Fix ICE when data section exceeds 2^12 words#7643
Conversation
LW/LB instructions have 12-bit immediate offsets (max 4095). When copy-type loads exceeded this, realize_load() panicked. Replace the panic with a three-tier approach: <=12-bit uses single LW/LB, >12-bit uses MOVI+ADD+LW/LB (3 instructions), >18-bit panics with a clear message. Update op_size_in_bytes and instruction_size_not_far_jump to return matching instruction counts so jump offsets remain correct.
Exercises the >12-bit offset path by creating 4200+ distinct u64 data section entries (values >262143 to avoid MOVI inlining). Verifies correct codegen via checksum of all loaded values.
|
Thanks for the contribution! Before we can merge this, we need @Dnreikronos to sign the Fuel Labs Contributor License Agreement. |
PR SummaryHigh Risk Overview Copy-type loads in Sizing and layout: Adds an e2e Reviewed by Cursor Bugbot for commit 4d3f0f9. Bugbot is set up for automated code reviews on this repo. Configure here. |
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
The hardcoded -4 byte $pc correction assumed the inner copy-type load always emits 1 instruction. When the pointer entry's word offset exceeds 12 bits (data section >32KB), the inner load emits 3 instructions (MOVI+ADD+LW/LB), making the ADD $pc land 8 bytes further than the stored pointer value accounts for. Three fixes: - Dynamic $pc correction based on predicted pointer entry position - Pointer lookup keyed by (source DataId, instruction offset) instead of pointer value, preventing collisions when the same non-copy entry is loaded at multiple sites - Worst-case pointer word offset for size estimates, using non_configurables_size_in_bytes instead of total section size to avoid configurable entries inflating the threshold
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 4d3f0f9. Configure here.
1 participant
Summary
Closes #7612.
realize_load()panicked for copy-type data section offsets exceeding 12-bitLW/LBimmediate range (4095 words / 32KB). Any program with a data section larger than this ICE'd during codegen.≤12 bits→ singleLW/LBwith immediate offset (unchanged behavior)>12 bits, ≤18 bits→MOVI+ADD $ds+LW/LB(3 instructions, uses dest register as scratch)>18 bits→ panic with clear message (data section ~256KB limit)op_size_in_bytes(finalized_asm.rs) andinstruction_size_not_far_jump(allocated_abstract_instruction_set.rs) to return correct instruction counts for both paths, so jump offsets remain aligned.DataSection::size_in_bytes()for pre-pointer-insertion size snapshots.large_data_sectione2e test creates 4200+ distinctu64entries (values >262143 to bypass MOVI inlining), verifying correct codegen via checksum.Test plan
cargo check -p sway-corepasseslarge_data_sectiontest passes — exercises the >12-bit copy-type offset pathshould_pass/languagee2e tests pass with 0 failures