Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8019476

Issues found by jsfunfuzz

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved
    • P4
    • Resolution: Fixed
    • 8
    • 8
    • core-libs
    • None

    Description

      Nashorn spend last night together with jsfunfuzz, results are below.

      - André



      [[Runtime exceptions]] - run the followings commands in this order, notice java.lang.ClassCastException twice:

      jjs> tryItOut = function(c){try{f = Function(c)}catch(e){return} try{rv=f()}catch(e){print(e)}}
      function(c){try{f = Function(c)}catch(e){return} try{rv=f()}catch(e){print(e)}}
      jjs> tryItOut("/*for..in*/for(var window.this in ((/a/gi)({} | [,])))return;");
      jjs> tryItOut("M:switch(window) { default: M:if(x5 || null) {/*for..in*//* nogeckoex bug 349964 */ for each(var x3 in x4) gc() } }");
      jjs> tryItOut("");
      jjs> tryItOut("if((y = this)[(\n[[]])]) {{}; } else if ((eval(\";\", x5).constructor = x)) break ;{} else {x = window, __noSuchMethod__ = false;gc() }");
      jjs> tryItOut("{var x = '' ; }");
      jjs> tryItOut("if(new Boolean(this.__noSuchMethod__ = typeof '' )) {return '' ;[[1]] } else if (((new String(new (undefined)(), /x/ ))[true >= 0/*\n*/])) /*for..in*/L:for(var x in ((({}).hasOwnProperty)(true)));");
      jjs> tryItOut("with({}) { [1,2,3,4].map } ");
      jjs> tryItOut("gc()");
      java.lang.ClassCastException: java.lang.String cannot be cast to jdk.nashorn.internal.runtime.ScriptFunction
      jjs> tryItOut("L:with(x, x5; ^= /x/ ){if(x3-=false) { if ((this.zzz.zzz)) /a/gi} else 1e4; }");
      jjs> tryItOut("if(new (window)( '' , x) < x.x) {1e-81;( /x/g ); } else if (new (new Function)(x3 = {}, ((-1)(this, undefined)))) {[1,,](functional); }");
      java.lang.ClassCastException: java.lang.String cannot be cast to jdk.nashorn.internal.runtime.ScriptFunction


      [[Compiler errors]]:

      jjs> Function("switch([]) { case 7: }");
      Compiling threw: java.lang.VerifyError: Bad type on operand stack
      Exception Details:
        Location:
      jdk/nashorn/internal/scripts/Script$\^function\_._L1(Ljava/lang/Object;)Ljava/lang/Object; @9: invokestatic
        Reason:
          Type 'jdk/nashorn/internal/objects/NativeArray' (current frame, stack[0]) is not assignable to '[I'
        Current Frame:
          bci: @9
          flags: { }
          locals: { 'java/lang/Object' }
          stack: { 'jdk/nashorn/internal/objects/NativeArray', integer }
        Bytecode:
          0000000: 04b8 0031 b800 3712 38b8 003c ab00 0000
          0000010: 0000 0014 0000 0001 0000 0007 0000 0014
          0000020: b200 2bb0
        Stackmap Table:
          same_frame(@32)

      java.lang.VerifyError: Bad type on operand stack
      Exception Details:
        Location:
      jdk/nashorn/internal/scripts/Script$\^function\_._L1(Ljava/lang/Object;)Ljava/lang/Object; @9: invokestatic
        Reason:
          Type 'jdk/nashorn/internal/objects/NativeArray' (current frame, stack[0]) is not assignable to '[I'
        Current Frame:
          bci: @9
          flags: { }
          locals: { 'java/lang/Object' }
          stack: { 'jdk/nashorn/internal/objects/NativeArray', integer }
        Bytecode:
          0000000: 04b8 0031 b800 3712 38b8 003c ab00 0000
          0000010: 0000 0014 0000 0001 0000 0007 0000 0014
          0000020: b200 2bb0
        Stackmap Table:
          same_frame(@32)

          at java.lang.Class.getDeclaredFields0(Native Method)
          at java.lang.Class.privateGetDeclaredFields(Class.java:2367)
          at java.lang.Class.getDeclaredField(Class.java:1902)
          at jdk.nashorn.internal.codegen.Compiler$2.run(Compiler.java:417)
          at jdk.nashorn.internal.codegen.Compiler$2.run(Compiler.java:413)
          at java.security.AccessController.doPrivileged(Native Method)
          at jdk.nashorn.internal.codegen.Compiler.install(Compiler.java:413)
          at jdk.nashorn.internal.codegen.Compiler.install(Compiler.java:447)
          at jdk.nashorn.internal.runtime.Context.compile(Context.java:806)
          at jdk.nashorn.internal.runtime.Context.eval(Context.java:367)
          at ...


