https://github.com/ymand created https://github.com/llvm/llvm-project/pull/81918
The commit was itself a crash fix, but inadvertently changed the behavior for unions, which results in crashes. >From 86f1b2d4dded22eef613b9d92a4010e16fd1edc7 Mon Sep 17 00:00:00 2001 From: Yitzhak Mandelbaum <yitzh...@google.com> Date: Thu, 15 Feb 2024 20:47:51 +0000 Subject: [PATCH] [clang][dataflow] Fix crash on unions introduced in ba279934c6ab09d5394a89d8318651aefd8d565b The commit was itself a crash fix, but inadvertently changed the behavior for unions, which results in crashes. --- clang/lib/Analysis/FlowSensitive/Transfer.cpp | 6 ++++++ .../Analysis/FlowSensitive/TransferTest.cpp | 21 +++++++++++++++++++ 2 files changed, 27 insertions(+) diff --git a/clang/lib/Analysis/FlowSensitive/Transfer.cpp b/clang/lib/Analysis/FlowSensitive/Transfer.cpp index fc7395457f551d..513f22d8aa0f9c 100644 --- a/clang/lib/Analysis/FlowSensitive/Transfer.cpp +++ b/clang/lib/Analysis/FlowSensitive/Transfer.cpp @@ -663,6 +663,12 @@ class TransferVisitor : public ConstStmtVisitor<TransferVisitor> { void VisitInitListExpr(const InitListExpr *S) { QualType Type = S->getType(); + if (Type->isUnionType()) { + if (auto *Val = Env.createValue(Type)) + Env.setValue(*S, *Val); + return; + } + if (!Type->isStructureOrClassType()) { // Until array initialization is implemented, we don't need to care about // cases where `getNumInits() > 1`. diff --git a/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp b/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp index 87e6e83d2e03a9..a65b0446ac7818 100644 --- a/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp +++ b/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp @@ -2367,6 +2367,27 @@ TEST(TransferTest, InitListExprAsXValue) { }); } +TEST(TransferTest, InitListExprAsUnion) { + // This is a crash repro. + std::string Code = R"cc( + class target { + union { + int *a; + bool *b; + } F; + + public: + constexpr target() : F{nullptr} {} + }; + )cc"; + runDataflow( + Code, + [](const llvm::StringMap<DataflowAnalysisState<NoopLattice>> &Results, + ASTContext &ASTCtx) { + // Just verify that it doesn't crash. + }); +} + TEST(TransferTest, CopyConstructor) { std::string Code = R"( struct A { _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits