Bug 362236

Summary: clazy crashes on Utils::isPassedToFunction(clang::Stmt*, clang::VarDecl const*, bool)
Product: [Developer tools] clazy Reporter: Sylvestre Ledru <sylvestre>
Component: generalAssignee: Sergio Martins <smartins>
Status: RESOLVED FIXED    
Severity: grave CC: smartins
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: http://commits.kde.org/clazy/d191e8cd091b381948ed30c14e8925d7787cbfe1 Version Fixed In:
Sentry Crash Report:

Description Sylvestre Ledru 2016-04-25 12:16:54 UTC 
With the code:
----
#include <vector>

namespace rtc {

  bool Assert(bool result, const char* function) {
    return result;
  }

#define ASSERT(x) \
  (void)rtc::Assert((x), __FUNCTION__)




template<typename T>
class R {

  T ComputeMax() const {
    int i=0;
    ASSERT(count_ > 0 &&
	   "foo");
    max_ = std::max(2, samples_[samples_.size()]);
  }



  int count_;
  mutable T max_;
  std::vector<T> samples_;

};

}
---

building with clazy crashes clang

This is a reduce test case when building Firefox with clazy. It fails on webrtc code.

It is using Debian packages of clang. The same occurs with clang 3.6

Reproducible: Always


Actual Results:  

1  libLLVM-3.7.so.1 0x00007f16a77fe4b9
2  libpthread.so.0  0x00007f16a5dac8d0
3  ClangLazy.so     0x00007f16a38d9cf8 Utils::isPassedToFunction(clang::Stmt*, clang::VarDecl const*, bool) + 328
4  ClangLazy.so     0x00007f16a3871c5d InefficientQListBase::shouldIgnoreVariable(clang::VarDecl*) const + 477
5  ClangLazy.so     0x00007f16a3871cfb InefficientQListBase::VisitDecl(clang::Decl*) + 59
6  ClangLazy.so     0x00007f16a38a8770
7  ClangLazy.so     0x00007f16a37f7fd5
8  ClangLazy.so     0x00007f16a38aacd6
9  ClangLazy.so     0x00007f16a37f85e1
10 ClangLazy.so     0x00007f16a38aacfa
11 ClangLazy.so     0x00007f16a38ae64d
12 ClangLazy.so     0x00007f16a38a7e73
13 ClangLazy.so     0x00007f16a38ae73d
14 ClangLazy.so     0x00007f16a38a90a4
15 ClangLazy.so     0x00007f16a38a922c
16 ClangLazy.so     0x00007f16a38ae73d
17 ClangLazy.so     0x00007f16a38a8f2c
18 ClangLazy.so     0x00007f16a38ae73d
19 ClangLazy.so     0x00007f16a38a9051
20 clang            0x00000000006e36b8 clang::MultiplexConsumer::HandleTranslationUnit(clang::ASTContext&) + 40
21 clang            0x0000000000a4a065 clang::ParseAST(clang::Sema&, bool, bool) + 709
22 clang            0x00000000006c033e clang::FrontendAction::Execute() + 254
23 clang            0x000000000069c8e1 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) + 289
24 clang            0x0000000000684d13 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) + 1827
25 clang            0x000000000067e438 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) + 2376
26 clang            0x000000000067d441 main + 10257
27 libc.so.6        0x00007f16a4982b45 __libc_start_main + 245
28 clang            0x000000000067d4d4
Stack dump:
0.	Program arguments: /usr/lib/llvm-3.7/bin/clang -cc1 -triple x86_64-pc-linux-gnu -emit-obj -mrelax-all -disable-free -disable-llvm-verifier -main-file-name test-case.cpp -mrelocation-model static -mthread-model posix -mdisable-fp-elim -fmath-errno -masm-verbose -mconstructor-aliases -munwind-tables -fuse-init-array -target-cpu x86-64 -target-linker-version 2.25 -dwarf-column-info -resource-dir /usr/lib/llvm-3.7/bin/../lib/clang/3.7.1 -internal-isystem /usr/bin/../lib/gcc/x86_64-linux-gnu/4.9/../../../../include/c++/4.9 -internal-isystem /usr/bin/../lib/gcc/x86_64-linux-gnu/4.9/../../../../include/x86_64-linux-gnu/c++/4.9 -internal-isystem /usr/bin/../lib/gcc/x86_64-linux-gnu/4.9/../../../../include/x86_64-linux-gnu/c++/4.9 -internal-isystem /usr/bin/../lib/gcc/x86_64-linux-gnu/4.9/../../../../include/c++/4.9/backward -internal-isystem /usr/local/include -internal-isystem /usr/lib/llvm-3.7/bin/../lib/clang/3.7.1/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -fdeprecated-macro -fdebug-compilation-dir /var/lib/jenkins/workspace/firefox-clazy -ferror-limit 19 -fmessage-length 227 -mstackrealign -fobjc-runtime=gcc -fcxx-exceptions -fexceptions -fdiagnostics-show-option -fcolor-diagnostics -load ClangLazy.so -add-plugin clang-lazy -o /tmp/test-case-3e23a6.o -x c++ test-case.cpp 
1.	<eof> parser at end of file
clang: error: unable to execute command: Segmentation fault
clang: error: clang frontend command failed due to signal (use -v to see invocation)
Debian clang version 3.7.1-svn254351-1~exp1 (branches/release_37) (based on LLVM 3.7.1)
Target: x86_64-pc-linux-gnu
Thread model: posix


Expected Results:  
Code built
Comment 1 Sylvestre Ledru 2016-04-25 12:45:32 UTC 
Same issue with clang 3.8
Comment 2 Sergio Martins 2016-04-25 16:51:52 UTC 
Doesn't seem very useful to build firefox with it, since there's no Qt code.
It shouldn't crash ofc though. I'll try to reproduce, thanks!
Comment 3 Sergio Martins 2016-04-25 18:01:40 UTC 
Git commit d191e8cd091b381948ed30c14e8925d7787cbfe1 by Sergio Martins.
Committed on 25/04/2016 at 17:59.
Pushed by smartins into branch 'master'.

Don't crash when first child is null

M  +2    -1    Utils.cpp

http://commits.kde.org/clazy/d191e8cd091b381948ed30c14e8925d7787cbfe1