New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use after free in cord_start and obuf_dup #4614
Comments
Test reproducer:
|
been trying to trigger the issue on linux platform but without a luck. seems it is highly macos bound. gonna try it there... |
Don't know how, but the test name and the OS (Mac OS) suggests that it may be relevant to tarantool/tarantool-qa#234. |
sergos
pushed a commit
to tarantool/luajit
that referenced
this issue
Dec 28, 2021
(chekky picked from commit 6b08248) x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). Contributed by Peter Cawley. Code generation under LJ_GC64 missed an update to the mcode area boundaries after a 64-bit constant encoding. This lead to a corruption of the constant later on. The constant can be encoded in one of the following ways: a. If the address of the constant fits into 32-bit one, then encode it as a 32-bit displacement (the only option for non-GC64 mode). b. If the offset of the constant slot from the dispatch table (pinned to r14 that is not changed while trace execution) fits into 32-bit, then encode this as a 32-bit displacement relative to r14. c. If the offset of the constant slot from the mcode (i.e. rip) fits into 32-bit, then encode this as a 32-bit displacement relative to rip (considering long mode specifics and RID_RIP hack). d. If none of the conditions above are valid, compiler materializes this 64-bit constant right at the trace bottom and encodes this the same way it does for the previous case. As a result the problem appears with 4Gb distance from the currently allocated mcode to the dispatch pointer, which may happen in real life in case of long running instance. Sergey Ostanevich: * added the description and the test for the problem Fixes tarantool/tarantool#4095 Fixes tarantool/tarantool#4199 Fixes tarantool/tarantool#4614 --- Branch: https://github.com/tarantool/luajit/tree/sergos/gh-4095-gc64-const-fusion Tarantool branch: https://github.com/tarantool/luajit/tree/tarantool/gh-4095-gc64-const-fusion
sergos
pushed a commit
to tarantool/luajit
that referenced
this issue
Dec 28, 2021
(chekky picked from commit 6b08248) x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). Contributed by Peter Cawley. Code generation under LJ_GC64 missed an update to the mcode area boundaries after a 64-bit constant encoding. This lead to a corruption of the constant later on. The constant can be encoded in one of the following ways: a. If the address of the constant fits into 32-bit one, then encode it as a 32-bit displacement (the only option for non-GC64 mode). b. If the offset of the constant slot from the dispatch table (pinned to r14 that is not changed while trace execution) fits into 32-bit, then encode this as a 32-bit displacement relative to r14. c. If the offset of the constant slot from the mcode (i.e. rip) fits into 32-bit, then encode this as a 32-bit displacement relative to rip (considering long mode specifics and RID_RIP hack). d. If none of the conditions above are valid, compiler materializes this 64-bit constant right at the trace bottom and encodes this the same way it does for the previous case. As a result the problem appears with 4Gb distance from the currently allocated mcode to the dispatch pointer, which may happen in real life in case of long running instance. Sergey Ostanevich: * added the description and the test for the problem Fixes tarantool/tarantool#4095 Fixes tarantool/tarantool#4199 Fixes tarantool/tarantool#4614 --- Branch: https://github.com/tarantool/luajit/tree/sergos/gh-4095-gc64-const-fusion Tarantool branch: https://github.com/tarantool/luajit/tree/tarantool/gh-4095-gc64-const-fusion
sergos
pushed a commit
to tarantool/luajit
that referenced
this issue
Dec 28, 2021
(chekky picked from commit 6b08248) x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). Contributed by Peter Cawley. Code generation under LJ_GC64 missed an update to the mcode area boundaries after a 64-bit constant encoding. This lead to a corruption of the constant later on. The constant can be encoded in one of the following ways: a. If the address of the constant fits into 32-bit one, then encode it as a 32-bit displacement (the only option for non-GC64 mode). b. If the offset of the constant slot from the dispatch table (pinned to r14 that is not changed while trace execution) fits into 32-bit, then encode this as a 32-bit displacement relative to r14. c. If the offset of the constant slot from the mcode (i.e. rip) fits into 32-bit, then encode this as a 32-bit displacement relative to rip (considering long mode specifics and RID_RIP hack). d. If none of the conditions above are valid, compiler materializes this 64-bit constant right at the trace bottom and encodes this the same way it does for the previous case. As a result the problem appears with 4Gb distance from the currently allocated mcode to the dispatch pointer, which may happen in real life in case of long running instance. Sergey Ostanevich: * added the description and the test for the problem Fixes tarantool/tarantool#4095 Fixes tarantool/tarantool#4199 Fixes tarantool/tarantool#4614 --- Branch: https://github.com/tarantool/luajit/tree/sergos/gh-4095-gc64-const-fusion Tarantool branch: https://github.com/tarantool/tarantool/tree/sergos/gh-4095-gc64-const-fusion
