Google Git
Sign in
webkit / WebKit / 1337b9e575f290be88863e215f5dff8982d7ea1a^! / . / Source / JavaScriptCore / dfg / DFGStrengthReductionPhase.cpp
commit1337b9e575f290be88863e215f5dff8982d7ea1a[log] [tgz]
authorfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Mon Feb 02 18:15:44 2015 +0000
committerfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Mon Feb 02 18:15:44 2015 +0000
tree36cd493ea6d4c918df8afcb336eaff66342d09a0
parent0d527915acb99c07c8e3ba089cd6e3ce2cea5600 [diff] [blame]
Converting Flushes and PhantomLocals to Phantoms requires an OSR availability analysis rather than just using the SetLocal's child
https://bugs.webkit.org/show_bug.cgi?id=141107

Reviewed by Michael Saboff.
        
See the bugzilla for a discussion of the problem. This addresses the problem by ensuring
that Flushes are always strength-reduced to PhantomLocals, and CPS rethreading does a mini
OSR availability analysis to determine the right MovHint value to use for the Phantom.

* dfg/DFGCPSRethreadingPhase.cpp:
(JSC::DFG::CPSRethreadingPhase::CPSRethreadingPhase):
(JSC::DFG::CPSRethreadingPhase::freeUnnecessaryNodes):
(JSC::DFG::CPSRethreadingPhase::clearVariables):
(JSC::DFG::CPSRethreadingPhase::canonicalizeFlushOrPhantomLocalFor):
(JSC::DFG::CPSRethreadingPhase::canonicalizeLocalsInBlock):
(JSC::DFG::CPSRethreadingPhase::clearVariablesAtHeadAndTail): Deleted.
* dfg/DFGNode.h:
(JSC::DFG::Node::convertPhantomToPhantomLocal):
(JSC::DFG::Node::convertFlushToPhantomLocal):
(JSC::DFG::Node::convertToPhantomLocal): Deleted.
* dfg/DFGStrengthReductionPhase.cpp:
(JSC::DFG::StrengthReductionPhase::handleNode):
* tests/stress/inline-call-that-doesnt-use-all-args.js: Added.
(foo):
(bar):
(baz):



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@179477 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/Source/JavaScriptCore/dfg/DFGStrengthReductionPhase.cpp b/Source/JavaScriptCore/dfg/DFGStrengthReductionPhase.cpp
index 17564e1..0650b8f 100644
--- a/Source/JavaScriptCore/dfg/DFGStrengthReductionPhase.cpp
+++ b/Source/JavaScriptCore/dfg/DFGStrengthReductionPhase.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2013, 2014 Apple Inc. All rights reserved.
+ * Copyright (C) 2013-2015 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -280,10 +280,10 @@
             if (!setLocal)
                 break;
             
-            m_node->convertToPhantom();
-            Node* dataNode = setLocal->child1().node();
-            DFG_ASSERT(m_graph, m_node, dataNode->hasResult());
-            m_node->child1() = dataNode->defaultEdge();
+            // The Flush should become a PhantomLocal at this point. This means that we want the
+            // local's value during OSR, but we don't care if the value is stored to the stack. CPS
+            // rethreading can canonicalize PhantomLocals for us.
+            m_node->convertFlushToPhantomLocal();
             m_graph.dethread();
             m_changed = true;
             break;