RESOLVED FIXED 154011
Baseline JIT should not require its input to be constant-propagated 
https://bugs.webkit.org/show_bug.cgi?id=154011
Summary Baseline JIT should not require its input to be constant-propagated
Filip Pizlo
Reported 2016-02-08 14:49:28 PST
The snippet generator code in the baseline JIT was assuming that bytecode *must* have been constant-propagated. But you can’t guarantee that. For example, this constraint means that almost any optimization performed after constant propagation is an invalid optimization, since it may reveal new constant propagation opportunities. The bytecode generator runs after we have done some constant propagation in the parser, but it doesn’t guarantee that it won’t also do other things that reveal constants. The correct thing to do - and indeed the thing that all of our other compiler code does - is to gracefully deal with unfolded operations in the backend. There is no cost to doing so, and it ensures that the compiler doesn't crash if by some weird chance we revealed a constant in some late optimization.
Attachments
the patch (3.19 KB, patch)
2016-02-08 14:52 PST, Filip Pizlo 		mark.lam: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Filip Pizlo
Comment 1 2016-02-08 14:52:26 PST
Created attachment 270884 [details] the patch
Mark Lam
Comment 2 2016-02-08 14:57:56 PST
Comment on attachment 270884 [details] the patch r=me
Filip Pizlo
Comment 3 2016-02-08 15:00:42 PST
Landed in http://trac.webkit.org/changeset/196273
Note You need to log in before you can comment on or make changes to this bug.