This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
clang/
-
lib/AST/
-
AST/
-
Expr.cpp
-
test/SemaTemplate/
-
SemaTemplate/
-
enum-argument.cpp
-
value-dependent-bitfield-cond.cpp

Differential D72242

Fix crash on value dependent bitfields in if conditions in templates
ClosedPublic

Authored by eandrews on Jan 5 2020, 7:37 PM.

Download Raw Diff

Details

Reviewers

rnk
erichkeane
alexfh
• alexfh_
gribozavr2
rsmith

Commits

rGb6a9124bf4ce: Fix type-dependency of bitfields in templates
rG808f8a632f8b: Fix type-dependency of bitfields in templates
rGa58017e5cae5: Fix type-dependency of bitfields in templates

Summary

This patch is a follow up to D69950, to fix a new crash on CXX condition expressions in templates, when the condition is a bitfield with value-dependent width. Clang currently crashes when integral promotion is attempted on the condition. Name of bitfields with value-dependent width should be set as type-dependent. This patch adds the required value-dependency check and sets type-dependency accordingly.

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

eandrews created this revision.Jan 5 2020, 7:37 PM

I'm concerned about just making this fallthrough to 'false'. These ARE integral promotions, we just don't know the type size. What happens if you instantiate this template? Will it still give the correct answer/type/diagnosis?

In the case of the crash, I would suspect that the expression 'if (c)' should just be dependent and skipped from the semantic analysis because of it.

Thanks for taking a look Erich!

I'm concerned about just making this fallthrough to 'false'. These ARE integral promotions, we just don't know the type size.

In this case, when integral promotion is skipped, boolean conversion (C++ 4.12) is done instead when parsing the template declaration.

What happens if you instantiate this template? Will it still give the correct answer/type/diagnosis?

I stepped through the code for an instantiated template and in this case, integral promotion is done since 'b' is no longer value dependent and is whatever we instantiated it with. I'm not sure what the correct behavior here is, so I compared current behavior to Clang prior to D69950 + this patch. The only difference I could see in the AST is an additional implicit cast for if(c) in template declaration (expected since D69950 changed the type dependency of c and this is the only guard). There is no difference in IR generated.

In the case of the crash, I would suspect that the expression 'if (c)' should just be dependent and skipped from the semantic analysis because of it.

It turns out skipping semantic analysis for value dependent condition expressions is not entirely straightforward. CheckBooleanCondition has a check to skip semantic analysis for type-dependent expressions. Adding a value dependency check here however causes crashes (lit tests) because apparently semantic analysis for noexcept calls this as well.

ExprResult Sema::ActOnNoexceptSpec(SourceLocation NoexceptLoc,
                                   Expr *NoexceptExpr,
                                   ExceptionSpecificationType &EST) {
  // FIXME: This is bogus, a noexcept expression is not a condition.
  ExprResult Converted = CheckBooleanCondition(NoexceptLoc, NoexceptExpr);

I don't really know how noexcept is handled in Clang but it looks like it expects the conversion of value dependent expressions. I guess I could add a guard in ActOnCond instead and see what happens.

riccibruno added a subscriber: riccibruno.Jan 8 2020, 8:29 AM

Semantic analysis for value dependent conditions is now skipped as per Erich's comment. Patch adds an argument to CheckBooleanCondition to still do the required analysis for noexcept expressions.

I think I liked the first version of this patch better. I would say, if the AST after instantiation remains the same as it was before D69950, then the first one seems like the right fix. The pattern AST will just be missing a node to represent the promotion from the bitfield to a full integer, and then again to a boolean.

alexfh added a reviewer: gribozavr2.Jan 21 2020, 1:26 AM

In D72242#1820908, @rnk wrote:

I think I liked the first version of this patch better. I would say, if the AST after instantiation remains the same as it was before D69950, then the first one seems like the right fix.

Thanks for taking a look Reid. The AST after instantiation (ClassTemplateSpecializationDecl) remains the same. I'll upload the old patch for review again after modifying test to add AST checks @erichkeane do you have any concerns?

This is not an appropriate fix; the code is locally correct. The right way to handle this is exactly what Clang currently does: if the expression is not type-dependent, then contextually convert to bool, and if it's not value-dependent, then make sure it's a constant expression.

The bug is that we should treat the name of a bit-field with a value-dependent width as being type-dependent -- the c expression in the testcase should be a type-dependent expression (even though its type is known to be int) because we don't know how to promote it due to the value-dependent bit-width. (This is ultimately a bug in the C++ standard, which fails to provide such a rule, but I've reported that to the committee and it should be fixed in the standard at some point. But the right fix seems obvious enough that we can just do it.)

This revision now requires changes to proceed.Jan 23 2020, 6:58 PM

Thanks for taking a look Richard. This patch adds the required value-dependency check and sets type-dependency accordingly.