sergos
pushed a commit
to tarantool/luajit
that referenced
this issue
Jan 20, 2022
(chekky picked from commit 6b08248) x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). Contributed by Peter Cawley. Code generation under LJ_GC64 missed an update to the mcode area boundaries after a 64-bit constant encoding. This lead to a corruption of the constant later on. The constant can be encoded in one of the following ways: a. If the address of the constant fits into 32-bit one, then encode it as a 32-bit displacement (the only option for non-GC64 mode). b. If the offset of the constant slot from the dispatch table (pinned to r14 that is not changed while trace execution) fits into 32-bit, then encode this as a 32-bit displacement relative to r14. c. If the offset of the constant slot from the mcode (i.e. rip) fits into 32-bit, then encode this as a 32-bit displacement relative to rip (considering long mode specifics and RID_RIP hack). d. If none of the conditions above are valid, compiler materializes this 64-bit constant right at the trace bottom and encodes this the same way it does for the previous case. As a result the problem appears with 4Gb distance from the currently allocated mcode to the dispatch pointer, which may happen in real life in case of long running instance. Sergey Ostanevich: * added the description and the test for the problem Fixes tarantool/tarantool#4095 Fixes tarantool/tarantool#4199 Fixes tarantool/tarantool#4614 --- Branch: https://github.com/tarantool/luajit/tree/sergos/gh-4095-gc64-const-fusion Tarantool branch: https://github.com/tarantool/tarantool/tree/sergos/gh-4095-gc64-const-fusion
sergos
pushed a commit
to tarantool/luajit
that referenced
this issue
Jan 28, 2022
(chekky picked from commit 6b08248) x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). Contributed by Peter Cawley. Code generation under LJ_GC64 missed an update to the mcode area boundaries after a 64-bit constant encoding. This lead to a corruption of the constant later on. The constant can be encoded in one of the following ways: a. If the address of the constant fits into 32-bit one, then encode it as a 32-bit displacement (the only option for non-GC64 mode). b. If the offset of the constant slot from the dispatch table (pinned to r14 that is not changed while trace execution) fits into 32-bit, then encode this as a 32-bit displacement relative to r14. c. If the offset of the constant slot from the mcode (i.e. rip) fits into 32-bit, then encode this as a 32-bit displacement relative to rip (considering long mode specifics and RID_RIP hack). d. If none of the conditions above are valid, compiler materializes this 64-bit constant right at the trace bottom and encodes this the same way it does for the previous case. As a result the problem appears with 4Gb distance from the currently allocated mcode to the dispatch pointer, which may happen in real life in case of long running instance. Sergey Ostanevich: * added the description and the test for the problem Fixes tarantool/tarantool#4095 Fixes tarantool/tarantool#4199 Fixes tarantool/tarantool#4614 --- Branch: https://github.com/tarantool/luajit/tree/sergos/gh-4095-gc64-const-fusion Tarantool branch: https://github.com/tarantool/luajit/tree/tarantool/gh-4095-gc64-const-fusion
sergos
pushed a commit
to tarantool/luajit
that referenced
this issue
Jan 28, 2022
(chekky picked from commit 6b08248) x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). Contributed by Peter Cawley. Code generation under LJ_GC64 missed an update to the mcode area boundaries after a 64-bit constant encoding. This lead to a corruption of the constant later on. The constant can be encoded in one of the following ways: a. If the address of the constant fits into 32-bit one, then encode it as a 32-bit displacement (the only option for non-GC64 mode). b. If the offset of the constant slot from the dispatch table (pinned to r14 that is not changed while trace execution) fits into 32-bit, then encode this as a 32-bit displacement relative to r14. c. If the offset of the constant slot from the mcode (i.e. rip) fits into 32-bit, then encode this as a 32-bit displacement relative to rip (considering long mode specifics and RID_RIP hack). d. If none of the conditions above are valid, compiler materializes this 64-bit constant right at the trace bottom and encodes this the same way it does for the previous case. As a result the problem appears with 2Gb distance from the currently allocated mcode to the dispatch pointer, which may happen in real life in case of long running instance. Sergey Ostanevich: * added the description and the test for the problem Fixes tarantool/tarantool#4095 Fixes tarantool/tarantool#4199 Fixes tarantool/tarantool#4614 --- Branch: https://github.com/tarantool/luajit/tree/sergos/gh-4095-gc64-const-fusion Tarantool branch: https://github.com/tarantool/luajit/tree/tarantool/gh-4095-gc64-const-fusion
sergos
pushed a commit
to tarantool/luajit
that referenced
this issue
Jan 28, 2022
