[JSC] GetByIdStatus::m_wasSeenInJIT is touched in GetByIdStatus::slowVersion
authoryusukesuzuki@slowstart.org <yusukesuzuki@slowstart.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 14 Aug 2018 17:46:35 +0000 (17:46 +0000)
committeryusukesuzuki@slowstart.org <yusukesuzuki@slowstart.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 14 Aug 2018 17:46:35 +0000 (17:46 +0000)
commit794c9343c824d8e7300ff8d96c8d1968c9bccf42
treeb3d0913a4a24ec51f0f925829b598973d8493478
parent934d11b5c52ef492113fdcdf20441005edb4e1a7
[JSC] GetByIdStatus::m_wasSeenInJIT is touched in GetByIdStatus::slowVersion
https://bugs.webkit.org/show_bug.cgi?id=188560

Reviewed by Keith Miller.

While GetByIdStatus() / GetByIdStatus(status) constructors do not set m_wasSeenInJIT,
it is loaded unconditionally in GetByIdStatus::slowVersion. This access to the
uninitialized member field is caught in UBSan. This patch fixes it by adding an initializer
`m_wasSeenInJIT { false }`.

* bytecode/GetByIdStatus.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@234855 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/bytecode/GetByIdStatus.h