Compiler crash involving use of signal function in checked scope

[secure-sw-dev-bot]

This issue was copied from checkedc/checkedc-clang#478

---

The following small piece of code causes a compiler crash:

#include <signal_checked.h>
#include <stdlib_checked.h>
#include <stdchecked.h>

#pragma BOUNDS_CHECKED ON

int main(int argc, nt_array_ptr<char> argv checked[] : count(argc)) {
  // Compiler crashes when this is done in a checked scope.
  signal(SIGILL, handle_error);
  return 0;
}

Moving the call to signal to an unchecked scope causes the problem to go away.

Here is the assert message and the relevant part of the stack trace:

Assertion failed: Capacity - Index == TypeLoc::getFullDataSizeForType(T) && "incorrect data size provided to CreateTypeSourceInfo!", file D:\checkedc1\llvm\tools\clang\lib\Sema\TypeLocBuilder.cpp, line 161
#7 0x00007ff708c486be clang::TypeLocBuilder::pushImpl(class clang::QualType,unsigned __int64,unsigned int) d:\checkedc1\llvm\tools\clang\lib\sema\typelocbuilder.cpp:160:0
#8 0x00007ff7081e4306 clang::TypeLocBuilder::push<class clang::FunctionProtoTypeLoc>(class clang::QualType) d:\checkedc1\llvm\tools\clang\lib\sema\typelocbuilder.h:100:0
#9 0x00007ff708e50958 `anonymous namespace'::TransformFunctionTypeToChecked::TransformFunctionProtoType<<lambda_b4c066e29169a00e445e0ac5e7c6936a> > d:\checkedc1\llvm\tools\clang\lib\sema\checkedcinterop.cpp:240:0
#10 0x00007ff708e7ebbc `anonymous namespace'::TransformFunctionTypeToChecked::TransformFunctionProtoType d:\checkedc1\llvm\tools\clang\lib\sema\checkedcinterop.cpp:95:0
#11 0x00007ff708ea5a6a clang::TreeTransform<`anonymous namespace'::TransformFunctionTypeToChecked>::TransformType d:\checkedc1\llvm\tools\clang\include\clang\ast\typenodes.def:81:0
#12 0x00007ff708ea6ee2 clang::TreeTransform<`anonymous namespace'::TransformFunctionTypeToChecked>::TransformType d:\checkedc1\llvm\tools\clang\lib\sema\treetransform.h:4215:0
#13 0x00007ff708ea6cc5 clang::TreeTransform<`anonymous namespace'::TransformFunctionTypeToChecked>::TransformType d:\checkedc1\llvm\tools\clang\lib\sema\treetransform.h:4193:0
#14 0x00007ff708e4e6f9 clang::Sema::RewriteBoundsSafeInterfaceTypes(class clang::QualType) d:\checkedc1\llvm\tools\clang\lib\sema\checkedcinterop.cpp:289:0

[secure-sw-dev-bot]

Comment from @dtarditi:

There is a problem with the code that rewrites types with bounds-safe interfaces to make them checked types in checked scopes. We're using the TreeTransform code in Sema. The code for transforming types is a little complicated to understand because it updates source location information for types as it transforms them. The source location information is maintained separately from types.

The code is transforming types and then updating types based on bounds-safe interfaces. The transformation code is what rebuilds the location information. The location information has to be built in a bottom-up fashion that matches the original order in which it is constructed. We need to update types based on bounds-safe interfaces and then transform the updated types so that the location information is constructed correctly.

[secure-sw-dev-bot]

Comment from @dtarditi:

Fixed by checkedc/checkedc-clang#483.