RubyGems - immunio - Versions diffs - 1.2.1 → 2.0.2 - Mend

immunio 1.2.1 → 2.0.2

Files changed (291) hide show

checksums.yaml +4 -4
data/README.md +13 -5
data/ext/immunio/Rakefile +14 -6
data/lib/immunio/context.rb +2 -0
data/lib/immunio/plugins/action_view.rb +7 -668
data/lib/immunio/plugins/action_view/action_view.rb +22 -0
data/lib/immunio/plugins/action_view/active_support_hash.rb +29 -0
data/lib/immunio/plugins/action_view/cache_store.rb +24 -0
data/lib/immunio/plugins/action_view/erubi.rb +38 -0
data/lib/immunio/plugins/action_view/erubis.rb +39 -0
data/lib/immunio/plugins/action_view/fragment_caching.rb +29 -0
data/lib/immunio/plugins/action_view/haml.rb +46 -0
data/lib/immunio/plugins/action_view/slim.rb +42 -0
data/lib/immunio/plugins/action_view/template.rb +431 -0
data/lib/immunio/plugins/action_view/template_rendering.rb +45 -0
data/lib/immunio/plugins/http_tracker.rb +2 -0
data/lib/immunio/plugins/io.rb +34 -0
data/lib/immunio/version.rb +1 -1
data/lua-hooks/Makefile +36 -9
data/lua-hooks/ext/luajit/COPYRIGHT +1 -1
data/lua-hooks/ext/luajit/Makefile +22 -15
data/lua-hooks/ext/luajit/README +2 -2
data/lua-hooks/ext/luajit/doc/bluequad-print.css +1 -1
data/lua-hooks/ext/luajit/doc/bluequad.css +1 -1
data/lua-hooks/ext/luajit/doc/changes.html +69 -3
data/lua-hooks/ext/luajit/doc/contact.html +10 -3
data/lua-hooks/ext/luajit/doc/ext_c_api.html +2 -2
data/lua-hooks/ext/luajit/doc/ext_ffi.html +2 -2
data/lua-hooks/ext/luajit/doc/ext_ffi_api.html +2 -2
data/lua-hooks/ext/luajit/doc/ext_ffi_semantics.html +3 -4
data/lua-hooks/ext/luajit/doc/ext_ffi_tutorial.html +2 -2
data/lua-hooks/ext/luajit/doc/ext_jit.html +3 -3
data/lua-hooks/ext/luajit/doc/ext_profiler.html +2 -2
data/lua-hooks/ext/luajit/doc/extensions.html +47 -20
data/lua-hooks/ext/luajit/doc/faq.html +2 -2
data/lua-hooks/ext/luajit/doc/install.html +74 -45
data/lua-hooks/ext/luajit/doc/luajit.html +5 -5
data/lua-hooks/ext/luajit/doc/running.html +3 -3
data/lua-hooks/ext/luajit/doc/status.html +13 -8
data/lua-hooks/ext/luajit/dynasm/dasm_arm.h +1 -1
data/lua-hooks/ext/luajit/dynasm/dasm_arm.lua +1 -1
data/lua-hooks/ext/luajit/dynasm/dasm_arm64.h +1 -1
data/lua-hooks/ext/luajit/dynasm/dasm_arm64.lua +1 -1
data/lua-hooks/ext/luajit/dynasm/dasm_mips.h +8 -5
data/lua-hooks/ext/luajit/dynasm/dasm_mips.lua +66 -11
data/lua-hooks/ext/luajit/dynasm/dasm_mips64.lua +12 -0
data/lua-hooks/ext/luajit/dynasm/dasm_ppc.h +1 -1
data/lua-hooks/ext/luajit/dynasm/dasm_ppc.lua +1 -1
data/lua-hooks/ext/luajit/dynasm/dasm_proto.h +1 -1
data/lua-hooks/ext/luajit/dynasm/dasm_x64.lua +1 -1
data/lua-hooks/ext/luajit/dynasm/dasm_x86.h +1 -1
data/lua-hooks/ext/luajit/dynasm/dasm_x86.lua +5 -1
data/lua-hooks/ext/luajit/dynasm/dynasm.lua +2 -2
data/lua-hooks/ext/luajit/etc/luajit.1 +1 -1
data/lua-hooks/ext/luajit/etc/luajit.pc +1 -1
data/lua-hooks/ext/luajit/src/Makefile +15 -11
data/lua-hooks/ext/luajit/src/Makefile.dep +16 -16
data/lua-hooks/ext/luajit/src/host/buildvm.c +2 -2
data/lua-hooks/ext/luajit/src/host/buildvm.h +1 -1
data/lua-hooks/ext/luajit/src/host/buildvm_asm.c +9 -4
data/lua-hooks/ext/luajit/src/host/buildvm_fold.c +2 -2
data/lua-hooks/ext/luajit/src/host/buildvm_lib.c +1 -1
data/lua-hooks/ext/luajit/src/host/buildvm_libbc.h +14 -3
data/lua-hooks/ext/luajit/src/host/buildvm_peobj.c +27 -3
data/lua-hooks/ext/luajit/src/host/genlibbc.lua +1 -1
data/lua-hooks/ext/luajit/src/host/genminilua.lua +6 -5
data/lua-hooks/ext/luajit/src/host/minilua.c +1 -1
data/lua-hooks/ext/luajit/src/jit/bc.lua +1 -1
data/lua-hooks/ext/luajit/src/jit/bcsave.lua +8 -8
data/lua-hooks/ext/luajit/src/jit/dis_arm.lua +2 -2
data/lua-hooks/ext/luajit/src/jit/dis_arm64.lua +1216 -0
data/lua-hooks/ext/luajit/src/jit/dis_arm64be.lua +12 -0
data/lua-hooks/ext/luajit/src/jit/dis_mips.lua +35 -20
data/lua-hooks/ext/luajit/src/jit/dis_mips64.lua +17 -0
data/lua-hooks/ext/luajit/src/jit/dis_mips64el.lua +17 -0
data/lua-hooks/ext/luajit/src/jit/dis_mipsel.lua +1 -1
data/lua-hooks/ext/luajit/src/jit/dis_ppc.lua +2 -2
data/lua-hooks/ext/luajit/src/jit/dis_x64.lua +1 -1
data/lua-hooks/ext/luajit/src/jit/dis_x86.lua +7 -4
data/lua-hooks/ext/luajit/src/jit/dump.lua +17 -12
data/lua-hooks/ext/luajit/src/jit/p.lua +3 -2
data/lua-hooks/ext/luajit/src/jit/v.lua +2 -2
data/lua-hooks/ext/luajit/src/jit/zone.lua +1 -1
data/lua-hooks/ext/luajit/src/lauxlib.h +14 -20
data/lua-hooks/ext/luajit/src/lib_aux.c +38 -27
data/lua-hooks/ext/luajit/src/lib_base.c +12 -5
data/lua-hooks/ext/luajit/src/lib_bit.c +1 -1
data/lua-hooks/ext/luajit/src/lib_debug.c +5 -5
data/lua-hooks/ext/luajit/src/lib_ffi.c +2 -2
data/lua-hooks/ext/luajit/src/lib_init.c +16 -16
data/lua-hooks/ext/luajit/src/lib_io.c +6 -7
data/lua-hooks/ext/luajit/src/lib_jit.c +14 -4
data/lua-hooks/ext/luajit/src/lib_math.c +1 -5
data/lua-hooks/ext/luajit/src/lib_os.c +1 -1
data/lua-hooks/ext/luajit/src/lib_package.c +14 -23
data/lua-hooks/ext/luajit/src/lib_string.c +1 -5
data/lua-hooks/ext/luajit/src/lib_table.c +21 -1
data/lua-hooks/ext/luajit/src/lj.supp +3 -3
data/lua-hooks/ext/luajit/src/lj_alloc.c +174 -83
data/lua-hooks/ext/luajit/src/lj_api.c +97 -18
data/lua-hooks/ext/luajit/src/lj_arch.h +54 -22
data/lua-hooks/ext/luajit/src/lj_asm.c +172 -53
data/lua-hooks/ext/luajit/src/lj_asm.h +1 -1
data/lua-hooks/ext/luajit/src/lj_asm_arm.h +19 -16
data/lua-hooks/ext/luajit/src/lj_asm_arm64.h +2022 -0
data/lua-hooks/ext/luajit/src/lj_asm_mips.h +564 -158
data/lua-hooks/ext/luajit/src/lj_asm_ppc.h +19 -18
data/lua-hooks/ext/luajit/src/lj_asm_x86.h +578 -92
data/lua-hooks/ext/luajit/src/lj_bc.c +1 -1
data/lua-hooks/ext/luajit/src/lj_bc.h +1 -1
data/lua-hooks/ext/luajit/src/lj_bcdump.h +1 -1
data/lua-hooks/ext/luajit/src/lj_bcread.c +1 -1
data/lua-hooks/ext/luajit/src/lj_bcwrite.c +1 -1
data/lua-hooks/ext/luajit/src/lj_buf.c +1 -1
data/lua-hooks/ext/luajit/src/lj_buf.h +1 -1
data/lua-hooks/ext/luajit/src/lj_carith.c +1 -1
data/lua-hooks/ext/luajit/src/lj_carith.h +1 -1
data/lua-hooks/ext/luajit/src/lj_ccall.c +172 -7
data/lua-hooks/ext/luajit/src/lj_ccall.h +21 -5
data/lua-hooks/ext/luajit/src/lj_ccallback.c +71 -17
data/lua-hooks/ext/luajit/src/lj_ccallback.h +1 -1
data/lua-hooks/ext/luajit/src/lj_cconv.c +4 -2
data/lua-hooks/ext/luajit/src/lj_cconv.h +1 -1
data/lua-hooks/ext/luajit/src/lj_cdata.c +7 -5
data/lua-hooks/ext/luajit/src/lj_cdata.h +1 -1
data/lua-hooks/ext/luajit/src/lj_clib.c +5 -5
data/lua-hooks/ext/luajit/src/lj_clib.h +1 -1
data/lua-hooks/ext/luajit/src/lj_cparse.c +11 -6
data/lua-hooks/ext/luajit/src/lj_cparse.h +1 -1
data/lua-hooks/ext/luajit/src/lj_crecord.c +70 -14
data/lua-hooks/ext/luajit/src/lj_crecord.h +1 -1
data/lua-hooks/ext/luajit/src/lj_ctype.c +1 -1
data/lua-hooks/ext/luajit/src/lj_ctype.h +8 -8
data/lua-hooks/ext/luajit/src/lj_debug.c +1 -1
data/lua-hooks/ext/luajit/src/lj_debug.h +1 -1
data/lua-hooks/ext/luajit/src/lj_def.h +6 -9
data/lua-hooks/ext/luajit/src/lj_dispatch.c +3 -3
data/lua-hooks/ext/luajit/src/lj_dispatch.h +2 -1
data/lua-hooks/ext/luajit/src/lj_emit_arm.h +5 -4
data/lua-hooks/ext/luajit/src/lj_emit_arm64.h +419 -0
data/lua-hooks/ext/luajit/src/lj_emit_mips.h +100 -20
data/lua-hooks/ext/luajit/src/lj_emit_ppc.h +4 -4
data/lua-hooks/ext/luajit/src/lj_emit_x86.h +116 -25
data/lua-hooks/ext/luajit/src/lj_err.c +34 -13
data/lua-hooks/ext/luajit/src/lj_err.h +1 -1
data/lua-hooks/ext/luajit/src/lj_errmsg.h +1 -1
data/lua-hooks/ext/luajit/src/lj_ff.h +1 -1
data/lua-hooks/ext/luajit/src/lj_ffrecord.c +58 -49
data/lua-hooks/ext/luajit/src/lj_ffrecord.h +1 -1
data/lua-hooks/ext/luajit/src/lj_frame.h +33 -6
data/lua-hooks/ext/luajit/src/lj_func.c +4 -2
data/lua-hooks/ext/luajit/src/lj_func.h +1 -1
data/lua-hooks/ext/luajit/src/lj_gc.c +16 -7
data/lua-hooks/ext/luajit/src/lj_gc.h +1 -1
data/lua-hooks/ext/luajit/src/lj_gdbjit.c +31 -1
data/lua-hooks/ext/luajit/src/lj_gdbjit.h +1 -1
data/lua-hooks/ext/luajit/src/lj_ir.c +69 -96
data/lua-hooks/ext/luajit/src/lj_ir.h +29 -18
data/lua-hooks/ext/luajit/src/lj_ircall.h +24 -30
data/lua-hooks/ext/luajit/src/lj_iropt.h +9 -9
data/lua-hooks/ext/luajit/src/lj_jit.h +67 -9
data/lua-hooks/ext/luajit/src/lj_lex.c +1 -1
data/lua-hooks/ext/luajit/src/lj_lex.h +1 -1
data/lua-hooks/ext/luajit/src/lj_lib.c +1 -1
data/lua-hooks/ext/luajit/src/lj_lib.h +1 -1
data/lua-hooks/ext/luajit/src/lj_load.c +1 -1
data/lua-hooks/ext/luajit/src/lj_mcode.c +11 -10
data/lua-hooks/ext/luajit/src/lj_mcode.h +1 -1
data/lua-hooks/ext/luajit/src/lj_meta.c +1 -1
data/lua-hooks/ext/luajit/src/lj_meta.h +1 -1
data/lua-hooks/ext/luajit/src/lj_obj.c +1 -1
data/lua-hooks/ext/luajit/src/lj_obj.h +7 -3
data/lua-hooks/ext/luajit/src/lj_opt_dce.c +1 -1
data/lua-hooks/ext/luajit/src/lj_opt_fold.c +84 -17
data/lua-hooks/ext/luajit/src/lj_opt_loop.c +1 -1
data/lua-hooks/ext/luajit/src/lj_opt_mem.c +3 -3
data/lua-hooks/ext/luajit/src/lj_opt_narrow.c +24 -22
data/lua-hooks/ext/luajit/src/lj_opt_sink.c +11 -6
data/lua-hooks/ext/luajit/src/lj_opt_split.c +11 -2
data/lua-hooks/ext/luajit/src/lj_parse.c +9 -7
data/lua-hooks/ext/luajit/src/lj_parse.h +1 -1
data/lua-hooks/ext/luajit/src/lj_profile.c +1 -1
data/lua-hooks/ext/luajit/src/lj_profile.h +1 -1
data/lua-hooks/ext/luajit/src/lj_record.c +201 -117
data/lua-hooks/ext/luajit/src/lj_record.h +1 -1
data/lua-hooks/ext/luajit/src/lj_snap.c +72 -26
data/lua-hooks/ext/luajit/src/lj_snap.h +1 -1
data/lua-hooks/ext/luajit/src/lj_state.c +6 -6
data/lua-hooks/ext/luajit/src/lj_state.h +2 -2
data/lua-hooks/ext/luajit/src/lj_str.c +1 -1
data/lua-hooks/ext/luajit/src/lj_str.h +1 -1
data/lua-hooks/ext/luajit/src/lj_strfmt.c +7 -3
data/lua-hooks/ext/luajit/src/lj_strfmt.h +1 -1
data/lua-hooks/ext/luajit/src/lj_strfmt_num.c +4 -3
data/lua-hooks/ext/luajit/src/lj_strscan.c +1 -1
data/lua-hooks/ext/luajit/src/lj_strscan.h +1 -1
data/lua-hooks/ext/luajit/src/lj_tab.c +1 -2
data/lua-hooks/ext/luajit/src/lj_tab.h +1 -1
data/lua-hooks/ext/luajit/src/lj_target.h +3 -3
data/lua-hooks/ext/luajit/src/lj_target_arm.h +1 -1
data/lua-hooks/ext/luajit/src/lj_target_arm64.h +239 -7
data/lua-hooks/ext/luajit/src/lj_target_mips.h +111 -22
data/lua-hooks/ext/luajit/src/lj_target_ppc.h +1 -1
data/lua-hooks/ext/luajit/src/lj_target_x86.h +21 -4
data/lua-hooks/ext/luajit/src/lj_trace.c +63 -18
data/lua-hooks/ext/luajit/src/lj_trace.h +2 -1
data/lua-hooks/ext/luajit/src/lj_traceerr.h +1 -1
data/lua-hooks/ext/luajit/src/lj_udata.c +1 -1
data/lua-hooks/ext/luajit/src/lj_udata.h +1 -1
data/lua-hooks/ext/luajit/src/lj_vm.h +5 -1
data/lua-hooks/ext/luajit/src/lj_vmevent.c +1 -1
data/lua-hooks/ext/luajit/src/lj_vmevent.h +1 -1
data/lua-hooks/ext/luajit/src/lj_vmmath.c +1 -1
data/lua-hooks/ext/luajit/src/ljamalg.c +1 -1
data/lua-hooks/ext/luajit/src/lua.h +9 -1
data/lua-hooks/ext/luajit/src/luaconf.h +3 -7
data/lua-hooks/ext/luajit/src/luajit.c +69 -54
data/lua-hooks/ext/luajit/src/luajit.h +4 -4
data/lua-hooks/ext/luajit/src/lualib.h +1 -1
data/lua-hooks/ext/luajit/src/msvcbuild.bat +12 -4
data/lua-hooks/ext/luajit/src/vm_arm.dasc +1 -1
data/lua-hooks/ext/luajit/src/vm_arm64.dasc +255 -32
data/lua-hooks/ext/luajit/src/vm_mips.dasc +26 -23
data/lua-hooks/ext/luajit/src/vm_mips64.dasc +5062 -0
data/lua-hooks/ext/luajit/src/vm_ppc.dasc +1 -1
data/lua-hooks/ext/luajit/src/vm_x64.dasc +24 -25
data/lua-hooks/ext/luajit/src/vm_x86.dasc +77 -4
data/lua-hooks/libluahooks.darwin.a +0 -0
data/lua-hooks/libluahooks.linux.a +0 -0
data/lua-hooks/options.mk +1 -1
metadata +37 -77
data/lua-hooks/ext/all.c +0 -69
data/lua-hooks/ext/libinjection/COPYING +0 -37
data/lua-hooks/ext/libinjection/libinjection.h +0 -65
data/lua-hooks/ext/libinjection/libinjection_html5.c +0 -847
data/lua-hooks/ext/libinjection/libinjection_html5.h +0 -54
data/lua-hooks/ext/libinjection/libinjection_sqli.c +0 -2301
data/lua-hooks/ext/libinjection/libinjection_sqli.h +0 -295
data/lua-hooks/ext/libinjection/libinjection_sqli_data.h +0 -9349
data/lua-hooks/ext/libinjection/libinjection_xss.c +0 -531
data/lua-hooks/ext/libinjection/libinjection_xss.h +0 -21
data/lua-hooks/ext/libinjection/lualib.c +0 -145
data/lua-hooks/ext/libinjection/module.mk +0 -5
data/lua-hooks/ext/lpeg/HISTORY +0 -96
data/lua-hooks/ext/lpeg/lpcap.c +0 -537
data/lua-hooks/ext/lpeg/lpcap.h +0 -56
data/lua-hooks/ext/lpeg/lpcode.c +0 -1014
data/lua-hooks/ext/lpeg/lpcode.h +0 -40
data/lua-hooks/ext/lpeg/lpeg-128.gif +0 -0
data/lua-hooks/ext/lpeg/lpeg.html +0 -1445
data/lua-hooks/ext/lpeg/lpprint.c +0 -244
data/lua-hooks/ext/lpeg/lpprint.h +0 -36
data/lua-hooks/ext/lpeg/lptree.c +0 -1303
data/lua-hooks/ext/lpeg/lptree.h +0 -82
data/lua-hooks/ext/lpeg/lptypes.h +0 -149
data/lua-hooks/ext/lpeg/lpvm.c +0 -364
data/lua-hooks/ext/lpeg/lpvm.h +0 -58
data/lua-hooks/ext/lpeg/makefile +0 -55
data/lua-hooks/ext/lpeg/module.mk +0 -6
data/lua-hooks/ext/lpeg/re.html +0 -498
data/lua-hooks/ext/lua-cmsgpack/.gitignore +0 -13
data/lua-hooks/ext/lua-cmsgpack/CMakeLists.txt +0 -45
data/lua-hooks/ext/lua-cmsgpack/README.md +0 -115
data/lua-hooks/ext/lua-cmsgpack/lua_cmsgpack.c +0 -970
data/lua-hooks/ext/lua-cmsgpack/module.mk +0 -2
data/lua-hooks/ext/lua-cmsgpack/test.lua +0 -570
data/lua-hooks/ext/lua-snapshot/LICENSE +0 -7
data/lua-hooks/ext/lua-snapshot/Makefile +0 -12
data/lua-hooks/ext/lua-snapshot/README.md +0 -18
data/lua-hooks/ext/lua-snapshot/dump.lua +0 -15
data/lua-hooks/ext/lua-snapshot/module.mk +0 -2
data/lua-hooks/ext/lua-snapshot/snapshot.c +0 -462
data/lua-hooks/ext/luautf8/README.md +0 -152
data/lua-hooks/ext/luautf8/lutf8lib.c +0 -1274
data/lua-hooks/ext/luautf8/module.mk +0 -2
data/lua-hooks/ext/luautf8/unidata.h +0 -3064
data/lua-hooks/ext/module.mk +0 -15
data/lua-hooks/ext/modules.h +0 -17
data/lua-hooks/ext/perf/luacpu.c +0 -114
data/lua-hooks/ext/perf/lualoadavg.c +0 -40
data/lua-hooks/ext/perf/luameminfo.c +0 -38
data/lua-hooks/ext/perf/luaoslib.c +0 -203
data/lua-hooks/ext/perf/module.mk +0 -5
data/lua-hooks/ext/sha1/luasha1.c +0 -74
data/lua-hooks/ext/sha1/module.mk +0 -5
data/lua-hooks/ext/sha1/sha1.c +0 -145
data/lua-hooks/ext/sha2/luasha256.c +0 -77
data/lua-hooks/ext/sha2/module.mk +0 -5
data/lua-hooks/ext/sha2/sha256.c +0 -196
data/lua-hooks/ext/sysutils/lua_utils.c +0 -56
data/lua-hooks/ext/sysutils/module.mk +0 -2

