llvmbot wrote:
<!--LLVM PR SUMMARY COMMENT--> @llvm/pr-subscribers-clang Author: Andrew Sukach (sookach) <details> <summary>Changes</summary> Fixes #<!-- -->111594. The crash is caused by the following call https://github.com/llvm/llvm-project/blob/main/clang/lib/AST/ComputeDependence.cpp#L81-L82 We already check for a null TypeInfo when creating a UnaryExprOrTypeTraitExpr here https://github.com/llvm/llvm-project/blob/main/clang/lib/Sema/SemaExpr.cpp#L4616-L4617 but the following lines can, and in the case of the code in the issue, nullify the TypeInfo https://github.com/llvm/llvm-project/blob/main/clang/lib/Sema/SemaExpr.cpp#L4616-L4617 Thus, adding the additional check for nullptr prevents the erroneous memory access. @<!-- -->shafik Thoughts? Thanks --- Full diff: https://github.com/llvm/llvm-project/pull/112111.diff 1 Files Affected: - (modified) clang/lib/Sema/SemaExpr.cpp (+3) ``````````diff diff --git a/clang/lib/Sema/SemaExpr.cpp b/clang/lib/Sema/SemaExpr.cpp index 4e37385710af5e..b0bd216c5dc101 100644 --- a/clang/lib/Sema/SemaExpr.cpp +++ b/clang/lib/Sema/SemaExpr.cpp @@ -4629,6 +4629,9 @@ ExprResult Sema::CreateUnaryExprOrTypeTraitExpr(TypeSourceInfo *TInfo, TInfo->getType()->isVariablyModifiedType()) TInfo = TransformToPotentiallyEvaluated(TInfo); + if (!TInfo) + return ExprError(); + // C99 6.5.3.4p4: the type (an unsigned integer type) is size_t. return new (Context) UnaryExprOrTypeTraitExpr( ExprKind, TInfo, Context.getSizeType(), OpLoc, R.getEnd()); `````````` </details> https://github.com/llvm/llvm-project/pull/112111 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
