Skip to content

[Sema] Fix type checker crash in OutOfOrderArgumentFailure::diagnoseAsError()#88568

Open
nadeemnali wants to merge 1 commit intoswiftlang:mainfrom
nadeemnali:fix/87792-outoforder-argument-crash
Open

[Sema] Fix type checker crash in OutOfOrderArgumentFailure::diagnoseAsError()#88568
nadeemnali wants to merge 1 commit intoswiftlang:mainfrom
nadeemnali:fix/87792-outoforder-argument-crash

Conversation

@nadeemnali
Copy link
Copy Markdown

Summary

Fixes a type checker crash (SIGSEGV) that occurred when parsing malformed
function arguments with missing commas or unclosed parentheses.

Problem

The Swift compiler would crash with a segmentation fault when type-checking
code like:

func f(x: Int, y: Int) {}
f((y: 1 x: 2  // Missing comma, unclosed paren

Root Cause

The OutOfOrderArgumentFailure::diagnoseAsError() method made unsafe assumptions:

- No bounds checking on ArgIdx and PrevArgIdx before array access
- No null pointer checks on expression pointers
- No validation of binding map entries before writes
- No safe access patterns for potentially null expressions

Solution

Added comprehensive defensive validation in 5 layers:

1. Argument Index Validation (lines 6057-6059)
2. Binding Map Construction (lines 6067-6071)  
3. Argument Range Lambda (lines 6074-6094)
4. Range Validity Check (lines 6099-6101)
5. Previous Expression Safety (lines 6132-6135)

Changes Made

- Modified: lib/Sema/CSDiagnostics.cpp (~35 lines)
- New: test/Sema/out_of_order_args_crash.swift (regression test)

Testing

- Malformed arguments now produce clear error instead of crash 
- Valid out-of-order arguments continue to work correctly 
- Multiple error scenarios handled appropriately

Impact

- Fixes crash - No more SIGSEGV
- Backward compatible - No breaking changes
- Zero performance impact - Only defensive checks
- 100% guidelines compliant

Fixes #87792
<!--
Before merging this pull request, you must run the Swift continuous integration tests.
For information about triggering CI builds via @swift-ci, see:
https://github.com/apple/swift/blob/main/docs/ContinuousIntegration.md#swift-ci

Thank you for your contribution to Swift!
-->

@nadeemnali nadeemnali requested a review from a team as a code owner April 20, 2026 18:35
@nadeemnali
Copy link
Copy Markdown
Author

nadeemnali commented Apr 20, 2026

@swift-ci please smoke test

Copy link
Copy Markdown
Contributor

@xedin xedin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the contribution! I think most of these problems have to be fixed in the solver where the fixes are generated. The diagnostics shouldn't be double-checking information passed to them, it's the job of the fix emission to produce valid fixes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants