This is an archive of the discontinued LLVM Phabricator instance.

Differential D29469

Fix PR31843: Clang-4.0 crashes/assert while evaluating __builtin_object_size
ClosedPublic

Authored by george.burgess.iv on Feb 2 2017, 12:33 PM.

Details

Reviewers
nlopes
rsmith
Commits
rGde06b1bf9d4a: Merging r294800: --------------------------------------------------------------…
rGf9013bf8f0ec: Don't let EvaluationModes dictate whether an invalid base is OK
rC294800: Don't let EvaluationModes dictate whether an invalid base is OK
rL295087: Merging r294800:
rL294800: Don't let EvaluationModes dictate whether an invalid base is OK
Summary

We're currently using a special EvaluationMode to determine whether
we're OK with invalid base expressions during objectsize evaluation.
Using it to figure out how we handle UB/etc. is fine, but I think it's
too far-reaching to use for checking whether we're OK with an invalid
base expression. This is because an EvaluationMode applies by default to
all subexpressions of the expression we're evaluating, which causes
issues like in https://llvm.org/bugs/show_bug.cgi?id=31843 .

What I think we actually want to do is allow this relaxed behavior only
for "top-level" member/pointer expressions. In other words, we should
only allow it when we're evaluating the top-level pointers/lvalues
involved in an expression. As soon as we need to evaluate something else
(an int, ...), we should drop these relaxed rules and go back to
stricter evaluation. For example, in:

foo(whatever->a ? b() : 1)->bar->baz.quux

We don't care if whatever->a is evaluated using these relaxed rules,
since the only invalid base that's actually useful to the objectsize
evaluator is foo(...)->bar.

...As a lower level issue, one idea I had to make this less awkward was
to just define EvaluatePointer(const Expr *, LValue&, EvalInfo&) as a
method on LValueExprEvaluator/PointerExprEvaluator that called
::EvaluatePointer with the right fourth arg, but that seemed a bit too
subtle to me. Happy to swap to it if you think it's better.

Finally, if we make this change, ISTM we can just replace OffsetFold
with ConstantFold. I'd rather to that in another patch, since whatever
we choose to do here gets put into 4.0.

With all of that said, if we want the minimal fix for PR31843, it's
adding an InvalidBase check or two to Evaluate. My concern with that
approach is that we'd just end up playing whack-a-bug. It's possible
that this fix puts us in a similar situation, but I'm honestly at a loss
for a better approach. ¯\_(ツ)_/¯ (...And I'd kinda prefer to play
whack-a-bug with "clang could do a better job in this case" reports,
rather than "clang crashes on my code" reports.)

Diff Detail

Repository
rL LLVM

Event Timeline

george.burgess.iv created this revision.Feb 2 2017, 12:33 PM
mehdi_amini added a comment.Feb 2 2017, 4:26 PM

My concern with that approach is that we'd just end up playing whack-a-bug. It's possible that this fix puts us in a similar situation, but I'm honestly at a loss for a better approach. ¯\_(ツ)_/¯ (...And I'd kinda prefer to play whack-a-bug with "clang could do a better job in this case" reports, rather than "clang crashes on my code" reports.)

Agree, thanks :)

This patch LGTM but I have little confidence in myself in this area of the compiler, so I rather have someone else stamping it!

mehdi_amini added a comment.Feb 8 2017, 1:15 AM

Ping? This is hitting 4.0

george.burgess.iv added a comment.Feb 10 2017, 10:21 AM

End of week ping :)

dexonsmith added a reviewer: nlopes.Feb 10 2017, 1:02 PM
dexonsmith added a subscriber: dexonsmith.

+Nuno, who worked on objectsize in the past.

rsmith accepted this revision.Feb 10 2017, 2:36 PM

LGTM, I think this is also OK for Clang 4 if Hans is willing to take it.

lib/AST/ExprConstant.cpp
607–612 ↗(On Diff #86870)

[nit] "We", "We", "Then" should not be capitalized, and please remove blank line prior to "Then we [...]"

This revision is now accepted and ready to land.Feb 10 2017, 2:36 PM
george.burgess.iv marked an inline comment as done.Feb 10 2017, 3:03 PM

Thanks!

Closed by commit rL294800: Don't let EvaluationModes dictate whether an invalid base is OK (authored by gbiv). · Explain WhyFeb 10 2017, 3:04 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
cfe/
trunk/
lib/
AST/
94 lines
test/
CodeGen/
19 lines
Sema/
15 lines

