Generators violate bytecode liveness validation
authorfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 30 Jun 2016 18:13:26 +0000 (18:13 +0000)
committerfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 30 Jun 2016 18:13:26 +0000 (18:13 +0000)
commit0d6aca2e7d56b0fa132a09a1945e094212b92305
tree940757e9c3037bf66fb0cc266cb769198acbaa1c
parent8171ae3acb97e6d688926596af99ababaa878777
Generators violate bytecode liveness validation
https://bugs.webkit.org/show_bug.cgi?id=159279

Reviewed by Yusuke Suzuki.
PerformanceTests:

Add Basic to our test harness.

Also made some cosmetic changes to the benchmark harness.

* ES6SampleBench/Basic/basic-tests.yaml: Added.
* ES6SampleBench/Basic/stress-test.js: Added.
(preciseTime):
* ES6SampleBench/driver.js:
(Driver):
(Driver.prototype.start):
(Driver.prototype.reportError):
* ES6SampleBench/glue.js:
* ES6SampleBench/index.html:

Source/JavaScriptCore:

Fix a liveness bug found by Basic. The problem is that resume's intended liveness rule is:
"live-in is just the token argument", but the liveness analysis thought that the rule was
"live-in is live-out minus defs plus live-at-catch". Clearly these two rules are quite
different. The way this sort of worked before is that we would define the defs of resume
as being equal to our prediction of what the live-outs would be. We did this in the hope
that we would subtract all live-outs. But, this misses the live-at-catch part. So, this
change adds another hack to neutralize live-at-catch.

This would make a lot more sense if we wrote a new liveness analysis that was just for
generator conversion. It could reuse BytecodeUseDef but otherwise it would be a new thing.
It would be easy to write crazy rules for save/resume in such an analysis, especially if
that analysis rewrote the bytecode. We could then just have an op_yield that is a no-op.
We would just record the live-outs of op_yield and use that for rewriting the code in terms
of a switch statement.

* bytecode/BytecodeLivenessAnalysis.cpp:
(JSC::stepOverInstruction):
(JSC::BytecodeLivenessAnalysis::dumpResults):
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpBytecode):

Tools:

Add Basic to our test harness.

* Scripts/run-javascriptcore-tests:
(runJSCStressTests):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@202689 268f45cc-cd09-0410-ab3c-d52691b4dbfc
12 files changed:
PerformanceTests/ChangeLog
PerformanceTests/ES6SampleBench/Basic/basic-tests.yaml [new file with mode: 0644]
PerformanceTests/ES6SampleBench/Basic/stress-test.js [new file with mode: 0644]
PerformanceTests/ES6SampleBench/driver.js
PerformanceTests/ES6SampleBench/glue.js
PerformanceTests/ES6SampleBench/index.html
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/bytecode/BytecodeLivenessAnalysis.cpp
Source/JavaScriptCore/bytecode/BytecodeUseDef.h
Source/JavaScriptCore/bytecode/CodeBlock.cpp
Tools/ChangeLog
Tools/Scripts/run-javascriptcore-tests