[Webkit-unassigned] [Bug 33450] property access (. operator) incorrectly returning prototype value not instance value
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jan 11 16:17:30 PST 2010
https://bugs.webkit.org/show_bug.cgi?id=33450
--- Comment #7 from Oliver Hunt <oliver at apple.com> 2010-01-11 16:17:28 PST ---
(In reply to comment #6)
> (In reply to comment #5)
> > (In reply to comment #4)
> > > Is there any way to know from
> > > lexical analysis which `.` operations are likely to fail so we do not have to
> > > do this transformation globally?
> >
> > Alas no. The bug is due to us incorrectly caching lookup to the prototype
> > object over an object that we consider a dictionary.
>
> Rats. Guess we have to stick with our work-around until the next Safari
> release, and hope people update.
Yeah, sorry about that, it's a fairly egregious bug :-(
Hmmm, you maybe able to avoid it if you can afford to introduce an additional
object into the prototype chain. IIRC this bug is specific to direct prototype
look ups, eg.
function f(o) { return o.b; }
o = {__proto__:{b:5}}
f(o);
eg.
o = {__proto__:{__proto__:{b:5}}}
f(o)
Would not be able to hit it (i'm skipping the steps required to induce the bug,
just trying to give the object/prototype structure)
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list