Closed
Bug 708156
Opened 13 years ago
Closed 13 years ago
SpiderMonkey can use stale script analysis when debug mode is turned on
Categories
(Core :: JavaScript Engine, defect)
Core
JavaScript Engine
Tracking
()
RESOLVED
FIXED
mozilla11
People
(Reporter: jimb, Assigned: jimb)
References
Details
Attachments
(1 file)
|
3.04 KB,
patch
|
bhackett1024
:
review+
|
Details | Diff | Splinter Review |
The contents of a ScriptAnalysis depend on the value of debugMode; for example, see the way usesReturnValue_ gets set in ScriptAnalysis::analyzeByteCode. In some cases, the compiler may try to use a ScriptAnalysis created before debug mode was turned on to generate code when debug mode is on, leading to... Undesirable Consequences [orchestra spike].
Some tests in js/src/jit-test/tests/debug cause the assertions in the attached patch to fail, if you comment out the call to JSScript::clearAnalysis that it adds.
Attachment #579556 -
Flags: review?(bhackett1024)
|
Assignee | |
Updated•13 years ago
|
Assignee: general → jimb
OS: Linux → All
Hardware: x86_64 → All
Target Milestone: --- → mozilla11
|
|
Assignee | |
Updated•13 years ago
|
Flags: in-testsuite+
|
||
Updated•13 years ago
|
Attachment #579556 -
Flags: review?(bhackett1024) → review+
|
|
Assignee | |
Comment 1•13 years ago
|
||
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 2•13 years ago
|
||
Try server run:
https://tbpl.mozilla.org/?tree=Try&rev=48fe5b5d6aa3
|
||
Comment 3•13 years ago
|
||
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•