(chekky picked from commit 6b08248) x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). Contributed by Peter Cawley. Code generation under LJ_GC64 missed an update to the mcode area boundaries after a 64-bit constant encoding. This lead to a corruption of the constant later on. The constant can be encoded in one of the following ways: a. If the address of the constant fits into 32-bit one, then encode it as a 32-bit displacement (the only option for non-GC64 mode). b. If the offset of the constant slot from the dispatch table (pinned to r14 that is not changed while trace execution) fits into 32-bit, then encode this as a 32-bit displacement relative to r14. c. If the offset of the constant slot from the mcode (i.e. rip) fits into 32-bit, then encode this as a 32-bit displacement relative to rip (considering long mode specifics and RID_RIP hack). d. If none of the conditions above are valid, compiler materializes this 64-bit constant right at the trace bottom and encodes this the same way it does for the previous case. As a result the problem appears with 2Gb distance from the currently allocated mcode to the dispatch pointer, which may happen in real life in case of long running instance. Sergey Ostanevich: * added the description and the test for the problem Fixes tarantool/tarantool#4095 Fixes tarantool/tarantool#4199 Fixes tarantool/tarantool#4614 --- Branch: https://github.com/tarantool/luajit/tree/sergos/gh-4095-gc64-const-fusion Tarantool branch: https://github.com/tarantool/luajit/tree/tarantool/gh-4095-gc64-const-fusion
sergos
pushed a commit
to tarantool/luajit
that referenced
this issue
Jan 31, 2022
(chekky picked from commit 6b08248) x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). Contributed by Peter Cawley. Code generation under LJ_GC64 missed an update to the mcode area boundaries after a 64-bit constant encoding. It can lead to a corruption of the constant value after next trace code generation. The constant can be encoded in one of the following ways: a. If the address of the constant fits into 32-bit one, then encode it as a 32-bit displacement (the only option for non-GC64 mode). b. If the offset of the constant slot from the dispatch table (pinned to r14 that is not changed while trace execution) fits into 32-bit, then encode this as a 32-bit displacement relative to r14. c. If the offset of the constant slot from the mcode (i.e. rip) fits into 32-bit, then encode this as a 32-bit displacement relative to rip (considering long mode specifics and RID_RIP hack). d. If none of the conditions above are valid, compiler materializes this 64-bit constant right at the trace bottom and encodes this the same way it does for the previous case. The mentioned problem appears only with 2Gb distance from the currently allocated mcode to the dispatch pointer, which may happen in real life in case of long running instance. Sergey Ostanevich: * added the description and the test for the problem Fixes tarantool/tarantool#4095 Fixes tarantool/tarantool#4199 Fixes tarantool/tarantool#4614 --- Branch: https://github.com/tarantool/luajit/tree/sergos/gh-4095-gc64-const-fusion Tarantool branch: https://github.com/tarantool/luajit/tree/tarantool/gh-4095-gc64-const-fusion
Buristan
pushed a commit
to tarantool/luajit
that referenced
this issue
Feb 16, 2022
(chekky picked from commit 6b08248) x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). Contributed by Peter Cawley. Code generation under LJ_GC64 missed an update to the mcode area boundaries after a 64-bit constant encoding. It can lead to a corruption of the constant value after next trace code generation. The constant can be encoded in one of the following ways: a. If the address of the constant fits into 32-bit one, then encode it as a 32-bit displacement (the only option for non-GC64 mode). b. If the offset of the constant slot from the dispatch table (pinned to r14 that is not changed while trace execution) fits into 32-bit, then encode this as a 32-bit displacement relative to r14. c. If the offset of the constant slot from the mcode (i.e. rip) fits into 32-bit, then encode this as a 32-bit displacement relative to rip (considering long mode specifics and RID_RIP hack). d. If none of the conditions above are valid, compiler materializes this 64-bit constant right at the trace bottom and encodes this the same way it does for the previous case. The mentioned problem appears only with 2Gb distance from the currently allocated mcode to the dispatch pointer, which may happen in real life in case of long running instance. Sergey Ostanevich: * added the description and the test for the problem Fixes tarantool/tarantool#4095 Fixes tarantool/tarantool#4199 Fixes tarantool/tarantool#4614 --- Branch: https://github.com/tarantool/luajit/tree/sergos/gh-4095-gc64-const-fusion Tarantool branch: https://github.com/tarantool/luajit/tree/tarantool/gh-4095-gc64-const-fusion
Buristan
pushed a commit
to tarantool/luajit
that referenced
this issue
Feb 16, 2022
(chekky picked from commit 6b08248) x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). Contributed by Peter Cawley. Code generation under LJ_GC64 missed an update to the mcode area boundaries after a 64-bit constant encoding. It can lead to a corruption of the constant value after next trace code generation. The constant can be encoded in one of the following ways: a. If the address of the constant fits into 32-bit one, then encode it as a 32-bit displacement (the only option for non-GC64 mode). b. If the offset of the constant slot from the dispatch table (pinned to r14 that is not changed while trace execution) fits into 32-bit, then encode this as a 32-bit displacement relative to r14. c. If the offset of the constant slot from the mcode (i.e. rip) fits into 32-bit, then encode this as a 32-bit displacement relative to rip (considering long mode specifics and RID_RIP hack). d. If none of the conditions above are valid, compiler materializes this 64-bit constant right at the trace bottom and encodes this the same way it does for the previous case. The mentioned problem appears only with 2Gb distance from the currently allocated mcode to the dispatch pointer, which may happen in real life in case of long running instance. Sergey Ostanevich: * added the description and the test for the problem Fixes tarantool/tarantool#4095 Fixes tarantool/tarantool#4199 Fixes tarantool/tarantool#4614 --- Branch: https://github.com/tarantool/luajit/tree/sergos/gh-4095-gc64-const-fusion Tarantool branch: https://github.com/tarantool/luajit/tree/tarantool/gh-4095-gc64-const-fusion
Buristan
pushed a commit
to tarantool/luajit
that referenced
this issue
Feb 16, 2022
(chekky picked from commit 6b08248) x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). Contributed by Peter Cawley. Code generation under LJ_GC64 missed an update to the mcode area boundaries after a 64-bit constant encoding. It can lead to a corruption of the constant value after next trace code generation. The constant can be encoded in one of the following ways: a. If the address of the constant fits into 32-bit one, then encode it as a 32-bit displacement (the only option for non-GC64 mode). b. If the offset of the constant slot from the dispatch table (pinned to r14 that is not changed while trace execution) fits into 32-bit, then encode this as a 32-bit displacement relative to r14. c. If the offset of the constant slot from the mcode (i.e. rip) fits into 32-bit, then encode this as a 32-bit displacement relative to rip (considering long mode specifics and RID_RIP hack). d. If none of the conditions above are valid, compiler materializes this 64-bit constant right at the trace bottom and encodes this the same way it does for the previous case. The mentioned problem appears only with 2Gb distance from the currently allocated mcode to the dispatch pointer, which may happen in real life in case of long running instance. Sergey Ostanevich: * added the description and the test for the problem Fixes tarantool/tarantool#4095 Fixes tarantool/tarantool#4199 Fixes tarantool/tarantool#4614
Buristan
pushed a commit
to tarantool/luajit
that referenced
this issue
Jun 22, 2022
Contributed by Peter Cawley. (chekky picked from commit 6b08248) Code generation under LJ_GC64 missed an update to the mcode area boundaries after a 64-bit constant encoding. It can lead to a corruption of the constant value after next trace code generation. The constant can be encoded in one of the following ways: a. If the address of the constant fits into 32-bit one, then encode it as a 32-bit displacement (the only option for non-GC64 mode). b. If the offset of the constant slot from the dispatch table (pinned to r14 that is not changed while trace execution) fits into 32-bit, then encode this as a 32-bit displacement relative to r14. c. If the offset of the constant slot from the mcode (i.e. rip) fits into 32-bit, then encode this as a 32-bit displacement relative to rip (considering long mode specifics and RID_RIP hack). d. If none of the conditions above are valid, compiler materializes this 64-bit constant right at the trace bottom and encodes this the same way it does for the previous case. The mentioned problem appears only with 2Gb distance from the currently allocated mcode to the dispatch pointer, which may happen in real life in case of long running instance. Sergey Ostanevich: * added the description and the test for the problem Fixes tarantool/tarantool#4095 Fixes tarantool/tarantool#4199 Fixes tarantool/tarantool#4614
igormunkin
pushed a commit
to tarantool/luajit
that referenced
this issue
Jun 29, 2022
Contributed by Peter Cawley. (cherry picked from commit 6b08248) Code generation under LJ_GC64 misses to update the mcode area boundaries after a 64-bit constant encoding. It can lead to a corruption of the constant value as a result of the next trace code generation. The constant can be encoded in one of the following ways: a. If the address of the constant fits into 32-bit one, then encode it as a 32-bit displacement (the only option for non-GC64 mode). b. If the offset of the constant slot from the dispatch table (pinned to r14 that is not changed while trace execution) fits into 32-bit, then encode this as a 32-bit displacement relative to r14. c. If the offset of the constant slot from the mcode (i.e. rip) fits into 32-bit, then encode this as a 32-bit displacement relative to rip (considering long mode specifics and RID_RIP hack). d. If none of the conditions above are valid, compiler materializes this 64-bit constant right at the trace bottom and encodes this the same way it does for the previous case. The aforementioned problem appears only with 2Gb gap between the currently allocated mcode and the dispatch pointer, which may happen in real life in case of long running instance. Sergey Ostanevich: * added the description and the test for the problem Part of tarantool/tarantool#6548 Resolves tarantool/tarantool#4095 Resolves tarantool/tarantool#4199 Resolves tarantool/tarantool#4614
igormunkin
pushed a commit
to tarantool/luajit
that referenced
this issue
Jun 29, 2022
Contributed by Peter Cawley. (cherry picked from commit 6b08248) Code generation under LJ_GC64 misses to update the mcode area boundaries after a 64-bit constant encoding. It can lead to a corruption of the constant value as a result of the next trace code generation. The constant can be encoded in one of the following ways: a. If the address of the constant fits into 32-bit one, then encode it as a 32-bit displacement (the only option for non-GC64 mode). b. If the offset of the constant slot from the dispatch table (pinned to r14 that is not changed while trace execution) fits into 32-bit, then encode this as a 32-bit displacement relative to r14. c. If the offset of the constant slot from the mcode (i.e. rip) fits into 32-bit, then encode this as a 32-bit displacement relative to rip (considering long mode specifics and RID_RIP hack). d. If none of the conditions above are valid, compiler materializes this 64-bit constant right at the trace bottom and encodes this the same way it does for the previous case. The aforementioned problem appears only with 2Gb gap between the currently allocated mcode and the dispatch pointer, which may happen in real life in case of long running instance. Sergey Ostanevich: * added the description and the test for the problem Part of tarantool/tarantool#6548 Resolves tarantool/tarantool#4095 Resolves tarantool/tarantool#4199 Resolves tarantool/tarantool#4614 Reviewed-by: Sergey Ostanevich <sergos@tarantool.org> Reviewed-by: Igor Munkin <imun@tarantool.org> Signed-off-by: Igor Munkin <imun@tarantool.org> (cherry picked from commit 4285379)
igormunkin
pushed a commit
to tarantool/luajit
that referenced
this issue
Jun 29, 2022
Contributed by Peter Cawley. (cherry picked from commit 6b08248) Code generation under LJ_GC64 misses to update the mcode area boundaries after a 64-bit constant encoding. It can lead to a corruption of the constant value as a result of the next trace code generation. The constant can be encoded in one of the following ways: a. If the address of the constant fits into 32-bit one, then encode it as a 32-bit displacement (the only option for non-GC64 mode). b. If the offset of the constant slot from the dispatch table (pinned to r14 that is not changed while trace execution) fits into 32-bit, then encode this as a 32-bit displacement relative to r14. c. If the offset of the constant slot from the mcode (i.e. rip) fits into 32-bit, then encode this as a 32-bit displacement relative to rip (considering long mode specifics and RID_RIP hack). d. If none of the conditions above are valid, compiler materializes this 64-bit constant right at the trace bottom and encodes this the same way it does for the previous case. The aforementioned problem appears only with 2Gb gap between the currently allocated mcode and the dispatch pointer, which may happen in real life in case of long running instance. Sergey Ostanevich: * added the description and the test for the problem Part of tarantool/tarantool#6548 Resolves tarantool/tarantool#4095 Resolves tarantool/tarantool#4199 Resolves tarantool/tarantool#4614 Reviewed-by: Sergey Ostanevich <sergos@tarantool.org> Reviewed-by: Igor Munkin <imun@tarantool.org> Signed-off-by: Igor Munkin <imun@tarantool.org> (cherry picked from commit 4285379)
igormunkin
added a commit
to igormunkin/tarantool
that referenced
this issue
Jun 29, 2022
* test: fix path storage for non-concatable objects * test: set DYLD_LIBRARY_PATH environment variable * x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). * FFI: Handle zero-fill of struct-of-NYI. * Fix interaction between profiler hooks and finalizers. * Flush and close output file after profiling run. * Fix debug.debug() for non-string errors. * Fix write barrier for lua_setupvalue() and debug.setupvalue(). * Fix FOLD rule for strength reduction of widening. * Fix bytecode dump unpatching. * Fix tonumber("-0") in dual-number mode. * Fix tonumber("-0"). * Give expected results for negative non-base-10 numbers in tonumber(). * Add missing LJ_MAX_JSLOTS check. * Add stricter check for print() vs. tostring() shortcut. Resolves tarantool#6548 Fixes #4095 Fixes #4199 Fixes tarantool#4614 Fixes tarantool#4630 Fixes tarantool#5885 NO_DOC=LuaJIT submodule bump NO_TEST=LuaJIT submodule bump
This was referenced Jun 29, 2022
igormunkin
added a commit
to igormunkin/tarantool
that referenced
this issue
Jun 29, 2022
* Avoid conflict between 64 bit lightuserdata and ITERN key. * Reorganize lightuserdata interning code. * test: fix path storage for non-concatable objects * ARM64: Fix assembly of HREFK. * FFI/ARM64: Fix pass-by-value struct calling conventions. * test: set DYLD_LIBRARY_PATH environment variable * x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). * FFI: Handle zero-fill of struct-of-NYI. * Fix interaction between profiler hooks and finalizers. * Flush and close output file after profiling run. * Fix debug.debug() for non-string errors. * Fix write barrier for lua_setupvalue() and debug.setupvalue(). * Fix FOLD rule for strength reduction of widening. * Fix bytecode dump unpatching. * Fix tonumber("-0") in dual-number mode. * Fix tonumber("-0"). * Give expected results for negative non-base-10 numbers in tonumber(). * Add missing LJ_MAX_JSLOTS check. * Add stricter check for print() vs. tostring() shortcut. Closes tarantool#6548 Fixes #4095 Fixes #4199 Fixes tarantool#4614 Fixes tarantool#4630 Fixes tarantool#5885 Follows up tarantool#2712 NO_DOC=LuaJIT submodule bump NO_TEST=LuaJIT submodule bump
igormunkin
added a commit
to igormunkin/tarantool
that referenced
this issue
Jun 29, 2022
* test: fix path storage for non-concatable objects * test: set DYLD_LIBRARY_PATH environment variable * x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). * FFI: Handle zero-fill of struct-of-NYI. * Fix interaction between profiler hooks and finalizers. * Flush and close output file after profiling run. * Fix debug.debug() for non-string errors. * Fix write barrier for lua_setupvalue() and debug.setupvalue(). * Fix FOLD rule for strength reduction of widening. * Fix bytecode dump unpatching. * Fix tonumber("-0") in dual-number mode. * Fix tonumber("-0"). * Give expected results for negative non-base-10 numbers in tonumber(). * Add missing LJ_MAX_JSLOTS check. * Add stricter check for print() vs. tostring() shortcut. Closes tarantool#6548 Fixes #4095 Fixes #4199 Fixes tarantool#4614 Fixes tarantool#4630 Fixes tarantool#5885 NO_DOC=LuaJIT submodule bump NO_TEST=LuaJIT submodule bump
igormunkin
added a commit
to igormunkin/tarantool
that referenced
this issue
Jun 29, 2022
* Avoid conflict between 64 bit lightuserdata and ITERN key. * Reorganize lightuserdata interning code. * test: fix path storage for non-concatable objects * ARM64: Fix assembly of HREFK. * FFI/ARM64: Fix pass-by-value struct calling conventions. * test: set DYLD_LIBRARY_PATH environment variable * x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). * FFI: Handle zero-fill of struct-of-NYI. * Fix interaction between profiler hooks and finalizers. * Flush and close output file after profiling run. * Fix debug.debug() for non-string errors. * Fix write barrier for lua_setupvalue() and debug.setupvalue(). * Fix FOLD rule for strength reduction of widening. * Fix bytecode dump unpatching. * Fix tonumber("-0") in dual-number mode. * Fix tonumber("-0"). * Give expected results for negative non-base-10 numbers in tonumber(). * Add missing LJ_MAX_JSLOTS check. * Add stricter check for print() vs. tostring() shortcut. Closes tarantool#6548 Fixes #4095 Fixes #4199 Fixes tarantool#4614 Fixes tarantool#4630 Fixes tarantool#5885 Follows up tarantool#2712 NO_DOC=LuaJIT submodule bump NO_TEST=LuaJIT submodule bump
igormunkin
added a commit
to igormunkin/tarantool
that referenced
this issue
Jun 30, 2022
* Avoid conflict between 64 bit lightuserdata and ITERN key. * Reorganize lightuserdata interning code. * test: fix path storage for non-concatable objects * ARM64: Fix assembly of HREFK. * FFI/ARM64: Fix pass-by-value struct calling conventions. * test: set DYLD_LIBRARY_PATH environment variable * x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). * FFI: Handle zero-fill of struct-of-NYI. * Fix interaction between profiler hooks and finalizers. * Flush and close output file after profiling run. * Fix debug.debug() for non-string errors. * Fix write barrier for lua_setupvalue() and debug.setupvalue(). * Fix FOLD rule for strength reduction of widening. * Fix bytecode dump unpatching. * Fix tonumber("-0") in dual-number mode. * Fix tonumber("-0"). * Give expected results for negative non-base-10 numbers in tonumber(). * Add missing LJ_MAX_JSLOTS check. * Add stricter check for print() vs. tostring() shortcut. Closes tarantool#6548 Fixes tarantool#4614 Fixes tarantool#4630 Fixes tarantool#5885 Fixes tarantool/tarantool-qa#234 Fixes tarantool/tarantool-qa#235 Follows up tarantool#2712 NO_DOC=LuaJIT submodule bump NO_TEST=LuaJIT submodule bump
igormunkin
added a commit
to igormunkin/tarantool
that referenced
this issue
Jun 30, 2022
