DrSocalkwe3n/luajit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add guard for obscure aliasing between open upvalues and SSA slots.

Browse Source 
Thanks to Peter Cawley.
This commit is contained in:
Mike Pall
2016-05-20 20:24:06 +02:00
parent 5837c2a2fb
commit 37e1e70313
6 changed files with 8 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/lj_record.c
View File

@@ -1343,13 +1343,17 @@ noconstify:
/* Note: this effectively limits LJ_MAX_UPVAL to 127. */
uv = (uv << 8) | (hashrot(uvp->dhash, uvp->dhash + HASH_BIAS) & 0xff);
if (!uvp->closed) {
uref = tref_ref(emitir(IRTG(IR_UREFO, IRT_P32), fn, uv));
/* In current stack? */
if (uvval(uvp) >= tvref(J->L->stack) &&
uvval(uvp) < tvref(J->L->maxstack)) {
int32_t slot = (int32_t)(uvval(uvp) - (J->L->base - J->baseslot));
if (slot >= 0) { /* Aliases an SSA slot? */
emitir(IRTG(IR_EQ, IRT_P32),
REF_BASE,
emitir(IRT(IR_ADD, IRT_P32), uref,
lj_ir_kint(J, (slot - 1) * -8)));
slot -= (int32_t)J->baseslot; /* Note: slot number may be negative! */
/* NYI: add IR to guard that it's still aliasing the same slot. */
if (val == 0) {
return getslot(J, slot);
} else {
@@ -1359,7 +1363,9 @@ noconstify:
}
}
}
uref = tref_ref(emitir(IRTG(IR_UREFO, IRT_P32), fn, uv));
emitir(IRTG(IR_UGT, IRT_P32),
emitir(IRT(IR_SUB, IRT_P32), uref, REF_BASE),
lj_ir_kint(J, (J->baseslot + J->maxslot) * 8));
} else {
needbarrier = 1;
uref = tref_ref(emitir(IRTG(IR_UREFC, IRT_P32), fn, uv));