diff options
| author | Andrew Kelley <andrew@ziglang.org> | 2022-07-27 16:11:07 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-07-27 16:11:07 -0700 |
| commit | dfc7493dcb049788b92137ca09b8bd47cee23865 (patch) | |
| tree | dfd6c4da8bc1ff71e0ecc8a1d3a1ac29c433bc64 /src/Sema.zig | |
| parent | 90f23e131eadae427c4253fb658002633263b82e (diff) | |
| parent | 793db63746ca044927743ee94405dad2a3f02fb8 (diff) | |
| download | zig-dfc7493dcb049788b92137ca09b8bd47cee23865.tar.gz zig-dfc7493dcb049788b92137ca09b8bd47cee23865.zip | |
Merge pull request #12256 from Vexu/stage2
stage2 typeInfo UAF fix + more
Diffstat (limited to 'src/Sema.zig')
| -rw-r--r-- | src/Sema.zig | 22 |
1 files changed, 16 insertions, 6 deletions
diff --git a/src/Sema.zig b/src/Sema.zig index 293169e293..ad8beff0f3 100644 --- a/src/Sema.zig +++ b/src/Sema.zig @@ -5695,6 +5695,7 @@ fn analyzeCall( sema.inst_map.clearRetainingCapacity(); const decl = sema.mod.declPtr(block.src_decl); child_block.src_decl = block.src_decl; + arg_i = 0; try sema.analyzeInlineCallArg( block, &child_block, @@ -12864,7 +12865,7 @@ fn zirTypeInfo(sema: *Sema, block: *Block, inst: Zir.Inst.Index) CompileError!Ai else try Value.Tag.opt_payload.create( params_anon_decl.arena(), - try Value.Tag.ty.create(params_anon_decl.arena(), param_ty), + try Value.Tag.ty.create(params_anon_decl.arena(), try param_ty.copy(params_anon_decl.arena())), ); const param_fields = try params_anon_decl.arena().create([3]Value); @@ -15441,8 +15442,17 @@ fn zirReify(sema: *Sema, block: *Block, inst: Zir.Inst.Index) CompileError!Air.I const is_allowzero_val = struct_val[6]; const sentinel_val = struct_val[7]; + const abi_align = @intCast(u29, alignment_val.toUnsignedInt(target)); // TODO: Validate this value. + var buffer: Value.ToTypeBuffer = undefined; - const child_ty = child_val.toType(&buffer); + const unresolved_elem_ty = child_val.toType(&buffer); + const elem_ty = if (abi_align == 0) + unresolved_elem_ty + else t: { + const elem_ty = try sema.resolveTypeFields(block, src, unresolved_elem_ty); + try sema.resolveTypeLayout(block, src, elem_ty); + break :t elem_ty; + }; const ptr_size = size_val.toEnum(std.builtin.Type.Pointer.Size); @@ -15454,7 +15464,7 @@ fn zirReify(sema: *Sema, block: *Block, inst: Zir.Inst.Index) CompileError!Air.I const sentinel_ptr_val = sentinel_val.castTag(.opt_payload).?.data; const ptr_ty = try Type.ptr(sema.arena, mod, .{ .@"addrspace" = .generic, - .pointee_type = child_ty, + .pointee_type = try elem_ty.copy(sema.arena), }); actual_sentinel = (try sema.pointerDeref(block, src, sentinel_ptr_val, ptr_ty)).?; } @@ -15463,9 +15473,9 @@ fn zirReify(sema: *Sema, block: *Block, inst: Zir.Inst.Index) CompileError!Air.I .size = ptr_size, .mutable = !is_const_val.toBool(), .@"volatile" = is_volatile_val.toBool(), - .@"align" = @intCast(u29, alignment_val.toUnsignedInt(target)), // TODO: Validate this value. + .@"align" = abi_align, .@"addrspace" = address_space_val.toEnum(std.builtin.AddressSpace), - .pointee_type = try child_ty.copy(sema.arena), + .pointee_type = try elem_ty.copy(sema.arena), .@"allowzero" = is_allowzero_val.toBool(), .sentinel = actual_sentinel, }); @@ -26626,7 +26636,7 @@ fn getBuiltinType( ) CompileError!Type { const ty_inst = try sema.getBuiltin(block, src, name); const result_ty = try sema.analyzeAsType(block, src, ty_inst); - try sema.queueFullTypeResolution(result_ty); + try sema.resolveTypeFully(block, src, result_ty); // Should not fail return result_ty; } |