Revert r301742, which caused us to try to evaluate all full-expressions.

Also add testcases for a bunch of expression forms that cause our evaluator to crash. See PR33140 and PR32864 for crashes that this was causing. This reverts r305287, which reverted r305239, which reverted r301742. The previous revert claimed that buildbots were broken, but did not add any testcases and the buildbots have lost all memory of what was wrong here. Changes to test/OpenMP are not reverted; another change has triggered those tests to change their output in the same way that r301742 did. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@306346 91177308-0d34-0410-b5e6-96231b3b80d8
lijiansong · Jun 26, 2017 · 74dbb6c · 74dbb6c
1 parent 3cbedc8
commit 74dbb6c
Show file tree

Hide file tree

Showing 5 changed files with 85 additions and 17 deletions.
diff --git a/include/clang/Sema/Sema.h b/include/clang/Sema/Sema.h
@@ -10276,6 +10276,7 @@ class Sema {
   void CheckFloatComparison(SourceLocation Loc, Expr* LHS, Expr* RHS);
   void CheckImplicitConversions(Expr *E, SourceLocation CC = SourceLocation());
   void CheckBoolLikeConversion(Expr *E, SourceLocation CC);
+  void CheckForIntOverflow(Expr *E);
   void CheckUnsequencedOperations(Expr *E);
 
   /// \brief Perform semantic checks on a completed expression. This will either

diff --git a/lib/AST/ExprConstant.cpp b/lib/AST/ExprConstant.cpp
@@ -6226,10 +6226,6 @@ bool RecordExprEvaluator::VisitInitListExpr(const InitListExpr *E) {
     // the initializer list.
     ImplicitValueInitExpr VIE(HaveInit ? Info.Ctx.IntTy : Field->getType());
     const Expr *Init = HaveInit ? E->getInit(ElementNo++) : &VIE;
-    if (Init->isValueDependent()) {
-      Success = false;
-      continue;
-    }
 
     // Temporarily override This, in case there's a CXXDefaultInitExpr in here.
     ThisOverrideRAII ThisOverride(*Info.CurrentCall, &This,
@@ -9940,8 +9936,7 @@ static bool EvaluateAsRValue(EvalInfo &Info, const Expr *E, APValue &Result) {
 }
 
 static bool FastEvaluateAsRValue(const Expr *Exp, Expr::EvalResult &Result,
-                                 const ASTContext &Ctx, bool &IsConst,
-                                 bool IsCheckingForOverflow) {
+                                 const ASTContext &Ctx, bool &IsConst) {
   // Fast-path evaluations of integer literals, since we sometimes see files
   // containing vast quantities of these.
   if (const IntegerLiteral *L = dyn_cast<IntegerLiteral>(Exp)) {
@@ -9962,7 +9957,7 @@ static bool FastEvaluateAsRValue(const Expr *Exp, Expr::EvalResult &Result,
   // performance problems. Only do so in C++11 for now.
   if (Exp->isRValue() && (Exp->getType()->isArrayType() ||
                           Exp->getType()->isRecordType()) &&
-      !Ctx.getLangOpts().CPlusPlus11 && !IsCheckingForOverflow) {
+      !Ctx.getLangOpts().CPlusPlus11) {
     IsConst = false;
     return true;
   }
@@ -9977,7 +9972,7 @@ static bool FastEvaluateAsRValue(const Expr *Exp, Expr::EvalResult &Result,
 /// will be applied to the result.
 bool Expr::EvaluateAsRValue(EvalResult &Result, const ASTContext &Ctx) const {
   bool IsConst;
-  if (FastEvaluateAsRValue(this, Result, Ctx, IsConst, false))
+  if (FastEvaluateAsRValue(this, Result, Ctx, IsConst))
     return IsConst;
 
   EvalInfo Info(Ctx, Result, EvalInfo::EM_IgnoreSideEffects);
@@ -10102,7 +10097,7 @@ APSInt Expr::EvaluateKnownConstInt(const ASTContext &Ctx,
 void Expr::EvaluateForOverflow(const ASTContext &Ctx) const {
   bool IsConst;
   EvalResult EvalResult;
-  if (!FastEvaluateAsRValue(this, EvalResult, Ctx, IsConst, true)) {
+  if (!FastEvaluateAsRValue(this, EvalResult, Ctx, IsConst)) {
     EvalInfo Info(Ctx, EvalResult, EvalInfo::EM_EvaluateForOverflow);
     (void)::EvaluateAsRValue(Info, this, EvalResult.Val);
   }

diff --git a/lib/Sema/SemaChecking.cpp b/lib/Sema/SemaChecking.cpp
@@ -9936,6 +9936,28 @@ void Sema::CheckBoolLikeConversion(Expr *E, SourceLocation CC) {
   ::CheckBoolLikeConversion(*this, E, CC);
 }
 
