This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
clang-tools-extra/test/clang-tidy/checkers/
-
test/
-
clang-tidy/
-
checkers/
6/6
cppcoreguidelines-pro-type-member-init.cpp
-
clang/lib/Sema/
-
lib/
-
Sema/
2/4
SemaDeclCXX.cpp

Differential D113518

[clang][Sema] Create delegating constructors even in templates
Needs ReviewPublic

Authored by fwolff on Nov 9 2021, 2:05 PM.

Download Raw Diff

Details

Reviewers

rsmith
dblaikie
aaron.ballman
• Quuxplusone

Summary

This fixes a bug in clang-tidy (PR#37902), even though the code for the cppcoreguidelines-pro-type-member-init check itself is perfectly fine. It uses the isDelegatingConstructor() matcher, which does not match delegating constructors in templates because the AST contains incorrect information (constructors in templates are never marked as delegating). This patch fixes this behavior by constructing a correct CXXCtorInitializer for delegating constructors in templates.

Diff Detail

Unit TestsFailed

	Time	Test
	7,600 ms	x64 debian > libFuzzer.libFuzzer::fuzzer-leak.test

Event Timeline

fwolff created this revision.Nov 9 2021, 2:05 PM

Herald added subscribers: kbarton, nemanjai. · View Herald TranscriptNov 9 2021, 2:05 PM

fwolff requested review of this revision.Nov 9 2021, 2:05 PM

Herald added a project: Restricted Project. · View Herald TranscriptNov 9 2021, 2:05 PM

Herald added a subscriber: cfe-commits. · View Herald Transcript

Harbormaster completed remote builds in B133355: Diff 385962.Nov 9 2021, 3:34 PM

Amazing, thanks a lot for fixing this long-standing issue! I have a couple comments. I'm not familiar at all with the Sema part so someone that knows should look at it :)

clang-tools-extra/test/clang-tidy/checkers/cppcoreguidelines-pro-type-member-init.cpp
374	Not really sure what this test is meant to do. Why would it call the destructor of the own class in it's own constructor? Looks very strange to me. If anything, the constructor should call the constructor of the base: PositiveSelfInitialization() : NegativeAggregateType() What do you think?
555	typename T? Not sure if it makes a difference
559	Could you add another test where X is initialized via NSDMI instead of in the constructor initializer list? int X{}; TemplateWithDelegatingCtor() = default; TemplateWithDelegatingCtor(int) : TemplateWithDelegatingCtor() {}

This revision now requires changes to proceed.Nov 10 2021, 10:52 AM

Also, what's with the pre-merge test, is it related?

fwolff updated this revision to Diff 386297.Nov 10 2021, 1:15 PM

Thanks for your review @carlosgalvezp! I have addressed your inline comments. I'm not sure about the failing test, but it looks like a regression test internal to libFuzzer? Maybe it goes away with the rebuild.

clang-tools-extra/test/clang-tidy/checkers/cppcoreguidelines-pro-type-member-init.cpp
374	The comment above talks about a "pathological template", so my guess is that this checks that clang-tidy doesn't crash for this input. The only reason why I had to touch this test at all is that the constructor is now treated as a delegating constructor, which suppresses the warning.

Harbormaster completed remote builds in B133571: Diff 386297.Nov 10 2021, 4:18 PM

carlosgalvezp added inline comments.Nov 11 2021, 12:55 AM

clang-tools-extra/test/clang-tidy/checkers/cppcoreguidelines-pro-type-member-init.cpp
374	Hmm, I see. I would like to make sure we still catch the failure mode "this constructor does not initialize these base classes" for class templates. I don't see such test existing (only for non-template classes), maybe you can add that too?

fwolff updated this revision to Diff 386620.Nov 11 2021, 12:08 PM

fwolff added inline comments.

clang-tools-extra/test/clang-tidy/checkers/cppcoreguidelines-pro-type-member-init.cpp
374	Good point, done now.

fwolff marked 2 inline comments as done.Nov 11 2021, 12:11 PM

Harbormaster completed remote builds in B133792: Diff 386620.Nov 11 2021, 12:55 PM

Looks great, thanks! I'm not comfortable reviewing the Sema part, maybe someone else can have a look?

This revision is now accepted and ready to land.Nov 14 2021, 7:33 AM

carlosgalvezp added reviewers: aaron.ballman, whisperity.Nov 17 2021, 1:03 AM

Herald added a subscriber: rnkovacs. · View Herald TranscriptNov 17 2021, 1:04 AM

(@carlosgalvezp Removing you from reviewers so the patch shows up as not yet reviewed for others! The significant part is the Sema which should be reviewed.)

This revision now requires review to proceed.Nov 26 2021, 12:39 AM

Thanks for the finding and sorry for delaying the review, I didn't know that :( Do you know if there's an option for signaling "LGTM but I want someone else to review?". Otherwise I can just leave a comment and don't accept the revision.

In D113518#3155040, @carlosgalvezp wrote:

Thanks for the finding and sorry for delaying the review, I didn't know that :( Do you know if there's an option for signaling "LGTM but I want someone else to review?". Otherwise I can just leave a comment and don't accept the revision.

There is an action "resign from review", but as I have taken you off explicitly and by force, no need for that. 🙂 I just wrote the comment FYI so that you know I'm not just interfering destructively! (And due to no accepting reviewers remaining acting as such, the patch automatically went back to "now require review to proceed".)

aaron.ballman added inline comments.Nov 29 2021, 12:07 PM

clang/lib/Sema/SemaDeclCXX.cpp
4524–4525	Looking at the source for `BuildDelegatingInitializer()`, it looks like we should still be able to call this in a dependent context. In fact, it has a fixme comment specifically about that: // If we are in a dependent context, template instantiation will // perform this type-checking again. Just save the arguments that we // received in a ParenListExpr. // FIXME: This isn't quite ideal, since our ASTs don't capture all // of the information that we have about the base // initializer. However, deconstructing the ASTs is a dicey process, // and this approach is far more likely to get the corner cases right. I'm wondering if the better fix here is to hoist the delegation check out of the `if (!Dependent)`. Did you try that and run into issues?
5071–5075	Can you explain why this change was needed?

fwolff marked 2 inline comments as done.Dec 4 2021, 9:52 AM

fwolff added inline comments.

clang/lib/Sema/SemaDeclCXX.cpp
4524–4525	Yes, I have tried this, and it leads to a crash here (because the cast fails). Apparently, this code path in `BuildDelegatingInitializer()` is never exercised for dependent contexts, despite the comment, and therefore doesn't work.
5071–5075	Without this, clang crashes because `LookupDestructor()` calls `LookupSpecialMember()`, which then runs into this assertion: clang-14: /[...]/llvm-project/clang/lib/Sema/SemaLookup.cpp:3064: clang::Sema::SpecialMemberOverloadResult clang::Sema::LookupSpecialMember(clang::CXXRecordDecl*, clang::Sema::CXXSpecialMember, bool, bool, bool, bool, bool): Assertion `CanDeclareSpecialMemberFunction(RD) && "doing special member lookup into record that isn't fully complete"' failed. Previously, this wasn't necessary because no delegating constructors would be generated for templates, and so this function wasn't ever called in a dependent context.

fwolff marked 2 inline comments as done.Dec 4 2021, 9:54 AM

@aaron.ballman Ping? I think I've responded to all comments so far; let me know if you still have concerns.

Revision Contents

Path

Size

clang-tools-extra/

test/

clang-tidy/

checkers/

cppcoreguidelines-pro-type-member-init.cpp

10 lines

clang/

lib/

Sema/

SemaDeclCXX.cpp

31 lines

Diff 385962

clang-tools-extra/test/clang-tidy/checkers/cppcoreguidelines-pro-type-member-init.cpp

Show First 20 Lines • Show All 365 Lines • ▼ Show 20 Lines
};		};

// This pathological template fails to compile if actually instantiated. It		// This pathological template fails to compile if actually instantiated. It
// results in the check seeing a null RecordDecl when examining the base class		// results in the check seeing a null RecordDecl when examining the base class
// initializer list.		// initializer list.
template <typename T>		template <typename T>
class PositiveSelfInitialization : NegativeAggregateType		class PositiveSelfInitialization : NegativeAggregateType
{		{
PositiveSelfInitialization() : PositiveSelfInitialization() {}		PositiveSelfInitialization() : PositiveSelfInitialization() {}
		carlosgalvezpUnsubmitted Done Reply Inline Actions Not really sure what this test is meant to do. Why would it call the destructor of the own class in it's own constructor? Looks very strange to me. If anything, the constructor should call the constructor of the base: PositiveSelfInitialization() : NegativeAggregateType() What do you think? carlosgalvezp: Not really sure what this test is meant to do. Why would it call the destructor of the own…
		fwolffAuthorUnsubmitted Done Reply Inline Actions The comment above talks about a "pathological template", so my guess is that this checks that clang-tidy doesn't crash for this input. The only reason why I had to touch this test at all is that the constructor is now treated as a delegating constructor, which suppresses the warning. fwolff: The comment above talks about a "pathological template", so my guess is that this checks that…
		carlosgalvezpUnsubmitted Done Reply Inline Actions Hmm, I see. I would like to make sure we still catch the failure mode "this constructor does not initialize these base classes" for class templates. I don't see such test existing (only for non-template classes), maybe you can add that too? carlosgalvezp: Hmm, I see. I would like to make sure we still catch the failure mode "this constructor does…
		fwolffAuthorUnsubmitted Done Reply Inline Actions Good point, done now. fwolff: Good point, done now.
// CHECK-MESSAGES: :[[@LINE-1]]:3: warning: constructor does not initialize these bases: NegativeAggregateType
// CHECK-FIXES: PositiveSelfInitialization() : NegativeAggregateType(), PositiveSelfInitialization() {}
};		};

class PositiveIndirectMember {		class PositiveIndirectMember {
struct {		struct {
int *A;		int *A;
// CHECK-FIXES: int *A{};		// CHECK-FIXES: int *A{};
};		};

▲ Show 20 Lines • Show All 162 Lines • ▼ Show 20 Lines	union {
};		};
int C;		int C;
// CHECK-FIXES: int C{};		// CHECK-FIXES: int C{};
};		};
};		};
int A;		int A;
// CHECK-FIXES-NOT: int A{};		// CHECK-FIXES-NOT: int A{};
};		};

		// Check that a delegating constructor in a template does not trigger false positives (PR#37902).
		template <typename>
		carlosgalvezpUnsubmitted Done Reply Inline Actions typename T? Not sure if it makes a difference carlosgalvezp: typename T? Not sure if it makes a difference
		struct TemplateWithDelegatingCtor {
		int X;
		TemplateWithDelegatingCtor() : X{} {};
		TemplateWithDelegatingCtor(int) : TemplateWithDelegatingCtor(){};
		carlosgalvezpUnsubmitted Done Reply Inline Actions Could you add another test where X is initialized via NSDMI instead of in the constructor initializer list? int X{}; TemplateWithDelegatingCtor() = default; TemplateWithDelegatingCtor(int) : TemplateWithDelegatingCtor() {} carlosgalvezp: Could you add another test where X is initialized via NSDMI instead of in the constructor…
		};

clang/lib/Sema/SemaDeclCXX.cpp

This file is larger than 256 KB, so syntax highlighting is disabled by default.

Show First 20 Lines • Show All 4,490 Lines • ▼ Show 20 Lines	Sema::BuildBaseInitializer(QualType BaseType, TypeSourceInfo *BaseTInfo,
// mem-initializer-list can initialize a base class using any		// mem-initializer-list can initialize a base class using any
// name that denotes that base class type.		// name that denotes that base class type.

// We can store the initializers in "as-written" form and delay analysis until		// We can store the initializers in "as-written" form and delay analysis until
// instantiation if the constructor is dependent. But not for dependent		// instantiation if the constructor is dependent. But not for dependent
// (broken) code in a non-template! SetCtorInitializers does not expect this.		// (broken) code in a non-template! SetCtorInitializers does not expect this.
bool Dependent = CurContext->isDependentContext() &&		bool Dependent = CurContext->isDependentContext() &&
(BaseType->isDependentType() \|\| Init->isTypeDependent());		(BaseType->isDependentType() \|\| Init->isTypeDependent());
		bool Delegating = Context.hasSameUnqualifiedType(
		QualType(ClassDecl->getTypeForDecl(), 0), BaseType);

SourceRange InitRange = Init->getSourceRange();		SourceRange InitRange = Init->getSourceRange();
if (EllipsisLoc.isValid()) {		if (EllipsisLoc.isValid()) {
// This is a pack expansion.		// This is a pack expansion.
if (!BaseType->containsUnexpandedParameterPack()) {		if (!BaseType->containsUnexpandedParameterPack()) {
Diag(EllipsisLoc, diag::err_pack_expansion_without_parameter_packs)		Diag(EllipsisLoc, diag::err_pack_expansion_without_parameter_packs)
<< SourceRange(BaseLoc, InitRange.getEnd());		<< SourceRange(BaseLoc, InitRange.getEnd());

EllipsisLoc = SourceLocation();		EllipsisLoc = SourceLocation();
}		}
} else {		} else {
// Check for any unexpanded parameter packs.		// Check for any unexpanded parameter packs.
if (DiagnoseUnexpandedParameterPack(BaseLoc, BaseTInfo, UPPC_Initializer))		if (DiagnoseUnexpandedParameterPack(BaseLoc, BaseTInfo, UPPC_Initializer))
return true;		return true;

if (DiagnoseUnexpandedParameterPack(Init, UPPC_Initializer))		if (DiagnoseUnexpandedParameterPack(Init, UPPC_Initializer))
return true;		return true;
}		}

// Check for direct and virtual base classes.		// Check for direct and virtual base classes.
const CXXBaseSpecifier *DirectBaseSpec = nullptr;		const CXXBaseSpecifier *DirectBaseSpec = nullptr;
const CXXBaseSpecifier *VirtualBaseSpec = nullptr;		const CXXBaseSpecifier *VirtualBaseSpec = nullptr;
if (!Dependent) {		if (!Dependent) {
if (Context.hasSameUnqualifiedType(QualType(ClassDecl->getTypeForDecl(),0),		if (Delegating)
BaseType))
return BuildDelegatingInitializer(BaseTInfo, Init, ClassDecl);		return BuildDelegatingInitializer(BaseTInfo, Init, ClassDecl);
		aaron.ballmanUnsubmitted Done Reply Inline Actions Looking at the source for `BuildDelegatingInitializer()`, it looks like we should still be able to call this in a dependent context. In fact, it has a fixme comment specifically about that: // If we are in a dependent context, template instantiation will // perform this type-checking again. Just save the arguments that we // received in a ParenListExpr. // FIXME: This isn't quite ideal, since our ASTs don't capture all // of the information that we have about the base // initializer. However, deconstructing the ASTs is a dicey process, // and this approach is far more likely to get the corner cases right. I'm wondering if the better fix here is to hoist the delegation check out of the `if (!Dependent)`. Did you try that and run into issues? aaron.ballman: Looking at the source for `BuildDelegatingInitializer()`, it looks like we should still be able…
		fwolffAuthorUnsubmitted Not Done Reply Inline Actions Yes, I have tried this, and it leads to a crash here (because the cast fails). Apparently, this code path in `BuildDelegatingInitializer()` is never exercised for dependent contexts, despite the comment, and therefore doesn't work. fwolff: Yes, I have tried this, and it leads to a crash [[ https://github.com/llvm/llvm…

FindBaseInitializer(*this, ClassDecl, BaseType, DirectBaseSpec,		FindBaseInitializer(*this, ClassDecl, BaseType, DirectBaseSpec,
VirtualBaseSpec);		VirtualBaseSpec);

// C++ [base.class.init]p2:		// C++ [base.class.init]p2:
// Unless the mem-initializer-id names a nonstatic data member of the		// Unless the mem-initializer-id names a nonstatic data member of the
// constructor's class or a direct or virtual base of that class, the		// constructor's class or a direct or virtual base of that class, the
// mem-initializer is ill-formed.		// mem-initializer is ill-formed.
Show All 10 Lines	if (!DirectBaseSpec && !VirtualBaseSpec) {
<< BaseType << Context.getTypeDeclType(ClassDecl)		<< BaseType << Context.getTypeDeclType(ClassDecl)
<< BaseTInfo->getTypeLoc().getLocalSourceRange();		<< BaseTInfo->getTypeLoc().getLocalSourceRange();
}		}
}		}

if (Dependent) {		if (Dependent) {
DiscardCleanupsInEvaluationContext();		DiscardCleanupsInEvaluationContext();

return new (Context) CXXCtorInitializer(Context, BaseTInfo,		if (!Delegating)
/IsVirtual=/false,		return new (Context)
InitRange.getBegin(), Init,		CXXCtorInitializer(Context, BaseTInfo,
		/IsVirtual=/false, InitRange.getBegin(), Init,
InitRange.getEnd(), EllipsisLoc);		InitRange.getEnd(), EllipsisLoc);
		else
		return new (Context) CXXCtorInitializer(
		Context, BaseTInfo, InitRange.getBegin(), Init, InitRange.getEnd());
}		}

// C++ [base.class.init]p2:		// C++ [base.class.init]p2:
// If a mem-initializer-id is ambiguous because it designates both		// If a mem-initializer-id is ambiguous because it designates both
// a direct non-virtual base class and an inherited virtual base		// a direct non-virtual base class and an inherited virtual base
// class, the mem-initializer is ill-formed.		// class, the mem-initializer is ill-formed.
if (DirectBaseSpec && VirtualBaseSpec)		if (DirectBaseSpec && VirtualBaseSpec)
return Diag(BaseLoc, diag::err_base_init_direct_and_virtual)		return Diag(BaseLoc, diag::err_base_init_direct_and_virtual)
▲ Show 20 Lines • Show All 495 Lines • ▼ Show 20 Lines	Sema::SetDelegatingInitializer(CXXConstructorDecl *Constructor,
CXXCtorInitializer *Initializer) {		CXXCtorInitializer *Initializer) {
assert(Initializer->isDelegatingInitializer());		assert(Initializer->isDelegatingInitializer());
Constructor->setNumCtorInitializers(1);		Constructor->setNumCtorInitializers(1);
CXXCtorInitializer **initializer =		CXXCtorInitializer **initializer =
new (Context) CXXCtorInitializer*[1];		new (Context) CXXCtorInitializer*[1];
memcpy(initializer, &Initializer, sizeof (CXXCtorInitializer*));		memcpy(initializer, &Initializer, sizeof (CXXCtorInitializer*));
Constructor->setCtorInitializers(initializer);		Constructor->setCtorInitializers(initializer);

		if (!Constructor->isDependentContext()) {
if (CXXDestructorDecl *Dtor = LookupDestructor(Constructor->getParent())) {		if (CXXDestructorDecl *Dtor = LookupDestructor(Constructor->getParent())) {
MarkFunctionReferenced(Initializer->getSourceLocation(), Dtor);		MarkFunctionReferenced(Initializer->getSourceLocation(), Dtor);
DiagnoseUseOfDecl(Dtor, Initializer->getSourceLocation());		DiagnoseUseOfDecl(Dtor, Initializer->getSourceLocation());
}		}
		aaron.ballmanUnsubmitted Done Reply Inline Actions Can you explain why this change was needed? aaron.ballman: Can you explain why this change was needed?
		fwolffAuthorUnsubmitted Not Done Reply Inline Actions Without this, clang crashes because `LookupDestructor()` calls `LookupSpecialMember()`, which then runs into this assertion: clang-14: /[...]/llvm-project/clang/lib/Sema/SemaLookup.cpp:3064: clang::Sema::SpecialMemberOverloadResult clang::Sema::LookupSpecialMember(clang::CXXRecordDecl, clang::Sema::CXXSpecialMember, bool, bool, bool, bool, bool): Assertion `CanDeclareSpecialMemberFunction(RD) && "doing special member lookup into record that isn't fully complete"' failed. Previously, this wasn't necessary because no delegating constructors would be generated for templates, and so this function wasn't ever called in a dependent context. fwolff:* Without this, clang crashes because `LookupDestructor()` calls `LookupSpecialMember()`, which…

DelegatingCtorDecls.push_back(Constructor);		DelegatingCtorDecls.push_back(Constructor);

DiagnoseUninitializedFields(*this, Constructor);		DiagnoseUninitializedFields(*this, Constructor);
		}

return false;		return false;
}		}

bool Sema::SetCtorInitializers(CXXConstructorDecl *Constructor, bool AnyErrors,		bool Sema::SetCtorInitializers(CXXConstructorDecl *Constructor, bool AnyErrors,
ArrayRef<CXXCtorInitializer *> Initializers) {		ArrayRef<CXXCtorInitializer *> Initializers) {
if (Constructor->isDependentContext()) {		if (Constructor->isDependentContext()) {
// Just store the initializers as written, they will be checked during		// Just store the initializers as written, they will be checked during
▲ Show 20 Lines • Show All 13,124 Lines • Show Last 20 Lines