Fix tbaa annotation on union selector bytes inside of structs #54604
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…d alias analysis contradictions that resulted in UB Co-authored-by: Cody Tapscott <84105208+topolarity@users.noreply.github.com>
fingolfin
reviewed
May 28, 2024
| @@ -2780,7 +2780,8 @@ static MDNode *best_field_tbaa(jl_codectx_t &ctx, const jl_cgval_t &strct, jl_da | |||
| } | |||
| } | |||
| if (strct.V && jl_field_isconst(jt, idx) && isLoadFromConstGV(strct.V)) | |||
| return ctx.tbaa().tbaa_const; | |||
| return ctx.tbaa().tbaa_const; //TODO: it seems odd to have a field with a tbaa that doesn't alias it's containing struct's tbaa | |||
KristofferC
reviewed
May 28, 2024
| @@ -938,3 +938,12 @@ BigStructAnyInt() = BigStructAnyInt((Union{Base.inferencebarrier(Float64), Int}= | |||
| @test egal_any54109(Torture1_54109(), Torture1_54109()) | |||
| @test egal_any54109(Torture2_54109(), Torture2_54109()) | |||
| @test !egal_any54109(Torture1_54109(), Torture1_54109((DefaultOr54109(2.0, false) for i = 1:897)...)) | |||
|
|
|||
| function foo54599() | |||
| pkgid = Base.identify_package("Test") | |||
There was a problem hiding this comment.
Is it possible to minimise this a bit or is that tricky? It's a lot of code under the hood here and with changes to that code it's possible a regression would not be found?
|
Uh oh, I found this example that fails LLVM assertions even with this PR: bar54599() = Base.inferencebarrier(true) ? (Base.PkgId(Test),1) : nothing
function foo54599()
pkginfo = @noinline bar54599()
pkgid = pkginfo !== nothing ? pkginfo[1] : nothing
pkgid.uuid !== nothing ? pkgid.uuid : false
end
@test foo54599() !== nothing |
60 tasks
|
@topolarity that is a separate crash 😄, that is fixed in #54690. |
|
in that case, should we merge this? |
|
I wasn't able to minimize that test to I gues so |
|
The crash I pointed out was in search of a more minimal test case. Here's one that works: bar54599() = Base.inferencebarrier(true) ? (Base.PkgId(Main),1) : nothing
function foo54599()
pkginfo = @noinline bar54599()
pkgid = pkginfo !== nothing ? pkginfo[1] : nothing
@noinline println(devnull, pkgid)
pkgid.uuid !== nothing ? pkgid.uuid : false
end
foo54599() # segfaults |
topolarity
pushed a commit
that referenced
this pull request
Jun 6, 2024
…54690) AllocOpt probably needs to handle that in other places more smartly but this seems to at least stop it crashing. Fixes issue found in #54604 (comment) by @topolarity.
KristofferC
pushed a commit
that referenced
this pull request
Jun 7, 2024
We currently cause a alias analysis contradiction by saying that the unionselbytes are on the stack, even if they are on a struct. LLVM is then able to figure out that we giving it a impossible alias situation (the object doesn't alias itself) and triggers UB. https://godbolt.org/z/ssEKMzsPf We may want to do a benchmarks run on this to see if anything too critical hasn't regressed. Fixes #54599 --------- Co-authored-by: Cody Tapscott <84105208+topolarity@users.noreply.github.com> (cherry picked from commit 30542e0)
KristofferC
pushed a commit
that referenced
this pull request
Jun 7, 2024
…54690) AllocOpt probably needs to handle that in other places more smartly but this seems to at least stop it crashing. Fixes issue found in #54604 (comment) by @topolarity. (cherry picked from commit 5cb1107)
KristofferC
pushed a commit
that referenced
this pull request
Jun 7, 2024
We currently cause a alias analysis contradiction by saying that the unionselbytes are on the stack, even if they are on a struct. LLVM is then able to figure out that we giving it a impossible alias situation (the object doesn't alias itself) and triggers UB. https://godbolt.org/z/ssEKMzsPf We may want to do a benchmarks run on this to see if anything too critical hasn't regressed. Fixes #54599 --------- Co-authored-by: Cody Tapscott <84105208+topolarity@users.noreply.github.com> (cherry picked from commit 30542e0)
KristofferC
pushed a commit
that referenced
this pull request
Jun 7, 2024
…54690) AllocOpt probably needs to handle that in other places more smartly but this seems to at least stop it crashing. Fixes issue found in #54604 (comment) by @topolarity. (cherry picked from commit 5cb1107)
KristofferC
added a commit
that referenced
this pull request
Jun 25, 2024
