Bug 158631

Summary:

The backend should be happy to compile Unreachable even if AI didn't prove it to be unreachable

Product:

WebKit

Reporter:

Filip Pizlo <fpizlo>

Component:

JavaScriptCore

Assignee:

Filip Pizlo <fpizlo>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

barraclough, benjamin, commit-queue, ddkilzer, ggaren, keith_miller, mark.lam, mhahnenb, msaboff, oliver, saam, sam

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

All

OS:

All

Bug Depends on:

157379

Bug Blocks:

Attachments:

Description	Flags
the patch	keith_miller: review+

Filip Pizlo

Reported 2016-06-10 12:18:53 PDT

It's possible that due to concurrency, we invalidate the compilation after the last run of the CFA phase but before the backend. Then, when AI runs during the backend, it might think that some code that was previously thought to be Unreachable is now reachable. We shouldn't crash when this happens.

Attachments
the patch (6.94 KB, patch) 2016-06-10 12:31 PDT, Filip Pizlo	keith_miller: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Filip Pizlo

Comment 1 2016-06-10 12:31:37 PDT

Created attachment 281032 [details] the patch

Keith Miller

Comment 2 2016-06-10 12:52:03 PDT

Comment on attachment 281032 [details] the patch r=me.

Filip Pizlo

Comment 3 2016-06-10 12:56:04 PDT

Landed in http://trac.webkit.org/changeset/201936

David Kilzer (:ddkilzer)

Comment 4 2016-06-10 13:56:23 PDT

<rdar://problem/26540392>

Note You need to log in before you can comment on or make changes to this bug.