[clang] [clang][ASTImporter] Remove trailing return testing on lambda proto (PR #101031)

Ding Fei via cfe-commits Tue, 30 Jul 2024 19:49:12 -0700

danix800 wrote:

> This commit surfaces another crash on null stmt inside 
> `CXXDeductionGuideDecl`:
> 
> ```c
> namespace foo {
>   template <typename, typename> struct is_same;
>   template <bool, typename _Tp = void> struct enable_if {};
>   template <bool _Cond, typename _Tp = void>
>     using enable_if_t = typename enable_if<_Cond, _Tp>::type;
> 
>   template <typename _Tp, typename _Up>
>     inline constexpr bool is_same_v = is_same<_Tp, _Up>::value;
> 
>   template <typename _Tp, typename Alloc> struct array {};
> 
>   template <typename _Tp, typename... _Up>
>     array(_Tp, _Up...) ->
>     array<enable_if_t<(is_same_v<_Tp, _Up> && ...)>, _Tp>;
> }
> ```
> 
> Will crash when imported:
> 
> ```
>  #0 0x00007f15958323ca llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) 
> /home/danis/Sources/llvm-project/llvm/lib/Support/Unix/Signals.inc:567:11
>  #1 0x00007f159583257b PrintStackTraceSignalHandler(void*) 
> /home/danis/Sources/llvm-project/llvm/lib/Support/Unix/Signals.inc:641:1
>  #2 0x00007f1595830bd6 llvm::sys::RunSignalHandlers() 
> /home/danis/Sources/llvm-project/llvm/lib/Support/Signals.cpp:104:5
>  #3 0x00007f1595832ca5 SignalHandler(int) 
> /home/danis/Sources/llvm-project/llvm/lib/Support/Unix/Signals.inc:412:1
>  #4 0x00007f159525b050 (/lib/x86_64-linux-gnu/libc.so.6+0x3c050)
>  #5 0x00007f159721022c clang::Stmt::getStmtClass() const 
> /home/danis/Sources/llvm-project/clang/include/clang/AST/Stmt.h:1178:44
>  #6 0x00007f1597aab9f1 clang::Stmt::children() 
> /home/danis/Sources/llvm-project/clang/lib/AST/Stmt.cpp:287:3
>  #7 0x00007f159734912a clang::Stmt::children() const 
> /home/danis/Sources/llvm-project/clang/include/clang/AST/Stmt.h:1273:39
>  #8 0x00007f15973f3d61 clang::Stmt::child_begin() const 
> /home/danis/Sources/llvm-project/clang/include/clang/AST/Stmt.h:1279:53
>  #9 0x00007f15973b9746 isAncestorDeclContextOf(clang::DeclContext const*, 
> clang::Stmt const*) 
> /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:3377:47
> #10 0x00007f15973b9c38 (anonymous 
> namespace)::IsTypeDeclaredInsideVisitor::checkTemplateArgument(clang::TemplateArgument
>  const&) /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:3507:7
> #11 0x00007f15973b93fe (anonymous 
> namespace)::IsTypeDeclaredInsideVisitor::VisitTemplateSpecializationType(clang::TemplateSpecializationType
>  const*) 
> /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:3467:11
> #12 0x00007f15973b89b9 clang::TypeVisitor<(anonymous 
> namespace)::IsTypeDeclaredInsideVisitor, 
> std::optional<bool>>::Visit(clang::Type const*) 
> /home/danis/Sources/llvm-project/build/tools/clang/include/clang/AST/TypeNodes.inc:71:1
> #13 0x00007f1597385113 (anonymous 
> namespace)::IsTypeDeclaredInsideVisitor::CheckType(clang::QualType) 
> /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:3426:37
> #14 0x00007f15973b9c0e (anonymous 
> namespace)::IsTypeDeclaredInsideVisitor::checkTemplateArgument(clang::TemplateArgument
>  const&) /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:3505:7
> #15 0x00007f15973b93fe (anonymous 
> namespace)::IsTypeDeclaredInsideVisitor::VisitTemplateSpecializationType(clang::TemplateSpecializationType
>  const*) 
> /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:3467:11
> #16 0x00007f15973b89b9 clang::TypeVisitor<(anonymous 
> namespace)::IsTypeDeclaredInsideVisitor, 
> std::optional<bool>>::Visit(clang::Type const*) 
> /home/danis/Sources/llvm-project/build/tools/clang/include/clang/AST/TypeNodes.inc:71:1
> #17 0x00007f1597385113 (anonymous 
> namespace)::IsTypeDeclaredInsideVisitor::CheckType(clang::QualType) 
> /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:3426:37
> #18 0x00007f1597384f42 
> clang::ASTNodeImporter::hasReturnTypeDeclaredInside(clang::FunctionDecl*) 
> /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:3556:5
> #19 0x00007f1597385d8e 
> clang::ASTNodeImporter::VisitFunctionDecl(clang::FunctionDecl*) 
> /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:3709:9
> #20 0x00007f1597387fab 
> clang::ASTNodeImporter::VisitCXXDeductionGuideDecl(clang::CXXDeductionGuideDecl*)
>  /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:3962:10
> #21 0x00007f15973e238e clang::declvisitor::Base<std::add_pointer, 
> clang::ASTNodeImporter, llvm::Expected<clang::Decl*>>::Visit(clang::Decl*) 
> /home/danis/Sources/llvm-project/build/tools/clang/include/clang/AST/DeclNodes.inc:437:1
> #22 0x00007f15973ad9ed clang::ASTImporter::ImportImpl(clang::Decl*) 
> /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:8828:19
> #23 0x00007f1597391055 clang::ASTImporter::Import(clang::Decl*) 
> /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:9219:8
> #24 0x00007f15973d30f7 llvm::Error 
> clang::ASTNodeImporter::importInto<clang::FunctionDecl>(clang::FunctionDecl*&,
>  clang::FunctionDecl*) 
> /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:193:11
