[webkit-changes] [WebKit/WebKit] 800a9b: DFG should not speculate Int32 for NaN constants
EWS
noreply at github.com
Tue Jan 24 21:05:02 PST 2023
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 800a9bf27aa78b710149be8309103d96fb172051
https://github.com/WebKit/WebKit/commit/800a9bf27aa78b710149be8309103d96fb172051
Author: David Degazio <d_degazio at apple.com>
Date: 2023-01-24 (Tue, 24 Jan 2023)
Changed paths:
A JSTests/stress/bitwise-and-with-NaN-constant.js
M Source/JavaScriptCore/dfg/DFGGraph.h
Log Message:
-----------
DFG should not speculate Int32 for NaN constants
https://bugs.webkit.org/show_bug.cgi?id=251117
rdar://104608391
Reviewed by Mark Lam.
Adds a check for NaN immediates to DFG::Graph::addImmediateShouldSpeculateInt32. This
prevents NaNs from being speculated as Int32s and truncated during the DFG fixup phase
despite being non-finite values.
* JSTests/stress/bitwise-AND-with-NaN-constant.js: Added.
(foo):
* Source/JavaScriptCore/dfg/DFGGraph.h:
Canonical link: https://commits.webkit.org/259340@main
More information about the webkit-changes
mailing list