      jjs> Function("L: {break L;return; }");
      Compiling threw: java.lang.VerifyError: StackMapTable error: bad offset
      Exception Details:
        Location:
      jdk/nashorn/internal/scripts/Script$jsfunfuzz._L1(Ljdk/nashorn/internal/runtime/ScriptFunction;Ljava/lang/Object;)Ljava/lang/Object; @0: aload_0
        Reason:
          Invalid stackmap specification.
        Current Frame:
          bci: @8
          flags: { }
          locals: { 'jdk/nashorn/internal/runtime/ScriptFunction', 'java/lang/Object', 'jdk/nashorn/internal/runtime/ScriptObject' }
          stack: { }
        Bytecode:
          0000000: 2ab6 0018 4da7 0003
        Stackmap Table:
          append_frame(@8,Object[#53])

      java.lang.VerifyError: StackMapTable error: bad offset
      Exception Details:
        Location:
      jdk/nashorn/internal/scripts/Script$\^function\_._L1(Ljdk/nashorn/internal/runtime/ScriptFunction;Ljava/lang/Object;)Ljava/lang/Object; @0: aload_0
        Reason:
          Invalid stackmap specification.
        Current Frame:
          bci: @8
          flags: { }
          locals: { 'jdk/nashorn/internal/runtime/ScriptFunction', 'java/lang/Object', 'jdk/nashorn/internal/runtime/ScriptObject' }
          stack: { }
        Bytecode:
          0000000: 2ab6 0018 4da7 0003
        Stackmap Table:
          append_frame(@8,Object[#53])

          at java.lang.Class.getDeclaredFields0(Native Method)
          at java.lang.Class.privateGetDeclaredFields(Class.java:2367)
          at java.lang.Class.getDeclaredField(Class.java:1902)
          at jdk.nashorn.internal.codegen.Compiler$2.run(Compiler.java:417)
          at jdk.nashorn.internal.codegen.Compiler$2.run(Compiler.java:413)
          at java.security.AccessController.doPrivileged(Native Method)
          at jdk.nashorn.internal.codegen.Compiler.install(Compiler.java:413)
          at jdk.nashorn.internal.codegen.Compiler.install(Compiler.java:447)
          at jdk.nashorn.internal.runtime.Context.compile(Context.java:806)
          at jdk.nashorn.internal.runtime.Context.eval(Context.java:367)
          at ...


      jjs> Function("return function (x) { return true } ( /x/ ) >> window;");
      Compiling threw: java.lang.AssertionError: boolean is not an integer or long
      java.lang.AssertionError: boolean is not an integer or long
          at jdk.nashorn.internal.codegen.MethodEmitter.popInteger(MethodEmitter.java:269)
          at jdk.nashorn.internal.codegen.MethodEmitter.sar(MethodEmitter.java:581)
          at jdk.nashorn.internal.codegen.CodeGenerator$26.op(CodeGenerator.java:2799)
          at jdk.nashorn.internal.codegen.CodeGenerator$BinaryArith.evaluate(CodeGenerator.java:2618)
          at jdk.nashorn.internal.codegen.CodeGenerator.enterSAR(CodeGenerator.java:2801)
          at jdk.nashorn.internal.ir.visitor.NodeOperatorVisitor.enterBinaryNode(NodeOperatorVisitor.java:185)
          at jdk.nashorn.internal.ir.BinaryNode.accept(BinaryNode.java:164)
          at jdk.nashorn.internal.codegen.CodeGenerator$1.enterDefault(CodeGenerator.java:408)
          at jdk.nashorn.internal.ir.visitor.NodeVisitor.enterBinaryNode(NodeVisitor.java:177)
          at jdk.nashorn.internal.ir.BinaryNode.accept(BinaryNode.java:164)
          at ...


