Skip to content

[6.2] MoveOnlyChecker: avoid dangling reference in custom alloc #84937

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 16, 2025
Merged

[6.2] MoveOnlyChecker: avoid dangling reference in custom alloc #84937

merged 1 commit into from
Oct 16, 2025

Conversation

kavon
Copy link
Member

@kavon kavon commented Oct 15, 2025
edited
Loading

  • Explanation: Fixes a use-after-free in the MoveOnlyChecker
  • Scope: Can cause crashes of the compiler on code using ~Copyable types within a large-enough function.
  • Issues: rdar://162440304
  • Original PRs: MoveOnlyChecker: avoid dangling reference in custom alloc #84934
  • Risk: Low. The asserts I added would only catch further uses of uninitialized memory.
  • Testing: Manual testing within a configuration that would reproduce the crash 100% of the time. Patch resolves that crash.
  • Reviewers: @jckarter

@kavon
MoveOnlyChecker: avoid dangling reference in custom alloc
743599b 
The AvailableValueStore maintains stable spans of SILValues,
one span (effectively a MutableArrayRef) per basic block, that
is preallocated for performance.

This patch fixes an issue where _a pointer_ to a span is vended from
`AvailableValueStore::get` and that pointer is into storage within
a DenseMap, which can reallocate and invalidate all such pointers.

There's no reason to be returning a pointer to a MutableArrayRef,
aka AvailableValues, so I've simply stripped off that indirection to
fix this issue.

resolves rdar://162440304

(cherry picked from commit d1f3f84)
@kavon kavon requested a review from a team as a code owner October 15, 2025 22:05
@kavon
Copy link
Member Author

kavon commented Oct 15, 2025

@swift-ci test

@kavon
Copy link
Member Author

kavon commented Oct 15, 2025

@swift-ci Please Build Toolchain Ubuntu 24.04

@kavon
Copy link
Member Author

kavon commented Oct 16, 2025

Looks like the toolchain build failed with an unrelated issue:

******************** TEST 'Swift(linux-x86_64) :: Interop/CxxToSwiftToCxx/span/span-execution.cpp' FAILED ********************
... 
 /home/build-user/build/buildbot_linux/swift-linux-x86_64/test-linux-x86_64/Interop/CxxToSwiftToCxx/span/Output/span-execution.cpp.tmp/header.h:8:44: error: unknown type name 'uint8_t'
     8 |   using SpanOfConstUInt8 = std::span<const uint8_t>;
       |                                            ^
 In file included from /home/build-user/build/buildbot_linux/swift-linux-x86_64/test-linux-x86_64/Interop/CxxToSwiftToCxx/span/Output/span-execution.cpp.tmp/use-span.cpp:3:
 /home/build-user/build/buildbot_linux/swift-linux-x86_64/test-linux-x86_64/Interop/CxxToSwiftToCxx/span/Output/span-execution.cpp.tmp/UseSpan.h:4111:58: error: no member named 'SpanOfConstUInt8' in namespace 'ns'
  4111 | inline const constexpr bool isUsableInGenericContext<ns::SpanOfConstUInt8> = true;
       |                                                      ~~~~^
 /home/build-user/build/buildbot_linux/swift-linux-x86_64/test-linux-x86_64/Interop/CxxToSwiftToCxx/span/Output/span-execution.cpp.tmp/UseSpan.h:4113:30: error: no member named 'SpanOfConstUInt8' in namespace 'ns'
  4113 | struct TypeMetadataTrait<ns::SpanOfConstUInt8> {
       |                          ~~~~^
 /home/build-user/build/buildbot_linux/swift-linux-x86_64/test-linux-x86_64/Interop/CxxToSwiftToCxx/span/Output/span-execution.cpp.tmp/UseSpan.h:4120:57: error: no member named 'SpanOfConstUInt8' in namespace 'ns'
  4120 | inline const constexpr bool isSwiftBridgedCxxRecord<ns::SpanOfConstUInt8> = true;
       |                                                     ~~~~^
 4 errors generated.

@kavon
Copy link
Member Author

kavon commented Oct 16, 2025

@swift-ci Please Build Toolchain UBI9

@kavon kavon enabled auto-merge October 16, 2025 19:18
@kavon kavon merged commit 24154e3 into swiftlang:release/6.2 Oct 16, 2025
5 of 7 checks passed
@kavon kavon deleted the 6.2-the-realloc-strikes-back-rdar162440304 branch October 16, 2025 20:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hborla hborla hborla approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kavon @hborla