This is an archive of the discontinued LLVM Phabricator instance.

Differential D83491

[flang] Fix a crash when creating generics from a copy
ClosedPublic

Authored by PeteSteinfeld on Jul 9 2020, 9:40 AM.

Details

Reviewers
klausler
tskeith
DavidTruby
jdoerfert
Commits
rG85d9745c83a1: [flang] Fix a crash when creating generics from a copy
Summary

When a program unit creates a generic based on one defined in a module, the
function CopyFrom() is called to create the GenericDetails. This function
copied the specificProcs_ but failed to copy the bindingNames_. If the
function CheckGeneric() then gets called, it tries to index into the empty
binding names and causes the crash.

I fixed this by adding code to CopyFrom() to copy the binding names.

I also added a test that causes the crash.

Diff Detail

Event Timeline

PeteSteinfeld created this revision.Jul 9 2020, 9:40 AM
Herald added a reviewer: DavidTruby. · View Herald TranscriptJul 9 2020, 9:40 AM
Herald added a project: Restricted Project. · View Herald Transcript
Herald added a subscriber: llvm-commits. · View Herald Transcript
PeteSteinfeld added a project: Restricted Project.Jul 9 2020, 9:41 AM
Herald added a reviewer: jdoerfert. · View Herald TranscriptJul 9 2020, 9:41 AM
Harbormaster completed remote builds in B63604: Diff 276763.Jul 9 2020, 10:01 AM
tskeith added inline comments.Jul 9 2020, 11:07 AM
flang/lib/Semantics/symbol.cpp
212

I think that specificProcs_ and bindingNames_ are supposed to be parallel vectors; at least that is the assumption in CheckHelper::CheckGeneric. So this should be written as a single loop that pushes onto the two lists at the same time. As it's written it looks like the two loops might push different numbers of elements on the two lists.

One thing that suggests that the above assumption is wrong is the existence of this constructor: GenericDetails(const SymbolVector &specificProcs);. But I'm not sure it is ever used, so it would be good if you can delete it as part of this change.

PeteSteinfeld marked an inline comment as done.Jul 9 2020, 2:47 PM
PeteSteinfeld added inline comments.
flang/lib/Semantics/symbol.cpp
212

After doing some testing, I believe that you're correct that they're supposed to be parallel vectors. I'll put some calls to CHECK() into CopyFrom() to verify that their sizes match and copy them as pairs.

You're also correct that the constructor GenericDetails(const SymbolVector &specificProcs) is not used. I'll delete it.

Thanks for the guidance!

PeteSteinfeld updated this revision to Diff 276848.Jul 9 2020, 3:01 PM

With Tim's guidance, I changed the code in CopyFrom() to treat the procs and
binding names as a pair and also removed the constructor for GenericDetails
that took a vector of procs, since it wasn't used anywhere.

tskeith accepted this revision.Jul 9 2020, 3:06 PM
This revision is now accepted and ready to land.Jul 9 2020, 3:06 PM
Harbormaster completed remote builds in B63652: Diff 276848.Jul 9 2020, 3:24 PM
Closed by commit rG85d9745c83a1: [flang] Fix a crash when creating generics from a copy (authored by Pete Steinfeld <psteinfeld@nvidia.com>). · Explain WhyJul 9 2020, 3:50 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
flang/
include/
flang/
Semantics/
1 line
lib/
Semantics/
15 lines
test/
Semantics/
23 lines

Diff 276859

flang/include/flang/Semantics/symbol.h

Show First 20 LinesShow All 417 Lines▼ Show 20 Linesprivate:
} }
bool Is(OtherKind) const; bool Is(OtherKind) const;
}; };
// A generic interface or type-bound generic. // A generic interface or type-bound generic.
class GenericDetails { class GenericDetails {
public: public:
GenericDetails() {} GenericDetails() {}
GenericDetails(const SymbolVector &specificProcs);
GenericKind kind() const { return kind_; } GenericKind kind() const { return kind_; }
void set_kind(GenericKind kind) { kind_ = kind; } void set_kind(GenericKind kind) { kind_ = kind; }
const SymbolVector &specificProcs() const { return specificProcs_; } const SymbolVector &specificProcs() const { return specificProcs_; }
const std::vector<SourceName> &bindingNames() const { return bindingNames_; } const std::vector<SourceName> &bindingNames() const { return bindingNames_; }
void AddSpecificProc(const Symbol &, SourceName bindingName); void AddSpecificProc(const Symbol &, SourceName bindingName);
▲ Show 20 LinesShow All 356 LinesShow Last 20 Lines

