From 4077f0c3d66ee9d74c705e605038271ceb39238e Mon Sep 17 00:00:00 2001
From: Mike Pall <mike>
Date: Sun, 16 Jan 2022 21:01:52 +0100
Subject: [PATCH] Prevent unroll across BC_ITERN.

Reported by Marukyu.
---
 src/lj_record.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/lj_record.c b/src/lj_record.c
index 44163e5b..d4d687e7 100644
--- a/src/lj_record.c
+++ b/src/lj_record.c
@@ -667,6 +667,7 @@ static LoopEvent rec_itern(jit_State *J, BCReg ra, BCReg rb)
       (J->cur.nins > REF_FIRST+1 ||
        (J->cur.nins == REF_FIRST+1 && J->cur.ir[REF_FIRST].o != IR_PROF)) &&
       J->framedepth + J->retdepth == 0 && J->parent == 0 && J->exitno == 0) {
+    J->instunroll = 0;  /* Cannot continue unrolling across an ITERN. */
     lj_record_stop(J, LJ_TRLINK_LOOP, J->cur.traceno);  /* Looping trace. */
     return LOOPEV_ENTER;
   }