On 3/16/23 19:57, LIU Zhiwei wrote:
Hi Richard,
When I read the tcg code, I find a corner case which may be a bug in
liveness_pass_1.
I see all TEMP_TBs or global temps are set to TS_DEAD | TS_MEM when enter liveness_pass_1.
Think about the sequence.
1)Write_global_temp_0 // 0->TS_DEAD, but not recorded in arg_life
Here TS_MEM->TS_DEAD, so *is* recorded in arg_life.
2)INDEX_op_qemu_st //trigger an exception here.
Here TCG_OPF_SIDE_EFFECTS is set, so call la_global_sync, so 0->TS_MEM.
3)Ref_global_temp_0 // TS_DEAD->0
4)Write_global_temp_0 // TS_DEAD | TS_MEM -> TS_DEAD
As 1) will not write to memory, its register will be reused by the 3). I think it may miss
a write to global_temp_0 when enter an exception.
Was there a specific test case that you find is miscompiled?
r~
