[GR-34614][GR-46727] Fix accessing uninitialized memory after extending native storage

PullRequest: graalpython/2848

Author: msimacek

graalpython/com.oracle.graal.python.cext/src/errors.c

@@ -43,7 +43,7 @@
 #undef PyErr_BadInternalCall
 void PyErr_BadInternalCall(void) {
     assert(0 && "bad argument to internal function");
-    Graal_PyTruffleErr_CreateAndSetException(PyExc_SystemError, truffleString("bad argument to internal function"));
+    PyErr_SetString(PyExc_SystemError, "bad argument to internal function");
 }
 #define PyErr_BadInternalCall() _PyErr_BadInternalCall(__FILE__, __LINE__)
 

graalpython/com.oracle.graal.python/src/com/oracle/graal/python/builtins/modules/cext/PythonCextBuiltinRegistry.java

@@ -76,8 +76,8 @@ private PythonCextBuiltinRegistry() {
     public static final CApiBuiltinExecutable PyCapsule_SetPointer = new CApiBuiltinExecutable("PyCapsule_SetPointer", CApiCallPath.Direct, ArgDescriptor.Int, new ArgDescriptor[]{ArgDescriptor.PyObject, ArgDescriptor.Pointer}, 15);
     public static final CApiBuiltinExecutable PyClassMethod_New = new CApiBuiltinExecutable("PyClassMethod_New", CApiCallPath.Direct, ArgDescriptor.PyObjectTransfer, new ArgDescriptor[]{ArgDescriptor.PyObject}, 16);
     public static final CApiBuiltinExecutable PyCode_Addr2Line = new CApiBuiltinExecutable("PyCode_Addr2Line", CApiCallPath.Direct, ArgDescriptor.Int, new ArgDescriptor[]{ArgDescriptor.PyCodeObject, ArgDescriptor.Int}, 17);
-    public static final CApiBuiltinExecutable PyCode_GetFileName = new CApiBuiltinExecutable("PyCode_GetFileName", CApiCallPath.Direct, ArgDescriptor.PyObjectBorrowed, new ArgDescriptor[]{ArgDescriptor.PyCodeObject}, 18);
-    public static final CApiBuiltinExecutable PyCode_GetName = new CApiBuiltinExecutable("PyCode_GetName", CApiCallPath.Direct, ArgDescriptor.PyObjectBorrowed, new ArgDescriptor[]{ArgDescriptor.PyCodeObject}, 19);
+    public static final CApiBuiltinExecutable PyCode_GetFileName = new CApiBuiltinExecutable("PyCode_GetFileName", CApiCallPath.Direct, ArgDescriptor.PyObjectTransfer, new ArgDescriptor[]{ArgDescriptor.PyCodeObject}, 18);
+    public static final CApiBuiltinExecutable PyCode_GetName = new CApiBuiltinExecutable("PyCode_GetName", CApiCallPath.Direct, ArgDescriptor.PyObjectTransfer, new ArgDescriptor[]{ArgDescriptor.PyCodeObject}, 19);
     public static final CApiBuiltinExecutable PyCode_New = new CApiBuiltinExecutable("PyCode_New", CApiCallPath.Direct, ArgDescriptor.PyCodeObjectTransfer, new ArgDescriptor[]{ArgDescriptor.Int, ArgDescriptor.Int, ArgDescriptor.Int, ArgDescriptor.Int, ArgDescriptor.Int, ArgDescriptor.PyObject, ArgDescriptor.PyObject, ArgDescriptor.PyObject, ArgDescriptor.PyObject, ArgDescriptor.PyObject, ArgDescriptor.PyObject, ArgDescriptor.PyObject, ArgDescriptor.PyObject, ArgDescriptor.Int, ArgDescriptor.PyObject}, 20);
     public static final CApiBuiltinExecutable PyCode_NewEmpty = new CApiBuiltinExecutable("PyCode_NewEmpty", CApiCallPath.Direct, ArgDescriptor.PyCodeObjectTransfer, new ArgDescriptor[]{ArgDescriptor.ConstCharPtrAsTruffleString, ArgDescriptor.ConstCharPtrAsTruffleString, ArgDescriptor.Int}, 21);
     public static final CApiBuiltinExecutable PyCode_NewWithPosOnlyArgs = new CApiBuiltinExecutable("PyCode_NewWithPosOnlyArgs", CApiCallPath.Direct, ArgDescriptor.PyCodeObjectTransfer, new ArgDescriptor[]{ArgDescriptor.Int, ArgDescriptor.Int, ArgDescriptor.Int, ArgDescriptor.Int, ArgDescriptor.Int, ArgDescriptor.Int, ArgDescriptor.PyObject, ArgDescriptor.PyObject, ArgDescriptor.PyObject, ArgDescriptor.PyObject, ArgDescriptor.PyObject, ArgDescriptor.PyObject, ArgDescriptor.PyObject, ArgDescriptor.PyObject, ArgDescriptor.Int, ArgDescriptor.PyObject}, 22);

