Revision: 17599
Author: [email protected]
Date: Fri Nov 8 14:16:34 2013 UTC
Log: Do not add values to HGraph in Lithium.
Lithium uses indexes after the maximium value ID in the HGraph as indexes
of virtual registers and assumes that the maximum value ID does not change.
The IsStandardConstant and GetConstantXX functions could add constants to
HGraph, which aliased virtual registers with real values. This could confuse
the register allocator to think that a value in a virtual register is tagged
and to incorrectly set it in the pointer map.
BUG=298269
TEST=mjsunit/regress/regress-298269.js
[email protected]
Review URL: https://chromiumcodereview.appspot.com/66693002
http://code.google.com/p/v8/source/detail?r=17599
Added:
/branches/bleeding_edge/test/mjsunit/regress/regress-298269.js
Modified:
/branches/bleeding_edge/src/arm/lithium-arm.cc
/branches/bleeding_edge/src/arm/lithium-arm.h
/branches/bleeding_edge/src/arm/lithium-codegen-arm.cc
/branches/bleeding_edge/src/hydrogen.cc
/branches/bleeding_edge/src/hydrogen.h
/branches/bleeding_edge/src/ia32/lithium-codegen-ia32.cc
/branches/bleeding_edge/src/ia32/lithium-ia32.cc
/branches/bleeding_edge/src/ia32/lithium-ia32.h
/branches/bleeding_edge/src/lithium.cc
/branches/bleeding_edge/src/mips/lithium-codegen-mips.cc
/branches/bleeding_edge/src/mips/lithium-mips.cc
/branches/bleeding_edge/src/mips/lithium-mips.h
/branches/bleeding_edge/src/x64/lithium-codegen-x64.cc
/branches/bleeding_edge/src/x64/lithium-x64.cc
/branches/bleeding_edge/src/x64/lithium-x64.h
=======================================
--- /dev/null
+++ /branches/bleeding_edge/test/mjsunit/regress/regress-298269.js Fri Nov
8 14:16:34 2013 UTC
@@ -0,0 +1,45 @@
+// Copyright 2013 the V8 project authors. All rights reserved.
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+function Cb(a) {
+ var f, g;
+ for(f = a.length; f--;) {
+ g = a.charCodeAt(f);
+ // This will fail after OSR if Runtime_StringCharCodeAt is modified
+ // to iterates optimized frames and visit safepoint pointers.
+ }
+ return g;
+}
+
+var s1 = "long string to make cons string 1";
+var s2 = "long string to make cons string 2";
+Cb(s1 + s2);
+Cb(s1);
+var s3 = "string for triggering osr in Cb";
+for (var i = 0; i < 16; i++) s3 = s3 + s3;
+Cb(s3);
+Cb(s1 + s2);
=======================================
--- /branches/bleeding_edge/src/arm/lithium-arm.cc Thu Nov 7 13:43:03 2013
UTC
+++ /branches/bleeding_edge/src/arm/lithium-arm.cc Fri Nov 8 14:16:34 2013
UTC
@@ -863,10 +863,12 @@
LInstruction* instr = NULL;
if (current->CanReplaceWithDummyUses()) {
- HValue* first_operand = current->OperandCount() == 0
- ? graph()->GetConstant1()
- : current->OperandAt(0);
- instr = DefineAsRegister(new(zone()) LDummyUse(UseAny(first_operand)));
+ if (current->OperandCount() == 0) {
+ instr = DefineAsRegister(new(zone()) LDummy());
+ } else {
+ instr = DefineAsRegister(new(zone())
+ LDummyUse(UseAny(current->OperandAt(0))));
+ }
for (int i = 1; i < current->OperandCount(); ++i) {
LInstruction* dummy =
new(zone()) LDummyUse(UseAny(current->OperandAt(i)));
=======================================
--- /branches/bleeding_edge/src/arm/lithium-arm.h Thu Nov 7 13:43:03 2013
UTC
+++ /branches/bleeding_edge/src/arm/lithium-arm.h Fri Nov 8 14:16:34 2013
UTC
@@ -91,6 +91,7 @@
V(DoubleToI) \
V(DoubleToSmi) \
V(Drop) \
+ V(Dummy) \
V(DummyUse) \
V(ElementsKind) \
V(ForInCacheArray) \
@@ -424,6 +425,13 @@
};
+class LDummy V8_FINAL : public LTemplateInstruction<1, 0, 0> {
+ public:
+ explicit LDummy() { }
+ DECLARE_CONCRETE_INSTRUCTION(Dummy, "dummy")
+};
+
+
class LDummyUse V8_FINAL : public LTemplateInstruction<1, 1, 0> {
public:
explicit LDummyUse(LOperand* value) {
=======================================
--- /branches/bleeding_edge/src/arm/lithium-codegen-arm.cc Fri Nov 8
13:54:34 2013 UTC
+++ /branches/bleeding_edge/src/arm/lithium-codegen-arm.cc Fri Nov 8
14:16:34 2013 UTC
@@ -5712,6 +5712,11 @@
Comment(";;; deoptimize: %s", instr->hydrogen()->reason());
DeoptimizeIf(al, instr->environment(), type);
}
+
+
+void LCodeGen::DoDummy(LDummy* instr) {
+ // Nothing to see here, move on!
+}
void LCodeGen::DoDummyUse(LDummyUse* instr) {
=======================================
--- /branches/bleeding_edge/src/hydrogen.cc Fri Nov 8 13:44:27 2013 UTC
+++ /branches/bleeding_edge/src/hydrogen.cc Fri Nov 8 14:16:34 2013 UTC
@@ -708,6 +708,21 @@
#undef DEFINE_GET_CONSTANT
+#define DEFINE_IS_CONSTANT(Name,
name) \
+bool HGraph::IsConstant##Name(HConstant* constant)
{ \
+ return constant_##name##_.is_set() && constant ==
constant_##name##_.get(); \
+}
+DEFINE_IS_CONSTANT(Undefined, undefined)
+DEFINE_IS_CONSTANT(0, 0)
+DEFINE_IS_CONSTANT(1, 1)
+DEFINE_IS_CONSTANT(Minus1, minus1)
+DEFINE_IS_CONSTANT(True, true)
+DEFINE_IS_CONSTANT(False, false)
+DEFINE_IS_CONSTANT(Hole, the_hole)
+DEFINE_IS_CONSTANT(Null, null)
+
+#undef DEFINE_IS_CONSTANT
+
HConstant* HGraph::GetInvalidContext() {
return GetConstant(&constant_invalid_context_, 0xFFFFC0C7);
@@ -715,14 +730,14 @@
bool HGraph::IsStandardConstant(HConstant* constant) {
- if (constant == GetConstantUndefined()) return true;
- if (constant == GetConstant0()) return true;
- if (constant == GetConstant1()) return true;
- if (constant == GetConstantMinus1()) return true;
- if (constant == GetConstantTrue()) return true;
- if (constant == GetConstantFalse()) return true;
- if (constant == GetConstantHole()) return true;
- if (constant == GetConstantNull()) return true;
+ if (IsConstantUndefined(constant)) return true;
+ if (IsConstant0(constant)) return true;
+ if (IsConstant1(constant)) return true;
+ if (IsConstantMinus1(constant)) return true;
+ if (IsConstantTrue(constant)) return true;
+ if (IsConstantFalse(constant)) return true;
+ if (IsConstantHole(constant)) return true;
+ if (IsConstantNull(constant)) return true;
return false;
}
@@ -2281,7 +2296,8 @@
depends_on_empty_array_proto_elements_(false),
type_change_checksum_(0),
maximum_environment_size_(0),
- no_side_effects_scope_count_(0) {
+ no_side_effects_scope_count_(0),
+ disallow_adding_new_values_(false) {
if (info->IsStub()) {
HydrogenCodeStub* stub = info->code_stub();
CodeStubInterfaceDescriptor* descriptor =
=======================================
--- /branches/bleeding_edge/src/hydrogen.h Wed Oct 23 12:34:39 2013 UTC
+++ /branches/bleeding_edge/src/hydrogen.h Fri Nov 8 14:16:34 2013 UTC
@@ -352,6 +352,14 @@
HConstant* GetConstantNull();
HConstant* GetInvalidContext();
+ bool IsConstantUndefined(HConstant* constant);
+ bool IsConstant0(HConstant* constant);
+ bool IsConstant1(HConstant* constant);
+ bool IsConstantMinus1(HConstant* constant);
+ bool IsConstantTrue(HConstant* constant);
+ bool IsConstantFalse(HConstant* constant);
+ bool IsConstantHole(HConstant* constant);
+ bool IsConstantNull(HConstant* constant);
bool IsStandardConstant(HConstant* constant);
HBasicBlock* CreateBasicBlock();
@@ -366,6 +374,7 @@
int GetMaximumValueID() const { return values_.length(); }
int GetNextBlockID() { return next_block_id_++; }
int GetNextValueID(HValue* value) {
+ ASSERT(!disallow_adding_new_values_);
values_.Add(value, zone());
return values_.length() - 1;
}
@@ -373,6 +382,9 @@
if (id >= 0 && id < values_.length()) return values_[id];
return NULL;
}
+ void DisallowAddingNewValues() {
+ disallow_adding_new_values_ = true;
+ }
bool Optimize(BailoutReason* bailout_reason);
@@ -499,6 +511,7 @@
int type_change_checksum_;
int maximum_environment_size_;
int no_side_effects_scope_count_;
+ bool disallow_adding_new_values_;
DISALLOW_COPY_AND_ASSIGN(HGraph);
};
=======================================
--- /branches/bleeding_edge/src/ia32/lithium-codegen-ia32.cc Fri Nov 8
13:54:34 2013 UTC
+++ /branches/bleeding_edge/src/ia32/lithium-codegen-ia32.cc Fri Nov 8
14:16:34 2013 UTC
@@ -6278,6 +6278,11 @@
Comment(";;; deoptimize: %s", instr->hydrogen()->reason());
DeoptimizeIf(no_condition, instr->environment(), type);
}
+
+
+void LCodeGen::DoDummy(LDummy* instr) {
+ // Nothing to see here, move on!