data/lua-hooks/ext/luajit/src/lj_opt_split.c CHANGED

@@ -1,6 +1,6 @@
 /*
 ** SPLIT: Split 64 bit IR instructions into 32 bit IR instructions.
-** Copyright (C) 2005-2016 Mike Pall. See Copyright Notice in luajit.h
+** Copyright (C) 2005-2017 Mike Pall. See Copyright Notice in luajit.h
 */
 #define lj_opt_split_c
@@ -16,6 +16,7 @@
 #include "lj_jit.h"
 #include "lj_ircall.h"
 #include "lj_iropt.h"
+#include "lj_dispatch.h"
 #include "lj_vm.h"
 /* SPLIT pass:
@@ -353,6 +354,8 @@ static void split_ir(jit_State *J)
       ir->prev = ref;  /* Identity substitution for loword. */
       hisubst[ref] = 0;
     }
+    if (irt_is64(ir->t) && ir->o != IR_KNULL)
+      ref++;
   }
   /* Process old IR instructions. */
@@ -433,7 +436,8 @@ static void split_ir(jit_State *J)
 	nir->o = IR_CONV;  /* Pass through loword. */
 	nir->op2 = (IRT_INT << 5) | IRT_INT;
 	hi = split_emit(J, IRT(ir->o == IR_NEG ? IR_BXOR : IR_BAND, IRT_SOFTFP),
-			hisubst[ir->op1], hisubst[ir->op2]);
+	       hisubst[ir->op1],
+	       lj_ir_kint(J, (int32_t)(0x7fffffffu + (ir->o == IR_NEG))));
 	break;
       case IR_SLOAD:
 	if ((nir->op2 & IRSLOAD_CONVERT)) {  /* Convert from int to number. */
@@ -448,6 +452,11 @@ static void split_ir(jit_State *J)
       case IR_STRTO:
 	hi = split_emit(J, IRT(IR_HIOP, IRT_SOFTFP), nref, nref);
 	break;
+      case IR_FLOAD:
+	lua_assert(ir->op1 == REF_NIL);
+	hi = lj_ir_kint(J, *(int32_t*)((char*)J2GG(J) + ir->op2 + LJ_LE*4));
+	nir->op2 += LJ_BE*4;
+	break;
       case IR_XLOAD: {
 	IRIns inslo = *nir;  /* Save/undo the emit of the lo XLOAD. */
 	J->cur.nins--;

data/lua-hooks/ext/luajit/src/lj_parse.c CHANGED

@@ -1,6 +1,6 @@
 /*
 ** Lua parser (source code -> bytecode).
-** Copyright (C) 2005-2016 Mike Pall. See Copyright Notice in luajit.h
+** Copyright (C) 2005-2017 Mike Pall. See Copyright Notice in luajit.h
 **
 ** Major portions taken verbatim or adapted from the Lua interpreter.
 ** Copyright (C) 1994-2008 Lua.org, PUC-Rio. See Copyright Notice in lua.h
@@ -1282,12 +1282,14 @@ static void fscope_end(FuncState *fs)
       MSize idx = gola_new(ls, NAME_BREAK, VSTACK_LABEL, fs->pc);
       ls->vtop = idx;  /* Drop break label immediately. */
       gola_resolve(ls, bl, idx);
+    } else {  /* Need the fixup step to propagate the breaks. */
+      gola_fixup(ls, bl);
       return;
-    }  /* else: need the fixup step to propagate the breaks. */
-  } else if (!(bl->flags & FSCOPE_GOLA)) {
-    return;
+    }
+  }
+  if ((bl->flags & FSCOPE_GOLA)) {
+    gola_fixup(ls, bl);
   }
-  gola_fixup(ls, bl);
 }
 /* Mark scope as having an upvalue. */
@@ -2177,6 +2179,8 @@ static void assign_adjust(LexState *ls, BCReg nvars, BCReg nexps, ExpDesc *e)
       bcemit_nil(fs, reg, (BCReg)extra);
     }
   }
+  if (nexps > nvars)
+    ls->fs->freereg -= nexps - nvars;  /* Drop leftover regs. */
 }
 /* Recursively parse assignment statement. */
@@ -2210,8 +2214,6 @@ static void parse_assignment(LexState *ls, LHSVarList *lh, BCReg nvars)
       return;
     }
     assign_adjust(ls, nvars, nexps, &e);
-    if (nexps > nvars)
-      ls->fs->freereg -= nexps - nvars;  /* Drop leftover regs. */
   }
   /* Assign RHS to LHS and recurse downwards. */
   expr_init(&e, VNONRELOC, ls->fs->freereg-1);

data/lua-hooks/ext/luajit/src/lj_parse.h CHANGED

@@ -1,6 +1,6 @@
 /*
 ** Lua parser (source code -> bytecode).
-** Copyright (C) 2005-2016 Mike Pall. See Copyright Notice in luajit.h
+** Copyright (C) 2005-2017 Mike Pall. See Copyright Notice in luajit.h
 */
 #ifndef _LJ_PARSE_H

data/lua-hooks/ext/luajit/src/lj_profile.c CHANGED

@@ -1,6 +1,6 @@
 /*
 ** Low-overhead profiling.
-** Copyright (C) 2005-2016 Mike Pall. See Copyright Notice in luajit.h
+** Copyright (C) 2005-2017 Mike Pall. See Copyright Notice in luajit.h
 */
 #define lj_profile_c

