-
Bug
-
Resolution: Fixed
-
P3
-
None
-
9
-
None
-
generic
-
generic
Re-ran jsfunfuzz with the latest patches applied, results below.
- André
function f() { if(x3, y) x; }
Exception in thread "main" java.lang.AssertionError: DISCARD(x3) has no type
at jdk.nashorn.internal.ir.Expression.getType(Expression.java:96)
at
jdk.nashorn.internal.codegen.BranchOptimizer.branchOptimizer(BranchOptimizer.java:87)
at
jdk.nashorn.internal.codegen.BranchOptimizer.branchOptimizer(BranchOptimizer.java:163)
at
jdk.nashorn.internal.codegen.BranchOptimizer.execute(BranchOptimizer.java:56)
at
jdk.nashorn.internal.codegen.CodeGenerator.enterIfNode(CodeGenerator.java:1158)
at jdk.nashorn.internal.ir.IfNode.accept(IfNode.java:76)
at jdk.nashorn.internal.ir.Node.accept(Node.java:291)
at jdk.nashorn.internal.ir.Block.accept(Block.java:143)
at
jdk.nashorn.internal.ir.LexicalContextNode$Acceptor.accept(LexicalContextNode.java:57)
at jdk.nashorn.internal.ir.Block.accept(Block.java:361)
...
function f(x) { return y, x }
Exception in thread "main" java.lang.AssertionError: Illegal conversion
object -> <unknown> false false
at
jdk.nashorn.internal.codegen.types.ObjectType.convert(ObjectType.java:158)
at
jdk.nashorn.internal.codegen.MethodEmitter.convert(MethodEmitter.java:1560)
at
jdk.nashorn.internal.codegen.CodeGenerator$1.enterDefault(CodeGenerator.java:500)
at
jdk.nashorn.internal.ir.visitor.NodeVisitor.enterBinaryNode(NodeVisitor.java:178)
at jdk.nashorn.internal.ir.BinaryNode.accept(BinaryNode.java:165)
at
jdk.nashorn.internal.codegen.CodeGenerator.load(CodeGenerator.java:447)
at
jdk.nashorn.internal.codegen.CodeGenerator.load(CodeGenerator.java:359)
at
jdk.nashorn.internal.codegen.CodeGenerator.enterReturnNode(CodeGenerator.java:1556)
at jdk.nashorn.internal.ir.ReturnNode.accept(ReturnNode.java:91)
at jdk.nashorn.internal.ir.Node.accept(Node.java:291)
...
function f() { L: {{break L; } return; } }
function f() { L: {if(x2) {break L; } throw x; } }
Exception in thread "main" java.lang.VerifyError: StackMapTable error:
bad offset
Exception Details:
Location:
jdk/nashorn/internal/scripts/Script$\^shell\_.f(Ljdk/nashorn/internal/runtime/ScriptFunction;Ljava/lang/Object;)Ljava/lang/Object;
@0: aload_0
Reason:
Invalid stackmap specification.
Current Frame:
bci: @12
flags: { }
locals: { 'jdk/nashorn/internal/runtime/ScriptFunction',
'java/lang/Object', 'jdk/nashorn/internal/runtime/ScriptObject' }
stack: { }
Bytecode:
0000000: 2ab6 0018 4da7 0007 0000 00bf
Stackmap Table:
full_frame(@8,{},{Object[#53]})
append_frame(@12,Object[#20],Object[#55],Object[#57])
function f() { switch(x) { default: if(true) break; return; } }
function f() { switch(x) { default: L: break; return; } }
java.lang.NullPointerException
at jdk.internal.org.objectweb.asm.Frame.merge(Frame.java:1321)
at
jdk.internal.org.objectweb.asm.MethodWriter.visitMaxs(MethodWriter.java:1499)
at
jdk.nashorn.internal.codegen.MethodEmitter.end(MethodEmitter.java:200)
at
jdk.nashorn.internal.codegen.CodeGenerator.leaveFunctionNode(CodeGenerator.java:1125)
at jdk.nashorn.internal.ir.FunctionNode.accept(FunctionNode.java:297)
at
jdk.nashorn.internal.ir.LexicalContextNode$Acceptor.accept(LexicalContextNode.java:57)
at
jdk.nashorn.internal.ir.LexicalContextExpression.accept(LexicalContextExpression.java:46)
at jdk.nashorn.internal.ir.FunctionNode.accept(FunctionNode.java:49)
at
jdk.nashorn.internal.codegen.CodeGenerator$1.enterFunctionNode(CodeGenerator.java:478)
at jdk.nashorn.internal.ir.FunctionNode.accept(FunctionNode.java:296)
...
function f() { Function.call.call(function x() { eval("x") }); eval("x")
} try { f() } catch(e) { e.printStackTrace() }
java.lang.ClassCastException: Cannot cast
jdk.nashorn.internal.scripts.JO1P0 to jdk.nashorn.internal.scripts.JO2P0
at
sun.invoke.util.ValueConversions.newClassCastException(ValueConversions.java:461)
at
sun.invoke.util.ValueConversions.castReference(ValueConversions.java:456)
at
jdk.nashorn.internal.scripts.Script$\^shell\_#1\^eval\_.runScript(<shell>#1<eval>:1)
at
jdk.nashorn.internal.runtime.ScriptFunctionData.invoke(ScriptFunctionData.java:527)
at
jdk.nashorn.internal.runtime.ScriptFunction.invoke(ScriptFunction.java:204)
at
jdk.nashorn.internal.runtime.ScriptRuntime.apply(ScriptRuntime.java:367)
at jdk.nashorn.internal.runtime.Context.eval(Context.java:465)
at jdk.nashorn.internal.objects.Global.directEval(Global.java:811)
at jdk.nashorn.internal.scripts.Script$\^shell\_.f(<shell>:1)
at jdk.nashorn.internal.scripts.Script$\^shell\_.runScript(<shell>:1)
...
function f() { with({}) return eval("arguments", 3/0); } try { f() }
catch(e) { e.printStackTrace() }
java.lang.NullPointerException
at
java.lang.invoke.MethodHandles.guardWithTest(MethodHandles.java:2131)
at
jdk.nashorn.internal.lookup.MethodHandleFactory$StandardMethodHandleFunctionality.guardWithTest(MethodHandleFactory.java:287)
at
jdk.nashorn.internal.runtime.WithObject.fixScopeCallSite(WithObject.java:258)
at jdk.nashorn.internal.runtime.WithObject.lookup(WithObject.java:126)
at
jdk.nashorn.internal.runtime.linker.NashornLinker.getGuardedInvocation(NashornLinker.java:75)
at
jdk.internal.dynalink.support.CompositeTypeBasedGuardingDynamicLinker.getGuardedInvocation(CompositeTypeBasedGuardingDynamicLinker.java:176)
at
jdk.internal.dynalink.support.CompositeGuardingDynamicLinker.getGuardedInvocation(CompositeGuardingDynamicLinker.java:124)
at
jdk.internal.dynalink.support.LinkerServicesImpl.getGuardedInvocation(LinkerServicesImpl.java:138)
at jdk.internal.dynalink.DynamicLinker.relink(DynamicLinker.java:232)
at
jdk.nashorn.internal.scripts.Script$\^shell\_#1\^eval\_.runScript(<shell>#1<eval>:1)
- André
function f() { if(x3, y) x; }
Exception in thread "main" java.lang.AssertionError: DISCARD(x3) has no type
at jdk.nashorn.internal.ir.Expression.getType(Expression.java:96)
at
jdk.nashorn.internal.codegen.BranchOptimizer.branchOptimizer(BranchOptimizer.java:87)
at
jdk.nashorn.internal.codegen.BranchOptimizer.branchOptimizer(BranchOptimizer.java:163)
at
jdk.nashorn.internal.codegen.BranchOptimizer.execute(BranchOptimizer.java:56)
at
jdk.nashorn.internal.codegen.CodeGenerator.enterIfNode(CodeGenerator.java:1158)
at jdk.nashorn.internal.ir.IfNode.accept(IfNode.java:76)
at jdk.nashorn.internal.ir.Node.accept(Node.java:291)
at jdk.nashorn.internal.ir.Block.accept(Block.java:143)
at
jdk.nashorn.internal.ir.LexicalContextNode$Acceptor.accept(LexicalContextNode.java:57)
at jdk.nashorn.internal.ir.Block.accept(Block.java:361)
...
function f(x) { return y, x }
Exception in thread "main" java.lang.AssertionError: Illegal conversion
object -> <unknown> false false
at
jdk.nashorn.internal.codegen.types.ObjectType.convert(ObjectType.java:158)
at
jdk.nashorn.internal.codegen.MethodEmitter.convert(MethodEmitter.java:1560)
at
jdk.nashorn.internal.codegen.CodeGenerator$1.enterDefault(CodeGenerator.java:500)
at
jdk.nashorn.internal.ir.visitor.NodeVisitor.enterBinaryNode(NodeVisitor.java:178)
at jdk.nashorn.internal.ir.BinaryNode.accept(BinaryNode.java:165)
at
jdk.nashorn.internal.codegen.CodeGenerator.load(CodeGenerator.java:447)
at
jdk.nashorn.internal.codegen.CodeGenerator.load(CodeGenerator.java:359)
at
jdk.nashorn.internal.codegen.CodeGenerator.enterReturnNode(CodeGenerator.java:1556)
at jdk.nashorn.internal.ir.ReturnNode.accept(ReturnNode.java:91)
at jdk.nashorn.internal.ir.Node.accept(Node.java:291)
...
function f() { L: {{break L; } return; } }
function f() { L: {if(x2) {break L; } throw x; } }
Exception in thread "main" java.lang.VerifyError: StackMapTable error:
bad offset
Exception Details:
Location:
jdk/nashorn/internal/scripts/Script$\^shell\_.f(Ljdk/nashorn/internal/runtime/ScriptFunction;Ljava/lang/Object;)Ljava/lang/Object;
@0: aload_0
Reason:
Invalid stackmap specification.
