Bug 1138195 - Ensure that the bytecode analysis is consistent with the bindings. r=jandem
authorNicolas B. Pierron <nicolas.b.pierron@mozilla.com>
Mon, 04 May 2015 15:14:38 +0200
changeset 273614 edfafb7271a65daee507417ecb1357db48f4ab55
parent 273613 2c6a7013693f48a74a7dafc271181811d7e420d7
child 273615 a656694f7aed5f67f2daa13b2f19d96cbaeba0b8
push id863
push userraliiev@mozilla.com
push dateMon, 03 Aug 2015 13:22:43 +0000
treeherdermozilla-release@f6321b14228d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjandem
bugs1138195
milestone40.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1138195 - Ensure that the bytecode analysis is consistent with the bindings. r=jandem
js/src/jit-test/tests/self-test/getBacktrace-bug1138195.js
js/src/jit/BytecodeAnalysis.cpp
new file mode 100644
--- /dev/null
+++ b/js/src/jit-test/tests/self-test/getBacktrace-bug1138195.js
@@ -0,0 +1,8 @@
+
+function f(x) {
+    for (var i = 0; i < 40; ++i) {
+	var stack = getBacktrace({args: true});
+	(function() { g = x;});
+    }
+}
+f(1);
--- a/js/src/jit/BytecodeAnalysis.cpp
+++ b/js/src/jit/BytecodeAnalysis.cpp
@@ -40,16 +40,19 @@ struct CatchFinallyRange
 };
 
 bool
 BytecodeAnalysis::init(TempAllocator& alloc, GSNCache& gsn)
 {
     if (!infos_.growByUninitialized(script_->length()))
         return false;
 
+    // We need a scope chain if any of the bindings are aliased.
+    usesScopeChain_ = script_->hasAnyAliasedBindings();
+
     jsbytecode* end = script_->codeEnd();
 
     // Clear all BytecodeInfo.
     mozilla::PodZero(infos_.begin(), infos_.length());
     infos_[0].init(/*stackDepth=*/0);
 
     Vector<CatchFinallyRange, 0, JitAllocPolicy> catchFinallyRanges(alloc);