[MERGE #5204 @meg-gupta] OS#17531342 : Fix path dependent branch folding bug

Meghana Gupta · Meghana Gupta · commit 34967a42732a · 2018-05-22T12:06:09.000-07:00
Merge pull request #5204 from meg-gupta:fixgetterbug
diff --git a/lib/Backend/FlowGraph.cpp b/lib/Backend/FlowGraph.cpp
@@ -4524,9 +4524,7 @@ static bool IsCopyTypeInstr(IR::Instr *instr)
     case Js::OpCode::LdC_A_I4:
     case Js::OpCode::Ld_I4:
     case Js::OpCode::Ld_A:
-    case Js::OpCode::StFld:
-    case Js::OpCode::LdFld:
-    case Js::OpCode::InitFld: return true;
+    case Js::OpCode::LdFld: return true;
     default:
         return false;
     }
@@ -4620,7 +4618,8 @@ BasicBlock::CheckLegalityAndFoldPathDepBranches(GlobOpt* globOpt)
     BVSparse<JitArenaAllocator> currentPathDefines(globOpt->alloc);
     IR::Instr *currentInlineeEnd = nullptr, *unskippedInlineeEnd = nullptr;
 
-    auto UpdateValueForCopyTypeInstr = [&](IR::Instr *instr) {
+    auto UpdateValueForCopyTypeInstr = [&](IR::Instr *instr) -> Value* {
+        Value * dstValue = nullptr;
         if (instr->m_opcode == Js::OpCode::LdFld)
         {
             // Special handling for LdFld
@@ -4635,43 +4634,44 @@ BasicBlock::CheckLegalityAndFoldPathDepBranches(GlobOpt* globOpt)
                 PropertySym *prop = PropertySym::Find(objSym ? objSym->m_id : originalPropertySym->m_stackSym->m_id, originalPropertySym->m_propertyId, globOpt->func);
                 if (prop)
                 {
-                    FindValueInLocalThenGlobalValueTableAndUpdate(globOpt, localSymToValueMap, instr, instr->GetDst()->GetStackSym(), prop);
+                    dstValue = FindValueInLocalThenGlobalValueTableAndUpdate(globOpt, localSymToValueMap, instr, instr->GetDst()->GetStackSym(), prop);
                 }
                 else
                 {
                     Value ** localDstValue = localSymToValueMap->FindOrInsertNew(instr->GetDst()->GetStackSym());
-                    *localDstValue = nullptr;
+                    dstValue = *localDstValue = nullptr;
                 }
             }
         }
         else if (instr->GetSrc1()->GetStackSym())
         {
             StackSym* src1Sym = instr->GetSrc1()->GetStackSym();
-            FindValueInLocalThenGlobalValueTableAndUpdate(globOpt, localSymToValueMap, instr, instr->GetDst()->GetSym(), src1Sym);
+            dstValue = FindValueInLocalThenGlobalValueTableAndUpdate(globOpt, localSymToValueMap, instr, instr->GetDst()->GetSym(), src1Sym);
         }
         else if (instr->GetSrc1()->IsIntConstOpnd())
         {
             Value **localValue = localSymToValueMap->FindOrInsertNew(instr->GetDst()->GetSym());
-            *localValue = globOpt->GetIntConstantValue(instr->GetSrc1()->AsIntConstOpnd()->AsInt32(), instr);
+            dstValue = *localValue = globOpt->GetIntConstantValue(instr->GetSrc1()->AsIntConstOpnd()->AsInt32(), instr);
         }
         else if (instr->GetSrc1()->IsInt64ConstOpnd())
         {
             Value **localValue = localSymToValueMap->FindOrInsertNew(instr->GetDst()->GetSym());
-            *localValue = globOpt->GetIntConstantValue(instr->GetSrc1()->AsInt64ConstOpnd()->GetValue(), instr);
+            dstValue = *localValue = globOpt->GetIntConstantValue(instr->GetSrc1()->AsInt64ConstOpnd()->GetValue(), instr);
         }
         else
         {
             ValueType src1Value = instr->GetSrc1()->GetValueType();
             Value **localValue = localSymToValueMap->FindOrInsertNew(instr->GetDst()->GetSym());
             if (src1Value.IsUndefined() || src1Value.IsBoolean())
             {
-                *localValue = globOpt->GetVarConstantValue(instr->GetSrc1()->AsAddrOpnd());
+                dstValue = *localValue = globOpt->GetVarConstantValue(instr->GetSrc1()->AsAddrOpnd());
             }
             else
             {
-                *localValue = nullptr;
+                dstValue = *localValue = nullptr;
             }
         }
+        return dstValue;
     };
 
