aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorMike Pall <mike>2021-03-23 00:43:07 +0100
committerMike Pall <mike>2021-03-23 00:43:07 +0100
commit33e3f4badfde8cd9c202cedd1f4ed9275bc92e7d (patch)
tree61d4f1338a8589e3a846ca3e1d69589cca8bd338 /src
parent5ccfe94f4ed27b8f9b899ed9e40e8d872bb83371 (diff)
downloadluajit-33e3f4badfde8cd9c202cedd1f4ed9275bc92e7d.tar.gz
luajit-33e3f4badfde8cd9c202cedd1f4ed9275bc92e7d.tar.bz2
luajit-33e3f4badfde8cd9c202cedd1f4ed9275bc92e7d.zip
Detect inconsistent renames even in the presence of sunk values.
Reported by Igor Munkin.
Diffstat (limited to 'src')
-rw-r--r--src/lj_asm.c25
1 files changed, 12 insertions, 13 deletions
diff --git a/src/lj_asm.c b/src/lj_asm.c
index aa19087d..41006873 100644
--- a/src/lj_asm.c
+++ b/src/lj_asm.c
@@ -71,6 +71,7 @@ typedef struct ASMState {
71 IRRef snaprename; /* Rename highwater mark for snapshot check. */ 71 IRRef snaprename; /* Rename highwater mark for snapshot check. */
72 SnapNo snapno; /* Current snapshot number. */ 72 SnapNo snapno; /* Current snapshot number. */
73 SnapNo loopsnapno; /* Loop snapshot number. */ 73 SnapNo loopsnapno; /* Loop snapshot number. */
74 BloomFilter snapfilt1, snapfilt2; /* Filled with snapshot refs. */
74 75
75 IRRef fuseref; /* Fusion limit (loopref, 0 or FUSE_DISABLED). */ 76 IRRef fuseref; /* Fusion limit (loopref, 0 or FUSE_DISABLED). */
76 IRRef sectref; /* Section base reference (loopref or 0). */ 77 IRRef sectref; /* Section base reference (loopref or 0). */
@@ -825,7 +826,10 @@ static int asm_sunk_store(ASMState *as, IRIns *ira, IRIns *irs)
825static void asm_snap_alloc1(ASMState *as, IRRef ref) 826static void asm_snap_alloc1(ASMState *as, IRRef ref)
826{ 827{
827 IRIns *ir = IR(ref); 828 IRIns *ir = IR(ref);
828 if (!irref_isk(ref) && (!(ra_used(ir) || ir->r == RID_SUNK))) { 829 if (!irref_isk(ref) && ir->r != RID_SUNK) {
830 bloomset(as->snapfilt1, ref);
831 bloomset(as->snapfilt2, hashrot(ref, ref + HASH_BIAS));
832 if (ra_used(ir)) return;
829 if (ir->r == RID_SINK) { 833 if (ir->r == RID_SINK) {
830 ir->r = RID_SUNK; 834 ir->r = RID_SUNK;
831#if LJ_HASFFI 835#if LJ_HASFFI
@@ -882,6 +886,7 @@ static void asm_snap_alloc(ASMState *as)
882 SnapShot *snap = &as->T->snap[as->snapno]; 886 SnapShot *snap = &as->T->snap[as->snapno];
883 SnapEntry *map = &as->T->snapmap[snap->mapofs]; 887 SnapEntry *map = &as->T->snapmap[snap->mapofs];
884 MSize n, nent = snap->nent; 888 MSize n, nent = snap->nent;
889 as->snapfilt1 = as->snapfilt2 = 0;
885 for (n = 0; n < nent; n++) { 890 for (n = 0; n < nent; n++) {
886 SnapEntry sn = map[n]; 891 SnapEntry sn = map[n];
887 IRRef ref = snap_ref(sn); 892 IRRef ref = snap_ref(sn);
@@ -904,18 +909,12 @@ static void asm_snap_alloc(ASMState *as)
904*/ 909*/
905static int asm_snap_checkrename(ASMState *as, IRRef ren) 910static int asm_snap_checkrename(ASMState *as, IRRef ren)
906{ 911{
907 SnapShot *snap = &as->T->snap[as->snapno]; 912 if (bloomtest(as->snapfilt1, ren) &&
908 SnapEntry *map = &as->T->snapmap[snap->mapofs]; 913 bloomtest(as->snapfilt2, hashrot(ren, ren + HASH_BIAS))) {
909 MSize n, nent = snap->nent; 914 IRIns *ir = IR(ren);
910 for (n = 0; n < nent; n++) { 915 ra_spill(as, ir); /* Register renamed, so force a spill slot. */
911 SnapEntry sn = map[n]; 916 RA_DBGX((as, "snaprensp $f $s", ren, ir->s));
912 IRRef ref = snap_ref(sn); 917 return 1; /* Found. */
913 if (ref == ren || (LJ_SOFTFP && (sn & SNAP_SOFTFPNUM) && ++ref == ren)) {
914 IRIns *ir = IR(ref);
915 ra_spill(as, ir); /* Register renamed, so force a spill slot. */
916 RA_DBGX((as, "snaprensp $f $s", ref, ir->s));
917 return 1; /* Found. */
918 }
919 } 918 }
920 return 0; /* Not found. */ 919 return 0; /* Not found. */
921} 920}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 22:15:59 +0000