From a9740d9edbe943c9a47a9b011657d0d8413714e4 Mon Sep 17 00:00:00 2001
From: Mike Pall <mike>
Date: Wed, 8 Mar 2017 21:59:14 +0100
Subject: [PATCH 1/7] DynASM: Fix warning.

---
 dynasm/dasm_x86.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/dynasm/dasm_x86.h b/dynasm/dasm_x86.h
index c71bd3cf1b..90dc5d1595 100644
--- a/dynasm/dasm_x86.h
+++ b/dynasm/dasm_x86.h
@@ -204,7 +204,8 @@ void dasm_put(Dst_DECL, int start, ...)
       case DASM_SPACE: p++; ofs += n; break;
       case DASM_SETLABEL: b[pos-2] = -0x40000000; break;  /* Neg. label ofs. */
       case DASM_VREG: CK((n&-8) == 0 && (n != 4 || (*p&1) == 0), RANGE_VREG);
-	if (*p++ == 1 && *p == DASM_DISP) mrm = n; continue;
+	if (*p++ == 1 && *p == DASM_DISP) mrm = n;
+	continue;
       }
       mrm = 4;
     } else {

From eef77a6d775147a1b581b06c296e9f2b3ebc9d2b Mon Sep 17 00:00:00 2001
From: Mike Pall <mike>
Date: Wed, 8 Mar 2017 22:02:07 +0100
Subject: [PATCH 2/7] Fix annoying warning, due to deterministic binutils
 configuration.

---
 src/Makefile | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/Makefile b/src/Makefile
index 01b75211cc..bd172dbe3e 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -208,7 +208,7 @@ TARGET_CC= $(STATIC_CC)
 TARGET_STCC= $(STATIC_CC)
 TARGET_DYNCC= $(DYNAMIC_CC)
 TARGET_LD= $(CROSS)$(CC)
-TARGET_AR= $(CROSS)ar rcus
+TARGET_AR= $(CROSS)ar rcus 2>/dev/null
 TARGET_STRIP= $(CROSS)strip
 
 TARGET_LIBPATH= $(or $(PREFIX),/usr/local)/$(or $(MULTILIB),lib)
@@ -301,7 +301,6 @@ ifeq (Darwin,$(TARGET_SYS))
     export MACOSX_DEPLOYMENT_TARGET=10.4
   endif
   TARGET_STRIP+= -x
-  TARGET_AR+= 2>/dev/null
   TARGET_XSHLDFLAGS= -dynamiclib -single_module -undefined dynamic_lookup -fPIC
   TARGET_DYNXLDOPTS=
   TARGET_XSHLDFLAGS+= -install_name $(TARGET_DYLIBPATH) -compatibility_version $(MAJVER).$(MINVER) -current_version $(MAJVER).$(MINVER).$(RELVER)
@@ -312,7 +311,6 @@ ifeq (Darwin,$(TARGET_SYS))
 else
 ifeq (iOS,$(TARGET_SYS))
   TARGET_STRIP+= -x
-  TARGET_AR+= 2>/dev/null
   TARGET_XSHLDFLAGS= -dynamiclib -single_module -undefined dynamic_lookup -fPIC
   TARGET_DYNXLDOPTS=
   TARGET_XSHLDFLAGS+= -install_name $(TARGET_DYLIBPATH) -compatibility_version $(MAJVER).$(MINVER) -current_version $(MAJVER).$(MINVER).$(RELVER)

From 3ab9f5a18da06b06ebf1e4487997c25e32210dfe Mon Sep 17 00:00:00 2001
From: Mike Pall <mike>
Date: Wed, 8 Mar 2017 22:03:17 +0100
Subject: [PATCH 3/7] Remove internal __mode = "K" and replace with safe check.

---
 src/lib_ffi.c |  2 +-
 src/lj_gc.c   | 17 ++++++++++++-----
 2 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/src/lib_ffi.c b/src/lib_ffi.c
index 6a93ce9713..f2f2ede45b 100644
--- a/src/lib_ffi.c
+++ b/src/lib_ffi.c
@@ -811,7 +811,7 @@ static GCtab *ffi_finalizer(lua_State *L)
   settabV(L, L->top++, t);
   setgcref(t->metatable, obj2gco(t));
   setstrV(L, lj_tab_setstr(L, t, lj_str_newlit(L, "__mode")),
-	  lj_str_newlit(L, "K"));
+	  lj_str_newlit(L, "k"));
   t->nomm = (uint8_t)(~(1u<<MM_mode));
   return t;
 }
diff --git a/src/lj_gc.c b/src/lj_gc.c
index aa243d13ed..a5d32ea359 100644
--- a/src/lj_gc.c
+++ b/src/lj_gc.c
@@ -168,12 +168,19 @@ static int gc_traverse_tab(global_State *g, GCtab *t)
     while ((c = *modestr++)) {
       if (c == 'k') weak |= LJ_GC_WEAKKEY;
       else if (c == 'v') weak |= LJ_GC_WEAKVAL;
-      else if (c == 'K') weak = (int)(~0u & ~LJ_GC_WEAKVAL);
     }
-    if (weak > 0) {  /* Weak tables are cleared in the atomic phase. */
-      t->marked = (uint8_t)((t->marked & ~LJ_GC_WEAK) | weak);
-      setgcrefr(t->gclist, g->gc.weak);
-      setgcref(g->gc.weak, obj2gco(t));
+    if (weak) {  /* Weak tables are cleared in the atomic phase. */
+#if LJ_HASFFI
+      CTState *cts = ctype_ctsG(g);
+      if (cts && cts->finalizer == t) {
+	weak = (int)(~0u & ~LJ_GC_WEAKVAL);
+      } else
+#endif
+      {
+	t->marked = (uint8_t)((t->marked & ~LJ_GC_WEAK) | weak);
+	setgcrefr(t->gclist, g->gc.weak);
+	setgcref(g->gc.weak, obj2gco(t));
+      }
     }
   }
   if (weak == LJ_GC_WEAK)  /* Nothing to mark if both keys/values are weak. */

From ff648369aa1f028750afa517ac095577ed8278d1 Mon Sep 17 00:00:00 2001
From: Mike Pall <mike>
Date: Wed, 8 Mar 2017 22:16:43 +0100
Subject: [PATCH 4/7] Fix out-of-scope goto handling in parser.

