Re: Ravi bug related to setting of L->top in OP

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Ravi bug related to setting of L->top in OP_RETURN
From: Dibyendu Majumdar <mobile@...>
Date: Wed, 5 Aug 2015 08:09:19 +0100

On 2 August 2015 at 10:51, Dibyendu Majumdar <mobile@majumdar.org.uk> wrote:
> I am investigating a particularly difficult bug related to setting of
> L->top, and would appreciate some insight on what L->top should be
> when a function returns via OP_RETURN.
>
> The Lua code does following in OP_RETURN:
>
>         int b = GETARG_B(i);
>         if (cl->p->sizep > 0) luaF_close(L, base);
>         b = luaD_poscall(L, ra, (b != 0 ? b - 1 : L->top - ra));
>         if (!(ci->callstatus & CIST_REENTRY))  /* 'ci' still the called one */
>           return;  /* external invocation: return */
>         else {  /* invocation via reentry: continue execution */
>           ci = L->ci;
>           if (b) L->top = ci->top;
>           lua_assert(isLua(ci));
>           lua_assert(GET_OPCODE(*((ci)->u.l.savedpc - 1)) == OP_CALL);
>           goto newframe;  /* restart luaV_execute over new Lua function */
>         }
>
> It is not clear to me why in the external invocation case, if
> following code is not executed:
>
>           ci = L->ci;
>           if (b) L->top = ci->top;
>
> A related question is what is the meaning of the return value from
> luaD_poscall() - it seems to be a signal for L-top to be reset to
> ci->top, but I am not sure I understand when this happens.
>
> The bug in Ravi is caused under following conditions:
>

Hi - I am still trying to understand above and would appreciate any insights.
I see that luaD_poscall() sets L->top - so then what is the reason
that L->top is reset to ci->top in the one case and not the other? In
particular:

1. What are the invariants for L->top when OP_RETURN completes? If I
wanted to put an assertion here what would that be?
2. Are there any assumptions being made in above code that I need to
be aware of - e.g. it is assumed that when Lua code calls a Lua
function, it is always CIST_REENTRY? In the JIT case this is not true
so what assumptions are being invalidated?

I am debugging this of course and eventually will get to the answer
but any help would be hugely  appreciated.

Thanks and Regards
Dibyendu

References:
- Ravi bug related to setting of L->top in OP_RETURN, Dibyendu Majumdar

Prev by Date: Re: Where can I get the official introduction of "luaL_openlib" function?
Next by Date: LPeg: bug at GitHub
Previous by thread: Ravi bug related to setting of L->top in OP_RETURN
Next by thread: Re: Ravi bug related to setting of L->top in OP_RETURN
Index(es):
- Date
- Thread