RESOLVED FIXED101871
DFG ArithMul overflow check elimination is too aggressive 
https://bugs.webkit.org/show_bug.cgi?id=101871
Summary DFG ArithMul overflow check elimination is too aggressive
Filip Pizlo
Reported 2012-11-11 15:58:15 PST
It appears to ignore the fact that (a * b) | 0 is not always the same as ((a | 0) * (b | 0)) | 0. For all of the places where this matters, it's easy to keep the optimization, just by making the compiler a bit smarter about when and how to use it.
Attachments
the patch (6.38 KB, patch)
2012-11-11 16:10 PST, Filip Pizlo 		fpizlo: review-
DetailsFormatted DiffDiff
the patch (6.16 KB, patch)
2012-11-11 16:17 PST, Filip Pizlo 		webkit.review.bot: commit-queue-
DetailsFormatted DiffDiff
the patch (67.42 KB, patch)
2012-11-11 21:32 PST, Filip Pizlo 		oliver: review+
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Filip Pizlo
Comment 1 2012-11-11 16:10:50 PST
Created attachment 173523 [details] the patch Can I also get a rubber stamp for the set of tests I'm hacking up for this?
Filip Pizlo
Comment 2 2012-11-11 16:12:18 PST
Comment on attachment 173523 [details] the patch View in context: https://bugs.webkit.org/attachment.cgi?id=173523&action=review > Source/JavaScriptCore/dfg/DFGPredictionPropagationPhase.cpp:147 > + case JSConstant: { > + JSValue immediateValue = node.valueOfJSConstant(codeBlock()); > + if (!immediateValue.isInt32()) > + return false; > + int32_t intImmediate = immediateValue.asInt32(); > + return intImmediate > -(1 << power) && intImmediate < (1 << power); > + } I meant to have this case call isWithinPowerOfTwoForConstant().
Filip Pizlo
Comment 3 2012-11-11 16:17:23 PST
Created attachment 173524 [details] the patch Again, asking for a rubber stamp for tests. I still haven't layouttest-ified them.
WebKit Review Bot
Comment 4 2012-11-11 20:24:03 PST
Comment on attachment 173524 [details] the patch Attachment 173524 [details] did not pass chromium-ews (chromium-xvfb): Output: http://queues.webkit.org/results/14803518 New failing tests: inspector-protocol/debugger-terminate-dedicated-worker-while-paused.html
Filip Pizlo
Comment 5 2012-11-11 21:32:17 PST
Created attachment 173550 [details] the patch Now, including tests!
Filip Pizlo
Comment 6 2012-11-12 14:55:27 PST
Landed in http://trac.webkit.org/changeset/134314
Note You need to log in before you can comment on or make changes to this bug.