[CherryPick] Remove use of JSCell::classInfoOffset() from tryCacheGetByID
[Title] Remove use of JSCell::classInfoOffset() from tryCacheGetByID
[Issue#] N_SE-49504
[Problem] Crash after accessing property through cached property
[Solution] use structure rather than classinfo
[Cherry-Picker] Lee SangGyu <sg5.lee@samsung.com>
Remove use of JSCell::classInfoOffset() from tryCacheGetByID
https://bugs.webkit.org/show_bug.cgi?id=95860
Reviewed by Oliver Hunt.
We should just do the indirection through the Structure instead.
* dfg/DFGRepatch.cpp:
(JSC::DFG::tryCacheGetByID):
Change-Id: Ib42dc2baa19a5ae1b27c981982d36c3faaa880f9
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127648
268f45cc-cd09-0410-ab3c-
d52691b4dbfc
projects / framework / web / webkit-efl.git / commit