     FOREACH_INSTR_IN_BLOCK(instr, this)
@@ -4684,30 +4684,6 @@ BasicBlock::CheckLegalityAndFoldPathDepBranches(GlobOpt* globOpt)
         {
             unskippedInlineeEnd = currentInlineeEnd = instr;
         }
-        else if (instr->GetDst())
-        {
-            if (instr->GetDst()->GetSym())
-            {
-                if (IsCopyTypeInstr(instr))
-                {
-                    UpdateValueForCopyTypeInstr(instr);
-                }
-                else if(instr->m_opcode == Js::OpCode::NewScObjectLiteral)
-                {
-                    Value **localValue = localSymToValueMap->FindOrInsertNew(instr->GetDst()->GetSym());
-                    if (instr->GetDst()->GetValueType() == ValueType::UninitializedObject)
-                    {
-                        *localValue = globOpt->NewGenericValue(ValueType::UninitializedObject, instr->GetDst());
-                    }
-                }
-                else
-                {
-                    // complex instr, can't track value, insert nullptr
-                    Value **localValue = localSymToValueMap->FindOrInsertNew(instr->GetDst()->GetSym());
-                    *localValue = nullptr;
-                }
-            }
-        }
     } NEXT_INSTR_IN_BLOCK;
 
     IR::Instr * instr = this->GetLastInstr();
@@ -4747,7 +4723,12 @@ BasicBlock::CheckLegalityAndFoldPathDepBranches(GlobOpt* globOpt)
 
             if (IsCopyTypeInstr(instr))
             {
-                UpdateValueForCopyTypeInstr(instr);
+                Value *dstValue = UpdateValueForCopyTypeInstr(instr);
+                if (instr->m_opcode == Js::OpCode::LdFld && !dstValue)
+                {
+                    // We cannot skip a LdFld if we didnt find its valueInfo in the localValueTable
+                    return;
+                }
             }
             else
             {
@@ -4848,6 +4829,7 @@ BasicBlock::CheckLegalityAndFoldPathDepBranches(GlobOpt* globOpt)
             if (currentInlineeEnd != nullptr && currentInlineeEnd != unskippedInlineeEnd)
             {
                 this->GetLastInstr()->InsertBefore(currentInlineeEnd->Copy());
+                globOpt->ProcessInlineeEnd(currentInlineeEnd);
                 currentInlineeEnd = nullptr;
             }
             // We are adding an unconditional branch, go over all the current successors and remove the ones that are dead now
diff --git a/lib/Backend/GlobOpt.cpp b/lib/Backend/GlobOpt.cpp
@@ -475,7 +475,6 @@ GlobOpt::OptBlock(BasicBlock *block)
     PrepareLoopArrayCheckHoist();
 
     block->MergePredBlocksValueMaps(this);
-    block->PathDepBranchFolding(this);
 
     this->intOverflowCurrentlyMattersInRange = true;
     this->intOverflowDoesNotMatterRange = this->currentBlock->intOverflowDoesNotMatterRange;
@@ -613,6 +612,8 @@ GlobOpt::OptBlock(BasicBlock *block)
         }
     }
 
