[Clang][Sema] Fix templated array size calculation. (#96464)

awson · web-flow · commit 37bd788138e1 · 2024-10-15T07:52:02.000+02:00
The [last attempt](#89036) to fix #41441 has been reverted immediately. Here I'm trying the simplest idea I've been able to come with: skip handling dependent case in `BuildCXXNew`. The original test (borrowed form #89036) passes. Also I've created and added to the tests a minimal repro of the code #89036 fails on. This (obviously) also passes.
diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst
@@ -515,6 +515,7 @@ Bug Fixes to C++ Support
 - Fixed overload handling for object parameters with top-level cv-qualifiers in explicit member functions (#GH100394)
 - Fixed a bug in lambda captures where ``constexpr`` class-type objects were not properly considered ODR-used in
   certain situations. (#GH47400), (#GH90896)
+- Fix erroneous templated array size calculation leading to crashes in generated code. (#GH41441)
 
 Bug Fixes to AST Handling
 ^^^^^^^^^^^^^^^^^^^^^^^^^
diff --git a/clang/lib/Sema/SemaExprCXX.cpp b/clang/lib/Sema/SemaExprCXX.cpp
@@ -2157,7 +2157,8 @@ ExprResult Sema::BuildCXXNew(SourceRange Range, bool UseGlobal,
 
   // Per C++0x [expr.new]p5, the type being constructed may be a
   // typedef of an array type.
-  if (!ArraySize) {
+  // Dependent case will be handled separately.
+  if (!ArraySize && !AllocType->isDependentType()) {
     if (const ConstantArrayType *Array
                               = Context.getAsConstantArrayType(AllocType)) {
       ArraySize = IntegerLiteral::Create(Context, Array->getSize(),
diff --git a/clang/test/SemaCXX/GH41441.cpp b/clang/test/SemaCXX/GH41441.cpp
@@ -0,0 +1,46 @@
+// RUN: %clang --target=x86_64-pc-linux -S -fno-discard-value-names -emit-llvm -o - %s | FileCheck %s
+// RUN: %clang_cc1 %s -fsyntax-only -verify
+
+namespace std {
+  using size_t = decltype(sizeof(int));
+};
+void* operator new[](std::size_t, void*) noexcept;
+
+// CHECK: call void @llvm.memset.p0.i64(ptr align 1 %x, i8 0, i64 8, i1 false)
+// CHECK: call void @llvm.memset.p0.i64(ptr align 16 %x, i8 0, i64 32, i1 false)
+template <typename TYPE>
+void f()
+{
+    typedef TYPE TArray[8];
+
+    TArray x;
+    new(&x) TArray();
+}
+
+template <typename T>
+void f1() {
+  int (*x)[1] = new int[1][1];
+}
+template void f1<char>();
+void f2() {
+  int (*x)[1] = new int[1][1];
+}
+
+int main()
+{
+    f<char>();
+    f<int>();
+}
+
+// expected-no-diagnostics
+template <typename T> struct unique_ptr {unique_ptr(T* p){}};
+
+template <typename T>
+unique_ptr<T> make_unique(unsigned long long n) {
+  return unique_ptr<T>(new T[n]());
+}
+
+auto boro(int n){
+	typedef double HistoryBuffer[4];
+	return make_unique<HistoryBuffer>(n);
+}
