Bug 128892 - FTL should support ToPrimitive and the DFG should fold it correctly
Summary: FTL should support ToPrimitive and the DFG should fold it correctly
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P2 Normal
Assignee: Filip Pizlo
URL:
Keywords:
Depends on:
Blocks: 112840
  Show dependency treegraph
 
Reported: 2014-02-16 23:13 PST by Filip Pizlo
Modified: 2014-02-17 12:18 PST (History)
9 users (show)

See Also:

Attachments
the patch (8.19 KB, patch)
2014-02-16 23:15 PST, Filip Pizlo 		ggaren: review+
Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Filip Pizlo 2014-02-16 23:13:58 PST 
Patch forthcoming.
Comment 1 Filip Pizlo 2014-02-16 23:15:25 PST 
Created attachment 224334 [details]
the patch
Comment 2 Geoffrey Garen 2014-02-17 09:30:52 PST 
Comment on attachment 224334 [details]
the patch

View in context: https://bugs.webkit.org/attachment.cgi?id=224334&action=review

r=me

> Source/JavaScriptCore/ChangeLog:3
> +        FTL should support ToPrimitive and the DFG should fold it in a less dumb way

Let's just say "better".

> Source/JavaScriptCore/dfg/DFGConstantFoldingPhase.cpp:-331
> -            case StoreBarrier:
> -            case StoreBarrierWithNullCheck: {

What happened to store barrier?
Comment 3 Mark Hahnenberg 2014-02-17 09:36:00 PST 
Comment on attachment 224334 [details]
the patch

View in context: https://bugs.webkit.org/attachment.cgi?id=224334&action=review

>> Source/JavaScriptCore/dfg/DFGConstantFoldingPhase.cpp:-331
>> -            case StoreBarrierWithNullCheck: {
> 
> What happened to store barrier?

Looks like they weren't doing anything and could therefore fall through to the default case.
Comment 4 Filip Pizlo 2014-02-17 10:30:34 PST 
(In reply to comment #2)
> (From update of attachment 224334 [details])
> View in context: https://bugs.webkit.org/attachment.cgi?id=224334&action=review
> 
> r=me
> 
> > Source/JavaScriptCore/ChangeLog:3
> > +        FTL should support ToPrimitive and the DFG should fold it in a less dumb way
> 
> Let's just say "better".
> 
> > Source/JavaScriptCore/dfg/DFGConstantFoldingPhase.cpp:-331
> > -            case StoreBarrier:
> > -            case StoreBarrierWithNullCheck: {
> 
> What happened to store barrier?

Nothing, since this was redundant with the default case.
Comment 5 Filip Pizlo 2014-02-17 12:18:32 PST 
Landed in http://trac.webkit.org/changeset/164243