Bug 196313

Summary: validateOSREntryValue with Int52 should box the value being checked into double format
Product: WebKit Reporter: Saam Barati <saam>
Component: JavaScriptCoreAssignee: Saam Barati <saam>
Status: RESOLVED FIXED    
Severity: Normal CC: benjamin, commit-queue, fpizlo, ggaren, gskachkov, guijemont, keith_miller, mark.lam, msaboff, rmorisset, ticaiolima, tzagallo, webkit-bug-importer, ysuzuki
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
patch
ysuzuki: review+
patch for landing none

Saam Barati
Reported 2019-03-27 13:29:03 PDT
...
Attachments
patch (3.10 KB, patch)
2019-03-27 13:36 PDT, Saam Barati 		ysuzuki: review+
DetailsFormatted DiffDiff
patch for landing (3.11 KB, patch)
2019-03-27 13:42 PDT, Saam Barati 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Saam Barati
Comment 1 2019-03-27 13:32:33 PDT
<rdar://problem/49306703>
Saam Barati
Comment 2 2019-03-27 13:36:23 PDT
Created attachment 366099 [details] patch
Yusuke Suzuki
Comment 3 2019-03-27 13:39:30 PDT
Comment on attachment 366099 [details] patch View in context: https://bugs.webkit.org/attachment.cgi?id=366099&action=review r=me > Source/JavaScriptCore/dfg/DFGOSREntry.cpp:217 > // Constant AnyInt value is stored as usual boxed value in AbstractValue. We can change this comment like, Constant AnyInt value is represented as SpecAnyIntAsDouble value in DFG. > Source/JavaScriptCore/dfg/DFGOSREntry.cpp:219 > format = FlushedInt52; > + value = jsDoubleNumber(value.asAnyInt()); You can exchange these two lines to align them to the code for FlushedDouble case.
Saam Barati
Comment 4 2019-03-27 13:41:28 PDT
Comment on attachment 366099 [details] patch View in context: https://bugs.webkit.org/attachment.cgi?id=366099&action=review >> Source/JavaScriptCore/dfg/DFGOSREntry.cpp:217 >> // Constant AnyInt value is stored as usual boxed value in AbstractValue. > > We can change this comment like, > > Constant AnyInt value is represented as SpecAnyIntAsDouble value in DFG. This isn't always the case because you have strict and not strict. I'm going to just remove the comment. >> Source/JavaScriptCore/dfg/DFGOSREntry.cpp:219 >> + value = jsDoubleNumber(value.asAnyInt()); > > You can exchange these two lines to align them to the code for FlushedDouble case. Sounds good.
Saam Barati
Comment 5 2019-03-27 13:42:44 PDT
Created attachment 366100 [details] patch for landing
WebKit Commit Bot
Comment 6 2019-03-27 18:06:07 PDT
Comment on attachment 366100 [details] patch for landing Clearing flags on attachment: 366100 Committed r243596: <https://trac.webkit.org/changeset/243596>
WebKit Commit Bot
Comment 7 2019-03-27 18:06:09 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.