From e0179640d54f4a61aa7522ac8529d36769fb9c08 Mon Sep 17 00:00:00 2001 From: mlugg Date: Fri, 2 Jun 2023 01:55:16 +0100 Subject: Sema: intern values of mutable decls after analysis This is necessary with the upcoming removal of Decl.value_arena to prevent UAF of these values. --- src/Module.zig | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'src/Module.zig') diff --git a/src/Module.zig b/src/Module.zig index 06e8c53eb7..d575f89b41 100644 --- a/src/Module.zig +++ b/src/Module.zig @@ -4424,6 +4424,9 @@ pub fn semaFile(mod: *Module, file: *File) SemaError!void { defer sema_arena.deinit(); const sema_arena_allocator = sema_arena.allocator(); + var comptime_mutable_decls = std.ArrayList(Decl.Index).init(gpa); + defer comptime_mutable_decls.deinit(); + var sema: Sema = .{ .mod = mod, .gpa = gpa, @@ -4437,6 +4440,7 @@ pub fn semaFile(mod: *Module, file: *File) SemaError!void { .fn_ret_ty = Type.void, .owner_func = null, .owner_func_index = .none, + .comptime_mutable_decls = &comptime_mutable_decls, }; defer sema.deinit(); @@ -4445,6 +4449,10 @@ pub fn semaFile(mod: *Module, file: *File) SemaError!void { if (sema.analyzeStructDecl(new_decl, main_struct_inst, struct_index)) |_| { try wip_captures.finalize(); + for (comptime_mutable_decls.items) |decl_index| { + const decl = mod.declPtr(decl_index); + try decl.intern(mod); + } new_decl.analysis = .complete; } else |err| switch (err) { error.OutOfMemory => return error.OutOfMemory, @@ -4522,6 +4530,9 @@ fn semaDecl(mod: *Module, decl_index: Decl.Index) !bool { defer analysis_arena.deinit(); const analysis_arena_allocator = analysis_arena.allocator(); + var comptime_mutable_decls = std.ArrayList(Decl.Index).init(gpa); + defer comptime_mutable_decls.deinit(); + var sema: Sema = .{ .mod = mod, .gpa = gpa, @@ -4535,6 +4546,7 @@ fn semaDecl(mod: *Module, decl_index: Decl.Index) !bool { .fn_ret_ty = Type.void, .owner_func = null, .owner_func_index = .none, + .comptime_mutable_decls = &comptime_mutable_decls, }; defer sema.deinit(); @@ -4577,6 +4589,10 @@ fn semaDecl(mod: *Module, decl_index: Decl.Index) !bool { const body = zir.extra[extra.end..][0..extra.data.body_len]; const result_ref = (try sema.analyzeBodyBreak(&block_scope, body)).?.operand; try wip_captures.finalize(); + for (comptime_mutable_decls.items) |ct_decl_index| { + const ct_decl = mod.declPtr(ct_decl_index); + try ct_decl.intern(mod); + } const align_src: LazySrcLoc = .{ .node_offset_var_decl_align = 0 }; const section_src: LazySrcLoc = .{ .node_offset_var_decl_section = 0 }; const address_space_src: LazySrcLoc = .{ .node_offset_var_decl_addrspace = 0 }; @@ -5486,6 +5502,9 @@ pub fn analyzeFnBody(mod: *Module, func_index: Fn.Index, arena: Allocator) SemaE const decl_arena_allocator = decl.value_arena.?.acquire(gpa, &decl_arena); defer decl.value_arena.?.release(&decl_arena); + var comptime_mutable_decls = std.ArrayList(Decl.Index).init(gpa); + defer comptime_mutable_decls.deinit(); + const fn_ty = decl.ty; const fn_ty_info = mod.typeToFunc(fn_ty).?; @@ -5503,6 +5522,7 @@ pub fn analyzeFnBody(mod: *Module, func_index: Fn.Index, arena: Allocator) SemaE .owner_func = func, .owner_func_index = func_index.toOptional(), .branch_quota = @max(func.branch_quota, Sema.default_branch_quota), + .comptime_mutable_decls = &comptime_mutable_decls, }; defer sema.deinit(); @@ -5642,6 +5662,10 @@ pub fn analyzeFnBody(mod: *Module, func_index: Fn.Index, arena: Allocator) SemaE } try wip_captures.finalize(); + for (comptime_mutable_decls.items) |ct_decl_index| { + const ct_decl = mod.declPtr(ct_decl_index); + try ct_decl.intern(mod); + } // Copy the block into place and mark that as the main block. try sema.air_extra.ensureUnusedCapacity(gpa, @typeInfo(Air.Block).Struct.fields.len + -- cgit v1.2.3