+    block->PathDepBranchFolding(this);
+
 #if DBG
     // The set of live lossy int32 syms should be a subset of all live int32 syms
     this->tempBv->And(block->globOptData.liveInt32Syms, block->globOptData.liveLossyInt32Syms);
@@ -6776,8 +6777,6 @@ GlobOpt::CanProveConditionalBranch(IR::Instr *instr, Value *src1Val, Value *src2
     }
     case Js::OpCode::BrFalse_I4:
     {
-        // this path would probably work outside of asm.js, but we should verify that if we ever hit this scenario
-        Assert(GetIsAsmJSFunc());
         constVal = 0;
         if (!src1Val->GetValueInfo()->TryGetIntConstantValue(&constVal))
         {
diff --git a/lib/Backend/GlobOpt.h b/lib/Backend/GlobOpt.h
@@ -861,6 +861,7 @@ class GlobOpt
     void                    CaptureArguments(BasicBlock *block, BailOutInfo * bailOutInfo, JitArenaAllocator *allocator);
     void                    CaptureByteCodeSymUses(IR::Instr * instr);
     IR::ByteCodeUsesInstr * InsertByteCodeUses(IR::Instr * instr, bool includeDef = false);
+    void                    ProcessInlineeEnd(IR::Instr * instr);
     void                    TrackCalls(IR::Instr * instr);
     void                    RecordInlineeFrameInfo(IR::Instr* instr);
     void                    EndTrackCall(IR::Instr * instr);
diff --git a/lib/Backend/GlobOptBailOut.cpp b/lib/Backend/GlobOptBailOut.cpp
@@ -467,6 +467,19 @@ GlobOpt::CaptureByteCodeSymUses(IR::Instr * instr)
         "Instruction edited before capturing the byte code use");
 }
 
+void
+GlobOpt::ProcessInlineeEnd(IR::Instr* instr)
+{
+    if (instr->m_func->m_hasInlineArgsOpt)
+    {
+        RecordInlineeFrameInfo(instr);
+    }
+    EndTrackingOfArgObjSymsForInlinee();
+
+    Assert(this->currentBlock->globOptData.inlinedArgOutSize >= instr->GetArgOutSize(/*getInterpreterArgOutCount*/ false));
+    this->currentBlock->globOptData.inlinedArgOutSize -= instr->GetArgOutSize(/*getInterpreterArgOutCount*/ false);
+}
+
 void
 GlobOpt::TrackCalls(IR::Instr * instr)
 {
@@ -576,14 +589,7 @@ GlobOpt::TrackCalls(IR::Instr * instr)
         break;
 
     case Js::OpCode::InlineeEnd:
-        if (instr->m_func->m_hasInlineArgsOpt)
-        {
-            RecordInlineeFrameInfo(instr);
-        }
-        EndTrackingOfArgObjSymsForInlinee();
-
-        Assert(this->currentBlock->globOptData.inlinedArgOutSize >= instr->GetArgOutSize(/*getInterpreterArgOutCount*/ false));
-        this->currentBlock->globOptData.inlinedArgOutSize -= instr->GetArgOutSize(/*getInterpreterArgOutCount*/ false);
+        ProcessInlineeEnd(instr);
         break;
 
