blob: c9c82c56ec8e7c50d75c42c78047b0fa38f4a3ad (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
When emitting jump instructions for breaking out of for-loops, the compiler
incorrectly set the jump target before the pop instruction clearing the
intermediate loop variables. Since the break instruction itself already
compiles to a series of pop instructions reverting the stack to it's the
pre-loop state, intermediate values got popped twice, leading to a stack
layout mismatch between compiler and VM, resulting in wrong local variable
values or segmentation faults at runtime.
-- Testcase --
{%
let x = 1;
for (let y in [2])
break;
let z = 3;
print([ x, z ], "\n");
%}
-- End --
-- Expect stdout --
[ 1, 3 ]
-- End --
-- Testcase --
{%
let x = 1;
for (let y = 0; y < 1; y++)
break;
let z = 3;
print([ x, z ], "\n");
%}
-- End --
-- Expect stdout --
[ 1, 3 ]
-- End --
|
