From a50ee02f2f8805628286b95bb20ec8e99e14707a Mon Sep 17 00:00:00 2001
From: Brian Hackett <bhackett1024@gmail.com>
Date: Tue, 23 Oct 2012 07:45:34 -0700
Subject: [PATCH] Don't get confused by unreachable opcodes before loop headers
 when picking chunk boundaries, bug 781859. r=jandem

---
 js/src/jit-test/tests/jaeger/bug781859-1.js | 25 +++++++++++++++++++++
 js/src/jit-test/tests/jaeger/bug781859-2.js |  9 ++++++++
 js/src/jit-test/tests/jaeger/bug781859-3.js | 10 +++++++++
 js/src/methodjit/Compiler.cpp               |  2 +-
 4 files changed, 45 insertions(+), 1 deletion(-)
 create mode 100644 js/src/jit-test/tests/jaeger/bug781859-1.js
 create mode 100644 js/src/jit-test/tests/jaeger/bug781859-2.js
 create mode 100644 js/src/jit-test/tests/jaeger/bug781859-3.js

diff --git a/js/src/jit-test/tests/jaeger/bug781859-1.js b/js/src/jit-test/tests/jaeger/bug781859-1.js
new file mode 100644
index 00000000000..7a28c02b77e
--- /dev/null
+++ b/js/src/jit-test/tests/jaeger/bug781859-1.js
@@ -0,0 +1,25 @@
+// |jit-test| error:ReferenceError
+function e() {
+    try {} catch (e) {
+    return (actual = "FAIL");
+      a.x + a.x + a.x + a.x + a.x + a.x + a.x + a.x
+      a.x + a.x + a.x + a.x + a.x + a.x + a.x + a.x
+      a.x + a.x + a.x + a.x + a.x + a.x + a.x + a.x
+      a.x + a.x + a.x + a.x + a.x + a.x + a.x + a.x
+      a.x + a.x + a.x + a.x + a.x + a.x + a.x + a.x
+      a.x + a.x + a.x + a.x + a.x + a.x + a.x + a.x
+      a.x + a.x + a.x + a.x + a.x + a.x + a.x + a.x
+      a.x + a.x + a.x + a.x + a.x + a.x + a.x + a.x
+      a.x + a.x + a.x + a.x + a.x + a.x + a.x + a.x
+      a.x + a.x + a.x + a.x + a.x + a.x + a.x + a.x
+      a.x + a.x + a.x + a.x + a.x + a.x + a.x + a.x
+      a.x + a.x + a.x + a.x + a.x + a.x + a.x + a.x
+      a.x + a.x + a.x + a.x + a.x + a.x + a.x + a.x
+      a.x + a.x + a.x + a.x + a.x + a.x + a.x + a.x
+      a.x + a.x + a.x + a.x + a.x + a.x + a.x + a.x
+      a.x + a.x + a.x + a.x + a.x + a.x + a.x + a.x
+      a.x + a.x + a.x + a.x + a.x + a.x + a.x + a.x
+    }
+    while (t) continue;
+}
+e();
diff --git a/js/src/jit-test/tests/jaeger/bug781859-2.js b/js/src/jit-test/tests/jaeger/bug781859-2.js
new file mode 100644
index 00000000000..42640ef07b7
--- /dev/null
+++ b/js/src/jit-test/tests/jaeger/bug781859-2.js
@@ -0,0 +1,9 @@
+mjitChunkLimit(42);
+Function("\
+    switch (/x/) {\
+        case 8:\
+        break;\
+        t(function(){})\
+    }\
+    while (false)(function(){})\
+")()
diff --git a/js/src/jit-test/tests/jaeger/bug781859-3.js b/js/src/jit-test/tests/jaeger/bug781859-3.js
new file mode 100644
index 00000000000..08cf1559e89
--- /dev/null
+++ b/js/src/jit-test/tests/jaeger/bug781859-3.js
@@ -0,0 +1,10 @@
+mjitChunkLimit(10);
+function e() {
+    try {
+        var t = undefined;
+    } catch (e) { }
+    while (t)
+        continue;
+}
+for (var i = 0; i < 20; i++)
+  e();
diff --git a/js/src/methodjit/Compiler.cpp b/js/src/methodjit/Compiler.cpp
index f80051f98cb..c908f59e5fc 100644
--- a/js/src/methodjit/Compiler.cpp
+++ b/js/src/methodjit/Compiler.cpp
@@ -704,7 +704,7 @@ MakeJITScript(JSContext *cx, JSScript *script)
 
             Bytecode *code = analysis->maybeCode(offset);
             if (!code)
-                continue;
+                op = JSOP_NOP; /* Ignore edges from unreachable opcodes. */
 
             /* Whether this should be the last opcode in the chunk. */
             bool finishChunk = false;