Author: marius doerner Date: 2026-02-01T10:08:42+01:00 New Revision: 756c321c33af2be0bd40707948aae3c06163a0a6
URL: https://github.com/llvm/llvm-project/commit/756c321c33af2be0bd40707948aae3c06163a0a6 DIFF: https://github.com/llvm/llvm-project/commit/756c321c33af2be0bd40707948aae3c06163a0a6.diff LOG: [clang][bytecode] Use in `Expr::tryEvaluateObjectSize` (#179033) Fixes #138474 Use new bytecode intepreter in `Expr::tryEvaluateObjectSize`. Reuses the already existing implementation for `__builtin_object_size` in of the intepreter. --------- Co-authored-by: Timm Baeder <[email protected]> Added: Modified: clang/lib/AST/ByteCode/Context.cpp clang/lib/AST/ByteCode/Context.h clang/lib/AST/ByteCode/InterpBuiltin.cpp clang/lib/AST/ByteCode/InterpHelpers.h clang/lib/AST/ExprConstant.cpp clang/test/Sema/address-packed-member-memops.c clang/test/Sema/attr-diagnose-as-builtin.c clang/test/Sema/builtin-memcpy.c clang/test/Sema/format-strings-nonnull.c clang/test/Sema/format-strings.c clang/test/Sema/memset-invalid-1.c clang/test/Sema/transpose-memset.c clang/test/Sema/warn-format-overflow-truncation.c clang/test/Sema/warn-fortify-scanf.c clang/test/Sema/warn-fortify-source.c clang/test/Sema/warn-memset-bad-sizeof.c clang/test/Sema/warn-nontrivial-struct-memaccess-ptrauth.c clang/test/Sema/warn-strncat-size.c Removed: ################################################################################ diff --git a/clang/lib/AST/ByteCode/Context.cpp b/clang/lib/AST/ByteCode/Context.cpp index d6fdf581baaec..8356be77dbc80 100644 --- a/clang/lib/AST/ByteCode/Context.cpp +++ b/clang/lib/AST/ByteCode/Context.cpp @@ -327,6 +327,35 @@ bool Context::evaluateStrlen(State &Parent, const Expr *E, uint64_t &Result) { return true; } +bool Context::tryEvaluateObjectSize(State &Parent, const Expr *E, unsigned Kind, + uint64_t &Result) { + assert(Stk.empty()); + Compiler<EvalEmitter> C(*this, *P, Parent, Stk); + + auto PtrRes = C.interpretAsPointer(E, [&](const Pointer &Ptr) { + const Descriptor *DeclDesc = Ptr.getDeclDesc(); + assert(DeclDesc); + QualType T = DeclDesc->getType().getNonReferenceType(); + if (T->isIncompleteType() || T->isFunctionType() || + !T->isConstantSizeType()) + return false; + + Pointer P = Ptr; + if (auto ObjectSize = evaluateBuiltinObjectSize(getASTContext(), Kind, P)) { + Result = *ObjectSize; + return true; + } + return false; + }); + + if (PtrRes.isInvalid()) { + C.cleanup(); + Stk.clear(); + return false; + } + return true; +} + const LangOptions &Context::getLangOpts() const { return Ctx.getLangOpts(); } static PrimType integralTypeToPrimTypeS(unsigned BitWidth) { diff --git a/clang/lib/AST/ByteCode/Context.h b/clang/lib/AST/ByteCode/Context.h index a21bb3ed8fbe7..313c040f84743 100644 --- a/clang/lib/AST/ByteCode/Context.h +++ b/clang/lib/AST/ByteCode/Context.h @@ -75,6 +75,19 @@ class Context final { /// run strlen() on it. bool evaluateStrlen(State &Parent, const Expr *E, uint64_t &Result); + /// If \param E evaluates to a pointer the number of accessible bytes + /// past the pointer is estimated in \param Result as if evaluated by + /// the builtin function __builtin_object_size. This is a best effort + /// approximation, when Kind & 2 == 0 the object size is less + /// than or equal to the estimated size, when Kind & 2 == 1 the + /// true value is greater than or equal to the estimated size. + /// When Kind & 1 == 1 only bytes belonging to the same subobject + /// as the one referred to by E are considered, when