      jjs> Function("return y % function(q) { return q; }();");
      Compiling threw: java.lang.AssertionError: object is not numeric
      java.lang.AssertionError: object is not numeric
          at jdk.nashorn.internal.codegen.MethodEmitter.popNumeric(MethodEmitter.java:257)
          at jdk.nashorn.internal.codegen.MethodEmitter.get2n(MethodEmitter.java:1598)
          at jdk.nashorn.internal.codegen.MethodEmitter.rem(MethodEmitter.java:1655)
          at jdk.nashorn.internal.codegen.CodeGenerator$24.op(CodeGenerator.java:2760)
          at jdk.nashorn.internal.codegen.CodeGenerator$BinaryArith.evaluate(CodeGenerator.java:2618)
          at jdk.nashorn.internal.codegen.CodeGenerator.enterMOD(CodeGenerator.java:2762)
          at jdk.nashorn.internal.ir.visitor.NodeOperatorVisitor.enterBinaryNode(NodeOperatorVisitor.java:175)
          at jdk.nashorn.internal.ir.BinaryNode.accept(BinaryNode.java:164)
          at jdk.nashorn.internal.codegen.CodeGenerator$1.enterDefault(CodeGenerator.java:408)
          at jdk.nashorn.internal.ir.visitor.NodeVisitor.enterBinaryNode(NodeVisitor.java:177)
          at ...


      jjs> Function("with(\nnull == (this % {}))( /x/g );");
      Compiling threw: java.lang.AssertionError: expecting integer type or object for jump, but found double
      java.lang.AssertionError: expecting integer type or object for jump, but found double
          at jdk.nashorn.internal.codegen.MethodEmitter.jump(MethodEmitter.java:1352)
          at jdk.nashorn.internal.codegen.MethodEmitter.ifnull(MethodEmitter.java:1386)
          at jdk.nashorn.internal.codegen.CodeGenerator.nullCheck(CodeGenerator.java:1473)
          at jdk.nashorn.internal.codegen.CodeGenerator.enterRuntimeNode(CodeGenerator.java:1608)
          at jdk.nashorn.internal.ir.RuntimeNode.accept(RuntimeNode.java:412)
          at jdk.nashorn.internal.codegen.CodeGenerator$1.enterDefault(CodeGenerator.java:408)
          at jdk.nashorn.internal.ir.visitor.NodeVisitor.enterRuntimeNode(NodeVisitor.java:537)
          at jdk.nashorn.internal.ir.RuntimeNode.accept(RuntimeNode.java:412)
          at jdk.nashorn.internal.codegen.CodeGenerator.load(CodeGenerator.java:371)
          at jdk.nashorn.internal.codegen.CodeGenerator.load(CodeGenerator.java:352)
          at ...


      jjs> Function("/*infloop*/while(((function ()4.)([z1,,], [,,]) - true++))switch(1e+81.x) { default: break; \u0009 }");
      Compiling threw: java.lang.AssertionError: expecting equivalent types on stack but got double and int
      java.lang.AssertionError: expecting equivalent types on stack but got double and int
          at jdk.nashorn.internal.codegen.MethodEmitter.get2n(MethodEmitter.java:1600)
          at jdk.nashorn.internal.codegen.MethodEmitter.sub(MethodEmitter.java:1622)
          at jdk.nashorn.internal.codegen.CodeGenerator$29.op(CodeGenerator.java:2836)
          at jdk.nashorn.internal.codegen.CodeGenerator$BinaryArith.evaluate(CodeGenerator.java:2618)
          at jdk.nashorn.internal.codegen.CodeGenerator.enterSUB(CodeGenerator.java:2838)
          at jdk.nashorn.internal.ir.visitor.NodeOperatorVisitor.enterBinaryNode(NodeOperatorVisitor.java:191)
          at jdk.nashorn.internal.ir.BinaryNode.accept(BinaryNode.java:164)
          at jdk.nashorn.internal.codegen.CodeGenerator$1.enterDefault(CodeGenerator.java:408)
          at jdk.nashorn.internal.ir.visitor.NodeVisitor.enterBinaryNode(NodeVisitor.java:177)
          at jdk.nashorn.internal.ir.BinaryNode.accept(BinaryNode.java:164)
          at ...