flang/lib/Semantics/symbol.cpp

Show First 20 LinesShow All 144 Lines▼ Show 20 LinesUseErrorDetails::UseErrorDetails(const UseDetails &useDetails) {
add_occurrence(useDetails.location(), *GetUsedModule(useDetails).scope()); add_occurrence(useDetails.location(), *GetUsedModule(useDetails).scope());
} }
UseErrorDetails &UseErrorDetails::add_occurrence( UseErrorDetails &UseErrorDetails::add_occurrence(
const SourceName &location, const Scope &module) { const SourceName &location, const Scope &module) {
occurrences_.push_back(std::make_pair(location, &module)); occurrences_.push_back(std::make_pair(location, &module));
return *this; return *this;
} }
GenericDetails::GenericDetails(const SymbolVector &specificProcs)
: specificProcs_{specificProcs} {}
void GenericDetails::AddSpecificProc( void GenericDetails::AddSpecificProc(
const Symbol &proc, SourceName bindingName) { const Symbol &proc, SourceName bindingName) {
specificProcs_.push_back(proc); specificProcs_.push_back(proc);
bindingNames_.push_back(bindingName); bindingNames_.push_back(bindingName);
} }
void GenericDetails::set_specific(Symbol &specific) { void GenericDetails::set_specific(Symbol &specific) {
CHECK(!specific_); CHECK(!specific_);
CHECK(!derivedType_); CHECK(!derivedType_);
Show All 17 Lines if (specific_) {
} }
return specific_; return specific_;
} else { } else {
return nullptr; return nullptr;
} }
} }
void GenericDetails::CopyFrom(const GenericDetails &from) { void GenericDetails::CopyFrom(const GenericDetails &from) {
CHECK(specificProcs_.size() == bindingNames_.size());
CHECK(from.specificProcs_.size() == from.bindingNames_.size());
if (from.specific_) { if (from.specific_) {
CHECK(!specific_ || specific_ == from.specific_); CHECK(!specific_ || specific_ == from.specific_);
specific_ = from.specific_; specific_ = from.specific_;
} }
if (from.derivedType_) { if (from.derivedType_) {
CHECK(!derivedType_ || derivedType_ == from.derivedType_); CHECK(!derivedType_ || derivedType_ == from.derivedType_);
derivedType_ = from.derivedType_; derivedType_ = from.derivedType_;
} }
for (const Symbol &symbol : from.specificProcs_) { for (std::size_t i{0}; i < from.specificProcs_.size(); ++i) {
if (std::find_if(specificProcs_.begin(), specificProcs_.end(), if (std::find_if(specificProcs_.begin(), specificProcs_.end(),
[&](const Symbol &mySymbol) { return &mySymbol == &symbol; }) == [&](const Symbol &mySymbol) {
specificProcs_.end()) { return &mySymbol == &*from.specificProcs_[i];
specificProcs_.push_back(symbol); }) == specificProcs_.end()) {
specificProcs_.push_back(from.specificProcs_[i]);
bindingNames_.push_back(from.bindingNames_[i]);
} }
} }
} }
// The name of the kind of details for this symbol. // The name of the kind of details for this symbol.
// This is primarily for debugging. // This is primarily for debugging.
std::string DetailsToString(const Details &details) { std::string DetailsToString(const Details &details) {
return std::visit( return std::visit(
common::visitors{ common::visitors{
[](const UnknownDetails &) { return "Unknown"; }, [](const UnknownDetails &) { return "Unknown"; },
tskeithUnsubmitted
Not Done
ReplyInline Actions

I think that specificProcs_ and bindingNames_ are supposed to be parallel vectors; at least that is the assumption in CheckHelper::CheckGeneric. So this should be written as a single loop that pushes onto the two lists at the same time. As it's written it looks like the two loops might push different numbers of elements on the two lists.

One thing that suggests that the above assumption is wrong is the existence of this constructor: GenericDetails(const SymbolVector &specificProcs);. But I'm not sure it is ever used, so it would be good if you can delete it as part of this change.

tskeith: I think that `specificProcs_` and `bindingNames_` are supposed to be parallel vectors; at least…
PeteSteinfeldAuthorUnsubmitted
Done
ReplyInline Actions

After doing some testing, I believe that you're correct that they're supposed to be parallel vectors. I'll put some calls to CHECK() into CopyFrom() to verify that their sizes match and copy them as pairs.

You're also correct that the constructor GenericDetails(const SymbolVector &specificProcs) is not used. I'll delete it.

Thanks for the guidance!

PeteSteinfeld: After doing some testing, I believe that you're correct that they're supposed to be parallel…
[](const MainProgramDetails &) { return "MainProgram"; }, [](const MainProgramDetails &) { return "MainProgram"; },
[](const ModuleDetails &) { return "Module"; }, [](const ModuleDetails &) { return "Module"; },
[](const SubprogramDetails &) { return "Subprogram"; }, [](const SubprogramDetails &) { return "Subprogram"; },
[](const SubprogramNameDetails &) { return "SubprogramName"; }, [](const SubprogramNameDetails &) { return "SubprogramName"; },
[](const EntityDetails &) { return "Entity"; }, [](const EntityDetails &) { return "Entity"; },
[](const ObjectEntityDetails &) { return "ObjectEntity"; }, [](const ObjectEntityDetails &) { return "ObjectEntity"; },
[](const ProcEntityDetails &) { return "ProcEntity"; }, [](const ProcEntityDetails &) { return "ProcEntity"; },
[](const DerivedTypeDetails &) { return "DerivedType"; }, [](const DerivedTypeDetails &) { return "DerivedType"; },
▲ Show 20 LinesShow All 390 LinesShow Last 20 Lines

flang/test/Semantics/resolve53.f90

Show First 20 LinesShow All 451 Lines▼ Show 20 Linescontains
end end
integer function f2(i, j) integer function f2(i, j)
integer :: i, j integer :: i, j
end end
integer function f3(i, j) integer function f3(i, j)
integer :: i, j integer :: i, j
end end
end end
module m20
interface operator(.not.)
real function f(x)
character(*),intent(in) :: x
end function
end interface
interface operator(+)
procedure f
end interface
end module
subroutine s1()
use m20
interface operator(.not.)
!ERROR: Procedure 'f' is already specified in generic 'operator(.not.)'
procedure f
end interface
interface operator(+)
!ERROR: Procedure 'f' is already specified in generic 'operator(+)'
procedure f
end interface
end subroutine s1