Bug 203555 - codeBlock->expressionRangeForBytecodeIndex() returns wrong range for op_to_this
Summary: codeBlock->expressionRangeForBytecodeIndex() returns wrong range for op_to_this
Status: NEW
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: Other
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-10-29 00:27 PDT by Tuomas Karkkainen
Modified: 2019-10-30 23:03 PDT (History)
3 users (show)

See Also:

Attachments
repro case (61 bytes, application/x-javascript)
2019-10-29 00:27 PDT, Tuomas Karkkainen 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Tuomas Karkkainen 2019-10-29 00:27:07 PDT 
Created attachment 382162 [details]
repro case

for the JavaScript:

> function foo() {
>   this;
>   Array.prototype;
> }
> 
> foo();
> foo();


bytecode is:

> foo#DDE7H8:[0x106ba0140->0x106bc7b80, NoneFunctionCall, 32]: 9 instructions (0 16-bit instructions, 0 32-bit instructions, 4 instructions with metadata); 140 bytes (108 metadata bytes); 1 parameter(s); 10 callee register(s); 6 variable(s); scope at loc4
> [   0] enter
> [   1] get_scope          loc4
> [   3] mov                loc5, loc4
> [   6] check_traps
> [   7] to_this            this
> [  10] resolve_scope      loc7, loc4, 0, GlobalProperty, 0
> [  17] get_from_scope     loc8, loc7, 0, 2048<ThrowIfNotFound|GlobalProperty|NotInitialization>, 0, 0
> [  25] get_by_id          loc6, loc8, 1, id: prototype
> [  30] ret                Undefined(const0)
> 
> Identifiers:
>   id0 = Array
>   id1 = prototype
> 
> Constants:
>    k0 = Undefined

codeBlock->unlinkedCodeBlock()->dumpExpressionRangeInfo() outputs:

> UnlinkedCodeBlock 0x106b98000 expressionRangeInfo[2] {
>   [0] pc 10 @ line 2 col 7 : op_resolve_scope
>   [1] pc 25 @ line 2 col 7 : op_get_by_id
> }

calling codeBlock->expressionRangeForBytecodeIndex() on the op_to_this bytecode at 7 returns:

> divot: 27, startOffset: 5, endOffset: 0, source: "Array"

the expected source is "this"
there is no expressionRangeInfo that corresponds to "this" at all.