RESOLVED FIXED69215
Support string length in the DFG 
https://bugs.webkit.org/show_bug.cgi?id=69215
Summary Support string length in the DFG
Oliver Hunt
Reported 2011-10-01 12:27:34 PDT
Support string length in the DFG
Attachments
Patch (7.62 KB, patch)
2011-10-01 12:31 PDT, Oliver Hunt 		ggaren: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Oliver Hunt
Comment 1 2011-10-01 12:31:39 PDT
Created attachment 109406 [details] Patch
Geoffrey Garen
Comment 2 2011-10-01 14:28:44 PDT
Comment on attachment 109406 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=109406&action=review r=me > Source/JavaScriptCore/dfg/DFGPropagator.cpp:715 > if (!isInt32Prediction(m_predictions[m_compileIndex])) > break; Not super important, but I think you're guaranteed to have an int once you have an array / string .length property. > Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp:1730 > + speculationCheck(m_jit.branch32(MacroAssembler::LessThan, resultGPR, MacroAssembler::TrustedImm32(0))); I believe we could remove this branch, and the branch on array length access, if we changed array and string length to int from unsigned, and limited their lengths to 2^31-1.
Oliver Hunt
Comment 3 2011-10-01 14:46:42 PDT
Committed r96461
Note You need to log in before you can comment on or make changes to this bug.