Status: Accepted
Owner: [email protected]
Labels: Type-Bug Priority-Medium HW-ARM
New issue 1141 by [email protected]: ARM: Peephole optimization breaks
deoptimization
http://code.google.com/p/v8/issues/detail?id=1141
Peephole optimization removes loads from stack even if that load is needed
since it is deoptimization point in code generated by full code generation.
Crash with peephole optimization on (default), passes without peephole
optimization.
shell_g --always_opt --hydrogen_filter=X -peephole_optimization test.js
function X() {
return Number(1) << this
}
X()
---- with peephole ---
0xac97f8 56 e51b8004 ldr r8, [fp, #-4]
0xac97fc 60 e1a01000 mov r1, r0
0xac9800 64 e59b0008 ldr r0, [fp, #+8] ;; <-
deoptimization return point, r1 is not loaded before blx
0xac9804 68 e59fc028 ldr ip, [pc, #+40]
0xac9808 72 e12fff3c blx ip
--- without peephole ------
0xac97f4 52 e12fff3c blx ip
0xac97f8 56 e51b8004 ldr r8, [fp, #-4]
0xac97fc 60 e52d0004 str r0, [sp, #-4]!
0xac9800 64 e59b0008 ldr r0, [fp, #+8] ;; <- deoptimization
return point, r1 is loaded before blx
0xac9804 68 e49d1004 ldr r1, [sp], #+4
0xac9808 72 e59fc028 ldr ip, [pc, #+40]
0xac97f4 52 e12fff3c blx ip
==============
Currently peephole optimization is disabled if crankshaft is enabled.
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
