RESOLVED FIXED 133903
Convert ASSERT in inlineFunctionForCapabilityLevel to early return 
https://bugs.webkit.org/show_bug.cgi?id=133903
Summary Convert ASSERT in inlineFunctionForCapabilityLevel to early return
Michael Saboff
Reported 2014-06-14 09:35:56 PDT
inlineFunctionForCapabilityLevel() begins with: if (isClosureCall) { ASSERT(kind == CodeForCall); return inlineFunctionForClosureCallCapabilityLevel(codeBlock); } In some cases inlineFunctionForCapabilityLevel is called with isClosureCall true for CodeForConstruct. In release builds we'll do the wrong thing. Instead we should return CannotCompile.
Attachments
Patch (1.44 KB, patch)
2014-06-14 09:49 PDT, Michael Saboff 		mhahnenberg: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Michael Saboff
Comment 1 2014-06-14 09:49:41 PDT
Created attachment 233109 [details] Patch
Mark Hahnenberg
Comment 2 2014-06-16 09:37:37 PDT
Comment on attachment 233109 [details] Patch r=me
Michael Saboff
Comment 3 2014-06-16 09:41:29 PDT
Committed r170011: <http://trac.webkit.org/changeset/170011>
Geoffrey Garen
Comment 4 2014-06-16 11:54:36 PDT
Comment on attachment 233109 [details] Patch Seems like this should be pretty easy to test in a debug build. Can you add a test case?
Michael Saboff
Comment 5 2014-06-16 13:46:32 PDT
(In reply to comment #4) > (From update of attachment 233109 [details]) > Seems like this should be pretty easy to test in a debug build. Can you add a test case? I don't know about easy. In testing on a debug build, I hit this very infrequently, say ~20 minutes. I will look into writing a test that can reliably hit this case. Tracked in <https://bugs.webkit.org/show_bug.cgi?id=133950> - "Add test for case where inlineFunctionForCapabilityLevel() is called for a constructor and isClosureCall is true"
Note You need to log in before you can comment on or make changes to this bug.