Tarantool development patches archive
 help / color / mirror / Atom feed
From: Sergey Kaplun via Tarantool-patches <tarantool-patches@dev.tarantool.org>
To: Maxim Kokryashkin <max.kokryashkin@gmail.com>,
	tarantool-patches@dev.tarantool.org
Subject: Re: [Tarantool-patches] [PATCH luajit] Throw any errors before stack changes in trace stitching.
Date: Thu, 22 Feb 2024 17:03:01 +0300	[thread overview]
Message-ID: <ZddUFeb-PCKfAq9D@root> (raw)
In-Reply-To: <ZdXt3oDNjOzpB_Vc@root>

Hi, again, folks!

On 21.02.24, Sergey Kaplun via Tarantool-patches wrote:
> Hi, Maxim!
> Thanks for the patch!
> Please consider my comments below.
> 
> On 16.02.24, Maxim Kokryashkin wrote:
> > From: Mike Pall <mike>
> > 
> > Thanks to doujiang24.
> > 
> > (cherry-picked from commit 3f9389edc6cdf3f78a6896d550c236860aed62b2)
> > 
> > The Lua stack is changed in the `lj_record_stop`, so if the trace
> 
> Actually, it is changed in the `recff_stitch()` -- the continuation frame
> is inserted below a function with arguments.
> 
> > is aborted, for example, when the `maxsnap` is reached, and an
> 
> If there are any other situations, we must handle them too:
> 
> 1) AFAICS, when LuaJIT is built with -DLUAJIT_ENABLE_TABLE_BUMP, the
> following lines may lead to the error, and thereby the Lua stack
> becomes unbalanced:
> 
> <src/lj_record.c:290> `lj_record_stop()`:
> | if (J->retryrec)
> |   lj_trace_err(J, LJ_TRERR_RETRY);
> 
> Build with the following flags:
> | cmake -DCMAKE_C_FLAGS="-DLUAJIT_ENABLE_TABLE_BUMP" -DLUA_USE_APICHECK=ON \
> |       -DLUA_USE_ASSERT=ON -DCMAKE_BUILD_TYPE=Debug \
> |       -DLUAJIT_ENABLE_GC64=OFF . && make -j
> 
> The following script reproduces the issue (`maxsnap` configuration option
> is gone):
> 
> | src/luajit -e "
> | local modf = math.modf
> | jit.opt.start('hotloop=1')
> |
> | local t1
> | for i = 1, 2 do
> |   t1 = {}
> |   t1[i] = i
> |   -- Forcify stitch.
> |   modf(1.2)
> | end
> | "
> | LuaJIT ASSERT src/lj_dispatch.c:502: lj_dispatch_call: unbalanced stack after hot instruction
> 
> 2) Also, it may happen when the memory error is raised when we try to
> reallocate the IR buffer for the next instruction in `lj_ir_nextins()`.
> 
> The reproducer for this issue is much more tricky.
> 
> My suggestions here are the following:
> Resolve the special case in the scope of backporting this patch, and
> report the 2 follow-ups with suggested solutions to the upstream.
> As I can see, this issue should be fixed in the following way:
> Add the `lj_vm_cpcall()` to the `record_stop()` call and rethrow
> the error, if needed, after clenup.
> 

Reported here:
https://github.com/LuaJIT/LuaJIT/issues/1166

<snipped>

> > 
> 
> -- 
> Best regards,
> Sergey Kaplun

-- 
Best regards,
Sergey Kaplun

      reply	other threads:[~2024-02-22 14:07 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-02-16 11:11 Maxim Kokryashkin via Tarantool-patches
2024-02-20  8:08 ` Sergey Bronnikov via Tarantool-patches
2024-03-11 15:58   ` Sergey Bronnikov via Tarantool-patches
2024-02-21 12:34 ` Sergey Kaplun via Tarantool-patches
2024-02-22 14:03   ` Sergey Kaplun via Tarantool-patches [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ZddUFeb-PCKfAq9D@root \
    --to=tarantool-patches@dev.tarantool.org \
    --cc=max.kokryashkin@gmail.com \
    --cc=skaplun@tarantool.org \
    --subject='Re: [Tarantool-patches] [PATCH luajit] Throw any errors before stack changes in trace stitching.' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox