https://github.com/TPPPP72 created https://github.com/llvm/llvm-project/pull/183274
## Summary This PR fixes a null pointer dereference in Clang's AST Dumper/Comment Parser when a Doxygen `@param` command is used with a declaration that cannot resolve parameters. ## Problem Previously, if `ParamVars[i]` was null during parameter resolution, Clang would continue without proper validation, leading to a crash when trying to access the parameter index or dump the AST. ## Fix 1. Introduced `InvalidContextIndex` in `ParamCommandComment` to explicitly handle cases where the comment context is not a function-like declaration. 2. Added a null check in the parameter resolution logic to return `InvalidContextIndex`. 3. Added a diagnostic warning `warn_doc_param_not_attached_to_a_function_decl` to inform the user that the `@param` command is misplaced, rather than crashing the compiler. ## Testing - Verified with `test.h` provided in the issue. - Existing AST tests now pass on Windows (fixed CRLF issues). Fixed #182737 >From acd58320f02115b3b29a58b6180698195270d163 Mon Sep 17 00:00:00 2001 From: TPPPP <[email protected]> Date: Wed, 25 Feb 2026 18:31:13 +0800 Subject: [PATCH] [clang] Fix crash when @param is attached to invalid nodes --- clang/include/clang/AST/Comment.h | 3 ++- clang/lib/AST/CommentSema.cpp | 9 +++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/clang/include/clang/AST/Comment.h b/clang/include/clang/AST/Comment.h index 5ba95c8291d38..bac2c570decc8 100644 --- a/clang/include/clang/AST/Comment.h +++ b/clang/include/clang/AST/Comment.h @@ -737,7 +737,8 @@ class ParamCommandComment : public BlockCommandComment { public: enum : unsigned { InvalidParamIndex = ~0U, - VarArgParamIndex = ~0U/*InvalidParamIndex*/ - 1U + VarArgParamIndex = ~0U /*InvalidParamIndex*/ - 1U, + InvalidContextIndex = ~0U /*InvalidParamIndex*/ - 2U }; ParamCommandComment(SourceLocation LocBegin, SourceLocation LocEnd, diff --git a/clang/lib/AST/CommentSema.cpp b/clang/lib/AST/CommentSema.cpp index c7fb6c96fd46f..65c9eeec271d8 100644 --- a/clang/lib/AST/CommentSema.cpp +++ b/clang/lib/AST/CommentSema.cpp @@ -732,6 +732,13 @@ void Sema::resolveParamCommandIndexes(const FullComment *FC) { PCC->setIsVarArgParam(); continue; } + if (ResolvedParamIndex == ParamCommandComment::InvalidContextIndex) { + SourceRange ArgRange = PCC->getParamNameRange(); + Diag(ArgRange.getBegin(), + diag::warn_doc_param_not_attached_to_a_function_decl) + << PCC->getCommandMarker() << PCC->getSourceRange(); + continue; + } if (ResolvedParamIndex == ParamCommandComment::InvalidParamIndex) { UnresolvedParamCommands.push_back(PCC); continue; @@ -960,6 +967,8 @@ void Sema::inspectThisDecl() { unsigned Sema::resolveParmVarReference(StringRef Name, ArrayRef<const ParmVarDecl *> ParamVars) { for (unsigned i = 0, e = ParamVars.size(); i != e; ++i) { + if (ParamVars[i] == nullptr) + return ParamCommandComment::InvalidContextIndex; const IdentifierInfo *II = ParamVars[i]->getIdentifier(); if (II && II->getName() == Name) return i; _______________________________________________ cfe-commits mailing list [email protected] https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