Diff 88061

cfe/trunk/lib/AST/ExprConstant.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 610 Lines▼ Show 20 Lines enum EvaluationMode {
/// construct that we can't evaluate yet (because we don't yet know the /// construct that we can't evaluate yet (because we don't yet know the
/// value of something) but stop if we hit something that could never be /// value of something) but stop if we hit something that could never be
/// a constant expression. Some expressions can be retried in the /// a constant expression. Some expressions can be retried in the
/// optimizer if we don't constant fold them here, but in an unevaluated /// optimizer if we don't constant fold them here, but in an unevaluated
/// context we try to fold them immediately since the optimizer never /// context we try to fold them immediately since the optimizer never
/// gets a chance to look at it. /// gets a chance to look at it.
EM_PotentialConstantExpressionUnevaluated, EM_PotentialConstantExpressionUnevaluated,
/// Evaluate as a constant expression. Continue evaluating if either: /// Evaluate as a constant expression. In certain scenarios, if:
/// - We find a MemberExpr with a base that can't be evaluated. /// - we find a MemberExpr with a base that can't be evaluated, or
/// - We find a variable initialized with a call to a function that has /// - we find a variable initialized with a call to a function that has
/// the alloc_size attribute on it. /// the alloc_size attribute on it
/// then we may consider evaluation to have succeeded.
///
/// In either case, the LValue returned shall have an invalid base; in the /// In either case, the LValue returned shall have an invalid base; in the
/// former, the base will be the invalid MemberExpr, in the latter, the /// former, the base will be the invalid MemberExpr, in the latter, the
/// base will be either the alloc_size CallExpr or a CastExpr wrapping /// base will be either the alloc_size CallExpr or a CastExpr wrapping
/// said CallExpr. /// said CallExpr.
EM_OffsetFold, EM_OffsetFold,
} EvalMode; } EvalMode;
/// Are we checking whether the expression is a potential constant /// Are we checking whether the expression is a potential constant
▲ Show 20 LinesShow All 266 Lines▼ Show 20 Lines LLVM_NODISCARD bool noteFailure() {
// subexpression implies that a side-effect has potentially happened. We // subexpression implies that a side-effect has potentially happened. We
// skip setting the HasSideEffects flag to true until we decide to // skip setting the HasSideEffects flag to true until we decide to
// continue evaluating after that point, which happens here. // continue evaluating after that point, which happens here.
bool KeepGoing = keepEvaluatingAfterFailure(); bool KeepGoing = keepEvaluatingAfterFailure();
EvalStatus.HasSideEffects |= KeepGoing; EvalStatus.HasSideEffects |= KeepGoing;
return KeepGoing; return KeepGoing;
} }
bool allowInvalidBaseExpr() const {
return EvalMode == EM_OffsetFold;
}
class ArrayInitLoopIndex { class ArrayInitLoopIndex {
EvalInfo &Info; EvalInfo &Info;
uint64_t OuterIndex; uint64_t OuterIndex;
public: public:
ArrayInitLoopIndex(EvalInfo &Info) ArrayInitLoopIndex(EvalInfo &Info)
: Info(Info), OuterIndex(Info.ArrayInitIndex) { : Info(Info), OuterIndex(Info.ArrayInitIndex) {
Info.ArrayInitIndex = 0; Info.ArrayInitIndex = 0;
▲ Show 20 LinesShow All 494 Lines▼ Show 20 Lines static bool operator==(const MemberPtr &LHS, const MemberPtr &RHS) {
return LHS.Path == RHS.Path; return LHS.Path == RHS.Path;
} }
} }
static bool Evaluate(APValue &Result, EvalInfo &Info, const Expr *E); static bool Evaluate(APValue &Result, EvalInfo &Info, const Expr *E);
static bool EvaluateInPlace(APValue &Result, EvalInfo &Info, static bool EvaluateInPlace(APValue &Result, EvalInfo &Info,
const LValue &This, const Expr *E, const LValue &This, const Expr *E,
bool AllowNonLiteralTypes = false); bool AllowNonLiteralTypes = false);
static bool EvaluateLValue(const Expr *E, LValue &Result, EvalInfo &Info); static bool EvaluateLValue(const Expr *E, LValue &Result, EvalInfo &Info,
static bool EvaluatePointer(const Expr *E, LValue &Result, EvalInfo &Info); bool InvalidBaseOK = false);
static bool EvaluatePointer(const Expr *E, LValue &Result, EvalInfo &Info,
bool InvalidBaseOK = false);
static bool EvaluateMemberPointer(const Expr *E, MemberPtr &Result, static bool EvaluateMemberPointer(const Expr *E, MemberPtr &Result,
EvalInfo &Info); EvalInfo &Info);
static bool EvaluateTemporary(const Expr *E, LValue &Result, EvalInfo &Info); static bool EvaluateTemporary(const Expr *E, LValue &Result, EvalInfo &Info);
static bool EvaluateInteger(const Expr *E, APSInt &Result, EvalInfo &Info); static bool EvaluateInteger(const Expr *E, APSInt &Result, EvalInfo &Info);
static bool EvaluateIntegerOrLValue(const Expr *E, APValue &Result, static bool EvaluateIntegerOrLValue(const Expr *E, APValue &Result,
EvalInfo &Info); EvalInfo &Info);
static bool EvaluateFloat(const Expr *E, APFloat &Result, EvalInfo &Info); static bool EvaluateFloat(const Expr *E, APFloat &Result, EvalInfo &Info);
static bool EvaluateComplex(const Expr *E, ComplexValue &Res, EvalInfo &Info); static bool EvaluateComplex(const Expr *E, ComplexValue &Res, EvalInfo &Info);
▲ Show 20 LinesShow All 3,401 Lines▼ Show 20 Lines
// Common base class for lvalue and temporary evaluation. // Common base class for lvalue and temporary evaluation.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
namespace { namespace {
template<class Derived> template<class Derived>
class LValueExprEvaluatorBase class LValueExprEvaluatorBase
: public ExprEvaluatorBase<Derived> { : public ExprEvaluatorBase<Derived> {
protected: protected:
LValue &Result; LValue &Result;
bool InvalidBaseOK;
typedef LValueExprEvaluatorBase LValueExprEvaluatorBaseTy; typedef LValueExprEvaluatorBase LValueExprEvaluatorBaseTy;
typedef ExprEvaluatorBase<Derived> ExprEvaluatorBaseTy; typedef ExprEvaluatorBase<Derived> ExprEvaluatorBaseTy;
bool Success(APValue::LValueBase B) { bool Success(APValue::LValueBase B) {
Result.set(B); Result.set(B);
return true; return true;
} }
bool evaluatePointer(const Expr *E, LValue &Result) {
return EvaluatePointer(E, Result, this->Info, InvalidBaseOK);
}
public: public:
LValueExprEvaluatorBase(EvalInfo &Info, LValue &Result) : LValueExprEvaluatorBase(EvalInfo &Info, LValue &Result, bool InvalidBaseOK)
ExprEvaluatorBaseTy(Info), Result(Result) {} : ExprEvaluatorBaseTy(Info), Result(Result),
InvalidBaseOK(InvalidBaseOK) {}
bool Success(const APValue &V, const Expr *E) { bool Success(const APValue &V, const Expr *E) {
Result.setFrom(this->Info.Ctx, V); Result.setFrom(this->Info.Ctx, V);
return true; return true;
} }
bool VisitMemberExpr(const MemberExpr *E) { bool VisitMemberExpr(const MemberExpr *E) {
// Handle non-static data members. // Handle non-static data members.
QualType BaseTy; QualType BaseTy;
bool EvalOK; bool EvalOK;
if (E->isArrow()) { if (E->isArrow()) {
EvalOK = EvaluatePointer(E->getBase(), Result, this->Info); EvalOK = evaluatePointer(E->getBase(), Result);
BaseTy = E->getBase()->getType()->castAs<PointerType>()->getPointeeType(); BaseTy = E->getBase()->getType()->castAs<PointerType>()->getPointeeType();
} else if (E->getBase()->isRValue()) { } else if (E->getBase()->isRValue()) {
assert(E->getBase()->getType()->isRecordType()); assert(E->getBase()->getType()->isRecordType());
EvalOK = EvaluateTemporary(E->getBase(), Result, this->Info); EvalOK = EvaluateTemporary(E->getBase(), Result, this->Info);
BaseTy = E->getBase()->getType(); BaseTy = E->getBase()->getType();
} else { } else {
EvalOK = this->Visit(E->getBase()); EvalOK = this->Visit(E->getBase());
BaseTy = E->getBase()->getType(); BaseTy = E->getBase()->getType();
} }
if (!EvalOK) { if (!EvalOK) {
if (!this->Info.allowInvalidBaseExpr()) if (!InvalidBaseOK)
return false; return false;
Result.setInvalid(E); Result.setInvalid(E);
return true; return true;
} }
const ValueDecl *MD = E->getMemberDecl(); const ValueDecl *MD = E->getMemberDecl();
if (const FieldDecl *FD = dyn_cast<FieldDecl>(E->getMemberDecl())) { if (const FieldDecl *FD = dyn_cast<FieldDecl>(E->getMemberDecl())) {
assert(BaseTy->getAs<RecordType>()->getDecl()->getCanonicalDecl() == assert(BaseTy->getAs<RecordType>()->getDecl()->getCanonicalDecl() ==
▲ Show 20 LinesShow All 77 Lines▼ Show 20 Lines
// * A MaterializeTemporaryExpr that has static storage duration, with no // * A MaterializeTemporaryExpr that has static storage duration, with no
// CallIndex, for a lifetime-extended temporary. // CallIndex, for a lifetime-extended temporary.
// plus an offset in bytes. // plus an offset in bytes.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
namespace { namespace {
class LValueExprEvaluator class LValueExprEvaluator
: public LValueExprEvaluatorBase<LValueExprEvaluator> { : public LValueExprEvaluatorBase<LValueExprEvaluator> {
public: public:
LValueExprEvaluator(EvalInfo &Info, LValue &Result) : LValueExprEvaluator(EvalInfo &Info, LValue &Result, bool InvalidBaseOK) :
LValueExprEvaluatorBaseTy(Info, Result) {} LValueExprEvaluatorBaseTy(Info, Result, InvalidBaseOK) {}
bool VisitVarDecl(const Expr *E, const VarDecl *VD); bool VisitVarDecl(const Expr *E, const VarDecl *VD);
bool VisitUnaryPreIncDec(const UnaryOperator *UO); bool VisitUnaryPreIncDec(const UnaryOperator *UO);
