FIXED: Use stack variable after return for LibBF bignums

This leads to incorrect results and crashes when using really big bignums. The LibBF bignum implementation is by default used for the WASM version and the MacOS binaries.
SWI-Prolog · Sep 22, 2024 · 5c4949a · 5c4949a
1 parent 9535dba
commit 5c4949a
Show file tree

Hide file tree

Showing 2 changed files with 49 additions and 13 deletions.
diff --git a/src/libbf/libbf.c b/src/libbf/libbf.c
@@ -163,6 +163,26 @@ static inline slimb_t sat_add(slimb_t a, slimb_t b)
     return r;
 }
 
+static void*
+cache_realloc(void *opaque, void *ptr, size_t new)
+{ return realloc(ptr, new);
+}
+
+static void
+cache_free(void *opaque, void *ptr, size_t size)
+{ free(ptr);
+}
+
+#define CACHE_MALLOC_BEGIN(__ctx) \
+  { bf_realloc_func_t *__raf = __ctx->realloc_func; \
+    bf_free_func_t *__rf = __ctx->free_func; \
+    __ctx->realloc_func = cache_realloc; \
+    __ctx->free_func = cache_free;
+#define CACHE_MALLOC_END(__ctx)	 \
+    __ctx->realloc_func = __raf; \
+    __ctx->free_func = __rf; \
+  }
+
 #define malloc(s) malloc_is_forbidden(s)
 #define free(p) free_is_forbidden(p)
 #define realloc(p, s) realloc_is_forbidden(p, s)
@@ -4173,7 +4193,9 @@ int bf_const_pi(bf_t *T, limb_t prec, bf_flags_t flags)
 void bf_clear_cache(bf_context_t *s)
 {
 #ifdef USE_FFT_MUL
+    CACHE_MALLOC_BEGIN(s);
     fft_clear_cache(s);
+    CACHE_MALLOC_END(s);
 #endif
     bf_const_free(&s->log2_cache);
     bf_const_free(&s->pi_cache);
@@ -7782,18 +7804,11 @@ static no_inline void mul_trig(NTTLimb *buf,
 
 #endif /* !AVX2 */
 
-static no_inline NTTLimb *get_trig(BFNTTState *s,
-				   int k, int inverse, int m_idx)
-{
-    NTTLimb *tab;
+static no_inline NTTLimb *get_trig_mk_cache(BFNTTState *s,
+					    int k, int inverse, int m_idx)
+{   NTTLimb *tab;
     limb_t i, n2, c, c_mul, m, c_mul_inv;
 
-    if (k > NTT_TRIG_K_MAX)
-	return NULL;
-
-    tab = s->ntt_trig[m_idx][inverse][k];
-    if (tab)
-	return tab;
     n2 = (limb_t)1 << (k - 1);
     m = ntt_mods[m_idx];
 #ifdef __AVX2__
@@ -7819,6 +7834,25 @@ static no_inline NTTLimb *get_trig(BFNTTState *s,
     return tab;
 }
 
+static no_inline NTTLimb *get_trig(BFNTTState *s,
+				   int k, int inverse, int m_idx)
+{
+    NTTLimb *tab;
+
+    if (k > NTT_TRIG_K_MAX)
+	return NULL;
+
+    tab = s->ntt_trig[m_idx][inverse][k];
+    if (tab)
+	return tab;
+
+    NTTLimb *rc;
+    CACHE_MALLOC_BEGIN(s->ctx);
+    rc = get_trig_mk_cache(s, k, inverse, m_idx);
+    CACHE_MALLOC_END(s->ctx);
+    return rc;
+}
+
 void fft_clear_cache(bf_context_t *s1)
 {
     int m_idx, inverse, k;

diff --git a/src/pl-bf.c b/src/pl-bf.c
@@ -5,7 +5,7 @@
     WWW:           http://www.swi-prolog.org
     Copyright (c)  2022, University of Amsterdam
                          VU University Amsterdam
-		         CWI, Amsterdam
+			 CWI, Amsterdam
     All rights reserved.
 
     Redistribution and use in source and binary forms, with or without
@@ -46,7 +46,10 @@ default_free(void *ptr, size_t size)
 { free(ptr);
 }
 
-mp_alloc_wrapper alloc_wrapper = { .realloc_func = default_realloc, .free_func = default_free };
+mp_alloc_wrapper alloc_wrapper = {
+  .realloc_func = default_realloc,
+  .free_func = default_free
+};
 
 static void *
 my_bf_realloc(void *opaque, void *ptr, size_t size)
@@ -73,4 +76,3 @@ void
 bf_not_implemented(const char *msg)
 { Sdprintf("LibBF: Not implemented: %s\n", msg);
 }
-