This is an archive of the discontinued LLVM Phabricator instance.

Differential D105478

[clang] Make CXXRecrdDecl invalid if it contains any undeduced fields.
ClosedPublic

Authored by adamcz on Jul 6 2021, 6:35 AM.

Details

Reviewers
hokein
Commits
rG08128fe7059e: [clang] Make member var invalid when static initializer is invalid.
Summary

Undeduced fields in a valid record cause crashes when trying to obtain
the size and/or layout of the record.

Diff Detail

Event Timeline

adamcz requested review of this revision.Jul 6 2021, 6:35 AM
adamcz created this revision.
Herald added a project: Restricted Project. · View Herald TranscriptJul 6 2021, 6:35 AM
Herald added a subscriber: cfe-commits. · View Herald Transcript
Harbormaster completed remote builds in B112604: Diff 356704.Jul 6 2021, 7:16 AM
hokein added inline comments.Jul 7 2021, 12:19 AM
clang/test/SemaCXX/cxx11-crashes.cpp
117

I think the root cause is that this incomplete var declaration is marked valid.

Looks like there are a few inconsistencies in clang:

struct Bar {
  static constexpr auto A1; // case1: invalid
  static constexpr auto A2 = ; // case2: valid
};

// static var decl in global context
static constexpr auto A3; // case3: invalid
static constexpr auto A4 = ; // case4: invalid

so it looks like marking case2 valid is a bug, I think we should invalidate it.

adamcz updated this revision to Diff 356925.Jul 7 2021, 5:35 AM

changed to marking field type as invalid

adamcz added inline comments.Jul 7 2021, 5:37 AM
clang/test/SemaCXX/cxx11-crashes.cpp
117

I updated the change to mark a FieldDecl with undeduced type as invalid, thus making the record invalid too. Also added a test using -ast-dump to verify that both field and record are invalid, but kept the crash test too.

hokein added inline comments.Jul 7 2021, 6:00 AM
clang/test/SemaCXX/cxx11-crashes.cpp
117

sorry, my comment was not clear enough -- if I understand your new change correctly, the change makes the field decl Foo<decltype(A)>::type B; but not the decl A.

The problem here is static constexpr auto A = ;, this declaration (var, not field) is valid, which causes the field decl below Foo<decltype(A)>::type B; valid. If we invalidate the Decl A, then the filed decl B should be invalidated automatically.

leaving A valid is problematic -- we can't have a valid decl with an undeduced auto type in clang. the following case would lead another crash:

struct Bar {
  static constexpr auto A = ;
};
constexpr int s = sizeof(Bar::A);

So the solution is to make Decl A invalid.

Harbormaster completed remote builds in B112767: Diff 356925.Jul 7 2021, 6:13 AM
adamcz updated this revision to Diff 357511.Jul 9 2021, 8:02 AM

Fix a more generic case of invalid static initializer

adamcz added a comment.Jul 9 2021, 8:03 AM

OK, I think we've got it now :-)

I kept the original crash test in the change, but I'm not sure if it's appropriate anymore. Let me know if you think I should remove it.

Harbormaster completed remote builds in B113200: Diff 357511.Jul 9 2021, 8:37 AM
hokein added a comment.Jul 13 2021, 5:16 AM
In D105478#2867120, @adamcz wrote:

OK, I think we've got it now :-)

I kept the original crash test in the change, but I'm not sure if it's appropriate anymore. Let me know if you think I should remove it.

Thanks, that sounds good to me, the original crash test is valuable, worth to keep it.

clang/lib/Parse/ParseDeclCXX.cpp
2994

it seems to me calling Sema::ActOnInitializerError(ThisDecl) is a better fit, rather than invalidating the decl once the initializer is failed to parse, for example static const int Member = ; we want to keep the decl valid.

adamcz updated this revision to Diff 363495.Aug 2 2021, 9:32 AM

ActOnInializerError instead of SetInvalidDecl

clang/lib/Parse/ParseDeclCXX.cpp
2994

Amusingly, this change led me to discover https://bugs.llvm.org/show_bug.cgi?id=36064, which seems like the same issue, only solved for a very specific example. I had to update the test for that, since now we solve it more generically and thus error messages are different.

