This is an archive of the discontinued LLVM Phabricator instance.

Please add a summary description to the patch, and be sure to include a reference to the github issue in the summary.
All functional changes (e.g., not typo fixes, fixes to comments, or other NFC changes) need test coverage that demonstrates the issue has been resolved.
All functional changes should have a release note in clang/docs/ReleaseNotes.rst

clang/lib/Sema/SemaDeclAttr.cpp
3764–3767	Did you look into fixing this within `checkFunctionOrMethodParameterIndex()` instead? That way, all callers of the API get the correct behavior instead of having to find individual attributes to check the logic (I believe there are other attributes with the same underlying problem).

erichkeane added inline comments.Mar 28 2023, 12:51 PM

clang/lib/Sema/SemaDeclAttr.cpp
3764–3767	I would also expect any such issue to diagnose. Also, isn't there an off-by-one error here in the case of variadic args?

tbaeder added a subscriber: tbaeder.Mar 29 2023, 3:47 AM

tbaeder added inline comments.

clang/lib/Sema/SemaDeclAttr.cpp
3764–3767	`handleFormatAttr()` has: if (Idx < 1 \|\| Idx > NumArgs) { S.Diag(AL.getLoc(), diag::err_attribute_argument_out_of_bounds) << AL << 2 << IdxExpr->getSourceRange(); return; } which is also what I'd expect to see here.

shafik added a subscriber: shafik.Mar 30 2023, 1:56 PM

shafik added inline comments.

clang/lib/Sema/SemaDeclAttr.cpp
3764–3767	I agree w/ @aaron.ballman here we should handle this in `checkFunctionOrMethodParameterIndex` it is used in many places and AFAICT they all have the same issue, none diagnose this case but paper it over. There is definitely a bigger clean-up here but we can do a targeted fix now and remove a crash bug and leave the larger fixing for a follow-up.

For the benefit of those who have not seen the bug report: https://github.com/llvm/llvm-project/issues/61635

Revision Contents

Path

Size

clang/

lib/

Sema/

SemaDeclAttr.cpp

3 lines

Diff 508950

clang/lib/Sema/SemaDeclAttr.cpp

This file is larger than 256 KB, so syntax highlighting is disabled by default.

Show First 20 Lines • Show All 3,755 Lines • ▼ Show 20 Lines	D->addAttr(::new (S.Context)
EnumExtensibilityAttr(S.Context, AL, ExtensibilityKind));		EnumExtensibilityAttr(S.Context, AL, ExtensibilityKind));
}		}

/// Handle __attribute__((format_arg((idx)))) attribute based on		/// Handle __attribute__((format_arg((idx)))) attribute based on
/// http://gcc.gnu.org/onlinedocs/gcc/Function-Attributes.html		/// http://gcc.gnu.org/onlinedocs/gcc/Function-Attributes.html
static void handleFormatArgAttr(Sema &S, Decl *D, const ParsedAttr &AL) {		static void handleFormatArgAttr(Sema &S, Decl *D, const ParsedAttr &AL) {
Expr *IdxExpr = AL.getArgAsExpr(0);		Expr *IdxExpr = AL.getArgAsExpr(0);
ParamIdx Idx;		ParamIdx Idx;
if (!checkFunctionOrMethodParameterIndex(S, D, AL, 1, IdxExpr, Idx))		if (!checkFunctionOrMethodParameterIndex(S, D, AL, 1, IdxExpr, Idx))
return;		return;
		if (Idx.getASTIndex() >= getFunctionOrMethodNumParams(D))
		return;
		aaron.ballmanUnsubmitted Not Done Reply Inline Actions Did you look into fixing this within `checkFunctionOrMethodParameterIndex()` instead? That way, all callers of the API get the correct behavior instead of having to find individual attributes to check the logic (I believe there are other attributes with the same underlying problem). aaron.ballman: Did you look into fixing this within `checkFunctionOrMethodParameterIndex()` instead? That way…
		erichkeaneUnsubmitted Not Done Reply Inline Actions I would also expect any such issue to diagnose. Also, isn't there an off-by-one error here in the case of variadic args? erichkeane: I would also expect any such issue to diagnose. Also, isn't there an off-by-one error here in…
		tbaederUnsubmitted Not Done Reply Inline Actions `handleFormatAttr()` has: if (Idx < 1 \|\| Idx > NumArgs) { S.Diag(AL.getLoc(), diag::err_attribute_argument_out_of_bounds) << AL << 2 << IdxExpr->getSourceRange(); return; } which is also what I'd expect to see here. tbaeder: `handleFormatAttr()` has: ``` if (Idx < 1 \|\| Idx > NumArgs) { S.Diag(AL.getLoc(), diag…
		shafikUnsubmitted Not Done Reply Inline Actions I agree w/ @aaron.ballman here we should handle this in `checkFunctionOrMethodParameterIndex` it is used in many places and AFAICT they all have the same issue, none diagnose this case but paper it over. There is definitely a bigger clean-up here but we can do a targeted fix now and remove a crash bug and leave the larger fixing for a follow-up. shafik: I agree w/ @aaron.ballman here we should handle this in `checkFunctionOrMethodParameterIndex`…
// Make sure the format string is really a string.		// Make sure the format string is really a string.
QualType Ty = getFunctionOrMethodParamType(D, Idx.getASTIndex());		QualType Ty = getFunctionOrMethodParamType(D, Idx.getASTIndex());

bool NotNSStringTy = !isNSStringType(Ty, S.Context);		bool NotNSStringTy = !isNSStringType(Ty, S.Context);
if (NotNSStringTy &&		if (NotNSStringTy &&
!isCFStringType(Ty, S.Context) &&		!isCFStringType(Ty, S.Context) &&
(!Ty->isPointerType() \|\|		(!Ty->isPointerType() \|\|
!Ty->castAs<PointerType>()->getPointeeType()->isCharType())) {		!Ty->castAs<PointerType>()->getPointeeType()->isCharType())) {
▲ Show 20 Lines • Show All 6,001 Lines • Show Last 20 Lines

This is an archive of the discontinued LLVM Phabricator instance.

[Clang][ICE] Corrected invalid invalid parameter index on some attributes with invalid indices applied to varargs functionsNeeds ReviewPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 508950

clang/lib/Sema/SemaDeclAttr.cpp

[Clang][ICE] Corrected invalid invalid parameter index on some attributes with invalid indices applied to varargs functions
Needs ReviewPublic