[Tarantool-patches] [PATCH luajit 3/3] Avoid conflict between 64 bit lightuserdata and ITERN key.

[Igor Munkin]

Sergey,

Thanks for the patch! As a result of the fixes discussed offline, LGTM.

On 20.09.21, sergos wrote:
> Hi!
> 
> > On 20 Sep 2021, at 11:38, Sergey Kaplun <skaplun at tarantool.org> wrote:
> > 
> > Hi, Sergos!
> > 
> > Thanks for the review!
> > 
> > On 15.09.21, sergos wrote:
> 
> [...]
> 
> >>> +++ b/test/tarantool-tests/lj-727-lightuserdata-itern.test.lua
> >>> @@ -0,0 +1,48 @@
> >>> +local tap = require('tap')
> >>> +
> >>> +-- Test file to demonstrate next FF incorrect behaviour on LJ_64.
> >>> +-- See also, https://github.com/LuaJIT/LuaJIT/issues/727.
> >>> +
> >>> +local test = tap.test('lj-727-lightuserdata-itern')
> >>> +test:plan(1)
> >>> +
> >>> +local ud = require('lightuserdata').craft_ptr_wp()
> >>> +
> >>> +-- We now have the tagged lightuuserdata pointer
> >>> +-- 0xFFFE7FFF00000002 in the up before this patch (after the patch
> >>> +-- the maximum available lightuserdata segment is 0xffe).
> >> 
> >> Shall we end the test here with just an expectation of an error?
> >> I believe you can make a way simpler test: pcall(craft_ptr()) should work
> >> successfully 254 times and error on an 255th one, isn’t it?
> > 
> > Not exactly, I think.
> > The main idea of the test -- generate as much lightuserdata objects as
> > we can, and save them in the same table. After that we check that
> > iteration by them is correct.
> > 
> > Test you suggested doesn't show up the possible issue with ITERN, does
> > it?
> 
> Exactly. I don’t see any reason to force the situation showing that you
> can’t use the LUD segment beyond particular value. The test can be that
> simple showing the max segment is 254, not 255 - exactly the functionality
> that is added to the code. So, it should fail at creation of 255th segment
> and it will be the positive outcome of the test. If there’s no error -
> the test fails.
> It will simplify the test considerably. Also, you should not have such
> long explanation of ITERN/ITERC - just say "the 255th segment is forbidden,
> since its encoding is overlapped with control variable used by ISNEXT”.

Sergos, I'm partially agree with you: we can just check that the last
lightuserdata segment is reserved for LuaJIT internal usage -- this is
the case. However, Sergey wants to check that after this patch ITERN
despecialization doesn't lead to table misiteration (since this is the
symptom being reported in LuaJIT queue).

Unfortunately I can't figure out two issues:
1. How to properly check the BADLU is raised for the *last* segment
(consider the comment in the commit from the trunk[1]).
2. What is more important: how does this error stops us from using
"ITERN-magic-range" pointers outside of the last segment? I might be
missing some related macro-magic, but AFAIU a new segment is created for
any lightudup value, hence 0xfffe7fff... pointers can be mapped into the
second segment, can't they?

Anyway, I guess we can proceed with this series and report an issue/PR
to the vanilla trunk when the issue bothers us again.

P.S. What if we create "craft pointers" in a reverse order? I'll check
this a bit later.

> 
> I would recommend to wait for the 2nd reviewer here - especially if you
> discussed the patch before submit.
> 
> Regards,
> Sergos
> 

-- 
Best regards,
IM