Fix a use-after-free introduced by r344915.

r344915 added a call to ApplyDebugLocation to the sanitizer check
function emitter. Some of the sanitizers are emitted in the function
epilogue though and the LexicalScopeStack is emptied out before. By
detecting this situation and early-exiting from ApplyDebugLocation the
fallback location is used, which is equivalent to the return location.

rdar://problem/45859802

llvm-svn: 346454

2 files changed, 11 insertions, 1 deletions

diff --git a/clang/lib/CodeGen/CGDebugInfo.cpp b/clang/lib/CodeGen/CGDebugInfo.cpp
index 1d999e446cc..81cc07dddd1 100644
--- a/clang/lib/CodeGen/CGDebugInfo.cpp
+++ b/clang/lib/CodeGen/CGDebugInfo.cpp
@@ -3538,7 +3538,7 @@ void CGDebugInfo::EmitLocation(CGBuilderTy &Builder, SourceLocation Loc) {
   // Update our current location
   setLocation(Loc);
 
-  if (CurLoc.isInvalid() || CurLoc.isMacroID())
+  if (CurLoc.isInvalid() || CurLoc.isMacroID() || LexicalBlockStack.empty())
     return;
 
   llvm::MDNode *Scope = LexicalBlockStack.back();
diff --git a/clang/test/CodeGen/ubsan-debuglog-return.c b/clang/test/CodeGen/ubsan-debuglog-return.c
new file mode 100644
index 00000000000..31f5ce2da58
--- /dev/null
+++ b/clang/test/CodeGen/ubsan-debuglog-return.c
@@ -0,0 +1,10 @@
+// RUN: %clang_cc1 -x c -debug-info-kind=line-tables-only -emit-llvm -fsanitize=returns-nonnull-attribute -o - %s | FileCheck %s
+// The UBSAN function call in the epilogue needs to have a debug location.
+
+__attribute__((returns_nonnull)) void *allocate() {}
+
+// CHECK: define nonnull i8* @allocate(){{.*}} !dbg
+// CHECK: call void @__ubsan_handle_nonnull_return_v1_abort
+// CHECK-SAME:  !dbg ![[LOC:[0-9]+]]
+// CHECK: ret i8*
+// CHECK-SAME:  !dbg ![[LOC]]