graalpython/com.oracle.graal.python/src/com/oracle/graal/python/builtins/modules/cext/PythonCextCodeBuiltins.java

@@ -46,7 +46,7 @@
 import static com.oracle.graal.python.builtins.objects.cext.capi.transitions.ArgDescriptor.PyCodeObject;
 import static com.oracle.graal.python.builtins.objects.cext.capi.transitions.ArgDescriptor.PyCodeObjectTransfer;
 import static com.oracle.graal.python.builtins.objects.cext.capi.transitions.ArgDescriptor.PyObject;
-import static com.oracle.graal.python.builtins.objects.cext.capi.transitions.ArgDescriptor.PyObjectBorrowed;
+import static com.oracle.graal.python.builtins.objects.cext.capi.transitions.ArgDescriptor.PyObjectTransfer;
 import static com.oracle.graal.python.util.PythonUtils.EMPTY_BYTE_ARRAY;
 import static com.oracle.graal.python.util.PythonUtils.EMPTY_OBJECT_ARRAY;
 import static com.oracle.graal.python.util.PythonUtils.EMPTY_TRUFFLESTRING_ARRAY;
@@ -132,15 +132,15 @@ static int addr2line(PCode code, int bci) {
         }
     }
 
-    @CApiBuiltin(ret = PyObjectBorrowed, args = {PyCodeObject}, call = Direct)
+    @CApiBuiltin(ret = PyObjectTransfer, args = {PyCodeObject}, call = Direct)
     abstract static class PyCode_GetName extends CApiUnaryBuiltinNode {
         @Specialization
         static Object get(PCode code) {
             return code.getName();
         }
     }
 
-    @CApiBuiltin(ret = PyObjectBorrowed, args = {PyCodeObject}, call = Direct)
+    @CApiBuiltin(ret = PyObjectTransfer, args = {PyCodeObject}, call = Direct)
     abstract static class PyCode_GetFileName extends CApiUnaryBuiltinNode {
         @Specialization
         static Object get(PCode code) {

graalpython/com.oracle.graal.python/src/com/oracle/graal/python/builtins/modules/cext/PythonCextListBuiltins.java

@@ -44,12 +44,12 @@
 import static com.oracle.graal.python.builtins.PythonBuiltinClassType.SystemError;
 import static com.oracle.graal.python.builtins.modules.cext.PythonCextBuiltins.CApiCallPath.Direct;
 import static com.oracle.graal.python.builtins.objects.cext.capi.transitions.ArgDescriptor.Int;
-import static com.oracle.graal.python.builtins.objects.cext.capi.transitions.ArgDescriptor.Void;
 import static com.oracle.graal.python.builtins.objects.cext.capi.transitions.ArgDescriptor.PyListObject;
 import static com.oracle.graal.python.builtins.objects.cext.capi.transitions.ArgDescriptor.PyObject;
 import static com.oracle.graal.python.builtins.objects.cext.capi.transitions.ArgDescriptor.PyObjectBorrowed;
 import static com.oracle.graal.python.builtins.objects.cext.capi.transitions.ArgDescriptor.PyObjectTransfer;
 import static com.oracle.graal.python.builtins.objects.cext.capi.transitions.ArgDescriptor.Py_ssize_t;
+import static com.oracle.graal.python.builtins.objects.cext.capi.transitions.ArgDescriptor.Void;
 import static com.oracle.graal.python.nodes.ErrorMessages.BAD_ARG_TO_INTERNAL_FUNC_S;
 
