389360 – [PATCH] Fix crash in inefficientqlistbase.cpp checking to use QVector instead of QList

Bug 389360 - [PATCH] Fix crash in inefficientqlistbase.cpp checking to use QVector instead of QList

Summary: [PATCH] Fix crash in inefficientqlistbase.cpp checking to use QVector instead...

Status:	RESOLVED FIXED

Alias:	None

Product:	clazy
Classification:	Developer tools
Component:	general (show other bugs)
Version:	unspecified
Platform:	Compiled Sources Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	Sergio Martins

URL:
Keywords:

Depends on:
Blocks:

Reported:	2018-01-24 06:53 UTC by William Bader
Modified:	2018-01-24 09:05 UTC (History)
CC List:	2 users (show)

See Also:
Latest Commit:	https://commits.kde.org/clazy/5e241ba130bbc9537aaa948f7f134065c28b3836
Version Fixed In:
Sentry Crash Report:

Attachments
proposed patch to fix the problem (638 bytes, patch) 2018-01-24 06:53 UTC, William Bader	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description William Bader 2018-01-24 06:53:03 UTC

Created attachment 110085 [details]
proposed patch to fix the problem

I get the crash running the command below:
clazy-standalone -checks=level2 -p build/bear/compile_commands.json build/bear/DatabaseManager/DatabaseManager_autogen/mocs_compilation.cpp
There are a lot of files that include other files. If necessary, if you tell me how to track everything down, I could try to gather them up and to find the command line options.
I have Fedora 27 x86_64. I installed clang-5.0.0-1.fc27.x86_64, llvm-5.0.0-5.fc27.x86_64, and the corresponding libraries and development packages. I cloned clazy from git and built it from source linked to Fedora's clang and llvm.
I have the traceback below, and looking at the code where it crashed and other similar sections of code, it looked like the problem was that after checking for !qt2.getTypePtrOrNull(), it also needed to check for qt2->isIncompleteType(). I put in debug code to show that when it got an incomplete type, m_astContext.getTypeSize(qt2) crashed.

