[PATCH] D80980: [AST] Fix a null initializer crash for InitListExpr
Haojian Wu via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Tue Jun 2 00:31:23 PDT 2020
hokein created this revision.
hokein added a reviewer: sammccall.
Herald added a project: clang.
hokein marked an inline comment as done.
hokein added inline comments.
================
Comment at: clang/lib/Sema/SemaInit.cpp:1640
expr = Result.getAs<Expr>();
// FIXME: Why are we updating the syntactic init list?
+ if (!VerifyOnly && expr)
----------------
I have the same question.
but if you looked at the other 2 places (same FIXME) of this file, they reset the `Init` only when the `Result` is valid. I think this place maybe an overlook.
The Initializer of a InitListExpr can be reset to null, which leads to
nullptr-acces crashes.
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D80980
Files:
clang/lib/Sema/SemaInit.cpp
clang/test/AST/ast-dump-recovery.cpp
Index: clang/test/AST/ast-dump-recovery.cpp
===================================================================
--- clang/test/AST/ast-dump-recovery.cpp
+++ clang/test/AST/ast-dump-recovery.cpp
@@ -181,3 +181,14 @@
// Verified that the generated call operator is invalid.
// CHECK: |-CXXMethodDecl {{.*}} invalid operator() 'auto () const -> auto'
using Escape = decltype([] { return undef(); }());
+
+// CHECK: VarDecl {{.*}} NoCrashOnInvalidInitList
+// CHECK-NEXT: `-RecoveryExpr {{.*}} '<dependent type>' contains-errors lvalue
+// CHECK-NEXT: `-InitListExpr
+// CHECK-NEXT: `-DesignatedInitExpr {{.*}} 'void'
+// CHECK-NEXT: `-CXXNullPtrLiteralExpr {{.*}} 'nullptr_t'
+struct {
+ int& abc;
+} NoCrashOnInvalidInitList = {
+ .abc = nullptr,
+};
Index: clang/lib/Sema/SemaInit.cpp
===================================================================
--- clang/lib/Sema/SemaInit.cpp
+++ clang/lib/Sema/SemaInit.cpp
@@ -1638,7 +1638,7 @@
expr = Result.getAs<Expr>();
// FIXME: Why are we updating the syntactic init list?
- if (!VerifyOnly)
+ if (!VerifyOnly && expr)
IList->setInit(Index, expr);
if (hadError)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D80980.267796.patch
Type: text/x-patch
Size: 1153 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20200602/f0d4169c/attachment.bin>
More information about the cfe-commits
mailing list