From 1f94cd4ee506b063d0698d6b40bcff69d5d6f27f Mon Sep 17 00:00:00 2001 From: Wenyong Huang Date: Wed, 3 Jul 2024 15:18:42 +0800 Subject: [PATCH] wasm loader: Fix push_frame_offset when pushing v128 type (#3588) Fixes issue https://github.com/bytecodealliance/wasm-micro-runtime/issues/3580. --- core/iwasm/interpreter/wasm_loader.c | 27 ++++++++++++++--------- core/iwasm/interpreter/wasm_mini_loader.c | 26 +++++++++++++--------- 2 files changed, 32 insertions(+), 21 deletions(-) diff --git a/core/iwasm/interpreter/wasm_loader.c b/core/iwasm/interpreter/wasm_loader.c index fe300ec2..c026a75f 100644 --- a/core/iwasm/interpreter/wasm_loader.c +++ b/core/iwasm/interpreter/wasm_loader.c @@ -9315,6 +9315,8 @@ wasm_loader_push_frame_offset(WASMLoaderContext *ctx, uint8 type, bool disable_emit, int16 operand_offset, char *error_buf, uint32 error_buf_size) { + uint32 cell_num_to_push, i; + if (type == VALUE_TYPE_VOID) return true; @@ -9341,21 +9343,24 @@ wasm_loader_push_frame_offset(WASMLoaderContext *ctx, uint8 type, if (is_32bit_type(type)) return true; - if (ctx->p_code_compiled == NULL) { - if (!check_offset_push(ctx, error_buf, error_buf_size)) - return false; - } + cell_num_to_push = wasm_value_type_cell_num(type) - 1; + for (i = 0; i < cell_num_to_push; i++) { + if (ctx->p_code_compiled == NULL) { + if (!check_offset_push(ctx, error_buf, error_buf_size)) + return false; + } - ctx->frame_offset++; - if (!disable_emit) { - ctx->dynamic_offset++; - if (ctx->dynamic_offset > ctx->max_dynamic_offset) { - ctx->max_dynamic_offset = ctx->dynamic_offset; - if (ctx->max_dynamic_offset >= INT16_MAX) { - goto fail; + ctx->frame_offset++; + if (!disable_emit) { + ctx->dynamic_offset++; + if (ctx->dynamic_offset > ctx->max_dynamic_offset) { + ctx->max_dynamic_offset = ctx->dynamic_offset; + if (ctx->max_dynamic_offset >= INT16_MAX) + goto fail; } } } + return true; fail: diff --git a/core/iwasm/interpreter/wasm_mini_loader.c b/core/iwasm/interpreter/wasm_mini_loader.c index 2bca20a8..7cef4165 100644 --- a/core/iwasm/interpreter/wasm_mini_loader.c +++ b/core/iwasm/interpreter/wasm_mini_loader.c @@ -4869,6 +4869,8 @@ wasm_loader_push_frame_offset(WASMLoaderContext *ctx, uint8 type, bool disable_emit, int16 operand_offset, char *error_buf, uint32 error_buf_size) { + uint32 cell_num_to_push, i; + if (type == VALUE_TYPE_VOID) return true; @@ -4893,19 +4895,23 @@ wasm_loader_push_frame_offset(WASMLoaderContext *ctx, uint8 type, if (is_32bit_type(type)) return true; - if (ctx->p_code_compiled == NULL) { - if (!check_offset_push(ctx, error_buf, error_buf_size)) - return false; - } + cell_num_to_push = wasm_value_type_cell_num(type) - 1; + for (i = 0; i < cell_num_to_push; i++) { + if (ctx->p_code_compiled == NULL) { + if (!check_offset_push(ctx, error_buf, error_buf_size)) + return false; + } - ctx->frame_offset++; - if (!disable_emit) { - ctx->dynamic_offset++; - if (ctx->dynamic_offset > ctx->max_dynamic_offset) { - ctx->max_dynamic_offset = ctx->dynamic_offset; - bh_assert(ctx->max_dynamic_offset < INT16_MAX); + ctx->frame_offset++; + if (!disable_emit) { + ctx->dynamic_offset++; + if (ctx->dynamic_offset > ctx->max_dynamic_offset) { + ctx->max_dynamic_offset = ctx->dynamic_offset; + bh_assert(ctx->max_dynamic_offset < INT16_MAX); + } } } + return true; }