      jjs> Function("try { } catch(NaN if [15,16,17,18].filter(({}).hasOwnProperty, NaN) - ((function(q) { return q; })( \"\" , \"\" ))) { with({}) { throw NaN; } } ");
      Compiling threw: java.lang.NullPointerException
      java.lang.NullPointerException
          at jdk.nashorn.internal.codegen.types.Type.getMethodDescriptor(Type.java:161)
          at jdk.nashorn.internal.codegen.MethodEmitter.getDynamicSignature(MethodEmitter.java:1691)
          at jdk.nashorn.internal.codegen.MethodEmitter.dynamicCall(MethodEmitter.java:1726)
          at jdk.nashorn.internal.codegen.CodeGenerator$2.enterAccessNode(CodeGenerator.java:684)
          at jdk.nashorn.internal.ir.AccessNode.accept(AccessNode.java:64)
          at jdk.nashorn.internal.codegen.CodeGenerator.enterCallNode(CodeGenerator.java:582)
          at jdk.nashorn.internal.ir.CallNode.accept(CallNode.java:199)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.codegen.CodeGenerator$1.enterDefault(CodeGenerator.java:408)
          at jdk.nashorn.internal.ir.visitor.NodeVisitor.enterCallNode(NodeVisitor.java:217)
          at ...


      jjs> Function("try { {} } catch(x) { with({}) throw x; } ");
      Compiling threw: java.lang.ArrayIndexOutOfBoundsException
      java.lang.ArrayIndexOutOfBoundsException: -1
          at jdk.nashorn.internal.codegen.Label$Stack.pop(Label.java:102)
          at jdk.nashorn.internal.codegen.MethodEmitter.popType(MethodEmitter.java:234)
          at jdk.nashorn.internal.codegen.MethodEmitter.athrow(MethodEmitter.java:1002)
          at jdk.nashorn.internal.codegen.CodeGenerator.enterThrowNode(CodeGenerator.java:1935)
          at jdk.nashorn.internal.ir.ThrowNode.accept(ThrowNode.java:76)
          at jdk.nashorn.internal.ir.Node.accept(Node.java:346)
          at jdk.nashorn.internal.ir.Block.accept(Block.java:136)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.codegen.CodeGenerator.enterWithNode(CodeGenerator.java:2150)
          at jdk.nashorn.internal.ir.WithNode.accept(WithNode.java:68)
          at ...


      jjs> Function("L:if((function x ()3)() + arguments++) {return; } else if (new gc()) while(((x2.prop = functional)) && 0){ }");
      Compiling threw: java.lang.AssertionError: expecting equivalent types on stack but got double and int
      java.lang.AssertionError: expecting equivalent types on stack but got double and int
          at jdk.nashorn.internal.codegen.MethodEmitter.get2(MethodEmitter.java:1576)
          at jdk.nashorn.internal.codegen.MethodEmitter.add(MethodEmitter.java:1611)
          at jdk.nashorn.internal.codegen.CodeGenerator.enterNumericAdd(CodeGenerator.java:2339)
          at jdk.nashorn.internal.codegen.CodeGenerator.enterADD(CodeGenerator.java:2351)
          at jdk.nashorn.internal.ir.visitor.NodeOperatorVisitor.enterBinaryNode(NodeOperatorVisitor.java:117)
          at jdk.nashorn.internal.ir.BinaryNode.accept(BinaryNode.java:164)
          at jdk.nashorn.internal.codegen.CodeGenerator$1.enterDefault(CodeGenerator.java:408)
          at jdk.nashorn.internal.ir.visitor.NodeVisitor.enterBinaryNode(NodeVisitor.java:177)
          at jdk.nashorn.internal.ir.BinaryNode.accept(BinaryNode.java:164)
          at jdk.nashorn.internal.codegen.CodeGenerator.load(CodeGenerator.java:371)
          at ...


      jjs> Function("var x = x -= '' ");
      Compiling threw: java.lang.VerifyError: get long/double overflows locals
      Exception Details:
        Location:
      jdk/nashorn/internal/scripts/Script$\^function\_._L1(Ljava/lang/Object;)Ljava/lang/Object; @0: dload_2
        Reason:
          Local index 2 is invalid
        Bytecode:
          0000000: 280e 675c 4949 b200 2bb0

      java.lang.VerifyError: get long/double overflows locals
      Exception Details:
        Location:
      jdk/nashorn/internal/scripts/Script$\^function\_._L1(Ljava/lang/Object;)Ljava/lang/Object; @0: dload_2
        Reason:
          Local index 2 is invalid
        Bytecode:
          0000000: 280e 675c 4949 b200 2bb0

          at java.lang.Class.getDeclaredFields0(Native Method)
          at java.lang.Class.privateGetDeclaredFields(Class.java:2367)
          at java.lang.Class.getDeclaredField(Class.java:1902)
          at jdk.nashorn.internal.codegen.Compiler$2.run(Compiler.java:417)
          at jdk.nashorn.internal.codegen.Compiler$2.run(Compiler.java:413)
          at java.security.AccessController.doPrivileged(Native Method)
          at jdk.nashorn.internal.codegen.Compiler.install(Compiler.java:413)
          at jdk.nashorn.internal.codegen.Compiler.install(Compiler.java:447)
          at jdk.nashorn.internal.runtime.Context.compile(Context.java:806)
          at jdk.nashorn.internal.runtime.Context.eval(Context.java:367)
          at ...


