Skip to content

Reset members of value_stack and allow to reuse #1048

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
wenyongh merged 1 commit into from
Mar 15, 2022
Merged

Reset members of value_stack and allow to reuse #1048

wenyongh merged 1 commit into from
Mar 15, 2022

Conversation

@lum1n0us
Copy link
Contributor

@lum1n0us lum1n0us commented Mar 15, 2022

After jit_value_stack_destory(), the JitValue pointed
by value_list_head and value_list_end are freed and
still keep the value.

So, when jit_value_stack_push() is called, for example,
load_block_params() after jit_value_stack_destroy() in
handle_op_else(), value_stack will not be treated like
an empty one, and new JitValue will be appended to value_list_end,
which is a dangling pointer(pointer to the freed JitValue).

In my case, the crash will occur if value_stack be destroyed
again.

P.S.
Test with

(module
  (func (export "main") (param i32 i32) (result i32)
    (block (result i32)
      (if (result i32) (local.get 1)
        (then (i32.const 16))
        (else (i32.const 32))
      )
    )
  )
)

@wenyongh wenyongh merged commit 9fd3d53 into bytecodealliance:dev/fast_jit Mar 15, 2022
@lum1n0us
Reset members of value_stack and allow to reuse
2092145 
After `jit_value_stack_destory()`, the `JitValue` pointed
by `value_list_head` and `value_list_end` are freed and
still keep the value.

So, when `jit_value_stack_push()` is called, for example,
`load_block_params()` after `jit_value_stack_destroy()` in
`handle_op_else()`, `value_stack` will not be treated like
an empty one, and new `JitValue` will be appended to `value_list_end`,
which is a dangling pointer(pointer to the freed `JitValue`).

In my case, the crash will be occured if `value_stack` be destroied
again.
@lum1n0us lum1n0us deleted the reset_value_stack branch May 10, 2022 14:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@lum1n0us @wenyongh