 import java.util.Arrays;
@@ -66,7 +66,6 @@
 import com.oracle.graal.python.builtins.objects.common.SequenceStorageNodes;
 import com.oracle.graal.python.builtins.objects.common.SequenceStorageNodes.GetItemScalarNode;
 import com.oracle.graal.python.builtins.objects.common.SequenceStorageNodes.ListGeneralizationNode;
-import com.oracle.graal.python.builtins.objects.common.SequenceStorageNodes.SetItemNode;
 import com.oracle.graal.python.builtins.objects.common.SequenceStorageNodes.SetItemScalarNode;
 import com.oracle.graal.python.builtins.objects.list.ListBuiltins;
 import com.oracle.graal.python.builtins.objects.list.ListBuiltins.ListExtendNode;
@@ -296,11 +295,13 @@ int fallback(Object list, @SuppressWarnings("unused") Object i, @SuppressWarning
     abstract static class _PyList_SET_ITEM extends CApiTernaryBuiltinNode {
         @Specialization
         int doManaged(PList list, long index, Object element,
-                        @Cached("createSetItem()") SequenceStorageNodes.SetItemNode setItemNode,
+                        @Cached ListGeneralizationNode generalizationNode,
+                        @Cached SequenceStorageNodes.InitializeItemScalarNode setItemNode,
                         @Cached ConditionProfile generalizedProfile) {
             SequenceStorage sequenceStorage = list.getSequenceStorage();
             checkBounds(sequenceStorage, index);
-            SequenceStorage newStorage = setItemNode.execute(null, sequenceStorage, (int) index, element);
+            SequenceStorage newStorage = generalizationNode.execute(sequenceStorage, element);
+            setItemNode.execute(newStorage, (int) index, element);
             if (generalizedProfile.profile(list.getSequenceStorage() != newStorage)) {
                 list.setSequenceStorage(newStorage);
             }
@@ -329,10 +330,6 @@ private void checkBounds(SequenceStorage sequenceStorage, long index) {
                 throw raise(IndexError, ErrorMessages.INDEX_OUT_OF_BOUNDS);
             }
         }
-
-        protected static SetItemNode createSetItem() {
-            return SetItemNode.create(null, ListGeneralizationNode::create);
-        }
     }
 
     @CApiBuiltin(ret = Int, args = {PyObject}, call = Direct)

graalpython/com.oracle.graal.python/src/com/oracle/graal/python/builtins/modules/cext/PythonCextTupleBuiltins.java

@@ -133,7 +133,8 @@ protected static SetItemNode createSetItem() {
     abstract static class _PyTuple_SET_ITEM extends CApiTernaryBuiltinNode {
         @Specialization
         int doManaged(PTuple tuple, long index, Object element,
-                        @Cached("createSetItem()") SequenceStorageNodes.SetItemNode setItemNode,
+                        @Cached ListGeneralizationNode generalizationNode,
+                        @Cached SequenceStorageNodes.InitializeItemScalarNode setItemNode,
                         @Cached ConditionProfile generalizedProfile) {
             // we cannot assume that there is nothing already in the tuple, because the API usage
             // is valid if the tuple has never been visible to Python code so far, and it is up to
@@ -142,7 +143,8 @@ int doManaged(PTuple tuple, long index, Object element,
             // times
             SequenceStorage sequenceStorage = tuple.getSequenceStorage();
             checkBounds(sequenceStorage, index);
-            SequenceStorage newStorage = setItemNode.execute(null, sequenceStorage, (int) index, element);
+            SequenceStorage newStorage = generalizationNode.execute(sequenceStorage, element);
+            setItemNode.execute(newStorage, (int) index, element);
             if (generalizedProfile.profile(tuple.getSequenceStorage() != newStorage)) {
                 tuple.setSequenceStorage(newStorage);
             }
@@ -171,10 +173,6 @@ private void checkBounds(SequenceStorage sequenceStorage, long index) {
                 throw raise(IndexError, ErrorMessages.TUPLE_OUT_OF_BOUNDS);
             }
         }
-
-        protected static SetItemNode createSetItem() {
-            return SetItemNode.create(null, ListGeneralizationNode::create);
-        }
     }
 
     @CApiBuiltin(ret = PyObjectBorrowed, args = {PyObject, Py_ssize_t}, call = Direct)