228068 – Compiler Incorrect Optimization

RESOLVED FIXED 228068

Compiler Incorrect Optimization

https://bugs.webkit.org/show_bug.cgi?id=228068

Summary Compiler Incorrect Optimization

zhiyi

Reported 2021-07-18 19:59:14 PDT

OS: ubuntu18.04 Architecture: <x64> ./jsc bug.js expected output -Infinity -Infinity actual output -Infinity Infinity bug.js ################################## function f() { v0 = (-0.0).toLocaleString(); return parseInt(v0); } let a0 = f(); print(1 / a0); for (let i = 0; i < 0x1000; i++) { f(); } let a3 = f(); print(1 / a3);

Attachments
proposed patch. (2.68 KB, patch) 2021-07-19 15:31 PDT, Mark Lam	ysuzuki: review+	Details Formatted Diff Diff
patch for landing. (2.58 KB, patch) 2021-07-19 15:44 PDT, Mark Lam	no flags	Details Formatted Diff Diff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2021-07-19 09:44:59 PDT

<rdar://problem/80788603>

Mark Lam

Comment 2 2021-07-19 15:31:39 PDT

Created attachment 433828 [details] proposed patch.

Yusuke Suzuki

Comment 3 2021-07-19 15:35:10 PDT

Comment on attachment 433828 [details] proposed patch. View in context: https://bugs.webkit.org/attachment.cgi?id=433828&action=review > Source/JavaScriptCore/dfg/DFGOperations.cpp:206 > + if (static_cast<double>(asInt) == input) { > + if (asInt || !std::signbit(input)) I think it is worth putting `LIKELY`. if (LIKELY(static_cast<double>(asInt) == input && (asInt || !std::signbit(input)))) return JSValue::encode(jsNumber(asInt));

Mark Lam

Comment 4 2021-07-19 15:36:22 PDT

(In reply to Yusuke Suzuki from comment #3) > Comment on attachment 433828 [details] > proposed patch. > > View in context: > https://bugs.webkit.org/attachment.cgi?id=433828&action=review > > > Source/JavaScriptCore/dfg/DFGOperations.cpp:206 > > + if (static_cast<double>(asInt) == input) { > > + if (asInt || !std::signbit(input)) > > I think it is worth putting `LIKELY`. > > if (LIKELY(static_cast<double>(asInt) == input && (asInt || > !std::signbit(input)))) > return JSValue::encode(jsNumber(asInt)); OK, will do.

Mark Lam

Comment 5 2021-07-19 15:44:25 PDT

Created attachment 433830 [details] patch for landing.

Mark Lam

Comment 6 2021-07-19 17:49:45 PDT

Thanks for the review. Landed in r280060: <http://trac.webkit.org/r280060>.

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component JavaScriptCore

Assignee

Mark Lam

Reported

2021-07-18 19:59 PDT

Modified

2021-07-19 17:49 PDT History

CC List

10 users Show

URL

Keywords InRadar

Depends on

Blocks