Harbormaster completed remote builds in B117466: Diff 363495.Aug 2 2021, 10:55 AM
hokein accepted this revision.Aug 2 2021, 12:03 PM

Thanks!

This revision is now accepted and ready to land.Aug 2 2021, 12:03 PM
Closed by commit rG08128fe7059e: [clang] Make member var invalid when static initializer is invalid. (authored by adamcz). · Explain WhyAug 3 2021, 2:58 AM
This revision was automatically updated to reflect the committed changes.
adamcz added a commit: rG08128fe7059e: [clang] Make member var invalid when static initializer is invalid..

Revision Contents

PathSize
clang/
lib/
Parse/
6 lines
test/
AST/
7 lines
SemaCXX/
5 lines
19 lines

Diff 363670

clang/lib/Parse/ParseDeclCXX.cpp

Show First 20 LinesShow All 2,983 Lines▼ Show 20 Lines if (HasInClassInit != ICIS_NoInit) {
ThisDecl->setInvalidDecl(); ThisDecl->setInvalidDecl();
} else } else
ParseCXXNonStaticMemberInitializer(ThisDecl); ParseCXXNonStaticMemberInitializer(ThisDecl);
} else if (HasStaticInitializer) { } else if (HasStaticInitializer) {
// Normal initializer. // Normal initializer.
ExprResult Init = ParseCXXMemberInitializer( ExprResult Init = ParseCXXMemberInitializer(
ThisDecl, DeclaratorInfo.isDeclarationOfFunction(), EqualLoc); ThisDecl, DeclaratorInfo.isDeclarationOfFunction(), EqualLoc);
if (Init.isInvalid()) if (Init.isInvalid()) {
if (ThisDecl)
Actions.ActOnUninitializedDecl(ThisDecl);
hokeinUnsubmitted
Not Done
ReplyInline Actions

it seems to me calling Sema::ActOnInitializerError(ThisDecl) is a better fit, rather than invalidating the decl once the initializer is failed to parse, for example static const int Member = ; we want to keep the decl valid.

hokein: it seems to me calling `Sema::ActOnInitializerError(ThisDecl)` is a better fit, rather than…
adamczAuthorUnsubmitted
Done
ReplyInline Actions

Amusingly, this change led me to discover https://bugs.llvm.org/show_bug.cgi?id=36064, which seems like the same issue, only solved for a very specific example. I had to update the test for that, since now we solve it more generically and thus error messages are different.

adamcz: Amusingly, this change led me to discover https://bugs.llvm.org/show_bug.cgi?id=36064, which…
SkipUntil(tok::comma, StopAtSemi | StopBeforeMatch); SkipUntil(tok::comma, StopAtSemi | StopBeforeMatch);
else if (ThisDecl) } else if (ThisDecl)
Actions.AddInitializerToDecl(ThisDecl, Init.get(), EqualLoc.isInvalid()); Actions.AddInitializerToDecl(ThisDecl, Init.get(), EqualLoc.isInvalid());
} else if (ThisDecl && DS.getStorageClassSpec() == DeclSpec::SCS_static) } else if (ThisDecl && DS.getStorageClassSpec() == DeclSpec::SCS_static)
// No initializer. // No initializer.
Actions.ActOnUninitializedDecl(ThisDecl); Actions.ActOnUninitializedDecl(ThisDecl);
if (ThisDecl) { if (ThisDecl) {
if (!ThisDecl->isInvalidDecl()) { if (!ThisDecl->isInvalidDecl()) {
// Set the Decl for any late parsed attributes // Set the Decl for any late parsed attributes
▲ Show 20 LinesShow All 1,705 LinesShow Last 20 Lines

clang/test/AST/ast-dump-undeduced-expr.cpp

  • This file was added.
// RUN: not %clang_cc1 -triple x86_64-unknown-unknown -ast-dump %s | FileCheck %s
struct Foo {
static constexpr auto Bar = ;
};
// CHECK: -VarDecl {{.*}} invalid Bar 'const auto' static constexpr

