Age | Commit message (Collapse) | Author |
|
Bignums are artifically restricted in size. Arithmetic and logical
operations check the sizes of resulting bignums, and turn oversize
results into system_limit exceptions.
However, this check is not performed when bignums are constructed by
binary matching. The consequence is that such matchings can construct
oversize bignums that satisfy is_integer/1 yet don't work. Performing
arithmetic such as Term - 0 fails with a system_limit exception. Worse,
performing a logical operation such as Term band Term results in [].
The latter occurs because the size checking (e.g. in erts_band()) is
a simple ASSERT(is_not_nil(...)) on the result of the bignum operation,
which internally is [] (NIL) in the case of oversize results. However,
ASSERT is a no-op in release builds, so the error goes unnoticed and []
is returned as the result of the band/2.
This patch addresses this by preventing oversize bignums from entering
the VM via binary matching:
- the internal bytes_to_big() procedure is augmented to return NIL for
oversize results, just like big_norm()
- callers of bytes_to_big() are augmented to check for NIL returns and
signal errors in those cases
- erts_bs_get_integer_2() can only fail with badmatch, so that is the
Erlang-level result of oversize bignums from binary matches
- big_SUITE.erl is extended with a test case that fails without this
fix (no error signalled) and passes with it (badmatch occurs)
Credit goes to Nico Kruber for the initial bug report.
|
|
|
|
list_to_integer and binary_to_integer returned un-normalized bignum for
-134217728 on 32-bit and -576460752303423488 on 64-bit.
Thanks to Jesper Louis Andersen, Mikael Pettersson
and Anthony Ramine for report, initial patch and optimization suggestion.
|
|
* lukas/erts/fix_neg_of_int64_min/OTP-12097:
erts: Fix neg int overflow when sint is min size
|
|
When INT64_MIN is the value of a Sint64 we have to first cast it to
an Uint64 before negating it. Otherwise we get an integer overflow
which is undefined behaviour and in gcc 4.9 this results in -0 instead
of -9223372036854775808 in gcc 4.8.
|
|
As there is no overflow for signed integers, -SINT_MIN is undefined behaviour
and the cast to unsigned needs to happen before negation. SINT_MIN denotes the
minimum value that can be stored in the Sint type.
beam/big.c:1512:6: runtime error: negation of -9223372036854775808 cannot be represented in type 'Sint' (aka 'long'); cast to an unsigned type to negate this value to itself
|
|
big_buf was one word too short on 32-bit emulators causing
memory corruption.
Seems like this did not cause a problem before the ESTACK memory layout
was changed in 172ebf11dc455e22b87f.
|
|
for the temporary conversion from float to big.
Preparation for coming bugfix of 'big_buf' array size.
|
|
Fix bsr bug occurring when shifting a huge number a huge number of
bits to the right. The bug can occur if Sint is 64 bits and int is 32
bits, causing a truncation in the big.c:I_lshift function.
|
|
|
|
|
|
|
|
Added: binary_to_integer/1,2, integer_to_binary/1,2
|
|
|
|
A large 64-bit immediate number will be stored as SMALL_BIG_EXT by ETS
compressed format. When uncompressing, the SMALL_BIG_EXT was first
decoded as as bignum (by bytes_to_big) and then turned into a small
(by big_norm). This works for normal "binary_to_term" as
decoded_size() over-estimates the needed heap size. But for ETS no
over-estimation is done as the real term size is known and stored in
DbTerm.
Fixed by preventing bytes_to_big() from writing bignum digit when the
number is seen to fit in an immediate.
|
|
Almost all uses of the 'long' datatype is removed from VM and tests
Emulator test now runs w/o drivers crashing
Nasty abs bug fixed in VM as well as type errors in allocator debug functions
Still one allocator test that fails, domain knowledge is needed to fix that.
Fix type inconsistency in beam_load causing crashes
|
|
Can still not setup -a, but cerl works.
|
|
|
|
|
|
For floating point values which are greater than 9007199254740990.0 or
smaller than -9007199254740990.0, the floating point numbers are now
converted to integers during comparison with an integer. This makes
number comparisons transitive for large floating point numbers.
|
|
Conflicts:
erts/emulator/beam/erl_printf_term.c
|
|
|
|
In halfword emulator, make ETS use a variant of the internal term
format that uses relative offsets instead of absolute pointers. This
will allow storage in high memory (>4G). Preprocessor macros (like
list_val_rel(TERM,BASE)) are used to make normal (fullword) emulator
almost completely unchanged while still reusing most of the code.
|
|
|
|
|
|
* pan/otp_8332_halfword:
Teach testcase in driver_suite the new prototype for driver_async
wx: Correct usage of driver callbacks from wx thread
Adopt the new (R13B04) Nif functionality to the halfword codebase
Support monitoring and demonitoring from driver threads
Fix further test-suite problems
Correct the VM to work for more test suites
Teach {wordsize,internal|external} to system_info/1
Make tracing and distribution work
Turn on instruction packing in the loader and virtual machine
Add the BeamInstr data type for loaded BEAM code
Fix the BEAM dissambler for the half-word emulator
Store pointers to heap data in 32-bit words
Add a custom mmap wrapper to force heaps into the lower address range
Fit all heap data into the 32-bit address range
|
|
The following test suites now work:
send_term_SUITE
trace_nif_SUITE
binary_SUITE
match_spec_SUITE
node_container_SUITE
beam_literals_SUITE
Also add a testcases for system_info({wordsize,internal|external}).
|
|
|
|
Store Erlang terms in 32-bit entities on the heap, expanding the
pointers to 64-bit when needed. This works because all terms are stored
on addresses in the 32-bit address range (the 32 most significant bits
of pointers to term data are always 0).
Introduce a new datatype called UWord (along with its companion SWord),
which is an integer having the exact same size as the machine word
(a void *), but might be larger than Eterm/Uint.
Store code as machine words, as the instructions are pointers to
executable code which might reside outside the 32-bit address range.
Continuation pointers are stored on the 32-bit stack and hence must
point to addresses in the low range, which means that loaded beam code
much be placed in the low 32-bit address range (but, as said earlier,
the instructions themselves are full words).
No Erlang term data can be stored on C stacks (enforced by an
earlier commit).
This version gives a prompt, but test cases still fail (and dump core).
The loader (and emulator loop) has instruction packing disabled.
The main issues has been in rewriting loader and actual virtual
machine. Subsystems (like distribution) does not work yet.
|
|
|