ltratt
commented
1 week ago I've changed the title because a bug is a bug, and UB is a bogeyman we use to scare children :p
Open vext01 opened 1 week ago
ltratt
commented
1 week ago I've changed the title because a bug is a bug, and UB is a bogeyman we use to scare children :p
Lua has this notion of "dumping" (serialising to a binary string) functions when they are GCd. Later they can be "undumped" back into
Protos. AProtois where we store our yk locations array.@Pavel-Durov knew about this is the "old" branch, and attempted a fix: https://github.com/ykjit/yklua/issues/32
When we upgraded the Lua version, that change wasn't carried over.
Since we don't dump/undump the yk locations, I'd expect uninitialised memory accesses. but @Pavel-Durov was saying that it fixes a use after free. I'm not sure why that would be.
If/when we want to revisit this, we should review the old branch change, because it looks to me like it creates new yk locations upon undump, leaving the old ones to leak(?).