Age | Commit message (Collapse) | Author |
|
* dev:
Fix binary construction with huge literal sizes
beam_load.c: Add overflow check of tag values
beam_makeops: Add some sanity checks
Fix construction of <<0:((1 bsl 32)-1)>>
|
|
Constructing binaries using the bit syntax with literals sizes
that would not fit in an Uint will either cause an emulator crash
or the loading to be aborted.
Use the new TAG_o tag introduced in the previous commit to make sure
that the attempt to create huge binary literals will generate a
system_limit exception at run-time.
|
|
The handling of large values for other tags than TAG_i (integer) is
buggy. Any tag value equal to or greater than 2^40 (5 bytes) will
abort loading. Tag values fitting in 5 bytes will be truncated to 4
bytes values.
Those bugs cause real problems because the bs_init2/6 and
bs_init_bits/6 instructions unfortunately use TAG_u to encode literal
sizes (using TAG_i would have been a better choice, but it is too late
to change that now). Any binary size that cannot fit in an Uint
should cause a system_limit exception at run-time, but instead the
buggy handling will either cause an emulator crash (for values in the
range 2^32 to 2^40-1) or abort loading.
In this commit, implement overflow checking of tag values as a
preparation for fixing the binary construction instructions. If any
tag value cannot fit in an Uint (except for TAG_i), change the
tag to the special TAG_o overflow tag.
|
|
We want to make sure that a tag/type name is not defined more than
once and that we don't define too many primitive tags. Primitive
tags must be named with lowercase letters (or they will be confused
with variable names in transformations in the ops.tab file).
|
|
Attempting to construct <<0:((1 bsl 32)-1)>>, the largest bitstring
allowed in a 32 bit emulator, would cause an emulator crash because
of integer overflow.
Fix the problem by using an Uint64 to avoid integer overflow.
Do not attempt to handle construction of <<0:((1 bsl 64)-1>> in
a 64-bit emulator, because that will certainly cause the emulator
to terminate anyway because of insufficient memory.
|
|
|
|
* sverker/allocator-aoff/OTP-9424:
New allocator: Address order first fit (aoff)
|
|
|
|
* sverker/fun_SUITE-refc_dist-gcfix:
Fix test case fun_SUITE:refc_dist
|
|
|
|
* sverker/testcase/OTP-9422:
Test case for OTP-9422
|
|
|
|
It failed sometimes depending on GC invocation.
|
|
|
|
alloc_no of sbmbc_low_alloc was set to ERTS_ALC_A_STANDARD_LOW
|
|
|
|
|
|
Conflicts:
erts/emulator/test/nif_SUITE.erl
erts/emulator/test/nif_SUITE_data/nif_SUITE.c
sverker/enif_make_int64-halfword/OTP-9394
|
|
* sverker/enif_make_int64-halfword/OTP-9394:
Fix halfword bug in enif_make_int64
|
|
|
|
* rickard/sbmbc/OTP-9339:
Use separate memory carriers for small blocks
|
|
* sverker/ets_delete-deadlock-race/OTP-9423:
Fix bug in ets:delete for write_concurrency that could lead to deadlock
|
|
|
|
* rickard/atomics-api/OTP-9014:
Use new atomic API in runtime system
Improve ethread atomics
|
|
* lukas/erts/enif_make_reverse_list/OTP-9392:
Add version comment
Rename enif_get_reverse_list to enif_make_reverse_list
Remove extra allocated heap fragment
Added enif_get_reverse_list to nif API
|
|
A trace matchspec with 'enable_trace' or 'disable_trace' in body could
cause an emulator crash if a concurrent process altered the trace
setting of the traced function by calling erlang:trace_pattern.
The effect was a deallocation of the binary holding the matchspec
program while it was running. Fixed by increasing reference count of
ms-binary in the cases when 'enable_trace' or 'disable_trace' may
cause a system block that may alter the ongoing trace.
The paradox here is that db_prog_match() is using erts_smp_block_system()
to do 'enable_trace' and 'disable_trace' in a safe (atomic) way. But that
also have the (non-atomic) effect that racing thread might block the
system and change the trace settings with erlang:trace_pattern.
|
|
Relocking in ets_delete_1() and remove_named_tab() was done by
unlocking the table without clearing the is_thread_safe flag. A racing
thread could then read-lock the table and then incorrectly
write-unlock the table as db_unlock() looked at is_thread_safe to
determine which kind of lock to unlock.
Several fixes:
1. Make db_unlock() use argument 'kind' instead of is_thread_safe to
determine lock type.
2. Make relock logic use db_lock() and db_unlock() instead of directly
accessing lock primitives.
3. Do ownership transfer earlier in ets_delete_1 to avoid racing owner
process to also start deleting the same table.
|
|
concat_binary/1 was deprecated in R13B04, but already in
the R10B-2 release, the documentation recommends using
list_to_binary/1 instead.
|
|
|
|
|
|
The bug was creating an invalid bignum instead of a small integer,
causing strange comparing behavior (=:= failed but == succeeded).
|
|
|
|
|
|
All uses of the old deprecated atomic API in the runtime system
have been replaced with the use of the new atomic API. In a lot of
places this change imply a relaxation of memory barriers used.
|
|
The ethread atomics API now also provide double word size atomics.
Double word size atomics are implemented using native atomic
instructions on x86 (when the cmpxchg8b instruction is available)
and on x86_64 (when the cmpxchg16b instruction is available). On
other hardware where 32-bit atomics or word size atomics are
available, an optimized fallback is used; otherwise, a spinlock,
or a mutex based fallback is used.
The ethread library now performs runtime tests for presence of
hardware features, such as for example SSE2 instructions, instead
of requiring this to be determined at compile time.
There are now functions implementing each atomic operation with the
following implied memory barrier semantics: none, read, write,
acquire, release, and full. Some of the operation-barrier
combinations aren't especially useful. But instead of filtering
useful ones out, and potentially miss a useful one, we implement
them all.
A much smaller set of functionality for native atomics are required
to be implemented than before. More or less only cmpxchg and a
membar macro are required to be implemented for each atomic size.
Other functions will automatically be constructed from these. It is,
of course, often wise to implement more that this if possible from a
performance perspective.
|
|
|
|
The efile driver will now use chunked data on list_dir. This will
lessen the number of sends to prim_file and hence improve
performance. This method is utilized in both direct and async cases.
|
|
|
|
* rickard/driver_async_cancel/OTP-9302:
Fix testcase
|
|
|
|
* rickard/driver_async_cancel/OTP-9302:
Fix driver_async_cancel()
|
|
|
|
|
|
* sverker/hipe-misc-fixing/OTP-9298:
hipe_mkliterals print argv[0] in generated files
Fix code:is_module_native segv on deleted module
lock checking fix in hipe_bif2.c
|
|
* rickard/barriers/OTP-9281:
Silence warnings
Fix build with hipe on amd64
Reduce number of atomic ops
Use 32-bit atomic for port snapshot
Remove pointless erts_ports_alive variable
Ensure quick break
Ensure that all rehashing information are seen when done
Ensure that stack updates are seen when stack is released
Add needed barriers for write_concurrency tables
Homogenize memory barriers on atomics
|
|
|
|
|
|
Counters for active, and used schedulers have been coalesced in
order to reduce the amount of atomic operations needed.
Some currently not strictly necessary barriers have also been added
in order to be future proof.
|
|
|
|
|