https://github.com/bazuzi updated
https://github.com/llvm/llvm-project/pull/83013
>From ee395ff3555efa5cbeae4d874f3ad39c52b85faf Mon Sep 17 00:00:00 2001
From: Samira Bazuzi <baz...@google.com>
Date: Mon, 26 Feb 2024 10:00:48 -0500
Subject: [PATCH 1/2] [clang][dataflow] Skip array types when handling
InitListExprs.
Crashes resulted from single-element InitListExprs for arrays with
elements of a record type after #80970.
---
clang/lib/Analysis/FlowSensitive/Transfer.cpp | 6 +++---
.../Analysis/FlowSensitive/TransferTest.cpp | 17 ++++++++++++++++-
2 files changed, 19 insertions(+), 4 deletions(-)
diff --git a/clang/lib/Analysis/FlowSensitive/Transfer.cpp
b/clang/lib/Analysis/FlowSensitive/Transfer.cpp
index fe13e919bddcd8..a5b8e9cbc18e64 100644
--- a/clang/lib/Analysis/FlowSensitive/Transfer.cpp
+++ b/clang/lib/Analysis/FlowSensitive/Transfer.cpp
@@ -671,9 +671,9 @@ class TransferVisitor : public
ConstStmtVisitor<TransferVisitor> {
}
if (!Type->isStructureOrClassType()) {
- // Until array initialization is implemented, we don't need to care about
- // cases where `getNumInits() > 1`.
- if (S->getNumInits() == 1)
+ // Until array initialization is implemented, we skip arrays and don't
need
+ // to care about cases where `getNumInits() > 1`.
+ if (!Type->isArrayType() && S->getNumInits() == 1)
propagateValueOrStorageLocation(*S->getInit(0), *S, Env);
return;
}
diff --git a/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp
b/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp
index a65b0446ac7818..2be899f5b6da91 100644
--- a/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp
+++ b/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp
@@ -2367,6 +2367,21 @@ TEST(TransferTest, InitListExprAsXValue) {
});
}
+TEST(TransferTest, ArrayInitListExprOneRecordElement) {
+ // This is a crash repro.
+ std::string Code = R"cc(
+ struct S {};
+
+ void target() { S foo[] = {S()}; }
+ )cc";
+ runDataflow(
+ Code,
+ [](const llvm::StringMap<DataflowAnalysisState<NoopLattice>> &Results,
+ ASTContext &ASTCtx) {
+ // Just verify that it doesn't crash.
+ });
+}
+
TEST(TransferTest, InitListExprAsUnion) {
// This is a crash repro.
std::string Code = R"cc(
@@ -3414,7 +3429,7 @@ TEST(TransferTest,
AggregateInitializationFunctionPointer) {
struct S {
void (*const Field)();
};
-
+
void target() {
S s{nullptr};
}
>From 00d1d53a1c52850042e1d09250833355a140ea4c Mon Sep 17 00:00:00 2001
From: Samira Bazuzi <baz...@google.com>
Date: Mon, 26 Feb 2024 10:00:48 -0500
Subject: [PATCH 2/2] [clang][dataflow] Skip array types when handling
InitListExprs.
Crashes resulted from single-element InitListExprs for arrays with
elements of a record type after #80970.
---
clang/lib/Analysis/FlowSensitive/Transfer.cpp | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/clang/lib/Analysis/FlowSensitive/Transfer.cpp
b/clang/lib/Analysis/FlowSensitive/Transfer.cpp
index a5b8e9cbc18e64..089854264f483a 100644
--- a/clang/lib/Analysis/FlowSensitive/Transfer.cpp
+++ b/clang/lib/Analysis/FlowSensitive/Transfer.cpp
@@ -671,8 +671,8 @@ class TransferVisitor : public
ConstStmtVisitor<TransferVisitor> {
}
if (!Type->isStructureOrClassType()) {
- // Until array initialization is implemented, we skip arrays and don't
need
- // to care about cases where `getNumInits() > 1`.
+ // Until array initialization is implemented, we skip arrays and don't
+ // need to care about cases where `getNumInits() > 1`.
if (!Type->isArrayType() && S->getNumInits() == 1)
propagateValueOrStorageLocation(*S->getInit(0), *S, Env);
return;
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