     case Js::OpCode::InlineeMetaArg:
diff --git a/test/Optimizer/bugsimplepathbrfoldgetter.baseline b/test/Optimizer/bugsimplepathbrfoldgetter.baseline
@@ -0,0 +1,21 @@
+5
+5
+Done iterator1
+
+5
+getter
+
+getter
+
+Done iterator2
+
+5
+getter
+
+getter
+
+Done iterator3
+
+obj1.prop1 getter
+obj1.prop1 getter
+obj1.prop1 getter
diff --git a/test/Optimizer/bugsimplepathbrfoldgetter.js b/test/Optimizer/bugsimplepathbrfoldgetter.js
@@ -0,0 +1,88 @@
+//-------------------------------------------------------------------------------------------------------
+// Copyright (C) Microsoft. All rights reserved.
+// Licensed under the MIT license. See LICENSE.txt file in the project root for full license information.
+//-------------------------------------------------------------------------------------------------------
+
+function next1(arr, len) {
+  var obj = {done:true, value:undefined};
+  if (len > 5) {
+    // cannot fold, because obj not defined in localValueTable	  
+    return obj;
+  }
+  return {done:false, value:arr[len]};
+}
+
+function iterator1(x) {
+  var arr = [0,1,2,3,4,5,6,7,8,9,10];
+  var res = next1(arr, x);
+  if (!res.done) {
+    print(res.value);
+  }
+}
+
+iterator1(5);
+iterator1(100);
+iterator1(5);
+print("Done iterator1\n");
+
+function next2(arr, len) {
+  if (len > 5) {
+    var obj = {done:true, value:undefined};
+    Object.defineProperty(obj, "done", {get : function() {print("getter\n"); return true;}});
+    return obj;
+  }
+  return {done:false, value:arr[len]};
+}
+
+function iterator2(x) {
+  var arr = [0,1,2,3,4,5,6,7,8,9,10];
+  var res = next2(arr, x);
+  if (!res.done) {
+    print(res.value);
+  }
+}
+
+iterator2(5);
+iterator2(100);
+iterator2(200);
+print("Done iterator2\n");
+
+function next3(arr, len) {
+  if (len > 5) {
+    return {get done() { print("getter\n"); return true;}, value:undefined};
+  }
+  return {done:false, value:arr[len]};
+}
+
+function iterator3(x) {
+  var arr = [0,1,2,3,4,5,6,7,8,9,10];
+  var res = next3(arr, x);
+  if (!res.done) {
+    print(res.value);
+  }
+}
+
+iterator3(5);
+iterator3(100);
+iterator3(200);
+print("Done iterator3\n");
+
+function test0() {
+  var obj1 = {};
+  var arrObj0 = {};
+  var func0 = function (x) {
+    with (arrObj0) {
+      if (x > 100) {
+          obj1.prop1 = (Object.defineProperty(obj1, 'prop1', { get: function () { WScript.Echo('obj1.prop1 getter'); return 3; }, configurable: true }));
+      }
+      else {
+          obj1.prop1 = 3;
+      }
+      true ? obj1.prop1 : obj1.prop1;
+    }
+  };
+  func0(200);
+  func0(200);
+  func0(100);
+}
+test0();
diff --git a/test/Optimizer/rlexe.xml b/test/Optimizer/rlexe.xml
@@ -1532,4 +1532,11 @@
       <compile-flags> -loopinterpretcount:1 -bgjit- -maxsimplejitruncount:1 -maxinterpretcount:1 -oopjit-</compile-flags>
     </default>
   </test>
+  <test>
+    <default>
+      <files>bugsimplepathbrfoldgetter.js</files>
+      <baseline>bugsimplepathbrfoldgetter.baseline</baseline>
+      <tags>exclude_dynapogo,exclude_nonative</tags>
+    </default>
+  </test>
 </regress-exe>
diff --git a/test/Optimizer/testsimplepathbrfold.baseline b/test/Optimizer/testsimplepathbrfold.baseline
@@ -1,6 +1,5 @@
 100
 TRACE PathDependentBranchFolding: Can prove retarget of branch in Block 1 from Block 2 to Block 4 in func foo
-TRACE PathDependentBranchFolding: Can prove retarget of branch in Block 2 from Block 4 to Block 3 in func foo
 100
 Done foo
 
@@ -10,6 +9,8 @@ TRACE PathDependentBranchFolding: Can prove retarget of branch in Block 2 from B
 Done bar
 
 100
+TRACE PathDependentBranchFolding: Can prove retarget of branch in Block 1 from Block 3 to Block 4 in func baz
+TRACE PathDependentBranchFolding: Can prove retarget of branch in Block 2 from Block 3 to Block 5 in func baz
 100
 Done baz
 
@@ -62,7 +63,6 @@ Done iterator
 
 5
 TRACE PathDependentBranchFolding: Can prove retarget of branch in Block 1 from Block 3 to Block 5 in func iterator2
-TRACE PathDependentBranchFolding: Can prove retarget of branch in Block 3 from Block 5 to Block 4 in func iterator2
 5
 Done iterator2
 