Kind & 1 == 0 + /// bytes belonging to the same storage (stack, heap allocation, + /// global variable) are considered. + bool tryEvaluateObjectSize(State &Parent, const Expr *E, unsigned Kind, + uint64_t &Result); + /// Returns the AST context. ASTContext &getASTContext() const { return Ctx; } /// Returns the language options. diff --git a/clang/lib/AST/ByteCode/InterpBuiltin.cpp b/clang/lib/AST/ByteCode/InterpBuiltin.cpp index 42ed44ff3c3ea..aeff5a453420c 100644 --- a/clang/lib/AST/ByteCode/InterpBuiltin.cpp +++ b/clang/lib/AST/ByteCode/InterpBuiltin.cpp @@ -2304,54 +2304,36 @@ static bool isUserWritingOffTheEnd(const ASTContext &Ctx, const Pointer &Ptr) { isFlexibleArrayMember(FieldDesc); } -static bool interp__builtin_object_size(InterpState &S, CodePtr OpPC, - const InterpFrame *Frame, - const CallExpr *Call) { - const ASTContext &ASTCtx = S.getASTContext(); - // From the GCC docs: - // Kind is an integer constant from 0 to 3. If the least significant bit is - // clear, objects are whole variables. If it is set, a closest surrounding - // subobject is considered the object a pointer points to. The second bit - // determines if maximum or minimum of remaining bytes is computed. - unsigned Kind = popToUInt64(S, Call->getArg(1)); - assert(Kind <= 3 && "unexpected kind"); - bool UseFieldDesc = (Kind & 1u); - bool ReportMinimum = (Kind & 2u); - Pointer Ptr = S.Stk.pop<Pointer>(); - - if (Call->getArg(0)->HasSideEffects(ASTCtx)) { - // "If there are any side effects in them, it returns (size_t) -1 - // for type 0 or 1 and (size_t) 0 for type 2 or 3." - pushInteger(S, Kind <= 1 ? -1 : 0, Call->getType()); - return true; - } - +UnsignedOrNone evaluateBuiltinObjectSize(const ASTContext &ASTCtx, + unsigned Kind, Pointer &Ptr) { if (Ptr.isZero() || !Ptr.isBlockPointer()) - return false; + return std::nullopt; // We can't load through pointers. if (Ptr.isDummy() && Ptr.getType()->isPointerType()) - return false; + return std::nullopt; bool DetermineForCompleteObject = Ptr.getFieldDesc() == Ptr.getDeclDesc(); const Descriptor *DeclDesc = Ptr.getDeclDesc(); assert(DeclDesc); + bool UseFieldDesc = (Kind & 1u); + bool ReportMinimum = (Kind & 2u); if (!UseFieldDesc || DetermineForCompleteObject) { // Lower bound, so we can't fall back to this. if (ReportMinimum && !DetermineForCompleteObject) - return false; + return std::nullopt; // Can't read beyond the pointer decl desc. if (!UseFieldDesc && !ReportMinimum && DeclDesc->getType()->isPointerType()) - return false; + return std::nullopt; } else { if (isUserWritingOffTheEnd(ASTCtx, Ptr.expand())) { // If we cannot determine the size of the initial allocation, then we // can't given an accurate upper-bound. However, we are still able to give // conservative lower-bounds for Type=3. if (Kind == 1) - return false; + return std::nullopt; } } @@ -2365,7 +2347,7 @@ static bool interp__builtin_object_size(InterpState &S, CodePtr OpPC, std::optional<unsigned> FullSize = computeFullDescSize(ASTCtx, Desc); if (!FullSize) - return false; + return std::nullopt; unsigned ByteOffset; if (UseFieldDesc) { @@ -2386,10 +2368,34 @@ static bool interp__builtin_object_size(InterpState &S, CodePtr OpPC, ByteOffset = computePointerOffset(ASTCtx, Ptr); assert(ByteOffset <= *FullSize); - unsigned Result = *FullSize - ByteOffset; + return *FullSize - ByteOffset; +} - pushInteger(S, Result, Call->getType()); - return true; +static bool interp__builtin_object_size(InterpState &S, CodePtr OpPC, + const