193304 – DFG combined liveness can be wrong for terminal basic blocks

Bug 193304 - DFG combined liveness can be wrong for terminal basic blocks

Summary: DFG combined liveness can be wrong for terminal basic blocks

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Saam Barati

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2019-01-09 15:00 PST by Saam Barati
Modified:	2019-01-11 16:26 PST (History)
CC List:	12 users (show)

See Also:

Attachments
patch (6.77 KB, patch) 2019-01-09 15:05 PST, Saam Barati	ysuzuki: review+	Details \| Formatted Diff \| Diff
patch for landing (7.43 KB, patch) 2019-01-11 15:18 PST, Saam Barati	no flags	Details \| Formatted Diff \| Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Saam Barati 2019-01-09 15:00:02 PST

If a block doesn't have any successors, it can't rely on the typical backwards liveness propagation that CombinedLiveness was doing.
For such terminal blocks, we must account for what's bytecode live at the end of the block. Consider a block that ends with:
```
ForceOSRExit
Unreachable
```

Things may definitely be live in bytecode at the tail. However, we'll report nothing as being alive. This probably subtly breaks many analyses, but we have a test case of it breaking the interference analysis that the ArgumentsEliminationPhase performs.

Comment 1 Saam Barati 2019-01-09 15:00:46 PST

<rdar://problem/45268632>

Comment 2 Saam Barati 2019-01-09 15:05:36 PST

Created attachment 358753 [details]
patch

Comment 3 Yusuke Suzuki 2019-01-10 15:00:11 PST

Comment on attachment 358753 [details]
patch

r=me

Comment 4 Saam Barati 2019-01-11 15:13:42 PST

(In reply to Yusuke Suzuki from comment #3)
> Comment on attachment 358753 [details]
> patch
> 
> r=me

Thanks for the review. Yusuke and I also spoke offline, and I'll make this patch fix some errors in a comment in the CombinedLiveness header.

Comment 5 Saam Barati 2019-01-11 15:18:29 PST

Created attachment 358955 [details]
patch for landing

Comment 6 WebKit Commit Bot 2019-01-11 16:26:12 PST

Comment on attachment 358955 [details]
patch for landing

Clearing flags on attachment: 358955

Committed r239882: <https://trac.webkit.org/changeset/239882>

Comment 7 WebKit Commit Bot 2019-01-11 16:26:13 PST

All reviewed patches have been landed.  Closing bug.