      jjs> Function("return (null != [,,] <= this);");
      Compiling threw: java.lang.AssertionError: object is not compatible with boolean
      java.lang.AssertionError: object is not compatible with boolean
          at jdk.nashorn.internal.codegen.MethodEmitter.popType(MethodEmitter.java:236)
          at jdk.nashorn.internal.codegen.MethodEmitter.fixParamStack(MethodEmitter.java:1109)
          at jdk.nashorn.internal.codegen.MethodEmitter.invoke(MethodEmitter.java:1128)
          at jdk.nashorn.internal.codegen.MethodEmitter.invokestatic(MethodEmitter.java:1182)
          at jdk.nashorn.internal.codegen.CodeGenerator.nullCheck(CodeGenerator.java:1482)
          at jdk.nashorn.internal.codegen.CodeGenerator.enterRuntimeNode(CodeGenerator.java:1608)
          at jdk.nashorn.internal.ir.RuntimeNode.accept(RuntimeNode.java:412)
          at jdk.nashorn.internal.codegen.CodeGenerator$1.enterDefault(CodeGenerator.java:408)
          at jdk.nashorn.internal.ir.visitor.NodeVisitor.enterRuntimeNode(NodeVisitor.java:537)
          at jdk.nashorn.internal.ir.RuntimeNode.accept(RuntimeNode.java:412)
          at ...


      jjs> Function("/*infloop*/L:for(var x; ([+(function (window)[,,])(function(q) { return q; }, -0)].some(new Function)); [11,12,13,14].some) {/*infloop*/do {;return this; } while(x); }");
      Compiling threw: java.lang.AssertionError: Storing object into array<elementType=double>
      java.lang.AssertionError: Storing object into array<elementType=double>
          at jdk.nashorn.internal.codegen.MethodEmitter.arraystore(MethodEmitter.java:937)
          at jdk.nashorn.internal.codegen.CodeGenerator.storeElement(CodeGenerator.java:1188)
          at jdk.nashorn.internal.codegen.CodeGenerator.loadArray(CodeGenerator.java:1169)
          at jdk.nashorn.internal.codegen.CodeGenerator.load(CodeGenerator.java:1278)
          at jdk.nashorn.internal.codegen.CodeGenerator.enterLiteralNode(CodeGenerator.java:1325)
          at jdk.nashorn.internal.ir.LiteralNode$ArrayLiteralNode.accept(LiteralNode.java:801)
          at jdk.nashorn.internal.codegen.CodeGenerator$1.enterDefault(CodeGenerator.java:408)
          at jdk.nashorn.internal.ir.visitor.NodeVisitor.enterLiteralNode(NodeVisitor.java:457)
          at jdk.nashorn.internal.ir.LiteralNode$ArrayLiteralNode.accept(LiteralNode.java:801)
          at jdk.nashorn.internal.codegen.CodeGenerator.load(CodeGenerator.java:371)
          at ...


      jjs> x= {}
      [object Object]
      jjs> Function("switch((Math.pow ? x = 1.2e3 : 3)) { default: return; }")
      Exception in thread "main" java.lang.AssertionError: int is not compatible with object
          at jdk.nashorn.internal.codegen.MethodEmitter.popType(MethodEmitter.java:236)
          at jdk.nashorn.internal.codegen.MethodEmitter.store(MethodEmitter.java:953)
          at jdk.nashorn.internal.codegen.CodeGenerator.enterSwitchNode(CodeGenerator.java:1878)
          at jdk.nashorn.internal.ir.SwitchNode.accept(SwitchNode.java:104)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.ir.Node.accept(Node.java:346)
          at jdk.nashorn.internal.ir.Block.accept(Block.java:136)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.ir.FunctionNode.accept(FunctionNode.java:285)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)


