ZJIT: A64 backend miscomp fixes (and a CI fix) #13904
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This comment has been minimized.
This comment has been minimized.
e1fa282 to
8090c2a
Compare
tekknolagi
reviewed
Jul 16, 2025
tekknolagi
reviewed
Jul 16, 2025
k0kubun
approved these changes
Jul 16, 2025
This is so that e.g. building with `--enable-zjit=dev` will test with the disassembly feature. It makes more sense, saves on build time and reveals that `backend::arm64::tests::sp_movements_are_single_instruction` was in fact failing with the `disasm` feature.
Previously, it issued CMN, which doesn't add to the stack pointer.
The raw bytes didn't disassemble to the disassembly, but we missed this since CI didn't run `make zjit-test` with the disasm feature. Fixes: 1317377 ("ZJIT: A64: Have add/sub to SP be single-instruction")
Previously, my buggy optimization would turn `asm.sub(imm, reg)` into `subs out, reg, imm` since it runs through the addition path which relies on the commutative property. Don't do that because subtraction does not commute. Good thing no one seems to use this form. Also, delete the 2 regs match arm for Add because it's already covered by the fallback arm -- both split_load_operand() and split_shifted_immediate() are no-op when the input is a register. Fixes: 1317377 ("ZJIT: A64: Have add/sub to SP be single-instruction")
The stack canary gets killed in test_yjit.rb:224 for some reason. Needs investigation. Example CI failure: https://github.com/ruby/ruby/actions/runs/16307837724/job/46057558066
755220b to
cd28885
Compare
k0kubun
reviewed
Jul 16, 2025
| @@ -22,7 +22,8 @@ path = "jit.rs" | |||
|
|
|||
| [features] | |||
| disasm = ["yjit?/disasm", "zjit?/disasm"] | |||
| runtime_checks = [] | |||
| # TODO(GH-642) Turning this on trips a btest failure. | |||
There was a problem hiding this comment.
It's hard for other contributors to figure out it refers to Shopify/ruby when you're looking at ruby/ruby, so it might be nice to mention the repository name. It confused me at first too.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I noticed that SP movement still weren't single instruction after my other
PR and that led me to find a few bugs.
Please check commit message for each.
make zjit-testuse the same Cargo features as minirubyWe should now be running the disassembly tests in the backend on CI.
asm.add_into(NATIVE_STACK_POINTER, ...)Probably the most important one because we use this for side exits.
asm.add(reg, imm)with Movasm.sub(imm, reg)