data/lua-hooks/ext/luajit/src/lj_profile.h CHANGED

@@ -1,6 +1,6 @@
 /*
 ** Low-overhead profiling.
-** Copyright (C) 2005-2016 Mike Pall. See Copyright Notice in luajit.h
+** Copyright (C) 2005-2017 Mike Pall. See Copyright Notice in luajit.h
 */
 #ifndef _LJ_PROFILE_H

data/lua-hooks/ext/luajit/src/lj_record.c CHANGED

@@ -1,6 +1,6 @@
 /*
 ** Trace recorder (bytecode -> SSA IR).
-** Copyright (C) 2005-2016 Mike Pall. See Copyright Notice in luajit.h
+** Copyright (C) 2005-2017 Mike Pall. See Copyright Notice in luajit.h
 */
 #define lj_record_c
@@ -51,7 +51,7 @@ static void rec_check_ir(jit_State *J)
 {
   IRRef i, nins = J->cur.nins, nk = J->cur.nk;
   lua_assert(nk <= REF_BIAS && nins >= REF_BIAS && nins < 65536);
-  for (i = nins-1; i >= nk; i--) {
+  for (i = nk; i < nins; i++) {
     IRIns *ir = IR(i);
     uint32_t mode = lj_ir_mode[ir->o];
     IRRef op1 = ir->op1;
@@ -61,7 +61,10 @@ static void rec_check_ir(jit_State *J)
     case IRMref: lua_assert(op1 >= nk);
       lua_assert(i >= REF_BIAS ? op1 < i : op1 > i); break;
     case IRMlit: break;
-    case IRMcst: lua_assert(i < REF_BIAS); continue;
+    case IRMcst: lua_assert(i < REF_BIAS);
+      if (irt_is64(ir->t) && ir->o != IR_KNULL)
+	i++;
+      continue;
     }
     switch (irm_op2(mode)) {
     case IRMnone: lua_assert(op2 == 0); break;
@@ -84,30 +87,48 @@ static void rec_check_slots(jit_State *J)
   BCReg s, nslots = J->baseslot + J->maxslot;
   int32_t depth = 0;
   cTValue *base = J->L->base - J->baseslot;
-  lua_assert(J->baseslot >= 1 && J->baseslot < LJ_MAX_JSLOTS);
-  lua_assert(J->baseslot == 1 || (J->slot[J->baseslot-1] & TREF_FRAME));
+  lua_assert(J->baseslot >= 1+LJ_FR2 && J->baseslot < LJ_MAX_JSLOTS);
+  lua_assert(J->baseslot == 1+LJ_FR2 || (J->slot[J->baseslot-1] & TREF_FRAME));
   lua_assert(nslots < LJ_MAX_JSLOTS);
   for (s = 0; s < nslots; s++) {
     TRef tr = J->slot[s];
     if (tr) {
       cTValue *tv = &base[s];
       IRRef ref = tref_ref(tr);
-      IRIns *ir;
-      lua_assert(ref >= J->cur.nk && ref < J->cur.nins);
-      ir = IR(ref);
-      lua_assert(irt_t(ir->t) == tref_t(tr));
+      IRIns *ir = NULL;  /* Silence compiler. */
+      if (!LJ_FR2 || ref || !(tr & (TREF_FRAME | TREF_CONT))) {
+	lua_assert(ref >= J->cur.nk && ref < J->cur.nins);
+	ir = IR(ref);
+	lua_assert(irt_t(ir->t) == tref_t(tr));
+      }
       if (s == 0) {
 	lua_assert(tref_isfunc(tr));
+#if LJ_FR2
+      } else if (s == 1) {
+	lua_assert((tr & ~TREF_FRAME) == 0);
+#endif
       } else if ((tr & TREF_FRAME)) {
 	GCfunc *fn = gco2func(frame_gc(tv));
 	BCReg delta = (BCReg)(tv - frame_prev(tv));
+#if LJ_FR2
+	if (ref)
+	  lua_assert(ir_knum(ir)->u64 == tv->u64);
+	tr = J->slot[s-1];
+	ir = IR(tref_ref(tr));
+#endif
 	lua_assert(tref_isfunc(tr));
 	if (tref_isk(tr)) lua_assert(fn == ir_kfunc(ir));
-	lua_assert(s > delta ? (J->slot[s-delta] & TREF_FRAME) : (s == delta));
+	lua_assert(s > delta + LJ_FR2 ? (J->slot[s-delta] & TREF_FRAME)
+				      : (s == delta + LJ_FR2));
 	depth++;
       } else if ((tr & TREF_CONT)) {
+#if LJ_FR2
+	if (ref)
+	  lua_assert(ir_knum(ir)->u64 == tv->u64);
+#else
 	lua_assert(ir_kptr(ir) == gcrefp(tv->gcr, void));
-	lua_assert((J->slot[s+1] & TREF_FRAME));
+#endif
+	lua_assert((J->slot[s+1+LJ_FR2] & TREF_FRAME));
 	depth++;
       } else {
 	if (tvisnumber(tv))
@@ -159,10 +180,10 @@ static TRef sload(jit_State *J, int32_t slot)
 /* Get TRef for current function. */
 static TRef getcurrf(jit_State *J)
 {
-  if (J->base[-1])
-    return J->base[-1];
-  lua_assert(J->baseslot == 1);
-  return sloadt(J, -1, IRT_FUNC, IRSLOAD_READONLY);
+  if (J->base[-1-LJ_FR2])
+    return J->base[-1-LJ_FR2];
+  lua_assert(J->baseslot == 1+LJ_FR2);
+  return sloadt(J, -1-LJ_FR2, IRT_FUNC, IRSLOAD_READONLY);
 }
 /* Compare for raw object equality.
@@ -506,7 +527,6 @@ static LoopEvent rec_for(jit_State *J, const BCIns *fori, int isforl)
 static LoopEvent rec_iterl(jit_State *J, const BCIns iterins)
 {
   BCReg ra = bc_a(iterins);
-  lua_assert(!LJ_FR2);  /* TODO_FR2: handle different frame setup. */
   if (!tref_isnil(getslot(J, ra))) {  /* Looping back? */
     J->base[ra-1] = J->base[ra];  /* Copy result of ITERC to control var. */
     J->maxslot = ra-1+bc_b(J->pc[-1]);
@@ -643,8 +663,8 @@ static TRef rec_call_specialize(jit_State *J, GCfunc *fn, TRef tr)
     GCproto *pt = funcproto(fn);
     /* Too many closures created? Probably not a monomorphic function. */
     if (pt->flags >= PROTO_CLC_POLY) {  /* Specialize to prototype instead. */
-      TRef trpt = emitir(IRT(IR_FLOAD, IRT_P32), tr, IRFL_FUNC_PC);
-      emitir(IRTG(IR_EQ, IRT_P32), trpt, lj_ir_kptr(J, proto_bc(pt)));
+      TRef trpt = emitir(IRT(IR_FLOAD, IRT_PGC), tr, IRFL_FUNC_PC);
+      emitir(IRTG(IR_EQ, IRT_PGC), trpt, lj_ir_kptr(J, proto_bc(pt)));
       (void)lj_ir_kgc(J, obj2gco(pt), IRT_PROTO);  /* Prevent GC of proto. */
       return tr;
     }
@@ -675,22 +695,31 @@ static void rec_call_setup(jit_State *J, BCReg func, ptrdiff_t nargs)
 {
   RecordIndex ix;
   TValue *functv = &J->L->base[func];
-  TRef *fbase = &J->base[func];
+  TRef kfunc, *fbase = &J->base[func];
   ptrdiff_t i;
-  lua_assert(!LJ_FR2);  /* TODO_FR2: handle different frame setup. */
-  for (i = 0; i <= nargs; i++)
-    (void)getslot(J, func+i);  /* Ensure func and all args have a reference. */
+  (void)getslot(J, func); /* Ensure func has a reference. */
+  for (i = 1; i <= nargs; i++)
+    (void)getslot(J, func+LJ_FR2+i);  /* Ensure all args have a reference. */
   if (!tref_isfunc(fbase[0])) {  /* Resolve __call metamethod. */
     ix.tab = fbase[0];
     copyTV(J->L, &ix.tabv, functv);
     if (!lj_record_mm_lookup(J, &ix, MM_call) || !tref_isfunc(ix.mobj))
       lj_trace_err(J, LJ_TRERR_NOMM);
-    for (i = ++nargs; i > 0; i--)  /* Shift arguments up. */
-      fbase[i] = fbase[i-1];
+    for (i = ++nargs; i > LJ_FR2; i--)  /* Shift arguments up. */
+      fbase[i+LJ_FR2] = fbase[i+LJ_FR2-1];
+#if LJ_FR2
+    fbase[2] = fbase[0];
+#endif
     fbase[0] = ix.mobj;  /* Replace function. */
     functv = &ix.mobjv;
   }
-  fbase[0] = TREF_FRAME | rec_call_specialize(J, funcV(functv), fbase[0]);
+  kfunc = rec_call_specialize(J, funcV(functv), fbase[0]);
+#if LJ_FR2
+  fbase[0] = kfunc;
+  fbase[1] = TREF_FRAME;
+#else
+  fbase[0] = kfunc | TREF_FRAME;
+#endif
   J->maxslot = (BCReg)nargs;
 }
@@ -700,8 +729,8 @@ void lj_record_call(jit_State *J, BCReg func, ptrdiff_t nargs)
