Bug 114068

Summary:

tryCacheGetByID sets StructureStubInfo accessType to an incorrect value

Product:

WebKit

Reporter:

Mark Hahnenberg <mhahnenberg>

Component:

JavaScriptCore

Assignee:

Mark Hahnenberg <mhahnenberg>

Status:

RESOLVED FIXED

Severity:

Normal

Priority:

Version:

528+ (Nightly build)

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	none
Patch	ggaren: review+, mhahnenberg: commit-queue+

Mark Hahnenberg

Reported 2013-04-05 15:21:24 PDT

In the case where we have a non-Value cacheable property, we set the StructureStubInfo accessType to get_by_id_self, but then we don't patch self and instead patch in a get_by_id_self_fail. This leads to incorrect profiling data so when the DFG compiles the function, it uses a GetByOffset rather than a GetById, which leads to loading a GetterSetter directly out of an object.

Attachments
Patch (2.94 KB, patch) 2013-04-05 15:56 PDT, Mark Hahnenberg	no flags	Details Formatted Diff Diff
Patch (12.60 KB, patch) 2013-04-05 16:31 PDT, Mark Hahnenberg	ggaren: review+ mhahnenberg: commit-queue+	Details Formatted Diff Diff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.