RESOLVED FIXED Bug 151453
Caching of properties on objects that have named property getters is sometimes incorrect 
https://bugs.webkit.org/show_bug.cgi?id=151453
Summary Caching of properties on objects that have named property getters is sometime...
Chris Dumez
Reported 2015-11-19 11:54:36 PST
Caching of properties on objects that have named property getters is sometimes incorrect.
Attachments
WIP (Not working yet) (9.86 KB, patch)
2015-11-19 11:56 PST, Chris Dumez 		no flags
DetailsFormatted DiffDiff
WIP (Not working yet) (11.35 KB, patch)
2015-11-19 11:58 PST, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (18.12 KB, patch)
2015-11-19 13:57 PST, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (18.28 KB, patch)
2015-11-20 11:59 PST, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Show Obsolete (3) View All Add attachment proposed patch, testcase, etc.
Chris Dumez
Comment 1 2015-11-19 11:54:54 PST
rdar://problem/23049343
Chris Dumez
Comment 2 2015-11-19 11:56:11 PST
Created attachment 265878 [details] WIP (Not working yet)
Chris Dumez
Comment 3 2015-11-19 11:58:14 PST
Created attachment 265879 [details] WIP (Not working yet)
Chris Dumez
Comment 4 2015-11-19 13:57:20 PST
Created attachment 265898 [details] Patch
Gavin Barraclough
Comment 5 2015-11-20 10:41:33 PST
Comment on attachment 265898 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=265898&action=review > Source/JavaScriptCore/runtime/JSTypeInfo.h:53 > +static const unsigned GetOwnPropertySlotIsImpureForPropertyAbsence = 1 << 13; One suggestion: GetOwnPropertySlotIsImpure implies GetOwnPropertySlotIsImpureForPropertyAbsence, but does not cause it to be set. A programmer could in error check GetOwnPropertySlotIsImpureForPropertyAbsence and think this would tell them whether property access is impure for absence – but this is not sufficient (they also need to check GetOwnPropertySlotIsImpure). As such a better approach might be to have discrete flags – where one is not a subset of another – GetOwnPropertySlotIsImpureForPropertyAbsence and GetOwnPropertySlotIsImpureForPropertyPresence. You could define GetOwnPropertySlotIsImpure to set both (GetOwnPropertySlotIsImpureForPropertyAbsence | GetOwnPropertySlotIsImpureForPropertyPresence). Classes wanting to adopt both behaviors could still use the GetOwnPropertySlotIsImpure name, but code wanting to check could safely either check …ForPropertyAbsence or …ForPropertyPresence. > LayoutTests/fast/dom/NamedNodeMap-named-getter-caching.html:16 > + lastIterationHasRightValue = true; This loop now only detects a bad value on the last iteration, no longer checks values on the first 999 interactions are as expected too. Please fix.
Chris Dumez
Comment 6 2015-11-20 11:59:04 PST
Created attachment 265977 [details] Patch
WebKit Commit Bot
Comment 7 2015-11-20 12:45:18 PST
Comment on attachment 265977 [details] Patch Clearing flags on attachment: 265977 Committed r192693: <http://trac.webkit.org/changeset/192693>
WebKit Commit Bot
Comment 8 2015-11-20 12:45:22 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.