bool VisitDeclRefExpr(const DeclRefExpr *E); bool VisitDeclRefExpr(const DeclRefExpr *E);
bool VisitPredefinedExpr(const PredefinedExpr *E) { return Success(E); } bool VisitPredefinedExpr(const PredefinedExpr *E) { return Success(E); }
bool VisitMaterializeTemporaryExpr(const MaterializeTemporaryExpr *E); bool VisitMaterializeTemporaryExpr(const MaterializeTemporaryExpr *E);
bool VisitCompoundLiteralExpr(const CompoundLiteralExpr *E); bool VisitCompoundLiteralExpr(const CompoundLiteralExpr *E);
Show All 36 Lines
}; };
} // end anonymous namespace } // end anonymous namespace
/// Evaluate an expression as an lvalue. This can be legitimately called on /// Evaluate an expression as an lvalue. This can be legitimately called on
/// expressions which are not glvalues, in three cases: /// expressions which are not glvalues, in three cases:
/// * function designators in C, and /// * function designators in C, and
/// * "extern void" objects /// * "extern void" objects
/// * @selector() expressions in Objective-C /// * @selector() expressions in Objective-C
static bool EvaluateLValue(const Expr *E, LValue &Result, EvalInfo &Info) { static bool EvaluateLValue(const Expr *E, LValue &Result, EvalInfo &Info,
bool InvalidBaseOK) {
assert(E->isGLValue() || E->getType()->isFunctionType() || assert(E->isGLValue() || E->getType()->isFunctionType() ||
E->getType()->isVoidType() || isa<ObjCSelectorExpr>(E)); E->getType()->isVoidType() || isa<ObjCSelectorExpr>(E));
return LValueExprEvaluator(Info, Result).Visit(E); return LValueExprEvaluator(Info, Result, InvalidBaseOK).Visit(E);
} }
bool LValueExprEvaluator::VisitDeclRefExpr(const DeclRefExpr *E) { bool LValueExprEvaluator::VisitDeclRefExpr(const DeclRefExpr *E) {
if (const FunctionDecl *FD = dyn_cast<FunctionDecl>(E->getDecl())) if (const FunctionDecl *FD = dyn_cast<FunctionDecl>(E->getDecl()))
return Success(FD); return Success(FD);
if (const VarDecl *VD = dyn_cast<VarDecl>(E->getDecl())) if (const VarDecl *VD = dyn_cast<VarDecl>(E->getDecl()))
return VisitVarDecl(E, VD); return VisitVarDecl(E, VD);
if (const BindingDecl *BD = dyn_cast<BindingDecl>(E->getDecl())) if (const BindingDecl *BD = dyn_cast<BindingDecl>(E->getDecl()))
▲ Show 20 LinesShow All 144 Lines▼ Show 20 Linesbool LValueExprEvaluator::VisitMemberExpr(const MemberExpr *E) {
return LValueExprEvaluatorBaseTy::VisitMemberExpr(E); return LValueExprEvaluatorBaseTy::VisitMemberExpr(E);
} }
bool LValueExprEvaluator::VisitArraySubscriptExpr(const ArraySubscriptExpr *E) { bool LValueExprEvaluator::VisitArraySubscriptExpr(const ArraySubscriptExpr *E) {
// FIXME: Deal with vectors as array subscript bases. // FIXME: Deal with vectors as array subscript bases.
if (E->getBase()->getType()->isVectorType()) if (E->getBase()->getType()->isVectorType())
return Error(E); return Error(E);
if (!EvaluatePointer(E->getBase(), Result, Info)) if (!evaluatePointer(E->getBase(), Result))
return false; return false;
APSInt Index; APSInt Index;
if (!EvaluateInteger(E->getIdx(), Index, Info)) if (!EvaluateInteger(E->getIdx(), Index, Info))
return false; return false;
return HandleLValueArrayAdjustment(Info, E, Result, E->getType(), Index); return HandleLValueArrayAdjustment(Info, E, Result, E->getType(), Index);
} }
bool LValueExprEvaluator::VisitUnaryDeref(const UnaryOperator *E) { bool LValueExprEvaluator::VisitUnaryDeref(const UnaryOperator *E) {
return EvaluatePointer(E->getSubExpr(), Result, Info); return evaluatePointer(E->getSubExpr(), Result);
} }
bool LValueExprEvaluator::VisitUnaryReal(const UnaryOperator *E) { bool LValueExprEvaluator::VisitUnaryReal(const UnaryOperator *E) {
if (!Visit(E->getSubExpr())) if (!Visit(E->getSubExpr()))
return false; return false;
// __real is a no-op on scalar lvalues. // __real is a no-op on scalar lvalues.
if (E->getSubExpr()->getType()->isAnyComplexType()) if (E->getSubExpr()->getType()->isAnyComplexType())
HandleLValueComplexElement(Info, E, Result, E->getType(), false); HandleLValueComplexElement(Info, E, Result, E->getType(), false);
▲ Show 20 LinesShow All 131 Lines▼ Show 20 Lines
} }
/// \brief Attempts to evaluate the given LValueBase as the result of a call to /// \brief Attempts to evaluate the given LValueBase as the result of a call to
/// a function with the alloc_size attribute. If it was possible to do so, this /// a function with the alloc_size attribute. If it was possible to do so, this
/// function will return true, make Result's Base point to said function call, /// function will return true, make Result's Base point to said function call,
/// and mark Result's Base as invalid. /// and mark Result's Base as invalid.
static bool evaluateLValueAsAllocSize(EvalInfo &Info, APValue::LValueBase Base, static bool evaluateLValueAsAllocSize(EvalInfo &Info, APValue::LValueBase Base,
LValue &Result) { LValue &Result) {
if (!Info.allowInvalidBaseExpr() || Base.isNull()) if (Base.isNull())
return false; return false;
// Because we do no form of static analysis, we only support const variables. // Because we do no form of static analysis, we only support const variables.
// //
// Additionally, we can't support parameters, nor can we support static // Additionally, we can't support parameters, nor can we support static
// variables (in the latter case, use-before-assign isn't UB; in the former, // variables (in the latter case, use-before-assign isn't UB; in the former,
// we have no clue what they'll be assigned to). // we have no clue what they'll be assigned to).
const auto *VD = const auto *VD =
Show All 17 Linesstatic bool evaluateLValueAsAllocSize(EvalInfo &Info, APValue::LValueBase Base,
Result.addUnsizedArray(Info, Pointee); Result.addUnsizedArray(Info, Pointee);
return true; return true;
} }
namespace { namespace {
class PointerExprEvaluator class PointerExprEvaluator
: public ExprEvaluatorBase<PointerExprEvaluator> { : public ExprEvaluatorBase<PointerExprEvaluator> {
LValue &Result; LValue &Result;
bool InvalidBaseOK;
bool Success(const Expr *E) { bool Success(const Expr *E) {
Result.set(E); Result.set(E);
return true; return true;
} }
bool evaluateLValue(const Expr *E, LValue &Result) {
return EvaluateLValue(E, Result, Info, InvalidBaseOK);
}
bool evaluatePointer(const Expr *E, LValue &Result) {
return EvaluatePointer(E, Result, Info, InvalidBaseOK);
}
bool visitNonBuiltinCallExpr(const CallExpr *E); bool visitNonBuiltinCallExpr(const CallExpr *E);
public: public:
PointerExprEvaluator(EvalInfo &info, LValue &Result) PointerExprEvaluator(EvalInfo &info, LValue &Result, bool InvalidBaseOK)
: ExprEvaluatorBaseTy(info), Result(Result) {} : ExprEvaluatorBaseTy(info), Result(Result),
InvalidBaseOK(InvalidBaseOK) {}
bool Success(const APValue &V, const Expr *E) { bool Success(const APValue &V, const Expr *E) {
Result.setFrom(Info.Ctx, V); Result.setFrom(Info.Ctx, V);
return true; return true;
} }
bool ZeroInitialization(const Expr *E) { bool ZeroInitialization(const Expr *E) {
auto Offset = Info.Ctx.getTargetNullPointerValue(E->getType()); auto Offset = Info.Ctx.getTargetNullPointerValue(E->getType());
Result.set((Expr*)nullptr, 0, false, true, Offset); Result.set((Expr*)nullptr, 0, false, true, Offset);
Show All 30 Lines bool VisitCXXThisExpr(const CXXThisExpr *E) {
Result = *Info.CurrentCall->This; Result = *Info.CurrentCall->This;
return true; return true;
} }
// FIXME: Missing: @protocol, @selector // FIXME: Missing: @protocol, @selector
}; };
} // end anonymous namespace } // end anonymous namespace
static bool EvaluatePointer(const Expr* E, LValue& Result, EvalInfo &Info) { static bool EvaluatePointer(const Expr* E, LValue& Result, EvalInfo &Info,
bool InvalidBaseOK) {
assert(E->isRValue() && E->getType()->hasPointerRepresentation()); assert(E->isRValue() && E->getType()->hasPointerRepresentation());
return PointerExprEvaluator(Info, Result).Visit(E); return PointerExprEvaluator(Info, Result, InvalidBaseOK).Visit(E);
} }
bool PointerExprEvaluator::VisitBinaryOperator(const BinaryOperator *E) { bool PointerExprEvaluator::VisitBinaryOperator(const BinaryOperator *E) {
if (E->getOpcode() != BO_Add && if (E->getOpcode() != BO_Add &&
E->getOpcode() != BO_Sub) E->getOpcode() != BO_Sub)
return ExprEvaluatorBaseTy::VisitBinaryOperator(E); return ExprEvaluatorBaseTy::VisitBinaryOperator(E);
const Expr *PExp = E->getLHS(); const Expr *PExp = E->getLHS();
const Expr *IExp = E->getRHS(); const Expr *IExp = E->getRHS();
if (IExp->getType()->isPointerType()) if (IExp->getType()->isPointerType())
std::swap(PExp, IExp); std::swap(PExp, IExp);
bool EvalPtrOK = EvaluatePointer(PExp, Result, Info); bool EvalPtrOK = evaluatePointer(PExp, Result);
if (!EvalPtrOK && !Info.noteFailure()) if (!EvalPtrOK && !Info.noteFailure())
return false; return false;
llvm::APSInt Offset; llvm::APSInt Offset;
if (!EvaluateInteger(IExp, Offset, Info) || !EvalPtrOK) if (!EvaluateInteger(IExp, Offset, Info) || !EvalPtrOK)
return false; return false;
if (E->getOpcode() == BO_Sub) if (E->getOpcode() == BO_Sub)
negateAsSigned(Offset); negateAsSigned(Offset);
QualType Pointee = PExp->getType()->castAs<PointerType>()->getPointeeType(); QualType Pointee = PExp->getType()->castAs<PointerType>()->getPointeeType();
return HandleLValueArrayAdjustment(Info, E, Result, Pointee, Offset); return HandleLValueArrayAdjustment(Info, E, Result, Pointee, Offset);
