Bug 152510 - llvm appears to be miscalculating the live-out registers at a patchpoint
Summary: llvm appears to be miscalculating the live-out registers at a patchpoint
Status: RESOLVED WONTFIX
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-12-22 13:01 PST by Saam Barati
Modified: 2016-06-02 21:39 PDT (History)
11 users (show)

See Also:

Attachments
dfg and llvm IR. (147.21 KB, text/plain)
2015-12-22 13:01 PST, Saam Barati 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Saam Barati 2015-12-22 13:01:29 PST 
Created attachment 267798 [details]
dfg and llvm IR.

We end up clobbering a volatile register with a C call we make even though that register is used immediately after the patchpoint.

The problem appears to be that we’re not claiming that x1 is live-out at the patchpoint w/ patchpointID=27.
The code generated for this patchpoint is at “0x146cfa588”. You can see some of the meta-data we have for this 
patchpoint by looking at this line in the IR dump:
```
(#27, offset = 488, flags = 0, locations = [(Register, %r11, off:0, size:8), (Register, %r8, off:0, size:8)], liveOuts = [(%r12, 8)])
```

x1 should be live-out here because the instructions emitted immediately after the patchpoint load from x1. x1 is also a hoisted constant.
Comment 1 Saam Barati 2015-12-22 13:02:09 PST 
I should note that the failing test is:
stress/generator-function-declaration-sinking-osrexit.js
Comment 2 Saam Barati 2015-12-22 13:05:27 PST 
We should remove the bandaid fix from:
https://bugs.webkit.org/show_bug.cgi?id=152511
once we get a real fix.
Comment 3 Benjamin Poulain 2016-06-02 21:39:58 PDT 
Closing LLVM bug.