Tarantool development patches archive
 help / color / mirror / Atom feed
From: Igor Munkin via Tarantool-patches <tarantool-patches@dev.tarantool.org>
To: Sergey Kaplun <skaplun@tarantool.org>
Cc: tarantool-patches@dev.tarantool.org
Subject: Re: [Tarantool-patches] [PATCH luajit] Fix bytecode register allocation for comparisons.
Date: Mon, 16 Aug 2021 10:20:07 +0300	[thread overview]
Message-ID: <20210816072007.GR27855@tarantool.org> (raw)
In-Reply-To: <YQbVgqzEW4mAFZF3@root>

Sergey,

Thanks for the explanation! Please consider the new comments below.

On 01.08.21, Sergey Kaplun wrote:
> Hi, Igor!
> 
> Thanks for the review!
> 
> On 01.08.21, Igor Munkin wrote:
> > Sergey,
> > 
> > Thanks for the patch! Please consider the comments below. I didn't check
> > the test yet, since I don't get the JIT peculiarities from your commit
> > message and comments. Please provide a clearer description and I'll
> > proceed with the review of the test case then.
> > 
> > On 19.07.21, Sergey Kaplun wrote:
> > > From: Mike Pall <mike>
> > > 
> > > (cherry picked from commit 2f3f07882fb4ad9c64967d7088461b1ca0a25d3a)
> > > 
> > > When LuaJIT is build with LJ_FR2 (GC64), information about frame takes
> > > two slots -- the first takes the TValue with the function to call, the
> > > second takes the additional frame information. The recording JIT
> > 
> > Minor: The second slot is the framelink in LuaJIT terms.
> 
> Yes, because it takes the additional frame information. How do you want
> to modify this line?

Just say that the second slot takes the framelink: this is lapidary.

> 
> > 
> > > machinery works pretty the same -- the function IR_KGC is loaded in the
> > > first slot, and the second is set to TREF_FRAME value. This value
> > > should be rewritten after return from a callee. It is done either by the
> > > return values either this slot is cleared (set to zero) manually with
> > > the next bytecode with RA dst mode with the assumption, that the dst RA
> > > takes the next slot after TREF_FRAME, i.e. an earlier instruction uses
> > > the smallest possible destination register (see `lj_record_ins()` for
> > > the details).
> > 
> > The main point lies in the monstrous 5-line sentence. I've read several
> > times, but still don't get it. Could you please reword it in a not such
> > complex sentence?
> 
> The first option is rewrite this slot by return values from the
> function.

And this is not the case, right? I mean, this approach works fine even
without the patch, doesn't it?

> 
> The second option is clearing slot (i.e. set to zero) manually, when
> there is no values to return. It is done by the next bytecode having RA
> dst mode. This obliges that the destination of RA takes the next slot
> after TREF_FRAME. For this an earlier instruction must use the smallest
> possible destination register (see `lj_record_ins()` for the details).

Here is the case, got it, thanks! So, I guess it's enough to adjust the
commit message to be similar to the section above.

> 
> > 
> > > 
> > > Bytecode allocator swaps operands for ISGT and ISGE comparisons.

I believe this should be called "bytecode emitter" or just "frontend".

> > > When it happens, the aforementioned rule for registers allocations
> > > may be violated. When it happens, and this chunk is recording, the slot
> > > with TREF_FRAME is not rewritten (but the next empty slot after
> > > TREF_FRAME is) during bytecode recording. This leads to JIT slots
> > > inconsistency and assertion failure in `rec_check_slots()` during
> > > recording the next bytecode instruction.
> > > 
> > > This patch fixes bytecode register allocation by changing the register
> > > allocation order in case of ISGT and ISGE bytecodes.
> > 
> > It's better to use "virtual register" or even "VM register" to avoid
> > ambiguous plain "register" usage.
> 
> Changed to VM register.
> 
> > 
> > > 
> > > Sergey Kaplun:
> > > * added the description and the test for the problem
> > > 
> > > Resolves tarantool/tarantool#6227
> > 
> > Minor: Why #5629 is not mentioned?
> 
> Added.
> Branch is updated and force-pushed.
> 
> > 
> > > ---
> > > 
> > > Branch: https://github.com/tarantool/luajit/tree/skaplun/gh-6227-fix-bytecode-allocator-for-comp
> > > Tarantool branch: https://github.com/tarantool/tarantool/tree/skaplun/gh-6227-fix-bytecode-allocator-for-comp
> > > Issue: https://github.com/tarantool/tarantool/issues/6227
> > > 
> > >  src/lj_parse.c                                |  7 +++-
> > >  ...ytecode-allocator-for-comparisons.test.lua | 41 +++++++++++++++++++
> > >  2 files changed, 46 insertions(+), 2 deletions(-)
> > >  create mode 100644 test/tarantool-tests/gh-6227-bytecode-allocator-for-comparisons.test.lua
> > > 

