https://git.ruby-lang.org/ruby.git/commit/?id=6ef1609fab

From 6ef1609fab0f5bee0592ef9c9cb82e34af8d5efd Mon Sep 17 00:00:00 2001
From: Alan Wu <XrXr@u...>
Date: Mon, 20 Sep 2021 17:35:34 -0400
Subject: Correct margin for stack overflow test

In vm_push_frame(), the stack overflow test is done against a
decremented cfp. YJIT wasn't accounting for that in its stack overflow
tests.
---
 yjit_codegen.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/yjit_codegen.c b/yjit_codegen.c
index a748de0ef7..4fec409621 100644
--- a/yjit_codegen.c
+++ b/yjit_codegen.c
@@ -3132,7 +3132,7 @@ gen_send_cfunc(jitstate_t *jit, ctx_t *ctx, const struct rb_callinfo *ci, const https://github.com/ruby/ruby/blob/trunk/yjit_codegen.c#L3132
     // Stack overflow check
     // #define CHECK_VM_STACK_OVERFLOW0(cfp, sp, margin)
     // REG_CFP <= REG_SP + 4 * sizeof(VALUE) + sizeof(rb_control_frame_t)
-    lea(cb, REG0, ctx_sp_opnd(ctx, sizeof(VALUE) * 4 + sizeof(rb_control_frame_t)));
+    lea(cb, REG0, ctx_sp_opnd(ctx, sizeof(VALUE) * 4 + 2 * sizeof(rb_control_frame_t)));
     cmp(cb, REG_CFP, REG0);
     jle_ptr(cb, COUNTED_EXIT(side_exit, send_se_cf_overflow));
 
@@ -3428,9 +3428,10 @@ gen_send_iseq(jitstate_t *jit, ctx_t *ctx, const struct rb_callinfo *ci, const r https://github.com/ruby/ruby/blob/trunk/yjit_codegen.c#L3428
     }
 
     // Stack overflow check
+    // Note that vm_push_frame checks it against a decremented cfp, hence the multiply by 2.
     // #define CHECK_VM_STACK_OVERFLOW0(cfp, sp, margin)
     ADD_COMMENT(cb, "stack overflow check");
-    lea(cb, REG0, ctx_sp_opnd(ctx, sizeof(VALUE) * (num_locals + iseq->body->stack_max) + sizeof(rb_control_frame_t)));
+    lea(cb, REG0, ctx_sp_opnd(ctx, sizeof(VALUE) * (num_locals + iseq->body->stack_max) + 2 * sizeof(rb_control_frame_t)));
     cmp(cb, REG_CFP, REG0);
     jle_ptr(cb, COUNTED_EXIT(side_exit, send_se_cf_overflow));
 
-- 
cgit v1.2.1


--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/