RESOLVED FIXED 146562
DFG and FTL should have an OSR exit fuzzer 
https://bugs.webkit.org/show_bug.cgi?id=146562
Summary DFG and FTL should have an OSR exit fuzzer
Filip Pizlo
Reported 2015-07-02 15:49:23 PDT
Patch forthcoming.
Attachments
work in progress (10.58 KB, patch)
2015-07-02 15:49 PDT, Filip Pizlo 		no flags
DetailsFormatted DiffDiff
the patch (19.66 KB, patch)
2015-07-02 18:37 PDT, Filip Pizlo 		benjamin: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Filip Pizlo
Comment 1 2015-07-02 15:49:51 PDT
Created attachment 256043 [details] work in progress
Filip Pizlo
Comment 2 2015-07-02 18:37:07 PDT
Created attachment 256066 [details] the patch
WebKit Commit Bot
Comment 3 2015-07-02 18:39:10 PDT
Attachment 256066 [details] did not pass style-queue: ERROR: Source/JavaScriptCore/dfg/DFGOSRExitFuzz.h:32: g_numberOfOSRExitFuzzChecks is incorrectly named. Don't use underscores in your identifier names. [readability/naming/underscores] [4] ERROR: Source/JavaScriptCore/dfg/DFGOSRExitFuzz.cpp:33: g_numberOfOSRExitFuzzChecks is incorrectly named. Don't use underscores in your identifier names. [readability/naming/underscores] [4] Total errors found: 2 in 12 files If any of these errors are false positives, please file a bug against check-webkit-style.
Benjamin Poulain
Comment 4 2015-07-02 18:46:08 PDT
Comment on attachment 256066 [details] the patch View in context: https://bugs.webkit.org/attachment.cgi?id=256066&action=review > Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:182 > + MacroAssembler::RelationalCondition condition; > + if (atOrAfter) { > + threshold = atOrAfter; > + condition = MacroAssembler::Below; > + } else { > + threshold = at; > + condition = MacroAssembler::NotEqual; > + } You could return a JumpList and not have those exclusive. > Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:184 > + MacroAssembler::Jump ok = m_jit.branch32( > + condition, GPRInfo::regT0, MacroAssembler::TrustedImm32(threshold)); Could be on one line. > Source/JavaScriptCore/ftl/FTLLowerDFGToLLVM.cpp:8186 > + if (unsigned at = Options::fireOSRExitFuzzAt()) { > + failCondition = m_out.bitOr( > + failCondition, > + m_out.equal(numberOfFuzzChecks, m_out.constInt32(at))); > + } Oh, this one is not exclusive...
Filip Pizlo
Comment 5 2015-07-02 18:49:52 PDT
Landed in http://trac.webkit.org/changeset/186252
Note You need to log in before you can comment on or make changes to this bug.