InterpFrame *Frame, + const CallExpr *Call) { + const ASTContext &ASTCtx = S.getASTContext(); + // From the GCC docs: + // Kind is an integer constant from 0 to 3. If the least significant bit is + // clear, objects are whole variables. If it is set, a closest surrounding + // subobject is considered the object a pointer points to. The second bit + // determines if maximum or minimum of remaining bytes is computed. + unsigned Kind = popToUInt64(S, Call->getArg(1)); + assert(Kind <= 3 && "unexpected kind"); + Pointer Ptr = S.Stk.pop<Pointer>(); + + if (Call->getArg(0)->HasSideEffects(ASTCtx)) { + // "If there are any side effects in them, it returns (size_t) -1 + // for type 0 or 1 and (size_t) 0 for type 2 or 3." + pushInteger(S, Kind <= 1 ? -1 : 0, Call->getType()); + return true; + } + + if (auto Result = evaluateBuiltinObjectSize(ASTCtx, Kind, Ptr)) { + pushInteger(S, *Result, Call->getType()); + return true; + } + return false; } static bool interp__builtin_is_within_lifetime(InterpState &S, CodePtr OpPC, diff --git a/clang/lib/AST/ByteCode/InterpHelpers.h b/clang/lib/AST/ByteCode/InterpHelpers.h index 6bf89d318378c..905bf1b43bfab 100644 --- a/clang/lib/AST/ByteCode/InterpHelpers.h +++ b/clang/lib/AST/ByteCode/InterpHelpers.h @@ -66,6 +66,9 @@ bool CheckNewDeleteForms(InterpState &S, CodePtr OpPC, /// Copy the contents of Src into Dest. bool DoMemcpy(InterpState &S, CodePtr OpPC, const Pointer &Src, Pointer &Dest); +UnsignedOrNone evaluateBuiltinObjectSize(const ASTContext &ASTCtx, + unsigned Kind, Pointer &Ptr); + template <typename T> static bool handleOverflow(InterpState &S, CodePtr OpPC, const T &SrcValue) { const Expr *E = S.Current->getExpr(OpPC); diff --git a/clang/lib/AST/ExprConstant.cpp b/clang/lib/AST/ExprConstant.cpp index 73768f7dd612b..8a994f5c3dbd2 100644 --- a/clang/lib/AST/ExprConstant.cpp +++ b/clang/lib/AST/ExprConstant.cpp @@ -21781,6 +21781,10 @@ bool Expr::tryEvaluateObjectSize(uint64_t &Result, ASTContext &Ctx, Expr::EvalStatus Status; EvalInfo Info(Ctx, Status, EvaluationMode::ConstantFold); + if (Info.EnableNewConstInterp) { + return Info.Ctx.getInterpContext().tryEvaluateObjectSize(Info, this, Type, + Result); + } return tryEvaluateBuiltinObjectSize(this, Type, Info, Result); } diff --git a/clang/test/Sema/address-packed-member-memops.c b/clang/test/Sema/address-packed-member-memops.c index 220132f332987..b7ddeba5f072f 100644 --- a/clang/test/Sema/address-packed-member-memops.c +++ b/clang/test/Sema/address-packed-member-memops.c @@ -1,4 +1,5 @@ // RUN: %clang_cc1 -fsyntax-only -verify %s +// RUN: %clang_cc1 -fsyntax-only -fexperimental-new-constant-interpreter -verify %s // expected-no-diagnostics struct B { diff --git a/clang/test/Sema/attr-diagnose-as-builtin.c b/clang/test/Sema/attr-diagnose-as-builtin.c index 10962de1a3f0d..762c4adff53cf 100644 --- a/clang/test/Sema/attr-diagnose-as-builtin.c +++ b/clang/test/Sema/attr-diagnose-as-builtin.c @@ -1,4 +1,5 @@ // RUN: %clang_cc1 -Wfortify-source -triple x86_64-apple-macosx10.14.0 %s -verify +// RUN: %clang_cc1 -Wfortify-source -triple x86_64-apple-macosx10.14.0 %s -fexperimental-new-constant-interpreter -verify // RUN: %clang_cc1 -Wfortify-source -xc++ -triple x86_64-apple-macosx10.14.0 %s -verify typedef unsigned long size_t; diff --git a/clang/test/Sema/builtin-memcpy.c b/clang/test/Sema/builtin-memcpy.c index 2a55e78034a02..af9ab9db5b45d 100644 --- a/clang/test/Sema/builtin-memcpy.c +++ b/clang/test/Sema/builtin-memcpy.c @@ -1,4 +1,5 @@ // RUN: %clang_cc1 %s -triple x86_64-unknown-linux -fsyntax-only -verify=c +// RUN: %clang_cc1 %s -triple x86_64-unknown-linux -fsyntax-only -fexperimental-new-constant-interpreter -verify=c // RUN: %clang_cc1 -x c++ %s -triple x86_64-unknown-linux -fsyntax-only -verify=cxx // cxx-no-diagnostics diff --git a/clang/test/Sema/format-strings-nonnull.c b/clang/test/Sema/format-strings-nonnull.c index b9eeb5954ffb6..1204bf1cde305 100644 --- a/clang/test/Sema/format-strings-nonnull.c +++ b/clang/test/Sema/format-strings-nonnull.c @@ -1,4 +1,5 @@ // RUN: %clang_cc1 -fsyntax-only --std=c23 -verify -Wnonnull -Wno-format-security %s +// RUN: %clang_cc1 -fsyntax-only --std=c23 -verify -Wnonnull -Wno-format-security -fexperimental-new-constant-interpreter %s #define NULL (void*)0 diff --git a/clang/test/Sema/format-strings.c b/clang/test/Sema/format-strings.c index 3a2c2701cfcfc..fb4cf12e829e2 100644 --- a/clang/test/Sema/format-strings.c +++ b/clang/test/Sema/format-strings.c @@ -2,6 +2,7 @@ // RUN: %clang_cc1 -fblocks -fsyntax-only -verify -Wformat-nonliteral -isystem %S/Inputs -fno-signed-char %s // RUN: %clang_cc1 -fblocks -fsyntax-only -verify -Wformat-nonliteral -isystem %S/Inputs -triple=x86_64-unknown-fuchsia %s // RUN: %clang_cc1 -fblocks -fsyntax-only -verify -Wformat-nonliteral -isystem %S/Inputs -triple=x86_64-linux-android %s +// RUN: %clang_cc1 -fblocks -fsyntax-only -verify -Wformat-nonliteral -fexperimental-new-constant-interpreter -isystem %S/Inputs %s #include <limits.h> #include <stdarg.h> diff --git a/clang/test/Sema/memset-invalid-1.c b/clang/test/Sema/memset-invalid-1.c index 025f7c0cf169c..90508fc2113f1 100644 --- a/clang/test/Sema/memset-invalid-1.c +++ b/clang/test/Sema/memset-invalid-1.c @@ -1,4 +1,5 @@ // RUN: %clang_cc1 -fsyntax-only %s -verify +// RUN: %clang_cc1 -fsyntax-only -fexperimental-new-constant-interpreter %s -verify typedef __SIZE_TYPE__ size_t; void *memset(void*, int, size_t); diff --git a/clang/test/Sema/transpose-memset.c b/clang/test/Sema/transpose-memset.c index 7d83b8e336a08..01a0835d60038 100644 --- a/clang/test/Sema/transpose-memset.c +++ b/clang/test/Sema/transpose-memset.c @@ -1,5 +1,6 @@ // RUN: %clang_cc1 -Wmemset-transposed-args -verify %s // RUN: %clang_cc1 -xc++ -Wmemset-transposed-args -verify %s +// RUN: %clang_cc1 -Wmemset-transposed-args -fexperimental-new-constant-interpreter -verify %s #define memset(...) __builtin_memset(__VA_ARGS__) #define bzero(x,y) __builtin_memset(x, 0, y) diff --git a/clang/test/Sema/warn-format-overflow-truncation.c b/clang/test/Sema/warn-format-overflow-truncation.c index eb1feaae834ec..e954092317e92 100644 --- a/clang/test/Sema/warn-format-overflow-truncation.c +++ b/clang/test/Sema/warn-format-overflow-truncation.c @@ -6,6 +6,7 @@ // RUN: %clang_cc1 -xc++ -triple x86_64-apple-macosx10.14.0 -Wno-format-truncation-non-kprintf -Wno-format-overflow-non-kprintf %s -verify=kprintf,expected // RUN: %clang_cc1 -triple x86_64-apple-macosx10.14.0 -Wno-format-overflow -Wno-format-truncation -Wformat-truncation-non-kprintf -Wformat-overflow-non-kprintf %s -verify=nonkprintf,expected // RUN: %clang_cc1 -xc++ -triple x86_64-apple-macosx10.14.0 -Wno-format-overflow -Wno-format-truncation -Wformat-truncation-non-kprintf -Wformat-overflow-non-kprintf %s -verify=nonkprintf,expected +// RUN: %clang_cc1 -triple x86_64-apple-macosx10.14.0 -fexperimental-new-constant-interpreter %s -verify=kprintf,nonkprintf,expected typedef unsigned long