You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The current lifetime check for function parameters is unsound and can lead to memory corruption.
Issue Details
Even if #1497 (compiler: Function return values (?) not lifetime-tracked) is fixed appropriately, the current escape analysis for function parameters is still unsound and can lead to memory corruption. The reason is that the lifetime for function parameters are treated as the same, but they should be treated as incomparable for correct analysis.
For example, consider the following code:
@kerneldefbar(ls):
a= [1, 2, 3]
ls[0] =a
This would cause a compilation error, as the compiler correctly identified that the variable a is mutable, and does not outlive the variable ls which is passed from the caller. However, if we change the function a bit:
@kerneldeffoo(ls, a):
ls[0] =a@kerneldefbar(ls):
a= [1, 2, 3]
foo(ls, a)
Instead of assigning it directly, we pass to another function foo which does the assignment. As the current escape analysis treats each parameter to have the same scope, this passes the lifetime check, but the behavior is exactly the same as the previous one, and should be rejected.
This is because we saved a = ls[0]. The function bar should assign a new list [1, 2, 3] to the first element in ls, so it should not affect our variable a.
Actual (undesired) Behavior
Prints
[0, 2, 3]
[1, 2, 3]
[1, 2, 3]
Your System (omit irrelevant parts)
ARTIQ version: Current master
The text was updated successfully, but these errors were encountered:
I think I might have just seen another version of this. We had some code that did something similar to:
class Escape2(EnvExperiment):
def build(self):
self.setattr_device("core")
self.s = ""
def run(self):
self.run1("base")
@kernel
def run1(self, base):
tmp = base + ".extend"
self.run2(tmp)
print("self.s", self.s)
@kernel
def run2(self, s):
self.s = s
Which crashes in the UTF-8 validation of the RPC call to write back the value of s (the crash looks similar to #1379, but I'm convinced that this is the underlying cause). The original code involved more nesting and an explicit RPC that tried to use a reference that had outlived the lifetime of the value. But the upshot was the same.
Bug Report
One-Line Summary
The current lifetime check for function parameters is unsound and can lead to memory corruption.
Issue Details
Even if #1497 (compiler: Function return values (?) not lifetime-tracked) is fixed appropriately, the current escape analysis for function parameters is still unsound and can lead to memory corruption. The reason is that the lifetime for function parameters are treated as the same, but they should be treated as incomparable for correct analysis.
For example, consider the following code:
This would cause a compilation error, as the compiler correctly identified that the variable
a
is mutable, and does not outlive the variablels
which is passed from the caller. However, if we change the function a bit:Instead of assigning it directly, we pass to another function
foo
which does the assignment. As the current escape analysis treats each parameter to have the same scope, this passes the lifetime check, but the behavior is exactly the same as the previous one, and should be rejected.Steps to Reproduce
Run the following code:
Expected Behavior
Either reject the code or print
This is because we saved
a = ls[0]
. The functionbar
should assign a new list[1, 2, 3]
to the first element inls
, so it should not affect our variablea
.Actual (undesired) Behavior
Prints
Your System (omit irrelevant parts)
The text was updated successfully, but these errors were encountered: