From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from [87.239.111.99] (localhost [127.0.0.1]) by dev.tarantool.org (Postfix) with ESMTP id 94BFC6ECCC; Sun, 31 Jul 2022 14:01:32 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org 94BFC6ECCC DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tarantool.org; s=dev; t=1659265292; bh=b2m9+FpDhrvso/cNCCBaIoTaEfu8BRVqvBXDkh9GyfE=; h=To:Date:In-Reply-To:References:Subject:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=Fo8ITl3Tq57NfiutAkEYrAgZ1xjXSpmL+8WvuJzZ6fqOlFhAy80FJF54UCLcnAKRr FR7XJm2iGSqd/71EDxwk20gFte2JAShd0R+zvL4GAwkk58K+MrFO4kpNzTtIX6dlci AcBM2pG7vEMdFx6TO6m5VeZJQ5nyO1ap2WLu0BWI= Received: from smtp42.i.mail.ru (smtp42.i.mail.ru [94.100.177.102]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id 48A536ECCC for ; Sun, 31 Jul 2022 14:01:01 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org 48A536ECCC Received: by smtp42.i.mail.ru with esmtpa (envelope-from ) id 1oI6gu-0008UN-IL; Sun, 31 Jul 2022 14:01:00 +0300 To: Sergey Ostanevich , Igor Munkin Date: Sun, 31 Jul 2022 13:58:30 +0300 Message-Id: <2409b71740006f7ea89e8f360ea77f68de7be1d5.1659264154.git.skaplun@tarantool.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Mailru-Src: smtp X-4EC0790: 10 X-7564579A: 646B95376F6C166E X-77F55803: 4F1203BC0FB41BD9626C4810127D410704E254B5F4661BBDBB661CBD648A7578182A05F538085040E1D2C96F789DB284A60245C3D696DA57C1DDBA99DB97BC92C1FDF0ED790E1AB6 X-7FA49CB5: FF5795518A3D127A4AD6D5ED66289B5278DA827A17800CE701173C01F417A2A6EA1F7E6F0F101C67BD4B6F7A4D31EC0BCC500DACC3FED6E28638F802B75D45FF8AA50765F7900637D84D274D72FCF47F8638F802B75D45FF36EB9D2243A4F8B5A6FCA7DBDB1FC311F39EFFDF887939037866D6147AF826D89B2B9928D8A603935C7B71F2BD2A085D117882F4460429724CE54428C33FAD305F5C1EE8F4F765FC446481F63F96602EA471835C12D1D9774AD6D5ED66289B52BA9C0B312567BB23117882F44604297287769387670735209ECD01F8117BC8BEA471835C12D1D977C4224003CC836476EB9C4185024447017B076A6E789B0E975F5C1EE8F4F765FC03B2A7A012825AB43AA81AA40904B5D9CF19DD082D7633A078D18283394535A93AA81AA40904B5D98AA50765F79006370C64787D39A0DDBBD81D268191BDAD3D698AB9A7B718F8C4D1B931868CE1C5781A620F70A64A45A98AA50765F79006372E808ACE2090B5E1725E5C173C3A84C3C5EA940A35A165FF2DBA43225CD8A89FBFBFE0634520CEB9156CCFE7AF13BCA4B5C8C57E37DE458BEDA766A37F9254B7 X-C1DE0DAB: C20DE7B7AB408E4181F030C43753B8186998911F362727C41E93BD56E7067354307CAA32FF218580205367B2BCC23E5B0D53CE0FDF8446B28329FE0B6AC8C886CFC4036BBF6A4EA9BF8C51168CD8EBDB4F326BE173F0FED1BCD5413C93A139628A5251AA20633D26296C473AB1E14218A1C3358294ED9A477866D6147AF826D89B2B9928D8A603935C7B71F2BD2A085DF972CCD2F8FE1EF1CFC4036BBF6A4EA9B11811A4A51E3B0915E2725BA614EAEA1EF972C1F679AE1C X-C8649E89: 4E36BF7865823D7055A7F0CF078B5EC49A30900B95165D349EC559D073CA5B68F971EA686EDC27F5172E9B03A76C28B4BFADF0DF0E0410D0D503AEB3B3060E981D7E09C32AA3244CEADD1F76A9FC46F4FFA110CEF34BC16C24AF4FAF06DA24FD927AC6DF5659F194 X-D57D3AED: 3ZO7eAau8CL7WIMRKs4sN3D3tLDjz0dLbV79QFUyzQ2Ujvy7cMT6pYYqY16iZVKkSc3dCLJ7zSJH7+u4VD18S7Vl4ZUrpaVfd2+vE6kuoey4m4VkSEu530nj6fImhcD4MUrOEAnl0W826KZ9Q+tr5ycPtXkTV4k65bRjmOUUP8cvGozZ33TWg5HZplvhhXbhDGzqmQDTd6OAevLeAnq3Ra9uf7zvY2zzsIhlcp/Y7m53TZgf2aB4JOg4gkr2biojW6ri1/dK1UbXJghJCHDyqw== X-Mailru-Sender: 07FBBCF39629D1142254247A6196FF9B6B7EF5ED0226B26BA60245C3D696DA57825871508D9F3970DEDBA653FF35249392D99EB8CC7091A70E183A470755BFD208F19895AA18418972D6B4FCE48DF648AE208404248635DF X-Mras: Ok Subject: [Tarantool-patches] [PATCH luajit 1/2] Fix handling of errors during snapshot restore. X-BeenThere: tarantool-patches@dev.tarantool.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Sergey Kaplun via Tarantool-patches Reply-To: Sergey Kaplun Cc: tarantool-patches@dev.tarantool.org Errors-To: tarantool-patches-bounces@dev.tarantool.org Sender: "Tarantool-patches" From: Mike Pall (cherry picked from commit 12ab596997b9cb27846a5b254d11230c3f9c50c8) When an error is raised during snapshot restore, `err_unwind()` skipped the correct cframe to stop unwinding. It happens due this frame is C frame without Lua frame and the special negative value of `cfram_nres()` for this frame isn't set. This patch sets `cframe_nres()` for cframe with snap restoration to `-2*LUAI_MAXSTACK` to guarantee that an error will be always caught here. Sergey Kaplun: * added the description and the test for the problem Part of tarantool/tarantool#7230 --- src/lj_trace.c | 2 ++ .../lj-603-err-snap-restore.test.lua | 30 +++++++++++++++++++ 2 files changed, 32 insertions(+) create mode 100644 test/tarantool-tests/lj-603-err-snap-restore.test.lua diff --git a/src/lj_trace.c b/src/lj_trace.c index d7a78d4d..68a657a7 100644 --- a/src/lj_trace.c +++ b/src/lj_trace.c @@ -803,6 +803,8 @@ static TValue *trace_exit_cp(lua_State *L, lua_CFunction dummy, void *ud) { ExitDataCP *exd = (ExitDataCP *)ud; cframe_errfunc(L->cframe) = -1; /* Inherit error function. */ + /* Always catch error here. */ + cframe_nres(L->cframe) = -2*LUAI_MAXSTACK*(int)sizeof(TValue); exd->pc = lj_snap_restore(exd->J, exd->exptr); UNUSED(dummy); return NULL; diff --git a/test/tarantool-tests/lj-603-err-snap-restore.test.lua b/test/tarantool-tests/lj-603-err-snap-restore.test.lua new file mode 100644 index 00000000..82ce6a8f --- /dev/null +++ b/test/tarantool-tests/lj-603-err-snap-restore.test.lua @@ -0,0 +1,30 @@ +local tap = require('tap') + +-- Test file to demonstrate the incorrect JIT behaviour when an +-- error is raised on restoration from the snapshot. +-- See also https://github.com/LuaJIT/LuaJIT/issues/603. +local test = tap.test('lj-603-err-snap-restore.test.lua') +test:plan(1) + +local recursive_f +local function errfunc() + xpcall(recursive_f, errfunc) +end + +-- A recursive call to itself leads to trace with up-recursion. +-- When the Lua stack can't be grown more, error is raised on +-- restoration from the snapshot. +recursive_f = function() + xpcall(recursive_f, errfunc) + errfunc = function() end + recursive_f = function() end +end +recursive_f() + +test:ok(true) + +-- XXX: Don't use `os.exit()` here intense. When error on snap +-- restoration is raised, `err_unwind()` doesn't stop on correct +-- cframe. So later, on exit from VM this corrupted cframe chain +-- shows itself. `os.exit()` literally calls `exit()` and doesn't +-- show the issue. -- 2.34.1