From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from [87.239.111.99] (localhost [127.0.0.1]) by dev.tarantool.org (Postfix) with ESMTP id BB6EA26D890; Wed, 18 Jan 2023 23:21:54 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org BB6EA26D890 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tarantool.org; s=dev; t=1674073314; bh=a6UwgxGXyCVOrGTtgkpRK/GZwEE3HjenHZtLSo+tKTM=; h=To:Date:In-Reply-To:References:Subject:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=YUhYPGSM96iZ+j5Xbg7e8QOcezp+cCspDAf7jDyhRTuaZkEGhPU6AsvInXK3iMzXO mgneP9PDsnwdqUoAU+qSt1J3hH+DN8AYjd85dKNh8rxA43YeTG4oS0Y9h0GyMi1iG9 Qd0YwW6ItdBOlnVWlJv3BBQHUs6RRsBmY0z+xung= Received: from smtp33.i.mail.ru (smtp33.i.mail.ru [95.163.41.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id 240D326D894 for ; Wed, 18 Jan 2023 23:20:24 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org 240D326D894 Received: by smtp33.i.mail.ru with esmtpa (envelope-from ) id 1pIEv1-00820q-60; Wed, 18 Jan 2023 23:20:23 +0300 To: Sergey Ostanevich , Maxim Kokryashkin Date: Wed, 18 Jan 2023 23:16:56 +0300 Message-Id: <673614b0d270047c096b156f5a886211770c4ac1.1674068996.git.skaplun@tarantool.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Mailru-Src: smtp X-4EC0790: 10 X-7564579A: 78E4E2B564C1792B X-77F55803: 4F1203BC0FB41BD90D1502B3BE350FE4736FC4076420874E19255304332EEB6200894C459B0CD1B984EA1FC02A27D313DBCFE60FBC776ED83A1AEED0763AC6E0B6BD4AB1FA1FD2A3 X-7FA49CB5: FF5795518A3D127A4AD6D5ED66289B5278DA827A17800CE7DB84ED444C624799EA1F7E6F0F101C67BD4B6F7A4D31EC0BCC500DACC3FED6E28638F802B75D45FF8AA50765F790063707C9A2DE1D52FEB28638F802B75D45FF36EB9D2243A4F8B5A6FCA7DBDB1FC311F39EFFDF887939037866D6147AF826D81079DF1D7B41EECA3BE83A7E9961457C117882F4460429724CE54428C33FAD305F5C1EE8F4F765FC55B19328CBC4F849A471835C12D1D9774AD6D5ED66289B52BA9C0B312567BB23117882F4460429728776938767073520599709FD55CB46A6F6B57BC7E6449061A352F6E88A58FB86F5D81C698A659EA73AA81AA40904B5D9A18204E546F3947CCE4AEF6198D26326AD7EC71F1DB884274AD6D5ED66289B52698AB9A7B718F8C46E0066C2D8992A16725E5C173C3A84C3DE2BA4B60159ED7ABA3038C0950A5D36B5C8C57E37DE458B330BD67F2E7D9AF16D1867E19FE14079C09775C1D3CA48CF3D321E7403792E342EB15956EA79C166A417C69337E82CC275ECD9A6C639B01B78DA827A17800CE76515C59FC18CEA6D731C566533BA786AA5CC5B56E945C8DA X-C1DE0DAB: 0D63561A33F958A577C7817596D15D9F2F64DE6B9B3D3DB1129251CB0B1E57514EAF44D9B582CE87C8A4C02DF684249CC203C45FEA855C8F X-C8649E89: 4E36BF7865823D7055A7F0CF078B5EC49A30900B95165D349C39CCCDAABCB54B58C8F0A306FE820996D6F20DC8E85325ADF8F3564CBD68F8D4C3A00FC2642C7A1D7E09C32AA3244CC821F5DDC723249CE74898FA8D6496B0B038C9161EF167A1927AC6DF5659F194 X-D57D3AED: 3ZO7eAau8CL7WIMRKs4sN3D3tLDjz0dLbV79QFUyzQ2Ujvy7cMT6pYYqY16iZVKkSc3dCLJ7zSJH7+u4VD18S7Vl4ZUrpaVfd2+vE6kuoey4m4VkSEu530nj6fImhcD4MUrOEAnl0W826KZ9Q+tr5ycPtXkTV4k65bRjmOUUP8cvGozZ33TWg5HZplvhhXbhDGzqmQDTd6OAevLeAnq3Ra9uf7zvY2zzsIhlcp/Y7m53TZgf2aB4JOg4gkr2biojrgi5U++pMSND8dGgLT6xdQ== X-Mailru-Sender: F16D9CAFEEA6770E7B6EAD4ADB3BCAF0CDA0904334FFF46BEF7B82B556437F3216FEDAC78673AA18F2400F607609286E924004A7DEC283833C7120B22964430C52B393F8C72A41A84198E0F3ECE9B5443453F38A29522196 X-Mras: Ok Subject: [Tarantool-patches] [PATCH luajit 3/3] x86/x64: Fix loop realignment. X-BeenThere: tarantool-patches@dev.tarantool.