+}
void LCodeGen::DoDummyUse(LDummyUse* instr) {
=======================================
--- /branches/bleeding_edge/src/ia32/lithium-ia32.cc Fri Nov 8 13:54:34
2013 UTC
+++ /branches/bleeding_edge/src/ia32/lithium-ia32.cc Fri Nov 8 14:16:34
2013 UTC
@@ -924,10 +924,12 @@
LInstruction* instr = NULL;
if (current->CanReplaceWithDummyUses()) {
- HValue* first_operand = current->OperandCount() == 0
- ? graph()->GetConstant1()
- : current->OperandAt(0);
- instr = DefineAsRegister(new(zone()) LDummyUse(UseAny(first_operand)));
+ if (current->OperandCount() == 0) {
+ instr = DefineAsRegister(new(zone()) LDummy());
+ } else {
+ instr = DefineAsRegister(new(zone())
+ LDummyUse(UseAny(current->OperandAt(0))));
+ }
for (int i = 1; i < current->OperandCount(); ++i) {
LInstruction* dummy =
new(zone()) LDummyUse(UseAny(current->OperandAt(i)));
=======================================
--- /branches/bleeding_edge/src/ia32/lithium-ia32.h Fri Nov 8 10:58:51
2013 UTC
+++ /branches/bleeding_edge/src/ia32/lithium-ia32.h Fri Nov 8 14:16:34
2013 UTC
@@ -93,6 +93,7 @@
V(DoubleToI) \
V(DoubleToSmi) \
V(Drop) \
+ V(Dummy) \
V(DummyUse) \
V(ElementsKind) \
V(ForInCacheArray) \
@@ -432,6 +433,13 @@
};
+class LDummy V8_FINAL : public LTemplateInstruction<1, 0, 0> {
+ public:
+ explicit LDummy() { }
+ DECLARE_CONCRETE_INSTRUCTION(Dummy, "dummy")
+};
+
+
class LDummyUse V8_FINAL : public LTemplateInstruction<1, 1, 0> {
public:
explicit LDummyUse(LOperand* value) {
=======================================
--- /branches/bleeding_edge/src/lithium.cc Mon Oct 21 13:35:48 2013 UTC
+++ /branches/bleeding_edge/src/lithium.cc Fri Nov 8 14:16:34 2013 UTC
@@ -422,6 +422,7 @@
LChunk* LChunk::NewChunk(HGraph* graph) {
DisallowHandleAllocation no_handles;
DisallowHeapAllocation no_gc;
+ graph->DisallowAddingNewValues();
int values = graph->GetMaximumValueID();
CompilationInfo* info = graph->info();
if (values > LUnallocated::kMaxVirtualRegisters) {
=======================================
--- /branches/bleeding_edge/src/mips/lithium-codegen-mips.cc Fri Nov 8
00:47:34 2013 UTC
+++ /branches/bleeding_edge/src/mips/lithium-codegen-mips.cc Fri Nov 8
14:16:34 2013 UTC
@@ -5688,6 +5688,11 @@
Comment(";;; deoptimize: %s", instr->hydrogen()->reason());
DeoptimizeIf(al, instr->environment(), type, zero_reg,
Operand(zero_reg));
}
+
+
+void LCodeGen::DoDummy(LDummy* instr) {
+ // Nothing to see here, move on!