size_t; diff --git a/clang/test/Sema/warn-fortify-scanf.c b/clang/test/Sema/warn-fortify-scanf.c index 7b8f4b73438be..30b4cf0945def 100644 --- a/clang/test/Sema/warn-fortify-scanf.c +++ b/clang/test/Sema/warn-fortify-scanf.c @@ -1,4 +1,5 @@ // RUN: %clang_cc1 -triple x86_64-apple-macosx10.14.0 %s -verify +// RUN: %clang_cc1 -triple x86_64-apple-macosx10.14.0 -fexperimental-new-constant-interpreter %s -verify typedef struct _FILE FILE; extern int scanf(const char *format, ...); diff --git a/clang/test/Sema/warn-fortify-source.c b/clang/test/Sema/warn-fortify-source.c index 750bd5361ade9..2354d3cc2c65e 100644 --- a/clang/test/Sema/warn-fortify-source.c +++ b/clang/test/Sema/warn-fortify-source.c @@ -2,11 +2,7 @@ // RUN: %clang_cc1 -triple x86_64-apple-macosx10.14.0 %s -verify -DUSE_BUILTINS // RUN: %clang_cc1 -xc++ -triple x86_64-apple-macosx10.14.0 %s -verify // RUN: %clang_cc1 -xc++ -triple x86_64-apple-macosx10.14.0 %s -verify -DUSE_BUILTINS - -// RUN: %clang_cc1 -triple x86_64-apple-macosx10.14.0 %s -verify -fexperimental-new-constant-interpreter // RUN: %clang_cc1 -triple x86_64-apple-macosx10.14.0 %s -verify -DUSE_BUILTINS -fexperimental-new-constant-interpreter -// RUN: %clang_cc1 -xc++ -triple x86_64-apple-macosx10.14.0 %s -verify -fexperimental-new-constant-interpreter -// RUN: %clang_cc1 -xc++ -triple x86_64-apple-macosx10.14.0 %s -verify -DUSE_BUILTINS -fexperimental-new-constant-interpreter typedef unsigned long size_t; diff --git a/clang/test/Sema/warn-memset-bad-sizeof.c b/clang/test/Sema/warn-memset-bad-sizeof.c index c4768d8d0edd2..d72fe943dd216 100644 --- a/clang/test/Sema/warn-memset-bad-sizeof.c +++ b/clang/test/Sema/warn-memset-bad-sizeof.c @@ -1,4 +1,5 @@ // RUN: %clang_cc1 -fsyntax-only -verify %s +// RUN: %clang_cc1 -fsyntax-only -fexperimental-new-constant-interpreter -verify %s // expected-no-diagnostics diff --git a/clang/test/Sema/warn-nontrivial-struct-memaccess-ptrauth.c b/clang/test/Sema/warn-nontrivial-struct-memaccess-ptrauth.c index 9cdb98e55458b..a35f69173927b 100644 --- a/clang/test/Sema/warn-nontrivial-struct-memaccess-ptrauth.c +++ b/clang/test/Sema/warn-nontrivial-struct-memaccess-ptrauth.c @@ -2,6 +2,7 @@ // RUN: %clang_cc1 -triple aarch64-linux-gnu -fptrauth-calls -fptrauth-intrinsics -fsyntax-only -verify=c,expected %s // RUN: %clang_cc1 -triple arm64-apple-ios -fptrauth-calls -fptrauth-intrinsics -fsyntax-only -x c++ -verify=cxx,expected %s // RUN: %clang_cc1 -triple aarch64-linux-gnu -fptrauth-calls -fptrauth-intrinsics -fsyntax-only -x c++ -verify=cxx,expected %s +// RUN: %clang_cc1 -triple aarch64-linux-gnu -fptrauth-calls -fptrauth-intrinsics -fsyntax-only -fexperimental-new-constant-interpreter -verify=c,expected %s #if defined __cplusplus extern "C" { diff --git a/clang/test/Sema/warn-strncat-size.c b/clang/test/Sema/warn-strncat-size.c index f343465d65bc9..587cb00891b07 100644 --- a/clang/test/Sema/warn-strncat-size.c +++ b/clang/test/Sema/warn-strncat-size.c @@ -2,6 +2,7 @@ // RUN: %clang_cc1 -DUSE_BUILTINS -Wstrncat-size -verify -fsyntax-only %s // RUN: %clang_cc1 -Wstrncat-size -fixit -x c %s // RUN: %clang_cc1 -DUSE_BUILTINS -Wstrncat-size -fixit -x c %s +// RUN: %clang_cc1 -DUSE_BUILTINS -Wstrncat-size -fixit -x c -fexperimental-new-constant-interpreter %s typedef __SIZE_TYPE__ size_t; size_t strlen (const char *s); _______________________________________________ cfe-commits mailing list [email protected] https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
