[crankshaft] Only exclude explicit 'arguments' (and 'this') from liveness analysis.

[crankshaft] Only exclude explicit 'arguments' (and 'this') from liveness analysis.

Currently, we do not emit EnvironmentMarkers if the hydrogen value
in the environment is arguments object. As the hydrogen value can change
for local variables, we emit only some environment markers. That can
cause environment liveness analysis to mark part of live range as live
and part as dead. The zapping phase then only inserts zaps in
live->dead transitions, potentially zapping a live value.

With this CL, we only emit EnvironmentMarkers for 'this' and
'arguments' local variables, disregarding the hydrogen value.

BUG=chromium:612146
LOG=n

Committed: https://crrev.com/1428fbe224dc2df0cb6f59e4959430f7aa614064
Cr-Commit-Position: refs/heads/master@{#36641}

[Jarin, 2016-06-01 08:13:24]

Description was changed from

==========
[crankshaft] Only exclude explicit 'arguments' (and 'this') from liveness
analysis.

Currently, we do not emit EnvironmentMarkers if the hydrogen value
in the environment is arguments objects. As the hydrogen value can change
for local variables, we emit only some environment markers. That can
cause environment liveness analysis to mark part of live range as live
and part as dead. The zapping phase then only inserts zaps in
live->dead transitions, potentially zapping a live value.

With this CL, we only emit EnvironmentMarkers for 'this' and
'arguments' local variables, disregarding the hydrogen value.

BUG=chromium:612146
LOG=n
==========

to

==========
[crankshaft] Only exclude explicit 'arguments' (and 'this') from liveness
analysis.

Currently, we do not emit EnvironmentMarkers if the hydrogen value
in the environment is arguments object. As the hydrogen value can change
for local variables, we emit only some environment markers. That can
cause environment liveness analysis to mark part of live range as live
and part as dead. The zapping phase then only inserts zaps in
live->dead transitions, potentially zapping a live value.

With this CL, we only emit EnvironmentMarkers for 'this' and
'arguments' local variables, disregarding the hydrogen value.

BUG=chromium:612146
LOG=n
==========

[Jarin, 2016-06-01 08:13:55]

jarin@chromium.org changed reviewers:
+ jkummerow@chromium.org

[Jarin, 2016-06-01 08:14:16]

Could you take a look, please?

[Jakob Kummerow, 2016-06-01 11:06:48]

lgtm

[Jarin, 2016-06-01 12:01:20]

The CQ bit was checked by jarin@chromium.org

[commit-bot: I haz the power, 2016-06-01 12:01:31]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/2026173003/20001
View timeline at
 https://chromium-cq-status.appspot.com/patch-timeline/2026173003/20001

[commit-bot: I haz the power, 2016-06-01 12:03:33]

Description was changed from

==========
[crankshaft] Only exclude explicit 'arguments' (and 'this') from liveness
analysis.

Currently, we do not emit EnvironmentMarkers if the hydrogen value
in the environment is arguments object. As the hydrogen value can change
for local variables, we emit only some environment markers. That can
cause environment liveness analysis to mark part of live range as live
and part as dead. The zapping phase then only inserts zaps in
live->dead transitions, potentially zapping a live value.

With this CL, we only emit EnvironmentMarkers for 'this' and
'arguments' local variables, disregarding the hydrogen value.

BUG=chromium:612146
LOG=n
==========

to

==========
[crankshaft] Only exclude explicit 'arguments' (and 'this') from liveness
analysis.

Currently, we do not emit EnvironmentMarkers if the hydrogen value
in the environment is arguments object. As the hydrogen value can change
for local variables, we emit only some environment markers. That can
cause environment liveness analysis to mark part of live range as live
and part as dead. The zapping phase then only inserts zaps in
live->dead transitions, potentially zapping a live value.

With this CL, we only emit EnvironmentMarkers for 'this' and
'arguments' local variables, disregarding the hydrogen value.

BUG=chromium:612146
LOG=n
==========

[commit-bot: I haz the power, 2016-06-01 12:03:33]

Committed patchset #2 (id:20001)

[commit-bot: I haz the power, 2016-06-01 12:04:46]

Description was changed from

==========
[crankshaft] Only exclude explicit 'arguments' (and 'this') from liveness
analysis.

Currently, we do not emit EnvironmentMarkers if the hydrogen value
in the environment is arguments object. As the hydrogen value can change
for local variables, we emit only some environment markers. That can
cause environment liveness analysis to mark part of live range as live
and part as dead. The zapping phase then only inserts zaps in
live->dead transitions, potentially zapping a live value.

With this CL, we only emit EnvironmentMarkers for 'this' and
'arguments' local variables, disregarding the hydrogen value.

BUG=chromium:612146
LOG=n
==========

to

==========
[crankshaft] Only exclude explicit 'arguments' (and 'this') from liveness
analysis.

Currently, we do not emit EnvironmentMarkers if the hydrogen value
in the environment is arguments object. As the hydrogen value can change
for local variables, we emit only some environment markers. That can
cause environment liveness analysis to mark part of live range as live
and part as dead. The zapping phase then only inserts zaps in
live->dead transitions, potentially zapping a live value.

With this CL, we only emit EnvironmentMarkers for 'this' and
'arguments' local variables, disregarding the hydrogen value.

BUG=chromium:612146
LOG=n

Committed: https://crrev.com/1428fbe224dc2df0cb6f59e4959430f7aa614064
Cr-Commit-Position: refs/heads/master@{#36641}
==========

[commit-bot: I haz the power, 2016-06-01 12:04:47]

Patchset 2 (id:??) landed as
https://crrev.com/1428fbe224dc2df0cb6f59e4959430f7aa614064
Cr-Commit-Position: refs/heads/master@{#36641}

[Michael Achenbach, 2016-06-01 12:44:22]

A revert of this CL (patchset #2 id:20001) has been created in
https://codereview.chromium.org/2029563002/ by machenbach@chromium.org.

The reason for reverting is: Triggers crashes on the deopt fuzzer:
https://build.chromium.org/p/client.v8/builders/V8%20Deopt%20Fuzzer/builds/10608

Repro:
out/Release/d8 --test --random-seed=849179141 --deopt-every-n-times 149
--nohard-abort --nodead-code-elimination --nofold-constants
--noconcurrent-recompilation test/webkit/resources/standalone-pre.js
test/webkit/dfg-arguments-mixed-alias.js
test/webkit/resources/standalone-post.js.