This is an archive of the discontinued LLVM Phabricator instance.

Differential D142867

[Clang] Add machinery to catch overflow in unary minus outside of a constant expression context
ClosedPublic

Authored by shafik on Jan 29 2023, 10:14 PM.

Details

Reviewers
erichkeane
aaron.ballman
Commits
rG67ee18cc7a30: [Clang] Add machinery to catch overflow in unary minus outside of a constant…
Summary

We provide several diagnostics for various undefined behaviors due to signed integer overflow outside of a constant expression context. We were missing the machinery to catch overflows due to unary minus.

Fixes: https://github.com/llvm/llvm-project/issues/31643

Diff Detail

Unit TestsFailed

TimeTest
3,450 mslibcxx CI Modules > llvm-libc++-shared-cfg-in.libcxx/algorithms/specialized_algorithms/special_mem_concepts::nothrow_sentinel_for.compile.pass.cpp

Event Timeline

shafik created this revision.Jan 29 2023, 10:14 PM
Herald added a project: Restricted Project. · View Herald TranscriptJan 29 2023, 10:14 PM
shafik requested review of this revision.Jan 29 2023, 10:14 PM
Harbormaster completed remote builds in B210697: Diff 493202.Jan 29 2023, 11:43 PM
aaron.ballman accepted this revision.Jan 30 2023, 11:41 AM

LGTM, though needs a release note.

clang/lib/AST/ExprConstant.cpp
13503–13513
This revision is now accepted and ready to land.Jan 30 2023, 11:41 AM
shafik updated this revision to Diff 493641.Jan 31 2023, 8:51 AM
shafik marked an inline comment as done.
  • Add release note.
This revision was landed with ongoing or failed builds.Jan 31 2023, 9:35 AM
Closed by commit rG67ee18cc7a30: [Clang] Add machinery to catch overflow in unary minus outside of a constant… (authored by shafik). · Explain Why
This revision was automatically updated to reflect the committed changes.
shafik added a commit: rG67ee18cc7a30: [Clang] Add machinery to catch overflow in unary minus outside of a constant….
Herald added a project: Restricted Project. · View Herald TranscriptJan 31 2023, 9:35 AM
Harbormaster completed remote builds in B211013: Diff 493641.Jan 31 2023, 10:17 AM
hans added a subscriber: hans.Feb 3 2023, 10:56 AM

Amusingly this fired on some code that used negation with the intention of getting fewer warnings: https://github.com/KhronosGroup/glslang/commit/866f67140ed98865350b53312bba1b654b59f937 :-)
Fixed in https://github.com/KhronosGroup/glslang/commit/7341a21b345e7aea1d2791db0f2d36866c434c03

eaeltsin added a subscriber: eaeltsin.EditedFeb 6 2023, 1:52 PM

The warning now fires even if overflow is prevented with if constexpr:

if constexpr (width <= 64) {
  if constexpr (width == 64) {
    return 1;
  }
  return -static_cast<int64_t>(uint64_t{1} << (width - 1));
}

https://godbolt.org/z/M3xdcKd3M

shafik added a comment.Feb 6 2023, 8:53 PM
In D142867#4108079, @eaeltsin wrote:

The warning now fires even if overflow is prevented with if constexpr:

if constexpr (width <= 64) {
  if constexpr (width == 64) {
    return 1;
  }
  return -static_cast<int64_t>(uint64_t{1} << (width - 1));
}

https://godbolt.org/z/M3xdcKd3M

I believe this is due to issue: https://github.com/llvm/llvm-project/issues/59448

hubert.reinterpretcast added a subscriber: hubert.reinterpretcast.Feb 15 2023, 4:36 PM
In D142867#4108079, @eaeltsin wrote:

The warning now fires even if overflow is prevented with if constexpr:

if constexpr (width <= 64) {
  if constexpr (width == 64) {
    return 1;
  }
  return -static_cast<int64_t>(uint64_t{1} << (width - 1));
}

https://godbolt.org/z/M3xdcKd3M

For reference, actually placing the second return into an else block (thus making it a discarded statement) does suppress the diagnostic:
https://godbolt.org/z/Kb6Md5PrK

I also question the focus on if constexpr. Replacing with if (true) { return 1; } should be as effective in the non-else-block case in suppressing the warning in terms of QoI.

Revision Contents

PathSize
clang/
docs/
3 lines
lib/
AST/
14 lines
Sema/
2 lines
test/
CXX/
expr/
expr.const/
1 line
SemaCXX/
6 lines
unittests/
Support/
1 line

Diff 493641

clang/docs/ReleaseNotes.rst

Show First 20 LinesShow All 57 Lines▼ Show 20 Lines- Fix crash on invalid code when looking up a destructor in a templated class
inside a namespace. This fixes inside a namespace. This fixes
`Issue 59446 <https://github.com/llvm/llvm-project/issues/59446>`_. `Issue 59446 <https://github.com/llvm/llvm-project/issues/59446>`_.
- Fix crash when diagnosing incorrect usage of ``_Nullable`` involving alias - Fix crash when diagnosing incorrect usage of ``_Nullable`` involving alias
templates. This fixes templates. This fixes
`Issue 60344 <https://github.com/llvm/llvm-project/issues/60344>`_. `Issue 60344 <https://github.com/llvm/llvm-project/issues/60344>`_.
Improvements to Clang's diagnostics Improvements to Clang's diagnostics
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
- We now generate a diagnostic for signed integer overflow due to unary minus
in a non-constant expression context. This fixes
`Issue 31643 <https://github.com/llvm/llvm-project/issues/31643>`_
Non-comprehensive list of changes in this release Non-comprehensive list of changes in this release
------------------------------------------------- -------------------------------------------------
New Compiler Flags New Compiler Flags
------------------ ------------------
Deprecated Compiler Flags Deprecated Compiler Flags
▲ Show 20 LinesShow All 146 LinesShow Last 20 Lines

clang/lib/AST/ExprConstant.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 13,494 Lines▼ Show 20 Linesbool IntExprEvaluator::VisitUnaryOperator(const UnaryOperator *E) {
case UO_Plus: case UO_Plus:
// The result is just the value. // The result is just the value.
return Visit(E->getSubExpr()); return Visit(E->getSubExpr());
case UO_Minus: { case UO_Minus: {
if (!Visit(E->getSubExpr())) if (!Visit(E->getSubExpr()))
return false; return false;
if (!Result.isInt()) return Error(E); if (!Result.isInt()) return Error(E);
const APSInt &Value = Result.getInt(); const APSInt &Value = Result.getInt();
if (Value.isSigned() && Value.isMinSignedValue() && E->canOverflow() && if (Value.isSigned() && Value.isMinSignedValue() && E->canOverflow()) {
!HandleOverflow(Info, E, -Value.extend(Value.getBitWidth() + 1), if (Info.checkingForUndefinedBehavior())
Info.Ctx.getDiagnostics().Report(E->getExprLoc(),
diag::warn_integer_constant_overflow)
<< toString(Value, 10) << E->getType();
if (!HandleOverflow(Info, E, -Value.extend(Value.getBitWidth() + 1),
E->getType())) E->getType()))
return false; return false;
}
return Success(-Value, E); return Success(-Value, E);
aaron.ballmanUnsubmitted
Done
ReplyInline Actions
const APSInt &Value = Result.getInt();
if (Value.isSigned() && Value.isMinSignedValue() && E->canOverflow()) {
-
if (Info.checkingForUndefinedBehavior())
Info.Ctx.getDiagnostics().Report(E->getExprLoc(),
aaron.ballman:
} }
case UO_Not: { case UO_Not: {
if (!Visit(E->getSubExpr())) if (!Visit(E->getSubExpr()))
return false; return false;
if (!Result.isInt()) return Error(E); if (!Result.isInt()) return Error(E);
return Success(~Result.getInt(), E); return Success(~Result.getInt(), E);
} }
case UO_LNot: { case UO_LNot: {
▲ Show 20 LinesShow All 2,783 LinesShow Last 20 Lines

clang/lib/Sema/SemaChecking.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 14,847 Lines▼ Show 20 Lines
void Sema::CheckForIntOverflow (Expr *E) { void Sema::CheckForIntOverflow (Expr *E) {
// Use a work list to deal with nested struct initializers. // Use a work list to deal with nested struct initializers.
SmallVector<Expr *, 2> Exprs(1, E); SmallVector<Expr *, 2> Exprs(1, E);
do { do {
Expr *OriginalE = Exprs.pop_back_val(); Expr *OriginalE = Exprs.pop_back_val();
Expr *E = OriginalE->IgnoreParenCasts(); Expr *E = OriginalE->IgnoreParenCasts();
if (isa<BinaryOperator>(E)) { if (isa<BinaryOperator, UnaryOperator>(E)) {
E->EvaluateForOverflow(Context); E->EvaluateForOverflow(Context);
continue; continue;
} }
if (auto InitList = dyn_cast<InitListExpr>(OriginalE)) if (auto InitList = dyn_cast<InitListExpr>(OriginalE))
Exprs.append(InitList->inits().begin(), InitList->inits().end()); Exprs.append(InitList->inits().begin(), InitList->inits().end());
else if (isa<ObjCBoxedExpr>(OriginalE)) else if (isa<ObjCBoxedExpr>(OriginalE))
E->EvaluateForOverflow(Context); E->EvaluateForOverflow(Context);
▲ Show 20 LinesShow All 3,265 LinesShow Last 20 Lines

clang/test/CXX/expr/expr.const/p2-0x.cpp

Show First 20 LinesShow All 140 Lines▼ Show 20 Lines void f(int n) {
case (int)((float)1e37 / 1e30): // ok case (int)((float)1e37 / 1e30): // ok
case (int)(__fp16)65536: // expected-error {{constant expression}} expected-note {{value +Inf is outside the range of representable values of type 'int'}} case (int)(__fp16)65536: // expected-error {{constant expression}} expected-note {{value +Inf is outside the range of representable values of type 'int'}}
break; break;
} }
} }
constexpr int int_min = ~0x7fffffff; constexpr int int_min = ~0x7fffffff;
constexpr int minus_int_min = -int_min; // expected-error {{constant expression}} expected-note {{value 2147483648 is outside the range}} constexpr int minus_int_min = -int_min; // expected-error {{constant expression}} expected-note {{value 2147483648 is outside the range}}
constexpr int minus_int_min_from_shift = -(1<<31); // expected-error {{constant expression}} expected-note {{value 2147483648 is outside the range}}
constexpr int div0 = 3 / 0; // expected-error {{constant expression}} expected-note {{division by zero}} constexpr int div0 = 3 / 0; // expected-error {{constant expression}} expected-note {{division by zero}}
constexpr int mod0 = 3 % 0; // expected-error {{constant expression}} expected-note {{division by zero}} constexpr int mod0 = 3 % 0; // expected-error {{constant expression}} expected-note {{division by zero}}
constexpr int int_min_div_minus_1 = int_min / -1; // expected-error {{constant expression}} expected-note {{value 2147483648 is outside the range}} constexpr int int_min_div_minus_1 = int_min / -1; // expected-error {{constant expression}} expected-note {{value 2147483648 is outside the range}}
constexpr int int_min_mod_minus_1 = int_min % -1; // expected-error {{constant expression}} expected-note {{value 2147483648 is outside the range}} constexpr int int_min_mod_minus_1 = int_min % -1; // expected-error {{constant expression}} expected-note {{value 2147483648 is outside the range}}
constexpr int shl_m1 = 0 << -1; // expected-error {{constant expression}} expected-note {{negative shift count -1}} constexpr int shl_m1 = 0 << -1; // expected-error {{constant expression}} expected-note {{negative shift count -1}}
constexpr int shl_0 = 0 << 0; // ok constexpr int shl_0 = 0 << 0; // ok
constexpr int shl_31 = 0 << 31; // ok constexpr int shl_31 = 0 << 31; // ok
▲ Show 20 LinesShow All 507 LinesShow Last 20 Lines

clang/test/SemaCXX/integer-overflow.cpp

Show First 20 LinesShow All 202 Lines▼ Show 20 Lines namespace VirtualCallWithVbase {
}; };
int d; int d;
bool e(C c) { bool e(C c) {
if (c.f(&d, d)) {} if (c.f(&d, d)) {}
return true; return true;
} }
} }
} }
namespace GH31643 {
void f() {
int a = -(1<<31); // expected-warning {{overflow in expression; result is -2147483648 with type 'int'}}
}
}

clang/unittests/Support/TimeProfilerTest.cpp

Show First 20 LinesShow All 173 Lines▼ Show 20 Linesconstexpr int slow_init_list[] = {1, 1, 2, 3, 5, 8, 13, 21}; // 25th line
setupProfiler(); setupProfiler();
ASSERT_TRUE(compileFromString(Code, "-std=c++20", "test.cc")); ASSERT_TRUE(compileFromString(Code, "-std=c++20", "test.cc"));
std::string Json = teardownProfiler(); std::string Json = teardownProfiler();
std::string TraceGraph = buildTraceGraph(Json); std::string TraceGraph = buildTraceGraph(Json);
ASSERT_TRUE(TraceGraph == R"( ASSERT_TRUE(TraceGraph == R"(
Frontend Frontend
| EvaluateAsRValue (<test.cc:8:21>) | EvaluateAsRValue (<test.cc:8:21>)
| EvaluateForOverflow (<test.cc:8:21, col:25>) | EvaluateForOverflow (<test.cc:8:21, col:25>)
| EvaluateForOverflow (<test.cc:8:30, col:32>)
| EvaluateAsRValue (<test.cc:9:14>) | EvaluateAsRValue (<test.cc:9:14>)
| EvaluateForOverflow (<test.cc:9:9, col:14>) | EvaluateForOverflow (<test.cc:9:9, col:14>)
| isPotentialConstantExpr (slow_namespace::slow_func) | isPotentialConstantExpr (slow_namespace::slow_func)
| EvaluateAsBooleanCondition (<test.cc:8:21, col:25>) | EvaluateAsBooleanCondition (<test.cc:8:21, col:25>)
| | EvaluateAsRValue (<test.cc:8:21, col:25>) | | EvaluateAsRValue (<test.cc:8:21, col:25>)
| EvaluateAsBooleanCondition (<test.cc:8:21, col:25>) | EvaluateAsBooleanCondition (<test.cc:8:21, col:25>)
| | EvaluateAsRValue (<test.cc:8:21, col:25>) | | EvaluateAsRValue (<test.cc:8:21, col:25>)
| EvaluateAsInitializer (slow_value) | EvaluateAsInitializer (slow_value)
Show All 32 Lines