   rec_call_setup(J, func, nargs);
   /* Bump frame. */
   J->framedepth++;
-  J->base += func+1;
-  J->baseslot += func+1;
+  J->base += func+1+LJ_FR2;
+  J->baseslot += func+1+LJ_FR2;
 }
 /* Record tail call. */
@@ -717,7 +746,9 @@ void lj_record_tailcall(jit_State *J, BCReg func, ptrdiff_t nargs)
     func += cbase;
   }
   /* Move func + args down. */
-  memmove(&J->base[-1], &J->base[func], sizeof(TRef)*(J->maxslot+1));
+  if (LJ_FR2 && J->baseslot == 2)
+    J->base[func+1] = TREF_FRAME;
+  memmove(&J->base[-1-LJ_FR2], &J->base[func], sizeof(TRef)*(J->maxslot+1+LJ_FR2));
   /* Note: the new TREF_FRAME is now at J->base[-1] (even for slot #0). */
   /* Tailcalls can form a loop, so count towards the loop unroll limit. */
   if (++J->tailcalled > J->loopunroll)
@@ -758,9 +789,9 @@ void lj_record_ret(jit_State *J, BCReg rbase, ptrdiff_t gotresults)
     (void)getslot(J, rbase+i);  /* Ensure all results have a reference. */
   while (frame_ispcall(frame)) {  /* Immediately resolve pcall() returns. */
     BCReg cbase = (BCReg)frame_delta(frame);
-    if (--J->framedepth < 0)
+    if (--J->framedepth <= 0)
       lj_trace_err(J, LJ_TRERR_NYIRETL);
-    lua_assert(J->baseslot > 1);
+    lua_assert(J->baseslot > 1+LJ_FR2);
     gotresults++;
     rbase += cbase;
     J->baseslot -= (BCReg)cbase;
@@ -784,7 +815,7 @@ void lj_record_ret(jit_State *J, BCReg rbase, ptrdiff_t gotresults)
     BCReg cbase = (BCReg)frame_delta(frame);
     if (--J->framedepth < 0)  /* NYI: return of vararg func to lower frame. */
       lj_trace_err(J, LJ_TRERR_NYIRETL);
-    lua_assert(J->baseslot > 1);
+    lua_assert(J->baseslot > 1+LJ_FR2);
     rbase += cbase;
     J->baseslot -= (BCReg)cbase;
     J->base -= cbase;
@@ -794,8 +825,7 @@ void lj_record_ret(jit_State *J, BCReg rbase, ptrdiff_t gotresults)
     BCIns callins = *(frame_pc(frame)-1);
     ptrdiff_t nresults = bc_b(callins) ? (ptrdiff_t)bc_b(callins)-1 :gotresults;
     BCReg cbase = bc_a(callins);
-    GCproto *pt = funcproto(frame_func(frame - (cbase+1-LJ_FR2)));
-    lua_assert(!LJ_FR2);  /* TODO_FR2: handle different frame teardown. */
+    GCproto *pt = funcproto(frame_func(frame - (cbase+1+LJ_FR2)));
     if ((pt->flags & PROTO_NOJIT))
       lj_trace_err(J, LJ_TRERR_CJITOFF);
     if (J->framedepth == 0 && J->pt && frame == J->L->base - 1) {
@@ -808,13 +838,13 @@ void lj_record_ret(jit_State *J, BCReg rbase, ptrdiff_t gotresults)
       lj_snap_add(J);
     }
     for (i = 0; i < nresults; i++)  /* Adjust results. */
-      J->base[i-1] = i < gotresults ? J->base[rbase+i] : TREF_NIL;
+      J->base[i-1-LJ_FR2] = i < gotresults ? J->base[rbase+i] : TREF_NIL;
     J->maxslot = cbase+(BCReg)nresults;
     if (J->framedepth > 0) {  /* Return to a frame that is part of the trace. */
       J->framedepth--;
-      lua_assert(J->baseslot > cbase+1);
-      J->baseslot -= cbase+1;
-      J->base -= cbase+1;
+      lua_assert(J->baseslot > cbase+1+LJ_FR2);
+      J->baseslot -= cbase+1+LJ_FR2;
+      J->base -= cbase+1+LJ_FR2;
     } else if (J->parent == 0 && J->exitno == 0 &&
 	       !bc_isret(bc_op(J->cur.startins))) {
       /* Return to lower frame would leave the loop in a root trace. */
@@ -824,13 +854,13 @@ void lj_record_ret(jit_State *J, BCReg rbase, ptrdiff_t gotresults)
     } else {  /* Return to lower frame. Guard for the target we return to. */
       TRef trpt = lj_ir_kgc(J, obj2gco(pt), IRT_PROTO);
       TRef trpc = lj_ir_kptr(J, (void *)frame_pc(frame));
-      emitir(IRTG(IR_RETF, IRT_P32), trpt, trpc);
+      emitir(IRTG(IR_RETF, IRT_PGC), trpt, trpc);
       J->retdepth++;
       J->needsnap = 1;
-      lua_assert(J->baseslot == 1);
+      lua_assert(J->baseslot == 1+LJ_FR2);
       /* Shift result slots up and clear the slots of the new frame below. */
-      memmove(J->base + cbase, J->base-1, sizeof(TRef)*nresults);
-      memset(J->base-1, 0, sizeof(TRef)*(cbase+1));
+      memmove(J->base + cbase, J->base-1-LJ_FR2, sizeof(TRef)*nresults);
+      memset(J->base-1-LJ_FR2, 0, sizeof(TRef)*(cbase+1+LJ_FR2));
     }
   } else if (frame_iscont(frame)) {  /* Return to continuation frame. */
     ASMFunction cont = frame_contf(frame);
@@ -839,32 +869,39 @@ void lj_record_ret(jit_State *J, BCReg rbase, ptrdiff_t gotresults)
       lj_trace_err(J, LJ_TRERR_NYIRETL);
     J->baseslot -= (BCReg)cbase;
     J->base -= cbase;
-    J->maxslot = cbase-2;
+    J->maxslot = cbase-(2<<LJ_FR2);
     if (cont == lj_cont_ra) {
       /* Copy result to destination slot. */
       BCReg dst = bc_a(*(frame_contpc(frame)-1));
       J->base[dst] = gotresults ? J->base[cbase+rbase] : TREF_NIL;
-      if (dst >= J->maxslot) J->maxslot = dst+1;
+      if (dst >= J->maxslot) {
+	J->maxslot = dst+1;
+      }
     } else if (cont == lj_cont_nop) {
       /* Nothing to do here. */
     } else if (cont == lj_cont_cat) {
       BCReg bslot = bc_b(*(frame_contpc(frame)-1));
       TRef tr = gotresults ? J->base[cbase+rbase] : TREF_NIL;
-      if (bslot != cbase-2) {  /* Concatenate the remainder. */
+      if (bslot != J->maxslot) {  /* Concatenate the remainder. */
 	TValue *b = J->L->base, save;  /* Simulate lower frame and result. */
-	J->base[cbase-2] = tr;
-	copyTV(J->L, &save, b-2);
-	if (gotresults) copyTV(J->L, b-2, b+rbase); else setnilV(b-2);
+	J->base[J->maxslot] = tr;
+	copyTV(J->L, &save, b-(2<<LJ_FR2));
+	if (gotresults)
+	  copyTV(J->L, b-(2<<LJ_FR2), b+rbase);
+	else
+	  setnilV(b-(2<<LJ_FR2));
 	J->L->base = b - cbase;
-	tr = rec_cat(J, bslot, cbase-2);
+	tr = rec_cat(J, bslot, cbase-(2<<LJ_FR2));
 	b = J->L->base + cbase;  /* Undo. */
 	J->L->base = b;
-	copyTV(J->L, b-2, &save);
+	copyTV(J->L, b-(2<<LJ_FR2), &save);
       }
       if (tr) {  /* Store final result. */
 	BCReg dst = bc_a(*(frame_contpc(frame)-1));
 	J->base[dst] = tr;
-	if (dst >= J->maxslot) J->maxslot = dst+1;
+	if (dst >= J->maxslot) {
+	  J->maxslot = dst+1;
+	}
       }  /* Otherwise continue with another __concat call. */
     } else {
       /* Result type already specialized. */
@@ -873,7 +910,7 @@ void lj_record_ret(jit_State *J, BCReg rbase, ptrdiff_t gotresults)
   } else {
     lj_trace_err(J, LJ_TRERR_NYIRETL);  /* NYI: handle return to C frame. */
   }
-  lua_assert(J->baseslot >= 1);
+  lua_assert(J->baseslot >= 1+LJ_FR2);
 }
 /* -- Metamethod handling ------------------------------------------------- */
@@ -882,16 +919,16 @@ void lj_record_ret(jit_State *J, BCReg rbase, ptrdiff_t gotresults)
 static BCReg rec_mm_prep(jit_State *J, ASMFunction cont)
 {
   BCReg s, top = cont == lj_cont_cat ? J->maxslot : curr_proto(J->L)->framesize;
-#if LJ_64
-  TRef trcont = lj_ir_kptr(J, (void *)((int64_t)cont-(int64_t)lj_vm_asm_begin));
+#if LJ_FR2
+  J->base[top] = lj_ir_k64(J, IR_KNUM, u64ptr(contptr(cont)));
+  J->base[top+1] = TREF_CONT;
 #else
-  TRef trcont = lj_ir_kptr(J, (void *)cont);
+  J->base[top] = lj_ir_kptr(J, contptr(cont)) | TREF_CONT;
 #endif
-  J->base[top] = trcont | TREF_CONT;
   J->framedepth++;
   for (s = J->maxslot; s < top; s++)
     J->base[s] = 0;  /* Clear frame gap to avoid resurrecting previous refs. */
-  return top+1;
+  return top+1+LJ_FR2;
 }
 /* Record metamethod lookup. */
@@ -910,7 +947,7 @@ int lj_record_mm_lookup(jit_State *J, RecordIndex *ix, MMS mm)
       cTValue *mo;
       if (LJ_HASFFI && udtype == UDTYPE_FFI_CLIB) {
 	/* Specialize to the C library namespace object. */
-	emitir(IRTG(IR_EQ, IRT_P32), ix->tab, lj_ir_kptr(J, udataV(&ix->tabv)));
+	emitir(IRTG(IR_EQ, IRT_PGC), ix->tab, lj_ir_kptr(J, udataV(&ix->tabv)));
       } else {
 	/* Specialize to the type of userdata. */
 	TRef tr = emitir(IRT(IR_FLOAD, IRT_U8), ix->tab, IRFL_UDATA_UDTYPE);
@@ -939,7 +976,13 @@ int lj_record_mm_lookup(jit_State *J, RecordIndex *ix, MMS mm)
     }
     /* The cdata metatable is treated as immutable. */
     if (LJ_HASFFI && tref_iscdata(ix->tab)) goto immutable_mt;
+#if LJ_GC64
+    /* TODO: fix ARM32 asm_fload(), so we can use this for all archs. */
+    ix->mt = mix.tab = lj_ir_ggfload(J, IRT_TAB,
+      GG_OFS(g.gcroot[GCROOT_BASEMT+itypemap(&ix->tabv)]));
+#else
     ix->mt = mix.tab = lj_ir_ktab(J, mt);
+#endif
     goto nocheck;
   }
   ix->mt = mt ? mix.tab : TREF_NIL;
@@ -969,9 +1012,9 @@ static TRef rec_mm_arith(jit_State *J, RecordIndex *ix, MMS mm)
   BCReg func = rec_mm_prep(J, mm == MM_concat ? lj_cont_cat : lj_cont_ra);
   TRef *base = J->base + func;
   TValue *basev = J->L->base + func;
-  base[1] = ix->tab; base[2] = ix->key;
-  copyTV(J->L, basev+1, &ix->tabv);
-  copyTV(J->L, basev+2, &ix->keyv);
+  base[1+LJ_FR2] = ix->tab; base[2+LJ_FR2] = ix->key;
+  copyTV(J->L, basev+1+LJ_FR2, &ix->tabv);
+  copyTV(J->L, basev+2+LJ_FR2, &ix->keyv);
   if (!lj_record_mm_lookup(J, ix, mm)) {  /* Lookup mm on 1st operand. */
     if (mm != MM_unm) {
       ix->tab = ix->key;
@@ -982,8 +1025,10 @@ static TRef rec_mm_arith(jit_State *J, RecordIndex *ix, MMS mm)
     lj_trace_err(J, LJ_TRERR_NOMM);
   }
 ok:
-  lua_assert(!LJ_FR2);  /* TODO_FR2: handle different frame setup. */
   base[0] = ix->mobj;
+#if LJ_FR2
+  base[1] = 0;
+#endif
   copyTV(J->L, basev+0, &ix->mobjv);
   lj_record_call(J, func, 2);
   return 0;  /* No result yet. */
@@ -999,8 +1044,9 @@ static TRef rec_mm_len(jit_State *J, TRef tr, TValue *tv)
     BCReg func = rec_mm_prep(J, lj_cont_ra);
     TRef *base = J->base + func;
     TValue *basev = J->L->base + func;
-    lua_assert(!LJ_FR2);  /* TODO_FR2: handle different frame setup. */
     base[0] = ix.mobj; copyTV(J->L, basev+0, &ix.mobjv);
+    base += LJ_FR2;
+    basev += LJ_FR2;
     base[1] = tr; copyTV(J->L, basev+1, tv);
 #if LJ_52
     base[2] = tr; copyTV(J->L, basev+2, tv);
@@ -1020,11 +1066,10 @@ static TRef rec_mm_len(jit_State *J, TRef tr, TValue *tv)
 static void rec_mm_callcomp(jit_State *J, RecordIndex *ix, int op)
 {
   BCReg func = rec_mm_prep(J, (op&1) ? lj_cont_condf : lj_cont_condt);
-  TRef *base = J->base + func;
-  TValue *tv = J->L->base + func;
-  lua_assert(!LJ_FR2);  /* TODO_FR2: handle different frame setup. */
-  base[0] = ix->mobj; base[1] = ix->val; base[2] = ix->key;
-  copyTV(J->L, tv+0, &ix->mobjv);
+  TRef *base = J->base + func + LJ_FR2;
+  TValue *tv = J->L->base + func + LJ_FR2;
+  base[-LJ_FR2] = ix->mobj; base[1] = ix->val; base[2] = ix->key;
+  copyTV(J->L, tv-LJ_FR2, &ix->mobjv);
   copyTV(J->L, tv+1, &ix->valv);
   copyTV(J->L, tv+2, &ix->keyv);
   lj_record_call(J, func, 2);
@@ -1257,8 +1302,8 @@ static TRef rec_idx_key(jit_State *J, RecordIndex *ix, IRRef *rbref,
       if ((MSize)k < t->asize) {  /* Currently an array key? */
 	TRef arrayref;
 	rec_idx_abc(J, asizeref, ikey, t->asize);
-	arrayref = emitir(IRT(IR_FLOAD, IRT_P32), ix->tab, IRFL_TAB_ARRAY);
-	return emitir(IRT(IR_AREF, IRT_P32), arrayref, ikey);
+	arrayref = emitir(IRT(IR_FLOAD, IRT_PGC), ix->tab, IRFL_TAB_ARRAY);
+	return emitir(IRT(IR_AREF, IRT_PGC), arrayref, ikey);
       } else {  /* Currently not in array (may be an array extension)? */
 	emitir(IRTGI(IR_ULE), asizeref, ikey);  /* Inv. bounds check. */
 	if (k == 0 && tref_isk(key))
@@ -1298,13 +1343,13 @@ static TRef rec_idx_key(jit_State *J, RecordIndex *ix, IRRef *rbref,
       *rbguard = J->guardemit;
       hm = emitir(IRTI(IR_FLOAD), ix->tab, IRFL_TAB_HMASK);
       emitir(IRTGI(IR_EQ), hm, lj_ir_kint(J, (int32_t)t->hmask));
-      node = emitir(IRT(IR_FLOAD, IRT_P32), ix->tab, IRFL_TAB_NODE);
+      node = emitir(IRT(IR_FLOAD, IRT_PGC), ix->tab, IRFL_TAB_NODE);
       kslot = lj_ir_kslot(J, key, hslot / sizeof(Node));
-      return emitir(IRTG(IR_HREFK, IRT_P32), node, kslot);
+      return emitir(IRTG(IR_HREFK, IRT_PGC), node, kslot);
     }
   }
   /* Fall back to a regular hash lookup. */
-  return emitir(IRT(IR_HREF, IRT_P32), ix->tab, key);
+  return emitir(IRT(IR_HREF, IRT_PGC), ix->tab, key);
 }
 /* Determine whether a key is NOT one of the fast metamethod names. */
@@ -1341,11 +1386,10 @@ TRef lj_record_idx(jit_State *J, RecordIndex *ix)
   handlemm:
     if (tref_isfunc(ix->mobj)) {  /* Handle metamethod call. */
       BCReg func = rec_mm_prep(J, ix->val ? lj_cont_nop : lj_cont_ra);
-      TRef *base = J->base + func;
-      TValue *tv = J->L->base + func;
-      lua_assert(!LJ_FR2);  /* TODO_FR2: handle different frame setup. */
-      base[0] = ix->mobj; base[1] = ix->tab; base[2] = ix->key;
-      setfuncV(J->L, tv+0, funcV(&ix->mobjv));
+      TRef *base = J->base + func + LJ_FR2;
+      TValue *tv = J->L->base + func + LJ_FR2;
+      base[-LJ_FR2] = ix->mobj; base[1] = ix->tab; base[2] = ix->key;
+      setfuncV(J->L, tv-LJ_FR2, funcV(&ix->mobjv));
       copyTV(J->L, tv+1, &ix->tabv);
       copyTV(J->L, tv+2, &ix->keyv);
       if (ix->val) {
@@ -1387,7 +1431,7 @@ TRef lj_record_idx(jit_State *J, RecordIndex *ix)
     IRType t = itype2irt(oldv);
     TRef res;
     if (oldv == niltvg(J2G(J))) {