Original file line number	Diff line number	Diff line change
`@@ -4524,9 +4524,7 @@ static bool IsCopyTypeInstr(IR::Instr *instr)`
`4524`	`4524`	`case Js::OpCode::LdC_A_I4:`
`4525`	`4525`	`case Js::OpCode::Ld_I4:`
`4526`	`4526`	`case Js::OpCode::Ld_A:`
`4527`		`- case Js::OpCode::StFld:`
`4528`		`- case Js::OpCode::LdFld:`
`4529`		`- case Js::OpCode::InitFld: return true;`
	`4527`	`+ case Js::OpCode::LdFld: return true;`
`4530`	`4528`	`default:`
`4531`	`4529`	`return false;`
`4532`	`4530`	`}`
`@@ -4620,7 +4618,8 @@ BasicBlock::CheckLegalityAndFoldPathDepBranches(GlobOpt* globOpt)`
`4620`	`4618`	`BVSparse<JitArenaAllocator> currentPathDefines(globOpt->alloc);`
`4621`	`4619`	`IR::Instr currentInlineeEnd = nullptr, unskippedInlineeEnd = nullptr;`
`4622`	`4620`
`4623`		`- auto UpdateValueForCopyTypeInstr = [&](IR::Instr *instr) {`
	`4621`	`+ auto UpdateValueForCopyTypeInstr = [&](IR::Instr instr) -> Value {`
	`4622`	`+ Value * dstValue = nullptr;`
`4624`	`4623`	`if (instr->m_opcode == Js::OpCode::LdFld)`
`4625`	`4624`	`{`
`4626`	`4625`	`// Special handling for LdFld`
`@@ -4635,43 +4634,44 @@ BasicBlock::CheckLegalityAndFoldPathDepBranches(GlobOpt* globOpt)`
`4635`	`4634`	`PropertySym *prop = PropertySym::Find(objSym ? objSym->m_id : originalPropertySym->m_stackSym->m_id, originalPropertySym->m_propertyId, globOpt->func);`
`4636`	`4635`	`if (prop)`
`4637`	`4636`	`{`
`4638`		`- FindValueInLocalThenGlobalValueTableAndUpdate(globOpt, localSymToValueMap, instr, instr->GetDst()->GetStackSym(), prop);`
	`4637`	`+ dstValue = FindValueInLocalThenGlobalValueTableAndUpdate(globOpt, localSymToValueMap, instr, instr->GetDst()->GetStackSym(), prop);`
`4639`	`4638`	`}`
`4640`	`4639`	`else`
`4641`	`4640`	`{`
`4642`	`4641`	`Value ** localDstValue = localSymToValueMap->FindOrInsertNew(instr->GetDst()->GetStackSym());`
`4643`		`- *localDstValue = nullptr;`
	`4642`	`+ dstValue = *localDstValue = nullptr;`
`4644`	`4643`	`}`
`4645`	`4644`	`}`
`4646`	`4645`	`}`
`4647`	`4646`	`else if (instr->GetSrc1()->GetStackSym())`
`4648`	`4647`	`{`
`4649`	`4648`	`StackSym* src1Sym = instr->GetSrc1()->GetStackSym();`
`4650`		`- FindValueInLocalThenGlobalValueTableAndUpdate(globOpt, localSymToValueMap, instr, instr->GetDst()->GetSym(), src1Sym);`
	`4649`	`+ dstValue = FindValueInLocalThenGlobalValueTableAndUpdate(globOpt, localSymToValueMap, instr, instr->GetDst()->GetSym(), src1Sym);`
`4651`	`4650`	`}`
`4652`	`4651`	`else if (instr->GetSrc1()->IsIntConstOpnd())`
`4653`	`4652`	`{`
`4654`	`4653`	`Value **localValue = localSymToValueMap->FindOrInsertNew(instr->GetDst()->GetSym());`
`4655`		`- *localValue = globOpt->GetIntConstantValue(instr->GetSrc1()->AsIntConstOpnd()->AsInt32(), instr);`
	`4654`	`+ dstValue = *localValue = globOpt->GetIntConstantValue(instr->GetSrc1()->AsIntConstOpnd()->AsInt32(), instr);`
`4656`	`4655`	`}`
`4657`	`4656`	`else if (instr->GetSrc1()->IsInt64ConstOpnd())`
`4658`	`4657`	`{`
