tarantool
/
luajit
/
8554012565
70%
tarantool/master: 93%
tarantool/master: 93%
|
Ran
|
Jobs
1
|
Files
89
|
Run time
267min
|
Badge
Embed ▾
README BADGES
|
coverage: 92.528% (-0.06%) from 92.583%
push
github
BuristanHandle stack reallocation in debug.setmetatable() and lua_setmetatable(). Thanks to Sergey Kaplun. (cherry picked from commit 88ed9fdbb) When we use the aforementioned functions to set a metatable for types with one shared metatable, we must flush all traces since they are specialized to base metatables. If we have enabled vmevent handlers, they invoke a callback on trace flushing. This callback may reallocate the Lua stack. Thus invalidates the reference to the `TValue *` object `o` by the given index in the `lua_setmetatable()` and leads to a heap-use-after-free error. This patch fixes the behaviour by recalculating the address by the given index after possible stack reallocation. Sergey Kaplun: * added the description and the test for the problem Part of tarantool/tarantool#9595 Reviewed-by: Maxim Kokryashkin <m.kokryashkin@tarantool.org> Reviewed-by: Sergey Bronnikov <sergeyb@tarantool.org> Signed-off-by: Sergey Kaplun <skaplun@tarantool.org> (cherry picked from commit e996ad3d7)
5638 of 5999 branches covered (93.98%)
Branch coverage included in aggregate %.
1 of 1 new or added line in 1 file covered. (100.0%)
17 existing lines in 5 files now uncovered.21495 of 23325 relevant lines covered (92.15%)
865441.68 hits per line
Uncovered Existing Lines
| Lines | Coverage | ∆ | File |
|---|---|---|---|
| 1 |
92.11 |
-2.63% | src/lj_vmmath.c |
| 2 |
96.15 |
-0.16% | src/lj_record.c |
| 2 |
91.96 |
-0.45% | src/luajit.c |
| 2 |
87.1 |
-0.17% | src/lj_crecord.c |
| 10 |
77.43 |
-0.99% | src/lj_api.c |
Jobs
| ID | Job ID | Ran | Files | Coverage | |
|---|---|---|---|---|---|
| 1 | 8554012565.1 | 89 |
92.53 |
GitHub Action Run |
