Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Ledest:erlang:26
erlang
0129-Fix-unsafe-code-generation-for-binary-matc...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0129-Fix-unsafe-code-generation-for-binary-matching.patch of Package erlang
From 60f8f9eaa7966258126d0c9a4fff1514cbfa0830 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Gustavsson?= <bjorn@erlang.org> Date: Thu, 27 Jun 2024 12:00:23 +0200 Subject: [PATCH] Fix unsafe code generation for binary matching The common sub expression (CSE) optimization could cause a call to a guard BIF to be inserted into the middle of a sequence of binary syntax matching instructions, which in turn could cause unsafe `bs_match` (BEAM) instructions to be emitted. Resolves #8617 --- lib/compiler/src/beam_ssa_opt.erl | 39 +++++++++++++++++--------- lib/compiler/test/bs_bincomp_SUITE.erl | 11 ++++++++ 2 files changed, 37 insertions(+), 13 deletions(-) diff --git a/lib/compiler/src/beam_ssa_opt.erl b/lib/compiler/src/beam_ssa_opt.erl index fca1e08877..cb81f59768 100644 --- a/lib/compiler/src/beam_ssa_opt.erl +++ b/lib/compiler/src/beam_ssa_opt.erl @@ -3623,7 +3623,7 @@ is_bs_match_blk(L, Blocks) -> Blk = map_get(L, Blocks), case Blk of #b_blk{is=Is,last=#b_br{bool=#b_var{}}=Last} -> - case is_bs_match_is(Is) of + case is_bs_match_is(Is, true) of no -> no; {yes,CtxSizeUnit} -> @@ -3634,20 +3634,33 @@ is_bs_match_blk(L, Blocks) -> end. is_bs_match_is([#b_set{op=bs_match,dst=Dst}=I, - #b_set{op={succeeded,guard},args=[Dst]}]) -> - case is_viable_match(I) of - no -> + #b_set{op={succeeded,guard},args=[Dst]}], Safe) -> + case Safe of + false -> + %% This `bs_match` (SSA) instruction was preceded by other + %% instructions (such as guard BIF calls) that would + %% prevent this match operation to be incorporated into + %% the commands list of a `bs_match` (BEAM) instruction. no; - {yes,{Ctx,Size,Unit}} when Size bsr 24 =:= 0 -> - %% Only include matches of reasonable size. - {yes,{{Ctx,Dst},Size,Unit}}; - {yes,_} -> - %% Too large size. - no + true -> + case is_viable_match(I) of + no -> + no; + {yes,{Ctx,Size,Unit}} when Size bsr 24 =:= 0 -> + %% Only include matches of reasonable size. + {yes,{{Ctx,Dst},Size,Unit}}; + {yes,_} -> + %% Too large size. + no + end end; -is_bs_match_is([_|Is]) -> - is_bs_match_is(Is); -is_bs_match_is([]) -> no. +is_bs_match_is([#b_set{op=bs_extract}|Is], Safe) -> + is_bs_match_is(Is, Safe); +is_bs_match_is([#b_set{op=bs_start_match}|Is], _Safe) -> + is_bs_match_is(Is, true); +is_bs_match_is([_|Is], _Safe) -> + is_bs_match_is(Is, false); +is_bs_match_is([], _Safe) -> no. is_viable_match(#b_set{op=bs_match,args=Args}) -> case Args of diff --git a/lib/compiler/test/bs_bincomp_SUITE.erl b/lib/compiler/test/bs_bincomp_SUITE.erl index 3d95ec29d8..e5cd824ed0 100644 --- a/lib/compiler/test/bs_bincomp_SUITE.erl +++ b/lib/compiler/test/bs_bincomp_SUITE.erl @@ -671,12 +671,23 @@ grab_bag(_Config) -> %% Cover a line v3_kernel:get_line/1. _ = catch << ok || <<>> <= ok, ok >>, + [] = grab_bag_gh_8617(<<>>), + [0] = grab_bag_gh_8617(<<1:1>>), + [0,0,0] = grab_bag_gh_8617(<<0:3>>), + ok. grab_bag_gh_6553(<<X>>) -> %% Would crash in beam_ssa_pre_codegen. <<X, ((<<_:0>> = <<_>>) = <<>>)>>. +grab_bag_gh_8617(Bin) -> + %% GH-8617: CSE would cause a call self/0 to be inserted in + %% the middle of a sequence of `bs_match` instructions, causing + %% unsafe matching code to be emitted. + [0 || <<_:0, _:(tuple_size({self()}))>> <= Bin, + is_pid(id(self()))]. + cs_init() -> erts_debug:set_internal_state(available_internal_state, true), ok. -- 2.35.3
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
