[PATCH] D72910: Fix a bug with clang with object destructor creation, while skipping object initialization - make clang crash

ido via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Fri Jan 17 02:47:15 PST 2020 

ykfre created this revision.
ykfre added a project: clang.
Herald added a subscriber: cfe-commits.

The following code crashes clang:

extern int g;

class A
{
public:
	A() {};
	~A() {};
};

void b()
{
	if(g)
	{

  		goto clean_up;

}
	A a;

  int i = 0;

clean_up:
	return;
}

with

1> #0 0x00007ff6e6716a72 C:\Program Files\LLVM\bin\clang-cl.exe 0x2e96a72 C:\Program Files\LLVM\bin\clang-cl.exe 0x2e8c649
1> #1 0x00007ff6e6716a72 C:\Program Files\LLVM\bin\clang-cl.exe 0x2e95c08 C:\Program Files\LLVM\bin\clang-cl.exe 0x2e92890
1> #2 0x00007ff6e6716a72 C:\Program Files\LLVM\bin\clang-cl.exe 0x2e95c08 C:\Program Files\LLVM\bin\clang-cl.exe 0x2e848f1
1> #3 0x00007ff6e6716a72 C:\Program Files\LLVM\bin\clang-cl.exe 0x2e78c88 C:\Program Files\LLVM\bin\clang-cl.exe 0x2d55688
1> #4 0x00007ff6e6716a72 C:\Program Files\LLVM\bin\clang-cl.exe 0x284c373 C:\Program Files\LLVM\bin\clang-cl.exe 0x29b2353
1> #5 0x00007ff6e6716a72 C:\Program Files\LLVM\bin\clang-cl.exe 0x27e0271 C:\Program Files\LLVM\bin\clang-cl.exe 0x276351e
1> #6 0x00007ff6e6716a72 C:\Program Files\LLVM\bin\clang-cl.exe 0x27a6c62 C:\Program Files\LLVM\bin\clang-cl.exe 0x276289b
1> #7 0x00007ff6e6716a72 C:\Program Files\LLVM\bin\clang-cl.exe 0x276222c C:\Program Files\LLVM\bin\clang-cl.exe 0x27610c3
1> #8 0x00007ff6e6716a72 C:\Program Files\LLVM\bin\clang-cl.exe 0x275f602 C:\Program Files\LLVM\bin\clang-cl.exe 0x275b44e
1> #9 0x00007ff6e6716a72 C:\Program Files\LLVM\bin\clang-cl.exe 0x1cb3492 C:\Program Files\LLVM\bin\clang-cl.exe 0x1c771cf
1>#10 0x00007ff6e6716a72 C:\Program Files\LLVM\bin\clang-cl.exe 0x1d09c87 C:\Program Files\LLVM\bin\clang-cl.exe 0x6e87
1>#11 0x00007ff6e6716a72 C:\Program Files\LLVM\bin\clang-cl.exe 0x4564 C:\Program Files\LLVM\bin\clang-cl.exe 0x33dda20
1>#12 0x00007ff6e6716a72 (C:\Program Files\LLVM\bin\clang-cl.exe+0x2e96a72)
1>#13 0x00007ff6e670c649 (C:\Program Files\LLVM\bin\clang-cl.exe+0x2e8c649)
1>0x00007FF6E6716A72 (0x00007FF6E6709BA1 0x000000000000001E 0x000002A9CC1695B0 0x000002A9CC1665E8)
1>0x00007FF6E670C649 (0x000002A9CC047FA0 0x00007FF6E6794E62 0x000002A9CC1762B0 0x00003A857DAE5EDC)
1>0x00007FF6E6715C08 (0x0000000000000000 0x000002A9CC168780 0x0000000000000001 0x00007FF6E6703CAF)
1>0x00007FF6E6712890 (0x000002A9CC176060 0x00007FF6E6703A01 0x0000000000000050 0x00003A857DAE5B9C)
1>0x00007FF6E6715C08 (0x7A696C616974696E 0x0000026E6F697461 0x000002A9CC028820 0x00007FF6E7D6A2E0)
1>0x00007FF6E67048F1 (0x000002A9CC1665E8 0x000002A9CC0BBCE0 0x0000000000000001 0x00007FF60000005C)
1>0x00007FF6E66F8C88 (0x00003A857DAE50AC 0x000002A9CC166AF0 0x0000000000000000 0x000002A9CC029710)
1>0x00007FF6E65D5688 (0x00003A857DAE2FDC 0x000000C804D8C360 0x000000C804D8C310 0x0000000400000000)
