmo) → review+
Added comment and https://hg.mozilla.org/integration/mozilla-inbound/rev/95b168efcfe8
Flags: in-testsuite?
Whiteboard: [need review]
Target Milestone: --- → mozilla21
https://hg.mozilla.org/mozilla-central/rev/95b168efcfe8
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: