This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
clang/
-
lib/Sema/
-
Sema/
2
SemaDecl.cpp
-
test/SemaCXX/
-
SemaCXX/
2
pr36536.cpp

Differential D43980

Push a function scope when parsing function bodies without a declaration
ClosedPublic

Authored by rnk on Mar 1 2018, 4:26 PM.

Download Raw Diff

Details

Reviewers

rsmith
thakis
rjmccall

Commits

rGb2da08610327: Push a function scope when parsing function bodies without a declaration
rC326926: Push a function scope when parsing function bodies without a declaration
rL326926: Push a function scope when parsing function bodies without a declaration

Summary

This is PR36536.

There are a few ways to reach Sema::ActOnStartOfFunctionDef with a null
Decl. Currently, the parser continues on to attempt to parse the
statements in the function body without pushing a function scope or
declaration context. However, lots of statement parsing logic relies on
getCurFunction() returning something reasonable. It turns out that
getCurFunction() will never return null today because of an optimization
where Sema pre-allocates one FunctionScopeIfno and reuses it when
possible. This goes wrong when something inside the function body causes
us to push another function scope, such as requiring an implicit
definition of a special member function. Reusing the state clears it
out, which will lead to bugs. In PR36536, we found that the SwitchStack
gets unbalanced, because we push a switch, clear out the stack, and then
try to pop a switch that isn't there.

As a follow-up, I plan to move the pre-allocated FunctionScopeInfo out
of the FunctionScopes stack. This means the FunctionScopes stack will
often be empty, which will make getCurFunction() assert. That's a
high-risk change, so I want to separate it out.

Diff Detail

Build Status

Buildable 15603
Build 15603: arc lint + arc unit

Event Timeline

rnk created this revision.Mar 1 2018, 4:26 PM

Harbormaster completed remote builds in B15603: Diff 136635.Mar 1 2018, 4:28 PM

rnk added a child revision: D44039: [Sema] Make getCurFunction() return null outside function parsing.Mar 2 2018, 1:13 PM

Fix LGTM, one optional comment below.

clang/lib/Sema/SemaDecl.cpp
12412	Feels a bit long-term risky since ActOnStartOfFunctionDef() and ActOnFinishFunctionBody() both need to know about this special-case invariant. Maybe it's worth to add a FakeFunctionScopeCount member to sema in +assert builds, and to increment that here, assert it's > 0 in the other place and decrement it there, and then assert it's 0 at end of TU?
clang/test/SemaCXX/pr36536.cpp
19	Not 100% clear to me what the FIXME is here. Maybe "FIXME: We should improve our recovery to redeclare...." if that's what's meant.

This revision is now accepted and ready to land.Mar 7 2018, 9:09 AM

rnk added a reviewer: rjmccall.Mar 7 2018, 10:48 AM

Closed by commit rL326926: Push a function scope when parsing function bodies without a declaration (authored by rnk). · Explain WhyMar 7 2018, 10:58 AM

This revision was automatically updated to reflect the committed changes.

Herald added a subscriber: llvm-commits. · View Herald TranscriptMar 7 2018, 10:58 AM

Closed by commit rC326926: Push a function scope when parsing function bodies without a declaration (authored by rnk). · Explain WhyMar 7 2018, 10:58 AM

This revision was automatically updated to reflect the committed changes.

Thanks!

John touched this code last in rL112038 in 2010, so maybe he has some thoughts on how to clean this and the follow-up. I think I'll land this as is since it fixes the crash and we can discuss more improvements in D44039.

clang/lib/Sema/SemaDecl.cpp
12412	Well, it's more like these early returns break the invariant that `ActOnStartOfFunctionDef` pushes a function scope. We could try to clean it up with an RAII helper or an layer of function call that ensures that we always push and pop on start and finish, but I'll leave that for the follow-up.
clang/test/SemaCXX/pr36536.cpp
19	I rewrote this to clarify things.

Revision Contents

Path

Size

clang/

lib/

Sema/

SemaDecl.cpp

10 lines

test/

SemaCXX/

pr36536.cpp

45 lines

Diff 136635

clang/lib/Sema/SemaDecl.cpp

This file is larger than 256 KB, so syntax highlighting is disabled by default.

Show First 20 Lines • Show All 12,400 Lines • ▼ Show 20 Lines	if (C.capturesVariable()) {
LSI->addVLATypeCapture(C.getLocation(), I->getType());		LSI->addVLATypeCapture(C.getLocation(), I->getType());
}		}
++I;		++I;
}		}
}		}

