[clang] d260a10 - [clang] Fix crash during template sema checking

Guillaume Chatelet via cfe-commits cfe-commits at lists.llvm.org
Sat Mar 21 04:42:18 PDT 2020 

Author: Guillaume Chatelet
Date: 2020-03-21T12:42:06+01:00
New Revision: d260a10d98dff6e34d081e570df1f7c0a50b9a73

URL: https://github.com/llvm/llvm-project/commit/d260a10d98dff6e34d081e570df1f7c0a50b9a73
DIFF: https://github.com/llvm/llvm-project/commit/d260a10d98dff6e34d081e570df1f7c0a50b9a73.diff

LOG: [clang] Fix crash during template sema checking

Summary: If the size parameter of `__builtin_memcpy_inline` comes from an un-instantiated template parameter current code would crash.

Reviewers: efriedma, courbet

Subscribers: cfe-commits

Tags: #clang

Differential Revision: https://reviews.llvm.org/D76504

Added: 
    clang/test/Sema/builtins-memcpy-inline.cpp

Modified: 
    clang/lib/Sema/SemaChecking.cpp

Removed: 
    clang/test/Sema/builtins-memcpy-inline.c


################################################################################
diff  --git a/clang/lib/Sema/SemaChecking.cpp b/clang/lib/Sema/SemaChecking.cpp
index 8a2b4b019663..c3e168c1e736 100644
--- a/clang/lib/Sema/SemaChecking.cpp
+++ b/clang/lib/Sema/SemaChecking.cpp
@@ -1649,11 +1649,16 @@ Sema::CheckBuiltinFunctionCall(FunctionDecl *FDecl, unsigned BuiltinID,
   case Builtin::BI__builtin_nontemporal_store:
     return SemaBuiltinNontemporalOverloaded(TheCallResult);
   case Builtin::BI__builtin_memcpy_inline: {
-    // __builtin_memcpy_inline size argument is a constant by definition.
-    if (TheCall->getArg(2)->EvaluateKnownConstInt(Context).isNullValue())
+    clang::Expr *SizeOp = TheCall->getArg(2);
+    // We warn about copying to or from `nullptr` pointers when `size` is
+    // greater than 0. When `size` is value dependent we cannot evaluate its
+    // value so we bail out.
+    if (SizeOp->isValueDependent())
       break;
-    CheckNonNullArgument(*this, TheCall->getArg(0), TheCall->getExprLoc());
-    CheckNonNullArgument(*this, TheCall->getArg(1), TheCall->getExprLoc());
+    if (!SizeOp->EvaluateKnownConstInt(Context).isNullValue()) {
+      CheckNonNullArgument(*this, TheCall->getArg(0), TheCall->getExprLoc());
+      CheckNonNullArgument(*this, TheCall->getArg(1), TheCall->getExprLoc());
+    }
     break;
   }
 #define BUILTIN(ID, TYPE, ATTRS)

diff  --git a/clang/test/Sema/builtins-memcpy-inline.c b/clang/test/Sema/builtins-memcpy-inline.cpp
similarity index 86%
rename from clang/test/Sema/builtins-memcpy-inline.c
rename to clang/test/Sema/builtins-memcpy-inline.cpp
index 6d0edce92a11..5e03a975a71b 100644
--- a/clang/test/Sema/builtins-memcpy-inline.c
+++ b/clang/test/Sema/builtins-memcpy-inline.cpp
@@ -30,3 +30,9 @@ void test_memcpy_inline_null_buffer_is_ok_if_size_is_zero(void *ptr) {
 void test_memcpy_inline_non_constant_size(void *dst, const void *src, unsigned size) {
   __builtin_memcpy_inline(dst, src, size); // expected-error {{argument to '__builtin_memcpy_inline' must be a constant integer}}
 }
+
+template <unsigned size>
+void test_memcpy_inline_template(void *dst, const void *src) {
+  // we do not try to evaluate size in non intantiated templates.
+  __builtin_memcpy_inline(dst, src, size);
+}

More information about the cfe-commits mailing list