Bug 152510

Summary: llvm appears to be miscalculating the live-out registers at a patchpoint
Product: WebKit Reporter: Saam Barati <saam>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED WONTFIX    
Severity: Normal CC: benjamin, fpizlo, ggaren, gskachkov, juergen, keith_miller, mark.lam, msaboff, oliver, sukolsak, ysuzuki
Priority: P2    
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
dfg and llvm IR. none

Saam Barati
Reported 2015-12-22 13:01:29 PST
Created attachment 267798 [details] dfg and llvm IR. We end up clobbering a volatile register with a C call we make even though that register is used immediately after the patchpoint. The problem appears to be that we’re not claiming that x1 is live-out at the patchpoint w/ patchpointID=27. The code generated for this patchpoint is at “0x146cfa588”. You can see some of the meta-data we have for this patchpoint by looking at this line in the IR dump: ``` (#27, offset = 488, flags = 0, locations = [(Register, %r11, off:0, size:8), (Register, %r8, off:0, size:8)], liveOuts = [(%r12, 8)]) ``` x1 should be live-out here because the instructions emitted immediately after the patchpoint load from x1. x1 is also a hoisted constant.
Attachments
dfg and llvm IR. (147.21 KB, text/plain)
2015-12-22 13:01 PST, Saam Barati 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Saam Barati
Comment 1 2015-12-22 13:02:09 PST
I should note that the failing test is: stress/generator-function-declaration-sinking-osrexit.js
Saam Barati
Comment 2 2015-12-22 13:05:27 PST
We should remove the bandaid fix from: https://bugs.webkit.org/show_bug.cgi?id=152511 once we get a real fix.
Benjamin Poulain
Comment 3 2016-06-02 21:39:58 PDT
Closing LLVM bug.
Note You need to log in before you can comment on or make changes to this bug.