> #25 0x00007f159739a2c7 
> clang::ASTNodeImporter::VisitFunctionTemplateDecl(clang::FunctionTemplateDecl*)
>  /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:6502:13
> #26 0x00007f15973e217e clang::declvisitor::Base<std::add_pointer, 
> clang::ASTNodeImporter, llvm::Expected<clang::Decl*>>::Visit(clang::Decl*) 
> /home/danis/Sources/llvm-project/build/tools/clang/include/clang/AST/DeclNodes.inc:245:1
> #27 0x00007f15973ad9ed clang::ASTImporter::ImportImpl(clang::Decl*) 
> /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:8828:19
> #28 0x00007f1597391055 clang::ASTImporter::Import(clang::Decl*) 
> /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:9219:8
> #29 0x00007f15973bc943 std::conditional<std::is_base_of_v<clang::Type, 
> clang::Decl>, llvm::Expected<clang::Decl const*>, 
> llvm::Expected<clang::Decl*>>::type 
> clang::ASTNodeImporter::import<clang::Decl>(clang::Decl*) 
> /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:205:12
> #30 0x00007f159737d384 
> clang::ASTNodeImporter::ImportDeclContext(clang::DeclContext*, bool) 
> /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:2036:10
> #31 0x00007f159737f831 
> clang::ASTNodeImporter::VisitNamespaceDecl(clang::NamespaceDecl*) 
> /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:2559:13
> #32 0x00007f15973e2060 clang::declvisitor::Base<std::add_pointer, 
> clang::ASTNodeImporter, llvm::Expected<clang::Decl*>>::Visit(clang::Decl*) 
> /home/danis/Sources/llvm-project/build/tools/clang/include/clang/AST/DeclNodes.inc:143:1
> #33 0x00007f15973ad9ed clang::ASTImporter::ImportImpl(clang::Decl*) 
> /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:8828:19
> #34 0x00007f1597391055 clang::ASTImporter::Import(clang::Decl*) 
> /home/danis/Sources/llvm-project/clang/lib/AST/ASTImporter.cpp:9219:8
> #35 0x000055f6d583892a 
> clang::ast_matchers::ASTImporterTestBase::TU::import(std::shared_ptr<clang::ASTImporterSharedState>
>  const&, clang::ASTUnit*, clang::Decl*) 
> /home/danis/Sources/llvm-project/clang/unittests/AST/ASTImporterFixtures.cpp:83:12
> #36 0x000055f6d58391a8 
> clang::ast_matchers::ASTImporterTestBase::getImportedDecl(llvm::StringRef, 
> clang::TestLanguage, llvm::StringRef, clang::TestLanguage, llvm::StringRef) 
> /home/danis/Sources/llvm-project/clang/unittests/AST/ASTImporterFixtures.cpp:166:9
> #37 0x000055f6d589cc94 
> clang::ast_matchers::ASTImporterOptionSpecificTestBase_NoCrashOnCXXDeductionGuideDecl_Test::TestBody()
>  
> /home/danis/Sources/llvm-project/clang/unittests/AST/ASTImporterTest.cpp:6378:3
> #38 0x00007f1598b80b5b void 
> testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, 
> void>(testing::Test*, void (testing::Test::*)(), char const*) 
> /home/danis/Sources/llvm-project/third-party/unittest/googletest/src/gtest.cc:2433:3
> #39 0x00007f1598b696e7 void 
> testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, 
> void>(testing::Test*, void (testing::Test::*)(), char const*) 
> /home/danis/Sources/llvm-project/third-party/unittest/googletest/src/gtest.cc:2488:5
> #40 0x00007f1598b52d93 testing::Test::Run() 
> /home/danis/Sources/llvm-project/third-party/unittest/googletest/src/gtest.cc:2515:3
> #41 0x00007f1598b535ea testing::TestInfo::Run() 
> /home/danis/Sources/llvm-project/third-party/unittest/googletest/src/gtest.cc:2687:12
> #42 0x00007f1598b53b4b testing::TestSuite::Run() 
> /home/danis/Sources/llvm-project/third-party/unittest/googletest/src/gtest.cc:2815:44
> #43 0x00007f1598b5c329 testing::internal::UnitTestImpl::RunAllTests() 
> /home/danis/Sources/llvm-project/third-party/unittest/googletest/src/gtest.cc:5337:24
> #44 0x00007f1598b83c5b bool 
> testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl,
>  bool>(testing::internal::UnitTestImpl*, bool 
> (testing::internal::UnitTestImpl::*)(), char const*) 
> /home/danis/Sources/llvm-project/third-party/unittest/googletest/src/gtest.cc:2433:3
> #45 0x00007f1598b6b6f7 bool 
> testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl,
>  bool>(testing::internal::UnitTestImpl*, bool 
> (testing::internal::UnitTestImpl::*)(), char const*) 
> /home/danis/Sources/llvm-project/third-party/unittest/googletest/src/gtest.cc:2488:5
> #46 0x00007f1598b5bf0f testing::UnitTest::Run() 
> /home/danis/Sources/llvm-project/third-party/unittest/googletest/src/gtest.cc:4925:10
> #47 0x00007f1599631d61 RUN_ALL_TESTS() 
> /home/danis/Sources/llvm-project/third-party/unittest/googletest/include/gtest/gtest.h:2472:3
> #48 0x00007f1599631ca4 main 
> /home/danis/Sources/llvm-project/third-party/unittest/UnitTestMain/TestMain.cpp:55:3
> #49 0x00007f159524624a __libc_start_call_main 
> ./csu/../sysdeps/nptl/libc_start_call_main.h:74:3
> #50 0x00007f1595246305 call_init ./csu/../csu/libc-start.c:128:20
> #51 0x00007f1595246305 __libc_start_main ./csu/../csu/libc-start.c:347:5
> #52 0x000055f6d57df631 _start 
> (build/tools/clang/unittests/AST/ASTTests+0x471631)
> Segmentation fault
> ```
> 
> Another PR would fix the crash when this one is landed.