+}
void LCodeGen::DoDummyUse(LDummyUse* instr) {
=======================================
--- /branches/bleeding_edge/src/mips/lithium-mips.cc Thu Nov 7 21:59:45
2013 UTC
+++ /branches/bleeding_edge/src/mips/lithium-mips.cc Fri Nov 8 14:16:34
2013 UTC
@@ -868,10 +868,12 @@
LInstruction* instr = NULL;
if (current->CanReplaceWithDummyUses()) {
- HValue* first_operand = current->OperandCount() == 0
- ? graph()->GetConstant1()
- : current->OperandAt(0);
- instr = DefineAsRegister(new(zone()) LDummyUse(UseAny(first_operand)));
+ if (current->OperandCount() == 0) {
+ instr = DefineAsRegister(new(zone()) LDummy());
+ } else {
+ instr = DefineAsRegister(new(zone())
+ LDummyUse(UseAny(current->OperandAt(0))));
+ }
for (int i = 1; i < current->OperandCount(); ++i) {
LInstruction* dummy =
new(zone()) LDummyUse(UseAny(current->OperandAt(i)));
=======================================
--- /branches/bleeding_edge/src/mips/lithium-mips.h Thu Nov 7 21:59:45
2013 UTC
+++ /branches/bleeding_edge/src/mips/lithium-mips.h Fri Nov 8 14:16:34
2013 UTC
@@ -91,6 +91,7 @@
V(DoubleToI) \
V(DoubleToSmi) \
V(Drop) \
+ V(Dummy) \
V(DummyUse) \
V(ElementsKind) \
V(ForInCacheArray) \
@@ -421,6 +422,13 @@
};
+class LDummy V8_FINAL : public LTemplateInstruction<1, 0, 0> {
+ public:
+ explicit LDummy() { }
+ DECLARE_CONCRETE_INSTRUCTION(Dummy, "dummy")
+};
+
+
class LDummyUse V8_FINAL : public LTemplateInstruction<1, 1, 0> {
public:
explicit LDummyUse(LOperand* value) {
=======================================
--- /branches/bleeding_edge/src/x64/lithium-codegen-x64.cc Fri Nov 8
10:58:51 2013 UTC
+++ /branches/bleeding_edge/src/x64/lithium-codegen-x64.cc Fri Nov 8
14:16:34 2013 UTC
@@ -5456,6 +5456,11 @@
Comment(";;; deoptimize: %s", instr->hydrogen()->reason());
DeoptimizeIf(no_condition, instr->environment(), type);
}
+
+
+void LCodeGen::DoDummy(LDummy* instr) {
+ // Nothing to see here, move on!
+}
void LCodeGen::DoDummyUse(LDummyUse* instr) {
=======================================
--- /branches/bleeding_edge/src/x64/lithium-x64.cc Fri Nov 8 10:58:51 2013
UTC
+++ /branches/bleeding_edge/src/x64/lithium-x64.cc Fri Nov 8 14:16:34 2013
UTC
@@ -863,10 +863,12 @@
LInstruction* instr = NULL;
if (current->CanReplaceWithDummyUses()) {
- HValue* first_operand = current->OperandCount() == 0
- ? graph()->GetConstant1()
- : current->OperandAt(0);
- instr = DefineAsRegister(new(zone()) LDummyUse(UseAny(first_operand)));
+ if (current->OperandCount() == 0) {
+ instr = DefineAsRegister(new(zone()) LDummy());
+ } else {
+ instr = DefineAsRegister(new(zone())
+ LDummyUse(UseAny(current->OperandAt(0))));
+ }
for (int i = 1; i < current->OperandCount(); ++i) {
LInstruction* dummy =
new(zone()) LDummyUse(UseAny(current->OperandAt(i)));
=======================================
--- /branches/bleeding_edge/src/x64/lithium-x64.h Fri Nov 8 10:58:51 2013
UTC
+++ /branches/bleeding_edge/src/x64/lithium-x64.h Fri Nov 8 14:16:34 2013
UTC
@@ -92,6 +92,7 @@
V(DoubleToSmi) \
V(Drop) \
V(DummyUse) \
+ V(Dummy) \
V(ElementsKind) \
V(ForInCacheArray) \
V(ForInPrepareMap) \
@@ -423,6 +424,13 @@
};
+class LDummy V8_FINAL : public LTemplateInstruction<1, 0, 0> {
+ public:
+ explicit LDummy() { }
+ DECLARE_CONCRETE_INSTRUCTION(Dummy, "dummy")
+};
+
+
class LDummyUse V8_FINAL : public LTemplateInstruction<1, 1, 0> {
public:
explicit LDummyUse(LOperand* value) {
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
