Page MenuHomePhabricator

[Sema] Fix a crash-on-invalid when a template parameter list has a class definition or non-reference class type

Authored by ahatanak on May 26 2017, 2:47 PM.



Currently clang crashes with an assertion failure in SemaAccess.cpp ("Assertion failed: (Access == AS_private || Access == AS_protected)") when compiling the following invalid code:

class C0 {
  template<typename T0, typename T1 = T0 // missing closing angle bracket
  struct S0 {};

  C0() : m(new S0<int>) {}
  S0<int> *m;

  template<class C1 *p>
  void foo1();

C1 *x;

This seems to happen because:

  • The definition of struct S0 is parsed as part of the template parameters list because of the missing closing angle bracket.
  • Sema adds struct S0 to class C0's scope. But if struct S0 is introduced in a template parameter list, it should add the struct to the enclosing scope (the file scope), just like it would add class C1 to the file scope.
  • It looks up S0 in C0's scope and then checks its access specifier when LookupResult is destructed. The assertion fails because S0's access specifier is not set (it's AS_none).

To fix the crash, I made changes in Sema::ActOnTag to check whether it's parsing a template parameter list and, if it is, move S0 to the correct scope. Also, the TagDecl is marked as invalid if the class is defined in a template parameter list. Note that test/SemaCXX/PR16677.cpp loses one error diagnostic because of this change.


Diff Detail

Event Timeline

ahatanak created this revision.May 26 2017, 2:47 PM
This revision is now accepted and ready to land.Jun 22 2017, 5:37 PM
This revision was automatically updated to reflect the committed changes.