RESOLVED FIXED 233571
[JSC] GetTypedArrayLengthAsInt52 can get Array::Generic ArrayMode 
https://bugs.webkit.org/show_bug.cgi?id=233571
Summary [JSC] GetTypedArrayLengthAsInt52 can get Array::Generic ArrayMode
Yusuke Suzuki
Reported 2021-11-29 10:05:00 PST
[JSC] GetTypedArrayLengthAsInt52 can get Array::Generic ArrayMode
Attachments
Patch (7.18 KB, patch)
2021-11-29 10:07 PST, Yusuke Suzuki 		mark.lam: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Yusuke Suzuki
Comment 1 2021-11-29 10:07:09 PST
Created attachment 445291 [details] Patch
Yusuke Suzuki
Comment 2 2021-11-29 10:07:14 PST
<rdar://problem/85812164>
Mark Lam
Comment 3 2021-11-29 10:25:43 PST
Comment on attachment 445291 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=445291&action=review r=me > Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp:5110 > + // If arrayMode is ForceExit, we do not compile it. I suggest rephrasing this as "If arrayMode is ForceExit, we would not compile this node and hence, should not have arrived here."
Yusuke Suzuki
Comment 4 2021-11-29 11:09:52 PST
Comment on attachment 445291 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=445291&action=review Thanks! >> Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp:5110 >> + // If arrayMode is ForceExit, we do not compile it. > > I suggest rephrasing this as "If arrayMode is ForceExit, we would not compile this node and hence, should not have arrived here." Sounds good. Changed.
Yusuke Suzuki
Comment 5 2021-11-29 11:10:32 PST
Committed r286228 (244609@main): <https://commits.webkit.org/244609@main>
Note You need to log in before you can comment on or make changes to this bug.