Bug 193304

Summary: DFG combined liveness can be wrong for terminal basic blocks
Product: WebKit Reporter: Saam Barati <saam>
Component: JavaScriptCoreAssignee: Saam Barati <saam>
Status: RESOLVED FIXED    
Severity: Normal CC: benjamin, commit-queue, fpizlo, ggaren, gskachkov, keith_miller, mark.lam, msaboff, rmorisset, ticaiolima, webkit-bug-importer, ysuzuki
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
patch
ysuzuki: review+
patch for landing none

Saam Barati
Reported 2019-01-09 15:00:02 PST
If a block doesn't have any successors, it can't rely on the typical backwards liveness propagation that CombinedLiveness was doing. For such terminal blocks, we must account for what's bytecode live at the end of the block. Consider a block that ends with: ``` ForceOSRExit Unreachable ``` Things may definitely be live in bytecode at the tail. However, we'll report nothing as being alive. This probably subtly breaks many analyses, but we have a test case of it breaking the interference analysis that the ArgumentsEliminationPhase performs.
Attachments
patch (6.77 KB, patch)
2019-01-09 15:05 PST, Saam Barati 		ysuzuki: review+
DetailsFormatted DiffDiff
patch for landing (7.43 KB, patch)
2019-01-11 15:18 PST, Saam Barati 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Saam Barati
Comment 1 2019-01-09 15:00:46 PST
<rdar://problem/45268632>
Saam Barati
Comment 2 2019-01-09 15:05:36 PST
Created attachment 358753 [details] patch
Yusuke Suzuki
Comment 3 2019-01-10 15:00:11 PST
Comment on attachment 358753 [details] patch r=me
Saam Barati
Comment 4 2019-01-11 15:13:42 PST
(In reply to Yusuke Suzuki from comment #3) > Comment on attachment 358753 [details] > patch > > r=me Thanks for the review. Yusuke and I also spoke offline, and I'll make this patch fix some errors in a comment in the CombinedLiveness header.
Saam Barati
Comment 5 2019-01-11 15:18:29 PST
Created attachment 358955 [details] patch for landing
WebKit Commit Bot
Comment 6 2019-01-11 16:26:12 PST
Comment on attachment 358955 [details] patch for landing Clearing flags on attachment: 358955 Committed r239882: <https://trac.webkit.org/changeset/239882>
WebKit Commit Bot
Comment 7 2019-01-11 16:26:13 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.