[clang] 06bc685 - [ubsan] nullability-arg: Fix crash on C++ member pointers
Vedant Kumar via cfe-commits
cfe-commits at lists.llvm.org
Mon Sep 28 09:41:53 PDT 2020
Author: Vedant Kumar
Date: 2020-09-28T09:41:18-07:00
New Revision: 06bc685fa2400cc28282ab6dd3c917d45bfa662f
URL: https://github.com/llvm/llvm-project/commit/06bc685fa2400cc28282ab6dd3c917d45bfa662f
DIFF: https://github.com/llvm/llvm-project/commit/06bc685fa2400cc28282ab6dd3c917d45bfa662f.diff
LOG: [ubsan] nullability-arg: Fix crash on C++ member pointers
Extend -fsanitize=nullability-arg to handle call sites which accept C++
member pointers.
rdar://62476022
Differential Revision: https://reviews.llvm.org/D88336
Added:
clang/test/CodeGenCXX/ubsan-nullability-arg.cpp
Modified:
clang/lib/CodeGen/CGCall.cpp
clang/lib/CodeGen/CGExpr.cpp
clang/lib/CodeGen/CodeGenFunction.h
Removed:
################################################################################
diff --git a/clang/lib/CodeGen/CGCall.cpp b/clang/lib/CodeGen/CGCall.cpp
index 9ccbe87fab66..dd3f85617522 100644
--- a/clang/lib/CodeGen/CGCall.cpp
+++ b/clang/lib/CodeGen/CGCall.cpp
@@ -3785,10 +3785,7 @@ void CodeGenFunction::EmitNonNullArgCheck(RValue RV, QualType ArgType,
}
SanitizerScope SanScope(this);
- assert(RV.isScalar());
- llvm::Value *V = RV.getScalarVal();
- llvm::Value *Cond =
- Builder.CreateICmpNE(V, llvm::Constant::getNullValue(V->getType()));
+ llvm::Value *Cond = EmitNonNullRValueCheck(RV, ArgType);
llvm::Constant *StaticData[] = {
EmitCheckSourceLocation(ArgLoc), EmitCheckSourceLocation(AttrLoc),
llvm::ConstantInt::get(Int32Ty, ArgNo + 1),
diff --git a/clang/lib/CodeGen/CGExpr.cpp b/clang/lib/CodeGen/CGExpr.cpp
index 7351926035e6..27cf066466ca 100644
--- a/clang/lib/CodeGen/CGExpr.cpp
+++ b/clang/lib/CodeGen/CGExpr.cpp
@@ -1175,6 +1175,13 @@ Address CodeGenFunction::EmitPointerWithAlignment(const Expr *E,
return Address(EmitScalarExpr(E), Align);
}
+llvm::Value *CodeGenFunction::EmitNonNullRValueCheck(RValue RV, QualType T) {
+ llvm::Value *V = RV.getScalarVal();
+ if (auto MPT = T->getAs<MemberPointerType>())
+ return CGM.getCXXABI().EmitMemberPointerIsNotNull(*this, V, MPT);
+ return Builder.CreateICmpNE(V, llvm::Constant::getNullValue(V->getType()));
+}
+
RValue CodeGenFunction::GetUndefRValue(QualType Ty) {
if (Ty->isVoidType())
return RValue::get(nullptr);
diff --git a/clang/lib/CodeGen/CodeGenFunction.h b/clang/lib/CodeGen/CodeGenFunction.h
index eb8a1125c7b6..16656de4e8f7 100644
--- a/clang/lib/CodeGen/CodeGenFunction.h
+++ b/clang/lib/CodeGen/CodeGenFunction.h
@@ -3566,6 +3566,9 @@ class CodeGenFunction : public CodeGenTypeCache {
// LValue Expression Emission
//===--------------------------------------------------------------------===//
+ /// Create a check that a scalar RValue is non-null.
+ llvm::Value *EmitNonNullRValueCheck(RValue RV, QualType T);
+
/// GetUndefRValue - Get an appropriate 'undef' rvalue for the given type.
RValue GetUndefRValue(QualType Ty);
diff --git a/clang/test/CodeGenCXX/ubsan-nullability-arg.cpp b/clang/test/CodeGenCXX/ubsan-nullability-arg.cpp
new file mode 100644
index 000000000000..fbebd153a9ea
--- /dev/null
+++ b/clang/test/CodeGenCXX/ubsan-nullability-arg.cpp
@@ -0,0 +1,51 @@
+// RUN: %clang_cc1 -x c++ -triple x86_64-apple-darwin10 -emit-llvm -o - %s -fsanitize=nullability-arg | FileCheck %s -check-prefixes=ITANIUM,ALL
+// RUN: %clang_cc1 -x c++ -triple x86_64-pc-windows-msvc -emit-llvm -o - %s -fsanitize=nullability-arg | FileCheck %s -check-prefixes=MSVC,ALL
+
+namespace method_ptr {
+
+struct S0 {
+ void foo1();
+};
+
+void foo1(void (S0::*_Nonnull f)());
+
+// ITANIUM-LABEL: @_ZN10method_ptr5test1Ev(){{.*}} {
+// ITANIUM: br i1 icmp ne (i64 ptrtoint (void (%"struct.method_ptr::S0"*)* @_ZN10method_ptr2S04foo1Ev to i64), i64 0), label %[[CONT:.*]], label %[[FAIL:[^,]*]]
+// ITANIUM-EMPTY:
+// ITANIUM-NEXT: [[FAIL]]:
+// ITANIUM-NEXT: call void @__ubsan_handle_nullability_arg
+
+// MSVC-LABEL: @"?test1 at method_ptr@@YAXXZ"(){{.*}} {
+// MSVC: br i1 true, label %[[CONT:.*]], label %[[FAIL:[^,]*]]
+// MSVC-EMPTY:
+// MSVC-NEXT: [[FAIL]]:
+// MSVC-NEXT: call void @__ubsan_handle_nullability_arg
+void test1() {
+ foo1(&S0::foo1);
+}
+
+} // namespace method_ptr
+
+namespace data_ptr {
+
+struct S0 {
+ int field1;
+};
+
+using member_ptr = int S0::*;
+
+void foo1(member_ptr _Nonnull);
+
+// ITANIUM-LABEL: @_ZN8data_ptr5test1ENS_2S0E(
+// MSVC-LABEL: @"?test1 at data_ptr@@YAXUS0 at 1@@Z"(
+// ALL: [[DATA_PTR_CHECK:%.*]] = icmp ne {{.*}}, -1, !nosanitize
+// ALL-NEXT: br i1 [[DATA_PTR_CHECK]], label %[[CONT:.*]], label %[[FAIL:[^,]+]]
+// ALL-EMPTY:
+// ALL-NEXT: [[FAIL]]:
+// ALL-NEXT: call void @__ubsan_handle_nullability_arg
+void test1(S0 s) {
+ int S0::*member = &S0::field1;
+ foo1(member);
+}
+
+} // namespace data_ptr
More information about the cfe-commits
mailing list