From 914993123c91534e4fa1d32c93bc43341cb24a8c Mon Sep 17 00:00:00 2001
From: Robin Voetter <robin@voetter.nl>
Date: Tue, 26 Oct 2021 02:28:02 +0200
Subject: [PATCH 1/2] stage2: return proper pointer for c pointer orelse

---
 src/Sema.zig | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/Sema.zig b/src/Sema.zig
index 2562948e8e..924ff7b267 100644
--- a/src/Sema.zig
+++ b/src/Sema.zig
@@ -4666,7 +4666,16 @@ fn zirOptionalPayload(
             if (operand_ty.ptrSize() != .C) {
                 return sema.failWithExpectedOptionalType(block, src, operand_ty);
             }
-            break :t operand_ty;
+            const ptr_info = operand_ty.ptrInfo().data;
+            break :t try Type.ptr(sema.arena, .{
+                .pointee_type = try ptr_info.pointee_type.copy(sema.arena),
+                .@"align" = ptr_info.@"align",
+                .@"addrspace" = ptr_info.@"addrspace",
+                .mutable = ptr_info.mutable,
+                .@"allowzero" = ptr_info.@"allowzero",
+                .@"volatile" = ptr_info.@"volatile",
+                .size = .One,
+            });
         },
         else => return sema.failWithExpectedOptionalType(block, src, operand_ty),
     };

From f95ec229f8478eedbb59700cbd223367ebd89a86 Mon Sep 17 00:00:00 2001
From: Robin Voetter <robin@voetter.nl>
Date: Tue, 26 Oct 2021 02:29:07 +0200
Subject: [PATCH 2/2] stage2: fix use-after-free in analyzeBlockBody

---
 src/Sema.zig | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/Sema.zig b/src/Sema.zig
index 924ff7b267..6d087fde7e 100644
--- a/src/Sema.zig
+++ b/src/Sema.zig
@@ -3035,10 +3035,11 @@ fn analyzeBlockBody(
     // to emit a jump instruction to after the block when it encounters the break.
     try parent_block.instructions.append(gpa, merges.block_inst);
     const resolved_ty = try sema.resolvePeerTypes(parent_block, src, merges.results.items, .none);
+    const ty_inst = try sema.addType(resolved_ty);
     try sema.air_extra.ensureUnusedCapacity(gpa, @typeInfo(Air.Block).Struct.fields.len +
         child_block.instructions.items.len);
     sema.air_instructions.items(.data)[merges.block_inst] = .{ .ty_pl = .{
-        .ty = try sema.addType(resolved_ty),
+        .ty = ty_inst,
         .payload = sema.addExtraAssumeCapacity(Air.Block{
             .body_len = @intCast(u32, child_block.instructions.items.len),
         }),