Many thanks to Demetrios Obenour for tracking down this long-standing bug.
---
 src/lj_parse.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/lj_parse.c b/src/lj_parse.c
index 26300ab5e6..9e5976f713 100644
--- a/src/lj_parse.c
+++ b/src/lj_parse.c
@@ -1280,12 +1280,14 @@ static void fscope_end(FuncState *fs)
       MSize idx = gola_new(ls, NAME_BREAK, VSTACK_LABEL, fs->pc);
       ls->vtop = idx;  /* Drop break label immediately. */
       gola_resolve(ls, bl, idx);
+    } else {  /* Need the fixup step to propagate the breaks. */
+      gola_fixup(ls, bl);
       return;
-    }  /* else: need the fixup step to propagate the breaks. */
-  } else if (!(bl->flags & FSCOPE_GOLA)) {
-    return;
+    }
+  }
+  if ((bl->flags & FSCOPE_GOLA)) {
+    gola_fixup(ls, bl);
   }
-  gola_fixup(ls, bl);
 }
 
 /* Mark scope as having an upvalue. */

From 4e308361bf730ef3d288db5b71489ecf442f738c Mon Sep 17 00:00:00 2001
From: Mike Pall <mike>
Date: Wed, 8 Mar 2017 22:59:44 +0100
Subject: [PATCH 5/7] Fix overly restrictive range calculation in mcode
 allocation.

Contributed by Alexey Kopytov.
---
 src/lj_mcode.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/lj_mcode.c b/src/lj_mcode.c
index b363136d00..f0cf22ca17 100644
--- a/src/lj_mcode.c
+++ b/src/lj_mcode.c
@@ -239,11 +239,11 @@ static void *mcode_alloc(jit_State *J, size_t sz)
 	return p;
       if (p) mcode_free(J, p, sz);  /* Free badly placed area. */
     }
-    /* Next try probing pseudo-random addresses. */
+    /* Next try probing 64K-aligned pseudo-random addresses. */
     do {
-      hint = (0x78fb ^ LJ_PRNG_BITS(J, 15)) << 16;  /* 64K aligned. */
-    } while (!(hint + sz < range));
-    hint = target + hint - (range>>1);
+      hint = LJ_PRNG_BITS(J, LJ_TARGET_JUMPRANGE-16) << 16;
+    } while (!(hint + sz < range+range));
+    hint = target + hint - range;
   }
   lj_trace_err(J, LJ_TRERR_MCODEAL);  /* Give up. OS probably ignores hints? */
   return NULL;

From d62459fc3949baca5ee1c1919feb4f4979bb09c6 Mon Sep 17 00:00:00 2001
From: Mike Pall <mike>
Date: Wed, 8 Mar 2017 23:01:47 +0100
Subject: [PATCH 6/7] Limit mcode alloc probing, depending on the available
 pool size.

Contributed by Alexey Kopytov.
---
 src/lj_mcode.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/lj_mcode.c b/src/lj_mcode.c
index f0cf22ca17..bb7cf96baa 100644
--- a/src/lj_mcode.c
+++ b/src/lj_mcode.c
@@ -230,7 +230,8 @@ static void *mcode_alloc(jit_State *J, size_t sz)
   /* First try a contiguous area below the last one. */
   uintptr_t hint = J->mcarea ? (uintptr_t)J->mcarea - sz : 0;
   int i;
-  for (i = 0; i < 32; i++) {  /* 32 attempts ought to be enough ... */
+  /* Limit probing iterations, depending on the available pool size. */
+  for (i = 0; i < LJ_TARGET_JUMPRANGE; i++) {
     if (mcode_validptr(hint)) {
       void *p = mcode_alloc_at(J, hint, sz, MCPROT_GEN);
 

From f50bf7585a32738c4fb719cb8fc59d02231fc8c3 Mon Sep 17 00:00:00 2001
From: Mike Pall <mike>
Date: Wed, 8 Mar 2017 23:02:24 +0100
Subject: [PATCH 7/7] Remove unnecessary mcode alloc pointer check.

Also fixes Illumos address space issue reported by Theo Schlossnagle.
---
 src/lj_mcode.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/lj_mcode.c b/src/lj_mcode.c
index bb7cf96baa..f0a1f69966 100644
--- a/src/lj_mcode.c
+++ b/src/lj_mcode.c
@@ -204,8 +204,8 @@ static void mcode_protect(jit_State *J, int prot)
 
 /* -- MCode area allocation ----------------------------------------------- */
 
-#if LJ_TARGET_X64
-#define mcode_validptr(p)	((p) && (uintptr_t)(p) < (uintptr_t)1<<47)
+#if LJ_64
+#define mcode_validptr(p)	(p)
 #else
 #define mcode_validptr(p)	((p) && (uintptr_t)(p) < 0xffff0000)
 #endif