| Summary: | Web Inspector: [Chromium] Fix handling of aggregate names in profiler | ||||||
|---|---|---|---|---|---|---|---|
| Product: | WebKit | Reporter: | Mikhail Naganov <mnaganov> | ||||
| Component: | Web Inspector (Deprecated) | Assignee: | Mikhail Naganov <mnaganov> | ||||
| Status: | RESOLVED FIXED | ||||||
| Severity: | Normal | CC: | apavlov, bweinstein, joepeck, keishi, loislo, pfeldman, pmuellr, rik, timothy, yurys | ||||
| Priority: | P2 | ||||||
| Version: | 528+ (Nightly build) | ||||||
| Hardware: | All | ||||||
| OS: | All | ||||||
| Attachments: |
|
||||||
Created attachment 104808 [details]
Patch
Manually committed http://trac.webkit.org/changeset/93591 Web Inspector: [Chromium] Fix handling of aggregate names in profiler. https://bugs.webkit.org/show_bug.cgi?id=66753 Reviewed by Pavel Feldman. * inspector/front-end/HeapSnapshot.js: (WebInspector.HeapSnapshot.prototype._buildAggregates): |
Currently in _buildAggregates we check for existing aggregate names using the "in" operator, and it looks up in the prototype chain, so e.g. "'toString' in {} === true". That is, having an aggregate named "toString" will cause a problem.