777181 - missing SRC_HIDDEN note when breaking out of for-let-in loops

Status: RESOLVED FIXED

(Core :: JavaScript Engine, defect)

Description

[:Benjamin Peterson]

(Found by the fuzzing of bug 767274.)
Consider this:

function x() {
label:
  for (let i in [])
        break label;
}

Here is the disassembly for x:

flags:
loc     op
-----   --
main:
00000:  label 52 (+52)
00005:  undefined
00006:  newarray 0
00010:  endinit
00011:  iter 1
00013:  enterlet1 depth 0 {i: 0}
00018:  goto 40 (+22)
00023:  loophead
00024:  iternext 1
00026:  setlocal 0
00029:  pop
00030:  leaveforletin
00031:  enditer
00032:  popn 1
00035:  goto 52 (+17)
00040:  loopentry
00041:  moreiter
00042:  ifne 23 (-19)
00047:  leaveforletin
00048:  enditer
00049:  popn 1
00052:  stop

Source notes:
 ofs  line    pc  delta desc     args
---- ---- ----- ------ -------- ------
  0:    1     0 [   0] newline 
  1:    2     0 [   0] label    atom 0 (label)
  3:    2     5 [   5] newline 
  4:    3    18 [  13] xdelta  
  5:    3    18 [   0] if-else  else 11 elseif 24
  8:    3    29 [  11] xdelta  
  9:    3    29 [   0] decl     offset 2
 11:    3    30 [   1] newline 
 12:    4    31 [   1] hidden  
 13:    4    32 [   1] hidden  
 14:    4    35 [   3] break2label atom 0 (label)
 16:    4    49 [  14] xdelta  
 17:    4    49 [   0] continue

Notice how there is one "enterlet1" opcode and two "leaveforletin" opcodes, neither of which have hidden source notes.

Comment 1

[:Benjamin Peterson]

Attachment: hide the break leaveforletin

Comment 2

[Luke Wagner [:luke]]

Comment on attachment 645600 [details] [diff] [review]
hide the break leaveforletin

ouch, nice

Comment 3

[:Benjamin Peterson]

http://hg.mozilla.org/integration/mozilla-inbound/rev/7701b2ff1347

Comment 4

[Ed Morley [:emorley]]

https://hg.mozilla.org/mozilla-central/rev/7701b2ff1347