[Clang] Fix crash in __builtin_assume_aligned (#114217)

ostannard · web-flow · commit ecdc5289afec · 2024-12-19T10:34:56.000Z
The CodeGen for __builtin_assume_aligned assumes that the first argument is a pointer, so crashes if the int-conversion error is downgraded or disabled. Emit a non-downgradable error if the argument is not a pointer, like we currently do for __builtin_launder. Fixes #110914.
diff --git a/clang-tools-extra/test/clang-tidy/checkers/cppcoreguidelines/pro-type-vararg.cpp b/clang-tools-extra/test/clang-tidy/checkers/cppcoreguidelines/pro-type-vararg.cpp
@@ -51,8 +51,8 @@ void my_printf(const char* format, ...) {
 
 int my_vprintf(const char* format, va_list arg ); // OK to declare function taking va_list
 
-void ignoredBuiltinsTest() {
-  (void)__builtin_assume_aligned(0, 8);
+void ignoredBuiltinsTest(void *ptr) {
+  (void)__builtin_assume_aligned(ptr, 8);
   (void)__builtin_constant_p(0);
   (void)__builtin_fpclassify(0, 0, 0, 0, 0, 0.f);
   (void)__builtin_isinf_sign(0.f);
diff --git a/clang/include/clang/Basic/DiagnosticSemaKinds.td b/clang/include/clang/Basic/DiagnosticSemaKinds.td
@@ -12324,6 +12324,8 @@ def warn_noderef_to_dereferenceable_pointer : Warning<
 def err_builtin_launder_invalid_arg : Error<
   "%select{non-pointer|function pointer|void pointer}0 argument to "
   "'__builtin_launder' is not allowed">;
+def err_builtin_assume_aligned_invalid_arg : Error<
+  "non-pointer argument to '__builtin_assume_aligned' is not allowed">;
 
 def err_builtin_is_within_lifetime_invalid_arg : Error<
   "%select{non-|function }0pointer argument to '__builtin_is_within_lifetime' "
diff --git a/clang/lib/Sema/SemaChecking.cpp b/clang/lib/Sema/SemaChecking.cpp
@@ -5341,9 +5341,11 @@ bool Sema::BuiltinAssumeAligned(CallExpr *TheCall) {
   {
     ExprResult FirstArgResult =
         DefaultFunctionArrayLvalueConversion(FirstArg);
-    if (checkBuiltinArgument(*this, TheCall, 0))
+    if (!FirstArgResult.get()->getType()->isPointerType()) {
+      Diag(TheCall->getBeginLoc(), diag::err_builtin_assume_aligned_invalid_arg)
+          << TheCall->getSourceRange();
       return true;
-    /// In-place updation of FirstArg by checkBuiltinArgument is ignored.
+    }
     TheCall->setArg(0, FirstArgResult.get());
   }
 
diff --git a/clang/test/Sema/builtin-assume-aligned-downgrade.c b/clang/test/Sema/builtin-assume-aligned-downgrade.c
@@ -0,0 +1,9 @@
+// RUN: %clang_cc1 -fsyntax-only -Wno-int-conversion -triple x86_64-linux -verify %s
+
+// Check that the pointer->int conversion error is not downgradable for the
+// pointer argument to __builtin_assume_aligned.
+
+int test(int *a, int b) {
+  a = (int *)__builtin_assume_aligned(b, 32); // expected-error {{non-pointer argument to '__builtin_assume_aligned' is not allowed}}
+  int *y = __builtin_assume_aligned(1, 1); // expected-error {{non-pointer argument to '__builtin_assume_aligned' is not allowed}}
+}
diff --git a/clang/test/Sema/builtin-assume-aligned.c b/clang/test/Sema/builtin-assume-aligned.c
@@ -74,7 +74,7 @@ int test13(int *a) {
 }
 
 int test14(int *a, int b) {
-  a = (int *)__builtin_assume_aligned(b, 32); // expected-error {{incompatible integer to pointer conversion passing 'int' to parameter of type 'const void *}}
+  a = (int *)__builtin_assume_aligned(b, 32); // expected-error {{non-pointer argument to '__builtin_assume_aligned' is not allowed}}
 }
 
 int test15(int *b) {

Original file line number	Diff line number	Diff line change
`@@ -5341,9 +5341,11 @@ bool Sema::BuiltinAssumeAligned(CallExpr *TheCall) {`
`5341`	`5341`	`{`
`5342`	`5342`	`ExprResult FirstArgResult =`
`5343`	`5343`	`DefaultFunctionArrayLvalueConversion(FirstArg);`
`5344`		`- if (checkBuiltinArgument(*this, TheCall, 0))`
	`5344`	`+ if (!FirstArgResult.get()->getType()->isPointerType()) {`
	`5345`	`+ Diag(TheCall->getBeginLoc(), diag::err_builtin_assume_aligned_invalid_arg)`
	`5346`	`+ << TheCall->getSourceRange();`
`5345`	`5347`	`return true;`
`5346`		`- /// In-place updation of FirstArg by checkBuiltinArgument is ignored.`
	`5348`	`+ }`
`5347`	`5349`	`TheCall->setArg(0, FirstArgResult.get());`
`5348`	`5350`	`}`
`5349`	`5351`
Original file line number	Diff line number	Diff line change
`@@ -74,7 +74,7 @@ int test13(int *a) {`
`74`	`74`	`}`
`75`	`75`
`76`	`76`	`int test14(int *a, int b) {`
`77`		`- a = (int )__builtin_assume_aligned(b, 32); // expected-error {{incompatible integer to pointer conversion passing 'int' to parameter of type 'const void }}`
	`77`	`+ a = (int *)__builtin_assume_aligned(b, 32); // expected-error {{non-pointer argument to '__builtin_assume_aligned' is not allowed}}`
`78`	`78`	`}`
`79`	`79`
`80`	`80`	`int test15(int *b) {`