https://github.com/nataliakokoromyti updated https://github.com/llvm/llvm-project/pull/175415
>From 9af9ed3356707a501b658308f4cd695746874f49 Mon Sep 17 00:00:00 2001 From: Natalia Kokoromyti <[email protected]> Date: Sat, 10 Jan 2026 21:54:11 -0800 Subject: [PATCH 1/3] [Sema] Fix crash in asm goto with undeclared label When an asm goto statement references an undeclared label and there's a variable with __attribute__((cleanup)) in scope, clang would crash with a segmentation fault. The issue was that DiagnoseIndirectOrAsmJumpStmt() called Target->getStmt()->getIdentLoc() without checking if getStmt() returns null. For undeclared labels, the LabelDecl exists but has no associated LabelStmt. This patch adds a null check and falls back to Target->getLocation() when the statement is null. Fixes #175314 --- clang/lib/Sema/JumpDiagnostics.cpp | 7 +++++-- clang/test/Sema/asm-goto-undeclared-label-crash.c | 12 ++++++++++++ 2 files changed, 17 insertions(+), 2 deletions(-) create mode 100644 clang/test/Sema/asm-goto-undeclared-label-crash.c diff --git a/clang/lib/Sema/JumpDiagnostics.cpp b/clang/lib/Sema/JumpDiagnostics.cpp index 36c9d9afb37f1..b630559c2db2c 100644 --- a/clang/lib/Sema/JumpDiagnostics.cpp +++ b/clang/lib/Sema/JumpDiagnostics.cpp @@ -914,8 +914,11 @@ static void DiagnoseIndirectOrAsmJumpStmt(Sema &S, Stmt *Jump, bool IsAsmGoto = isa<GCCAsmStmt>(Jump); S.Diag(Jump->getBeginLoc(), diag::err_indirect_goto_in_protected_scope) << IsAsmGoto; - S.Diag(Target->getStmt()->getIdentLoc(), diag::note_indirect_goto_target) - << IsAsmGoto; + // Target->getStmt() can be null for undeclared labels. + SourceLocation TargetLoc = Target->getStmt() + ? Target->getStmt()->getIdentLoc() + : Target->getLocation(); + S.Diag(TargetLoc, diag::note_indirect_goto_target) << IsAsmGoto; Diagnosed = true; } diff --git a/clang/test/Sema/asm-goto-undeclared-label-crash.c b/clang/test/Sema/asm-goto-undeclared-label-crash.c new file mode 100644 index 0000000000000..8538144a87a7d --- /dev/null +++ b/clang/test/Sema/asm-goto-undeclared-label-crash.c @@ -0,0 +1,12 @@ +// RUN: %clang_cc1 -fsyntax-only -verify %s + +// Test that we don't crash when an asm goto references an undeclared label +// and there's a variable with __attribute__((cleanup)) in scope. +// See: https://github.com/llvm/llvm-project/issues/175314 + +void a(int *b) { + int __attribute__((cleanup(a))) c = 0; // expected-note {{jump exits scope of variable with __attribute__((cleanup))}} + __asm__ goto("" : : : : d); // expected-error {{use of undeclared label 'd'}} \ + // expected-error {{cannot jump from this asm goto statement to one of its possible targets}} \ + // expected-note {{possible target of asm goto statement}} +} >From a4a3a1f3b8112292c65e914acabf77a34e74f3e4 Mon Sep 17 00:00:00 2001 From: Natalia <[email protected]> Date: Sun, 11 Jan 2026 10:15:01 -0800 Subject: [PATCH 2/3] add release note --- clang/docs/ReleaseNotes.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst index f62298938af93..90730ee201149 100644 --- a/clang/docs/ReleaseNotes.rst +++ b/clang/docs/ReleaseNotes.rst @@ -669,6 +669,7 @@ Miscellaneous Bug Fixes Miscellaneous Clang Crashes Fixed ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +- Fixed a crash when an ``asm goto`` statement referenced an undeclared label in the presence of a variable with ``__attribute__((cleanup))``. (#GH175314) OpenACC Specific Changes ------------------------ >From be6280ef1397db62077bdc049aba36625690917f Mon Sep 17 00:00:00 2001 From: Natalia <[email protected]> Date: Tue, 13 Jan 2026 18:07:18 -0800 Subject: [PATCH 3/3] [clang][bytecode] Fix assertion in Pointer::isInitialized() for GlobalInlineDescriptor This fixes the crash reported in #175432 where checking initialization status of constexpr pointer arrays would trigger an assertion. The issue occurred when BS.Base == sizeof(GlobalInlineDescriptor) but the pointer didn't satisfy isRoot() or Offset == BS.Base conditions. In such cases, calling getFieldDesc() would invoke getInlineDesc(), which has an assertion that BS.Base != sizeof(GlobalInlineDescriptor). The fix adds a check to detect this edge case and conservatively returns false (uninitialized), avoiding the problematic call to getInlineDesc(). This handles invalid code gracefully without crashing. Fixes #175432 Co-Authored-By: Claude Sonnet 4.5 <[email protected]> --- clang/lib/AST/ByteCode/Pointer.cpp | 8 ++++++++ clang/test/AST/ByteCode/arrays.cpp | 12 ++++++++++++ 2 files changed, 20 insertions(+) diff --git a/clang/lib/AST/ByteCode/Pointer.cpp b/clang/lib/AST/ByteCode/Pointer.cpp index c5e0fd83021d7..8f623a3cb7890 100644 --- a/clang/lib/AST/ByteCode/Pointer.cpp +++ b/clang/lib/AST/ByteCode/Pointer.cpp @@ -455,6 +455,14 @@ bool Pointer::isInitialized() const { } assert(BS.Pointee && "Cannot check if null pointer was initialized"); + + // Handle the case where BS.Base == sizeof(GlobalInlineDescriptor) but + // the pointer is not a proper root. This can happen with invalid code. + // We cannot call getFieldDesc() or getInlineDesc() in this case as they + // would trigger assertions. Conservatively return false. + if (BS.Base == sizeof(GlobalInlineDescriptor)) + return false; + const Descriptor *Desc = getFieldDesc(); assert(Desc); if (Desc->isPrimitiveArray()) diff --git a/clang/test/AST/ByteCode/arrays.cpp b/clang/test/AST/ByteCode/arrays.cpp index d83ae97fc8213..0074f997f7e83 100644 --- a/clang/test/AST/ByteCode/arrays.cpp +++ b/clang/test/AST/ByteCode/arrays.cpp @@ -835,3 +835,15 @@ namespace MultiDimConstructExpr { constexpr b d; static_assert(d.m[2][1].p == &d.m[2][1]); } + +namespace GH175432 { + // Test that we don't crash when checking initialization of + // pointer arrays with invalid initializers + constexpr const int *foo[][2] = { // expected-error {{must be initialized by a constant expression}} \ + // expected-note {{declared here}} + {nullptr, int}, // expected-error {{expected '(' for function-style cast or type construction}} + }; + + static_assert(foo[0][0] == nullptr, ""); // expected-error {{not an integral constant expression}} \ + // expected-note {{initializer of 'foo' is unknown}} +} _______________________________________________ cfe-commits mailing list [email protected] https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
