Reviewers: kmillikin,
Description:
Fix several register allocation issues revealed by fuzzer:
- LIsObject had incorrect contraint for value input;
- Temporaries had incorrect lifetime intervals;
- Live ranges for live_out values was not covering the whole block.
Please review this at http://codereview.chromium.org/5899002/
SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge
Affected files:
M src/ia32/lithium-ia32.cc
M src/lithium-allocator.cc
M test/mjsunit/fuzz-natives.js
Index: src/ia32/lithium-ia32.cc
diff --git a/src/ia32/lithium-ia32.cc b/src/ia32/lithium-ia32.cc
index
acf4a45371181476a44409277a50e4d619e9c1c9..c01fdd1920b925f3e8066e60fc1bcf2da2cf563b
100644
--- a/src/ia32/lithium-ia32.cc
+++ b/src/ia32/lithium-ia32.cc
@@ -1650,7 +1650,7 @@ LInstruction* LChunkBuilder::DoIsNull(HIsNull* instr)
{
LInstruction* LChunkBuilder::DoIsObject(HIsObject* instr) {
ASSERT(instr->value()->representation().IsTagged());
- LOperand* value = UseRegisterAtStart(instr->value());
+ LOperand* value = UseRegister(instr->value());
return DefineAsRegister(new LIsObject(value, TempRegister()));
}
Index: src/lithium-allocator.cc
diff --git a/src/lithium-allocator.cc b/src/lithium-allocator.cc
index
c00ef15fe4e6657faf0b0d53c44db0cbb10f7a35..30b86ffe7273e9e1e9cca75d15ba38b063836715
100644
--- a/src/lithium-allocator.cc
+++ b/src/lithium-allocator.cc
@@ -585,17 +585,12 @@ void LAllocator::AddInitialIntervals(HBasicBlock*
block,
LifetimePosition start = LifetimePosition::FromInstructionIndex(
block->first_instruction_index());
LifetimePosition end = LifetimePosition::FromInstructionIndex(
- block->last_instruction_index());
+ block->last_instruction_index()).NextInstruction();
BitVector::Iterator iterator(live_out);
while (!iterator.Done()) {
int operand_index = iterator.Current();
LiveRange* range = LiveRangeFor(operand_index);
- if (!range->IsEmpty() &&
- range->Start().Value() == end.NextInstruction().Value()) {
- range->AddUseInterval(start, end.NextInstruction());
- } else {
- range->AddUseInterval(start, end);
- }
+ range->AddUseInterval(start, end);
iterator.Advance();
}
}
@@ -978,8 +973,8 @@ void LAllocator::ProcessInstructions(HBasicBlock*
block, BitVector* live) {
}
}
}
- Use(block_start_position, curr_position, temp, NULL);
- Define(curr_position.PrevInstruction(), temp, NULL);
+ Use(block_start_position, curr_position.InstructionEnd(), temp,
NULL);
+ Define(curr_position, temp, NULL);
}
}
}
@@ -1832,7 +1827,7 @@ bool LAllocator::TryAllocateFreeReg(LiveRange*
current) {
// Register reg is available at the range start and is free until
// the range end.
ASSERT(pos.Value() >= current->End().Value());
- TraceAlloc("Assigning reg %s to live range %d\n",
+ TraceAlloc("Assigning free reg %s to live range %d\n",
RegisterName(reg),
current->id());
current->set_assigned_register(reg, mode_);
@@ -1922,7 +1917,7 @@ void LAllocator::AllocateBlockedReg(LiveRange*
current) {
// Register reg is not blocked for the whole range.
ASSERT(block_pos[reg].Value() >= current->End().Value());
- TraceAlloc("Assigning reg %s to live range %d\n",
+ TraceAlloc("Assigning blocked reg %s to live range %d\n",
RegisterName(reg),
current->id());
current->set_assigned_register(reg, mode_);
Index: test/mjsunit/fuzz-natives.js
diff --git a/test/mjsunit/fuzz-natives.js b/test/mjsunit/fuzz-natives.js
index
0446cd38db06eb086bde128d179ba8a7fc75b60a..020e3c0c857569c18fcf981d4552eebb9d204ef1
100644
--- a/test/mjsunit/fuzz-natives.js
+++ b/test/mjsunit/fuzz-natives.js
@@ -25,7 +25,7 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-// Flags: --allow-natives-syntax --noalways-opt
+// Flags: --allow-natives-syntax
var RUN_WITH_ALL_ARGUMENT_ENTRIES = false;
var kOnManyArgumentsRemove = 5;
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
