Merge 1dab08b1ab into 538a82133a

Reported by Bernhard M. Wiedemann. #1348 #1155
Fixes from Peter Cawley, Christian Clason, Lewis Russell.

src/lj_asm_x86.h

@@ -886,32 +886,38 @@ static void asm_conv(ASMState *as, IRIns *ir)
       asm_tointg(as, ir, ra_alloc1(as, lref, RSET_FPR));
     } else {
       Reg dest = ra_dest(as, ir, RSET_GPR);
+      Reg tmp = ra_noreg(IR(lref)->r) ? ra_alloc1(as, lref, RSET_FPR) :
+					ra_scratch(as, RSET_FPR);
       x86Op op = st == IRT_NUM ? XO_CVTTSD2SI : XO_CVTTSS2SI;
-      if (LJ_64 ? irt_isu64(ir->t) : irt_isu32(ir->t)) {
+      Reg r64 = (LJ_64 && irt_is64 (ir->t)) ? REX_64 : 0;
-	/* LJ_64: For inputs >= 2^63 add -2^64, convert again. */
+      if (LJ_64 && (irt_isu32(ir->t) || irt_isint(ir->t)))
-	/* LJ_32: For inputs >= 2^31 add -2^31, convert again and add 2^31. */
+	emit_rr(as, XO_MOV, dest, dest);  /* Zero hiword. */
-	Reg tmp = ra_noreg(IR(lref)->r) ? ra_alloc1(as, lref, RSET_FPR) :
+      if (irt_isu64(ir->t) || irt_isu32(ir->t)) {
-					  ra_scratch(as, RSET_FPR);
+        /* The cvtsd2si family of instructions operates on the signed integers,
-	MCLabel l_end = emit_label(as);
+           producing INT_MIN on error.  However we're converting to an unsigned
-	if (LJ_32)
+           integer, so we want to accept the whole unsigned integer range.
-	  emit_gri(as, XG_ARITHi(XOg_ADD), dest, (int32_t)0x80000000);
+           Convert both the number and the number minus INT_MIN, choosing the
-	emit_rr(as, op, dest|REX_64, tmp);
+           first result if successful and the second otherwise.  */
-	if (st == IRT_NUM)
+        Reg dest2 = ra_scratch(as, rset_exclude(RSET_GPR, dest));
-	  emit_rma(as, XO_ADDSD, tmp, &as->J->k64[LJ_K64_M2P64_31]);
+        Reg tmp2 = ra_scratch(as, rset_exclude(RSET_FPR, tmp));
-	else
+        x86Op sub_op;
-	  emit_rma(as, XO_ADDSS, tmp, &as->J->k32[LJ_K32_M2P64_31]);
+        void *krange;
-	emit_sjcc(as, CC_NS, l_end);
+        if (st == IRT_NUM) {
-	emit_rr(as, XO_TEST, dest|REX_64, dest);  /* Check if dest negative. */
+          sub_op = XO_SUBSD;
-	emit_rr(as, op, dest|REX_64, tmp);
+          krange = &as->J->k64[irt_isu64(ir->t) ? LJ_K64_2P64 : LJ_K64_2P32];
-	ra_left(as, tmp, lref);
+        } else {
-      } else {
+          sub_op = XO_SUBSS;
-	if (LJ_64 && irt_isu32(ir->t))
+          krange = &as->J->k32[irt_isu64(ir->t) ? LJ_K32_2P64 : LJ_K32_2P32];
-	  emit_rr(as, XO_MOV, dest, dest);  /* Zero hiword. */
+        }
-	emit_mrm(as, op,
+        emit_rr(as, XO_CMOV + (CC_O<<24), dest|r64, dest2|r64);
-		 dest|((LJ_64 &&
+        emit_i8(as, 1);
-			(irt_is64(ir->t) || irt_isu32(ir->t))) ? REX_64 : 0),
+        emit_rr(as, XO_ARITHi8, XOg_CMP|r64, dest);
-		 asm_fuseload(as, lref, RSET_FPR));
+        emit_rr(as, op, dest2|r64, tmp2);
+        emit_rma(as, sub_op, tmp2, krange);
+        emit_rr(as, XO_MOVAPS, tmp2, tmp);
       }
+      emit_rr(as, op, dest|r64, tmp);
+      ra_left(as, tmp, lref);
     }
   } else if (st >= IRT_I8 && st <= IRT_U16) {  /* Extend to 32 bit integer. */
     Reg left, dest = ra_dest(as, ir, RSET_GPR);

