zdoom/qzdoom
0
0
Fork 0
mirror of https://github.com/ZDoom/qzdoom.git synced 2024-11-11 07:11:54 +00:00
Code Issues Projects Releases Packages Wiki Activity

- fixed code generation for very special if+switch combination

Browse source 
CheckReturn() must be called before emitting code, otherwise it will always return false for switch statements
Redundant jump instruction added because of that will point right after the end of function's code when if statement is the last one in the given function
This wasn't a problem for VM because bytecode in question was unreachable
JIT compiler tries to generate native code for a bogus jump destination, and this leads to out-of-bounds read from labels array

https://forum.zdoom.org/viewtopic.php?t=67149
This commit is contained in:
alexey.lysiuk 2020-01-30 18:01:52 +02:00
parent 538af7bbfa
commit dd54c14380
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/scripting/backend/codegen.cpp
View file

@ -10278,6 +10278,7 @@ ExpEmit FxIfStatement::Emit(VMFunctionBuilder *build)
{
ExpEmit v;
size_t jumpspot = ~0u;
bool whenTrueReturns = false;
TArray<size_t> yes, no;
Condition->EmitCompare(build, WhenTrue == nullptr, yes, no);
@ -10285,13 +10286,14 @@ ExpEmit FxIfStatement::Emit(VMFunctionBuilder *build)
if (WhenTrue != nullptr)
{
build->BackpatchListToHere(yes);
whenTrueReturns = WhenTrue->CheckReturn();
WhenTrue->EmitStatement(build);
}
if (WhenFalse != nullptr)
{
if (WhenTrue != nullptr)
{
if (!WhenTrue->CheckReturn()) jumpspot = build->Emit(OP_JMP, 0); // no need to emit a jump if the block returns.
if (!whenTrueReturns) jumpspot = build->Emit(OP_JMP, 0); // no need to emit a jump if the block returns.
build->BackpatchListToHere(no);
}
WhenFalse->EmitStatement(build);