* Avoid conflict between 64 bit lightuserdata and ITERN key. * Reorganize lightuserdata interning code. * test: fix path storage for non-concatable objects * ARM64: Fix assembly of HREFK. * FFI/ARM64: Fix pass-by-value struct calling conventions. * test: set DYLD_LIBRARY_PATH environment variable * x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). * FFI: Handle zero-fill of struct-of-NYI. * Fix interaction between profiler hooks and finalizers. * Flush and close output file after profiling run. * Fix debug.debug() for non-string errors. * Fix write barrier for lua_setupvalue() and debug.setupvalue(). * Fix FOLD rule for strength reduction of widening. * Fix bytecode dump unpatching. * Fix tonumber("-0") in dual-number mode. * Fix tonumber("-0"). * Give expected results for negative non-base-10 numbers in tonumber(). * Add missing LJ_MAX_JSLOTS check. * Add stricter check for print() vs. tostring() shortcut. Closes tarantool#6548 Fixes tarantool#4614 Fixes tarantool#4630 Fixes tarantool#5885 Fixes tarantool/tarantool-qa#234 Fixes tarantool/tarantool-qa#235 Follows up tarantool#2712 NO_DOC=LuaJIT submodule bump NO_TEST=LuaJIT submodule bump
igormunkin
added a commit
to igormunkin/tarantool
that referenced
this issue
Jun 30, 2022
* test: fix path storage for non-concatable objects * test: set DYLD_LIBRARY_PATH environment variable * x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). * FFI: Handle zero-fill of struct-of-NYI. * Fix interaction between profiler hooks and finalizers. * Flush and close output file after profiling run. * Fix debug.debug() for non-string errors. * Fix write barrier for lua_setupvalue() and debug.setupvalue(). * Fix FOLD rule for strength reduction of widening. * Fix bytecode dump unpatching. * Fix tonumber("-0") in dual-number mode. * Fix tonumber("-0"). * Give expected results for negative non-base-10 numbers in tonumber(). * Add missing LJ_MAX_JSLOTS check. * Add stricter check for print() vs. tostring() shortcut. Closes tarantool#6548 Fixes tarantool#4614 Fixes tarantool#4630 Fixes tarantool#5885 Fixes tarantool/tarantool-qa#234 Fixes tarantool/tarantool-qa#235 NO_DOC=LuaJIT submodule bump NO_TEST=LuaJIT submodule bump
igormunkin
added a commit
to igormunkin/tarantool
that referenced
this issue
Jun 30, 2022
* test: fix path storage for non-concatable objects * test: set DYLD_LIBRARY_PATH environment variable * x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). * FFI: Handle zero-fill of struct-of-NYI. * Fix interaction between profiler hooks and finalizers. * Flush and close output file after profiling run. * Fix debug.debug() for non-string errors. * Fix write barrier for lua_setupvalue() and debug.setupvalue(). * Fix FOLD rule for strength reduction of widening. * Fix bytecode dump unpatching. * Fix tonumber("-0") in dual-number mode. * Fix tonumber("-0"). * Give expected results for negative non-base-10 numbers in tonumber(). * Add missing LJ_MAX_JSLOTS check. * Add stricter check for print() vs. tostring() shortcut. Closes tarantool#6548 Fixes tarantool#4614 Fixes tarantool#4630 Fixes tarantool#5885 Fixes tarantool/tarantool-qa#234 Fixes tarantool/tarantool-qa#235 NO_DOC=LuaJIT submodule bump NO_TEST=LuaJIT submodule bump
igormunkin
added a commit
to igormunkin/tarantool
that referenced
this issue
Jun 30, 2022
* Avoid conflict between 64 bit lightuserdata and ITERN key. * Reorganize lightuserdata interning code. * test: fix path storage for non-concatable objects * ARM64: Fix assembly of HREFK. * FFI/ARM64: Fix pass-by-value struct calling conventions. * test: set DYLD_LIBRARY_PATH environment variable * x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). * FFI: Handle zero-fill of struct-of-NYI. * Fix interaction between profiler hooks and finalizers. * Flush and close output file after profiling run. * Fix debug.debug() for non-string errors. * Fix write barrier for lua_setupvalue() and debug.setupvalue(). * Fix FOLD rule for strength reduction of widening. * Fix bytecode dump unpatching. * Fix tonumber("-0") in dual-number mode. * Fix tonumber("-0"). * Give expected results for negative non-base-10 numbers in tonumber(). * Add missing LJ_MAX_JSLOTS check. * Add stricter check for print() vs. tostring() shortcut. Closes tarantool#6548 Fixes tarantool#4614 Fixes tarantool#4630 Fixes tarantool#5885 Fixes tarantool/tarantool-qa#234 Fixes tarantool/tarantool-qa#235 Follows up tarantool#2712 NO_DOC=LuaJIT submodule bump NO_TEST=LuaJIT submodule bump
igormunkin
added a commit
to igormunkin/tarantool
that referenced
this issue
Jun 30, 2022
* Avoid conflict between 64 bit lightuserdata and ITERN key. * Reorganize lightuserdata interning code. * test: fix path storage for non-concatable objects * ARM64: Fix assembly of HREFK. * FFI/ARM64: Fix pass-by-value struct calling conventions. * test: set DYLD_LIBRARY_PATH environment variable * x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). * FFI: Handle zero-fill of struct-of-NYI. * Fix interaction between profiler hooks and finalizers. * Flush and close output file after profiling run. * Fix debug.debug() for non-string errors. * Fix write barrier for lua_setupvalue() and debug.setupvalue(). * Fix FOLD rule for strength reduction of widening. * Fix bytecode dump unpatching. * Fix tonumber("-0") in dual-number mode. * Fix tonumber("-0"). * Give expected results for negative non-base-10 numbers in tonumber(). * Add missing LJ_MAX_JSLOTS check. * Add stricter check for print() vs. tostring() shortcut. Closes tarantool#6548 Fixes tarantool#4614 Fixes tarantool#4630 Fixes tarantool#5885 Fixes tarantool/tarantool-qa#234 Fixes tarantool/tarantool-qa#235 Follows up tarantool#2712 NO_DOC=LuaJIT submodule bump NO_TEST=LuaJIT submodule bump