`4659`	`4658`	`Value **localValue = localSymToValueMap->FindOrInsertNew(instr->GetDst()->GetSym());`
`4660`		`- *localValue = globOpt->GetIntConstantValue(instr->GetSrc1()->AsInt64ConstOpnd()->GetValue(), instr);`
	`4659`	`+ dstValue = *localValue = globOpt->GetIntConstantValue(instr->GetSrc1()->AsInt64ConstOpnd()->GetValue(), instr);`
`4661`	`4660`	`}`
`4662`	`4661`	`else`
`4663`	`4662`	`{`
`4664`	`4663`	`ValueType src1Value = instr->GetSrc1()->GetValueType();`
`4665`	`4664`	`Value **localValue = localSymToValueMap->FindOrInsertNew(instr->GetDst()->GetSym());`
`4666`	`4665`	`if (src1Value.IsUndefined() \|\| src1Value.IsBoolean())`
`4667`	`4666`	`{`
`4668`		`- *localValue = globOpt->GetVarConstantValue(instr->GetSrc1()->AsAddrOpnd());`
	`4667`	`+ dstValue = *localValue = globOpt->GetVarConstantValue(instr->GetSrc1()->AsAddrOpnd());`
`4669`	`4668`	`}`
`4670`	`4669`	`else`
`4671`	`4670`	`{`
`4672`		`- *localValue = nullptr;`
	`4671`	`+ dstValue = *localValue = nullptr;`
`4673`	`4672`	`}`
`4674`	`4673`	`}`
	`4674`	`+ return dstValue;`
`4675`	`4675`	`};`
`4676`	`4676`
`4677`	`4677`	`FOREACH_INSTR_IN_BLOCK(instr, this)`
`@@ -4684,30 +4684,6 @@ BasicBlock::CheckLegalityAndFoldPathDepBranches(GlobOpt* globOpt)`
`4684`	`4684`	`{`
`4685`	`4685`	`unskippedInlineeEnd = currentInlineeEnd = instr;`
`4686`	`4686`	`}`
`4687`		`- else if (instr->GetDst())`
`4688`		`- {`
`4689`		`- if (instr->GetDst()->GetSym())`
`4690`		`- {`
`4691`		`- if (IsCopyTypeInstr(instr))`
`4692`		`- {`
`4693`		`- UpdateValueForCopyTypeInstr(instr);`
`4694`		`- }`
`4695`		`- else if(instr->m_opcode == Js::OpCode::NewScObjectLiteral)`
`4696`		`- {`
`4697`		`- Value **localValue = localSymToValueMap->FindOrInsertNew(instr->GetDst()->GetSym());`
`4698`		`- if (instr->GetDst()->GetValueType() == ValueType::UninitializedObject)`
`4699`		`- {`
`4700`		`- *localValue = globOpt->NewGenericValue(ValueType::UninitializedObject, instr->GetDst());`
`4701`		`- }`
`4702`		`- }`
`4703`		`- else`
`4704`		`- {`
`4705`		`- // complex instr, can't track value, insert nullptr`
`4706`		`- Value **localValue = localSymToValueMap->FindOrInsertNew(instr->GetDst()->GetSym());`
`4707`		`- *localValue = nullptr;`
`4708`		`- }`
`4709`		`- }`
`4710`		`- }`
`4711`	`4687`	`} NEXT_INSTR_IN_BLOCK;`
`4712`	`4688`
`4713`	`4689`	`IR::Instr * instr = this->GetLastInstr();`
`@@ -4747,7 +4723,12 @@ BasicBlock::CheckLegalityAndFoldPathDepBranches(GlobOpt* globOpt)`
`4747`	`4723`
`4748`	`4724`	`if (IsCopyTypeInstr(instr))`
`4749`	`4725`	`{`
`4750`		`- UpdateValueForCopyTypeInstr(instr);`
	`4726`	`+ Value *dstValue = UpdateValueForCopyTypeInstr(instr);`
	`4727`	`+ if (instr->m_opcode == Js::OpCode::LdFld && !dstValue)`
	`4728`	`+ {`
	`4729`	`+ // We cannot skip a LdFld if we didnt find its valueInfo in the localValueTable`
	`4730`	`+ return;`
	`4731`	`+ }`
`4751`	`4732`	`}`
`4752`	`4733`	`else`
`4753`	`4734`	`{`
`@@ -4848,6 +4829,7 @@ BasicBlock::CheckLegalityAndFoldPathDepBranches(GlobOpt* globOpt)`
