From 47cffdc723c2e0c6dfaf62b7775ca1c1d338c0a4 Mon Sep 17 00:00:00 2001 From: Roberto Ierusalimschy Date: Wed, 7 Apr 2021 14:59:26 -0300 Subject: [PATCH] Bug: tbc variables in "for" loops don't avoid tail calls --- lparser.c | 21 +++++++++++++++------ testes/locals.lua | 23 +++++++++++++++++++++++ 2 files changed, 38 insertions(+), 6 deletions(-) diff --git a/lparser.c b/lparser.c index 284ef1f0c..df9473c27 100644 --- a/src/lparser.c +++ b/src/lparser.c @@ -416,6 +416,17 @@ static void markupval (FuncState *fs, int level) { } +/* +** Mark that current block has a to-be-closed variable. +*/ +static void marktobeclosed (FuncState *fs) { + BlockCnt *bl = fs->bl; + bl->upval = 1; + bl->insidetbc = 1; + fs->needclose = 1; +} + + /* ** Find a variable with the given name 'n'. If it is an upvalue, add ** this upvalue into all intermediate functions. If it is a global, set @@ -1599,7 +1610,7 @@ static void forlist (LexState *ls, TString *indexname) { line = ls->linenumber; adjust_assign(ls, 4, explist(ls, &e), &e); adjustlocalvars(ls, 4); /* control variables */ - markupval(fs, fs->nactvar); /* last control var. must be closed */ + marktobeclosed(fs); /* last control var. must be closed */ luaK_checkstack(fs, 3); /* extra space to call generator */ forbody(ls, base, line, nvars - 4, 1); } @@ -1703,11 +1714,9 @@ static int getlocalattribute (LexState *ls) { } -static void checktoclose (LexState *ls, int level) { +static void checktoclose (FuncState *fs, int level) { if (level != -1) { /* is there a to-be-closed variable? */ - FuncState *fs = ls->fs; - markupval(fs, level + 1); - fs->bl->insidetbc = 1; /* in the scope of a to-be-closed variable */ + marktobeclosed(fs); luaK_codeABC(fs, OP_TBC, reglevel(fs, level), 0, 0); } } @@ -1751,7 +1760,7 @@ static void localstat (LexState *ls) { adjust_assign(ls, nvars, nexps, &e); adjustlocalvars(ls, nvars); } - checktoclose(ls, toclose); + checktoclose(fs, toclose); } From d205f3a4847bc8b835fda91f51ba1cf45b796baf Mon Sep 17 00:00:00 2001 From: Roberto Ierusalimschy Date: Sat, 10 Apr 2021 10:19:21 -0300 Subject: [PATCH] Bug: Lua source should not use C99 comments ("//") --- lvm.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lvm.c b/lvm.c index c9729bcca..16e01d683 100644 --- a/src/lvm.c +++ b/src/lvm.c @@ -1156,8 +1156,10 @@ void luaV_execute (lua_State *L, CallInfo *ci) { Instruction i; /* instruction being executed */ StkId ra; /* instruction's A register */ vmfetch(); -// low-level line tracing for debugging Lua -// printf("line: %d\n", luaG_getfuncline(cl->p, pcRel(pc, cl->p))); + #if 0 + /* low-level line tracing for debugging Lua */ + printf("line: %d\n", luaG_getfuncline(cl->p, pcRel(pc, cl->p))); + #endif lua_assert(base == ci->func + 1); lua_assert(base <= L->top && L->top < L->stack_last); /* invalidate top for instructions not expecting it */ From 681297187ec45268e872b26753c441586c12bdd8 Mon Sep 17 00:00:00 2001 From: Roberto Ierusalimschy Date: Fri, 16 Apr 2021 15:41:44 -0300 Subject: [PATCH] Bug: yielding in '__close' mess up number of returns Yielding in a __close metamethod called when returning vararg results changes the top and so messes up the number of returned values. --- lstate.h | 2 +- lvm.c | 12 +++++++++- testes/locals.lua | 59 +++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 71 insertions(+), 2 deletions(-) diff --git a/lstate.h b/lstate.h index c1283bb6b..44cf939cb 100644 --- a/src/lstate.h +++ b/src/lstate.h @@ -165,7 +165,7 @@ typedef struct stringtable { ** - field 'nyield' is used only while a function is "doing" an ** yield (from the yield until the next resume); ** - field 'nres' is used only while closing tbc variables when -** returning from a C function; +** returning from a function; ** - field 'transferinfo' is used only during