Signed loads should not zero-def their destination. #26593
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
justinmichaud
added
the
JavaScriptCore
|
EWS run on current version of this PR (hash f74efe4) |
justinmichaud
added
the
safe-merge-queue
|
Failed api-wpe checks. Please resolve failures and re-apply Rejecting #26593 from merge queue. |
webkit-ews-buildbot
added
merging-blocked
|
Safe-Merge-Queue: Build #16324. |
|
The |
MenloDorian
added
unsafe-merge-queue
https://bugs.webkit.org/show_bug.cgi?id=271866 rdar://122959696 Reviewed by Yusuke Suzuki. This fixes a hang in Google Meet when applying the Black Noir filter. Suppose we have: ``` @A = Load8SignedExtendTo32(@x) @b = Trunc(ZExt32(@A)) ``` B3 reduceStrength will convert @b to @A. The Air register allocator will see that we ZDef 64 bits in @A, but on ARM64, we actually sign-extend them. This was caught by changing reduceStrength: ``` case Trunc: // Turn this: Trunc(SExt32(value)) or Trunc(ZExt32(value)) // Into this: value if (m_value->child(0)->opcode() == SExt32 || m_value->child(0)->opcode() == ZExt32) { auto* value = m_value->child(0)->child(0); auto* patchpoint = m_insertionSet.insert<PatchpointValue>( m_index, m_value->type(), m_value->origin()); patchpoint->effects = Effects(); patchpoint->effects.reads = HeapRange::top(); patchpoint->effects.exitsSideways = true; patchpoint->append(value); patchpoint->setGenerator([&] (CCallHelpers& jit, const StackmapGenerationParams& params) { RELEASE_ASSERT(params.size() == 2); RELEASE_ASSERT(params[0].isGPR()); RELEASE_ASSERT(params[1].isGPR()); auto dst = params[0].gpr(); auto a = params[1].gpr(); auto branch = jit.branchTest64(CCallHelpers::Zero, a, MacroAssembler::TrustedImm64(0xFFFFFFFF00000000)); jit.breakpoint(); jit.breakpoint(0); jit.breakpoint(1); jit.breakpoint(2); branch.link(&jit); jit.move(a, dst); }); replaceWithNew<Value>(Identity, m_value->origin(), patchpoint); ``` * Source/JavaScriptCore/b3/air/AirOpcode.opcodes: Canonical link: https://commits.webkit.org/276829@main
webkit-commit-queue
force-pushed
the
eng/Signed-loads-should-not-zero-def-their-destination-
branch
from
f74efe4
to
5838997
Compare
|
Committed 276829@main (5838997): https://commits.webkit.org/276829@main Reviewed commits have been landed. Closing PR #26593 and removing active labels. |
webkit-commit-queue
removed
the
unsafe-merge-queue
justinmichaud
deleted the
eng/Signed-loads-should-not-zero-def-their-destination-
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
5838997
f74efe4