GetByVal has Double ArrayModes. So it expects to get Double arrays, and it will genetate a double value. To ensure that, we have CheckStructure / CheckArray before this GetByVal. But in AI phase, CheckStructure and CheckArray would not perform anything on a proven abstract value. In that case, our GetByVal in AI gets unexpected array. If we do not perform any checks before using that to fold GetByVal into a constant, we have a bad time. 1: JSConstant(Array with CopyOnWrite | Contiguous) => like, ["bad"] 2: CheckStructure(@1, Array CopyOnWrite | Double) => It finally becomes OSR exit, but now, AI is not sure about it. 3: GetButterfly(@1) 4: GetByVal(@1, 0, @3, Array CopyOnWrite | Double) => If @4 can retrieve "bad" from @1, we attempt to convert @4 into "bad", but it is not acceptable since GetByVal(Double shape) should return a Double result. We should perform array check on @1 constant before performing constant folding in AI.