r213434 - CodeGen: Properly null-check typeid expressions
David Majnemer
david.majnemer at gmail.com
Fri Jul 18 17:17:07 PDT 2014
Author: majnemer
Date: Fri Jul 18 19:17:06 2014
New Revision: 213434
URL: http://llvm.org/viewvc/llvm-project?rev=213434&view=rev
Log:
CodeGen: Properly null-check typeid expressions
Thoroughly check for a pointer dereference which yields a glvalue. Look
through casts, comma operators, conditional operators, paren
expressions, etc.
This was originally D4416.
Differential Revision: http://reviews.llvm.org/D4592
Added:
cfe/trunk/test/CodeGenCXX/typeid-should-throw.cpp
Modified:
cfe/trunk/lib/CodeGen/CGExprCXX.cpp
Modified: cfe/trunk/lib/CodeGen/CGExprCXX.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/CGExprCXX.cpp?rev=213434&r1=213433&r2=213434&view=diff
==============================================================================
--- cfe/trunk/lib/CodeGen/CGExprCXX.cpp (original)
+++ cfe/trunk/lib/CodeGen/CGExprCXX.cpp Fri Jul 18 19:17:06 2014
@@ -1615,6 +1615,38 @@ void CodeGenFunction::EmitCXXDeleteExpr(
EmitBlock(DeleteEnd);
}
+static bool isGLValueFromPointerDeref(const Expr *E) {
+ E = E->IgnoreParens();
+
+ if (const auto *CE = dyn_cast<CastExpr>(E)) {
+ if (!CE->getSubExpr()->isGLValue())
+ return false;
+ return isGLValueFromPointerDeref(CE->getSubExpr());
+ }
+
+ if (const auto *OVE = dyn_cast<OpaqueValueExpr>(E))
+ return isGLValueFromPointerDeref(OVE->getSourceExpr());
+
+ if (const auto *BO = dyn_cast<BinaryOperator>(E))
+ if (BO->getOpcode() == BO_Comma)
+ return isGLValueFromPointerDeref(BO->getRHS());
+
+ if (const auto *ACO = dyn_cast<AbstractConditionalOperator>(E))
+ return isGLValueFromPointerDeref(ACO->getTrueExpr()) ||
+ isGLValueFromPointerDeref(ACO->getFalseExpr());
+
+ // C++11 [expr.sub]p1:
+ // The expression E1[E2] is identical (by definition) to *((E1)+(E2))
+ if (isa<ArraySubscriptExpr>(E))
+ return true;
+
+ if (const auto *UO = dyn_cast<UnaryOperator>(E))
+ if (UO->getOpcode() == UO_Deref)
+ return true;
+
+ return false;
+}
+
static llvm::Value *EmitTypeidFromVTable(CodeGenFunction &CGF, const Expr *E,
llvm::Type *StdTypeInfoPtrTy) {
// Get the vtable pointer.
@@ -1624,13 +1656,13 @@ static llvm::Value *EmitTypeidFromVTable
// If the glvalue expression is obtained by applying the unary * operator to
// a pointer and the pointer is a null pointer value, the typeid expression
// throws the std::bad_typeid exception.
- bool IsDeref = false;
- if (const UnaryOperator *UO = dyn_cast<UnaryOperator>(E->IgnoreParens()))
- if (UO->getOpcode() == UO_Deref)
- IsDeref = true;
-
+ //
+ // However, this paragraph's intent is not clear. We choose a very generous
+ // interpretation which implores us to consider comma operators, conditional
+ // operators, parentheses and other such constructs.
QualType SrcRecordTy = E->getType();
- if (CGF.CGM.getCXXABI().shouldTypeidBeNullChecked(IsDeref, SrcRecordTy)) {
+ if (CGF.CGM.getCXXABI().shouldTypeidBeNullChecked(
+ isGLValueFromPointerDeref(E), SrcRecordTy)) {
llvm::BasicBlock *BadTypeidBlock =
CGF.createBasicBlock("typeid.bad_typeid");
llvm::BasicBlock *EndBlock = CGF.createBasicBlock("typeid.end");
Added: cfe/trunk/test/CodeGenCXX/typeid-should-throw.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/CodeGenCXX/typeid-should-throw.cpp?rev=213434&view=auto
==============================================================================
--- cfe/trunk/test/CodeGenCXX/typeid-should-throw.cpp (added)
+++ cfe/trunk/test/CodeGenCXX/typeid-should-throw.cpp Fri Jul 18 19:17:06 2014
@@ -0,0 +1,82 @@
+// RUN: %clang_cc1 %s -triple %itanium_abi_triple -Wno-unused-value -emit-llvm -o - -std=c++11 | FileCheck %s
+namespace std {
+struct type_info;
+}
+
+struct A {
+ virtual ~A();
+ operator bool();
+};
+struct B : A {};
+
+void f1(A *x) { typeid(false, *x); }
+// CHECK-LABEL: define void @_Z2f1P1A
+// CHECK: icmp eq {{.*}}, null
+// CHECK-NEXT: br i1
+
+void f2(bool b, A *x, A *y) { typeid(b ? *x : *y); }
+// CHECK-LABEL: define void @_Z2f2bP1AS0_
+// CHECK: icmp eq {{.*}}, null
+// CHECK-NEXT: br i1
+
+void f3(bool b, A *x, A &y) { typeid(b ? *x : y); }
+// CHECK-LABEL: define void @_Z2f3bP1ARS_
+// CHECK: icmp eq {{.*}}, null
+// CHECK-NEXT: br i1
+
+void f4(bool b, A &x, A *y) { typeid(b ? x : *y); }
+// CHECK-LABEL: define void @_Z2f4bR1APS_
+// CHECK: icmp eq {{.*}}, null
+// CHECK-NEXT: br i1
+
+void f5(volatile A *x) { typeid(*x); }
+// CHECK-LABEL: define void @_Z2f5PV1A
+// CHECK: icmp eq {{.*}}, null
+// CHECK-NEXT: br i1
+
+void f6(A *x) { typeid((B &)*(B *)x); }
+// CHECK-LABEL: define void @_Z2f6P1A
+// CHECK: icmp eq {{.*}}, null
+// CHECK-NEXT: br i1
+
+void f7(A *x) { typeid((*x)); }
+// CHECK-LABEL: define void @_Z2f7P1A
+// CHECK: icmp eq {{.*}}, null
+// CHECK-NEXT: br i1
+
+void f8(A *x) { typeid(x[0]); }
+// CHECK-LABEL: define void @_Z2f8P1A
+// CHECK: icmp eq {{.*}}, null
+// CHECK-NEXT: br i1
+
+void f9(A *x) { typeid(0[x]); }
+// CHECK-LABEL: define void @_Z2f9P1A
+// CHECK: icmp eq {{.*}}, null
+// CHECK-NEXT: br i1
+
+void f10(A *x, A *y) { typeid(*y ?: *x); }
+// CHECK-LABEL: define void @_Z3f10P1AS0_
+// CHECK: icmp eq {{.*}}, null
+// CHECK-NEXT: br i1
+
+void f11(A *x, A &y) { typeid(*x ?: y); }
+// CHECK-LABEL: define void @_Z3f11P1ARS_
+// CHECK: icmp eq {{.*}}, null
+// CHECK-NEXT: br i1
+
+void f12(A &x, A *y) { typeid(x ?: *y); }
+// CHECK-LABEL: define void @_Z3f12R1APS_
+// CHECK: icmp eq {{.*}}, null
+// CHECK-NEXT: br i1
+
+void f13(A &x, A &y) { typeid(x ?: y); }
+// CHECK-LABEL: define void @_Z3f13R1AS0_
+// CHECK-NOT: icmp eq {{.*}}, null
+
+void f14(A *x) { typeid((const A &)(A)*x); }
+// CHECK-LABEL: define void @_Z3f14P1A
+// CHECK-NOT: icmp eq {{.*}}, null
+
+void f15(A *x) { typeid((A &&)*(A *)nullptr); }
+// CHECK-LABEL: define void @_Z3f15P1A
+// CHECK-NOT: icmp eq {{.*}}, null
More information about the cfe-commits
mailing list