+/// Diagnose when expression is an integer constant expression and its evaluation
+/// results in integer overflow
+void Sema::CheckForIntOverflow (Expr *E) {
+  // Use a work list to deal with nested struct initializers.
+  SmallVector<Expr *, 2> Exprs(1, E);
+
+  do {
+    Expr *E = Exprs.pop_back_val();
+
+    if (isa<BinaryOperator>(E->IgnoreParenCasts())) {
+      E->IgnoreParenCasts()->EvaluateForOverflow(Context);
+      continue;
+    }
+
+    if (auto InitList = dyn_cast<InitListExpr>(E))
+      Exprs.append(InitList->inits().begin(), InitList->inits().end());
+
+    if (isa<ObjCBoxedExpr>(E))
+      E->IgnoreParenCasts()->EvaluateForOverflow(Context);
+  } while (!Exprs.empty());
+}
+
 namespace {
 /// \brief Visitor for expressions which looks for unsequenced operations on the
 /// same object.
@@ -10437,7 +10459,7 @@ void Sema::CheckCompletedExpr(Expr *E, SourceLocation CheckLoc,
   if (!E->isInstantiationDependent())
     CheckUnsequencedOperations(E);
   if (!IsConstexpr && !E->isValueDependent())
-    E->EvaluateForOverflow(Context);
+    CheckForIntOverflow(E);
   DiagnoseMisalignedMembers();
 }
 

diff --git a/test/Sema/integer-overflow.c b/test/Sema/integer-overflow.c
@@ -152,13 +152,7 @@ uint64_t check_integer_overflows(int i) {
   uint64_t b2 = b[4608 * 1024 * 1024] + 1;
 
 // expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
-  int j1 = i ? (4608 * 1024 * 1024) : (4608 * 1024 * 1024);
-
-// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
-  int j2 = -(4608 * 1024 * 1024);
-
-// expected-warning@+1 {{overflow in expression; result is 536870912 with type 'int'}}
-  uint64_t j3 = b[4608 * 1024 * 1024];
+  (void)((i ? (4608 * 1024 * 1024) : (4608 * 1024 * 1024)) + 1);
 
 // expected-warning@+1 2{{overflow in expression; result is 536870912 with type 'int'}}
   return ((4608 * 1024 * 1024) + ((uint64_t)(4608 * 1024 * 1024)));

diff --git a/test/SemaCXX/eval-crashes.cpp b/test/SemaCXX/eval-crashes.cpp
@@ -0,0 +1,56 @@
+// RUN: %clang_cc1 -std=c++1z -verify %s
+
+namespace pr32864_0 {
+  struct transfer_t {
+    void *fctx;
+  };
+  template <typename Ctx> class record {
+    void run() {
+      transfer_t t;
+      Ctx from{t.fctx};
+    }
+  };
+}
+
+namespace pr33140_0a {
+  struct S {
+    constexpr S(const int &a = 0) {}
+  };
+  void foo(void) { S s[2] = {}; }
+}
+
+namespace pr33140_0b {
+  bool bar(float const &f = 0);
+  bool foo() { return bar() && bar(); }
+}
+
+namespace pr33140_2 {
+  // FIXME: The declaration of 'b' below should lifetime-extend two int
+  // temporaries, invalidating this warning to some extent.
+  struct A { int &&r = 0; }; // expected-warning {{binding reference member 'r' to a temporary}} expected-note {{here}}
+  struct B { A x, y; };
+  B b = {};
+}
+
+namespace pr33140_3 {
+  typedef struct Y { unsigned int c; } Y_t;
+  struct X {
+    Y_t a;
+  };
+  struct X foo[2] = {[0 ... 1] = {.a = (Y_t){.c = 0}}};
+}
+
+namespace pr33140_6 {
+  struct Y { unsigned int c; };
+  struct X { struct Y *p; };
+  int f() {
+    // FIXME: This causes clang to crash.
+    //return (struct X[2]){ [0 ... 1] = { .p = &(struct Y&)(struct Y&&)(struct Y){0} } }[0].p->c;
+    return 0;
+  }
+}
+
+namespace pr33140_10 {
+  int a(const int &n = 0);
+  bool b() { return a() == a(); }
+}