[Tarantool-patches] [PATCH luajit 1/3] MIPS: Fix "bad FP FLOAD" assertion.

Sergey Kaplun skaplun at tarantool.org
Mon Sep 4 18:50:24 MSK 2023 

From: Mike Pall <mike>

Reported by Sergey Kaplun.

(cherry-picked from commit 72efc42ef2258086a9cb797c676e2916b0a9e7e1)

This patch is the follow-up for the commit
786dbb2ebdde16eadd7464cd5cbeb5d95a5e46f0 ("Add IR_FLOAD with REF_NIL for
field loads from GG_State."). This commit allows `FLOAD` to be used for
fields loading from `GG_State`. Nevertheless, the aforementioned
assertion hasn't been moved to the `else` branch related to the default
use case. This leads to assertion failure in the case when `FLOAD` is
used for loading some field and has the `num` type.

This patch moves the assertion to the right place.

Sergey Kaplun:
* added the description and the test for the problem

Part of tarantool/tarantool#8825
---
 src/lj_asm_mips.h                             |  2 +-
 .../lj-1043-asm-fload.test.lua                | 24 +++++++++++++++++++
 2 files changed, 25 insertions(+), 1 deletion(-)
 create mode 100644 test/tarantool-tests/lj-1043-asm-fload.test.lua

diff --git a/src/lj_asm_mips.h b/src/lj_asm_mips.h
index ea108aab..ac9090f2 100644
--- a/src/lj_asm_mips.h
+++ b/src/lj_asm_mips.h
@@ -1285,8 +1285,8 @@ static void asm_fload(ASMState *as, IRIns *ir)
       }
     }
     ofs = field_ofs[ir->op2];
+    lj_assertA(!irt_isfp(ir->t), "bad FP FLOAD");
   }
-  lj_assertA(!irt_isfp(ir->t), "bad FP FLOAD");
   emit_tsi(as, mi, dest, idx, ofs);
 }
 
diff --git a/test/tarantool-tests/lj-1043-asm-fload.test.lua b/test/tarantool-tests/lj-1043-asm-fload.test.lua
new file mode 100644
index 00000000..2f381560
--- /dev/null
+++ b/test/tarantool-tests/lj-1043-asm-fload.test.lua
@@ -0,0 +1,24 @@
+local tap = require('tap')
+
+-- Test file to demonstrate LuaJIT's misbehaviour during the
+-- assembling of the `FLOAD` on MIPS.
+-- See also: https://github.com/LuaJIT/LuaJIT/issues/1043.
+local test = tap.test('lj-1043-asm-fload'):skipcond({
+  ['Test requires JIT enabled'] = not jit.status(),
+})
+
+test:plan(1)
+
+local math_abs = math.abs
+
+local results = {nil, nil, nil, nil}
+
+-- Disable optimizations to be sure that we assemble `FLOAD`.
+jit.opt.start(0, 'hotloop=1')
+for i = 1, 4 do
+  results[i] = math_abs(i - 10)
+end
+
+test:is_deeply(results, {9, 8, 7, 6}, 'correct assembling of the FLOAD')
+
+test:done(true)
-- 
2.42.0

More information about the Tarantool-patches mailing list