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Sergey Kaplun via Tarantool-patches Reply-To: Sergey Kaplun Cc: tarantool-patches@dev.tarantool.org Errors-To: tarantool-patches-bounces@dev.tarantool.org Sender: "Tarantool-patches" From: Mike Pall (cherry picked from commit 522d2073da4be2af79db4728cbb375db0fbdfc48) `asm_intarith()` function may try to drop `test r, r` instruction before the Jcc instruction. However, in case when Jcc instruction is "Jump short if ..." instruction (i.e. has no 0F opcode prefix like "Jump near if ..."), the `test` instruction is dropped when shouldn't be, due to memory miss. As the result, the loop can't be realigned later in `asm_loop_fixup` due to target to jump isn't aligned and the assertion fails. This patch adds the additional check for 0F opcode in `asm_intarith()`. Sergey Kaplun: * added the description and the test for the problem Part of tarantool/tarantool#8069 --- src/lj_asm_x86.h | 5 +++-- .../lj-556-fix-loop-realignment.test.lua | 18 ++++++++++++++++++ 2 files changed, 21 insertions(+), 2 deletions(-) create mode 100644 test/tarantool-tests/lj-556-fix-loop-realignment.test.lua diff --git a/src/lj_asm_x86.h b/src/lj_asm_x86.h index 8efda8e5..e6c42c6d 100644 --- a/src/lj_asm_x86.h +++ b/src/lj_asm_x86.h @@ -2068,8 +2068,9 @@ static void asm_intarith(ASMState *as, IRIns *ir, x86Arith xa) int32_t k = 0; if (as->flagmcp == as->mcp) { /* Drop test r,r instruction. */ MCode *p = as->mcp + ((LJ_64 && *as->mcp < XI_TESTb) ? 3 : 2); - if ((p[1] & 15) < 14) { - if ((p[1] & 15) >= 12) p[1] -= 4; /* L <->S, NL <-> NS */ + MCode *q = p[0] == 0x0f ? p+1 : p; + if ((*q & 15) < 14) { + if ((*q & 15) >= 12) *q -= 4; /* L <->S, NL <-> NS */ as->flagmcp = NULL; as->mcp = p; } /* else: cannot transform LE/NLE to cc without use of OF. */ diff --git a/test/tarantool-tests/lj-556-fix-loop-realignment.test.lua b/test/tarantool-tests/lj-556-fix-loop-realignment.test.lua new file mode 100644 index 00000000..9a8e6098 --- /dev/null +++ b/test/tarantool-tests/lj-556-fix-loop-realignment.test.lua @@ -0,0 +1,18 @@ +local tap = require('tap') + +local test = tap.test('lj-505-fold-icorrect-behavior') +test:plan(1) + +-- Test file to demonstrate JIT misbehaviour for loop realignment +-- in LUAJIT_NUMMODE=2. See also +-- https://github.com/LuaJIT/LuaJIT/issues/556. + +jit.opt.start('hotloop=1') + +local s = 4 +while s > 0 do + s = s - 1 +end + +test:ok(true, 'loop is compiled and ran successfully') +os.exit(test:check() and 0 or 1) -- 2.34.1