src/lj_bcread.c

@@ -179,7 +179,7 @@ static const void *bcread_varinfo(GCproto *pt)
 }
 
 /* Read a single constant key/value of a template table. */
-static void bcread_ktabk(LexState *ls, TValue *o)
+static void bcread_ktabk(LexState *ls, TValue *o, GCtab *t)
 {
   MSize tp = bcread_uleb128(ls);
   if (tp >= BCDUMP_KTAB_STR) {
@@ -191,6 +191,8 @@ static void bcread_ktabk(LexState *ls, TValue *o)
   } else if (tp == BCDUMP_KTAB_NUM) {
     o->u32.lo = bcread_uleb128(ls);
     o->u32.hi = bcread_uleb128(ls);
+  } else if (t && tp == BCDUMP_KTAB_NIL) { /* Restore nil value marker. */
+    settabV(ls->L, o, t);
   } else {
     lj_assertLS(tp <= BCDUMP_KTAB_TRUE, "bad constant type %d", tp);
     setpriV(o, ~tp);
@@ -207,15 +209,15 @@ static GCtab *bcread_ktab(LexState *ls)
     MSize i;
     TValue *o = tvref(t->array);
     for (i = 0; i < narray; i++, o++)
-      bcread_ktabk(ls, o);
+      bcread_ktabk(ls, o, NULL);
   }
   if (nhash) {  /* Read hash entries. */
     MSize i;
     for (i = 0; i < nhash; i++) {
       TValue key;
-      bcread_ktabk(ls, &key);
+      bcread_ktabk(ls, &key, NULL);
       lj_assertLS(!tvisnil(&key), "nil key");
-      bcread_ktabk(ls, lj_tab_set(ls->L, t, &key));
+      bcread_ktabk(ls, lj_tab_set(ls->L, t, &key), t);
     }
   }
   return t;

src/lj_bcwrite.c

@@ -71,6 +71,8 @@ static void bcwrite_ktabk(BCWriteCtx *ctx, cTValue *o, int narrow)
     *p++ = BCDUMP_KTAB_NUM;
     p = lj_strfmt_wuleb128(p, o->u32.lo);
     p = lj_strfmt_wuleb128(p, o->u32.hi);
+  } else if (tvistab(o)) { /* Write the nil value marker as a nil. */
+    *p++ = BCDUMP_KTAB_NIL;
   } else {
     lj_assertBCW(tvispri(o), "unhandled type %d", itype(o));
     *p++ = BCDUMP_KTAB_NIL+~itype(o);
@@ -133,7 +135,7 @@ static void bcwrite_ktab_sorted_hash(BCWriteCtx *ctx, Node *node, MSize nhash)
   TValue **heap = ctx->heap;
   MSize i = nhash;
   for (;; node--) {  /* Build heap. */
-    if (!tvisnil(&node->key)) {
+    if (!tvisnil(&node->val)) {
       bcwrite_ktabk_heap_insert(heap, --i, nhash, &node->key);
       if (i == 0) break;
     }
@@ -163,7 +165,7 @@ static void bcwrite_ktab(BCWriteCtx *ctx, char *p, const GCtab *t)
     MSize i, hmask = t->hmask;
     Node *node = noderef(t->node);
     for (i = 0; i <= hmask; i++)
-      nhash += !tvisnil(&node[i].key);
+      nhash += !tvisnil(&node[i].val);
   }
   /* Write number of array slots and hash slots. */
   p = lj_strfmt_wuleb128(p, narray);
@@ -184,7 +186,7 @@ static void bcwrite_ktab(BCWriteCtx *ctx, char *p, const GCtab *t)
     } else {
       MSize i = nhash;
       for (;; node--)
-	if (!tvisnil(&node->key)) {
+	if (!tvisnil(&node->val)) {
 	  bcwrite_ktabk(ctx, &node->key, 0);
 	  bcwrite_ktabk(ctx, &node->val, 1);
 	  if (--i == 0) break;

src/lj_jit.h

@@ -359,14 +359,10 @@ enum {
 
 enum {
 #if LJ_TARGET_X86ORX64
+  LJ_K64_2P32,		/* 2^32 */
   LJ_K64_TOBIT,		/* 2^52 + 2^51 */
   LJ_K64_2P64,		/* 2^64 */
   LJ_K64_M2P64,		/* -2^64 */
-#if LJ_32
-  LJ_K64_M2P64_31,	/* -2^64 or -2^31 */
-#else
-  LJ_K64_M2P64_31 = LJ_K64_M2P64,
-#endif
 #endif
 #if LJ_TARGET_MIPS
   LJ_K64_2P31,		/* 2^31 */
@@ -381,7 +377,8 @@ enum {
 
 enum {
 #if LJ_TARGET_X86ORX64
-  LJ_K32_M2P64_31,	/* -2^64 or -2^31 */
+  LJ_K32_2P32,		/* 2^32 */
+  LJ_K32_2P64,		/* 2^64 */
 #endif
 #if LJ_TARGET_PPC
   LJ_K32_2P52_2P31,	/* 2^52 + 2^31 */

src/lj_opt_fold.c

@@ -2217,9 +2217,11 @@ LJFOLD(HREF TDUP KNUM)
 LJFOLDF(fwd_href_tdup)
 {
   TValue keyv;
+  cTValue *val;
   lj_ir_kvalue(J->L, &keyv, fright);
-  if (lj_tab_get(J->L, ir_ktab(IR(fleft->op1)), &keyv) == niltvg(J2G(J)) &&
+  val = lj_tab_get(J->L, ir_ktab(IR(fleft->op1)), &keyv);
-      lj_opt_fwd_href_nokey(J))
+  /* Check for either nil or the nil value marker in the template table. */
+  if ((tvisnil(val) || tvistab(val)) && lj_opt_fwd_href_nokey(J))
     return lj_ir_kkptr(J, niltvg(J2G(J)));
   return NEXTFOLD;
 }

