diff options
| author | Mike Pall <mike> | 2024-03-10 17:19:29 +0100 |
|---|---|---|
| committer | Mike Pall <mike> | 2024-03-10 17:19:29 +0100 |
| commit | 302366a33853b730f1b7eb61d792abc4f84f0caa (patch) | |
| tree | 1f131225559fcf6009c71ad9480e125b2b3eef8d | |
| parent | dda1ac273ad946387088d91039a8ae319359903d (diff) | |
| download | luajit-302366a33853b730f1b7eb61d792abc4f84f0caa.tar.gz luajit-302366a33853b730f1b7eb61d792abc4f84f0caa.tar.bz2 luajit-302366a33853b730f1b7eb61d792abc4f84f0caa.zip | |
Check frame size limit before returning to a lower frame.
Thanks to Sergey Kaplun. #1173
| -rw-r--r-- | src/lj_record.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/lj_record.c b/src/lj_record.c index 0122105b..35e6d6e1 100644 --- a/src/lj_record.c +++ b/src/lj_record.c | |||
| @@ -749,6 +749,8 @@ void lj_record_ret(jit_State *J, BCReg rbase, ptrdiff_t gotresults) | |||
| 749 | lj_trace_err(J, LJ_TRERR_LLEAVE); | 749 | lj_trace_err(J, LJ_TRERR_LLEAVE); |
| 750 | } else if (J->needsnap) { /* Tailcalled to ff with side-effects. */ | 750 | } else if (J->needsnap) { /* Tailcalled to ff with side-effects. */ |
| 751 | lj_trace_err(J, LJ_TRERR_NYIRETL); /* No way to insert snapshot here. */ | 751 | lj_trace_err(J, LJ_TRERR_NYIRETL); /* No way to insert snapshot here. */ |
| 752 | } else if (1 + pt->framesize >= LJ_MAX_JSLOTS) { | ||
| 753 | lj_trace_err(J, LJ_TRERR_STACKOV); | ||
| 752 | } else { /* Return to lower frame. Guard for the target we return to. */ | 754 | } else { /* Return to lower frame. Guard for the target we return to. */ |
| 753 | TRef trpt = lj_ir_kgc(J, obj2gco(pt), IRT_PROTO); | 755 | TRef trpt = lj_ir_kgc(J, obj2gco(pt), IRT_PROTO); |
| 754 | TRef trpc = lj_ir_kptr(J, (void *)frame_pc(frame)); | 756 | TRef trpc = lj_ir_kptr(J, (void *)frame_pc(frame)); |