[Tarantool-patches] [PATCH luajit 3/4] ARM64: Fix xpcall() error case.
Sergey Kaplun
skaplun at tarantool.org
Mon May 24 16:27:32 MSK 2021
From: Mike Pall <mike>
Thanks to Stefan Pejic.
(cherry picked from commit 33082a6f4778aa152f6a4a684a7fe79436f1ecb6)
Premature incrementing VM's BASE register before switch to fff_fallback
handler during processing `xpcall()` fast function leads to incorrect
L->base value in case, when `xpcall()` calls without a second argument
or if it equals nil (see <301-basic.t> test in lua-Harness test suite).
While further error processing it leads to crash, due to stack
inconsistency.
This patch moves BASE incrementing after possible switching to
fallback handler.
Sergey Kaplun:
* added the description for the problem
Part of tarantool/tarantool#6093
Part of tarantool/tarantool#5629
---
src/vm_arm64.dasc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/vm_arm64.dasc b/src/vm_arm64.dasc
index 6bf59509..e16a77ab 100644
--- a/src/vm_arm64.dasc
+++ b/src/vm_arm64.dasc
@@ -1186,12 +1186,12 @@ static void build_subroutines(BuildCtx *ctx)
| subs NARGS8:RC, NARGS8:RC, #16
| blo ->fff_fallback
| mov RB, BASE
- | add BASE, BASE, #24
| asr ITYPE, CARG2, #47
| ubfx TMP0w, TMP0w, #HOOK_ACTIVE_SHIFT, #1
| cmn ITYPE, #-LJ_TFUNC
| add PC, TMP0, #24+FRAME_PCALL
| bne ->fff_fallback // Traceback must be a function.
+ | add BASE, BASE, #24
| stp CARG2, CARG1, [RB] // Swap function and traceback.
| cbz NARGS8:RC, ->vm_call_dispatch
| b <1
--
2.31.0
More information about the Tarantool-patches
mailing list