ruby.git/bootstraptest/test_yjit.rb, branch v3_3_11 The Ruby Programming Language YJIT: Bail out if proc would be stored above stack top 2026-03-04T06:45:16+00:00 Randy Stauner randy@r4s6.net 2025-12-19T18:19:21+00:00 0cba8cf414dfd8ab30edc3081645405c165a81d5 Fixes [Bug #21266]. Backport of 9168cad4d63a5d281d443bde4edea6be213b0b25 to 3.3 
Fixes [Bug #21266].

Backport of 9168cad4d63a5d281d443bde4edea6be213b0b25 to 3.3
merge revision(s) 80a1a1bb8ae8435b916ae4f66a483e91ad31356a: [Backport #21257] 2025-05-18T07:25:01+00:00 nagachika nagachika@ruby-lang.org 2025-05-18T07:25:01+00:00 f57dd4470b9ba1e2e0007e814f94e8bb4fd2ab6f YJIT: Fix potential infinite loop when OOM (GH-13186) Avoid generating an infinite loop in the case where: 1. Block `first` is adjacent to block `second`, and the branch from `first` to `second` is a fallthrough, and 2. Block `second` immediately exits to the interpreter, and 3. Block `second` is invalidated and YJIT is OOM While pondering how to fix this, I think I've stumbled on another related edge case: 1. Block `incoming_one` and `incoming_two` both branch to block `second`. Block `incoming_one` has a fallthrough 2. Block `second` immediately exits to the interpreter (so it starts with its exit) 3. When Block `second` is invalidated, the incoming fallthrough branch from `incoming_one` might be rewritten first, which overwrites the start of block `second` with a jump to a new branch stub. 4. YJIT runs of out memory 5. The incoming branch from `incoming_two` is then rewritten, but because we're OOM we can't generate a new stub, so we use `second`'s exit as the branch target. However `second`'s exit was already overwritten with a jump to the branch stub for `incoming_one`, so `incoming_two` will end up jumping to `incoming_one`'s branch stub. Fixes [Bug #21257] 
	YJIT: Fix potential infinite loop when OOM (GH-13186)

	Avoid generating an infinite loop in the case where:
	1. Block `first` is adjacent to block `second`, and the branch from `first` to
	   `second` is a fallthrough, and
	2. Block `second` immediately exits to the interpreter, and
	3. Block `second` is invalidated and YJIT is OOM

	While pondering how to fix this, I think I've stumbled on another related edge case:
	1. Block `incoming_one` and `incoming_two` both branch to block `second`. Block
	   `incoming_one` has a fallthrough
	2. Block `second` immediately exits to the interpreter (so it starts with its exit)
	3. When Block `second` is invalidated, the incoming fallthrough branch from
	   `incoming_one` might be rewritten first, which overwrites the start of block
	   `second` with a jump to a new branch stub.
	4. YJIT runs of out memory
	5. The incoming branch from `incoming_two` is then rewritten, but because we're
	   OOM we can't generate a new stub, so we use `second`'s exit as the branch
	   target. However `second`'s exit was already overwritten with a jump to the
	   branch stub for `incoming_one`, so `incoming_two` will end up jumping to
	   `incoming_one`'s branch stub.

	Fixes [Bug #21257]
YJIT: Filter & calls from specialized C method codegen 2025-01-15T05:16:37+00:00 Takashi Kokubun takashikkbn@gmail.com 2025-01-15T05:16:36+00:00 e9f479d8712f7ecd3802d4438cd44161088d9713 Evident with the crash reported in [Bug #20997], the C replacement codegen functions aren't authored to handle block arguments (nor should they because the extra code from the complexity defeats optimization). Filter sites with VM_CALL_ARGS_BLOCKARG. Co-Authored-By: Alan Wu <alanwu@ruby-lang.org> 
Evident with the crash reported in [Bug #20997], the C replacement
codegen functions aren't authored to handle block arguments (nor
should they because the extra code from the complexity defeats
optimization). Filter sites with VM_CALL_ARGS_BLOCKARG.

Co-Authored-By: Alan Wu <alanwu@ruby-lang.org>
Don't call `Warning.warn` unless the category is enabled (#10981) 2024-06-13T17:02:32+00:00 Aaron Patterson tenderlove@ruby-lang.org 2024-06-13T17:02:32+00:00 a3eb5e5c70eaee12964cdd807b8f19950003141f Don't call `Warning.warn` unless the category is enabled The warning category should be enabled if we want to call `Warning.warn`. This commit speeds up the following benchmark: ```ruby eval "def test; " + 1000.times.map { "' '.chomp!" }.join(";") + "; end" def run_benchmark count i = 0 while i < count start = Process.clock_gettime(Process::CLOCK_MONOTONIC) yield ms = Process.clock_gettime(Process::CLOCK_MONOTONIC) - start puts "itr ##{i}: #{(ms * 1000).to_i}ms" i += 1 end end run_benchmark(25) do 250.times do test end end ``` On `master` this runs at about 92ms per iteration. With this patch, it is 7ms per iteration. [Bug #20573] 
Don't call `Warning.warn` unless the category is enabled

The warning category should be enabled if we want to call
`Warning.warn`.

This commit speeds up the following benchmark:

```ruby
eval "def test; " +
  1000.times.map { "'  '.chomp!" }.join(";") + "; end"

def run_benchmark count
  i = 0
  while i < count
    start = Process.clock_gettime(Process::CLOCK_MONOTONIC)
    yield
    ms = Process.clock_gettime(Process::CLOCK_MONOTONIC) - start
    puts "itr ##{i}: #{(ms * 1000).to_i}ms"
    i += 1
  end
end

run_benchmark(25) do
  250.times do
    test
  end
end
```

On `master` this runs at about 92ms per iteration. With this patch, it
is 7ms per iteration.

[Bug #20573]
 merge revision(s) f8abd24b1f28998157da1230b231419ef7b81722: [Backport #20522] 2024-06-05T07:29:17+00:00 Takashi Kokubun takashikkbn@gmail.com 2024-06-05T07:28:47+00:00 e0fe6f70170924397b957d6cfa84774592b1c809 Improve YJIT performance warning regression test [Bug #20522] 
	Improve YJIT performance warning regression test

	[Bug #20522]
[3.3 backport] Do not emit shape transition warnings when YJIT is compiling (#10911) 2024-06-04T20:21:58+00:00 Jean byroot Boussier jean.boussier+github@shopify.com 2024-06-04T20:21:58+00:00 4f00d98b327e3aa23564aa765488d15bc60c9e79 Do not emit shape transition warnings when YJIT is compiling [Bug #20522] If `Warning.warn` is redefined in Ruby, emitting a warning would invoke Ruby code, which can't safely be done when YJIT is compiling. Co-authored-by: Jean Boussier <jean.boussier@gmail.com> Co-authored-by: Takashi Kokubun <takashikkbn@gmail.com> 
Do not emit shape transition warnings when YJIT is compiling

[Bug #20522]

If `Warning.warn` is redefined in Ruby, emitting a warning would invoke
Ruby code, which can't safely be done when YJIT is compiling.

Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
Co-authored-by: Takashi Kokubun <takashikkbn@gmail.com>
 YJIT: Fix out of bounds access when splatting empty array (#10905) 2024-06-04T20:17:41+00:00 Alan Wu XrXr@users.noreply.github.com 2024-06-04T20:17:41+00:00 b74f669e2fbe5c63409878e7a9f9d39c8554ff77 This is a backport of 6c8ae44a388e5c03b7db90376af3652007b574e8 with a test tailored to crash the 3.3.x branch (from GH-10904). Previously, we read the last element array even when the array was empty, doing an out-of-bounds access. This sometimes caused a SEGV. [Bug #20496] 
This is a backport of 6c8ae44a388e5c03b7db90376af3652007b574e8 with a
test tailored to crash the 3.3.x branch (from GH-10904).

    Previously, we read the last element array even when the array was
    empty, doing an out-of-bounds access. This sometimes caused a SEGV.

    [Bug #20496]
 merge revision(s) 015b0e2e1d312e2be60551587389c8da5c585e6f,ac1e9e443a0d6a4d4c0801c26d1d8bd33d9eb431: [Backport #20195] 2024-05-29T00:10:33+00:00 Takashi Kokubun takashikkbn@gmail.com 2024-05-29T00:10:33+00:00 6383d0afac6aa02b3e72d08128cc1d8327f149fa YJIT: Fix unused warnings ``` warning: unused import: `condition::Condition` --> src/asm/arm64/arg/mod.rs:13:9 | 13 | pub use condition::Condition; | ^^^^^^^^^^^^^^^^^^^^ | = note: `#[warn(unused_imports)]` on by default warning: unused import: `rb_yjit_fix_mul_fix as rb_fix_mul_fix` --> src/cruby.rs:188:9 | 188 | pub use rb_yjit_fix_mul_fix as rb_fix_mul_fix; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ warning: unused import: `rb_insn_len as raw_insn_len` --> src/cruby.rs:142:9 | 142 | pub use rb_insn_len as raw_insn_len; | ^^^^^^^^^^^^^^^^^^^^^^^^^^^ | = note: `#[warn(unused_imports)]` on by default ``` Make asm public so it stops warning about unused public stuff in there. YJIT: Fix ruby2_keywords splat+rest and drop bogus checks YJIT didn't guard for ruby2_keywords hash in case of splat calls that land in methods with a rest parameter, creating incorrect results. The compile-time checks didn't correspond to any actual effects of ruby2_keywords, so it was masking this bug and YJIT was needlessly refusing to compile some code. About 16% of fallback reasons in `lobsters` was due to the ISeq check. We already handle the tagging part with exit_if_supplying_kw_and_has_no_kw() and should now have a dynamic guard for all splat cases. Note for backporting: You also need 7f51959ff1. [Bug #20195] 
	YJIT: Fix unused warnings

	```
	warning: unused import: `condition::Condition`
	  --> src/asm/arm64/arg/mod.rs:13:9
	   |
	13 | pub use condition::Condition;
	   |         ^^^^^^^^^^^^^^^^^^^^
	   |
	   = note: `#[warn(unused_imports)]` on by default

	warning: unused import: `rb_yjit_fix_mul_fix as rb_fix_mul_fix`
	   --> src/cruby.rs:188:9
	    |
	188 | pub use rb_yjit_fix_mul_fix as rb_fix_mul_fix;
	    |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

	warning: unused import: `rb_insn_len as raw_insn_len`
	   --> src/cruby.rs:142:9
	    |
	142 | pub use rb_insn_len as raw_insn_len;
	    |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^
	    |
	    = note: `#[warn(unused_imports)]` on by default
	```

	Make asm public so it stops warning about unused public stuff in there.

	YJIT: Fix ruby2_keywords splat+rest and drop bogus checks

	YJIT didn't guard for ruby2_keywords hash in case of splat calls that
	land in methods with a rest parameter, creating incorrect results.

	The compile-time checks didn't correspond to any actual effects of
	ruby2_keywords, so it was masking this bug and YJIT was needlessly
	refusing to compile some code. About 16% of fallback reasons in
	`lobsters` was due to the ISeq check.

	We already handle the tagging part with
	exit_if_supplying_kw_and_has_no_kw() and should now have a dynamic guard
	for all splat cases.

	Note for backporting: You also need 7f51959ff1.

	[Bug #20195]
merge revision(s) 7f51959ff14fbe06bc1afd283d1af17b26161cf4: [Backport #20204] 2024-05-28T23:55:49+00:00 Takashi Kokubun takashikkbn@gmail.com 2024-05-28T23:55:49+00:00 9c81bbbbb738a5747eab5455292536369977ee92 YJIT: Move guard up for a case of splat+rest Previously, YJIT put the guard for having enough items to extract from splat array at a place where the side exit is invalid, so if the guard fails, YJIT could raise something other than ArgumentError. Move the guard up to a place before any stack manipulation. [Bug #20204] 
	YJIT: Move guard up for a case of splat+rest

	Previously, YJIT put the guard for having enough items to extract from
	splat array at a place where the side exit is invalid, so if the guard
	fails, YJIT could raise something other than ArgumentError. Move the
	guard up to a place before any stack manipulation.

	[Bug #20204]
merge revision(s) bbd249e351af7e4929b518a5de73a832b5617273: [Backport #20192] (#10249) 2024-05-28T21:52:47+00:00 NARUSE, Yui nurse@users.noreply.github.com 2024-05-28T21:52:47+00:00 93d7bf5c5c635567fa519affdfd54edeb9064834 * merge revision(s) bbd249e351af7e4929b518a5de73a832b5617273: [Backport #20192] YJIT: Properly reject keyword splat with `yield` We don't have support for keyword splat anywhere, but we tried to compile these anyways in case of `invokeblock`. This led to bad things happening such as passing the wrong value and passing a hash into rb_yjit_array_len(), which raised in the middle of compilation. [Bug #20192] * Skip a new test for RJIT 
* merge revision(s) bbd249e351af7e4929b518a5de73a832b5617273: [Backport #20192]

	YJIT: Properly reject keyword splat with `yield`

	We don't have support for keyword splat anywhere, but we tried to
	compile these anyways in case of `invokeblock`. This led to bad things
	happening such as passing the wrong value and passing a hash into
	rb_yjit_array_len(), which raised in the middle of compilation.

	[Bug #20192]

* Skip a new test for RJIT