From 0bf1749e9fcef24bf7bebbce2a62ee6c766d4c7c Mon Sep 17 00:00:00 2001
From: Alan Wu <XrXr@users.noreply.github.com>
Date: Fri, 13 Oct 2023 10:41:53 -0400
Subject: YJIT: Fix argument clobbering in some block_arg+rest_param calls
 (#8647)

Previously, for block argument callsites with some specific argument
count and callee local variable count combinations, YJIT ended up
writing over arguments that are supposed to be collected into a rest
parameter array unmodified.

Detect when clobbering would happen and avoid it. Also, place the block
handler after the stack overflow check, since it writes to new stack
space.

Reported-by: Takashi Kokubun <takashikkbn@gmail.com>
---
 bootstraptest/test_yjit.rb | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'bootstraptest')

diff --git a/bootstraptest/test_yjit.rb b/bootstraptest/test_yjit.rb
index 999c31fc37..be99d580c1 100644
--- a/bootstraptest/test_yjit.rb
+++ b/bootstraptest/test_yjit.rb
@@ -1,3 +1,15 @@
+# regression test for callee block handler overlapping with arguments
+assert_equal '3', %q{
+  def foo(_req, *args) = args.last
+
+  def call_foo = foo(0, 1, 2, 3, &->{})
+
+  call_foo
+}
+
+# call leaf builtin with a block argument
+assert_equal '0', "0.abs(&nil)"
+
 # regression test for invokeblock iseq guard
 assert_equal 'ok', %q{
   return :ok unless defined?(GC.compact)
-- 
cgit v1.2.3