DFG's flushForTerminal() needs to add PhantomLocals for bytecode live locals.
authormark.lam@apple.com <mark.lam@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 10 Aug 2016 23:19:49 +0000 (23:19 +0000)
committermark.lam@apple.com <mark.lam@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 10 Aug 2016 23:19:49 +0000 (23:19 +0000)
commitcb030bbc451a1412f135747b7c21a670d6d6bfee
tree6a713a56e0907442e29dc95f3cbd66d45e6fd5b9
parent735c29a52fccfc323dcbf9c42f5599b28ebe7f63
DFG's flushForTerminal() needs to add PhantomLocals for bytecode live locals.
https://bugs.webkit.org/show_bug.cgi?id=160755
<rdar://problem/27488507>

Reviewed by Filip Pizlo.

JSTests:

* stress/need-bytecode-liveness-for-unreachable-blocks-at-dfg-time.js: Added.

Source/JavaScriptCore:

If the DFG sees that an inlined function will result in an OSR exit every time,
it will treat all downstream blocks as dead.  However, it still needs to keep
locals that are alive in the bytecode alive for the compiled function so that
those locals are properly written to the stack by the OSR exit ramp.

The existing code neglected to do this.  This patch remedies this issue.

* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::flushDirect):
(JSC::DFG::ByteCodeParser::addFlushOrPhantomLocal):
(JSC::DFG::ByteCodeParser::phantomLocalDirect):
(JSC::DFG::ByteCodeParser::flushForTerminal):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@204360 268f45cc-cd09-0410-ab3c-d52691b4dbfc
JSTests/ChangeLog
JSTests/stress/need-bytecode-liveness-for-unreachable-blocks-at-dfg-time.js [new file with mode: 0644]
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp