[clang] fc57f88 - [Clang] Fix Undefined Behavior introduced by #91199 (#91718)
via cfe-commits
cfe-commits at lists.llvm.org
Fri May 10 02:15:30 PDT 2024
Author: cor3ntin
Date: 2024-05-10T11:15:26+02:00
New Revision: fc57f88f007497a4ead0ec8607ac66e1847b02d6
URL: https://github.com/llvm/llvm-project/commit/fc57f88f007497a4ead0ec8607ac66e1847b02d6
DIFF: https://github.com/llvm/llvm-project/commit/fc57f88f007497a4ead0ec8607ac66e1847b02d6.diff
LOG: [Clang] Fix Undefined Behavior introduced by #91199 (#91718)
We stack allocated an OpaqueExpr that would be used after it was
destroyed.
e.g https://lab.llvm.org/buildbot/#/builders/57/builds/34909
Added:
Modified:
clang/lib/Sema/SemaExprCXX.cpp
Removed:
################################################################################
diff --git a/clang/lib/Sema/SemaExprCXX.cpp b/clang/lib/Sema/SemaExprCXX.cpp
index ae844bc699143..c181092113e1f 100644
--- a/clang/lib/Sema/SemaExprCXX.cpp
+++ b/clang/lib/Sema/SemaExprCXX.cpp
@@ -5627,10 +5627,9 @@ static bool EvaluateUnaryTypeTrait(Sema &Self, TypeTrait UTT,
static bool EvaluateBinaryTypeTrait(Sema &Self, TypeTrait BTT, const TypeSourceInfo *Lhs,
const TypeSourceInfo *Rhs, SourceLocation KeyLoc);
-static ExprResult CheckConvertibilityForTypeTraits(Sema &Self,
- const TypeSourceInfo *Lhs,
- const TypeSourceInfo *Rhs,
- SourceLocation KeyLoc) {
+static ExprResult CheckConvertibilityForTypeTraits(
+ Sema &Self, const TypeSourceInfo *Lhs, const TypeSourceInfo *Rhs,
+ SourceLocation KeyLoc, llvm::BumpPtrAllocator &OpaqueExprAllocator) {
QualType LhsT = Lhs->getType();
QualType RhsT = Rhs->getType();
@@ -5675,9 +5674,9 @@ static ExprResult CheckConvertibilityForTypeTraits(Sema &Self,
// Build a fake source and destination for initialization.
InitializedEntity To(InitializedEntity::InitializeTemporary(RhsT));
- OpaqueValueExpr From(KeyLoc, LhsT.getNonLValueExprType(Self.Context),
- Expr::getValueKindForType(LhsT));
- Expr *FromPtr = &From;
+ Expr *From = new (OpaqueExprAllocator.Allocate<OpaqueValueExpr>())
+ OpaqueValueExpr(KeyLoc, LhsT.getNonLValueExprType(Self.Context),
+ Expr::getValueKindForType(LhsT));
InitializationKind Kind =
InitializationKind::CreateCopy(KeyLoc, SourceLocation());
@@ -5687,11 +5686,11 @@ static ExprResult CheckConvertibilityForTypeTraits(Sema &Self,
Self, Sema::ExpressionEvaluationContext::Unevaluated);
Sema::SFINAETrap SFINAE(Self, /*AccessCheckingSFINAE=*/true);
Sema::ContextRAII TUContext(Self, Self.Context.getTranslationUnitDecl());
- InitializationSequence Init(Self, To, Kind, FromPtr);
+ InitializationSequence Init(Self, To, Kind, From);
if (Init.Failed())
return ExprError();
- ExprResult Result = Init.Perform(Self, To, Kind, FromPtr);
+ ExprResult Result = Init.Perform(Self, To, Kind, From);
if (Result.isInvalid() || SFINAE.hasErrorOccurred())
return ExprError();
@@ -5819,7 +5818,8 @@ static bool EvaluateBooleanTypeTrait(Sema &S, TypeTrait Kind,
S.Context.getPointerType(T.getNonReferenceType()));
TypeSourceInfo *UPtr = S.Context.CreateTypeSourceInfo(
S.Context.getPointerType(U.getNonReferenceType()));
- return !CheckConvertibilityForTypeTraits(S, UPtr, TPtr, RParenLoc)
+ return !CheckConvertibilityForTypeTraits(S, UPtr, TPtr, RParenLoc,
+ OpaqueExprAllocator)
.isInvalid();
}
@@ -6028,9 +6028,9 @@ static bool EvaluateBinaryTypeTrait(Sema &Self, TypeTrait BTT, const TypeSourceI
case BTT_IsNothrowConvertible: {
if (RhsT->isVoidType())
return LhsT->isVoidType();
-
- ExprResult Result =
- CheckConvertibilityForTypeTraits(Self, Lhs, Rhs, KeyLoc);
+ llvm::BumpPtrAllocator OpaqueExprAllocator;
+ ExprResult Result = CheckConvertibilityForTypeTraits(Self, Lhs, Rhs, KeyLoc,
+ OpaqueExprAllocator);
if (Result.isInvalid())
return false;
More information about the cfe-commits
mailing list