[3.11] GH-99298: Don't perform jumps before error handling (GH-99343)

author Brandt Bucher <brandtbucher@microsoft.com>

Fri, 11 Nov 2022 11:30:21 +0000 (03:30 -0800)

committer GitHub <noreply@github.com>

Fri, 11 Nov 2022 11:30:21 +0000 (11:30 +0000)
author Brandt Bucher <brandtbucher@microsoft.com>
Fri, 11 Nov 2022 11:30:21 +0000 (03:30 -0800)
committer GitHub <noreply@github.com>
Fri, 11 Nov 2022 11:30:21 +0000 (11:30 +0000)
diff --git a/Misc/NEWS.d/next/Core and Builtins/2022-11-10-02-11-23.gh-issue-99298.NeArAJ.rst b/Misc/NEWS.d/next/Core and Builtins/2022-11-10-02-11-23.gh-issue-99298.NeArAJ.rst

new file mode 100644 (file)

index 0000000..8908bfa
--- /dev/null
+++ b/Misc/NEWS.d/next/Core and Builtins/2022-11-10-02-11-23.gh-issue-99298.NeArAJ.rst
@@ -0,0 +1,2 @@
+Fix an issue that could potentially cause incorrect error handling for some
+bytecode instructions.
diff --git a/Python/ceval.c b/Python/ceval.c

index c0d9c68de04b0c234ffeae7441c2a8151744a21b..b4ebf0c3d50e5068191ce7d353d03bebeb872e5c 100644 (file)
--- a/Python/ceval.c
+++ b/Python/ceval.c
@@ -2158,6 +2158,7 @@ handle_eval_breaker:
                  PyObject *container = SECOND();
                  next_instr--;
                  if (_Py_Specialize_BinarySubscr(container, sub, next_instr) < 0) {
+                    next_instr++;
                      goto error;
                  }
                  DISPATCH_SAME_OPARG();
@@ -2323,6 +2324,7 @@ handle_eval_breaker:
                  PyObject *container = SECOND();
                  next_instr--;
                  if (_Py_Specialize_StoreSubscr(container, sub, next_instr) < 0) {
+                    next_instr++;
                      goto error;
                  }
                  DISPATCH_SAME_OPARG();
@@ -3056,6 +3058,7 @@ handle_eval_breaker:
                  PyObject *name = GETITEM(names, oparg>>1);
                  next_instr--;
                  if (_Py_Specialize_LoadGlobal(GLOBALS(), BUILTINS(), next_instr, name) < 0) {
+                    next_instr++;
                      goto error;
                  }
                  DISPATCH_SAME_OPARG();
@@ -3481,6 +3484,7 @@ handle_eval_breaker:
                  PyObject *name = GETITEM(names, oparg);
                  next_instr--;
                  if (_Py_Specialize_LoadAttr(owner, next_instr, name) < 0) {
+                    next_instr++;
                      goto error;
                  }
                  DISPATCH_SAME_OPARG();
@@ -3590,6 +3594,7 @@ handle_eval_breaker:
                  PyObject *name = GETITEM(names, oparg);
                  next_instr--;
                  if (_Py_Specialize_StoreAttr(owner, next_instr, name) < 0) {
+                    next_instr++;
                      goto error;
                  }
                  DISPATCH_SAME_OPARG();
@@ -4527,6 +4532,7 @@ handle_eval_breaker:
                  PyObject *name = GETITEM(names, oparg);
                  next_instr--;
                  if (_Py_Specialize_LoadMethod(owner, next_instr, name) < 0) {
+                    next_instr++;
                      goto error;
                  }
                  DISPATCH_SAME_OPARG();
@@ -4801,6 +4807,7 @@ handle_eval_breaker:
                  int err = _Py_Specialize_Precall(callable, next_instr, nargs,
                                                   call_shape.kwnames, oparg);
                  if (err < 0) {
+                    next_instr++;
                      goto error;
                  }
                  DISPATCH_SAME_OPARG();
@@ -4822,6 +4829,7 @@ handle_eval_breaker:
                  int err = _Py_Specialize_Call(callable, next_instr, nargs,
                                                call_shape.kwnames);
                  if (err < 0) {
+                    next_instr++;
                      goto error;
                  }
                  DISPATCH_SAME_OPARG();
@@ -5184,9 +5192,6 @@ handle_eval_breaker:
              PyObject *list = SECOND();
              DEOPT_IF(!PyList_Check(list), PRECALL);
              STAT_INC(PRECALL, hit);
-            // PRECALL + CALL + POP_TOP
-            JUMPBY(INLINE_CACHE_ENTRIES_PRECALL + 1 + INLINE_CACHE_ENTRIES_CALL + 1);
-            assert(_Py_OPCODE(next_instr[-1]) == POP_TOP);
              PyObject *arg = POP();
              if (_PyList_AppendTakeRef((PyListObject *)list, arg) < 0) {
                  goto error;
@@ -5194,6 +5199,9 @@ handle_eval_breaker:
              STACK_SHRINK(2);
              Py_DECREF(list);
              Py_DECREF(callable);
+            // PRECALL + CALL + POP_TOP
+            JUMPBY(INLINE_CACHE_ENTRIES_PRECALL + 1 + INLINE_CACHE_ENTRIES_CALL + 1);
+            assert(_Py_OPCODE(next_instr[-1]) == POP_TOP);
              DISPATCH();
          }
author	Brandt Bucher <brandtbucher@microsoft.com>
	Fri, 11 Nov 2022 11:30:21 +0000 (03:30 -0800)
committer	GitHub <noreply@github.com>
	Fri, 11 Nov 2022 11:30:21 +0000 (11:30 +0000)
Misc/NEWS.d/next/Core and Builtins/2022-11-10-02-11-23.gh-issue-99298.NeArAJ.rst	[new file with mode: 0644]	patch \| blob
Python/ceval.c		patch \| blob \| blame \| history