src/lj_opt_mem.c

@@ -233,7 +233,9 @@ static TRef fwd_ahload(jit_State *J, IRRef xref)
 	  return lj_ir_knum_u64(J, tv->u64);
 	else if (tvisint(tv))
 	  return lj_ir_kint(J, intV(tv));
-	else if (tvisgcv(tv))
+	else if (tvistab(tv)) /* Template table nil value marker. */
+	  return TREF_NIL;
+	else if (tvisstr(tv))
 	  return lj_ir_kstr(J, strV(tv));
       }
       /* Othwerwise: don't intern as a constant. */

src/lj_parse.c

@@ -1725,7 +1725,7 @@ static void expr_table(LexState *ls, ExpDesc *e)
   FuncState *fs = ls->fs;
   BCLine line = ls->linenumber;
   GCtab *t = NULL;
-  int vcall = 0, needarr = 0, fixt = 0;
+  int vcall = 0, needarr = 0;
   uint32_t narr = 1;  /* First array index. */
   uint32_t nhash = 0;  /* Number of hash entries. */
   BCReg freg = fs->freereg;
@@ -1769,9 +1769,10 @@ static void expr_table(LexState *ls, ExpDesc *e)
       lj_gc_anybarriert(fs->L, t);
       if (expr_isk_nojump(&val)) {  /* Add const key/value to template table. */
 	expr_kvalue(fs, v, &val);
-      } else {  /* Otherwise create dummy string key (avoids lj_tab_newkey). */
+	/* Mark nil value with table value itself to preserve the key. */
-	settabV(fs->L, v, t);  /* Preserve key with table itself as value. */
+	if (key.k == VKSTR && tvisnil(v)) settabV(fs->L, v, t);
-	fixt = 1;   /* Fix this later, after all resizes. */
+      } else {  /* Preserve the key for the following non-const store.  */
+	settabV(fs->L, v, t);
 	goto nonconst;
       }
     } else {
@@ -1813,17 +1814,6 @@ static void expr_table(LexState *ls, ExpDesc *e)
   } else {
     if (needarr && t->asize < narr)
       lj_tab_reasize(fs->L, t, narr-1);
-    if (fixt) {  /* Fix value for dummy keys in template table. */
-      Node *node = noderef(t->node);
-      uint32_t i, hmask = t->hmask;
-      for (i = 0; i <= hmask; i++) {
-	Node *n = &node[i];
-	if (tvistab(&n->val)) {
-	  lj_assertFS(tabV(&n->val) == t, "bad dummy key in template table");
-	  setnilV(&n->val);  /* Turn value into nil. */
-	}
-      }
-    }
     lj_gc_check(fs->L);
   }
 }

src/lj_tab.c

@@ -194,6 +194,7 @@ GCtab * LJ_FASTCALL lj_tab_dup(lua_State *L, const GCtab *kt)
       Node *next = nextnode(kn);
       /* Don't use copyTV here, since it asserts on a copy of a dead key. */
       n->val = kn->val; n->key = kn->key;
+      if (tvistab(&n->val)) setnilV(&n->val); /* Replace nil value marker. */
       setmref(n->next, next == NULL? next : (Node *)((char *)next + d));
     }
   }

src/lj_target_x86.h

@@ -300,6 +300,7 @@ typedef enum {
   XO_CVTSS2SD =	XO_f30f(5a),
   XO_CVTSD2SS =	XO_f20f(5a),
   XO_ADDSS =	XO_f30f(58),
+  XO_SUBSS =	XO_f30f(5c),
   XO_MOVD =	XO_660f(6e),
   XO_MOVDto =	XO_660f(7e),
 

src/lj_trace.c

@@ -318,12 +318,11 @@ void lj_trace_initstate(global_State *g)
 
   /* Initialize 32/64 bit constants. */
 #if LJ_TARGET_X86ORX64
+  J->k64[LJ_K64_2P32].u64 = U64x(41f00000,00000000);
   J->k64[LJ_K64_TOBIT].u64 = U64x(43380000,00000000);
-#if LJ_32
-  J->k64[LJ_K64_M2P64_31].u64 = U64x(c1e00000,00000000);
-#endif
   J->k64[LJ_K64_2P64].u64 = U64x(43f00000,00000000);
-  J->k32[LJ_K32_M2P64_31] = LJ_64 ? 0xdf800000 : 0xcf000000;
+  J->k32[LJ_K32_2P64] = 0x5f800000;
+  J->k32[LJ_K32_2P32] = 0x4f800000;
 #endif
 #if LJ_TARGET_X86ORX64 || LJ_TARGET_MIPS64
   J->k64[LJ_K64_M2P64].u64 = U64x(c3f00000,00000000);