[clang] [clang][ObjC][CodeComplete] Fix crash on C-Style cast with parenthesized operand in ObjC++ (PR #180343)

via cfe-commits cfe-commits at lists.llvm.org
Fri Feb 13 20:29:11 PST 2026 

https://github.com/edisongz updated https://github.com/llvm/llvm-project/pull/180343

>From 24e569b3856a2c227603dc01d3a67ae6b3f4490c Mon Sep 17 00:00:00 2001
From: Yijie Jiang <edisongz123 at gmail.com>
Date: Sat, 7 Feb 2026 18:34:46 +0800
Subject: [PATCH 1/3] [clang][ObjC][CodeComplete] Fix crash on C-Style cast
 with parenthesized operand in ObjC++

In ObjC++ mode, code-completion after a C-style cast like `(int*)(0x200)`
crashed because the inner parenthesized expression was parsed as a
`ParenListExpr` (null type) due to `AllowTypes` propagation.

Add a null-type guard in CodeCompletePostfixExpression.
---
 clang/lib/Sema/SemaCodeComplete.cpp                  |  2 +-
 .../CodeCompletion/objc-cast-parenthesized-expr.m    | 12 ++++++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)
 create mode 100644 clang/test/CodeCompletion/objc-cast-parenthesized-expr.m

diff --git a/clang/lib/Sema/SemaCodeComplete.cpp b/clang/lib/Sema/SemaCodeComplete.cpp
index aa93507ab5c30..0d8ed56a1ede3 100644
--- a/clang/lib/Sema/SemaCodeComplete.cpp
+++ b/clang/lib/Sema/SemaCodeComplete.cpp
@@ -5152,7 +5152,7 @@ void SemaCodeCompletion::CodeCompletePostfixExpression(Scope *S, ExprResult E,
                                                        QualType PreferredType) {
   if (E.isInvalid())
     CodeCompleteExpression(S, PreferredType);
-  else if (getLangOpts().ObjC)
+  else if (getLangOpts().ObjC && !E.get()->getType().isNull())
     CodeCompleteObjCInstanceMessage(S, E.get(), {}, false);
 }
 
diff --git a/clang/test/CodeCompletion/objc-cast-parenthesized-expr.m b/clang/test/CodeCompletion/objc-cast-parenthesized-expr.m
new file mode 100644
index 0000000000000..171d62cf971f5
--- /dev/null
+++ b/clang/test/CodeCompletion/objc-cast-parenthesized-expr.m
@@ -0,0 +1,12 @@
+// Note: the run lines follow their respective tests, since line/column
+// matter in this test.
+
+void func() {
+  int *foo = (int *)(0x200);
+  int *bar = (int *)((0x200));
+}
+
+// Make sure this doesn't crash
+// RUN: %clang_cc1 -fsyntax-only -xobjective-c++-header -code-completion-at=%s:%(line-5):28 %s
+// RUN: %clang_cc1 -fsyntax-only -xobjective-c++-header -code-completion-at=%s:%(line-5):30 %s
+

>From 46ca8b71c3ddbb0bae8bc4f903b9edfd2c04bbba Mon Sep 17 00:00:00 2001
From: Yijie Jiang <edisongz123 at gmail.com>
Date: Fri, 13 Feb 2026 19:07:37 +0800
Subject: [PATCH 2/3] [clang] Add ReleaseNotes entry

Fixes #180125
---
 clang/docs/ReleaseNotes.rst | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst
index 613d87668be18..b808459a0c9c4 100644
--- a/clang/docs/ReleaseNotes.rst
+++ b/clang/docs/ReleaseNotes.rst
@@ -352,6 +352,9 @@ libclang
 Code Completion
 ---------------
 
+- Fixed a crash in code completion when using a C-Style cast with a parenthesized
+  operand in Objective-C++ mode. (#GH180125)
+
 Static Analyzer
 ---------------
 

>From 73d0853d12709fe582affe74146298398c8b72ed Mon Sep 17 00:00:00 2001
From: Yijie Jiang <edisongz123 at gmail.com>
Date: Sat, 14 Feb 2026 12:28:49 +0800
Subject: [PATCH 3/3] Fix crash on ObjC message send to expr with null type

---
 clang/lib/Sema/SemaCodeComplete.cpp | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/clang/lib/Sema/SemaCodeComplete.cpp b/clang/lib/Sema/SemaCodeComplete.cpp
index 0d8ed56a1ede3..fbf30cb2ff1db 100644
--- a/clang/lib/Sema/SemaCodeComplete.cpp
+++ b/clang/lib/Sema/SemaCodeComplete.cpp
@@ -5152,7 +5152,7 @@ void SemaCodeCompletion::CodeCompletePostfixExpression(Scope *S, ExprResult E,
                                                        QualType PreferredType) {
   if (E.isInvalid())
     CodeCompleteExpression(S, PreferredType);
-  else if (getLangOpts().ObjC && !E.get()->getType().isNull())
+  else if (getLangOpts().ObjC)
     CodeCompleteObjCInstanceMessage(S, E.get(), {}, false);
 }
 
@@ -8439,6 +8439,11 @@ void SemaCodeCompletion::CodeCompleteObjCInstanceMessage(
   typedef CodeCompletionResult Result;
   ASTContext &Context = getASTContext();
 
+  // If the receiver expression has no type (e.g., a parenthesized C-style cast
+  // that hasn't been resolved), bail out to avoid dereferencing a null type.
+  if (RecExpr && RecExpr->getType().isNull())
+    return;
+
   // If necessary, apply function/array conversion to the receiver.
   // C99 6.7.5.3p[7,8].
   if (RecExpr) {

More information about the cfe-commits mailing list