clang/test/SemaCXX/crash-auto-36064.cpp

// RUN: %clang_cc1 -fsyntax-only -std=c++11 %s -verify // RUN: %clang_cc1 -fsyntax-only -std=c++11 %s -verify
template <typename A, decltype(new A)> // expected-error{{new expression for type 'auto' requires a constructor argument}} template <typename A, decltype(new A)>
struct b; struct b;
struct d { struct d {
static auto c = ; // expected-error{{expected expression}} static auto c = ; // expected-error{{expected expression}}
// expected-error@-1 {{declaration of variable 'c' with deduced type 'auto' requires an initializer}}
decltype(b<decltype(c), int>); // expected-error{{expected '(' for function-style cast or type construction}} decltype(b<decltype(c), int>); // expected-error{{expected '(' for function-style cast or type construction}}
// expected-note@-1{{while substituting prior template arguments into non-type template parameter [with A = auto]}}
}; };

clang/test/SemaCXX/cxx11-crashes.cpp

Show First 20 LinesShow All 98 Lines▼ Show 20 Linesnamespace pr29091 {
bool foo() { return __has_nothrow_constructor(Y); } bool foo() { return __has_nothrow_constructor(Y); }
bool bar() { return __has_nothrow_copy(Y); } bool bar() { return __has_nothrow_copy(Y); }
struct A { template <typename T> A(); }; struct A { template <typename T> A(); };
struct B : A { using A::A; }; struct B : A { using A::A; };
bool baz() { return __has_nothrow_constructor(B); } bool baz() { return __has_nothrow_constructor(B); }
bool qux() { return __has_nothrow_copy(B); } bool qux() { return __has_nothrow_copy(B); }
} }
namespace undeduced_field {
template<class T>
struct Foo {
typedef T type;
};
struct Bar {
Bar();
// The missing expression makes A undeduced.
static constexpr auto A = ; // expected-error {{expected expression}}
hokeinUnsubmitted
Not Done
ReplyInline Actions

I think the root cause is that this incomplete var declaration is marked valid.

Looks like there are a few inconsistencies in clang:

struct Bar {
  static constexpr auto A1; // case1: invalid
  static constexpr auto A2 = ; // case2: valid
};

// static var decl in global context
static constexpr auto A3; // case3: invalid
static constexpr auto A4 = ; // case4: invalid

so it looks like marking case2 valid is a bug, I think we should invalidate it.

hokein: I think the root cause is that this incomplete var declaration is marked valid. Looks like…
adamczAuthorUnsubmitted
Done
ReplyInline Actions

I updated the change to mark a FieldDecl with undeduced type as invalid, thus making the record invalid too. Also added a test using -ast-dump to verify that both field and record are invalid, but kept the crash test too.

adamcz: I updated the change to mark a FieldDecl with undeduced type as invalid, thus making the record…
hokeinUnsubmitted
Not Done
ReplyInline Actions

sorry, my comment was not clear enough -- if I understand your new change correctly, the change makes the field decl Foo<decltype(A)>::type B; but not the decl A.

The problem here is static constexpr auto A = ;, this declaration (var, not field) is valid, which causes the field decl below Foo<decltype(A)>::type B; valid. If we invalidate the Decl A, then the filed decl B should be invalidated automatically.

leaving A valid is problematic -- we can't have a valid decl with an undeduced auto type in clang. the following case would lead another crash:

struct Bar {
  static constexpr auto A = ;
};
constexpr int s = sizeof(Bar::A);

So the solution is to make Decl A invalid.

hokein: sorry, my comment was not clear enough -- if I understand your new change correctly, the change…
// expected-error@-1 {{declaration of variable 'A' with deduced type 'const auto' requires an initializer}}
Foo<decltype(A)>::type B; // The type of B is also undeduced (wrapped in Elaborated).
};
// This used to crash when trying to get the layout of B.
Bar x;
}