`4848`	`4829`	`if (currentInlineeEnd != nullptr && currentInlineeEnd != unskippedInlineeEnd)`
`4849`	`4830`	`{`
`4850`	`4831`	`this->GetLastInstr()->InsertBefore(currentInlineeEnd->Copy());`
	`4832`	`+ globOpt->ProcessInlineeEnd(currentInlineeEnd);`
`4851`	`4833`	`currentInlineeEnd = nullptr;`
`4852`	`4834`	`}`
`4853`	`4835`	`// We are adding an unconditional branch, go over all the current successors and remove the ones that are dead now`
Original file line number	Diff line number	Diff line change
`@@ -475,7 +475,6 @@ GlobOpt::OptBlock(BasicBlock *block)`
`475`	`475`	`PrepareLoopArrayCheckHoist();`
`476`	`476`
`477`	`477`	`block->MergePredBlocksValueMaps(this);`
`478`		`- block->PathDepBranchFolding(this);`
`479`	`478`
`480`	`479`	`this->intOverflowCurrentlyMattersInRange = true;`
`481`	`480`	`this->intOverflowDoesNotMatterRange = this->currentBlock->intOverflowDoesNotMatterRange;`
`@@ -613,6 +612,8 @@ GlobOpt::OptBlock(BasicBlock *block)`
`613`	`612`	`}`
`614`	`613`	`}`
`615`	`614`
	`615`	`+ block->PathDepBranchFolding(this);`
	`616`	`+`
`616`	`617`	`#if DBG`
`617`	`618`	`// The set of live lossy int32 syms should be a subset of all live int32 syms`
`618`	`619`	`this->tempBv->And(block->globOptData.liveInt32Syms, block->globOptData.liveLossyInt32Syms);`
`@@ -6776,8 +6777,6 @@ GlobOpt::CanProveConditionalBranch(IR::Instr instr, Value src1Val, Value *src2`
`6776`	`6777`	`}`
`6777`	`6778`	`case Js::OpCode::BrFalse_I4:`
`6778`	`6779`	`{`
`6779`		`- // this path would probably work outside of asm.js, but we should verify that if we ever hit this scenario`
`6780`		`- Assert(GetIsAsmJSFunc());`
`6781`	`6780`	`constVal = 0;`
`6782`	`6781`	`if (!src1Val->GetValueInfo()->TryGetIntConstantValue(&constVal))`
`6783`	`6782`	`{`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,5 @@`
`1`	`1`	`100`
`2`	`2`	`TRACE PathDependentBranchFolding: Can prove retarget of branch in Block 1 from Block 2 to Block 4 in func foo`
`3`		`-TRACE PathDependentBranchFolding: Can prove retarget of branch in Block 2 from Block 4 to Block 3 in func foo`
`4`	`3`	`100`
`5`	`4`	`Done foo`
`6`	`5`
`@@ -10,6 +9,8 @@ TRACE PathDependentBranchFolding: Can prove retarget of branch in Block 2 from B`
`10`	`9`	`Done bar`
`11`	`10`
`12`	`11`	`100`
	`12`	`+TRACE PathDependentBranchFolding: Can prove retarget of branch in Block 1 from Block 3 to Block 4 in func baz`
	`13`	`+TRACE PathDependentBranchFolding: Can prove retarget of branch in Block 2 from Block 3 to Block 5 in func baz`
`13`	`14`	`100`
`14`	`15`	`Done baz`
`15`	`16`
`@@ -62,7 +63,6 @@ Done iterator`
`62`	`63`
`63`	`64`	`5`
`64`	`65`	`TRACE PathDependentBranchFolding: Can prove retarget of branch in Block 1 from Block 3 to Block 5 in func iterator2`
`65`		`-TRACE PathDependentBranchFolding: Can prove retarget of branch in Block 3 from Block 5 to Block 4 in func iterator2`
`66`	`66`	`5`
`67`	`67`	`Done iterator2`
`68`	`68`