Decl Sema::ActOnStartOfFunctionDef(Scope FnBodyScope, Decl *D,		Decl Sema::ActOnStartOfFunctionDef(Scope FnBodyScope, Decl *D,
SkipBodyInfo *SkipBody) {		SkipBodyInfo *SkipBody) {
if (!D)		if (!D) {
		// Parsing the function declaration failed in some way. Push on a fake scope
		// anyway so we can try to parse the function body.
		PushFunctionScope();
		thakisUnsubmitted Not Done Reply Inline Actions Feels a bit long-term risky since ActOnStartOfFunctionDef() and ActOnFinishFunctionBody() both need to know about this special-case invariant. Maybe it's worth to add a FakeFunctionScopeCount member to sema in +assert builds, and to increment that here, assert it's > 0 in the other place and decrement it there, and then assert it's 0 at end of TU? thakis: Feels a bit long-term risky since ActOnStartOfFunctionDef() and ActOnFinishFunctionBody() both…
		rnkAuthorUnsubmitted Not Done Reply Inline Actions Well, it's more like these early returns break the invariant that `ActOnStartOfFunctionDef` pushes a function scope. We could try to clean it up with an RAII helper or an layer of function call that ensures that we always push and pop on start and finish, but I'll leave that for the follow-up. rnk: Well, it's more like these early returns break the invariant that `ActOnStartOfFunctionDef`…
return D;		return D;
		}

FunctionDecl *FD = nullptr;		FunctionDecl *FD = nullptr;

if (FunctionTemplateDecl *FunTmpl = dyn_cast<FunctionTemplateDecl>(D))		if (FunctionTemplateDecl *FunTmpl = dyn_cast<FunctionTemplateDecl>(D))
FD = FunTmpl->getTemplatedDecl();		FD = FunTmpl->getTemplatedDecl();
else		else
FD = cast<FunctionDecl>(D);		FD = cast<FunctionDecl>(D);

// Check for defining attributes before the check for redefinition.		// Check for defining attributes before the check for redefinition.
▲ Show 20 Lines • Show All 392 Lines • ▼ Show 20 Lines	if (FD) {
if (getCurFunction()->ObjCWarnForNoInitDelegation) {		if (getCurFunction()->ObjCWarnForNoInitDelegation) {
// Don't issue this warning for unavaialable inits.		// Don't issue this warning for unavaialable inits.
if (!MD->isUnavailable())		if (!MD->isUnavailable())
Diag(MD->getLocation(),		Diag(MD->getLocation(),
diag::warn_objc_secondary_init_missing_init_call);		diag::warn_objc_secondary_init_missing_init_call);
getCurFunction()->ObjCWarnForNoInitDelegation = false;		getCurFunction()->ObjCWarnForNoInitDelegation = false;
}		}
} else {		} else {
		// Parsing the function declaration failed in some way. Pop the fake scope
		// we pushed on.
		PopFunctionScopeInfo(ActivePolicy, dcl);
return nullptr;		return nullptr;
}		}

if (Body && getCurFunction()->HasPotentialAvailabilityViolations)		if (Body && getCurFunction()->HasPotentialAvailabilityViolations)
DiagnoseUnguardedAvailabilityViolations(dcl);		DiagnoseUnguardedAvailabilityViolations(dcl);

assert(!getCurFunction()->ObjCShouldCallSuper &&		assert(!getCurFunction()->ObjCShouldCallSuper &&
"This should only be set for ObjC methods, which should have been "		"This should only be set for ObjC methods, which should have been "
▲ Show 20 Lines • Show All 4,020 Lines • Show Last 20 Lines

clang/test/SemaCXX/pr36536.cpp

This file was added.

				// RUN: %clang_cc1 -std=c++11 %s -verify -fno-spell-checking

				// These test cases are constructed to make clang call ActOnStartOfFunctionDef
				// with nullptr.

				struct ImplicitDefaultCtor1 {};
				struct Foo {
				typedef int NameInClass;
				void f();
				};
				namespace bar {
				// expected-error@+1 {{cannot define or redeclare 'f' here}}
				void Foo::f() {
				switch (0) { case 0: ImplicitDefaultCtor1 o; }

				// FIXME: If we improved our recovery to redeclare Foo::f in the wrong
				// namespace, we could find the right type name here. Users probably run into
				// this when they forget to close a namespace, and we'd generate far fewer
				// errors if names in Foo were in scope.
				thakisUnsubmitted Not Done Reply Inline Actions Not 100% clear to me what the FIXME is here. Maybe "FIXME: We should improve our recovery to redeclare...." if that's what's meant. thakis: Not 100% clear to me what the FIXME is here. Maybe "FIXME: We should improve our recovery to…
				rnkAuthorUnsubmitted Not Done Reply Inline Actions I rewrote this to clarify things. rnk: I rewrote this to clarify things.
				// expected-error@+1 {{unknown type name 'NameInClass'}}
				NameInClass var;
				}
				} // namespace bar

				struct ImplicitDefaultCtor2 {};
				template <typename T> class TFoo { void f(); };
				// expected-error@+1 {{nested name specifier 'decltype(TFoo<T>())::'}}
				template <typename T> void decltype(TFoo<T>())::f() {
				switch (0) { case 0: ImplicitDefaultCtor1 o; }
				}

				namespace tpl2 {
				struct ImplicitDefaultCtor3 {};
				template <class T1> class A {
				template <class T2> class B {
				void mf2();
				};
				};
				template <class Y>
				template <>
				// expected-error@+1 {{nested name specifier 'A<Y>::B<double>::'}}
				void A<Y>::B<double>::mf2() {
				switch (0) { case 0: ImplicitDefaultCtor3 o; }
				}
				}