This is an archive of the discontinued LLVM Phabricator instance.

Differential D154675

[Clang] Fix crash when emitting diagnostic for out of order designated initializers in C++
ClosedPublic

Authored by shafik on Jul 6 2023, 7:05 PM.

Details

Reviewers
aaron.ballman
cor3ntin
Commits
rGc9ef33e1d8a8: [Clang] Fix crash when emitting diagnostic for out of order designated…
Summary

In C++ we are not allowed to use designated initializers to initialize fields out of order. In some cases when diagnosing this we are crashing because we are not indexing correctly and therefore going out of bounds.

This fixes: https://github.com/llvm/llvm-project/issues/63605

Diff Detail

Event Timeline

shafik created this revision.Jul 6 2023, 7:05 PM
Herald added a project: Restricted Project. · View Herald TranscriptJul 6 2023, 7:05 PM
shafik requested review of this revision.Jul 6 2023, 7:05 PM
shafik added inline comments.
clang/test/SemaCXX/cxx2a-initializer-aggregates.cpp
195

Note the e in the diagnostic in this line and the next line should be b. I have not managed to figure out how to fix this yet but this feels relatively minor compared to the crash.

Harbormaster completed remote builds in B243638: Diff 537954.Jul 6 2023, 9:05 PM
cor3ntin added a comment.Jul 6 2023, 10:59 PM

Thanks Shafik.

I have some concern about the diagnostics being wonky because, if the init and field don't match, it's hard to be sure we won't run into simar issues (although i agree this fixes the crash.)

Also, I'm not saying you should do this but... maybe this thing could be improved by a sort of field_iterator that skips over unnamed bitfield.

clang/lib/Sema/SemaInit.cpp
2839–2840

I think this is probably where it fails produce something sensible to diagnostics.
in the *NextField == RD->field_end() case we just go straight to the end.

In that case, we probably want to break when the previous element is the one under test, that way you might get to b.

clang/test/SemaCXX/cxx2a-initializer-aggregates.cpp
182

Should we add bases?

shafik updated this revision to Diff 538323.Jul 7 2023, 10:47 PM
shafik marked an inline comment as done.

-Add fix for wrong field in diagnostic

Harbormaster completed remote builds in B243904: Diff 538323.Jul 7 2023, 11:15 PM
shafik added a comment.Jul 8 2023, 10:27 AM

I can't really see any details on the libcxx failure :-(

shafik added inline comments.Jul 8 2023, 10:36 AM
clang/test/SemaCXX/cxx2a-initializer-aggregates.cpp
182

Good catch b/c of course bases would cause problems 🤣

shafik updated this revision to Diff 538456.Jul 9 2023, 3:16 PM
  • Stopped using NumBases when calculating OldIndex
  • Added bases classes to the test and added more test cases
shafik marked an inline comment as done.Jul 9 2023, 3:18 PM

Found a new issue https://github.com/llvm/llvm-project/issues/63759 but this feels different enough that I will deal with it separately.

clang/test/SemaCXX/cxx2a-initializer-aggregates.cpp
182

Problems due to bases now fixed as well.

195

This is now fixed

Harbormaster completed remote builds in B244002: Diff 538456.Jul 9 2023, 3:44 PM
shafik added a comment.Jul 9 2023, 5:54 PM

@aaron.ballman I can't figure out why the libcxx bot failed, can you understand why?

cor3ntin added a comment.Jul 9 2023, 11:51 PM

Thanks, this looks good! (the libc++ test seems completely unrelated, it happens before compilation starts).
Can you add re release note though? Thanks!

aaron.ballman added a comment.Jul 10 2023, 8:24 AM
In D154675#4484194, @cor3ntin wrote:

Thanks, this looks good! (the libc++ test seems completely unrelated, it happens before compilation starts).
Can you add re release note though? Thanks!

+1 to both of these sentences. :-)

clang/lib/Sema/SemaInit.cpp
2850

Should we be asserting that StructuredIndex is not 0? The logic in this function makes it tough to see, but the fact that we're in a block checking IsFirstDesignator makes me think this is dangerous.

clang/test/SemaCXX/cxx2a-initializer-aggregates.cpp
66

A few questions: 1) what is this new note attached to? The only reorder-* diagnostic I see in the test is for the initialization of x. 2) is the note actually on the correct previous use? I would have expected this to be on the assignment to y one line above.

shafik added inline comments.Jul 10 2023, 2:10 PM
clang/test/SemaCXX/cxx2a-initializer-aggregates.cpp
66

It is attached to :

.x = 1, // reorder-error {{declaration order}}

We were not issuing it before b/c it was broken, in this case it was just not crashing but it was still broken.

