8ead569818
Following up on the earlier work regarding redundant Smi checks in https://chromium-review.googlesource.com/c/v8/v8/+/1246181, it was noticed that the handling of the 0 and -0 and how some operations identify these is not really consistent, but was still rather ad-hoc. This change tries to unify the handling a bit by making sure that all number comparisons generally pass truncations that identify zeros, since for the number comparisons in JavaScript there's no difference between 0 and -0. In the same spirit NumberAbs and NumberToBoolean should also pass these truncations, since they also don't care about the differences between 0 and -0. Adjust NumberCeil, NumberFloor, NumberTrunc, NumberMin and NumberMax to pass along any incoming kIdentifiesZeros truncation, since these operations also don't really care whether the inputs can be -0 if the use nodes don't care. Also utilize the kIdentifiesZeros truncation for NumberModulus with Signed32 inputs, because it's kind of common to do something like `x % 2 === 0`, where it doesn't really matter whether `x % 2` would eventually produce a negative zero (since that would still be considered true for the sake of the comparison). This also adds a whole lot of tests to ensure that not only are these optimizations correct, but also that we do indeed perform them. Drive-by-fix: The `NumberAbs(x)` would incorrectly lower to just `x` for PositiveIntegerOrMinusZeroOrNaN inputs, which was obviously wrong in case of -0. This was fixed as well, and an appropriate test was added. The reason for the unification is that with the introduction of Word64 for CheckBounds (which is necessary to support large TypedArrays and DataViews) we can no longer safely pass Word32 truncations for the interesting cases, since the index might be outside the Signed32 or Unsigned32 ranges, but we still identify 0 and -0 for the sake of the bounds check, and so it's important that this is handled consistently to not regress performance on TypedArrays and DataViews accesses. Bug: v8:8015, v8:8178 Change-Id: Ia1d32f1b726754cea1e5793105d9423d84a6393a Reviewed-on: https://chromium-review.googlesource.com/1246172 Reviewed-by: Sigurd Schneider <sigurds@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Cr-Commit-Position: refs/heads/master@{#56325} |
||
|---|---|---|
| benchmarks | ||
| build_overrides | ||
| custom_deps | ||
| docs | ||
| gni | ||
| include | ||
| infra | ||
| samples | ||
| src | ||
| test | ||
| testing | ||
| third_party | ||
| tools | ||
| .clang-format | ||
| .clang-tidy | ||
| .editorconfig | ||
| .git-blame-ignore-revs | ||
| .gitattributes | ||
| .gitignore | ||
| .gn | ||
| .vpython | ||
| .ycm_extra_conf.py | ||
| AUTHORS | ||
| BUILD.gn | ||
| ChangeLog | ||
| CODE_OF_CONDUCT.md | ||
| codereview.settings | ||
| DEPS | ||
| LICENSE | ||
| LICENSE.fdlibm | ||
| LICENSE.strongtalk | ||
| LICENSE.v8 | ||
| LICENSE.valgrind | ||
| OWNERS | ||
| PRESUBMIT.py | ||
| README.md | ||
| snapshot_toolchain.gni | ||
| WATCHLISTS | ||
V8 JavaScript Engine
V8 is Google's open source JavaScript engine.
V8 implements ECMAScript as specified in ECMA-262.
V8 is written in C++ and is used in Google Chrome, the open source browser from Google.
V8 can run standalone, or can be embedded into any C++ application.
V8 Project page: https://github.com/v8/v8/wiki
Getting the Code
Checkout depot tools, and run
fetch v8
This will checkout V8 into the directory v8 and fetch all of its dependencies.
To stay up to date, run
git pull origin
gclient sync
For fetching all branches, add the following into your remote
configuration in .git/config:
fetch = +refs/branch-heads/*:refs/remotes/branch-heads/*
fetch = +refs/tags/*:refs/tags/*
Contributing
Please follow the instructions mentioned on the V8 wiki.