} }
bool PointerExprEvaluator::VisitUnaryAddrOf(const UnaryOperator *E) { bool PointerExprEvaluator::VisitUnaryAddrOf(const UnaryOperator *E) {
return EvaluateLValue(E->getSubExpr(), Result, Info); return evaluateLValue(E->getSubExpr(), Result);
} }
bool PointerExprEvaluator::VisitCastExpr(const CastExpr* E) { bool PointerExprEvaluator::VisitCastExpr(const CastExpr* E) {
const Expr* SubExpr = E->getSubExpr(); const Expr* SubExpr = E->getSubExpr();
switch (E->getCastKind()) { switch (E->getCastKind()) {
default: default:
break; break;
Show All 17 Lines if (!E->getType()->isVoidPointerType()) {
CCEDiag(E, diag::note_constexpr_invalid_cast) << 2; CCEDiag(E, diag::note_constexpr_invalid_cast) << 2;
} }
if (E->getCastKind() == CK_AddressSpaceConversion && Result.IsNullPtr) if (E->getCastKind() == CK_AddressSpaceConversion && Result.IsNullPtr)
ZeroInitialization(E); ZeroInitialization(E);
return true; return true;
case CK_DerivedToBase: case CK_DerivedToBase:
case CK_UncheckedDerivedToBase: case CK_UncheckedDerivedToBase:
if (!EvaluatePointer(E->getSubExpr(), Result, Info)) if (!evaluatePointer(E->getSubExpr(), Result))
return false; return false;
if (!Result.Base && Result.Offset.isZero()) if (!Result.Base && Result.Offset.isZero())
return true; return true;
// Now figure out the necessary offset to add to the base LV to get from // Now figure out the necessary offset to add to the base LV to get from
// the derived class to the base class. // the derived class to the base class.
return HandleLValueBasePath(Info, E, E->getSubExpr()->getType()-> return HandleLValueBasePath(Info, E, E->getSubExpr()->getType()->
castAs<PointerType>()->getPointeeType(), castAs<PointerType>()->getPointeeType(),
Show All 30 Lines case CK_IntegralToPointer: {
} else { } else {
// Cast is of an lvalue, no need to change value. // Cast is of an lvalue, no need to change value.
Result.setFrom(Info.Ctx, Value); Result.setFrom(Info.Ctx, Value);
return true; return true;
} }
} }
case CK_ArrayToPointerDecay: case CK_ArrayToPointerDecay:
if (SubExpr->isGLValue()) { if (SubExpr->isGLValue()) {
if (!EvaluateLValue(SubExpr, Result, Info)) if (!evaluateLValue(SubExpr, Result))
return false; return false;
} else { } else {
Result.set(SubExpr, Info.CurrentCall->Index); Result.set(SubExpr, Info.CurrentCall->Index);
if (!EvaluateInPlace(Info.CurrentCall->createTemporary(SubExpr, false), if (!EvaluateInPlace(Info.CurrentCall->createTemporary(SubExpr, false),
Info, Result, SubExpr)) Info, Result, SubExpr))
return false; return false;
} }
// The result is a pointer to the first element of the array. // The result is a pointer to the first element of the array.
if (const ConstantArrayType *CAT if (const ConstantArrayType *CAT
= Info.Ctx.getAsConstantArrayType(SubExpr->getType())) = Info.Ctx.getAsConstantArrayType(SubExpr->getType()))
Result.addArray(Info, E, CAT); Result.addArray(Info, E, CAT);
else else
Result.Designator.setInvalid(); Result.Designator.setInvalid();
return true; return true;
case CK_FunctionToPointerDecay: case CK_FunctionToPointerDecay:
return EvaluateLValue(SubExpr, Result, Info); return evaluateLValue(SubExpr, Result);
case CK_LValueToRValue: { case CK_LValueToRValue: {
LValue LVal; LValue LVal;
if (!EvaluateLValue(E->getSubExpr(), LVal, Info)) if (!evaluateLValue(E->getSubExpr(), LVal))
return false; return false;
APValue RVal; APValue RVal;
// Note, we use the subexpression's type in order to retain cv-qualifiers. // Note, we use the subexpression's type in order to retain cv-qualifiers.
if (!handleLValueToRValueConversion(Info, E, E->getSubExpr()->getType(), if (!handleLValueToRValueConversion(Info, E, E->getSubExpr()->getType(),
LVal, RVal)) LVal, RVal))
return evaluateLValueAsAllocSize(Info, LVal.Base, Result); return InvalidBaseOK &&
evaluateLValueAsAllocSize(Info, LVal.Base, Result);
return Success(RVal, E); return Success(RVal, E);
} }
} }
return ExprEvaluatorBaseTy::VisitCastExpr(E); return ExprEvaluatorBaseTy::VisitCastExpr(E);
} }
static CharUnits GetAlignOfType(EvalInfo &Info, QualType T) { static CharUnits GetAlignOfType(EvalInfo &Info, QualType T) {
Show All 28 Linesstatic CharUnits GetAlignOfExpr(EvalInfo &Info, const Expr *E) {
return GetAlignOfType(Info, E->getType()); return GetAlignOfType(Info, E->getType());
} }
// To be clear: this happily visits unsupported builtins. Better name welcomed. // To be clear: this happily visits unsupported builtins. Better name welcomed.
bool PointerExprEvaluator::visitNonBuiltinCallExpr(const CallExpr *E) { bool PointerExprEvaluator::visitNonBuiltinCallExpr(const CallExpr *E) {