We could argue the note should go on the first .y although I could see both sides since the override is a warning and not an error I think using the second is defensible.

aaron.ballman accepted this revision.Jul 11 2023, 6:22 AM

LGTM but please land with a release note.

clang/test/SemaCXX/cxx2a-initializer-aggregates.cpp
66

Oh! I had a brain fart and thought this was about *re*initialization of y. I see what's going on now and yeah, this makes sense. I'm not worried about which y the note attaches to.

This revision is now accepted and ready to land.Jul 11 2023, 6:22 AM
shafik updated this revision to Diff 540587.Jul 14 2023, 3:49 PM
shafik marked 2 inline comments as done.
  • Add release notes.
This revision was landed with ongoing or failed builds.Jul 14 2023, 4:00 PM
Closed by commit rGc9ef33e1d8a8: [Clang] Fix crash when emitting diagnostic for out of order designated… (authored by shafik). · Explain Why
This revision was automatically updated to reflect the committed changes.
shafik added a commit: rGc9ef33e1d8a8: [Clang] Fix crash when emitting diagnostic for out of order designated….
Herald added a project: Restricted Project. · View Herald TranscriptJul 14 2023, 4:00 PM
Harbormaster completed remote builds in B245511: Diff 540587.Jul 14 2023, 7:38 PM

Revision Contents

PathSize
clang/
docs/
3 lines
lib/
Sema/
6 lines
test/
SemaCXX/
42 lines

Diff 540589

clang/docs/ReleaseNotes.rst

Show First 20 LinesShow All 689 Lines▼ Show 20 Lines- Fix access of a friend class declared in a local class. Clang previously
emitted an error when a friend of a local class tried to access it's emitted an error when a friend of a local class tried to access it's
private data members. private data members.
- Allow abstract parameter and return types in functions that are - Allow abstract parameter and return types in functions that are
either deleted or not defined. either deleted or not defined.
(`#63012 <https://github.com/llvm/llvm-project/issues/63012>`_) (`#63012 <https://github.com/llvm/llvm-project/issues/63012>`_)
- Fix handling of using-declarations in the init statements of for - Fix handling of using-declarations in the init statements of for
loop declarations. loop declarations.
(`#63627 <https://github.com/llvm/llvm-project/issues/63627>`_) (`#63627 <https://github.com/llvm/llvm-project/issues/63627>`_)
- Fix crash when emitting diagnostic for out of order designated initializers
in C++.
(`#63605 <https://github.com/llvm/llvm-project/issues/63605>`_)
Bug Fixes to AST Handling Bug Fixes to AST Handling
^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^
- Preserve ``namespace`` definitions that follow malformed declarations. - Preserve ``namespace`` definitions that follow malformed declarations.
Miscellaneous Bug Fixes Miscellaneous Bug Fixes
^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^
▲ Show 20 LinesShow All 213 LinesShow Last 20 Lines

clang/lib/Sema/SemaInit.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 2,830 Lines▼ Show 20 Lines if (IsFirstDesignator && !VerifyOnly && SemaRef.getLangOpts().CPlusPlus &&
NextField && NextField &&
(*NextField == RD->field_end() || (*NextField == RD->field_end() ||
(*NextField)->getFieldIndex() > Field->getFieldIndex() + 1)) { (*NextField)->getFieldIndex() > Field->getFieldIndex() + 1)) {
// Find the field that we just initialized. // Find the field that we just initialized.
FieldDecl *PrevField = nullptr; FieldDecl *PrevField = nullptr;
for (auto FI = RD->field_begin(); FI != RD->field_end(); ++FI) { for (auto FI = RD->field_begin(); FI != RD->field_end(); ++FI) {
if (FI->isUnnamedBitfield()) if (FI->isUnnamedBitfield())
continue; continue;
if (*NextField != RD->field_end() && if (*NextField != RD->field_end() &&
declaresSameEntity(*FI, **NextField)) declaresSameEntity(*FI, **NextField))
cor3ntinUnsubmitted
Done
ReplyInline Actions

I think this is probably where it fails produce something sensible to diagnostics.
in the *NextField == RD->field_end() case we just go straight to the end.

