Bug 152918

Summary: The FTL allocated spill slots for BinaryOps is sometimes inaccurate.
Product: WebKit Reporter: Mark Lam <mark.lam>
Component: JavaScriptCoreAssignee: Mark Lam <mark.lam>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, fpizlo, keith_miller, msaboff, saam
Priority: P2    
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
proposed fix.
fpizlo: review+
revised patch for landing. none

Mark Lam
Reported 2016-01-08 12:24:03 PST
Patch coming.
Attachments
proposed fix. (3.52 KB, patch)
2016-01-08 12:49 PST, Mark Lam 		fpizlo: review+
DetailsFormatted DiffDiff
revised patch for landing. (4.38 KB, patch)
2016-01-09 07:23 PST, Mark Lam 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Saam Barati
Comment 1 2016-01-08 12:37:42 PST
For exception handling?
Mark Lam
Comment 2 2016-01-08 12:38:38 PST
(In reply to comment #1) > For exception handling? Yes. My bug. I'll upload a patch soon for your review.
Mark Lam
Comment 3 2016-01-08 12:49:08 PST
Created attachment 268572 [details] proposed fix.
Filip Pizlo
Comment 4 2016-01-08 13:06:16 PST
Which test does this fix? Please make sure you either fix some existing test failure, or you try to introduce a test. If it is not testable, please say why.
Saam Barati
Comment 5 2016-01-08 13:26:54 PST
Comment on attachment 268572 [details] proposed fix. LGTM
Mark Lam
Comment 6 2016-01-09 07:23:23 PST
Created attachment 268621 [details] revised patch for landing. For the landing patch, I unskipped 2 tests which now pass with this fix: Source/JavaScriptCore/tests/stress/ftl-shr-exception.js Source/JavaScriptCore/tests/stress/ftl-xor-exception.js Also replaced the use of binaryUseKind() with isBinaryUseKind() because the bit ops may have operands that don't match in UseKind unless they are Untyped. isBinaryUseKind() is the right query to use for this scenario. This patch has passed all JSC tests including the 2 unskipped tests.
Mark Lam
Comment 7 2016-01-09 07:25:12 PST
Thanks for the reviews. Landed in r194820: <http://trac.webkit.org/r194820>.
Note You need to log in before you can comment on or make changes to this bug.