x64 JIT emit wrong jump target when target is at start of byte code

Question

x64 JIT emit wrong jump target when target is at start of byte code

Closed this issue 4 months ago · 0 comments

Test case:

-- mem
00 00 00 01
00 00 00 02
-- asm
sub %r2, 1
jne %r2, 0, -2
mov %r0, 0
exit
-- result
0x0

Generated machine code:

000001FB5C740000  push        rbp  
000001FB5C740001  push        rbx  
000001FB5C740002  push        rdi  
000001FB5C740003  push        rsi  
000001FB5C740004  push        r13  
000001FB5C740006  push        r14  
000001FB5C740008  push        r15  
000001FB5C74000A  mov         r10,rcx  
000001FB5C74000D  mov         r11,rcx  
000001FB5C740010  mov         rbp,rsp  
000001FB5C740013  sub         rsp,200h  
000001FB5C74001A  sub         rsp,20h  
000001FB5C740021  call        000001FB5C74002B  
000001FB5C740026  jmp         000001FB5C740055  
000001FB5C74002B  sub         rsp,8  
000001FB5C740032  sub         rdx,1  
000001FB5C740039  cmp         rdx,0  
000001FB5C740040  jne         000001FB5C74002B  
000001FB5C740046  mov         rax,0  
000001FB5C74004D  add         rsp,8  
000001FB5C740054  ret  
000001FB5C740055  mov         rsp,rbp  
000001FB5C740058  pop         r15  
000001FB5C74005A  pop         r14  
000001FB5C74005C  pop         r13  
000001FB5C74005E  pop         rsi  
000001FB5C74005F  pop         rdi  
000001FB5C740060  pop         rbx  
000001FB5C740061  pop         rbp  
000001FB5C740062  ret

Note the instruction at address 000001FB5C740040, which jumps to 000001FB5C74002B instead of 000001FB5C740032.