[webkit-changes] [278959] trunk/Source/JavaScriptCore

Wed, 16 Jun 2021 15:27:08 -0700

Title: [278959] trunk/Source/_javascript_Core
Revision
278959
Author
rmoris...@apple.com
Date
2021-06-16 15:26:31 -0700 (Wed, 16 Jun 2021)

Log Message

Don't look at the (non-existent) child2 of DelById
https://bugs.webkit.org/show_bug.cgi?id=227095

Reviewed by Mark Lam.

Trivial fix to a broken rebase: while it is ok to share most code between DelById and DelByVal, only the latter has a child2(), so it should not be accessed if we are compiling the former.
No new test, as it was caught by one of our existing tests.

* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileDelBy):

Modified Paths

Diff

Modified: trunk/Source/_javascript_Core/ChangeLog (278958 => 278959)


--- trunk/Source/_javascript_Core/ChangeLog	2021-06-16 22:22:06 UTC (rev 278958)
+++ trunk/Source/_javascript_Core/ChangeLog	2021-06-16 22:26:31 UTC (rev 278959)
@@ -1,3 +1,16 @@
+2021-06-16  Robin Morisset  <rmoris...@apple.com>
+
+        Don't look at the (non-existent) child2 of DelById
+        https://bugs.webkit.org/show_bug.cgi?id=227095
+
+        Reviewed by Mark Lam.
+
+        Trivial fix to a broken rebase: while it is ok to share most code between DelById and DelByVal, only the latter has a child2(), so it should not be accessed if we are compiling the former.
+        No new test, as it was caught by one of our existing tests.
+
+        * ftl/FTLLowerDFGToB3.cpp:
+        (JSC::FTL::DFG::LowerDFGToB3::compileDelBy):
+
 2021-06-16  Yijia Huang  <yijia_hu...@apple.com>
 
         Add Air opcode sub32/64(Reg, Imm, Reg) form for ARM64 and select this instruction in Air

Modified: trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp (278958 => 278959)


--- trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp	2021-06-16 22:22:06 UTC (rev 278958)
+++ trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp	2021-06-16 22:26:31 UTC (rev 278959)
@@ -5917,8 +5917,10 @@
         State* state = &m_ftlState;
         Node* node = m_node;
         CodeOrigin nodeSemanticOrigin = node->origin.semantic;
-        auto child1UseKind = node->child1().useKind();
-        auto child2UseKind = node->child2().useKind();
+        UseKind child1UseKind = node->child1().useKind();
+        UseKind child2UseKind = UntypedUse;
+        if constexpr (kind != DelByKind::ById)
+            child2UseKind = node->child2().useKind();
         auto ecmaMode = node->ecmaMode().value();
         patchpoint->setGenerator(
             [=] (CCallHelpers& jit, const StackmapGenerationParams& params) {

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to