In that case, we probably want to break when the previous element is the one under test, that way you might get to b.

cor3ntin: I think this is probably where it fails produce something sensible to diagnostics. in the…
break; break;
PrevField = *FI; PrevField = *FI;
} }
if (PrevField && if (PrevField &&
PrevField->getFieldIndex() > KnownField->getFieldIndex()) { PrevField->getFieldIndex() > KnownField->getFieldIndex()) {
SemaRef.Diag(DIE->getBeginLoc(), diag::ext_designated_init_reordered) SemaRef.Diag(DIE->getBeginLoc(), diag::ext_designated_init_reordered)
<< KnownField << PrevField << DIE->getSourceRange(); << KnownField << PrevField << DIE->getSourceRange();
unsigned OldIndex = NumBases + PrevField->getFieldIndex(); unsigned OldIndex = StructuredIndex - 1;
aaron.ballmanUnsubmitted
Not Done
ReplyInline Actions

Should we be asserting that StructuredIndex is not 0? The logic in this function makes it tough to see, but the fact that we're in a block checking IsFirstDesignator makes me think this is dangerous.

aaron.ballman: Should we be asserting that `StructuredIndex` is not 0? The logic in this function makes it…
if (StructuredList && OldIndex <= StructuredList->getNumInits()) { if (StructuredList && OldIndex <= StructuredList->getNumInits()) {
if (Expr *PrevInit = StructuredList->getInit(OldIndex)) { if (Expr *PrevInit = StructuredList->getInit(OldIndex)) {
SemaRef.Diag(PrevInit->getBeginLoc(), SemaRef.Diag(PrevInit->getBeginLoc(),
diag::note_previous_field_init) diag::note_previous_field_init)
<< PrevField << PrevInit->getSourceRange(); << PrevField << PrevInit->getSourceRange();
} }
} }
} }
▲ Show 20 LinesShow All 87 Lines▼ Show 20 Lines if (D->isFieldDesignator()) {
// Find the position of the next field to be initialized in this // Find the position of the next field to be initialized in this
// subobject. // subobject.
++Field; ++Field;
++FieldIndex; ++FieldIndex;
// If this the first designator, our caller will continue checking // If this the first designator, our caller will continue checking
// the rest of this struct/class/union subobject. // the rest of this struct/class/union subobject.
if (IsFirstDesignator) { if (IsFirstDesignator) {
if (Field != RD->field_end() && Field->isUnnamedBitfield())
++Field;
if (NextField) if (NextField)
*NextField = Field; *NextField = Field;
StructuredIndex = FieldIndex; StructuredIndex = FieldIndex;
return false; return false;
} }
if (!FinishSubobjectInit) if (!FinishSubobjectInit)
return false; return false;
// We've already initialized something in the union; we're done. // We've already initialized something in the union; we're done.
▲ Show 20 LinesShow All 7,954 LinesShow Last 20 Lines

clang/test/SemaCXX/cxx2a-initializer-aggregates.cpp

Show First 20 LinesShow All 57 Lines▼ Show 20 Lines
B b3 = {.a = 1, 2}; // pedantic-error {{mixture of designated and non-designated}} pedantic-note {{first non-designated}} pedantic-error {{brace elision}} B b3 = {.a = 1, 2}; // pedantic-error {{mixture of designated and non-designated}} pedantic-note {{first non-designated}} pedantic-error {{brace elision}}
B b4 = {.a = 1, 2, 3}; // pedantic-error {{mixture of designated and non-designated}} pedantic-note {{first non-designated}} pedantic-error {{brace elision}} expected-error {{excess elements}} B b4 = {.a = 1, 2, 3}; // pedantic-error {{mixture of designated and non-designated}} pedantic-note {{first non-designated}} pedantic-error {{brace elision}} expected-error {{excess elements}}
B b5 = {.a = nullptr}; // expected-error {{cannot initialize}} B b5 = {.a = nullptr}; // expected-error {{cannot initialize}}
struct C { int :0, x, :0, y, :0; }; struct C { int :0, x, :0, y, :0; };
C c = { C c = {
.x = 1, // override-note {{previous}} .x = 1, // override-note {{previous}}
.x = 1, // override-error {{overrides prior initialization}} override-note {{previous}} .x = 1, // override-error {{overrides prior initialization}} override-note {{previous}}
.y = 1, // override-note {{previous}} .y = 1, // override-note {{previous}}
.y = 1, // override-error {{overrides prior initialization}} .y = 1, // override-error {{overrides prior initialization}} // reorder-note {{previous initialization for field 'y' is here}}
aaron.ballmanUnsubmitted
Done
ReplyInline Actions

A few questions: 1) what is this new note attached to? The only reorder-* diagnostic I see in the test is for the initialization of x. 2) is the note actually on the correct previous use? I would have expected this to be on the assignment to y one line above.

aaron.ballman: A few questions: 1) what is this new note attached to? The only `reorder-*` diagnostic I see in…
shafikAuthorUnsubmitted
Done
ReplyInline Actions

It is attached to :

.x = 1, // reorder-error {{declaration order}}

We were not issuing it before b/c it was broken, in this case it was just not crashing but it was still broken.