if (ExprEvaluatorBaseTy::VisitCallExpr(E)) if (ExprEvaluatorBaseTy::VisitCallExpr(E))
return true; return true;
if (!(Info.allowInvalidBaseExpr() && getAllocSizeAttr(E))) if (!(InvalidBaseOK && getAllocSizeAttr(E)))
return false; return false;
Result.setInvalid(E); Result.setInvalid(E);
QualType PointeeTy = E->getType()->castAs<PointerType>()->getPointeeType(); QualType PointeeTy = E->getType()->castAs<PointerType>()->getPointeeType();
Result.addUnsizedArray(Info, PointeeTy); Result.addUnsizedArray(Info, PointeeTy);
return true; return true;
} }
bool PointerExprEvaluator::VisitCallExpr(const CallExpr *E) { bool PointerExprEvaluator::VisitCallExpr(const CallExpr *E) {
if (IsStringLiteralCall(E)) if (IsStringLiteralCall(E))
return Success(E); return Success(E);
if (unsigned BuiltinOp = E->getBuiltinCallee()) if (unsigned BuiltinOp = E->getBuiltinCallee())
return VisitBuiltinCallExpr(E, BuiltinOp); return VisitBuiltinCallExpr(E, BuiltinOp);
return visitNonBuiltinCallExpr(E); return visitNonBuiltinCallExpr(E);
} }
bool PointerExprEvaluator::VisitBuiltinCallExpr(const CallExpr *E, bool PointerExprEvaluator::VisitBuiltinCallExpr(const CallExpr *E,
unsigned BuiltinOp) { unsigned BuiltinOp) {
switch (BuiltinOp) { switch (BuiltinOp) {
case Builtin::BI__builtin_addressof: case Builtin::BI__builtin_addressof:
return EvaluateLValue(E->getArg(0), Result, Info); return evaluateLValue(E->getArg(0), Result);
case Builtin::BI__builtin_assume_aligned: { case Builtin::BI__builtin_assume_aligned: {
// We need to be very careful here because: if the pointer does not have the // We need to be very careful here because: if the pointer does not have the
// asserted alignment, then the behavior is undefined, and undefined // asserted alignment, then the behavior is undefined, and undefined
// behavior is non-constant. // behavior is non-constant.
if (!EvaluatePointer(E->getArg(0), Result, Info)) if (!evaluatePointer(E->getArg(0), Result))
return false; return false;
LValue OffsetResult(Result); LValue OffsetResult(Result);
APSInt Alignment; APSInt Alignment;
if (!EvaluateInteger(E->getArg(1), Alignment, Info)) if (!EvaluateInteger(E->getArg(1), Alignment, Info))
return false; return false;
CharUnits Align = CharUnits::fromQuantity(Alignment.getZExtValue()); CharUnits Align = CharUnits::fromQuantity(Alignment.getZExtValue());
▲ Show 20 LinesShow All 619 Lines▼ Show 20 Lines
// lvalues. The full-object of which the temporary is a subobject is implicitly // lvalues. The full-object of which the temporary is a subobject is implicitly
// materialized so that a reference can bind to it. // materialized so that a reference can bind to it.
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
namespace { namespace {
class TemporaryExprEvaluator class TemporaryExprEvaluator
: public LValueExprEvaluatorBase<TemporaryExprEvaluator> { : public LValueExprEvaluatorBase<TemporaryExprEvaluator> {
public: public:
TemporaryExprEvaluator(EvalInfo &Info, LValue &Result) : TemporaryExprEvaluator(EvalInfo &Info, LValue &Result) :
LValueExprEvaluatorBaseTy(Info, Result) {} LValueExprEvaluatorBaseTy(Info, Result, false) {}
/// Visit an expression which constructs the value of this temporary. /// Visit an expression which constructs the value of this temporary.
bool VisitConstructExpr(const Expr *E) { bool VisitConstructExpr(const Expr *E) {
Result.set(E, Info.CurrentCall->Index); Result.set(E, Info.CurrentCall->Index);
return EvaluateInPlace(Info.CurrentCall->createTemporary(E, false), return EvaluateInPlace(Info.CurrentCall->createTemporary(E, false),
Info, Result, E); Info, Result, E);
} }
▲ Show 20 LinesShow All 1,087 Lines▼ Show 20 Lines LValue LVal;
if (E->isGLValue()) { if (E->isGLValue()) {
// It's possible for us to be given GLValues if we're called via // It's possible for us to be given GLValues if we're called via
// Expr::tryEvaluateObjectSize. // Expr::tryEvaluateObjectSize.
APValue RVal; APValue RVal;
if (!EvaluateAsRValue(Info, E, RVal)) if (!EvaluateAsRValue(Info, E, RVal))
return false; return false;
LVal.setFrom(Info.Ctx, RVal); LVal.setFrom(Info.Ctx, RVal);
} else if (!EvaluatePointer(ignorePointerCastsAndParens(E), LVal, Info)) } else if (!EvaluatePointer(ignorePointerCastsAndParens(E), LVal, Info,
/*InvalidBaseOK=*/true))
return false; return false;
} }
// If we point to before the start of the object, there are no accessible // If we point to before the start of the object, there are no accessible
// bytes. // bytes.
if (LVal.getLValueOffset().isNegative()) { if (LVal.getLValueOffset().isNegative()) {
Size = 0; Size = 0;
return true; return true;
▲ Show 20 LinesShow All 3,177 LinesShow Last 20 Lines

cfe/trunk/test/CodeGen/object-size.c

Show First 20 LinesShow All 543 Lines▼ Show 20 Linesint incomplete_and_function_types() {
gi = __builtin_object_size(incomplete_char_array, 0); gi = __builtin_object_size(incomplete_char_array, 0);
// CHECK: call i64 @llvm.objectsize.i64.p0i8 // CHECK: call i64 @llvm.objectsize.i64.p0i8
gi = __builtin_object_size(incomplete_char_array, 1); gi = __builtin_object_size(incomplete_char_array, 1);
// CHECK: call i64 @llvm.objectsize.i64.p0i8 // CHECK: call i64 @llvm.objectsize.i64.p0i8
gi = __builtin_object_size(incomplete_char_array, 2); gi = __builtin_object_size(incomplete_char_array, 2);
// CHECK: store i32 0 // CHECK: store i32 0
gi = __builtin_object_size(incomplete_char_array, 3); gi = __builtin_object_size(incomplete_char_array, 3);
} }
// Flips between the pointer and lvalue evaluator a lot.
void deeply_nested() {
struct {
struct {
struct {
struct {
int e[2];
char f; // Inhibit our writing-off-the-end check
} d[2];
} c[2];
} b[2];
} *a;
// CHECK: store i32 4
gi = __builtin_object_size(&a->b[1].c[1].d[1].e[1], 1);
// CHECK: store i32 4
gi = __builtin_object_size(&a->b[1].c[1].d[1].e[1], 3);
}

cfe/trunk/test/Sema/builtin-object-size.c

Show First 20 LinesShow All 70 Lines▼ Show 20 Linesint pr28314(void) {
int a = 0; int a = 0;
a += __builtin_object_size(&p->a, 0); a += __builtin_object_size(&p->a, 0);
a += __builtin_object_size(p->b, 0); a += __builtin_object_size(p->b, 0);
a += __builtin_object_size(p2->b, 0); a += __builtin_object_size(p2->b, 0);
a += __builtin_object_size(p3->b, 0); a += __builtin_object_size(p3->b, 0);
return a; return a;
} }
int pr31843() {
int n = 0;
struct { int f; } a;
int b;
n += __builtin_object_size(({&(b ? &a : &a)->f; pr31843;}), 0); // expected-warning{{expression result unused}}
struct statfs { char f_mntonname[1024];};
struct statfs *outStatFSBuf;
n += __builtin_object_size(outStatFSBuf->f_mntonname ? "" : "", 1); // expected-warning{{address of array}}
n += __builtin_object_size(outStatFSBuf->f_mntonname ?: "", 1);
return n;
}