This also fixes https://bugs.llvm.org/show_bug.cgi?id=44886

lgtm

The fix looks like what Richard asked for, so I feel comfortable approving this. Thanks for the fix!

CC @hans for the 10.0 branch.

Thanks! I'll push it shortly. Just running a final ninja check-all after updating workspace.

Actually I just noticed it still says 'Needs review' above. I'm not sure what the protocol is. Can I push the patch?

I'm not sure why Phabricator is still showing Needs Review, but @rnk's approval should make this count as accepted.

In D72242#1873017, @smeenai wrote:

I'm not sure why Phabricator is still showing Needs Review, but @rnk's approval should make this count as accepted.

Ok. Thank you. I've pushed the patch.

This revision was not accepted when it landed; it landed in state Needs Review.Feb 12 2020, 1:38 PM

Closed by commit rGa58017e5cae5: Fix type-dependency of bitfields in templates (authored by eandrews). · Explain Why

This revision was automatically updated to reflect the committed changes.

Herald added a project: Restricted Project. · View Herald TranscriptFeb 12 2020, 1:38 PM

In D72242#1872827, @smeenai wrote:

CC @hans for the 10.0 branch.

Cherry-picked to 10.x as 808f8a632f8bc12830157c57461ae8f848c566a3. Please let me know if there are any follow-ups.

Revision Contents

Path

Size

clang/

lib/

AST/

Expr.cpp

5 lines

test/

SemaTemplate/

enum-argument.cpp

3 lines

value-dependent-bitfield-cond.cpp

13 lines

Diff 244270

clang/lib/AST/Expr.cpp

Show First 20 Lines • Show All 1,674 Lines • ▼ Show 20 Lines	MemberExpr *MemberExpr::Create(

if (isa<FieldDecl>(MemberDecl)) {		if (isa<FieldDecl>(MemberDecl)) {
DeclContext *DC = MemberDecl->getDeclContext();		DeclContext *DC = MemberDecl->getDeclContext();
// dyn_cast_or_null is used to handle objC variables which do not		// dyn_cast_or_null is used to handle objC variables which do not
// have a declaration context.		// have a declaration context.
CXXRecordDecl *RD = dyn_cast_or_null<CXXRecordDecl>(DC);		CXXRecordDecl *RD = dyn_cast_or_null<CXXRecordDecl>(DC);
if (RD && RD->isDependentContext() && RD->isCurrentInstantiation(DC))		if (RD && RD->isDependentContext() && RD->isCurrentInstantiation(DC))
E->setTypeDependent(T->isDependentType());		E->setTypeDependent(T->isDependentType());

		// Bitfield with value-dependent width is type-dependent.
		FieldDecl *FD = dyn_cast<FieldDecl>(MemberDecl);
		if (FD && FD->isBitField() && FD->getBitWidth()->isValueDependent())
		E->setTypeDependent(true);
}		}

if (HasQualOrFound) {		if (HasQualOrFound) {
// FIXME: Wrong. We should be looking at the member declaration we found.		// FIXME: Wrong. We should be looking at the member declaration we found.
if (QualifierLoc && QualifierLoc.getNestedNameSpecifier()->isDependent()) {		if (QualifierLoc && QualifierLoc.getNestedNameSpecifier()->isDependent()) {
E->setValueDependent(true);		E->setValueDependent(true);
E->setTypeDependent(true);		E->setTypeDependent(true);
E->setInstantiationDependent(true);		E->setInstantiationDependent(true);
▲ Show 20 Lines • Show All 3,045 Lines • Show Last 20 Lines

clang/test/SemaTemplate/enum-argument.cpp

	// RUN: %clang_cc1 -fsyntax-only -verify %s			// RUN: %clang_cc1 -fsyntax-only -verify %s
				// expected-no-diagnostics

	enum Enum { val = 1 };			enum Enum { val = 1 };
	template <Enum v> struct C {			template <Enum v> struct C {
	typedef C<v> Self;			typedef C<v> Self;
	};			};
	template struct C<val>;			template struct C<val>;

	template<typename T>			template<typename T>
	Show All 15 Lines
	namespace rdar8020920 {			namespace rdar8020920 {
	template<typename T>			template<typename T>
	struct X {			struct X {
	enum { e0 = 32 };			enum { e0 = 32 };

	unsigned long long bitfield : e0;			unsigned long long bitfield : e0;

	void f(int j) {			void f(int j) {
	bitfield + j; // expected-warning {{expression result unused}}			bitfield + j;
	}			}
	};			};
	}			}

clang/test/SemaTemplate/value-dependent-bitfield-cond.cpp

This file was added.

				// RUN: %clang_cc1 -fsyntax-only -verify %s
				// expected-no-diagnostics

				template <int b>
				class A {
				int c : b;

				public:
				void f() {
				if (c)
				;
				}
				};