-      emitir(IRTG(IR_EQ, IRT_P32), xref, lj_ir_kkptr(J, niltvg(J2G(J))));
+      emitir(IRTG(IR_EQ, IRT_PGC), xref, lj_ir_kkptr(J, niltvg(J2G(J))));
       res = TREF_NIL;
     } else {
       res = emitir(IRTG(loadop, t), xref, 0);
@@ -1417,7 +1461,7 @@ TRef lj_record_idx(jit_State *J, RecordIndex *ix)
       if (hasmm)
 	emitir(IRTG(loadop, IRT_NIL), xref, 0);  /* Guard for nil value. */
       else if (xrefop == IR_HREF)
-	emitir(IRTG(oldv == niltvg(J2G(J)) ? IR_EQ : IR_NE, IRT_P32),
+	emitir(IRTG(oldv == niltvg(J2G(J)) ? IR_EQ : IR_NE, IRT_PGC),
 	       xref, lj_ir_kkptr(J, niltvg(J2G(J))));
       if (ix->idxchain && lj_record_mm_lookup(J, ix, MM_newindex)) {
 	lua_assert(hasmm);
@@ -1428,7 +1472,7 @@ TRef lj_record_idx(jit_State *J, RecordIndex *ix)
 	TRef key = ix->key;
 	if (tref_isinteger(key))  /* NEWREF needs a TValue as a key. */
 	  key = emitir(IRTN(IR_CONV), key, IRCONV_NUM_INT);
-	xref = emitir(IRT(IR_NEWREF, IRT_P32), ix->tab, key);
+	xref = emitir(IRT(IR_NEWREF, IRT_PGC), ix->tab, key);
 	keybarrier = 0;  /* NEWREF already takes care of the key barrier. */
 #ifdef LUAJIT_ENABLE_TABLE_BUMP
 	if ((J->flags & JIT_F_OPT_SINK))  /* Avoid a separate flag. */
@@ -1438,7 +1482,7 @@ TRef lj_record_idx(jit_State *J, RecordIndex *ix)
     } else if (!lj_opt_fwd_wasnonnil(J, loadop, tref_ref(xref))) {
       /* Cannot derive that the previous value was non-nil, must do checks. */
       if (xrefop == IR_HREF)  /* Guard against store to niltv. */
-	emitir(IRTG(IR_NE, IRT_P32), xref, lj_ir_kkptr(J, niltvg(J2G(J))));
+	emitir(IRTG(IR_NE, IRT_PGC), xref, lj_ir_kkptr(J, niltvg(J2G(J))));
       if (ix->idxchain) {  /* Metamethod lookup required? */
 	/* A check for NULL metatable is cheaper (hoistable) than a load. */
 	if (!mt) {
@@ -1460,7 +1504,7 @@ TRef lj_record_idx(jit_State *J, RecordIndex *ix)
       emitir(IRT(IR_TBAR, IRT_NIL), ix->tab, 0);
     /* Invalidate neg. metamethod cache for stores with certain string keys. */
     if (!nommstr(J, ix->key)) {
-      TRef fref = emitir(IRT(IR_FREF, IRT_P32), ix->tab, IRFL_TAB_NOMM);
+      TRef fref = emitir(IRT(IR_FREF, IRT_PGC), ix->tab, IRFL_TAB_NOMM);
       emitir(IRT(IR_FSTORE, IRT_U8), fref, lj_ir_kint(J, 0));
     }
     J->needsnap = 1;
@@ -1535,7 +1579,11 @@ static TRef rec_upvalue(jit_State *J, uint32_t uv, TRef val)
 	goto noconstify;
       kfunc = lj_ir_kfunc(J, J->fn);
       emitir(IRTG(IR_EQ, IRT_FUNC), fn, kfunc);
-      J->base[-1] = TREF_FRAME | kfunc;
+#if LJ_FR2
+      J->base[-2] = kfunc;
+#else
+      J->base[-1] = kfunc | TREF_FRAME;
+#endif
       fn = kfunc;
     }
     tr = lj_record_constify(J, uvval(uvp));
@@ -1546,13 +1594,17 @@ noconstify:
   /* Note: this effectively limits LJ_MAX_UPVAL to 127. */
   uv = (uv << 8) | (hashrot(uvp->dhash, uvp->dhash + HASH_BIAS) & 0xff);
   if (!uvp->closed) {
+    uref = tref_ref(emitir(IRTG(IR_UREFO, IRT_PGC), fn, uv));
     /* In current stack? */
     if (uvval(uvp) >= tvref(J->L->stack) &&
 	uvval(uvp) < tvref(J->L->maxstack)) {
       int32_t slot = (int32_t)(uvval(uvp) - (J->L->base - J->baseslot));
       if (slot >= 0) {  /* Aliases an SSA slot? */
+	emitir(IRTG(IR_EQ, IRT_PGC),
+	       REF_BASE,
+	       emitir(IRT(IR_ADD, IRT_PGC), uref,
+		      lj_ir_kint(J, (slot - 1 - LJ_FR2) * -8)));
 	slot -= (int32_t)J->baseslot;  /* Note: slot number may be negative! */
-	/* NYI: add IR to guard that it's still aliasing the same slot. */
 	if (val == 0) {
 	  return getslot(J, slot);
 	} else {
@@ -1562,10 +1614,12 @@ noconstify:
 	}
       }
     }
-    uref = tref_ref(emitir(IRTG(IR_UREFO, IRT_P32), fn, uv));
+    emitir(IRTG(IR_UGT, IRT_PGC),
+	   emitir(IRT(IR_SUB, IRT_PGC), uref, REF_BASE),
+	   lj_ir_kint(J, (J->baseslot + J->maxslot) * 8));
   } else {
     needbarrier = 1;
-    uref = tref_ref(emitir(IRTG(IR_UREFC, IRT_P32), fn, uv));
+    uref = tref_ref(emitir(IRTG(IR_UREFC, IRT_PGC), fn, uv));
   }
   if (val == 0) {  /* Upvalue load */
     IRType t = itype2irt(uvval(uvp));
@@ -1640,11 +1694,14 @@ static void rec_func_setup(jit_State *J)
 static void rec_func_vararg(jit_State *J)
 {
   GCproto *pt = J->pt;
-  BCReg s, fixargs, vframe = J->maxslot+1;
+  BCReg s, fixargs, vframe = J->maxslot+1+LJ_FR2;
   lua_assert((pt->flags & PROTO_VARARG));
   if (J->baseslot + vframe + pt->framesize >= LJ_MAX_JSLOTS)
     lj_trace_err(J, LJ_TRERR_STACKOV);
-  J->base[vframe-1] = J->base[-1];  /* Copy function up. */
+  J->base[vframe-1-LJ_FR2] = J->base[-1-LJ_FR2];  /* Copy function up. */
+#if LJ_FR2
+  J->base[vframe-1] = TREF_FRAME;
+#endif
   /* Copy fixarg slots up and set their original slots to nil. */
   fixargs = pt->numparams < J->maxslot ? pt->numparams : J->maxslot;
   for (s = 0; s < fixargs; s++) {
@@ -1693,8 +1750,11 @@ static int select_detect(jit_State *J)
   BCIns ins = J->pc[1];
   if (bc_op(ins) == BC_CALLM && bc_b(ins) == 2 && bc_c(ins) == 1) {
     cTValue *func = &J->L->base[bc_a(ins)];
-    if (tvisfunc(func) && funcV(func)->c.ffid == FF_select)
+    if (tvisfunc(func) && funcV(func)->c.ffid == FF_select) {
+      TRef kfunc = lj_ir_kfunc(J, funcV(func));
+      emitir(IRTG(IR_EQ, IRT_FUNC), getslot(J, bc_a(ins)), kfunc);
       return 1;
+    }
   }
   return 0;
 }
@@ -1703,8 +1763,10 @@ static int select_detect(jit_State *J)
 static void rec_varg(jit_State *J, BCReg dst, ptrdiff_t nresults)
 {
   int32_t numparams = J->pt->numparams;
-  ptrdiff_t nvararg = frame_delta(J->L->base-1) - numparams - 1;
+  ptrdiff_t nvararg = frame_delta(J->L->base-1) - numparams - 1 - LJ_FR2;
   lua_assert(frame_isvarg(J->L->base-1));
+  if (LJ_FR2 && dst > J->maxslot)
+    J->base[dst-1] = 0;  /* Prevent resurrection of unrelated slot. */
   if (J->framedepth > 0) {  /* Simple case: varargs defined on-trace. */
     ptrdiff_t i;
     if (nvararg < 0) nvararg = 0;
@@ -1715,10 +1777,10 @@ static void rec_varg(jit_State *J, BCReg dst, ptrdiff_t nresults)
       J->maxslot = dst + (BCReg)nresults;
     }
     for (i = 0; i < nresults; i++)
-      J->base[dst+i] = i < nvararg ? getslot(J, i - nvararg - 1) : TREF_NIL;
+      J->base[dst+i] = i < nvararg ? getslot(J, i - nvararg - 1 - LJ_FR2) : TREF_NIL;
   } else {  /* Unknown number of varargs passed to trace. */
-    TRef fr = emitir(IRTI(IR_SLOAD), 0, IRSLOAD_READONLY|IRSLOAD_FRAME);
-    int32_t frofs = 8*(1+numparams)+FRAME_VARG;
+    TRef fr = emitir(IRTI(IR_SLOAD), LJ_FR2, IRSLOAD_READONLY|IRSLOAD_FRAME);
