Sema: convert result location packed struct inits into aggregate inits

Vexu · Vexu · commit 21507c25327b · 2022-11-25T23:59:10.000+02:00
Initializing packed structs with result location is problematic since storing to a packed struct field pointer involves loading the field first which can cause loading uninitialized memory unless specifically zeroed first. Since packed structs are integer backed now using aggregate init makes more sense and avoids this issue. Closes ziglang#13480
diff --git a/src/Compilation.zig b/src/Compilation.zig
@@ -3255,6 +3255,7 @@ fn processOneJob(comp: *Compilation, job: Job) !void {
             module.semaPkg(pkg) catch |err| switch (err) {
                 error.OutOfMemory => return error.OutOfMemory,
                 error.AnalysisFail => return,
+                else => unreachable,
             };
         },
         .glibc_crt_file => |crt_file| {
diff --git a/src/Sema.zig b/src/Sema.zig
@@ -4258,6 +4258,75 @@ fn validateStructInit(
     }
     try sema.resolveStructLayout(struct_ty);
 
+    if (struct_ty.containerLayout() == .Packed) {
+        // Convert stores to ptr into an aggregate init.
+        const element_refs = try sema.arena.alloc(Air.Inst.Ref, struct_ty.structFieldCount());
+
+        var block_index = block.instructions.items.len - 1;
+        var field_ptr_count = instrs.len;
+        while (block_index > 0 and field_ptr_count > 0) : (block_index -= 1) {
+            const store_inst = block.instructions.items[block_index];
+            if (air_tags[store_inst] != .store) continue;
+            const store_index = block_index;
+            const bin_op = air_datas[store_inst].bin_op;
+
+            var lhs_index = Air.refToIndex(bin_op.lhs) orelse continue;
+            var bitcast_index: ?usize = null;
+            {
+                if (air_tags[lhs_index] == .bitcast) {
+                    const lhs = air_datas[lhs_index].ty_op.operand;
+                    lhs_index = Air.refToIndex(lhs).?;
+                    var i = block_index;
+                    while (i > 0) : (i -= 1) {
+                        if (block.instructions.items[i] == lhs_index) {
+                            bitcast_index = i;
+                            break;
+                        }
+                    } else continue;
+                }
+            }
+
+            const index = switch (air_tags[lhs_index]) {
+                .struct_field_ptr_index_0 => 0,
+                .struct_field_ptr_index_1 => 1,
+                .struct_field_ptr_index_2 => 2,
+                .struct_field_ptr_index_3 => 3,
+                .struct_field_ptr => blk: {
+                    const ty_pl = air_datas[lhs_index].ty_pl;
+                    const struct_field = sema.getTmpAir().extraData(Air.StructField, ty_pl.payload).data;
+                    break :blk struct_field.field_index;
+                },
+                else => continue,
+            };
+
+            // Delete dead store, field_ptr and bitcast instructions.
+            _ = block.instructions.orderedRemove(store_index);
+            if (bitcast_index) |some| _ = block.instructions.orderedRemove(some);
+            block_index = block.instructions.items.len - 1;
+            while (block_index > 0) : (block_index -= 1) {
+                if (block.instructions.items[block_index] == lhs_index) {
+                    _ = block.instructions.orderedRemove(block_index);
+                    break;
+                }
+            }
+
+            field_ptr_count -= 1;
+            element_refs[index] = bin_op.rhs;
+            continue;
+        }
+
+        assert(field_ptr_count == 0); // Unable to eliminate all stores.
+        for (found_fields) |field_ptr, i| {
+            if (field_ptr != 0) continue;
+
+            element_refs[i] = try sema.addConstant(struct_ty.structFieldType(i), field_values[i]);
+        }
+
+        const init = try block.addAggregateInit(struct_ty, element_refs);
+        try sema.storePtr2(block, init_src, struct_ptr, init_src, init, init_src, .store);
+        return;
+    }
+
     // Our task is to insert `store` instructions for all the default field values.
     for (found_fields) |field_ptr, i| {
         if (field_ptr != 0) continue;
diff --git a/test/behavior.zig b/test/behavior.zig
@@ -116,6 +116,7 @@ test {
     _ = @import("behavior/bugs/13171.zig");
     _ = @import("behavior/bugs/13285.zig");
     _ = @import("behavior/bugs/13435.zig");
+    _ = @import("behavior/bugs/13480.zig");
     _ = @import("behavior/byteswap.zig");
     _ = @import("behavior/byval_arg_var.zig");
     _ = @import("behavior/call.zig");
diff --git a/test/behavior/bugs/13480.zig b/test/behavior/bugs/13480.zig
@@ -0,0 +1,32 @@
+const builtin = @import("builtin");
+const std = @import("std");
+const expect = std.testing.expect;
+
+const BitSet = packed struct {
+    mask: u7,
+};
+fn smash() void {
+    var stack: [0x500]u8 = undefined;
+    @memset(&stack, 0xFF, stack.len);
+}
+fn stackUp() void {
+    var space: [0x100]u8 = undefined;
+    part2();
+    _ = space;
+}
+fn part2() void {
+    var a: u7 = 0b0001000;
+    var mask_a = BitSet{
+        .mask = a,
+    };
+    if (mask_a.mask != 0b0001000) unreachable;
+}
+test {
+    if (builtin.zig_backend == .stage2_wasm) return error.SkipZigTest; // TODO
+    if (builtin.zig_backend == .stage2_x86_64) return error.SkipZigTest; // TODO
+    if (builtin.zig_backend == .stage2_aarch64) return error.SkipZigTest; // TODO
+    if (builtin.zig_backend == .stage2_arm) return error.SkipZigTest; // TODO
+
+    smash();
+    stackUp();
+}