Program received signal SIGSEGV, Segmentation fault.
clang::ASTContext::getASTRecordLayout (this=this@entry=0x8763c0, D=<optimized out>, D@entry=0x2f7c5e0)
    at /usr/src/debug/clang-5.0.0-1.fc27.x86_64/lib/AST/RecordLayoutBuilder.cpp:2964
2964        if (const auto *RD = dyn_cast<CXXRecordDecl>(D)) {
(gdb) bt
#0  clang::ASTContext::getASTRecordLayout (this=this@entry=0x8763c0, D=<optimized out>, D@entry=0x2f7c5e0)
    at /usr/src/debug/clang-5.0.0-1.fc27.x86_64/lib/AST/RecordLayoutBuilder.cpp:2964
#1  0x00007ffff50a362a in clang::ASTContext::getTypeInfoImpl (this=this@entry=0x8763c0, T=0x2f7c6e0) at /usr/src/debug/clang-5.0.0-1.fc27.x86_64/lib/AST/ASTContext.cpp:1872
#2  0x00007ffff509b325 in clang::ASTContext::getTypeInfo (this=0x8763c0, T=<optimized out>) at /usr/src/debug/clang-5.0.0-1.fc27.x86_64/lib/AST/ASTContext.cpp:1612
#3  0x00007ffff761d0de in clang::ASTContext::getTypeInfo (this=0x8763c0, T=...) at /usr/include/clang/AST/ASTContext.h:1918
#4  0x00007ffff761d103 in clang::ASTContext::getTypeSize (this=0x8763c0, T=...) at /usr/include/clang/AST/ASTContext.h:1924
#5  0x00007ffff763e077 in InefficientQListBase::VisitDecl (this=0x885320, decl=0x2f7c9a8) at /u/u3/gnu/clazy/src/checks/inefficientqlistbase.cpp:99
#6  0x00007ffff76691a0 in ClazyASTConsumer::VisitDecl (this=0x860850, decl=0x2f7c9a8) at /u/u3/gnu/clazy/src/Clazy.cpp:104
#7  0x00007ffff769c762 in clang::RecursiveASTVisitor<ClazyASTConsumer>::WalkUpFromDecl (this=0x860850, D=0x2f7c9a8) at /usr/include/clang/AST/RecursiveASTVisitor.h:483
#8  0x00007ffff76a6b4a in clang::RecursiveASTVisitor<ClazyASTConsumer>::WalkUpFromNamedDecl (this=0x860850, D=0x2f7c9a8) at /usr/include/clang/AST/DeclNodes.inc:95
#9  0x00007ffff76aae5a in clang::RecursiveASTVisitor<ClazyASTConsumer>::WalkUpFromValueDecl (this=0x860850, D=0x2f7c9a8) at /usr/include/clang/AST/DeclNodes.inc:355
#10 0x00007ffff76aaf42 in clang::RecursiveASTVisitor<ClazyASTConsumer>::WalkUpFromDeclaratorDecl (this=0x860850, D=0x2f7c9a8) at /usr/include/clang/AST/DeclNodes.inc:365
#11 0x00007ffff768ec52 in clang::RecursiveASTVisitor<ClazyASTConsumer>::WalkUpFromVarDecl (this=0x860850, D=0x2f7c9a8) at /usr/include/clang/AST/DeclNodes.inc:441
#12 0x00007ffff768efa6 in clang::RecursiveASTVisitor<ClazyASTConsumer>::WalkUpFromParmVarDecl (this=0x860850, D=0x2f7c9a8) at /usr/include/clang/AST/DeclNodes.inc:463
#13 0x00007ffff7683ee6 in clang::RecursiveASTVisitor<ClazyASTConsumer>::TraverseParmVarDecl (this=0x860850, D=0x2f7c9a8) at /usr/include/clang/AST/RecursiveASTVisitor.h:2026
#14 0x00007ffff767a82c in clang::RecursiveASTVisitor<ClazyASTConsumer>::TraverseDecl (this=0x860850, D=0x2f7c9a8) at /usr/include/clang/AST/DeclNodes.inc:463
#15 0x00007ffff769e33a in clang::RecursiveASTVisitor<ClazyASTConsumer>::TraverseFunctionProtoTypeLoc (this=0x860850, TL=...)
    at /usr/include/clang/AST/RecursiveASTVisitor.h:1214
#16 0x00007ffff768a7c5 in clang::RecursiveASTVisitor<ClazyASTConsumer>::TraverseTypeLoc (this=0x860850, TL=...) at /usr/include/clang/AST/TypeNodes.def:79
#17 0x00007ffff768e5b6 in clang::RecursiveASTVisitor<ClazyASTConsumer>::TraverseFunctionHelper (this=0x860850, D=0x2f7ce60) at /usr/include/clang/AST/RecursiveASTVisitor.h:1937
#18 0x00007ffff7683364 in clang::RecursiveASTVisitor<ClazyASTConsumer>::TraverseCXXConstructorDecl (this=0x860850, D=0x2f7ce60)
    at /usr/include/clang/AST/RecursiveASTVisitor.h:1982
#19 0x00007ffff767a661 in clang::RecursiveASTVisitor<ClazyASTConsumer>::TraverseDecl (this=0x860850, D=0x2f7ce60) at /usr/include/clang/AST/DeclNodes.inc:403
#20 0x00007ffff768a351 in clang::RecursiveASTVisitor<ClazyASTConsumer>::TraverseDeclContextHelper (this=0x860850, DC=0x2f7b2d8)
    at /usr/include/clang/AST/RecursiveASTVisitor.h:1350
#21 0x00007ffff7681788 in clang::RecursiveASTVisitor<ClazyASTConsumer>::TraverseCXXRecordDecl (this=0x860850, D=0x2f7b2a0) at /usr/include/clang/AST/RecursiveASTVisitor.h:1787
#22 0x00007ffff767a265 in clang::RecursiveASTVisitor<ClazyASTConsumer>::TraverseDecl (this=0x860850, D=0x2f7b2a0) at /usr/include/clang/AST/DeclNodes.inc:251
#23 0x00007ffff768a351 in clang::RecursiveASTVisitor<ClazyASTConsumer>::TraverseDeclContextHelper (this=0x860850, DC=0x87be90)
    at /usr/include/clang/AST/RecursiveASTVisitor.h:1350
#24 0x00007ffff7685093 in clang::RecursiveASTVisitor<ClazyASTConsumer>::TraverseTranslationUnitDecl (this=0x860850, D=0x87be70)
    at /usr/include/clang/AST/RecursiveASTVisitor.h:1442
#25 0x00007ffff767aa90 in clang::RecursiveASTVisitor<ClazyASTConsumer>::TraverseDecl (this=0x860850, D=0x87be70) at /usr/include/clang/AST/DeclNodes.inc:553
#26 0x00007ffff76694ad in ClazyASTConsumer::HandleTranslationUnit (this=0x860850, ctx=...) at /u/u3/gnu/clazy/src/Clazy.cpp:153
#27 0x00007ffff6fe18d8 in clang::MultiplexConsumer::HandleTranslationUnit (this=<optimized out>, Ctx=...)
    at /usr/src/debug/clang-5.0.0-1.fc27.x86_64/lib/Frontend/MultiplexConsumer.cpp:305
#28 0x00007ffff4a81ce9 in clang::ParseAST (S=..., PrintStats=<optimized out>, SkipFunctionBodies=<optimized out>)
    at /usr/src/debug/clang-5.0.0-1.fc27.x86_64/lib/Parse/ParseAST.cpp:159
#29 0x00007ffff6fb3256 in clang::FrontendAction::Execute (this=this@entry=0x861120) at /usr/src/debug/clang-5.0.0-1.fc27.x86_64/lib/Frontend/FrontendAction.cpp:902
#30 0x00007ffff6f715ba in clang::CompilerInstance::ExecuteAction (this=this@entry=0x7fffffffa730, Act=...)
    at /usr/src/debug/clang-5.0.0-1.fc27.x86_64/lib/Frontend/CompilerInstance.cpp:980
#31 0x00007ffff34b4a00 in clang::tooling::FrontendActionFactory::runInvocation (this=0x79d2a0, Invocation=..., Files=0x72f670, PCHContainerOps=..., DiagConsumer=0x0)
    at /usr/src/debug/clang-5.0.0-1.fc27.x86_64/lib/Tooling/Tooling.cpp:321

Comment 1 Sergio Martins 2018-01-24 09:05:07 UTC

Git commit 5e241ba130bbc9537aaa948f7f134065c28b3836 by Sergio Martins, on behalf of William Bader.
Committed on 24/01/2018 at 09:03.
Pushed by smartins into branch '1.3'.

inefficient-qlist: Fix crash on incomplete types

M  +1    -1    src/checks/inefficientqlistbase.cpp

https://commits.kde.org/clazy/5e241ba130bbc9537aaa948f7f134065c28b3836

Comment 2 Sergio Martins 2018-01-24 09:05:52 UTC

done, thanks!

commit 5e241ba130bbc9537aaa948f7f134065c28b3836 (origin/1.3, 1.3)
Author: William Bader <williambader@hotmail.com>
Date:   Wed Jan 24 09:03:50 2018 +0000

    inefficient-qlist: Fix crash on incomplete types
    
    BUG: 389360