1>0x00007FF6E60CC373 (0x000002A9CC1648E8 0x000002A9CC0BDDF0 0xFFFFFFFFFFFFFFFF 0x000002A9CC1665E8)
1>0x00007FF6E6232353 (0x000002A9CC1665E8 0x00007FF6E6273AEC 0x0000000000000000 0x000002A9CC0B97E0)
1>0x00007FF6E6060271 (0x0000000000000000 0x00007FF6E600C3FA 0x00007FF6E6A61724 0x000002A900000000)
1>0x00007FF6E5FE351E (0x000002A9CC03E658 0x000000C804D8CB28 0x0000000000000041 0x000000C804D8CB20)
1>0x00007FF6E6026C62 (0x000002A9CC0C02B4 0x0000000000000000 0x0000000000000050 0x000002A9CC0C0CC0)
1>0x00007FF6E5FE289B (0x000002A9CC143DD0 0x000002A9CC03A330 0x0000000000000001 0x00007FF6E679978F)
1>0x00007FF6E5FE222C (0x00003A857DAE3BAC 0x000000C804D8D918 0x000002A9CC0377B0 0x0000000000000001)
1>0x00007FF6E5FE10C3 (0x000002A9CBFE5FD0 0x00007FF6E6C4974E 0x000000C804D8F960 0x000000C804D8DA30)
1>0x00007FF6E5FDF602 (0x000000C804D8DB38 0x000000C804D8DB48 0x000000C804D8DB78 0x00007FF6E54F42AA)
1>0x00007FF6E5FDB44E (0x000002A9CC023500 0x00003A857DAE3BFC 0x0000000000000000 0x000000000000000F)
1>0x00007FF6E5533492 (0x000002A9CBFF7990 0x00007FF600000000 0x00000000000000C0 0x0000003404D8DB68)
1>0x00007FF6E54F71CF (0x00007FF6E6C61901 0x000002A900000000 0x000000C804D8EA01 0x0000000000000000)
1>0x00007FF6E5589C87 (0x0000000000000200 0x000002A9CC021FA0 0x000002A9CBFCEE40 0x0000000000000101)
1>0x00007FF6E3886E87 (0x0000000000000000 0x00000000000000A8 0x00000000000006B0 0x0000000000000000)
1>0x00007FF6E3884564 (0x0000000000000000 0x0000000000000000 0x0000000000000000 0x0000000000000000)
1>0x00007FF6E6C5DA20 (0x0000000000000000 0x0000000000000000 0x0000000000000000 0x0000000000000000)
1>0x00007FFCF9027BD4 (0x0000000000000000 0x0000000000000000 0x0000000000000000 0x0000000000000000), BaseThreadInitThunk() + 0x14 bytes(s)
1>0x00007FFCF992CED1 (0x0000000000000000 0x0000000000000000 0x0000000000000000 0x0000000000000000), RtlUserThreadStart() + 0x21 bytes(s)
1>clang-cl : error : clang frontend command failed due to signal (use -v to see invocation)


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D72910

Files:
  clang/lib/Analysis/CFG.cpp


Index: clang/lib/Analysis/CFG.cpp
===================================================================
--- clang/lib/Analysis/CFG.cpp
+++ clang/lib/Analysis/CFG.cpp
@@ -1837,6 +1837,11 @@
   // this sequence up and replay them in reverse order when appending onto the
   // CFGBlock(s).
   SmallVector<VarDecl*, 10> Decls;
+
+  // Handles the case where goto skips initialization, but there is a destructor to the object.
+  if (B == LocalScope::const_iterator())
+      return;
+  
   Decls.reserve(B.distance(E));
   for (LocalScope::const_iterator I = B; I != E; ++I)
     Decls.push_back(*I);


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D72910.238722.patch
Type: text/x-patch
Size: 596 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20200117/7cacbc73/attachment.bin>

More information about the cfe-commits mailing list