[Clang] Fix Undefined Behavior introduced by #91199

[cor3ntin]

We stack allocated an OpaqueExpr that woukd be used after it was destroyed.

https://lab.llvm.org/buildbot/#/builders/57/builds/34909

[llvmbot]

@llvm/pr-subscribers-clang

Author: cor3ntin (cor3ntin)

Changes

We stack allocated an OpaqueExpr that woukd be used after it was destroyed.

---

Full diff: https://github.com/llvm/llvm-project/pull/91718.diff

1 Files Affected:

• (modified) clang/lib/Sema/SemaExprCXX.cpp (+9-8)

diff --git a/clang/lib/Sema/SemaExprCXX.cpp b/clang/lib/Sema/SemaExprCXX.cpp
index ae844bc699143..1bd40a4b5db7e 100644
--- a/clang/lib/Sema/SemaExprCXX.cpp
+++ b/clang/lib/Sema/SemaExprCXX.cpp
@@ -5630,7 +5630,8 @@ static bool EvaluateBinaryTypeTrait(Sema &Self, TypeTrait BTT, const TypeSourceI
 static ExprResult CheckConvertibilityForTypeTraits(Sema &Self,
                                                    const TypeSourceInfo *Lhs,
                                                    const TypeSourceInfo *Rhs,
-                                                   SourceLocation KeyLoc) {
+                                                   SourceLocation KeyLoc,
+                                                   llvm::BumpPtrAllocator & OpaqueExprAllocator) {
 
   QualType LhsT = Lhs->getType();
   QualType RhsT = Rhs->getType();
@@ -5675,9 +5676,9 @@ static ExprResult CheckConvertibilityForTypeTraits(Sema &Self,
 
   // Build a fake source and destination for initialization.
   InitializedEntity To(InitializedEntity::InitializeTemporary(RhsT));
-  OpaqueValueExpr From(KeyLoc, LhsT.getNonLValueExprType(Self.Context),
+  Expr* From = new (OpaqueExprAllocator.Allocate<OpaqueValueExpr>())
+          OpaqueValueExpr(KeyLoc, LhsT.getNonLValueExprType(Self.Context),
                        Expr::getValueKindForType(LhsT));
-  Expr *FromPtr = &From;
   InitializationKind Kind =
       InitializationKind::CreateCopy(KeyLoc, SourceLocation());
 
@@ -5687,11 +5688,11 @@ static ExprResult CheckConvertibilityForTypeTraits(Sema &Self,
       Self, Sema::ExpressionEvaluationContext::Unevaluated);
   Sema::SFINAETrap SFINAE(Self, /*AccessCheckingSFINAE=*/true);
   Sema::ContextRAII TUContext(Self, Self.Context.getTranslationUnitDecl());
-  InitializationSequence Init(Self, To, Kind, FromPtr);
+  InitializationSequence Init(Self, To, Kind, From);
   if (Init.Failed())
     return ExprError();
 
-  ExprResult Result = Init.Perform(Self, To, Kind, FromPtr);
+  ExprResult Result = Init.Perform(Self, To, Kind, From);
   if (Result.isInvalid() || SFINAE.hasErrorOccurred())
     return ExprError();
 
@@ -5819,7 +5820,7 @@ static bool EvaluateBooleanTypeTrait(Sema &S, TypeTrait Kind,
           S.Context.getPointerType(T.getNonReferenceType()));
       TypeSourceInfo *UPtr = S.Context.CreateTypeSourceInfo(
           S.Context.getPointerType(U.getNonReferenceType()));
-      return !CheckConvertibilityForTypeTraits(S, UPtr, TPtr, RParenLoc)
+      return !CheckConvertibilityForTypeTraits(S, UPtr, TPtr, RParenLoc, OpaqueExprAllocator)
                   .isInvalid();
     }
 
@@ -6028,9 +6029,9 @@ static bool EvaluateBinaryTypeTrait(Sema &Self, TypeTrait BTT, const TypeSourceI
   case BTT_IsNothrowConvertible: {
     if (RhsT->isVoidType())
       return LhsT->isVoidType();
-
+    llvm::BumpPtrAllocator OpaqueExprAllocator;
     ExprResult Result =
-        CheckConvertibilityForTypeTraits(Self, Lhs, Rhs, KeyLoc);
+        CheckConvertibilityForTypeTraits(Self, Lhs, Rhs, KeyLoc, OpaqueExprAllocator);
     if (Result.isInvalid())
       return false;
 

[github-actions]

✅ With the latest revision this PR passed the C/C++ code formatter.

[Endilll]

LGTM
You should leave a link in the description to the buildbot failure you're addressing.

[cor3ntin]

Merging that now to fix CI (hopefully)