diff options
| author | Mike Pall <mike> | 2025-05-28 21:13:17 +0200 |
|---|---|---|
| committer | Mike Pall <mike> | 2025-05-28 21:13:17 +0200 |
| commit | 048972dbfdb6b441fe8a9bfe4d1f048966579ba8 (patch) | |
| tree | bcc66c02a9f46f38d847fa16fdf13dc4a12b8285 /src | |
| parent | cd4af8ad80bb6430ad2e547f7af236268c9be7d9 (diff) | |
| download | luajit-048972dbfdb6b441fe8a9bfe4d1f048966579ba8.tar.gz luajit-048972dbfdb6b441fe8a9bfe4d1f048966579ba8.tar.bz2 luajit-048972dbfdb6b441fe8a9bfe4d1f048966579ba8.zip | |
Fix JIT slot overflow during up-recursion.
Reported by Sergey Kaplun. #1358
Diffstat (limited to 'src')
| -rw-r--r-- | src/lj_record.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lj_record.c b/src/lj_record.c index d336f642..1d535a22 100644 --- a/src/lj_record.c +++ b/src/lj_record.c | |||
| @@ -749,7 +749,8 @@ void lj_record_ret(jit_State *J, BCReg rbase, ptrdiff_t gotresults) | |||
| 749 | lj_trace_err(J, LJ_TRERR_LLEAVE); | 749 | lj_trace_err(J, LJ_TRERR_LLEAVE); |
| 750 | } else if (J->needsnap) { /* Tailcalled to ff with side-effects. */ | 750 | } else if (J->needsnap) { /* Tailcalled to ff with side-effects. */ |
| 751 | lj_trace_err(J, LJ_TRERR_NYIRETL); /* No way to insert snapshot here. */ | 751 | lj_trace_err(J, LJ_TRERR_NYIRETL); /* No way to insert snapshot here. */ |
| 752 | } else if (1 + pt->framesize >= LJ_MAX_JSLOTS) { | 752 | } else if (1 + pt->framesize >= LJ_MAX_JSLOTS || |
| 753 | J->baseslot + J->maxslot >= LJ_MAX_JSLOTS) { | ||
| 753 | lj_trace_err(J, LJ_TRERR_STACKOV); | 754 | lj_trace_err(J, LJ_TRERR_STACKOV); |
| 754 | } else { /* Return to lower frame. Guard for the target we return to. */ | 755 | } else { /* Return to lower frame. Guard for the target we return to. */ |
| 755 | TRef trpt = lj_ir_kgc(J, obj2gco(pt), IRT_PROTO); | 756 | TRef trpt = lj_ir_kgc(J, obj2gco(pt), IRT_PROTO); |