Closed
Bug 1245187
Opened 8 years ago
Closed 8 years ago
Differential Testing: Different output message involving with
Categories
(Core :: JavaScript Engine: JIT, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: gkw, Unassigned)
Details
(Keywords: regression, testcase)
try {
with(this) {
['', 0].filter(function(w) {
return y += w;
});
}
var x = this, y;
} catch (e) {}
print(y);
$ ./js-dbg-64-dm-clang-darwin-5f9ba76eb3b1 --fuzzing-safe --no-threads --ion-eager testcase.js
NaN
$ ./js-dbg-64-dm-clang-darwin-5f9ba76eb3b1 --fuzzing-safe --no-threads --no-baseline --no-ion testcase.js
undefined0
Tested this on m-c rev 5f9ba76eb3b1.
My configure flags are:
CC="clang -Qunused-arguments" CXX="clang++ -Qunused-arguments" AR=ar AUTOCONF=/usr/local/Cellar/autoconf213/2.13/bin/autoconf213 sh /Users/skywalker/trees/mozilla-central/js/src/configure --target=x86_64-apple-darwin14.5.0 --disable-jemalloc --enable-debug --enable-more-deterministic --with-ccache --enable-gczeal --enable-debug-symbols --disable-tests
python -u ~/funfuzz/js/compileShell.py -b "--enable-debug --enable-more-deterministic" -r 5f9ba76eb3b1
This goes back past m-c rev 54be5416ae5d (nov 2014), so it will be great if Jan or Hannes might be able to diagnose for a start, and move it on if necessary.Flags: needinfo?(jdemooij)
Flags: needinfo?(hv1989)
|
Reporter | |
Updated•8 years ago
|
Has STR: --- → yes
|
||
Comment 1•8 years ago
|
||
The problem is Baseline attaching a property-does-not-exist stub for GETXPROP (ugh) on a With object :( The easiest fix is to tell Baseline not to attach a stub in this case. It seems to me DynamicWithObject should probably be a non-native object though. I wonder if we could run into similar issues with a plain GETPROP and a Native object with getProperty (et al) ObjectOps...
Flags: needinfo?(hv1989)
|
|
Reporter | |
Updated•8 years ago
|
Summary: Differential Testing: Different output message involving .filter → Differential Testing: Different output message involving with
|
|
||
Comment 2•8 years ago
|
||
Fixed as part of bug 1255352. We no longer attach a does-not-exist stub for GETXPROP.
Status: NEW → RESOLVED
Closed: 8 years ago
Flags: needinfo?(jdemooij)
Resolution: --- → FIXED
|
|
||
Updated•8 years ago
|
status-firefox48:
--- → fixed
|
|
Reporter | |
Comment 3•8 years ago
|
||
Jan, can we easily get a patch for approval‑mozilla‑esr45 as well? It would aid fuzzing on that branch. If the CacheIR patch is too risky, it just means we won't be running differential testing on testcases that involve "with".
Flags: needinfo?(jdemooij)
|
|
||
Comment 4•8 years ago
|
||
(In reply to Gary Kwong [:gkw] [:nth10sd] from comment #3) > Jan, can we easily get a patch for approval‑mozilla‑esr45 as well? It would > aid fuzzing on that branch. If the CacheIR patch is too risky, it just means > we won't be running differential testing on testcases that involve "with". Yeah it's not possible to backport that. Not testing "with" on esr45 seems fine - I also think differential testing is most useful on trunk.
Flags: needinfo?(jdemooij)
You need to log in
before you can comment on or make changes to this bug.
Description
•