[cfe-commits] r148995 - in /cfe/trunk: lib/Sema/TreeTransform.h test/CodeGenCXX/c99-variable-length-array.cpp
Eli Friedman
eli.friedman at gmail.com
Wed Jan 25 15:20:27 PST 2012
Author: efriedma
Date: Wed Jan 25 17:20:27 2012
New Revision: 148995
URL: http://llvm.org/viewvc/llvm-project?rev=148995&view=rev
Log:
Don't stack-allocate an IntegerLiteral which can be referred to after the current method returns. PR11744, part 2.
Modified:
cfe/trunk/lib/Sema/TreeTransform.h
cfe/trunk/test/CodeGenCXX/c99-variable-length-array.cpp
Modified: cfe/trunk/lib/Sema/TreeTransform.h
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Sema/TreeTransform.h?rev=148995&r1=148994&r2=148995&view=diff
==============================================================================
--- cfe/trunk/lib/Sema/TreeTransform.h (original)
+++ cfe/trunk/lib/Sema/TreeTransform.h Wed Jan 25 17:20:27 2012
@@ -8325,9 +8325,12 @@
break;
}
- IntegerLiteral ArraySize(SemaRef.Context, *Size, SizeType,
- /*FIXME*/BracketsRange.getBegin());
- return SemaRef.BuildArrayType(ElementType, SizeMod, &ArraySize,
+ // Note that we can return a VariableArrayType here in the case where
+ // the element type was a dependent VariableArrayType.
+ IntegerLiteral *ArraySize
+ = IntegerLiteral::Create(SemaRef.Context, *Size, SizeType,
+ /*FIXME*/BracketsRange.getBegin());
+ return SemaRef.BuildArrayType(ElementType, SizeMod, ArraySize,
IndexTypeQuals, BracketsRange,
getDerived().getBaseEntity());
}
Modified: cfe/trunk/test/CodeGenCXX/c99-variable-length-array.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/CodeGenCXX/c99-variable-length-array.cpp?rev=148995&r1=148994&r2=148995&view=diff
==============================================================================
--- cfe/trunk/test/CodeGenCXX/c99-variable-length-array.cpp (original)
+++ cfe/trunk/test/CodeGenCXX/c99-variable-length-array.cpp Wed Jan 25 17:20:27 2012
@@ -25,3 +25,13 @@
// CHECK: call void @_ZN1XD1Ev
// CHECK: ret void
}
+
+namespace PR11744 {
+ // Make sure this doesn't crash; there was a use-after-free issue
+ // for this testcase.
+ template<typename T> int f(int n) {
+ T arr[3][n];
+ return 3;
+ }
+ int test = f<int>(0);
+}
More information about the cfe-commits
mailing list