<snipped>

> > > diff --git a/test/tarantool-tests/gh-6227-bytecode-allocator-for-comparisons.test.lua b/test/tarantool-tests/gh-6227-bytecode-allocator-for-comparisons.test.lua
> > > new file mode 100644
> > > index 00000000..66f6885e
> > > --- /dev/null
> > > +++ b/test/tarantool-tests/gh-6227-bytecode-allocator-for-comparisons.test.lua
> > > @@ -0,0 +1,41 @@
> > > +local tap = require('tap')
> > > +local test = tap.test('gh-6227-bytecode-allocator-for-comparisons')
> > > +test:plan(1)
> > > +
> > > +-- Test file to demonstrate assertion failure during recording
> > > +-- wrong allocated bytecode for comparisons.
> > > +-- See also https://github.com/tarantool/tarantool/issues/6227.
> > > +
> > > +-- Need function with RET0 bytecode to avoid reset of
> > > +-- the first JIT slot with frame info. Also need no assignments
> > > +-- by the caller.
> > > +local function empty() end
> > > +
> > > +local uv = 0
> > > +
> > > +-- This function needs to reset register enumerating.
> > > +-- Also set `J->maxslot` to zero.

Please add the reason, why J->maxslot is zero (it is initialized with
nargs in <rec_call_setup>).

> > > +-- The upvalue function to call is loaded to 0 slot.
> > > +local function bump_frame()
> > > +  -- First call function with RET0 to set TREF_FRAME in the
> > > +  -- last slot.
> > > +  empty()
> > > +  -- Test ISGE or ISGT bytecode. These bytecodes swap their
> > > +  -- operands. Also, a constant is always loaded into the slot
> > > +  -- smaller than upvalue. So, if upvalue loads before KSHORT,
> > > +  -- then the difference between registers is more than 2 (2 is
> > > +  -- needed for LJ_FR2) and TREF_FRAME slot is not rewriting by
> > > +  -- the bytecode after call and return as expected. That leads

If the constant is loaded into a slot prior to the one with an upvalue,
then how upvalue can be loaded *before* KSHORT? How the difference
becomes more than 2? I don't get this math.

Furthermore, what does stop you from using local variables?

> > > +  -- to recording slots inconsistency and assertion failure at
> > > +  -- `rec_check_slots()`.
> > > +  empty(1>uv)
> > > +end
> > > +
> > > +jit.opt.start('hotloop=1')

It's worth to mention, that such JIT engine tuning allows to compile
<empty> function at first, and only later compile the loop below. As a
result <empty> function is not inlined into the loop body, so the fix
can be checked.

> > > +
> > > +for _ = 1,3 do

Minor: Space is missing after the comma.

> > > +  bump_frame()
> > > +end
> > > +
> > > +test:ok(true)
> > > +os.exit(test:check() and 0 or 1)
> > > -- 
> > > 2.31.0
> > > 
> > 
> > -- 
> > Best regards,
> > IM
> 
> -- 
> Best regards,
> Sergey Kaplun

-- 
Best regards,
IM

  reply	other threads:[~2021-08-16  7:43 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-07-19  7:36 Sergey Kaplun via Tarantool-patches
2021-08-01 10:43 ` Igor Munkin via Tarantool-patches
2021-08-01 17:10   ` Sergey Kaplun via Tarantool-patches
2021-08-16  7:20     ` Igor Munkin via Tarantool-patches [this message]
2021-08-16 16:40       ` Sergey Kaplun via Tarantool-patches
2021-08-16 16:27         ` Igor Munkin via Tarantool-patches
2021-08-17  7:36           ` Vitaliia Ioffe via Tarantool-patches
2021-08-10 17:03 ` Sergey Ostanevich via Tarantool-patches
2021-08-16 16:44   ` Sergey Kaplun via Tarantool-patches
2021-08-17  9:24 ` Igor Munkin via Tarantool-patches

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210816072007.GR27855@tarantool.org \
    --to=tarantool-patches@dev.tarantool.org \
    --cc=imun@tarantool.org \
    --cc=skaplun@tarantool.org \
    --subject='Re: [Tarantool-patches] [PATCH luajit] Fix bytecode register allocation for comparisons.' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox