Closed
Bug 536153
Opened 16 years ago
Closed 12 years ago
NativeARM.cpp: Incorrect use ALUr_shi to generate compare insns
Categories
(Core Graveyard :: Nanojit, defect)
Tracking
(Not tracked)
RESOLVED
WONTFIX
Future
People
(Reporter: jseward, Assigned: jseward)
Details
(Whiteboard: fixed-in-nanojit, fixed-in-tracemonkey, fixed-in-tamarin)
Attachments
(1 file)
|
3.06 KB,
patch
|
jbramley
:
review+
|
Details | Diff | Splinter Review |
No description provided.
|
Assignee | |
Comment 1•16 years ago
|
||
Ach, the perils of pressing Enter at the wrong time. Details are:
NJ emits the following for signed-multiply and overflow check on ARM:
mul2 = mul ld1, sizeof(JSTraceType)
0004d73dc8 smull r5, ip, r4, r10
0004d73dcc cmp ip, r5, asr #31
The compare looks legit, but it is assembled in such a way that a
should-be-zero field in the instruction (bits 15:12) is not zero.
This appears to be accepted by Cortex-A8 (although perhaps it is
interpreted as something else?). However, the instruction decoder for
Valgrind on ARM checks said field and fails to recognise the
instruction. At a minimum we can say that NJ is not ARM ARM compliant
here.
binutils assembles "cmp ip, r5, asr #31" as E15C0FC5,
but Nanojit emits E15CCFC5.
|
|
Assignee | |
Comment 2•16 years ago
|
||
Assignee: nobody → jseward
|
|
Assignee | |
Updated•16 years ago
|
Attachment #418643 -
Flags: review?(Jacob.Bramley)
|
||
Comment 3•16 years ago
|
||
Comment on attachment 418643 [details] [diff] [review]
fixes the bogus CMPs and one related bogus MOV
Yep looks good. I like the assertions!
>+ ALUr_shi(AL, cmp, 1, 0/*SBZ*/, IP, rr, ASR_imm, 31);
Only one comment: Is it worth having "SBZ" constant somewhere so we can tidy up the mid-line comments in the ALUr_shi invocations? Unfortunately, it clashes with r0, otherwise I'd recommend adding a "null register" constant to the Register enum. It's probably something for another patch.
Attachment #418643 -
Flags: review?(Jacob.Bramley) → review+
|
|
Assignee | |
Updated•16 years ago
|
Keywords: checkin-needed
|
||
Comment 4•16 years ago
|
||
I pulled SBZ out into a local const variable and landed:
http://hg.mozilla.org/projects/nanojit-central/rev/f4ece4c13545
Keywords: checkin-needed
Whiteboard: fixed-in-nanojit
|
|
||
Comment 5•16 years ago
|
||
Status: NEW → ASSIGNED
Whiteboard: fixed-in-nanojit → fixed-in-nanojit, fixed-in-tracemonkey
|
|
||
Comment 6•15 years ago
|
||
Whiteboard: fixed-in-nanojit, fixed-in-tracemonkey → fixed-in-nanojit, fixed-in-tracemonkey, fixed-in-tamarin
Target Milestone: --- → Future
|
||
Updated•12 years ago
|
Product: Core → Core Graveyard
|
|
||
Comment 7•12 years ago
|
||
Nanojit has been dead for several years. Its Bugzilla component has been moved to the graveyard (bug 984276).
I checked all the open bugs. They're all uninteresting, so I'm WONTFIXing them all. Apologies for the bugspam.
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•