Bug 233571

Summary: [JSC] GetTypedArrayLengthAsInt52 can get Array::Generic ArrayMode
Product: WebKit Reporter: Yusuke Suzuki <ysuzuki>
Component: New BugsAssignee: Yusuke Suzuki <ysuzuki>
Status: RESOLVED FIXED    
Severity: Normal CC: ews-watchlist, keith_miller, mark.lam, msaboff, saam, tzagallo, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch mark.lam: review+

Description Yusuke Suzuki 2021-11-29 10:05:00 PST 
[JSC] GetTypedArrayLengthAsInt52 can get Array::Generic ArrayMode
Comment 1 Yusuke Suzuki 2021-11-29 10:07:09 PST 
Created attachment 445291 [details]
Patch
Comment 2 Yusuke Suzuki 2021-11-29 10:07:14 PST 
<rdar://problem/85812164>
Comment 3 Mark Lam 2021-11-29 10:25:43 PST 
Comment on attachment 445291 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=445291&action=review

r=me

> Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp:5110
> +        // If arrayMode is ForceExit, we do not compile it.

I suggest rephrasing this as "If arrayMode is ForceExit, we would not compile this node and hence, should not have arrived here."
Comment 4 Yusuke Suzuki 2021-11-29 11:09:52 PST 
Comment on attachment 445291 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=445291&action=review

Thanks!

>> Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp:5110
>> +        // If arrayMode is ForceExit, we do not compile it.
> 
> I suggest rephrasing this as "If arrayMode is ForceExit, we would not compile this node and hence, should not have arrived here."

Sounds good. Changed.
Comment 5 Yusuke Suzuki 2021-11-29 11:10:32 PST 
Committed r286228 (244609@main): <https://commits.webkit.org/244609@main>