nephele
/
haikuwebkit
1
0
Fork 0
Code Issues Releases Activity
haikuwebkit/LayoutTests/js/regress-150745-expected.txt

11 lines
224 B
Plaintext
Raw Permalink Normal View History

WebInspector crashed while viewing Timeline when refreshing cnn.com while it was already loading https://bugs.webkit.org/show_bug.cgi?id=150745 Reviewed by Geoffrey Garen. Source/JavaScriptCore: During OSR exit, reifyInlinedCallFrames() was using the call kind from a tail call to find the CallLinkInfo / StubInfo to find the return PC. Instead we need to get the call type of the true caller, that is the function we'll be returning to. This can be found by remembering the last call type we find while walking up the inlined frames in InlineCallFrame::getCallerSkippingDeadFrames(). We can also return directly back to a getter or setter callsite without using a thunk. * bytecode/InlineCallFrame.h: (JSC::InlineCallFrame::computeCallerSkippingDeadFrames): (JSC::InlineCallFrame::getCallerSkippingDeadFrames): * dfg/DFGOSRExitCompilerCommon.cpp: (JSC::DFG::reifyInlinedCallFrames): * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_id): Need to eliminate the stack pointer check, as it is wrong for reified inlined frames created during OSR exit. * jit/ThunkGenerators.cpp: (JSC::baselineGetterReturnThunkGenerator): Deleted. (JSC::baselineSetterReturnThunkGenerator): Deleted. * jit/ThunkGenerators.h: LayoutTests: New regression tests. * js/regress-150745-expected.txt: Added. * js/regress-150745.html: Added. * js/script-tests/regress-150745.js: Added. (Test): (Test.prototype.get sum): (Test.prototype.doSum): (getSum): Canonical link: https://commits.webkit.org/169026@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@191937 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2015-11-03 05:34:01 +00:00
Regression test for 150745
On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
PASS Able to OSR exit from an inlined tail callee of a getter.
PASS successfullyParsed is true
TEST COMPLETE