Tarantool development patches archive
 help / color / mirror / Atom feed
From: Sergey Ostanevich via Tarantool-patches <tarantool-patches@dev.tarantool.org>
To: Igor Munkin <imun@tarantool.org>,
	Sergey Kaplun <skaplun@tarantool.org>,
	tarantool-patches@dev.tarantool.org
Subject: [Tarantool-patches] [PATH luajit] GC64: fix 64-bit constant fusion
Date: Fri, 28 May 2021 15:06:25 +0300	[thread overview]
Message-ID: <804A99A3-6D0C-4DA9-A939-26FFED0EC823@tarantool.org> (raw)

Author: Mike Pall <mike>
Date:   Mon Aug 28 10:43:37 2017 +0200

    x64/LJ_GC64: Fix fallback case of asm_fuseloadk64().

    Contributed by Peter Cawley.

    (cherry picked from commit 6b0824852677cc12570c20a3211fbfe0e4f0ce14)

    Code generation under LJ_GC64 missed an update to the mcode area after
    a 64bit constant encoding. This lead to a corruption to the constant
    later on.
    The problem is rather rare, since there should be big enough (4GiB)
    distance from the currently allocated mcode to the dispatch pointer.
    This lead to a number of flaky tests, trackers are addressed.

    Sergey Ostanevich:
    * added the description and the test for the problem

    Closes: #4095, #4199, #4614

    Signed-off-by: Sergey Ostanevich <sergos@tarantool.org>

diff --git a/src/lj_asm_x86.h b/src/lj_asm_x86.h
index 767bf6f3..2850aea9 100644
--- a/src/lj_asm_x86.h
+++ b/src/lj_asm_x86.h
@@ -387,6 +387,7 @@ static Reg asm_fuseloadk64(ASMState *as, IRIns *ir)
       ir->i = (int32_t)(as->mctop - as->mcbot);
       as->mcbot += 8;
       as->mclim = as->mcbot + MCLIM_REDZONE;
+      lj_mcode_commitbot(as->J, as->mcbot);
     }
     as->mrm.ofs = (int32_t)mcpofs(as, as->mctop - ir->i);
     as->mrm.base = RID_RIP;
diff --git a/test/tarantool-tests/gh-4199-gc64-flaky.test.lua b/test/tarantool-tests/gh-4199-gc64-flaky.test.lua
new file mode 100644
index 00000000..3ac30427
--- /dev/null
+++ b/test/tarantool-tests/gh-4199-gc64-flaky.test.lua
@@ -0,0 +1,63 @@
+-- the test is GC64 only
+local ffi=require('ffi')
+require('utils').skipcond(not ffi.abi('gc64'), 'test is GC64 only')
+
+local tap = require("tap")
+local test = tap.test("gh-4199-gc64-flaky")
+test:plan(1)
+
+-- first - we have to make a gap from current JIT infra to next
+-- available mappable memory
+-- most efficient is to grab it per-page
+
+
+ffi.cdef('void * mmap(void *start, size_t length, int prot , int flags, int fd, long offset);')
+ffi.cdef('long getpagesize();')
+
+local pagesize = tonumber(ffi.C.getpagesize())
+local blob = {}
+for i=1, 4e9/pagesize do
+        blob[i] = ffi.C.mmap(ffi.cast('void*',0), pagesize, 0, 0x22, 0, 0)
+        assert(blob[i] ~= 0)
+end
+
+-- try to chomp all memory in currently allocated gc space
+collectgarbage('stop')
+local dummy={'a'}
+for i=2,30 do
+        dummy[i] = dummy[i - 1] .. dummy[i - 1]
+end
+
+-- generate a bunch of functions and keep them stored to trigger wrong constant placement
+
+local s={}
+local pass = true
+
+jit.opt.start('hotloop=1’)
+for n=1,100 do
+        local src='function f'.. n .. [[(x,y,z,f,g,h,j,k,r,c,d)
+                local a={}
+                for i=1,1e6 do
+                        a[i] = x + y + z + f + g + h + j + k + r + c + d
+                        if (x > 0) then a[i] = a[i] + 1.1 end
+                        if (c > 0) then a[i] = a[i] + 2.2 end
+                        if (z > 0) then a[i] = a[i] + 3.3 end
+                        if (f > 0) then a[i] = a[i] + 4.4 end
+                        x=x+r
+                        y=y-c
+                        z=z+d
+                end
+                return a[1]
+        end
+        return f]] .. n ..'(...)'
+
+        s[n] = assert(load(src))
+        local res1 = s[n](1,2,3,4,5,6,7,8,9,10,11)
+        local res2 = s[n](1,2,3,4,5,6,7,8,9,10,11)
+        if (res1 ~= res2) then
+                pass = false
+                break
+        end
+end
+
+test:ok(pass, 'wrong IR constant fuse')

             reply	other threads:[~2021-05-28 12:06 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-05-28 12:06 Sergey Ostanevich via Tarantool-patches [this message]
2021-07-04 21:06 ` Igor Munkin via Tarantool-patches
2022-02-16 15:44   ` Sergey Kaplun via Tarantool-patches
2022-06-21 12:11     ` sergos via Tarantool-patches
2022-06-22 13:32       ` Sergey Kaplun via Tarantool-patches
2022-06-29  8:04         ` Igor Munkin via Tarantool-patches
2022-06-30 12:10 ` Igor Munkin via Tarantool-patches

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=804A99A3-6D0C-4DA9-A939-26FFED0EC823@tarantool.org \
    --to=tarantool-patches@dev.tarantool.org \
    --cc=imun@tarantool.org \
    --cc=sergos@tarantool.org \
    --cc=skaplun@tarantool.org \
    --subject='Re: [Tarantool-patches] [PATH luajit] GC64: fix 64-bit constant fusion' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox