Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix stack overflow when asking for an AOT operand's type. #1397

Merged
merged 1 commit into from
Sep 13, 2024
Merged

Fix stack overflow when asking for an AOT operand's type. #1397

merged 1 commit into from
Sep 13, 2024

Conversation

vext01
Copy link
Contributor

@vext01 vext01 commented Sep 13, 2024
edited
Loading

Requires ykjit/ykllvm#200

When adding more passes to the AOT pipeline we found that the mere act of printing the AOT module can cause stack overflows.

If you have IR like:

bb0:
    %1 = ...
bb1:
    %2 = phi bb1 -> %3, bb0 -> %1
    %3 = %2 + 1
    goto bb1

Asking the type of %3 causes infinite recursion.

This is because an operation often asks its operands for their type to determine their own type.

Here, %3 asks %2, who asks %3, who asks %2, who asks... forever. Each "ask" is a function call, so this blows the stack.

This change breaks the cycle by putting a PHI's type into the instruction explicitly, so it doesn't have to search further afield to know it's type.

We haven't seen this before because usually the first operand to a PHI is from earlier (not later) in the module, so there is no cycle.

@vext01
Copy link
Contributor Author

vext01 commented Sep 13, 2024

I've just noticed a small typo in the commit message. If we could pause before merging so I can fix it.

@ltratt
Copy link
Contributor

ltratt commented Sep 13, 2024

Please force push a fix.

@vext01
Fix stack overflow when asking for an AOT operand's type.
37bdeb3 
When adding more passes to the AOT pipeline we found that the mere act
of printing the AOT module can cause stack overflows.

If you have IR like:

```
bb0:
    %1 = ...
bb1:
    %2 = phi bb1 -> %3, bb0 -> %1
    %3 = %2 + 1
    goto bb1
```

Asking the type of %3 causes infinite recursion.

This is because an operation often asks its operands for their type to
determine their own type.

Here, %3 asks %2, who asks %3, who asks %2, who asks... forever. Each
"ask" is a function call, so this blows the stack.

This change breaks the cycle by putting a PHI's type into the
instruction explicitly, so it doesn't have to search further afield to
know it's type.

We haven't seen this before because usually the first operand to a PHI
is from earlier (not later) in the module, so there is no cycle.
@vext01
Copy link
Contributor Author

vext01 commented Sep 13, 2024

Fixed.

@ltratt ltratt added this pull request to the merge queue Sep 13, 2024
Merged via the queue into ykjit:master with commit 7baa208 Sep 13, 2024
2 checks passed
@vext01 vext01 deleted the phi-type branch September 16, 2024 08:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@ltratt ltratt

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@vext01 @ltratt