[webkit-reviews] review granted: [Bug 213133] Expand JSObject::defineOwnIndexedProperty() fast path for existing properties : [Attachment 401736] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Jun 12 18:44:04 PDT 2020
Yusuke Suzuki <ysuzuki at apple.com> has granted Alexey Shvayka
<shvaikalesh at gmail.com>'s request for review:
Bug 213133: Expand JSObject::defineOwnIndexedProperty() fast path for existing
properties
https://bugs.webkit.org/show_bug.cgi?id=213133
Attachment 401736: Patch
https://bugs.webkit.org/attachment.cgi?id=401736&action=review
--- Comment #4 from Yusuke Suzuki <ysuzuki at apple.com> ---
Comment on attachment 401736
--> https://bugs.webkit.org/attachment.cgi?id=401736
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=401736&action=review
r=me with comments about TypedArrays.
> Source/JavaScriptCore/runtime/JSObject.cpp:2626
> + static const PropertyDescriptor
emptyAttributesDescriptor(jsUndefined(),
static_cast<unsigned>(PropertyAttribute::None));
We should not use static here. Creating PropertyDescriptor is not costly.
And let's put `ASSERT(emptyAttributesDescriptor.attributes() ==
PropertyAttribute::None)`.
> Source/JavaScriptCore/runtime/JSObject.cpp:2635
> +#if ASSERT_ENABLED
> + if (canGetIndexQuickly(index)) {
> + PropertyDescriptor currentDescriptor;
> + ASSERT(getOwnPropertyDescriptor(globalObject,
Identifier::from(vm, index), currentDescriptor));
> + scope.assertNoException();
> + ASSERT(currentDescriptor.attributes() ==
emptyAttributesDescriptor.attributes());
> + }
> +#endif
I think this is not correct for typed-arrays. Can you add tests and fix this?
While canDoFastPutDirectIndex can prevent using putDirectIndex for
typed-arrays, but this is executed for typed-arrays too.
More information about the webkit-reviews
mailing list