[PATCH] D158557: [clang] Fix crash in __builtin_strncmp and other related builtin functions

Shafik Yaghmour via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Fri Aug 25 13:55:43 PDT 2023 

This revision was landed with ongoing or failed builds.
This revision was automatically updated to reflect the committed changes.
Closed by commit rG33b6b674620d: [clang] Fix crash in __builtin_strncmp and other related builtin functions (authored by shafik).
Herald added a project: clang.

Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D158557/new/

https://reviews.llvm.org/D158557

Files:
  clang/docs/ReleaseNotes.rst
  clang/lib/AST/ExprConstant.cpp
  clang/test/CodeGen/gh64876.cpp
  clang/test/SemaCXX/constexpr-string.cpp


Index: clang/test/SemaCXX/constexpr-string.cpp
===================================================================
--- clang/test/SemaCXX/constexpr-string.cpp
+++ clang/test/SemaCXX/constexpr-string.cpp
@@ -676,3 +676,24 @@
   }
   static_assert(test_address_of_incomplete_struct_type()); // expected-error {{constant}} expected-note {{in call}}
 }
+
+#pragma clang diagnostic push
+#pragma clang diagnostic ignored "-Wconstant-conversion"
+namespace GH64876 {
+void f() {
+  __builtin_strncmp(0, 0, 0xffffffffffffffff);
+  __builtin_memcmp(0, 0, 0xffffffffffffffff);
+  __builtin_bcmp(0, 0, 0xffffffffffffffff);
+  __builtin_wmemcmp(0, 0, 0xffffffffffffffff);
+  __builtin_memchr((const void*)0, 1, 0xffffffffffffffff);
+  __builtin_wmemchr((const wchar_t*)0, 1, 0xffffffffffffffff);
+
+  __builtin_strncmp(0, 0, -511LL);
+  __builtin_memcmp(0, 0, -511LL);
+  __builtin_bcmp(0, 0, -511LL);
+  __builtin_wmemcmp(0, 0, -511LL);
+  __builtin_memchr((const void*)0, 1, -511LL);
+  __builtin_wmemchr((const wchar_t*)0, 1, -511LL);
+}
+}
+#pragma clang diagnostic pop
Index: clang/test/CodeGen/gh64876.cpp
===================================================================
--- /dev/null
+++ clang/test/CodeGen/gh64876.cpp
@@ -0,0 +1,16 @@
+// RUN: %clang_cc1 -triple x86_64 -S -emit-llvm -disable-llvm-passes -o - %s | FileCheck %s
+
+void f(const char* C, const wchar_t *WC) {
+  int x1 = __builtin_strncmp(C, "b", 0xffffffffffffffff);
+// CHECK: {{.*}}= call i32 @strncmp{{.*}}i64 noundef -1
+  int x2 = __builtin_memcmp(C, "b", 0xffffffffffffffff);
+// CHECK: {{.*}}= call i32 @memcmp{{.*}}i64 noundef -1
+  int x3 = __builtin_bcmp(C, "b", 0xffffffffffffffff);
+// CHECK: {{.*}}= call i32 @bcmp{{.*}}i64 noundef -1
+  int x4 = __builtin_wmemcmp(WC, L"b", 0xffffffffffffffff);
+// CHECK: {{.*}}= call i32 @wmemcmp{{.*}}i64 noundef -1
+  auto x5 = __builtin_memchr(C, (int)'a', 0xffffffffffffffff);
+// CHECK: {{.*}}= call ptr @memchr{{.*}}i64 noundef -1
+  auto x6 = __builtin_wmemchr(WC, (int)'a', 0xffffffffffffffff);
+// CHECK: {{.*}}= call ptr @wmemchr{{.*}}i64 noundef -1
+}
Index: clang/lib/AST/ExprConstant.cpp
===================================================================
--- clang/lib/AST/ExprConstant.cpp
+++ clang/lib/AST/ExprConstant.cpp
@@ -9361,7 +9361,7 @@
       APSInt N;
       if (!EvaluateInteger(E->getArg(2), N, Info))
         return false;
-      MaxLength = N.getExtValue();
+      MaxLength = N.getZExtValue();
     }
     // We cannot find the value if there are no candidates to match against.
     if (MaxLength == 0u)
@@ -12385,7 +12385,7 @@
       APSInt N;
       if (!EvaluateInteger(E->getArg(2), N, Info))
         return false;
-      MaxLength = N.getExtValue();
+      MaxLength = N.getZExtValue();
     }
 
     // Empty substrings compare equal by definition.
Index: clang/docs/ReleaseNotes.rst
===================================================================
--- clang/docs/ReleaseNotes.rst
+++ clang/docs/ReleaseNotes.rst
@@ -179,6 +179,9 @@
 - Clang now prints unnamed members in diagnostic messages instead of giving an
   empty ''. Fixes
   (`#63759 <https://github.com/llvm/llvm-project/issues/63759>`_)
+- Fix crash in __builtin_strncmp and related builtins when the size value
+  exceeded the maximum value representable by int64_t. Fixes
+  (`#64876 <https://github.com/llvm/llvm-project/issues/64876>`_)
 
 Bug Fixes to Compiler Builtins
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D158557.553609.patch
Type: text/x-patch
Size: 3427 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20230825/89a52f3b/attachment.bin>

More information about the cfe-commits mailing list