From: Sergey Ostanevich via Tarantool-patches <tarantool-patches@dev.tarantool.org> To: Sergey Kaplun <skaplun@tarantool.org> Cc: tarantool-patches@dev.tarantool.org Subject: Re: [Tarantool-patches] [PATCH luajit] Fix bytecode register allocation for comparisons. Date: Tue, 10 Aug 2021 20:03:30 +0300 [thread overview] Message-ID: <0950C847-EF9A-4C62-920D-1F04AA7137CC@tarantool.org> (raw) In-Reply-To: <20210719073632.12008-1-skaplun@tarantool.org> Hi! Thanks for the patch! Just minor grammar, LGTM. Sergos > On 19 Jul 2021, at 10:36, Sergey Kaplun <skaplun@tarantool.org> wrote: > > From: Mike Pall <mike> > > (cherry picked from commit 2f3f07882fb4ad9c64967d7088461b1ca0a25d3a) > > When LuaJIT is build with LJ_FR2 (GC64), information about frame takes built (v3 in passive voice) [skipped, new version] > The first option is rewrite this slot by return values from the to > function. > > The second option is clearing slot (i.e. set to zero) manually, when to clear the > there is no values to return. It is done by the next bytecode having RA > dst mode. This obliges that the destination of RA takes the next slot > after TREF_FRAME. For this an earlier instruction must use the smallest > possible destination register (see `lj_record_ins()` for the details). > > Bytecode allocator swaps operands for ISGT and ISGE comparisons. can swap (since it is followed by ‘When’) > When it happens, the aforementioned rule for registers allocations allocation > may be violated. When it happens, and this chunk is recording, the slot > with TREF_FRAME is not rewritten (but the next empty slot after > TREF_FRAME is) during bytecode recording. This leads to JIT slots > inconsistency and assertion failure in `rec_check_slots()` during > recording the next bytecode instruction. of > > This patch fixes bytecode register allocation by changing the register > allocation order in case of ISGT and ISGE bytecodes. > > Sergey Kaplun: > * added the description and the test for the problem > > Resolves tarantool/tarantool#6227 > --- > > Branch: https://github.com/tarantool/luajit/tree/skaplun/gh-6227-fix-bytecode-allocator-for-comp > Tarantool branch: https://github.com/tarantool/tarantool/tree/skaplun/gh-6227-fix-bytecode-allocator-for-comp > Issue: https://github.com/tarantool/tarantool/issues/6227 > > src/lj_parse.c | 7 +++- > ...ytecode-allocator-for-comparisons.test.lua | 41 +++++++++++++++++++ > 2 files changed, 46 insertions(+), 2 deletions(-) > create mode 100644 test/tarantool-tests/gh-6227-bytecode-allocator-for-comparisons.test.lua > > diff --git a/src/lj_parse.c b/src/lj_parse.c > index 08f7cfa6..a6325a76 100644 > --- a/src/lj_parse.c > +++ b/src/lj_parse.c > @@ -853,9 +853,12 @@ static void bcemit_comp(FuncState *fs, BinOpr opr, ExpDesc *e1, ExpDesc *e2) > e1 = e2; e2 = eret; /* Swap operands. */ > op = ((op-BC_ISLT)^3)+BC_ISLT; > expr_toval(fs, e1); > + ra = expr_toanyreg(fs, e1); > + rd = expr_toanyreg(fs, e2); > + } else { > + rd = expr_toanyreg(fs, e2); > + ra = expr_toanyreg(fs, e1); > } > - rd = expr_toanyreg(fs, e2); > - ra = expr_toanyreg(fs, e1); > ins = BCINS_AD(op, ra, rd); > } > /* Using expr_free might cause asserts if the order is wrong. */ > diff --git a/test/tarantool-tests/gh-6227-bytecode-allocator-for-comparisons.test.lua b/test/tarantool-tests/gh-6227-bytecode-allocator-for-comparisons.test.lua > new file mode 100644 > index 00000000..66f6885e > --- /dev/null > +++ b/test/tarantool-tests/gh-6227-bytecode-allocator-for-comparisons.test.lua > @@ -0,0 +1,41 @@ > +local tap = require('tap') > +local test = tap.test('gh-6227-bytecode-allocator-for-comparisons') > +test:plan(1) > + > +-- Test file to demonstrate assertion failure during recording > +-- wrong allocated bytecode for comparisons. > +-- See also https://github.com/tarantool/tarantool/issues/6227. > + > +-- Need function with RET0 bytecode to avoid reset of > +-- the first JIT slot with frame info. Also need no assignments > +-- by the caller. > +local function empty() end > + > +local uv = 0 > + > +-- This function needs to reset register enumerating. > +-- Also set `J->maxslot` to zero. > +-- The upvalue function to call is loaded to 0 slot. > +local function bump_frame() > + -- First call function with RET0 to set TREF_FRAME in the > + -- last slot. > + empty() > + -- Test ISGE or ISGT bytecode. These bytecodes swap their > + -- operands. Also, a constant is always loaded into the slot > + -- smaller than upvalue. So, if upvalue loads before KSHORT, > + -- then the difference between registers is more than 2 (2 is > + -- needed for LJ_FR2) and TREF_FRAME slot is not rewriting by > + -- the bytecode after call and return as expected. That leads > + -- to recording slots inconsistency and assertion failure at > + -- `rec_check_slots()`. > + empty(1>uv) > +end > + > +jit.opt.start('hotloop=1') > + > +for _ = 1,3 do > + bump_frame() > +end > + > +test:ok(true) > +os.exit(test:check() and 0 or 1) > -- > 2.31.0 >
next prev parent reply other threads:[~2021-08-10 17:03 UTC|newest] Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-07-19 7:36 Sergey Kaplun via Tarantool-patches 2021-08-01 10:43 ` Igor Munkin via Tarantool-patches 2021-08-01 17:10 ` Sergey Kaplun via Tarantool-patches 2021-08-16 7:20 ` Igor Munkin via Tarantool-patches 2021-08-16 16:40 ` Sergey Kaplun via Tarantool-patches 2021-08-16 16:27 ` Igor Munkin via Tarantool-patches 2021-08-17 7:36 ` Vitaliia Ioffe via Tarantool-patches 2021-08-10 17:03 ` Sergey Ostanevich via Tarantool-patches [this message] 2021-08-16 16:44 ` Sergey Kaplun via Tarantool-patches 2021-08-17 9:24 ` Igor Munkin via Tarantool-patches
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=0950C847-EF9A-4C62-920D-1F04AA7137CC@tarantool.org \ --to=tarantool-patches@dev.tarantool.org \ --cc=sergos@tarantool.org \ --cc=skaplun@tarantool.org \ --subject='Re: [Tarantool-patches] [PATCH luajit] Fix bytecode register allocation for comparisons.' \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox