213310 2020-06-17 11:29:04 -0700 [JSC] Freeze JSBigInt when setting it as a constant in AI 2020-06-17 13:23:22 -0700 1 1 1 Unclassified WebKit New Bugs WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 ysuzuki ysuzuki ews-watchlist keith_miller mark.lam msaboff saam tzagallo webkit-bug-importer oldest_to_newest 1663609 0 ysuzuki 2020-06-17 11:29:04 -0700 [JSC] Freeze JSBigInt when setting it as a constant in AI 1663612 1 402137 ysuzuki 2020-06-17 11:31:26 -0700 Created attachment 402137 Patch 1663613 2 ysuzuki 2020-06-17 11:31:28 -0700 <rdar://problem/64450410> 1663614 3 402137 mark.lam 2020-06-17 11:32:20 -0700 Comment on attachment 402137 Patch r=me 1663615 4 402137 saam 2020-06-17 11:32:50 -0700 Comment on attachment 402137 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=402137&action=review > Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h:2707 > + setConstant(node, *m_graph.freeze(childConst.asCell())); is there anywhere else in AI/constant folding we're missing this? Should setConstant assert? 1663616 5 saam 2020-06-17 11:33:00 -0700 r=me too 1663628 6 402137 ysuzuki 2020-06-17 11:54:06 -0700 Comment on attachment 402137 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=402137&action=review >> Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h:2707 >> + setConstant(node, *m_graph.freeze(childConst.asCell())); > > is there anywhere else in AI/constant folding we're missing this? > > Should setConstant assert? setConstant (specifically, setConstant's FrozenValue constructor) has assertion, and this assertion fired with the attached test. I've checked AI code and this is the only place about BigInt thing. 1663650 7 ysuzuki 2020-06-17 13:01:56 -0700 Windows failure is fast/dom/Window/alert-with-unmatched-utf16-surrogate-should-not-crash.html, which is unrelated to this one. 1663660 8 ews-feeder 2020-06-17 13:23:21 -0700 Committed r263180: <https://trac.webkit.org/changeset/263180> All reviewed patches have been landed. Closing bug and clearing flags on attachment 402137. 402137 2020-06-17 11:31:26 -0700 2020-06-17 13:23:22 -0700 Patch bug-213310-20200617113125.patch text/plain 3276 ysuzuki U3VidmVyc2lvbiBSZXZpc2lvbjogMjYzMTY1CmRpZmYgLS1naXQgYS9Tb3VyY2UvSmF2YVNjcmlw dENvcmUvQ2hhbmdlTG9nIGIvU291cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwppbmRleCBj Y2UxYTBmMGM1NGRlZjJkOGZiYWFiMDhkMWUyOGRhYjgwNzExOTNlLi43NDcyNWQzZjFlYjU4Nzc2 YjEyN2ZiOWVlMDY2MDZhMjBjYzJkOGY4IDEwMDY0NAotLS0gYS9Tb3VyY2UvSmF2YVNjcmlwdENv cmUvQ2hhbmdlTG9nCisrKyBiL1NvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKQEAgLTEs MyArMSwxOCBAQAorMjAyMC0wNi0xNyAgWXVzdWtlIFN1enVraSAgPHlzdXp1a2lAYXBwbGUuY29t PgorCisgICAgICAgIFtKU0NdIEZyZWV6ZSBKU0JpZ0ludCB3aGVuIHNldHRpbmcgaXQgYXMgYSBj b25zdGFudCBpbiBBSQorICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5j Z2k/aWQ9MjEzMzEwCisgICAgICAgIDxyZGFyOi8vcHJvYmxlbS82NDQ1MDQxMD4KKworICAgICAg ICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICBKU0NlbGxzIHNob3VsZCBi ZSBleHBsaWNpdGx5IGZyb3plbiB2aWEgREZHOjpHcmFwaDo6ZnJlZXplIG9yIERGRzo6R3JhcGg6 OmZyZWV6ZVN0cm9uZy4gQW5kIGhlYXAgSlNCaWdJbnQgaXMgSlNDZWxsLgorICAgICAgICBXZSBz aG91bGQgZnJlZXplIGl0IGJlZm9yZSBzZXR0aW5nIGl0IGFzIGEgcGFyYW1ldGVyIG9mIHNldENv bnN0YW50IGluIEFJLiBXZSB1c2UgREZHOjpHcmFwaDo6ZnJlZXplIHNpbmNlIHdlIGtub3cKKyAg ICAgICAgdGhhdCB0aGlzIGlzIGNvbWluZyBmcm9tIHNvbWV3aGVyZSBpbiBERkcgZ3JhcGg6IHRo aXMgVG9OdW1lcmljIG5vZGUgaXRzZWxmIGlzIG5vdCBuZXdseSBwcm9kdWNpbmcgdGhpcyBKU0Jp Z0ludC4KKworICAgICAgICAqIGRmZy9ERkdBYnN0cmFjdEludGVycHJldGVySW5saW5lcy5oOgor ICAgICAgICAoSlNDOjpERkc6OkFic3RyYWN0SW50ZXJwcmV0ZXI8QWJzdHJhY3RTdGF0ZVR5cGU+ OjpleGVjdXRlRWZmZWN0cyk6CisKIDIwMjAtMDYtMTcgIFl1c3VrZSBTdXp1a2kgIDx5c3V6dWtp QGFwcGxlLmNvbT4KIAogICAgICAgICBVbnJldmlld2VkLCBhdm9pZCBub2RlIGFjY2VzcyBpbiBs aW5rLXRhc2sKZGlmZiAtLWdpdCBhL1NvdXJjZS9KYXZhU2NyaXB0Q29yZS9kZmcvREZHQWJzdHJh Y3RJbnRlcnByZXRlcklubGluZXMuaCBiL1NvdXJjZS9KYXZhU2NyaXB0Q29yZS9kZmcvREZHQWJz dHJhY3RJbnRlcnByZXRlcklubGluZXMuaAppbmRleCBkZTZlZjY0N2Y4Mzc5ZTI5YTBiMjc1MTcz NzA5YzExNGY4ODg2NzM2Li4wNThjN2MyNjZlZDYyOTFjMzg0MDg0ODQ5NDI1Njc4YjYxMTBlNDlm IDEwMDY0NAotLS0gYS9Tb3VyY2UvSmF2YVNjcmlwdENvcmUvZGZnL0RGR0Fic3RyYWN0SW50ZXJw cmV0ZXJJbmxpbmVzLmgKKysrIGIvU291cmNlL0phdmFTY3JpcHRDb3JlL2RmZy9ERkdBYnN0cmFj dEludGVycHJldGVySW5saW5lcy5oCkBAIC0yNzAzLDcgKzI3MDMsMTAgQEAgYm9vbCBBYnN0cmFj dEludGVycHJldGVyPEFic3RyYWN0U3RhdGVUeXBlPjo6ZXhlY3V0ZUVmZmVjdHModW5zaWduZWQg Y2xvYmJlckxpbWkKICAgICAgICAgSlNWYWx1ZSBjaGlsZENvbnN0ID0gZm9yTm9kZShub2RlLT5j aGlsZDEoKSkudmFsdWUoKTsKICAgICAgICAgaWYgKGNoaWxkQ29uc3QgJiYgKGNoaWxkQ29uc3Qu aXNOdW1iZXIoKSB8fCBjaGlsZENvbnN0LmlzQmlnSW50KCkpKSB7CiAgICAgICAgICAgICBkaWRG b2xkQ2xvYmJlcldvcmxkKCk7Ci0gICAgICAgICAgICBzZXRDb25zdGFudChub2RlLCBjaGlsZENv bnN0KTsKKyAgICAgICAgICAgIGlmIChjaGlsZENvbnN0LmlzQ2VsbCgpKQorICAgICAgICAgICAg ICAgIHNldENvbnN0YW50KG5vZGUsICptX2dyYXBoLmZyZWV6ZShjaGlsZENvbnN0LmFzQ2VsbCgp KSk7CisgICAgICAgICAgICBlbHNlCisgICAgICAgICAgICAgICAgc2V0Q29uc3RhbnQobm9kZSwg Y2hpbGRDb25zdCk7CiAgICAgICAgICAgICBicmVhazsKICAgICAgICAgfQogCmRpZmYgLS1naXQg YS9KU1Rlc3RzL0NoYW5nZUxvZyBiL0pTVGVzdHMvQ2hhbmdlTG9nCmluZGV4IDdmMGRhMjM1ZDJk YThkZTM1MDBhMzcyZTBlMmM5NmNkODExODE2YTkuLjBkYzA5YTg1MDJkNmNjOTMxZGUzYTc4MDEz Njg2NWZlNGI1N2FlYzggMTAwNjQ0Ci0tLSBhL0pTVGVzdHMvQ2hhbmdlTG9nCisrKyBiL0pTVGVz dHMvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMTQgQEAKKzIwMjAtMDYtMTcgIFl1c3VrZSBTdXp1a2kg IDx5c3V6dWtpQGFwcGxlLmNvbT4KKworICAgICAgICBbSlNDXSBGcmVlemUgSlNCaWdJbnQgd2hl biBzZXR0aW5nIGl0IGFzIGEgY29uc3RhbnQgaW4gQUkKKyAgICAgICAgaHR0cHM6Ly9idWdzLndl YmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTIxMzMxMAorICAgICAgICA8cmRhcjovL3Byb2JsZW0v NjQ0NTA0MTA+CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAg ICAgKiBzdHJlc3MvYmlnaW50LWNvbnN0YW50LWZvbGQtdG8tbnVtZXJpYy5qczogQWRkZWQuCisg ICAgICAgIChmb28pOgorCiAyMDIwLTA2LTE2ICBZdXN1a2UgU3V6dWtpICA8eXN1enVraUBhcHBs ZS5jb20+CiAKICAgICAgICAgW0pTQ10gQ2hlY2sgTnVsbFNldHRlckZ1bmN0aW9uIHVuZGVyIHN0 cmljdC1tb2RlIGNvbnRleHQgc2luY2Ugc3RydWN0dXJlIC8gUHJvcGVydHlDb25kaXRpb24gYXJl IHVuYXdhcmUgb2YgdGhpcwpkaWZmIC0tZ2l0IGEvSlNUZXN0cy9zdHJlc3MvYmlnaW50LWNvbnN0 YW50LWZvbGQtdG8tbnVtZXJpYy5qcyBiL0pTVGVzdHMvc3RyZXNzL2JpZ2ludC1jb25zdGFudC1m b2xkLXRvLW51bWVyaWMuanMKbmV3IGZpbGUgbW9kZSAxMDA2NDQKaW5kZXggMDAwMDAwMDAwMDAw MDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMC4uOTdlZTdjMTU5YjE3MmVjZmMyZjI4NTJiYTBh ZjVmNTJhODk5YTI3MQotLS0gL2Rldi9udWxsCisrKyBiL0pTVGVzdHMvc3RyZXNzL2JpZ2ludC1j b25zdGFudC1mb2xkLXRvLW51bWVyaWMuanMKQEAgLTAsMCArMSwxMyBAQAorLy9AIHJ1bkRlZmF1 bHQoIi0tdXNlQ29uY3VycmVudEpJVD0wIikKKworZnVuY3Rpb24gZm9vKCkgeworICAgIGxldCB4 ID0gMTAwMDAwMDAwMDBuCisgICAgZm9yIChsZXQgaSA9IDA7IGkgPD0gMTAwMDAwOyBpKyspIHsK KyAgICAgICAgbGV0IGEwID0gW107CisgICAgICAgIGEwW3grK107CisgICAgICAgIHggPSAwOwor ICAgIH0KK30KKworZm9vKCk7Citmb28oKTsK