Skip to content

[lldb] Fix use-after-free in Playgrounds #10159

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 5, 2025
Merged

[lldb] Fix use-after-free in Playgrounds #10159

merged 1 commit into from
Mar 5, 2025

Conversation

adrian-prantl
Copy link

@adrian-prantl adrian-prantl commented Mar 4, 2025
edited
Loading

The precise compiler invocations change moved the ownership of the SwiftPersistentExpressionState from SwiftASTContext to TypeSystemSwiftTypeRef, which makes it shared between all SwiftASTCOntextForExpression objects. The LLDB name lookup contained a check to avoid finding a persistent result from the wrong context, but there was no such check in the REPL name lookup.

This is a problem when a Playground imports a framework that pulls in a fresh dylib because this forces a new SwiftASTContext to be created.

Duplicating the check avoids the crash. I further made sure to clear
the persistent state when the SwiftASTContext is replaced, and added
several assertions to ensure consistency.

rdar://143923367

@adrian-prantl adrian-prantl requested a review from a team as a code owner March 4, 2025 18:10
@adrian-prantl
Copy link
Author

@swift-ci test

JDevlieghere
JDevlieghere approved these changes Mar 4, 2025
View reviewed changes
Copy link

@JDevlieghere JDevlieghere left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM modulo using the correct macro.

@adrian-prantl
[lldb] Fix use-after-free in Playgrounds
c64b06a 
The precise compiler invocations change moved the ownership of the
SwiftPersistentExpressionState from SwiftASTContext to
TypeSystemSwiftTypeRef, which makes it shared between all
SwiftASTCOntextForExpression objects. The LLDB name lookup contained a
check to avoid finding a persistent result from the wrong context, but
there was no such check in the REPL name lookup.

This is a problem when a Playground imports a framework that pulls in
a fresh dylib because this forces a new SwiftASTContext to be created.

Duplicating the check avoids the crash. I further made sure to clear
the persistent state when the SwiftASTContext is replaced, and added
several assertions to ensure consistency.

rdar://143923367
@adrian-prantl
Copy link
Author

@swift-ci test

@adrian-prantl adrian-prantl merged commit fc8af60 into swiftlang:swift/release/6.1 Mar 5, 2025
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JDevlieghere JDevlieghere JDevlieghere approved these changes

@fredriss fredriss fredriss approved these changes

@augusto2112 augusto2112 Awaiting requested review from augusto2112

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@adrian-prantl @JDevlieghere @fredriss