This is a false alarm caused by the incorrect fix. The original fix relaxed 
return type test to
all function protos with trailing return, which brings in 
`IsTypeDeclaredInsideVisitor` tests
on `CXXDeductonGuideDecl` (also a `FunctionDecl` with trailing return). There 
might be nullptr
in `Stmt::children()` which causes null deref.

BTW `IsTypeDeclaredInsideVisitor` might be improved to guard against null-deref 
here:
```c
static bool isAncestorDeclContextOf(const DeclContext *DC, const Stmt *S) {
  SmallVector<const Stmt *> ToProcess;
  ToProcess.push_back(S);
  while (!ToProcess.empty()) {
    const Stmt *CurrentS = ToProcess.pop_back_val();
    ToProcess.append(CurrentS->child_begin(), CurrentS->child_end());
    if (const auto *DeclRef = dyn_cast<DeclRefExpr>(CurrentS))
      if (const Decl *D = DeclRef->getDecl())
        if (isAncestorDeclContextOf(DC, D))
          return true;
  }
  return false;
}
```

Here can `ToProcess.append(CurrentS->child_begin(), CurrentS->child_end());` 
add any
nullptr into `ToProcess` in this testing context?

https://github.com/llvm/llvm-project/pull/101031
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [clang][ASTImporter] Remove trailing return testing on lambda proto (PR #101031)

Reply via email to