[clang] 968be05 - [clang] Fix crash for sizeof on VLAs

Paulo Matos via cfe-commits cfe-commits at lists.llvm.org
Wed Jan 12 07:11:09 PST 2022 

Author: Paulo Matos
Date: 2022-01-12T16:10:58+01:00
New Revision: 968be05b8fdc1d23c055cc4963230a89efbc5967

URL: https://github.com/llvm/llvm-project/commit/968be05b8fdc1d23c055cc4963230a89efbc5967
DIFF: https://github.com/llvm/llvm-project/commit/968be05b8fdc1d23c055cc4963230a89efbc5967.diff

LOG: [clang] Fix crash for sizeof on VLAs

Adds overload of TransformToPotentiallyEvaluated for TypeSourceInfo to
properly deal with VLAs in nested calls of sizeof and typeof. Fixes
PR31042 (https://github.com/llvm/llvm-project/issues/30390).

Reviewed By: efriedma

Differential Revision: https://reviews.llvm.org/D27800

Added: 
    clang/test/SemaCXX/pr31042.cpp

Modified: 
    clang/include/clang/Sema/Sema.h
    clang/lib/Sema/SemaExpr.cpp

Removed: 
    


################################################################################
diff  --git a/clang/include/clang/Sema/Sema.h b/clang/include/clang/Sema/Sema.h
index f1e90356c8367..b4d8d1494e705 100644
--- a/clang/include/clang/Sema/Sema.h
+++ b/clang/include/clang/Sema/Sema.h
@@ -5053,6 +5053,7 @@ class Sema final {
   void DiscardCleanupsInEvaluationContext();
 
   ExprResult TransformToPotentiallyEvaluated(Expr *E);
+  TypeSourceInfo *TransformToPotentiallyEvaluated(TypeSourceInfo *TInfo);
   ExprResult HandleExprEvaluationContextForTypeof(Expr *E);
 
   ExprResult CheckUnevaluatedOperand(Expr *E);

diff  --git a/clang/lib/Sema/SemaExpr.cpp b/clang/lib/Sema/SemaExpr.cpp
index 229a604901244..7de43705c2b10 100644
--- a/clang/lib/Sema/SemaExpr.cpp
+++ b/clang/lib/Sema/SemaExpr.cpp
@@ -4499,6 +4499,10 @@ Sema::CreateUnaryExprOrTypeTraitExpr(TypeSourceInfo *TInfo,
   }
 
   // C99 6.5.3.4p4: the type (an unsigned integer type) is size_t.
+  if (isUnevaluatedContext() && ExprKind == UETT_SizeOf &&
+      TInfo->getType()->isVariablyModifiedType())
+    TInfo = TransformToPotentiallyEvaluated(TInfo);
+
   return new (Context) UnaryExprOrTypeTraitExpr(
       ExprKind, TInfo, Context.getSizeType(), OpLoc, R.getEnd());
 }
@@ -16601,6 +16605,16 @@ ExprResult Sema::TransformToPotentiallyEvaluated(Expr *E) {
   return TransformToPE(*this).TransformExpr(E);
 }
 
+TypeSourceInfo *Sema::TransformToPotentiallyEvaluated(TypeSourceInfo *TInfo) {
+  assert(isUnevaluatedContext() &&
+         "Should only transform unevaluated expressions");
+  ExprEvalContexts.back().Context =
+      ExprEvalContexts[ExprEvalContexts.size() - 2].Context;
+  if (isUnevaluatedContext())
+    return TInfo;
+  return TransformToPE(*this).TransformType(TInfo);
+}
+
 void
 Sema::PushExpressionEvaluationContext(
     ExpressionEvaluationContext NewContext, Decl *LambdaContextDecl,

diff  --git a/clang/test/SemaCXX/pr31042.cpp b/clang/test/SemaCXX/pr31042.cpp
new file mode 100644
index 0000000000000..d4995c6e4d686
--- /dev/null
+++ b/clang/test/SemaCXX/pr31042.cpp
@@ -0,0 +1,10 @@
+// RUN: %clang_cc1 -o - -emit-llvm -triple x86_64-unknown-linux-gnu -disable-free %s
+// We need to use -emit-llvm in order to trigger the error, without it semantic analysis
+// does not verify the used bit and there's no error.
+
+char a[1];
+
+void f1(void) {
+  int i = 0;
+  int j = sizeof(typeof(*(char(*)[i])a));
+}

More information about the cfe-commits mailing list