Revision: 6038
Author: [email protected]
Date: Wed Dec 15 10:13:02 2010
Log: Fix several register allocation issues revealed by fuzzer:
- LIsObject had incorrect contraint for value input;
- Temporaries had incorrect lifetime intervals;
- Live ranges for live_out values was not covering the whole block.
Review URL: http://codereview.chromium.org/5899002
http://code.google.com/p/v8/source/detail?r=6038
Modified:
/branches/bleeding_edge/src/ia32/lithium-ia32.cc
/branches/bleeding_edge/src/lithium-allocator.cc
/branches/bleeding_edge/test/mjsunit/fuzz-natives.js
=======================================
--- /branches/bleeding_edge/src/ia32/lithium-ia32.cc Wed Dec 15 07:25:53
2010
+++ /branches/bleeding_edge/src/ia32/lithium-ia32.cc Wed Dec 15 10:13:02
2010
@@ -1650,7 +1650,7 @@
LInstruction* LChunkBuilder::DoIsObject(HIsObject* instr) {
ASSERT(instr->value()->representation().IsTagged());
- LOperand* value = UseRegisterAtStart(instr->value());
+ LOperand* value = UseRegister(instr->value());
return DefineAsRegister(new LIsObject(value, TempRegister()));
}
=======================================
--- /branches/bleeding_edge/src/lithium-allocator.cc Wed Dec 15 06:35:46
2010
+++ /branches/bleeding_edge/src/lithium-allocator.cc Wed Dec 15 10:13:02
2010
@@ -585,17 +585,12 @@
LifetimePosition start = LifetimePosition::FromInstructionIndex(
block->first_instruction_index());
LifetimePosition end = LifetimePosition::FromInstructionIndex(
- block->last_instruction_index());
+ block->last_instruction_index()).NextInstruction();
BitVector::Iterator iterator(live_out);
while (!iterator.Done()) {
int operand_index = iterator.Current();
LiveRange* range = LiveRangeFor(operand_index);
- if (!range->IsEmpty() &&
- range->Start().Value() == end.NextInstruction().Value()) {
- range->AddUseInterval(start, end.NextInstruction());
- } else {
- range->AddUseInterval(start, end);
- }
+ range->AddUseInterval(start, end);
iterator.Advance();
}
}
@@ -978,8 +973,8 @@
}
}
}
- Use(block_start_position, curr_position, temp, NULL);
- Define(curr_position.PrevInstruction(), temp, NULL);
+ Use(block_start_position, curr_position.InstructionEnd(), temp,
NULL);
+ Define(curr_position, temp, NULL);
}
}
}
@@ -1832,7 +1827,7 @@
// Register reg is available at the range start and is free until
// the range end.
ASSERT(pos.Value() >= current->End().Value());
- TraceAlloc("Assigning reg %s to live range %d\n",
+ TraceAlloc("Assigning free reg %s to live range %d\n",
RegisterName(reg),
current->id());
current->set_assigned_register(reg, mode_);
@@ -1922,7 +1917,7 @@
// Register reg is not blocked for the whole range.
ASSERT(block_pos[reg].Value() >= current->End().Value());
- TraceAlloc("Assigning reg %s to live range %d\n",
+ TraceAlloc("Assigning blocked reg %s to live range %d\n",
RegisterName(reg),
current->id());
current->set_assigned_register(reg, mode_);
=======================================
--- /branches/bleeding_edge/test/mjsunit/fuzz-natives.js Tue Dec 7
03:31:57 2010
+++ /branches/bleeding_edge/test/mjsunit/fuzz-natives.js Wed Dec 15
10:13:02 2010
@@ -25,7 +25,7 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-// Flags: --allow-natives-syntax --noalways-opt
+// Flags: --allow-natives-syntax
var RUN_WITH_ALL_ARGUMENT_ENTRIES = false;
var kOnManyArgumentsRemove = 5;
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
