Skip to content

[Cherry-pick into next] [lldb] Fix use-after-free in Playgrounds #10174

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 5, 2025
Merged

[Cherry-pick into next] [lldb] Fix use-after-free in Playgrounds #10174

merged 1 commit into from
Mar 5, 2025

Conversation

adrian-prantl
Copy link 

commit c64b06a11e1824392574f929fbc62cc304756ab7
Author: Adrian Prantl <[email protected]>
Date:   Mon Mar 3 17:12:41 2025 -0800

    [lldb] Fix use-after-free in Playgrounds
    
    The precise compiler invocations change moved the ownership of the
    SwiftPersistentExpressionState from SwiftASTContext to
    TypeSystemSwiftTypeRef, which makes it shared between all
    SwiftASTCOntextForExpression objects. The LLDB name lookup contained a
    check to avoid finding a persistent result from the wrong context, but
    there was no such check in the REPL name lookup.
    
    This is a problem when a Playground imports a framework that pulls in
    a fresh dylib because this forces a new SwiftASTContext to be created.
    
    Duplicating the check avoids the crash. I further made sure to clear
    the persistent state when the SwiftASTContext is replaced, and added
    several assertions to ensure consistency.
    
    rdar://143923367

@adrian-prantl
[lldb] Fix use-after-free in Playgrounds
cce1653 
The precise compiler invocations change moved the ownership of the
SwiftPersistentExpressionState from SwiftASTContext to
TypeSystemSwiftTypeRef, which makes it shared between all
SwiftASTCOntextForExpression objects. The LLDB name lookup contained a
check to avoid finding a persistent result from the wrong context, but
there was no such check in the REPL name lookup.

This is a problem when a Playground imports a framework that pulls in
a fresh dylib because this forces a new SwiftASTContext to be created.

Duplicating the check avoids the crash. I further made sure to clear
the persistent state when the SwiftASTContext is replaced, and added
several assertions to ensure consistency.

rdar://143923367
(cherry picked from commit c64b06a)
@adrian-prantl adrian-prantl merged commit e49a3ec into swiftlang:next Mar 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JDevlieghere JDevlieghere Awaiting requested review from JDevlieghere JDevlieghere is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@adrian-prantl