      jjs> Function("try { function (x) /x/ } finally { (function(id) { return id }); } ");
      Compiling threw: java.lang.ClassFormatError: Duplicate method name&signature in class file jdk/nashorn/internal/scripts/Script$jsfunfuzz
      java.lang.ClassFormatError: Duplicate method name&signature in class file jdk/nashorn/internal/scripts/Script$\^function\_
          at java.lang.ClassLoader.defineClass1(Native Method)
          at java.lang.ClassLoader.defineClass(ClassLoader.java:751)
          at jdk.nashorn.internal.runtime.ScriptLoader.installClass(ScriptLoader.java:62)
          at jdk.nashorn.internal.runtime.Context$ContextCodeInstaller.install(Context.java:92)
          at jdk.nashorn.internal.codegen.Compiler.install(Compiler.java:408)
          at jdk.nashorn.internal.codegen.Compiler.install(Compiler.java:447)
          at jdk.nashorn.internal.runtime.Context.compile(Context.java:806)
          at jdk.nashorn.internal.runtime.Context.eval(Context.java:367)
          at jdk.nashorn.internal.objects.Global.directEval(Global.java:703)
          at jdk.nashorn.internal.objects.NativeFunction.function(NativeFunction.java:235)
          at ...


      jjs> Function("switch(0) { default: break; return; }");
      Compiling threw: java.lang.VerifyError: Code generation bug in "_L1": array stack misaligned: java.lang.NullPointerException <function>
      java.lang.NullPointerException
          at jdk.internal.org.objectweb.asm.Frame.merge(Frame.java:1305)
          at jdk.internal.org.objectweb.asm.MethodWriter.visitMaxs(MethodWriter.java:1382)
          at jdk.nashorn.internal.codegen.MethodEmitter.end(MethodEmitter.java:201)
          at jdk.nashorn.internal.codegen.CodeGenerator.leaveFunctionNode(CodeGenerator.java:1030)
          at jdk.nashorn.internal.ir.FunctionNode.accept(FunctionNode.java:285)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.codegen.CodeGenerator$1.enterFunctionNode(CodeGenerator.java:402)
          at jdk.nashorn.internal.ir.FunctionNode.accept(FunctionNode.java:284)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.codegen.CodeGenerator.load(CodeGenerator.java:371)
          at ...


      jjs> Function("x = 0.1, x\ntrue\n~this");
      Compiling threw: java.lang.AssertionError: Only return value on stack allowed at return point - depth=2 stack = jdk.nashorn.internal.codegen.Label$Stack@4bd0d62f
      java.lang.AssertionError: Only return value on stack allowed at return point - depth=2 stack = jdk.nashorn.internal.codegen.Label$Stack@79d04413
          at jdk.nashorn.internal.codegen.MethodEmitter._return(MethodEmitter.java:1295)
          at jdk.nashorn.internal.codegen.CodeGenerator.enterReturnNode(CodeGenerator.java:1438)
          at jdk.nashorn.internal.ir.ReturnNode.accept(ReturnNode.java:90)
          at jdk.nashorn.internal.ir.Node.accept(Node.java:346)
          at jdk.nashorn.internal.ir.Block.accept(Block.java:136)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.ir.FunctionNode.accept(FunctionNode.java:285)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.codegen.CodeGenerator$1.enterFunctionNode(CodeGenerator.java:402)
          at jdk.nashorn.internal.ir.FunctionNode.accept(FunctionNode.java:284)
          at ...


      jjs> Function("with((function (x)x2)() ^ this){return; }");
      Compiling threw: java.lang.AssertionError: object is not an integer or long
      java.lang.AssertionError: object is not an integer or long
          at jdk.nashorn.internal.codegen.MethodEmitter.popInteger(MethodEmitter.java:269)
          at jdk.nashorn.internal.codegen.MethodEmitter.get2i(MethodEmitter.java:1587)
          at jdk.nashorn.internal.codegen.MethodEmitter.xor(MethodEmitter.java:542)
          at jdk.nashorn.internal.codegen.CodeGenerator$22.op(CodeGenerator.java:2652)
          at jdk.nashorn.internal.codegen.CodeGenerator$BinaryArith.evaluate(CodeGenerator.java:2618)
          at jdk.nashorn.internal.codegen.CodeGenerator.enterBIT_XOR(CodeGenerator.java:2654)
          at jdk.nashorn.internal.ir.visitor.NodeOperatorVisitor.enterBinaryNode(NodeOperatorVisitor.java:151)
          at jdk.nashorn.internal.ir.BinaryNode.accept(BinaryNode.java:164)
          at jdk.nashorn.internal.codegen.CodeGenerator$1.enterDefault(CodeGenerator.java:408)
          at jdk.nashorn.internal.ir.visitor.NodeVisitor.enterBinaryNode(NodeVisitor.java:177)
          at ...


      jjs> Function("/*infloop*/for(x = window++~.2.hasOwnProperty(\"x3\"); (!([[1]]).apply()); {}) {( /x/g );({}).hasOwnProperty }");
      Compiling threw: java.lang.AssertionError: window++ ~ 0.2.hasOwnProperty("x3") has no type
      java.lang.AssertionError: window++ ~ 0.2.hasOwnProperty("x3") has no type
          at jdk.nashorn.internal.ir.Node.getType(Node.java:107)
          at jdk.nashorn.internal.codegen.Attr.leaveAssignmentNode(Attr.java:1084)
          at jdk.nashorn.internal.codegen.Attr.leaveASSIGN(Attr.java:1107)
          at jdk.nashorn.internal.ir.visitor.NodeOperatorVisitor.leaveBinaryNode(NodeOperatorVisitor.java:205)
          at jdk.nashorn.internal.ir.BinaryNode.accept(BinaryNode.java:165)
          at jdk.nashorn.internal.ir.ForNode.accept(ForNode.java:92)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.ir.Node.accept(Node.java:346)
          at jdk.nashorn.internal.ir.Block.accept(Block.java:136)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at ...


      jjs> Function("throw NaN\n~window;");
      Compiling threw: java.lang.AssertionError: node NaN ~ window class jdk.nashorn.internal.ir.BinaryNode has no symbol! [object] function _L1()
      java.lang.AssertionError: node NaN ~ window class jdk.nashorn.internal.ir.BinaryNode has no symbol! [object] function _L1()
          at jdk.nashorn.internal.codegen.FinalizeTypes.convert(FinalizeTypes.java:787)
          at jdk.nashorn.internal.codegen.FinalizeTypes.leaveThrowNode(FinalizeTypes.java:496)
          at jdk.nashorn.internal.ir.ThrowNode.accept(ThrowNode.java:77)
          at jdk.nashorn.internal.ir.Node.accept(Node.java:346)
          at jdk.nashorn.internal.ir.Block.accept(Block.java:136)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.ir.FunctionNode.accept(FunctionNode.java:285)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.ir.BinaryNode.accept(BinaryNode.java:165)
          at jdk.nashorn.internal.ir.ExecuteNode.accept(ExecuteNode.java:67)
          at ...


      jjs> Function("if(([(this >>> 4.)].map(gc))) x;");
      Compiling threw: java.lang.AssertionError: array element type doesn't match array type
      java.lang.AssertionError: array element type doesn't match array type
          at jdk.nashorn.internal.codegen.CodeGenerator.storeElement(CodeGenerator.java:1184)
          at jdk.nashorn.internal.codegen.CodeGenerator.loadArray(CodeGenerator.java:1169)
          at jdk.nashorn.internal.codegen.CodeGenerator.load(CodeGenerator.java:1278)
          at jdk.nashorn.internal.codegen.CodeGenerator.enterLiteralNode(CodeGenerator.java:1325)
          at jdk.nashorn.internal.ir.LiteralNode$ArrayLiteralNode.accept(LiteralNode.java:801)
          at jdk.nashorn.internal.codegen.CodeGenerator$1.enterDefault(CodeGenerator.java:408)
          at jdk.nashorn.internal.ir.visitor.NodeVisitor.enterLiteralNode(NodeVisitor.java:457)
          at jdk.nashorn.internal.ir.LiteralNode$ArrayLiteralNode.accept(LiteralNode.java:801)
          at jdk.nashorn.internal.codegen.CodeGenerator.load(CodeGenerator.java:371)
          at jdk.nashorn.internal.codegen.CodeGenerator.load(CodeGenerator.java:352)
          at ...


      jjs> Function("switch(gc()) { case \ntrue: case 1: }");
      Compiling threw: java.lang.ClassCastException: java.lang.Boolean cannot be cast to java.lang.Integer
      java.lang.ClassCastException: java.lang.Boolean cannot be cast to java.lang.Integer
          at jdk.nashorn.internal.codegen.CodeGenerator.enterSwitchNode(CodeGenerator.java:1811)
          at jdk.nashorn.internal.ir.SwitchNode.accept(SwitchNode.java:104)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.ir.Node.accept(Node.java:346)
          at jdk.nashorn.internal.ir.Block.accept(Block.java:136)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.ir.FunctionNode.accept(FunctionNode.java:285)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.codegen.CodeGenerator$1.enterFunctionNode(CodeGenerator.java:402)
          at jdk.nashorn.internal.ir.FunctionNode.accept(FunctionNode.java:284)
          at ...