igormunkin
added a commit
that referenced
this issue
Jun 30, 2022
* Avoid conflict between 64 bit lightuserdata and ITERN key. * Reorganize lightuserdata interning code. * test: fix path storage for non-concatable objects * ARM64: Fix assembly of HREFK. * FFI/ARM64: Fix pass-by-value struct calling conventions. * test: set DYLD_LIBRARY_PATH environment variable * x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). * FFI: Handle zero-fill of struct-of-NYI. * Fix interaction between profiler hooks and finalizers. * Flush and close output file after profiling run. * Fix debug.debug() for non-string errors. * Fix write barrier for lua_setupvalue() and debug.setupvalue(). * Fix FOLD rule for strength reduction of widening. * Fix bytecode dump unpatching. * Fix tonumber("-0") in dual-number mode. * Fix tonumber("-0"). * Give expected results for negative non-base-10 numbers in tonumber(). * Add missing LJ_MAX_JSLOTS check. * Add stricter check for print() vs. tostring() shortcut. Closes #6548 Fixes #4614 Fixes #4630 Fixes #5885 Fixes tarantool/tarantool-qa#234 Fixes tarantool/tarantool-qa#235 Follows up #2712 NO_DOC=LuaJIT submodule bump NO_TEST=LuaJIT submodule bump
igormunkin
added a commit
that referenced
this issue
Jun 30, 2022
* Avoid conflict between 64 bit lightuserdata and ITERN key. * Reorganize lightuserdata interning code. * test: fix path storage for non-concatable objects * ARM64: Fix assembly of HREFK. * FFI/ARM64: Fix pass-by-value struct calling conventions. * test: set DYLD_LIBRARY_PATH environment variable * x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). * FFI: Handle zero-fill of struct-of-NYI. * Fix interaction between profiler hooks and finalizers. * Flush and close output file after profiling run. * Fix debug.debug() for non-string errors. * Fix write barrier for lua_setupvalue() and debug.setupvalue(). * Fix FOLD rule for strength reduction of widening. * Fix bytecode dump unpatching. * Fix tonumber("-0") in dual-number mode. * Fix tonumber("-0"). * Give expected results for negative non-base-10 numbers in tonumber(). * Add missing LJ_MAX_JSLOTS check. * Add stricter check for print() vs. tostring() shortcut. Closes #6548 Fixes #4614 Fixes #4630 Fixes #5885 Fixes tarantool/tarantool-qa#234 Fixes tarantool/tarantool-qa#235 Follows up #2712 NO_DOC=LuaJIT submodule bump NO_TEST=LuaJIT submodule bump
igormunkin
added a commit
that referenced
this issue
Jun 30, 2022
* test: fix path storage for non-concatable objects * test: set DYLD_LIBRARY_PATH environment variable * x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). * FFI: Handle zero-fill of struct-of-NYI. * Fix interaction between profiler hooks and finalizers. * Flush and close output file after profiling run. * Fix debug.debug() for non-string errors. * Fix write barrier for lua_setupvalue() and debug.setupvalue(). * Fix FOLD rule for strength reduction of widening. * Fix bytecode dump unpatching. * Fix tonumber("-0") in dual-number mode. * Fix tonumber("-0"). * Give expected results for negative non-base-10 numbers in tonumber(). * Add missing LJ_MAX_JSLOTS check. * Add stricter check for print() vs. tostring() shortcut. Closes #6548 Fixes #4614 Fixes #4630 Fixes #5885 Fixes tarantool/tarantool-qa#234 Fixes tarantool/tarantool-qa#235 NO_DOC=LuaJIT submodule bump NO_TEST=LuaJIT submodule bump
mkokryashkin
pushed a commit
to mkokryashkin/tarantool
that referenced
this issue
Sep 9, 2022
* Avoid conflict between 64 bit lightuserdata and ITERN key. * Reorganize lightuserdata interning code. * test: fix path storage for non-concatable objects * ARM64: Fix assembly of HREFK. * FFI/ARM64: Fix pass-by-value struct calling conventions. * test: set DYLD_LIBRARY_PATH environment variable * x64/LJ_GC64: Fix fallback case of asm_fuseloadk64(). * FFI: Handle zero-fill of struct-of-NYI. * Fix interaction between profiler hooks and finalizers. * Flush and close output file after profiling run. * Fix debug.debug() for non-string errors. * Fix write barrier for lua_setupvalue() and debug.setupvalue(). * Fix FOLD rule for strength reduction of widening. * Fix bytecode dump unpatching. * Fix tonumber("-0") in dual-number mode. * Fix tonumber("-0"). * Give expected results for negative non-base-10 numbers in tonumber(). * Add missing LJ_MAX_JSLOTS check. * Add stricter check for print() vs. tostring() shortcut. Closes tarantool#6548 Fixes tarantool#4614 Fixes tarantool#4630 Fixes tarantool#5885 Fixes tarantool/tarantool-qa#234 Fixes tarantool/tarantool-qa#235 Follows up tarantool#2712 NO_DOC=LuaJIT submodule bump NO_TEST=LuaJIT submodule bump
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Tarantool version: 1.10, probably newer too.
OS version: Mac, 10.14.4, Mojave
Bug description:
I built tarantool with enabled ASAN and run box/function1.test.lua.
Here is what ASAN detects:
This is where the test is stopped:
Probably they are false-positive, but it needs to be checked.
The text was updated successfully, but these errors were encountered: