From fabd9896a9d4073e22f16354ac320cf6cfd62d1b Mon Sep 17 00:00:00 2001 From: Denis Zobnin Date: Tue, 2 Feb 2016 17:33:09 +0000 Subject: [PATCH] PR23057: Fix assertion `Val && "isa<> used on a null pointer"' on invalid for-range expression. Fix the issue discovered by fuzzing (PR23057, comment 18) by handling nullptr in Sema::ActOnCXXForRangeDecl and correct delayed typos in for-range expression before calling Sema::ActOnCXXForRangeStmt. Also fixes PR26288. Differential Revision: http://reviews.llvm.org/D16630 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@259532 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/Parse/ParseStmt.cpp | 4 +++- lib/Sema/SemaDecl.cpp | 4 ++++ test/CXX/dcl.dcl/dcl.spec/dcl.type/p3-0x.cpp | 3 +++ test/Parser/cxx-invalid-for-range.cpp | 18 ++++++++++++++++++ 4 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 test/Parser/cxx-invalid-for-range.cpp diff --git a/lib/Parse/ParseStmt.cpp b/lib/Parse/ParseStmt.cpp index 6c27b27138..71904f0cc2 100644 --- a/lib/Parse/ParseStmt.cpp +++ b/lib/Parse/ParseStmt.cpp @@ -1716,9 +1716,11 @@ StmtResult Parser::ParseForStatement(SourceLocation *TrailingElseLoc) { StmtResult ForEachStmt; if (ForRange) { + ExprResult CorrectedRange = + Actions.CorrectDelayedTyposInExpr(ForRangeInit.RangeExpr.get()); ForRangeStmt = Actions.ActOnCXXForRangeStmt( getCurScope(), ForLoc, CoawaitLoc, FirstPart.get(), - ForRangeInit.ColonLoc, ForRangeInit.RangeExpr.get(), + ForRangeInit.ColonLoc, CorrectedRange.get(), T.getCloseLocation(), Sema::BFRK_Build); // Similarly, we need to do the semantic analysis for a for-range diff --git a/lib/Sema/SemaDecl.cpp b/lib/Sema/SemaDecl.cpp index 11d51a0979..5db2c374ae 100644 --- a/lib/Sema/SemaDecl.cpp +++ b/lib/Sema/SemaDecl.cpp @@ -9928,6 +9928,10 @@ void Sema::ActOnUninitializedDecl(Decl *RealDecl, } void Sema::ActOnCXXForRangeDecl(Decl *D) { + // If there is no declaration, there was an error parsing it. Ignore it. + if (!D) + return; + VarDecl *VD = dyn_cast(D); if (!VD) { Diag(D->getLocation(), diag::err_for_range_decl_must_be_var); diff --git a/test/CXX/dcl.dcl/dcl.spec/dcl.type/p3-0x.cpp b/test/CXX/dcl.dcl/dcl.spec/dcl.type/p3-0x.cpp index 39d6e706b6..447f7c5d6c 100644 --- a/test/CXX/dcl.dcl/dcl.spec/dcl.type/p3-0x.cpp +++ b/test/CXX/dcl.dcl/dcl.spec/dcl.type/p3-0x.cpp @@ -18,6 +18,9 @@ void f() { for (struct S { S(int) {} } s : arr) { // expected-error {{types may not be defined in a for range declaration}} } + for (struct S { S(int) {} } s : Undeclared); // expected-error{{types may not be defined in a for range declaration}} + // expected-error@-1{{use of undeclared identifier 'Undeclared'}} + new struct T {}; // expected-error {{'T' cannot be defined in a type specifier}} new struct A {}; // expected-error {{'A' cannot be defined in a type specifier}} diff --git a/test/Parser/cxx-invalid-for-range.cpp b/test/Parser/cxx-invalid-for-range.cpp new file mode 100644 index 0000000000..557c1da209 --- /dev/null +++ b/test/Parser/cxx-invalid-for-range.cpp @@ -0,0 +1,18 @@ +// RUN: %clang_cc1 -std=c++11 -fsyntax-only -verify %s + +// From PR23057 comment #18 (https://llvm.org/bugs/show_bug.cgi?id=23057#c18). + +namespace N { + int X[10]; // expected-note{{declared here}}}} +} + +void f1() { + for (auto operator new : X); // expected-error{{'operator new' cannot be the name of a variable or data member}} + // expected-error@-1{{use of undeclared identifier 'X'; did you mean 'N::X'?}} +} + +void f2() { + for (a operator== :) // expected-error{{'operator==' cannot be the name of a variable or data member}} + // expected-error@-1{{expected expression}} + // expected-error@-2{{unknown type name 'a'}} +} // expected-error{{expected statement}} -- 2.50.1