[clang] 677a1da - [clang] Fix crash caused by PseudoObjectExprBitfields::NumSubExprs overflow
via cfe-commits
cfe-commits at lists.llvm.org
Wed Jul 12 16:58:20 PDT 2023
Author: yrong
Date: 2023-07-13T07:58:08+08:00
New Revision: 677a1da6fafddb13aebd4c170c8452029a05858d
URL: https://github.com/llvm/llvm-project/commit/677a1da6fafddb13aebd4c170c8452029a05858d
DIFF: https://github.com/llvm/llvm-project/commit/677a1da6fafddb13aebd4c170c8452029a05858d.diff
LOG: [clang] Fix crash caused by PseudoObjectExprBitfields::NumSubExprs overflow
This patch makes the bit-fields wider, and also implement a small optimization for `PseudoObjectExprBitfields`, when there is no result in `PseudoObjectExpr`, we use 32 bits to store the number of subexpressions, otherwise, we use 16 bits to store the number of subexpressions, and use 16 bits to store the result indexes.
Fixes https://github.com/llvm/llvm-project/issues/63169
Reviewed By: aaron.ballman
Differential Revision: https://reviews.llvm.org/D154784
Added:
Modified:
clang/docs/ReleaseNotes.rst
clang/include/clang/AST/Stmt.h
clang/test/SemaCXX/builtin-dump-struct.cpp
Removed:
################################################################################
diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst
index 42e92576808218..08d49bf72fbaaf 100644
--- a/clang/docs/ReleaseNotes.rst
+++ b/clang/docs/ReleaseNotes.rst
@@ -587,6 +587,8 @@ Bug Fixes in This Version
(`#50320 <https://github.com/llvm/llvm-project/issues/50320>`_).
- Fix an assertion when using ``\u0024`` (``$``) as an identifier, by disallowing
that construct (`#62133 <https://github.com/llvm/llvm-project/issues/38717>_`).
+- Fix crash caused by PseudoObjectExprBitfields: NumSubExprs overflow.
+ (`#63169 <https://github.com/llvm/llvm-project/issues/63169>_`)
Bug Fixes to Compiler Builtins
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
diff --git a/clang/include/clang/AST/Stmt.h b/clang/include/clang/AST/Stmt.h
index 156dd0a436a900..87ffebc00d7b79 100644
--- a/clang/include/clang/AST/Stmt.h
+++ b/clang/include/clang/AST/Stmt.h
@@ -593,10 +593,8 @@ class alignas(void *) Stmt {
unsigned : NumExprBits;
- // These don't need to be particularly wide, because they're
- // strictly limited by the forms of expressions we permit.
- unsigned NumSubExprs : 8;
- unsigned ResultIndex : 32 - 8 - NumExprBits;
+ unsigned NumSubExprs : 16;
+ unsigned ResultIndex : 16;
};
class SourceLocExprBitfields {
diff --git a/clang/test/SemaCXX/builtin-dump-struct.cpp b/clang/test/SemaCXX/builtin-dump-struct.cpp
index e057eac029463d..b3d2a2d808ce26 100644
--- a/clang/test/SemaCXX/builtin-dump-struct.cpp
+++ b/clang/test/SemaCXX/builtin-dump-struct.cpp
@@ -159,3 +159,28 @@ void errors(B b) {
// expected-note@#Format {{no known conversion from 'int' to 'ConstexprString &' for 1st argument}}
}
#endif
+
+// Check that PseudoObjectExprBitfields:NumSubExprs doesn't overflow. This
+// would previously cause a crash.
+struct t1 {
+ int v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15, v16,
+ v17, v18, v19, v20, v21, v22, v23, v24, v25, v26, v27, v28, v29, v30, v31,
+ v32, v33, v34, v35, v36, v37, v38, v39, v40, v41, v42, v43, v44, v45, v46,
+ v47, v48, v49, v50, v51, v52, v53, v54, v55, v56, v57, v58, v59, v60, v61,
+ v62, v63, v64, v65, v66, v67, v68, v69, v70, v71, v72, v73, v74, v75, v76,
+ v77, v78, v79, v80, v81, v82, v83, v84, v85, v86, v87, v88, v89, v90, v91,
+ v92, v93, v94, v95, v96, v97, v98, v99;
+};
+
+struct t2 {
+ t1 v0, v1, v2, v3, v4, v5, v6, v7, v8, v9, v10, v11, v12, v13, v14, v15, v16,
+ v17, v18, v19, v20, v21, v22, v23, v24, v25, v26, v27, v28, v29, v30, v31,
+ v32, v33, v34, v35, v36, v37, v38, v39, v40, v41, v42, v43, v44, v45, v46,
+ v47, v48, v49, v50, v51, v52, v53, v54, v55, v56, v57, v58, v59, v60, v61,
+ v62, v63, v64, v65, v66, v67, v68, v69, v70, v71, v72, v73, v74, v75, v76,
+ v77, v78, v79, v80, v81, v82, v83, v84, v85, v86, v87, v88, v89, v90, v91,
+ v92, v93, v94, v95, v96, v97, v98, v99;
+};
+
+int printf(const char *, ...);
+void f1(t2 w) { __builtin_dump_struct(&w, printf); }
More information about the cfe-commits
mailing list