Skip to content

NULL dereference in MicrosoftMangle.cpp on "operator new" mangling #12704

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
timurrrr opened this issue Mar 23, 2012 · 6 comments
Closed

NULL dereference in MicrosoftMangle.cpp on "operator new" mangling #12704

timurrrr opened this issue Mar 23, 2012 · 6 comments
Assignees
@timurrrr
Labels
bugzilla Issues migrated from bugzilla c++

Comments

@timurrrr
Copy link
Contributor

Bugzilla Link 12332
Resolution FIXED
Resolved on Mar 19, 2014 03:27
Version trunk
OS Windows NT
Blocks llvm/llvm-bugzilla-archive#12477
CC @DougGregor,@rjmccall

Extended Description

Repro:
$ more operator_new.cpp
void f(unsigned int);

int main() {
f(42);
char *ptr = new char;
}

-> mangles "void f(unsigned int)" fine, crashes on mangling "void* operator new(unsigned int) ..."

Slightly easier to repro with an intermediate var and assert:
llvm\tools\clang$ svn diff lib\AST\MicrosoftMangle.cpp
Index: lib/AST/MicrosoftMangle.cpp

--- lib/AST/MicrosoftMangle.cpp (revision 153267)
+++ lib/AST/MicrosoftMangle.cpp (working copy)
@@ -767,8 +767,11 @@
// get mangled right.
for (FunctionDecl::param_const_iterator Parm = D->param_begin(),
ParmEnd = D->param_end();

  •       Parm != ParmEnd; ++Parm)

  •    mangleType((*Parm)->getTypeSourceInfo()->getType());

  •       Parm != ParmEnd; ++Parm) {

  •    TypeSourceInfo *source_info = (*Parm)->getTypeSourceInfo();

  •    assert(source_info);

  •    mangleType(source_info->getType());

  •  }
    } else {
    for (FunctionProtoType::arg_type_iterator Arg = Proto->arg_type_begin(),
    ArgEnd = Proto->arg_type_end();
@timurrrr
Copy link
Contributor Author

assigned to @timurrrr

@timurrrr
Copy link
Contributor Author

FTR, this was run with:
$ clang++.exe -Xclang -cxx-abi -Xclang microsoft operator_new.cpp

$ clang++.exe
clang version 3.1 (trunk 152788)
Target: i686-pc-win32
Thread model: posix

@timurrrr
Copy link
Contributor Author

Same assertion is hit on:
int main() {
char *ptr = 0;
delete ptr;
}

@timurrrr
Copy link
Contributor Author

The problem seems to be fixable by taking a different branch of an if/else in the code.

I'm not sure how to change the "if (D) {" condition properly though

Index: lib/AST/MicrosoftMangle.cpp

--- lib/AST/MicrosoftMangle.cpp (revision 153267)
+++ lib/AST/MicrosoftMangle.cpp (working copy)
@@ -767,9 +767,15 @@
// get mangled right.
for (FunctionDecl::param_const_iterator Parm = D->param_begin(),
ParmEnd = D->param_end();

  •       Parm != ParmEnd; ++Parm)

  •    mangleType((*Parm)->getTypeSourceInfo()->getType());

  •       Parm != ParmEnd; ++Parm) {

  •    TypeSourceInfo *source_info = (*Parm)->getTypeSourceInfo();

  •    if (source_info)

  •      mangleType(source_info->getType());

  •    else

  •      goto OUCH;

  •  }
    } else {
    +OUCH:
    for (FunctionProtoType::arg_type_iterator Arg = Proto->arg_type_begin(),
    ArgEnd = Proto->arg_type_end();
    Arg != ArgEnd; ++Arg)

@rjmccall
Copy link
Contributor

rjmccall commented May 1, 2012

I committed your patch as r155879, thanks!

@timurrrr
Copy link
Contributor Author

mentioned in issue llvm/llvm-bugzilla-archive#12477

@llvmbot llvmbot transferred this issue from llvm/llvm-bugzilla-archive Dec 3, 2021
@timurrrr timurrrr mentioned this issue Aug 15, 2023
Closed
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@timurrrr timurrrr

Labels
bugzilla Issues migrated from bugzilla c++
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@timurrrr @rjmccall