call/returnhooks, ** before the function starts or after it ends. */ diff --git a/lvm.c b/lvm.c index 16e01d683..e4b1903e7 100644 --- a/src/lvm.c +++ b/src/lvm.c @@ -847,10 +847,19 @@ void luaV_finishOp (lua_State *L) { luaV_concat(L, total); /* concat them (may yield again) */ break; } - case OP_CLOSE: case OP_RETURN: { /* yielded closing variables */ + case OP_CLOSE: { /* yielded closing variables */ ci->u.l.savedpc--; /* repeat instruction to close other vars. */ break; } + case OP_RETURN: { /* yielded closing variables */ + StkId ra = base + GETARG_A(inst); + /* adjust top to signal correct number of returns, in case the + return is "up to top" ('isIT') */ + L->top = ra + ci->u2.nres; + /* repeat instruction to close other vars. and complete the return */ + ci->u.l.savedpc--; + break; + } default: { /* only these other opcodes can yield */ lua_assert(op == OP_TFORCALL || op == OP_CALL || @@ -1672,6 +1681,7 @@ void luaV_execute (lua_State *L, CallInfo *ci) { n = cast_int(L->top - ra); /* get what is available */ savepc(ci); if (TESTARG_k(i)) { /* may there be open upvalues? */ + ci->u2.nres = n; /* save number of returns */ if (L->top < ci->top) L->top = ci->top; luaF_close(L, base, CLOSEKTOP, 1); From 6a0dace25a4b5b77f0fa6911de2ba26ef0fdff2c Mon Sep 17 00:00:00 2001 From: Roberto Ierusalimschy Date: Sun, 20 Jun 2021 15:36:36 -0300 Subject: [PATCH] Bug: 'local function' can assign to '' variables --- lparser.c | 1 + testes/locals.lua | 2 ++ 2 files changed, 3 insertions(+) diff --git a/lparser.c b/lparser.c index df9473c27..3abe3d751 100644 --- a/src/lparser.c +++ b/src/lparser.c @@ -1785,6 +1785,7 @@ static void funcstat (LexState *ls, int line) { luaX_next(ls); /* skip FUNCTION */ ismethod = funcname(ls, &v); body(ls, &b, ismethod, line); + check_readonly(ls, &v); luaK_storevar(ls->fs, &v, &b); luaK_fixline(ls->fs, line); /* definition "happens" in the first line */ } From 62fb93442753cbfb828335cd172e71471dffd536 Mon Sep 17 00:00:00 2001 From: Roberto Ierusalimschy Date: Thu, 22 Jul 2021 13:44:53 -0300 Subject: [PATCH] Bug: Negation in 'luaV_shiftr' may overflow Negation of an unchecked lua_Integer overflows with mininteger. --- lvm.c | 2 +- testes/bitwise.lua | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/lvm.c b/lvm.c index ec83f4159..c84a665f5 100644 --- a/src/lvm.c +++ b/src/lvm.c @@ -766,7 +766,7 @@ lua_Number luaV_modf (lua_State *L, lua_Number m, lua_Number n) { /* ** Shift left operation. (Shift right just negates 'y'.) */ -#define luaV_shiftr(x,y) luaV_shiftl(x,-(y)) +#define luaV_shiftr(x,y) luaV_shiftl(x,intop(-, 0, y)) lua_Integer luaV_shiftl (lua_Integer x, lua_Integer y) { if (y < 0) { /* shift right? */ From 439e45a2f69549b674d6a6e2023e8debfa00a2b8 Mon Sep 17 00:00:00 2001 From: Roberto Ierusalimschy Date: Thu, 22 Jul 2021 13:48:43 -0300 Subject: [PATCH] Bug: luaL_tolstring may get confused with negative index When object has a '__name' metafield, 'luaL_tolstring' used the received index after pushing a string on the stack. --- lauxlib.c | 1 + ltests.c | 3 +++ testes/errors.lua | 16 ++++++++++++++++ 3 files changed, 20 insertions(+) diff --git a/lauxlib.c b/lauxlib.c index 94835ef93..8ed1da112 100644 --- a/src/lauxlib.c +++ b/src/lauxlib.c @@ -881,6 +881,7 @@ LUALIB_API lua_Integer luaL_len (lua_State *L, int idx) { LUALIB_API const char *luaL_tolstring (lua_State *L, int idx, size_t *len) { + idx = lua_absindex(L,idx); if (luaL_callmeta(L, idx, "__tostring")) { /* metafield? */ if (!lua_isstring(L, -1)) luaL_error(L, "'__tostring' must return a string"); From 74d99057a5146755e737c479850f87fd0e3b6868 Mon Sep 17 00:00:00 2001 From: Roberto Ierusalimschy Date: Wed, 3 Nov 2021 15:04:18 -0300 Subject: [PATCH] Bug: C stack overflow with coroutines 'coroutine.resume' did not increment counter of C calls when continuing execution after a protected error (that is, while running 'precover'). --- ldo.c | 6 ++++-- testes/cstack.lua | 14 ++++++++++++++ 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/ldo.c b/ldo.c index d0edc8b4f..66f890364 100644 --- a/src/ldo.c +++ b/src/ldo.c @@ -759,11 +759,10 @@ static void resume (lua_State *L, void *ud) { StkId firstArg = L->top - n; /* first argument */ CallInfo *ci = L->ci; if (L->status == LUA_OK) /* starting a coroutine? */ - ccall(L, firstArg - 1, LUA_MULTRET, 1); /* just call its body */ + ccall(L, firstArg - 1, LUA_MULTRET, 0); /* just call its body */ else { /* resuming from previous yield */ lua_assert(L->status == LUA_YIELD); L->status = LUA_OK; /* mark that it is running (again) */ - luaE_incCstack(L); /* control the C stack */ if (isLua(ci)) { /* yielded inside a hook? */ L->top = firstArg; /* discard arguments */ luaV_execute(L, ci); /* just continue running Lua code */ @@ -814,6 +813,9 @@ LUA_API int lua_resume (lua_State *L, lua_State *from, int nargs, else if (L->status != LUA_YIELD) /* ended with errors? */ return resume_error(L, "cannot resume dead coroutine", nargs); L->nCcalls = (from) ? getCcalls(from) : 0; + if (getCcalls(L) >= LUAI_MAXCCALLS) + return resume_error(L, "C stack overflow", nargs); + L->nCcalls++; luai_userstateresume(L, nargs); api_checknelems(L, (L->status == LUA_OK) ? nargs + 1 : nargs); status = luaD_rawrunprotected(L, resume, &nargs); From bfbff3703edae789fa5efa9bf174f8e7cff4ded8 Mon Sep 17 00:00:00 2001 From: Roberto Ierusalimschy Date: Mon, 8 Nov 2021 11:55:25 -0300 Subject: [PATCH] Bug: Wrong status in coroutine during reset When closing variables during 'coroutine.close' or 'lua_resetthread', the status of a coroutine must be set to LUA_OK; a coroutine should not run with any other status. (See assertion in 'lua_callk'.) After the reset, the status should be kept as normal, as any error was already reported. --- lcorolib.c | 4 ++-- lstate.c | 4 ++-- testes/coroutine.lua | 44 +++++++++++++++++++++++++++++++++++++++++++- 3 files changed, 47 insertions(+), 5 deletions(-) diff --git a/lcorolib.c b/lcorolib.c index fedbebec3..785a1e81a 100644 --- a/src/lcorolib.c +++ b/src/lcorolib.c @@ -78,7 +78,7 @@ static int luaB_auxwrap (lua_State *L) { if (stat != LUA_OK && stat != LUA_YIELD) { /* error in the coroutine? */ stat = lua_resetthread(co); /* close its tbc variables */ lua_assert(stat != LUA_OK); - lua_xmove(co, L, 1); /* copy error message */ + lua_xmove(co, L, 1); /* move error message to the caller */ } if (stat != LUA_ERRMEM && /* not a memory error and ... */ lua_type(L, -1) == LUA_TSTRING) { /* ... error object is a string? */ @@ -179,7 +179,7 @@ static int luaB_close (lua_State *L) { } else { lua_pushboolean(L, 0); - lua_xmove(co, L, 1); /* copy error message */ + lua_xmove(co, L, 1); /* move error message */ return 2; } } diff --git a/lstate.c b/lstate.c index bfc590262..5cb0847c8 100644 --- a/src/lstate.c +++ b/src/lstate.c @@ -166,7 +166,7 @@ void luaE_checkcstack (lua_State *L) { if (getCcalls(L) == LUAI_MAXCCALLS) luaG_runerror(L, "C stack overflow"); else if (getCcalls(L) >= (LUAI_MAXCCALLS / 10 * 11)) - luaD_throw(L, LUA_ERRERR); /* error while handing stack error */ + luaD_throw(L, LUA_ERRERR); /* error while handling stack error */ } @@ -330,13 +330,13 @@ int luaE_resetthread (lua_State *L, int status) { ci->callstatus = CIST_C; if (status == LUA_YIELD) status = LUA_OK; + L->status = LUA_OK; /* so it can run __close metamethods */ status = luaD_closeprotected(L, 1, status); if (status != LUA_OK) /* errors? */ luaD_seterrorobj(L, status, L->stack + 1); else L->top = L->stack + 1; ci->top = L->top + LUA_MINSTACK; - L->status = cast_byte(status); luaD_reallocstack(L, cast_int(ci->top - L->stack), 0); return status; }