Current Frame:
bci: @12
flags: { }
locals: { 'jdk/nashorn/internal/runtime/ScriptFunction',
'java/lang/Object', 'jdk/nashorn/internal/runtime/ScriptObject' }
stack: { }
Bytecode:
0000000: 2ab6 0018 4da7 0007 0000 00bf
Stackmap Table:
full_frame(@8,{},{Object[#53]})
append_frame(@12,Object[#20],Object[#55],Object[#57])
function f() { switch(x) { default: if(true) break; return; } }
function f() { switch(x) { default: L: break; return; } }
java.lang.NullPointerException
at jdk.internal.org.objectweb.asm.Frame.merge(Frame.java:1321)
at
jdk.internal.org.objectweb.asm.MethodWriter.visitMaxs(MethodWriter.java:1499)
at
jdk.nashorn.internal.codegen.MethodEmitter.end(MethodEmitter.java:200)
at
jdk.nashorn.internal.codegen.CodeGenerator.leaveFunctionNode(CodeGenerator.java:1125)
at jdk.nashorn.internal.ir.FunctionNode.accept(FunctionNode.java:297)
at
jdk.nashorn.internal.ir.LexicalContextNode$Acceptor.accept(LexicalContextNode.java:57)
at
jdk.nashorn.internal.ir.LexicalContextExpression.accept(LexicalContextExpression.java:46)
at jdk.nashorn.internal.ir.FunctionNode.accept(FunctionNode.java:49)
at
jdk.nashorn.internal.codegen.CodeGenerator$1.enterFunctionNode(CodeGenerator.java:478)
at jdk.nashorn.internal.ir.FunctionNode.accept(FunctionNode.java:296)
...
function f() { Function.call.call(function x() { eval("x") }); eval("x")
} try { f() } catch(e) { e.printStackTrace() }
java.lang.ClassCastException: Cannot cast
jdk.nashorn.internal.scripts.JO1P0 to jdk.nashorn.internal.scripts.JO2P0
at
sun.invoke.util.ValueConversions.newClassCastException(ValueConversions.java:461)
at
sun.invoke.util.ValueConversions.castReference(ValueConversions.java:456)
at
jdk.nashorn.internal.scripts.Script$\^shell\_#1\^eval\_.runScript(<shell>#1<eval>:1)
at
jdk.nashorn.internal.runtime.ScriptFunctionData.invoke(ScriptFunctionData.java:527)
at
jdk.nashorn.internal.runtime.ScriptFunction.invoke(ScriptFunction.java:204)
at
jdk.nashorn.internal.runtime.ScriptRuntime.apply(ScriptRuntime.java:367)
at jdk.nashorn.internal.runtime.Context.eval(Context.java:465)
at jdk.nashorn.internal.objects.Global.directEval(Global.java:811)
at jdk.nashorn.internal.scripts.Script$\^shell\_.f(<shell>:1)
at jdk.nashorn.internal.scripts.Script$\^shell\_.runScript(<shell>:1)
...
function f() { with({}) return eval("arguments", 3/0); } try { f() }
catch(e) { e.printStackTrace() }
java.lang.NullPointerException
at
java.lang.invoke.MethodHandles.guardWithTest(MethodHandles.java:2131)
at
jdk.nashorn.internal.lookup.MethodHandleFactory$StandardMethodHandleFunctionality.guardWithTest(MethodHandleFactory.java:287)
at
jdk.nashorn.internal.runtime.WithObject.fixScopeCallSite(WithObject.java:258)
at jdk.nashorn.internal.runtime.WithObject.lookup(WithObject.java:126)
at
jdk.nashorn.internal.runtime.linker.NashornLinker.getGuardedInvocation(NashornLinker.java:75)
at
jdk.internal.dynalink.support.CompositeTypeBasedGuardingDynamicLinker.getGuardedInvocation(CompositeTypeBasedGuardingDynamicLinker.java:176)
at
jdk.internal.dynalink.support.CompositeGuardingDynamicLinker.getGuardedInvocation(CompositeGuardingDynamicLinker.java:124)
at
jdk.internal.dynalink.support.LinkerServicesImpl.getGuardedInvocation(LinkerServicesImpl.java:138)
at jdk.internal.dynalink.DynamicLinker.relink(DynamicLinker.java:232)
at
jdk.nashorn.internal.scripts.Script$\^shell\_#1\^eval\_.runScript(<shell>#1<eval>:1)
- relates to
-
JDK-8026167 Class cache/reuse of 'eval' scripts results in ClassCastException in some cases.
-
- Resolved
-