<html>

    <head>

      <base href="https://llvm.org/bugs/" />

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW --- - Segmentation fault during semantic analysis of a nested class that inherits from a template type parameter"

   href="https://llvm.org/bugs/show_bug.cgi?id=27427">27427</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>Segmentation fault during semantic analysis of a nested class that inherits from a template type parameter

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>clang

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>trunk

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>All

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>All

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>normal

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>C++

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>unassignedclangbugs@nondot.org

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>rcraik@ca.ibm.com

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>dgregor@apple.com, llvm-bugs@lists.llvm.org

          </td>

        </tr>

        <tr>

          <th>Classification</th>

          <td>Unclassified

          </td>

        </tr></table>

      <p>

        <div>

        <pre>With the following testcase:

//t.cpp

template <class T> int f()

{

        struct B : T {

        };

        struct C : virtual T , virtual B {

        };

    return 0;

}

clang hits a segmentation fault:

clang t.cpp

0  clang-3.9 0x0000000013436c60 llvm::sys::PrintStackTrace(llvm::raw_ostream&)

+ 68

1  clang-3.9 0x0000000013437050

2  clang-3.9 0x000000001343516c llvm::sys::RunSignalHandlers() + 180

3  clang-3.9 0x0000000013436514

4            0x00003fffac060478 __kernel_sigtramp_rt64 + 0

5  clang-3.9 0x0000000013a19f64

6  clang-3.9 0x0000000016559cb0

clang::CXXRecordDecl::isDerivedFrom(clang::CXXRecordDecl const*,

clang::CXXBasePaths&) const + 64

7  clang-3.9 0x000000001557d530

clang::Sema::AttachBaseSpecifiers(clang::CXXRecordDecl*,

llvm::MutableArrayRef<clang::CXXBaseSpecifier*>) + 1596

8  clang-3.9 0x000000001557d82c clang::Sema::ActOnBaseSpecifiers(clang::Decl*,

llvm::MutableArrayRef<clang::CXXBaseSpecifier*>) + 168

9  clang-3.9 0x0000000015010b48 clang::Parser::ParseBaseClause(clang::Decl*) +

344

10 clang-3.9 0x00000000150158d4

clang::Parser::ParseCXXMemberSpecification(clang::SourceLocation,

clang::SourceLocation, clang::Parser::ParsedAttributesWithRange&, unsigned int,

clang::Decl*) + 1584

11 clang-3.9 0x000000001501063c

clang::Parser::ParseClassSpecifier(clang::tok::TokenKind,

clang::SourceLocation, clang::DeclSpec&, clang::Parser::ParsedTemplateInfo

const&, clang::AccessSpecifier, bool, clang::Parser::DeclSpecContext,

clang::Parser::ParsedAttributesWithRange&) + 8296

12 clang-3.9 0x0000000014fefb68

clang::Parser::ParseDeclarationSpecifiers(clang::DeclSpec&,

clang::Parser::ParsedTemplateInfo const&, clang::AccessSpecifier,

clang::Parser::DeclSpecContext, clang::Parser::LateParsedAttrList*) + 11680

13 clang-3.9 0x0000000014fe8cfc clang::Parser::ParseSimpleDeclaration(unsigned

int, clang::SourceLocation&, clang::Parser::ParsedAttributesWithRange&, bool,

clang::Parser::ForRangeInit*) + 168

14 clang-3.9 0x0000000014fe8be0 clang::Parser::ParseDeclaration(unsigned int,

clang::SourceLocation&, clang::Parser::ParsedAttributesWithRange&) + 924

15 clang-3.9 0x0000000015076afc

clang::Parser::ParseStatementOrDeclarationAfterAttributes(llvm::SmallVector<clang::Stmt*,

32u>&, clang::Parser::AllowedContsructsKind, clang::SourceLocation*,

clang::Parser::ParsedAttributesWithRange&) + 2164

16 clang-3.9 0x0000000015075eb0

clang::Parser::ParseStatementOrDeclaration(llvm::SmallVector<clang::Stmt*,

32u>&, clang::Parser::AllowedContsructsKind, clang::SourceLocation*) + 204

17 clang-3.9 0x0000000015079700 clang::Parser::ParseCompoundStatementBody(bool)

+ 964

18 clang-3.9 0x000000001507cf64

clang::Parser::ParseFunctionStatementBody(clang::Decl*,

clang::Parser::ParseScope&) + 472

19 clang-3.9 0x0000000014fc6554

clang::Parser::ParseFunctionDefinition(clang::ParsingDeclarator&,

clang::Parser::ParsedTemplateInfo const&, clang::Parser::LateParsedAttrList*) +

3132

20 clang-3.9 0x0000000015087dd8

clang::Parser::ParseSingleDeclarationAfterTemplate(unsigned int,

clang::Parser::ParsedTemplateInfo const&, clang::ParsingDeclRAIIObject&,

clang::SourceLocation&, clang::AccessSpecifier, clang::AttributeList*) + 2188

21 clang-3.9 0x00000000150874e0

clang::Parser::ParseTemplateDeclarationOrSpecialization(unsigned int,

clang::SourceLocation&, clang::AccessSpecifier, clang::AttributeList*) + 1112

22 clang-3.9 0x0000000015087048

clang::Parser::ParseDeclarationStartingWithTemplate(unsigned int,

clang::SourceLocation&, clang::AccessSpecifier, clang::AttributeList*) + 284

23 clang-3.9 0x0000000014fe8a40 clang::Parser::ParseDeclaration(unsigned int,

clang::SourceLocation&, clang::Parser::ParsedAttributesWithRange&) + 508

24 clang-3.9 0x0000000014fc4afc

clang::Parser::ParseExternalDeclaration(clang::Parser::ParsedAttributesWithRange&,

clang::ParsingDeclSpec*) + 3272

25 clang-3.9 0x0000000014fc3dd8

clang::Parser::ParseTopLevelDecl(clang::OpaquePtr<clang::DeclGroupRef>&) + 812

26 clang-3.9 0x0000000014fbecd8 clang::ParseAST(clang::Sema&, bool, bool) + 464

27 clang-3.9 0x0000000013dd3dd4 clang::ASTFrontendAction::ExecuteAction() + 468

28 clang-3.9 0x000000001430521c clang::CodeGenAction::ExecuteAction() + 1720

29 clang-3.9 0x0000000013dd36a0 clang::FrontendAction::Execute() + 188

30 clang-3.9 0x0000000013d66f2c

clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) + 1304

31 clang-3.9 0x0000000013f51904

clang::ExecuteCompilerInvocation(clang::CompilerInstance*) + 1692

32 clang-3.9 0x000000001129adc0 cc1_main(llvm::ArrayRef<char const*>, char

const*, void*) + 1156

33 clang-3.9 0x000000001128a68c

34 clang-3.9 0x000000001128b028 main + 1844

35 libc.so.6 0x00003fffaba94580

36 libc.so.6 0x00003fffaba94774 __libc_start_main + 196

This was introduced in r226423 - PR6037, specifically this change in

Sema::AttachBaseSpecifiers:

+      bool found

+        = Class->isDerivedFrom(CanonicalBase->getAsCXXRecordDecl(), Paths);

+      assert(found);

For the given testcase CanonicalBase->getAsCXXRecordDecl() returns null because

CanonicalBase is (at its heart) a TemplateTypeParmType, so a segmentation fault

occurs inside isDerivedFrom when Base is dereferenced.

One workaround for this problem is to continue if CanonicalBase represents a

TemplateTypeParmType</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>