Closed Bug 708156 Opened 8 years ago Closed 8 years ago
Monkey can use stale script analysis when debug mode is turned on
The contents of a ScriptAnalysis depend on the value of debugMode; for example, see the way usesReturnValue_ gets set in ScriptAnalysis::analyzeByteCode. In some cases, the compiler may try to use a ScriptAnalysis created before debug mode was turned on to generate code when debug mode is on, leading to... Undesirable Consequences [orchestra spike]. Some tests in js/src/jit-test/tests/debug cause the assertions in the attached patch to fail, if you comment out the call to JSScript::clearAnalysis that it adds.
Attachment #579556 - Flags: review?(bhackett1024)
Assignee: general → jimb
OS: Linux → All
Hardware: x86_64 → All
Target Milestone: --- → mozilla11
Attachment #579556 - Flags: review?(bhackett1024) → review+
Status: NEW → ASSIGNED
Try server run: https://tbpl.mozilla.org/?tree=Try&rev=48fe5b5d6aa3
Status: ASSIGNED → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.