Author: Balázs Benics Date: 2026-02-17T19:20:34Z New Revision: 637d3dc1225e041ab020cd664e1d709099aa5f30
URL: https://github.com/llvm/llvm-project/commit/637d3dc1225e041ab020cd664e1d709099aa5f30 DIFF: https://github.com/llvm/llvm-project/commit/637d3dc1225e041ab020cd664e1d709099aa5f30.diff LOG: [clang][ssaf] Fix UB caused by missing virtual dtor of FormatInfoEntry (#181838) In the `llvm::Registry` the `Add` will create a `unique_ptr` of the desired derived type on the heap; then it puts it into the linked list of base pointers. Consequently, when destructing the registry, it needs to call the matching dtor for the object, so that must be virtual. In this patch, I fix it by marking it virtual, and also put a static assert to prevent future mistakes of this kind. FYI: The static assert must be in dependent context to ensure that `T` is complete by the time hitting the static assert. Fixes https://github.com/Quuxplusone/llvm-project/issues/51 Added: Modified: clang/include/clang/Analysis/Scalable/Serialization/SerializationFormat.h clang/unittests/Analysis/Scalable/Registries/FancyAnalysisData.cpp clang/unittests/Analysis/Scalable/Serialization/JSONFormatTest.cpp llvm/include/llvm/Support/Registry.h Removed: ################################################################################ diff --git a/clang/include/clang/Analysis/Scalable/Serialization/SerializationFormat.h b/clang/include/clang/Analysis/Scalable/Serialization/SerializationFormat.h index 9c420b84ffd21..5686a088c72d4 100644 --- a/clang/include/clang/Analysis/Scalable/Serialization/SerializationFormat.h +++ b/clang/include/clang/Analysis/Scalable/Serialization/SerializationFormat.h @@ -56,6 +56,7 @@ template <class SerializerFn, class DeserializerFn> struct FormatInfoEntry { DeserializerFn Deserialize) : ForSummary(ForSummary), Serialize(Serialize), Deserialize(Deserialize) { } + virtual ~FormatInfoEntry() = default; SummaryName ForSummary; SerializerFn Serialize; diff --git a/clang/unittests/Analysis/Scalable/Registries/FancyAnalysisData.cpp b/clang/unittests/Analysis/Scalable/Registries/FancyAnalysisData.cpp index 3f1e98199f56a..7faaaade6b6f0 100644 --- a/clang/unittests/Analysis/Scalable/Registries/FancyAnalysisData.cpp +++ b/clang/unittests/Analysis/Scalable/Registries/FancyAnalysisData.cpp @@ -44,7 +44,7 @@ deserializeFancyAnalysis(const SpecialFileRepresentation &File, namespace { using FormatInfo = MockSerializationFormat::FormatInfo; -struct FancyAnalysisFormatInfo : FormatInfo { +struct FancyAnalysisFormatInfo final : FormatInfo { FancyAnalysisFormatInfo() : FormatInfo{ SummaryName("FancyAnalysis"), diff --git a/clang/unittests/Analysis/Scalable/Serialization/JSONFormatTest.cpp b/clang/unittests/Analysis/Scalable/Serialization/JSONFormatTest.cpp index 4d28e215c6298..62890da28e248 100644 --- a/clang/unittests/Analysis/Scalable/Serialization/JSONFormatTest.cpp +++ b/clang/unittests/Analysis/Scalable/Serialization/JSONFormatTest.cpp @@ -93,7 +93,8 @@ deserializePairsEntitySummaryForJSONFormatTest( return std::move(Result); } -struct PairsEntitySummaryForJSONFormatTestFormatInfo : JSONFormat::FormatInfo { +struct PairsEntitySummaryForJSONFormatTestFormatInfo final + : JSONFormat::FormatInfo { PairsEntitySummaryForJSONFormatTestFormatInfo() : JSONFormat::FormatInfo( SummaryName("PairsEntitySummaryForJSONFormatTest"), diff --git a/llvm/include/llvm/Support/Registry.h b/llvm/include/llvm/Support/Registry.h index ed1c6a5f08153..2c7b479eb91b9 100644 --- a/llvm/include/llvm/Support/Registry.h +++ b/llvm/include/llvm/Support/Registry.h @@ -141,6 +141,7 @@ template <typename T, typename... CtorParamTypes> class Registry { node Node; static std::unique_ptr<T> CtorFn(CtorParamTypes &&...Params) { + static_assert(std::has_virtual_destructor_v<T>); return std::make_unique<V>(std::forward<CtorParamTypes>(Params)...); } _______________________________________________ cfe-commits mailing list [email protected] https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
