PropertyCondition::isStillValidAssumingImpurePropertyWatchpoint() sho…#1672
Open
aoikonomopoulos wants to merge 1 commit intoWebPlatformForEmbedded:wpe-2.38from
Conversation
…uld take non-reified static properties into account https://bugs.webkit.org/show_bug.cgi?id=255952 <rdar://108334411> Reviewed by Yusuke Suzuki. Currently, PropertyCondition::isStillValidAssumingImpurePropertyWatchpoint() is not checking the structure's non-reified static properties against the condition. This can lead to incorrect analysis of side effects: AbsenceOfSetEffect condition with a non-reified static setter is considered pure even though a setter with arbitrary code can be invoked. This patch fixes AbsenceOfSetEffect validity check for structures with non-reified static properties while takes extra care to make the fix as precise as possible to avoid unnecessary slowdowns. * LayoutTests/fast/dom/non-reified-event-isTrusted-ic-crash-expected.txt: Added. * LayoutTests/fast/dom/non-reified-event-isTrusted-ic-crash.html: Added. * Source/JavaScriptCore/bytecode/PropertyCondition.cpp: (JSC::PropertyCondition::isStillValidAssumingImpurePropertyWatchpoint const): Originally-landed-as: 259548.775@safari-7615-branch (ffe32d106cb2). rdar://113160398 Canonical link: https://commits.webkit.org/266582@main
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
…uld take non-reified static properties into account https://bugs.webkit.org/show_bug.cgi?id=255952 rdar://108334411
Reviewed by Yusuke Suzuki.
Currently, PropertyCondition::isStillValidAssumingImpurePropertyWatchpoint() is not checking the structure's non-reified static properties against the condition. This can lead to incorrect analysis of side effects: AbsenceOfSetEffect condition with a non-reified static setter is considered pure even though a setter with arbitrary code can be invoked.
This patch fixes AbsenceOfSetEffect validity check for structures with non-reified static properties while takes extra care to make the fix as precise as possible to avoid unnecessary slowdowns.
Originally-landed-as: 259548.775@safari-7615-branch (ffe32d106cb2). rdar://113160398
Canonical link: https://commits.webkit.org/266582@main
Pull Request Template
File a Bug
All changes should be associated with a bug. The WebKit project is currently using Bugzilla as our bug tracker. Note that multiple changes may be associated with a single bug.
Provided Tooling
The WebKit Project strongly recommends contributors use
Tools/Scripts/git-webkitto generate pull requests. See Setup and Contributing Code for how to do this.Template
If a contributor wishes to file a pull request manually, the template is below. Manually-filed pull requests should contain their commit message as the pull request description, and their commit message should be formatted like the template below.
Additionally, the pull request should be mentioned on Bugzilla, labels applied to the pull request matching the component and version of the Bugzilla associated with the pull request and the pull request assigned to its author.
5737070