Avoid out-of-range PC for stack overflow error from snapshot restore.

Reported by Sergey Kaplun. #1359
author: Mike Pall <mike> 2025-05-28 21:02:31 +0200
committer: Mike Pall <mike> 2025-05-28 21:02:31 +0200
commit: cd4af8ad80bb6430ad2e547f7af236268c9be7d9 (patch)
tree: 60cb40dd5a5d3cbec90b3563c9c750923d3542d8 /src/lj_parse.c
parent: 9c8eb7cfe10ef5939d9b358a0bd805a610818ba5 (diff)
download: luajit-cd4af8ad80bb6430ad2e547f7af236268c9be7d9.tar.gz
luajit-cd4af8ad80bb6430ad2e547f7af236268c9be7d9.tar.bz2
luajit-cd4af8ad80bb6430ad2e547f7af236268c9be7d9.zip
1 files changed, 1 insertions, 13 deletions
diff --git a/src/lj_parse.c b/src/lj_parse.c
index ffd11b3b..3370296f 100644
--- a/src/lj_parse.c
+++ b/src/lj_parse.c
@@ -1529,23 +1529,11 @@ static void fs_fixup_var(LexState *ls, GCproto *pt, uint8_t *p, size_t ofsvar)
 #endif
-/* Check if bytecode op returns. */
-static int bcopisret(BCOp op)
-{
-  switch (op) {
-  case BC_CALLMT: case BC_CALLT:
-  case BC_RETM: case BC_RET: case BC_RET0: case BC_RET1:
-    return 1;
-  default:
-    return 0;
-  }
-}
 /* Fixup return instruction for prototype. */
 static void fs_fixup_ret(FuncState *fs)
 {
  BCPos lastpc = fs->pc;
-  if (lastpc <= fs->lasttarget || !bcopisret(bc_op(fs->bcbase[lastpc-1].ins))) {
+  if (lastpc <= fs->lasttarget || !bc_isret_or_tail(bc_op(fs->bcbase[lastpc-1].ins))) {
    if ((fs->bl->flags & FSCOPE_UPVAL))
      bcemit_AJ(fs, BC_UCLO, 0, 0);
    bcemit_AD(fs, BC_RET0, 0, 1);  /* Need final return. */
author	Mike Pall <mike>	2025-05-28 21:02:31 +0200
committer	Mike Pall <mike>	2025-05-28 21:02:31 +0200
commit	cd4af8ad80bb6430ad2e547f7af236268c9be7d9 (patch)
tree	60cb40dd5a5d3cbec90b3563c9c750923d3542d8 /src/lj_parse.c
parent	9c8eb7cfe10ef5939d9b358a0bd805a610818ba5 (diff)
download	luajit-cd4af8ad80bb6430ad2e547f7af236268c9be7d9.tar.gz luajit-cd4af8ad80bb6430ad2e547f7af236268c9be7d9.tar.bz2 luajit-cd4af8ad80bb6430ad2e547f7af236268c9be7d9.zip

diff --git a/src/lj_parse.c b/src/lj_parse.c index ffd11b3b..3370296f 100644 --- a/src/lj_parse.c +++ b/src/lj_parse.c
@@ -1529,23 +1529,11 @@ static void fs_fixup_var(LexState ls, GCproto pt, uint8_t *p, size_t ofsvar)
1529		1529
1530	#endif	1530	#endif
1531		1531
1532	/* Check if bytecode op returns. */
1533	static int bcopisret(BCOp op)
1534	{
1535	switch (op) {
1536	case BC_CALLMT: case BC_CALLT:
1537	case BC_RETM: case BC_RET: case BC_RET0: case BC_RET1:
1538	return 1;
1539	default:
1540	return 0;
1541	}
1542	}
1543
1544	/* Fixup return instruction for prototype. */	1532	/* Fixup return instruction for prototype. */
1545	static void fs_fixup_ret(FuncState *fs)	1533	static void fs_fixup_ret(FuncState *fs)
1546	{	1534	{
1547	BCPos lastpc = fs->pc;	1535	BCPos lastpc = fs->pc;
1548	if (lastpc <= fs->lasttarget \|\| !bcopisret(bc_op(fs->bcbase[lastpc-1].ins))) {	1536	if (lastpc <= fs->lasttarget \|\| !bc_isret_or_tail(bc_op(fs->bcbase[lastpc-1].ins))) {
1549	if ((fs->bl->flags & FSCOPE_UPVAL))	1537	if ((fs->bl->flags & FSCOPE_UPVAL))
1550	bcemit_AJ(fs, BC_UCLO, 0, 0);	1538	bcemit_AJ(fs, BC_UCLO, 0, 0);
1551	bcemit_AD(fs, BC_RET0, 0, 1); /* Need final return. */	1539	bcemit_AD(fs, BC_RET0, 0, 1); /* Need final return. */