RESOLVED FIXED 180779
Arrow functions need their own structure because they have different properties than sloppy functions 
https://bugs.webkit.org/show_bug.cgi?id=180779
Summary Arrow functions need their own structure because they have different properti...
Saam Barati
Reported 2017-12-13 16:06:57 PST
What we do now invalidates our caching policies. For example, arrow functions and normal vanilla sloppy functions share a structure. If we do: ``` function foo() { } let bar = () => undefined; bar.hasOwnProperty("prototype"); // false. This is expected foo.hasOwnProperty("prototype"); // false. This is wrong! ``` This is probably broken in get ICs as well. The bug is we either can't cache this property, or we need different structures to represent the difference in type here.
Attachments
patch (14.61 KB, patch)
2017-12-13 17:51 PST, Saam Barati 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Saam Barati
Comment 1 2017-12-13 16:09:11 PST
Here is an example of get being broken: ``` function assert(b) { if (!b) throw new Error; } function foo(f) { return f.prototype; } { let f1 = function () { }; let f2 = () => undefined; for (let i = 0; i < 100; ++i) assert(foo(f2) === undefined); assert(foo(f1) !== undefined); } ``` I think JF recently fixed a similar issue w/ strict vs sloppy mode functions.
Saam Barati
Comment 2 2017-12-13 16:16:54 PST
<rdar://problem/35814591>
Radar WebKit Bug Importer
Comment 3 2017-12-13 16:18:21 PST
<rdar://problem/36035267>
Saam Barati
Comment 4 2017-12-13 17:51:23 PST
Created attachment 329298 [details] patch
Mark Lam
Comment 5 2017-12-13 17:55:52 PST
Comment on attachment 329298 [details] patch r=me
WebKit Commit Bot
Comment 6 2017-12-13 20:10:06 PST
Comment on attachment 329298 [details] patch Clearing flags on attachment: 329298 Committed r225891: <https://trac.webkit.org/changeset/225891>
WebKit Commit Bot
Comment 7 2017-12-13 20:10:07 PST
All reviewed patches have been landed. Closing bug.
JF Bastien
Comment 8 2017-12-14 09:12:56 PST
Comment on attachment 329298 [details] patch Belated r=me too
Note You need to log in before you can comment on or make changes to this bug.