+    int32_t frofs = 8*(1+LJ_FR2+numparams)+FRAME_VARG;
     if (nresults >= 0) {  /* Known fixed number of results. */
       ptrdiff_t i;
       if (nvararg > 0) {
@@ -1729,11 +1791,11 @@ static void rec_varg(jit_State *J, BCReg dst, ptrdiff_t nresults)
 	else
 	  emitir(IRTGI(IR_EQ), fr,
 		 lj_ir_kint(J, (int32_t)frame_ftsz(J->L->base-1)));
-	vbase = emitir(IRTI(IR_SUB), REF_BASE, fr);
-	vbase = emitir(IRT(IR_ADD, IRT_P32), vbase, lj_ir_kint(J, frofs-8));
+	vbase = emitir(IRT(IR_SUB, IRT_IGC), REF_BASE, fr);
+	vbase = emitir(IRT(IR_ADD, IRT_PGC), vbase, lj_ir_kint(J, frofs-8));
 	for (i = 0; i < nload; i++) {
-	  IRType t = itype2irt(&J->L->base[i-1-nvararg]);
-	  TRef aref = emitir(IRT(IR_AREF, IRT_P32),
+	  IRType t = itype2irt(&J->L->base[i-1-LJ_FR2-nvararg]);
+	  TRef aref = emitir(IRT(IR_AREF, IRT_PGC),
 			     vbase, lj_ir_kint(J, (int32_t)i));
 	  TRef tr = emitir(IRTG(IR_VLOAD, t), aref, 0);
 	  if (irtype_ispri(t)) tr = TREF_PRI(t);  /* Canonicalize primitives. */
@@ -1779,15 +1841,16 @@ static void rec_varg(jit_State *J, BCReg dst, ptrdiff_t nresults)
       }
       if (idx != 0 && idx <= nvararg) {
 	IRType t;
-	TRef aref, vbase = emitir(IRTI(IR_SUB), REF_BASE, fr);
-	vbase = emitir(IRT(IR_ADD, IRT_P32), vbase, lj_ir_kint(J, frofs-8));
-	t = itype2irt(&J->L->base[idx-2-nvararg]);
-	aref = emitir(IRT(IR_AREF, IRT_P32), vbase, tridx);
+	TRef aref, vbase = emitir(IRT(IR_SUB, IRT_IGC), REF_BASE, fr);
+	vbase = emitir(IRT(IR_ADD, IRT_PGC), vbase,
+		       lj_ir_kint(J, frofs-(8<<LJ_FR2)));
+	t = itype2irt(&J->L->base[idx-2-LJ_FR2-nvararg]);
+	aref = emitir(IRT(IR_AREF, IRT_PGC), vbase, tridx);
 	tr = emitir(IRTG(IR_VLOAD, t), aref, 0);
 	if (irtype_ispri(t)) tr = TREF_PRI(t);  /* Canonicalize primitives. */
       }
-      J->base[dst-2] = tr;
-      J->maxslot = dst-1;
+      J->base[dst-2-LJ_FR2] = tr;
+      J->maxslot = dst-1-LJ_FR2;
       J->bcskip = 2;  /* Skip CALLM + select. */
     } else {
     nyivarg:
@@ -1836,10 +1899,10 @@ static TRef rec_cat(jit_State *J, BCReg baseslot, BCReg topslot)
 	break;
     }
     xbase = ++trp;
-    tr = hdr = emitir(IRT(IR_BUFHDR, IRT_P32),
+    tr = hdr = emitir(IRT(IR_BUFHDR, IRT_PGC),
 		      lj_ir_kptr(J, &J2G(J)->tmpbuf), IRBUFHDR_RESET);
     do {
-      tr = emitir(IRT(IR_BUFPUT, IRT_P32), tr, *trp++);
+      tr = emitir(IRT(IR_BUFPUT, IRT_PGC), tr, *trp++);
     } while (trp <= top);
     tr = emitir(IRT(IR_BUFSTR, IRT_STR), tr, hdr);
     J->maxslot = (BCReg)(xbase - J->base);
@@ -1880,7 +1943,15 @@ static void rec_comp_fixup(jit_State *J, const BCIns *pc, int cond)
   const BCIns *npc = pc + 2 + (cond ? bc_j(jmpins) : 0);
   SnapShot *snap = &J->cur.snap[J->cur.nsnap-1];
   /* Set PC to opposite target to avoid re-recording the comp. in side trace. */
+#if LJ_FR2
+  SnapEntry *flink = &J->cur.snapmap[snap->mapofs + snap->nent];
+  uint64_t pcbase;
+  memcpy(&pcbase, flink, sizeof(uint64_t));
+  pcbase = (pcbase & 0xff) | (u64ptr(npc) << 8);
+  memcpy(flink, &pcbase, sizeof(uint64_t));
+#else
   J->cur.snapmap[snap->mapofs + snap->nent] = SNAP_MKPC(npc);
+#endif
   J->needsnap = 1;
   if (bc_a(jmpins) < J->maxslot) J->maxslot = bc_a(jmpins);
   lj_snap_shrink(J);  /* Shrink last snapshot if possible. */
@@ -2156,14 +2227,14 @@ void lj_record_ins(jit_State *J)
   case BC_MODVN: case BC_MODVV:
   recmod:
     if (tref_isnumber_str(rb) && tref_isnumber_str(rc))
-      rc = lj_opt_narrow_mod(J, rb, rc, rcv);
+      rc = lj_opt_narrow_mod(J, rb, rc, rbv, rcv);
     else
       rc = rec_mm_arith(J, &ix, MM_mod);
     break;
   case BC_POW:
     if (tref_isnumber_str(rb) && tref_isnumber_str(rc))
-      rc = lj_opt_narrow_pow(J, lj_ir_tonum(J, rb), rc, rcv);
+      rc = lj_opt_narrow_pow(J, rb, rc, rbv, rcv);
     else
       rc = rec_mm_arith(J, &ix, MM_pow);
     break;
@@ -2178,7 +2249,13 @@ void lj_record_ins(jit_State *J)
   case BC_MOV:
     /* Clear gap of method call to avoid resurrecting previous refs. */
-    if (ra > J->maxslot) J->base[ra-1] = 0;
+    if (ra > J->maxslot) {
+#if LJ_FR2
+      memset(J->base + J->maxslot, 0, (ra - J->maxslot) * sizeof(TRef));
+#else
+      J->base[ra-1] = 0;
+#endif
+    }
     break;
   case BC_KSTR: case BC_KNUM: case BC_KPRI:
     break;
@@ -2186,6 +2263,8 @@ void lj_record_ins(jit_State *J)
     rc = lj_ir_kint(J, (int32_t)(int16_t)rc);
     break;
   case BC_KNIL:
+    if (LJ_FR2 && ra > J->maxslot)
+      J->base[ra-1] = 0;
     while (ra <= rc)
       J->base[ra++] = TREF_NIL;
     if (rc >= J->maxslot) J->maxslot = rc+1;
@@ -2247,14 +2326,14 @@ void lj_record_ins(jit_State *J)
   /* -- Calls and vararg handling ----------------------------------------- */
   case BC_ITERC:
-    J->base[ra] = getslot(J, ra-3-LJ_FR2);
-    J->base[ra+1] = getslot(J, ra-2-LJ_FR2);
-    J->base[ra+2] = getslot(J, ra-1-LJ_FR2);
+    J->base[ra] = getslot(J, ra-3);
+    J->base[ra+1+LJ_FR2] = getslot(J, ra-2);
+    J->base[ra+2+LJ_FR2] = getslot(J, ra-1);
     { /* Do the actual copy now because lj_record_call needs the values. */
       TValue *b = &J->L->base[ra];
-      copyTV(J->L, b, b-3-LJ_FR2);
-      copyTV(J->L, b+1, b-2-LJ_FR2);
-      copyTV(J->L, b+2, b-1-LJ_FR2);
+      copyTV(J->L, b, b-3);
+      copyTV(J->L, b+1+LJ_FR2, b-2);
+      copyTV(J->L, b+2+LJ_FR2, b-1);
     }
     lj_record_call(J, ra, (ptrdiff_t)rc-1);
     break;
@@ -2377,7 +2456,12 @@ void lj_record_ins(jit_State *J)
   /* rc == 0 if we have no result yet, e.g. pending __index metamethod call. */
   if (bcmode_a(op) == BCMdst && rc) {
     J->base[ra] = rc;
-    if (ra >= J->maxslot) J->maxslot = ra+1;
+    if (ra >= J->maxslot) {
+#if LJ_FR2
+      if (ra > J->maxslot) J->base[ra-1] = 0;
+#endif
+      J->maxslot = ra+1;
+    }
   }
 #undef rav
@@ -2462,7 +2546,7 @@ void lj_record_setup(jit_State *J)
   J->scev.idx = REF_NIL;
   setmref(J->scev.pc, NULL);
-  J->baseslot = 1;  /* Invoking function is at base[-1]. */
+  J->baseslot = 1+LJ_FR2;  /* Invoking function is at base[-1-LJ_FR2]. */
   J->base = J->slot + J->baseslot;
   J->maxslot = 0;
   J->framedepth = 0;
@@ -2477,7 +2561,7 @@ void lj_record_setup(jit_State *J)
   J->bc_extent = ~(MSize)0;
   /* Emit instructions for fixed references. Also triggers initial IR alloc. */
-  emitir_raw(IRT(IR_BASE, IRT_P32), J->parent, J->exitno);
+  emitir_raw(IRT(IR_BASE, IRT_PGC), J->parent, J->exitno);
   for (i = 0; i <= 2; i++) {
     IRIns *ir = IR(REF_NIL-i);
     ir->i = 0;