diff options
| author | Mike Pall <mike> | 2026-02-11 23:14:13 +0100 |
|---|---|---|
| committer | Mike Pall <mike> | 2026-02-11 23:14:13 +0100 |
| commit | 54cce2e1719a15fc33e40c57dbc3d62e9c104b03 (patch) | |
| tree | 4e4f46ec35a0b7f50a3bf15fbe3ecab5fec18034 | |
| parent | ab834de8b6a963a83046a72b5a7751dcd6cdcff0 (diff) | |
| download | luajit-54cce2e1719a15fc33e40c57dbc3d62e9c104b03.tar.gz luajit-54cce2e1719a15fc33e40c57dbc3d62e9c104b03.tar.bz2 luajit-54cce2e1719a15fc33e40c57dbc3d62e9c104b03.zip | |
Prevent recording of loops with -0 step or NaN values.
Thanks to Sergey Kaplun. #1432 #1433
| -rw-r--r-- | src/lj_record.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/lj_record.c b/src/lj_record.c index 1919ab03..6c64c645 100644 --- a/src/lj_record.c +++ b/src/lj_record.c | |||
| @@ -526,6 +526,12 @@ static LoopEvent rec_for(jit_State *J, const BCIns *fori, int isforl) | |||
| 526 | LoopEvent ev; | 526 | LoopEvent ev; |
| 527 | TRef stop; | 527 | TRef stop; |
| 528 | IRType t; | 528 | IRType t; |
| 529 | /* Avoid semantic mismatches and always failing guards. */ | ||
| 530 | if (tvisnan(&tv[FORL_IDX]) || | ||
| 531 | tvisnan(&tv[FORL_STOP]) || | ||
| 532 | tvisnan(&tv[FORL_STEP]) || | ||
| 533 | tvismzero(&tv[FORL_STEP])) | ||
| 534 | lj_trace_err(J, LJ_TRERR_GFAIL); | ||
| 529 | if (isforl) { /* Handle FORL/JFORL opcodes. */ | 535 | if (isforl) { /* Handle FORL/JFORL opcodes. */ |
| 530 | TRef idx = tr[FORL_IDX]; | 536 | TRef idx = tr[FORL_IDX]; |
| 531 | if (mref(J->scev.pc, const BCIns) == fori && tref_ref(idx) == J->scev.idx) { | 537 | if (mref(J->scev.pc, const BCIns) == fori && tref_ref(idx) == J->scev.idx) { |