We could argue the note should go on the first .y although I could see both sides since the override is a warning and not an error I think using the second is defensible.

shafik: It is attached to : ``` .x = 1, // reorder-error {{declaration order}} ``` We were not…
aaron.ballmanUnsubmitted
Done
ReplyInline Actions

Oh! I had a brain fart and thought this was about *re*initialization of y. I see what's going on now and yeah, this makes sense. I'm not worried about which y the note attaches to.

aaron.ballman: Oh! I had a brain fart and thought this was about *re*initialization of `y`. I see what's going…
.x = 1, // reorder-error {{declaration order}} override-error {{overrides prior initialization}} override-note {{previous}} .x = 1, // reorder-error {{declaration order}} override-error {{overrides prior initialization}} override-note {{previous}}
.x = 1, // override-error {{overrides prior initialization}} .x = 1, // override-error {{overrides prior initialization}}
}; };
} }
namespace base_class { namespace base_class {
struct base { struct base {
int x; int x;
▲ Show 20 LinesShow All 97 Lines▼ Show 20 Linesnamespace no_unwrap {
void h(Q q); void h(Q q);
void h(S s); void h(S s);
// OK, does not instantiate X<void&> (!). // OK, does not instantiate X<void&> (!).
void i() { void i() {
h({.a = 1}); h({.a = 1});
} }
} }
namespace GH63605 {
struct A {
cor3ntinUnsubmitted
Done
ReplyInline Actions

Should we add bases?

cor3ntin: Should we add bases?
shafikAuthorUnsubmitted
Done
ReplyInline Actions

Good catch b/c of course bases would cause problems 🤣

shafik: Good catch b/c of course bases would cause problems 🤣
shafikAuthorUnsubmitted
Done
ReplyInline Actions

Problems due to bases now fixed as well.

shafik: Problems due to bases now fixed as well.
unsigned x;
unsigned y;
unsigned z;
};
struct B {
unsigned a;
unsigned b;
};
struct : public A, public B {
unsigned : 2;
unsigned a : 6;
shafikAuthorUnsubmitted
Done
ReplyInline Actions

Note the e in the diagnostic in this line and the next line should be b. I have not managed to figure out how to fix this yet but this feels relatively minor compared to the crash.

shafik: Note the `e` in the diagnostic in this line and the next line should be `b`. I have not managed…
shafikAuthorUnsubmitted
Done
ReplyInline Actions

This is now fixed

shafik: This is now fixed
unsigned : 1;
unsigned b : 6;
unsigned : 2;
unsigned c : 6;
unsigned d : 1;
unsigned e : 2;
} data = {
{.z=0,
// pedantic-note@-1 {{first non-designated initializer is here}}
// reorder-note@-2 {{previous initialization for field 'z' is here}}
.y=1, // reorder-error {{field 'z' will be initialized after field 'y'}}
// reorder-note@-1 {{previous initialization for field 'y' is here}}
.x=2}, // reorder-error {{field 'y' will be initialized after field 'x'}}
{.b=3, // reorder-note {{previous initialization for field 'b' is here}}
.a=4}, // reorder-error {{field 'b' will be initialized after field 'a'}}
.e = 1, // reorder-note {{previous initialization for field 'e' is here}}
// pedantic-error@-1 {{mixture of designated and non-designated initializers in the same initializer list is a C99 extension}}
.d = 1, // reorder-error {{field 'e' will be initialized after field 'd'}}
// reorder-note@-1 {{previous initialization for field 'd' is here}}
.c = 1, // reorder-error {{field 'd' will be initialized after field 'c'}} // reorder-note {{previous initialization for field 'c' is here}}
.b = 1, // reorder-error {{field 'c' will be initialized after field 'b'}} // reorder-note {{previous initialization for field 'b' is here}}
.a = 1, // reorder-error {{field 'b' will be initialized after field 'a'}}
};
}