js/src/jit-test/tests/basic/bug504587-1.js@129ffea94266 (annotated)
js/src/jit-test/tests/basic/bug504587-1.js
Sat, 03 Jan 2015 20:18:00 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Sat, 03 Jan 2015 20:18:00 +0100
- branch
- TOR_BUG_3246
- changeset 7
- 129ffea94266
- permissions
- -rw-r--r--
Conditionally enable double key logic according to:
private browsing mode or privacy.thirdparty.isolate preference and
implement in GetCookieStringCommon and FindCookie where it counts...
With some reservations of how to convince FindCookie users to test
condition and pass a nullptr when disabling double key logic.
| michael@0 | 1 | // This test case failed a WIP patch. See https://bugzilla.mozilla.org/show_bug.cgi?id=504587#c68 |
| michael@0 | 2 | |
| michael@0 | 3 | function B() {} |
| michael@0 | 4 | B.prototype.x = 1; |
| michael@0 | 5 | var d = new B; |
| michael@0 | 6 | |
| michael@0 | 7 | var names = ['z', 'z', 'z', 'z', 'z', 'z', 'z', 'x']; |
| michael@0 | 8 | for (var i = 0; i < names.length; i++) { |
| michael@0 | 9 | x = d.x; // guard on shapeOf(d) |
| michael@0 | 10 | d[names[i]] = 2; // unpredicted shape change |
| michael@0 | 11 | y = d.x; // guard here is elided |
| michael@0 | 12 | } |
| michael@0 | 13 | assertEq(y, 2); // Assertion failed: got 1, expected 2 |
