diff options
| author | Alan Wu <[email protected]> | 2024-04-18 10:04:23 -0400 |
|---|---|---|
| committer | GitHub <[email protected]> | 2024-04-18 10:04:23 -0400 |
| commit | 28efc0c9248f942bd45047bc68bf1c9e00e469f0 (patch) | |
| tree | 41f38dafb9adb5383f4de028a5fc551efebd7690 /yjit/src | |
| parent | 57a262e325580398240bb362d93c398eaab9c2eb (diff) | |
YJIT: Fix canary crash with Array#<< (#10568)
Previously, we got "We are killing the stack canary set by opt_ltlt"
from `$./miniruby --yjit-call-threshold=1 -e 'a = [].freeze; a << 1'`
Found by running ruby-spec with yjit-call-threshold=1.
Diffstat (limited to 'yjit/src')
| -rw-r--r-- | yjit/src/codegen.rs | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/yjit/src/codegen.rs b/yjit/src/codegen.rs index 9d355b854d..d212719c09 100644 --- a/yjit/src/codegen.rs +++ b/yjit/src/codegen.rs @@ -5929,8 +5929,10 @@ fn jit_rb_ary_push( ) -> bool { asm_comment!(asm, "Array#<<"); - // rb_ary_push allocates memory for buffer extension - jit_prepare_call_with_gc(jit, asm); + // rb_ary_push allocates memory for buffer extension and can raise FrozenError + // Not using a lazy frame here since the interpreter also has a truncated + // stack trace from opt_ltlt. + jit_prepare_non_leaf_call(jit, asm); let item_opnd = asm.stack_opnd(0); let ary_opnd = asm.stack_opnd(1); |