gh-mirror/mikepaul-LuaJIT
1
0
Fork 0
mirror of https://github.com/LuaJIT/LuaJIT.git synced 2025-02-07 15:14:08 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Don't access dangling reference to reallocated IR.

Browse Source
This commit is contained in:
Mike Pall 2014-03-06 00:39:37 +01:00
parent e94150877d
commit 416abff90d
1 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/lj_asm.c
View File

@ -1246,16 +1246,18 @@ static void asm_phi_fixup(ASMState *as)
Reg r = rset_picktop(work);
IRRef lref = as->phireg[r];
IRIns *ir = IR(lref);
/* Left PHI gained a spill slot before the loop? */
if (irt_ismarked(ir->t) && ra_hasspill(ir->s)) {
IRRef ren;
lj_ir_set(as->J, IRT(IR_RENAME, IRT_NIL), lref, as->loopsnapno);
ren = tref_ref(lj_ir_emit(as->J));
as->ir = as->T->ir; /* The IR may have been reallocated. */
IR(ren)->r = (uint8_t)r;
IR(ren)->s = SPS_NONE;
if (irt_ismarked(ir->t)) {
irt_clearmark(ir->t);
/* Left PHI gained a spill slot before the loop? */
if (ra_hasspill(ir->s)) {
IRRef ren;
lj_ir_set(as->J, IRT(IR_RENAME, IRT_NIL), lref, as->loopsnapno);
ren = tref_ref(lj_ir_emit(as->J));
as->ir = as->T->ir; /* The IR may have been reallocated. */
IR(ren)->r = (uint8_t)r;
IR(ren)->s = SPS_NONE;
}
}
irt_clearmark(ir->t); /* Always clear marker. */
rset_clear(work, r);
}
}