[Tarantool-patches] [PATCH] Mark CONV as non-weak, to prevent elimination of its side-effect.

Sergey Bronnikov sergeyb at tarantool.org
Thu Jul 13 15:23:54 MSK 2023 

Hi, Max!


thanks for the patch!

Links to the branch and PR are missed, but I found them:

branch: https://github.com/tarantool/luajit/tree/fckxorg/mark-conv-non-weak

PR: https://github.com/tarantool/tarantool/pull/8871


Test is passed after reverting the patch with fix.


Sergey


On 7/12/23 12:52, Maksim Kokryashkin wrote:
> From: Mike Pall <mike>
>
> An unused guarded CONV int.num cannot be omitted in general.
>
> (cherry-picked from commit 881d02d3117838acaf4fb844332c8e33cc95c8c5)
>
> In some cases, an unused `CONV` omission may lead to a guard
> absence, resulting in invalid control flow branching and
> undefined behavior. For a comprehensive example of
> the described situation, please refer to the comment
> in `test/tarantool-tests/mark-conv-non-weak.test.lua`.
>
> Maxim Kokryashkin:
> * added the description and the test for the problem
>
> Part of tarantool/tarantool#8825
> ---
>   src/lj_ir.h                                   |  2 +-
>   .../mark-conv-non-weak.test.lua               | 58 +++++++++++++++++++
>   2 files changed, 59 insertions(+), 1 deletion(-)
>   create mode 100644 test/tarantool-tests/mark-conv-non-weak.test.lua
>
> diff --git a/src/lj_ir.h b/src/lj_ir.h
> index e8bca275..bf9b9292 100644
> --- a/src/lj_ir.h
> +++ b/src/lj_ir.h
> @@ -132,7 +132,7 @@
>     _(XBAR,	S , ___, ___) \
>     \
>     /* Type conversions. */ \
> -  _(CONV,	NW, ref, lit) \
> +  _(CONV,	N , ref, lit) \
>     _(TOBIT,	N , ref, ref) \
>     _(TOSTR,	N , ref, lit) \
>     _(STRTO,	N , ref, ___) \
> diff --git a/test/tarantool-tests/mark-conv-non-weak.test.lua b/test/tarantool-tests/mark-conv-non-weak.test.lua
> new file mode 100644
> index 00000000..aad39058
> --- /dev/null
> +++ b/test/tarantool-tests/mark-conv-non-weak.test.lua
> @@ -0,0 +1,58 @@
> +local tap = require('tap')
> +local test = tap.test('mark-conv-non-weak'):skipcond({
> +    ['Test requires JIT enabled'] = not jit.status(),
> +})
> +
> +test:plan(1)
> +
> +local data = {0.1, 0, 0.1, 0, 0 / 0}
> +local sum = 0
> +
> +jit.opt.start('hotloop=1', 'hotexit=1')
> +
> +-- When the last trace is recorded, the traced bytecode
> +-- is the following before the patch:
> +-- ---- TRACE 4 start 2/3 test.lua:6
> +-- 0018  ADDVV    1   1   6
> +-- 0019  ITERC    5   3   3
> +-- 0000  . FUNCC               ; ipairs_aux
> +-- 0020  JITERL   5   1
> +-- 0021  GGET     2   7      ; "assert"
> +-- 0022  ISEQV    1   1
> +-- 0023  JMP      4 => 0026
> +-- 0024  KPRI     4   1
> +-- 0025  JMP      5 => 0027
> +-- 0027  CALL     2   1   2
> +-- 0000  . FUNCC               ; assert
> +--
> +-- And the following after the patch:
> +-- ---- TRACE 4 start 2/2 test.lua:5
> +-- 0016  ISNEV    6   6
> +-- 0017  JMP      7 => 0019
> +-- 0019  ITERC    5   3   3
> +-- 0000  . FUNCC               ; ipairs_aux
> +-- 0020  JITERL   5   1
> +-- 0021  GGET     2   7      ; "assert"
> +-- 0022  ISEQV    1   1
> +-- 0023  JMP      4 => 0026
> +-- 0026  KPRI     4   2
> +-- 0027  CALL     2   1   2
> +-- 0000  . FUNCC               ; assert
> +-- 0028  RET0     0   1
> +--
> +-- The crucial difference here is the abscent
> +-- `ISNEV` in the first case, which produces the
> +-- desired guarded `CONV`, when translated to IR.
> +--
> +-- Since there is no guard, NaN is added to the sum,
> +-- despite the test case logic.
> +
> +for _, val in ipairs(data) do
> +    if val == val then
> +        sum = sum + val
> +    end
> +end
> +
> +test:ok(sum == sum, 'NaN check was not omitted')
> +
> +os.exit(test:check() and 0 or 1)

More information about the Tarantool-patches mailing list