Backported PRs: - [x] #54361 <!-- [LBT] Upgrade to v5.9.0 --> - [x] #54474 <!-- Unalias source from dest in copytrito --> - [x] #54548 <!-- Fixes for bitcast bugs with LLVM 17 / opaque pointers --> - [x] #54191 <!-- make `AbstractPipe` public --> - [x] #53402 <!-- Add `jl_getaffinity` and `jl_setaffinity` --> - [x] #53356 <!-- Rename at-scriptdir project argument to at-script and search upwards for Project.toml --> - [x] #54545 <!-- typeintersect: fix incorrect innervar handling under circular env --> - [x] #54586 <!-- Set storage class of julia globals to dllimport on windows to avoid auto-import weirdness. Forward port of #54572 --> - [x] #54587 <!-- Accomodate for rectangular matrices in `copytrito!` --> - [x] #54617 <!-- CLI: Use `GetModuleHandleExW` to locate libjulia.dll --> - [x] #54605 <!-- Allow libquadmath to also fail as it is not available on all systems --> - [x] #54634 <!-- Fix trampoline assembly for build on clang 18 on apple silicon --> - [x] #54635 <!-- Aggressive constprop in trevc! to stabilize triangular eigvec --> - [x] #54645 <!-- ensure we set the right value to gc_first_tid --> - [x] #54554 <!-- make elsize public --> - [x] #54648 <!-- Construct LazyString in error paths for tridiag --> - [x] #54658 <!-- fix missing uuid check on extension when finding the location of an extension --> - [x] #54594 <!-- Switch to Pkg mode prompt immediately and load Pkg in the background --> - [x] #54669 <!-- Improve error message in inplace transpose --> - [x] #54671 <!-- Add boundscheck in bindingkey_eq to avoid OOB access due to data race --> - [x] #54672 <!-- make: Fix `sed` command for LLVM libraries with no symbol versioning --> - [x] #54624 <!-- more precise aliasing checks for SubArray --> - [x] #54679 <!-- 🤖 [master] Bump the Distributed stdlib from 6a07d98 to 6c7cdb5 --> - [x] #54604 <!-- Fix tbaa annotation on union selector bytes inside of structs --> - [x] #54690 <!-- Fix assertion/crash when optimizing function with dead basic block --> - [x] #54704 <!-- LazyString in reinterpretarray error messages --> - [x] #54718 <!-- fix prepend StackOverflow issue --> - [x] #54674 <!-- Reimplement dummy pkg prompt as standard prompt --> - [x] #54737 <!-- LazyString in interpolated error messages involving types --> - [x] #54642 <!-- Document GenericMemory and AtomicMemory --> - [x] #54713 <!-- make: use `readelf` for LLVM symbol version detection --> - [x] #54760 <!-- REPL: improve prompt! async function handler --> - [x] #54606 <!-- fix double-counting and non-deterministic results in `summarysize` --> - [x] #54759 <!-- REPL: Fully populate the dummy Pkg prompt --> - [x] #54702 <!-- lowering: Recognize argument destructuring inside macro hygiene --> - [x] #54678 <!-- Don't let setglobal! implicitly create bindings --> - [x] #54730 <!-- Fix uuidkey of exts in fast path of `require_stdlib` --> - [x] #54765 <!-- Handle no-postdominator case in finalizer pass --> - [x] #54591 <!-- Don't expose guard pages to malloc_stack API consumers --> - [x] #54755 <!-- [TOML] remove Dates hack, replace with explicit usage --> - [x] #54721 <!-- add try/catch around scheduler to reset sleep state --> - [x] #54631 <!-- Avoid concatenating LazyString in setindex! for triangular matrices --> - [x] #54322 <!-- effects: add new `@consistent_overlay` macro --> - [x] #54785 - [x] #54865 - [x] #54815 - [x] #54795 - [x] #54779 - [x] #54837 Contains multiple commits, manual intervention needed: - [ ] #52694 <!-- Reinstate similar for AbstractQ for backward compatibility --> - [ ] #54649 <!-- Less restrictive copyto! signature for triangular matrices --> Non-merged PRs with backport label: - [ ] #54779 <!-- make recommendation clearer on manifest version mismatch --> - [ ] #54739 <!-- finish implementation of upgradable stdlibs --> - [ ] #54738 <!-- serialization: fix relocatability bug --> - [ ] #54574 <!-- Make ScopedValues public --> - [ ] #54457 <!-- Make `String(::Memory)` copy --> - [ ] #53957 <!-- tweak how filtering is done for what packages should be precompiled --> - [ ] #53452 <!-- RFC: allow Tuple{Union{}}, returning Union{} --> - [ ] #53286 <!-- Raise an error when using `include_dependency` with non-existent file or directory --> - [ ] #51479 <!-- prevent code loading from lookin in the versioned environment when building Julia -->
KristofferC
removed
the
backport 1.11
KristofferC
pushed a commit
that referenced
this pull request
Jul 24, 2024
…54690) AllocOpt probably needs to handle that in other places more smartly but this seems to at least stop it crashing. Fixes issue found in #54604 (comment) by @topolarity. (cherry picked from commit 5cb1107)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
We currently cause a alias analysis contradiction by saying that the unionselbytes are on the stack, even if they are on a struct. LLVM is then able to figure out that we giving it a impossible alias situation (the object doesn't alias itself) and triggers UB.
https://godbolt.org/z/ssEKMzsPf
We may want to do a benchmarks run on this to see if anything too critical hasn't regressed.
Fixes #54599