Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(630)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: src/wasm/function-body-decoder.cc

Issue 2638383004: [wasm] Fix checking of unreachable code (clear stack after unreachable). (Closed)
Patch Set: Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | test/mjsunit/wasm/unreachable-validation.js » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: src/wasm/function-body-decoder.cc
diff --git a/src/wasm/function-body-decoder.cc b/src/wasm/function-body-decoder.cc
index 7c95b5a672300eebed09d0fe7016ddd5f06a8cdb..a798ff8c24aa17fda92c7247471acb5c3315777f 100644
--- a/src/wasm/function-body-decoder.cc
+++ b/src/wasm/function-body-decoder.cc
@@ -1241,7 +1241,15 @@ class WasmFullDecoder : public WasmDecoder {
if (pc_ > end_ && ok()) error("Beyond end of code");
}
- void EndControl() { ssa_env_->Kill(SsaEnv::kControlEnd); }
+ void EndControl() {
+ ssa_env_->Kill(SsaEnv::kControlEnd);
+ if (control_.empty()) {
rossberg 2017/01/19 12:55:11 I suppose you could avoid spurious case distinctio
+ stack_.clear();
+ } else {
+ DCHECK_LE(control_.back().stack_depth, stack_.size());
+ stack_.resize(control_.back().stack_depth);
+ }
+ }
void SetBlockType(Control* c, BlockTypeOperand& operand) {
c->merge.arity = operand.arity;
« no previous file with comments | « no previous file | test/mjsunit/wasm/unreachable-validation.js » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698