Re: VerifyError: Bad type on operand stack

Mon, 16 Sep 2013 01:29:15 -0700 

Looks like return obj is treated like an arguments vector, which is not right. 

We do a virtual call to getArgument, which is a ScriptObject method with "obj" 
as a receiver, which is not guaranteed to work. See bci 48:

public static java.lang.Object 
func(jdk.nashorn.internal.runtime.ScriptFunction, java.lang.Object, 
java.lang.Object...);
    Code:
       0: aload_2       
       1: aload_0       
       2: iconst_1      
       3: invokestatic  #47                 // Method 
jdk/nashorn/internal/objects/Global.allocateArguments:([Ljava/lang/Object;Ljava/lang/Object;I)Ljdk/nashorn/internal/runtime/ScriptObject;
       6: astore_3      
       7: getstatic     #51                 // Field 
jdk/nashorn/internal/runtime/ScriptRuntime.UNDEFINED:Ljdk/nashorn/internal/runtime/Undefined;
      10: astore        5
      12: aload_3       
      13: iconst_0      
      14: invokevirtual #57                 // Method 
jdk/nashorn/internal/runtime/ScriptObject.getArgument:(I)Ljava/lang/Object;
      17: astore_3      
      18: aload_3       
      19: invokestatic  #61                 // Method 
jdk/nashorn/internal/runtime/ScriptRuntime.toPropertyIterator:(Ljava/lang/Object;)Ljava/util/Iterator;
      22: astore        6
      24: goto          36
      27: aload         6
      29: invokeinterface #67,  1           // InterfaceMethod 
java/util/Iterator.next:()Ljava/lang/Object;
      34: astore        5
      36: aload         6
      38: invokeinterface #71,  1           // InterfaceMethod 
java/util/Iterator.hasNext:()Z
      43: ifne          27
      46: aload_3       
      47: iconst_0      
      48: invokevirtual #57                 // Method 
jdk/nashorn/internal/runtime/ScriptObject.getArgument:(I)Ljava/lang/Object;
      51: areturn       

On Sep 14, 2013, at 10:04 AM, A. Sundararajan 
<sundararajan.athijegannat...@oracle.com> wrote:

> Hi,
> 
> Thanks for the simplified test case. Even simpler test is as follows:
> 
> function func(obj) {
>    var arguments = obj;
>    for (var i in arguments) {
>    }
>    return obj;
> }
> 
> 
> I suspect the issue has to do with handling of 'arguments' shadowing by local 
> var of "magic" arguments. Renaming arguments fixes it. And looks like the 
> loop over arguments is needed as well. I'll file a bug.
> 
> Thanks again,
> -Sundar
> 
> On Saturday 14 September 2013 09:12 AM, Tal Liron wrote:
>> Hm, I think the mailing list doesn't support attachments. Here is a link to 
>> the file that causes the VerifyError:
>> 
>> http://sincerity.googlecode.com/git/components/plugins/javascript-nashorn/libraries/scripturian/plugins/javascript-nashorn.js
>>  
>> 
>> On 09/13/2013 03:38 PM, Tal Liron wrote:
>>> Hi Attila, I am attaching the file. I didn't attach it originally, because 
>>> I thought it would be impossible for you to test: it is normally run from 
>>> within an embedded environment based on Scripturian/Sincerity. However, I 
>>> am happy say that i tried anyway and the exact same exception is 
>>> reproducible even with jjs. Note that "jjs --compile-only" completes 
>>> without error.
>>> 
>>> -Tal
>> 
>

Reply via email to