      jjs> Function("if(--) y;");
      Compiling threw: java.lang.NullPointerException
      java.lang.NullPointerException
          at jdk.nashorn.internal.ir.IfNode.accept(IfNode.java:78)
          at jdk.nashorn.internal.ir.Node.accept(Node.java:346)
          at jdk.nashorn.internal.ir.Block.accept(Block.java:136)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.ir.FunctionNode.accept(FunctionNode.java:285)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.ir.ExecuteNode.accept(ExecuteNode.java:67)
          at jdk.nashorn.internal.ir.Node.accept(Node.java:346)
          at jdk.nashorn.internal.ir.Block.accept(Block.java:136)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at ...


      jjs> Function("if((null ^ [1]) !== (this.yoyo(false))) {var NaN, x;x\n~[,,z1] }");
      Compiling threw: java.lang.AssertionError: stacks jdk.nashorn.internal.codegen.Label$Stack@4918f90f is not equivalent with jdk.nashorn.internal.codegen.Label$Stack@5f9b21a1 at join point
      java.lang.AssertionError: stacks jdk.nashorn.internal.codegen.Label$Stack@3a5fcae7 is not equivalent with jdk.nashorn.internal.codegen.Label$Stack@8b6defe at join point
          at jdk.nashorn.internal.codegen.MethodEmitter.mergeStackTo(MethodEmitter.java:1522)
          at jdk.nashorn.internal.codegen.MethodEmitter.jump(MethodEmitter.java:1355)
          at jdk.nashorn.internal.codegen.MethodEmitter._goto(MethodEmitter.java:1486)
          at jdk.nashorn.internal.codegen.CodeGenerator.enterIfNode(CodeGenerator.java:1070)
          at jdk.nashorn.internal.ir.IfNode.accept(IfNode.java:76)
          at jdk.nashorn.internal.ir.Node.accept(Node.java:346)
          at jdk.nashorn.internal.ir.Block.accept(Block.java:136)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.ir.FunctionNode.accept(FunctionNode.java:285)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at ...


      jjs> Function("try { 4. } catch(x) { function x4 (y, x5)x } ");
      Compiling threw: java.lang.NullPointerException
      java.lang.NullPointerException
          at jdk.nashorn.internal.codegen.MethodEmitter.convert(MethodEmitter.java:1557)
          at jdk.nashorn.internal.codegen.CodeGenerator.enterVarNode(CodeGenerator.java:2076)
          at jdk.nashorn.internal.ir.VarNode.accept(VarNode.java:125)
          at jdk.nashorn.internal.ir.Node.accept(Node.java:346)
          at jdk.nashorn.internal.ir.Block.accept(Block.java:136)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.codegen.CodeGenerator.enterTryNode(CodeGenerator.java:2013)
          at jdk.nashorn.internal.ir.TryNode.accept(TryNode.java:110)
          at jdk.nashorn.internal.ir.Node.accept(Node.java:346)
          at jdk.nashorn.internal.ir.Block.accept(Block.java:136)
          at ...


      jjs> Function("return (void ({ set each (x2)y }));");
      Compiling threw: java.lang.AssertionError
      java.lang.AssertionError
          at jdk.nashorn.internal.codegen.Attr.enterFunctionBody(Attr.java:276)
          at jdk.nashorn.internal.codegen.Attr.enterBlock(Attr.java:297)
          at jdk.nashorn.internal.ir.Block.accept(Block.java:135)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.ir.FunctionNode.accept(FunctionNode.java:285)
          at jdk.nashorn.internal.ir.LexicalContextNode.accept(LexicalContextNode.java:69)
          at jdk.nashorn.internal.ir.PropertyNode.accept(PropertyNode.java:90)
          at jdk.nashorn.internal.ir.Node.accept(Node.java:346)
          at jdk.nashorn.internal.ir.ObjectNode.accept(ObjectNode.java:62)
          at jdk.nashorn.internal.ir.RuntimeNode.accept(RuntimeNode.java:415)
          at ...


      Attachments

        Activity

          People

            sundar Sundararajan Athijegannathan
            sundar Sundararajan Athijegannathan
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: