Skip to content

ZJIT: Fix fixnum folding for negative values #13942

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 17, 2025
Merged

ZJIT: Fix fixnum folding for negative values #13942

merged 1 commit into from
Jul 17, 2025
+19 −3

Conversation

st0012
Copy link
Member

@st0012 st0012 commented Jul 17, 2025

Use fixnum_from_isize instead of fixnum_from_usize in fold_fixnum_bop to properly handle negative values. Casting negative i64 to usize produces large unsigned values that exceed RUBY_FIXNUM_MAX.

This fix allows us to run ZJIT against more tests.

@matzbot matzbot requested a review from a team July 17, 2025 20:10
@st0012
Copy link
Member Author

st0012 commented Jul 17, 2025

Hmm I think the Ubuntu panic is not related to the fix but is surfaced by it:

thread '<unnamed>' panicked at zjit/src/backend/x86_64/mod.rs:248:43:
  index out of bounds: the len is 22 but the index is 28
  stack backtrace:
     0: rust_begin_unwind
               at /rustc/4d91de4e48198da2e33413efdcd9cd2cc0c46688/library/std/src/panicking.rs:692:5
     1: core::panicking::panic_fmt
               at /rustc/4d91de4e48198da2e33413efdcd9cd2cc0c46688/library/core/src/panicking.rs:75:14
     2: core::panicking::panic_bounds_check
               at /rustc/4d91de4e48198da2e33413efdcd9cd2cc0c46688/library/core/src/panicking.rs:273:5
     3: <usize as core::slice::index::SliceIndex<[T]>>::index
               at /rustc/4d91de4e48198da2e33413efdcd9cd2cc0c46688/library/core/src/slice/index.rs:274:10
     4: core::slice::index::<impl core::ops::index::Index<I> for [T]>::index
               at /rustc/4d91de4e48198da2e33413efdcd9cd2cc0c46688/library/core/src/slice/index.rs:16:9
     5: <alloc::vec::Vec<T,A> as core::ops::index::Index<I>>::index
               at /rustc/4d91de4e48198da2e33413efdcd9cd2cc0c46688/library/alloc/src/vec/mod.rs:3361:9
     6: zjit::backend::x86_64::<impl zjit::backend::lir::Assembler>::x86_split
               at /home/runner/work/ruby/ruby/src/zjit/src/backend/x86_64/mod.rs:248:43
     7: zjit::backend::x86_64::<impl zjit::backend::lir::Assembler>::compile_with_regs
               at /home/runner/work/ruby/ruby/src/zjit/src/backend/x86_64/mod.rs:834:19
     8: zjit::backend::lir::Assembler::compile
               at /home/runner/work/ruby/ruby/src/zjit/src/backend/lir.rs:1784:19
     9: zjit::codegen::gen_function
               at /home/runner/work/ruby/ruby/src/zjit/src/codegen.rs:258:5
    10: zjit::codegen::gen_iseq_entry_point_body
               at /home/runner/work/ruby/ruby/src/zjit/src/codegen.rs:122:47
    11: zjit::codegen::gen_iseq_entry_point
               at /home/runner/work/ruby/ruby/src/zjit/src/codegen.rs:[103](https://github.com/ruby/ruby/actions/runs/16354950926/job/46210883252?pr=13942#step:16:104):20
    12: zjit::codegen::rb_zjit_iseq_gen_entry_point::{{closure}}
               at /home/runner/work/ruby/ruby/src/zjit/src/codegen.rs:87:9
    13: std::panicking::try::do_call

@tekknolagi
Copy link
Contributor

Can you please add an HIR test?

@launchable-app Launchable app

This comment has been minimized.

Sign in to view
@st0012 st0012 force-pushed the zjit-fix-fixnum-casting branch from f20ea2c to 5762fe9 Compare July 17, 2025 20:43
@st0012 st0012 mentioned this pull request Jul 17, 2025
Open
tekknolagi
tekknolagi approved these changes Jul 17, 2025
View reviewed changes
Copy link
Contributor

@tekknolagi tekknolagi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@tekknolagi tekknolagi enabled auto-merge (squash) July 17, 2025 21:58
@st0012
ZJIT: Fix fixnum folding for negative values
20ff275 
Use `fixnum_from_isize` instead of `fixnum_from_usize` in
`fold_fixnum_bop` to properly handle negative values. Casting negative
`i64` to `usize` produces large unsigned values that exceed `RUBY_FIXNUM_MAX`.
auto-merge was automatically disabled July 17, 2025 22:04

Head branch was pushed to by a user without write access

@st0012 st0012 force-pushed the zjit-fix-fixnum-casting branch from 5762fe9 to 20ff275 Compare July 17, 2025 22:04
@tekknolagi tekknolagi merged commit 81515ac into ruby:master Jul 17, 2025
84 checks passed
@tekknolagi tekknolagi deleted the zjit-fix-fixnum-casting branch July 17, 2025 23:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tekknolagi tekknolagi tekknolagi approved these changes

@k0kubun k0kubun k0kubun approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@st0012 @tekknolagi @k0kubun