Bug 212538

Summary: We need to properly model heap ranges of Delete in DFG/B3
Product: WebKit Reporter: Saam Barati <saam>
Component: JavaScriptCoreAssignee: Saam Barati <saam>
Status: RESOLVED FIXED    
Severity: Normal CC: benjamin, fpizlo, ggaren, gskachkov, guijemont, keith_miller, mark.lam, msaboff, rmorisset, ross.kirsling, ticaiolima, tzagallo, webkit-bug-importer, ysuzuki
Priority: P2 Keywords: InRadar
Version: Other   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
patch
fpizlo: review+
patch for landing none

Description Saam Barati 2020-05-29 12:01:58 PDT 
...
Comment 1 Saam Barati 2020-05-29 12:02:27 PDT 
<rdar://problem/63670964>
Comment 2 Saam Barati 2020-05-29 12:59:15 PDT 
Created attachment 400607 [details]
patch
Comment 3 Filip Pizlo 2020-05-29 14:29:29 PDT 
Comment on attachment 400607 [details]
patch

View in context: https://bugs.webkit.org/attachment.cgi?id=400607&action=review

R=me with comment.

> Source/JavaScriptCore/ftl/FTLAbstractHeapRepository.h:159
> +    macro(JSCell_header_and_named_properties, 0) \

This should be an abstract heap, not an abstract field, since the offset is not meaningful.
Comment 4 Saam Barati 2020-05-29 14:36:02 PDT 
Comment on attachment 400607 [details]
patch

View in context: https://bugs.webkit.org/attachment.cgi?id=400607&action=review

>> Source/JavaScriptCore/ftl/FTLAbstractHeapRepository.h:159
>> +    macro(JSCell_header_and_named_properties, 0) \
> 
> This should be an abstract heap, not an abstract field, since the offset is not meaningful.

Thanks. Will fix.
Comment 5 Saam Barati 2020-05-29 15:01:20 PDT 
Created attachment 400624 [details]
patch for landing
Comment 6 EWS 2020-05-29 21:39:40 PDT 
Committed r262338: <https://trac.webkit.org/changeset/262338>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 400624 [details].