| Issue |
64761
|
| Summary |
[clang-tidy] bugprone-unchecked-optional-access crash with minimal reproducer
|
| Labels |
new issue
|
| Assignees |
|
| Reporter |
xroche
|
The `bugprone-unchecked-optional-access` check is prone to crash with the attached minimal reproducer (see below).
This might be related to https://github.com/llvm/llvm-project/issues/55530
To reproduce the crash, simply copy/paste the cpp file and call:
```shell
LLVM_SYMBOLIZER_PATH=llvm-symbolizer-16 clang-tidy-16 --checks=bugprone-unchecked-optional-access TestGalore.cpp
```
```shell
$ LLVM_SYMBOLIZER_PATH=llvm-symbolizer-16 clang-tidy-16 --checks=bugprone-unchecked-optional-access TestGalore.cpp
Error while trying to load a compilation database:
Could not auto-detect compilation database for file "TestGalore.cpp"
No compilation database found in /tmp or any parent directory
fixed-compilation-database: Error while opening fixed database: No such file or directory
json-compilation-database: Error while opening JSON database: No such file or directory
Running without flags.
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace.
Stack dump:
0. Program arguments: clang-tidy-16 --checks=bugprone-unchecked-optional-access TestGalore.cpp
1. <eof> parser at end of file
2. ASTMatcher: Processing 'bugprone-unchecked-optional-access' against:
CXXMethodDecl algolia::testGalore::ExecuteQuery::_processStuff : </tmp/TestGalore.cpp:44:1, line:56:1>
--- Bound Nodes Begin ---
T - { BuiltinType : bool }
fun - { CXXMethodDecl algolia::testGalore::ExecuteQuery::_processStuff : </tmp/TestGalore.cpp:44:1, line:56:1> }
--- Bound Nodes End ---
#0 0x00007f292a1be706 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/usr/lib/llvm-16/bin/../lib/libLLVM-16.so.1+0xfbe706)
#1 0x00007f292a1bc8a0 llvm::sys::RunSignalHandlers() (/usr/lib/llvm-16/bin/../lib/libLLVM-16.so.1+0xfbc8a0)
#2 0x00007f292a1beedb (/usr/lib/llvm-16/bin/../lib/libLLVM-16.so.1+0xfbeedb)
#3 0x00007f2928a42520 (/lib/x86_64-linux-gnu/libc.so.6+0x42520)
#4 0x00007f2932a57f51 (/usr/lib/llvm-16/bin/../lib/libclang-cpp.so.16+0x2057f51)
#5 0x00007f2932a56a23 clang::dataflow::transfer(clang::dataflow::StmtToEnvMap const&, clang::Stmt const&, clang::dataflow::Environment&) (/usr/lib/llvm-16/bin/../lib/libclang-cpp.so.16+0x2056a23)
#6 0x00007f2932a5aa68 clang::dataflow::transferCFGBlock(clang::CFGBlock const&, clang::dataflow::AnalysisContext&, std::function<void (clang::CFGElement const&, clang::dataflow::TypeErasedDataflowAnalysisState const&)>) (/usr/lib/llvm-16/bin/../lib/libclang-cpp.so.16+0x205aa68)
#7 0x00007f2932a5b563 clang::dataflow::runTypeErasedDataflowAnalysis(clang::dataflow::ControlFlowContext const&, clang::dataflow::TypeErasedDataflowAnalysis&, clang::dataflow::Environment const&, std::function<void (clang::CFGElement const&, clang::dataflow::TypeErasedDataflowAnalysisState const&)>) (/usr/lib/llvm-16/bin/../lib/libclang-cpp.so.16+0x205b563)
#8 0x000055fb4e0bc374 llvm::Expected<std::vector<std::optional<clang::dataflow::DataflowAnalysisState<clang::dataflow::UncheckedOptionalAccessModel::Lattice>>, std::allocator<std::optional<clang::dataflow::DataflowAnalysisState<clang::dataflow::UncheckedOptionalAccessModel::Lattice>>>>> clang::dataflow::runDataflowAnalysis<clang::dataflow::UncheckedOptionalAccessModel>(clang::dataflow::ControlFlowContext const&, clang::dataflow::UncheckedOptionalAccessModel&, clang::dataflow::Environment const&, std::function<void (clang::CFGElement const&, clang::dataflow::DataflowAnalysisState<clang::dataflow::UncheckedOptionalAccessModel::Lattice> const&)>) (/usr/lib/llvm-16/bin/clang-tidy+0x997374)
#9 0x000055fb4e0bbd39 clang::tidy::bugprone::UncheckedOptionalAccessCheck::check(clang::ast_matchers::MatchFinder::MatchResult const&) (/usr/lib/llvm-16/bin/clang-tidy+0x996d39)
#10 0x000055fb4e678cfb (/usr/lib/llvm-16/bin/clang-tidy+0xf53cfb)
#11 0x000055fb4e6a9c8c clang::ast_matchers::internal::BoundNodesTreeBuilder::visitMatches(clang::ast_matchers::internal::BoundNodesTreeBuilder::Visitor*) (/usr/lib/llvm-16/bin/clang-tidy+0xf84c8c)
#12 0x000055fb4e678688 (/usr/lib/llvm-16/bin/clang-tidy+0xf53688)
#13 0x000055fb4e67b05b (/usr/lib/llvm-16/bin/clang-tidy+0xf5605b)
#14 0x000055fb4e67d34b (/usr/lib/llvm-16/bin/clang-tidy+0xf5834b)
#15 0x000055fb4e67b3d3 (/usr/lib/llvm-16/bin/clang-tidy+0xf563d3)
#16 0x000055fb4e67d34b (/usr/lib/llvm-16/bin/clang-tidy+0xf5834b)
#17 0x000055fb4e67b3d3 (/usr/lib/llvm-16/bin/clang-tidy+0xf563d3)
#18 0x000055fb4e683b9b (/usr/lib/llvm-16/bin/clang-tidy+0xf5eb9b)
#19 0x000055fb4e67b83b (/usr/lib/llvm-16/bin/clang-tidy+0xf5683b)
#20 0x000055fb4e64d968 clang::ast_matchers::MatchFinder::matchAST(clang::ASTContext&) (/usr/lib/llvm-16/bin/clang-tidy+0xf28968)
#21 0x00007f293321ebdc clang::MultiplexConsumer::HandleTranslationUnit(clang::ASTContext&) (/usr/lib/llvm-16/bin/../lib/libclang-cpp.so.16+0x281ebdc)
#22 0x00007f29315cd5a2 clang::ParseAST(clang::Sema&, bool, bool) (/usr/lib/llvm-16/bin/../lib/libclang-cpp.so.16+0xbcd5a2)
#23 0x00007f29331e4bd5 clang::FrontendAction::Execute() (/usr/lib/llvm-16/bin/../lib/libclang-cpp.so.16+0x27e4bd5)
#24 0x00007f2933161dc4 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/usr/lib/llvm-16/bin/../lib/libclang-cpp.so.16+0x2761dc4)
#25 0x00007f29333f5477 clang::tooling::FrontendActionFactory::runInvocation(std::shared_ptr<clang::CompilerInvocation>, clang::FileManager*, std::shared_ptr<clang::PCHContainerOperations>, clang::DiagnosticConsumer*) (/usr/lib/llvm-16/bin/../lib/libclang-cpp.so.16+0x29f5477)
#26 0x000055fb4ebb6208 (/usr/lib/llvm-16/bin/clang-tidy+0x1491208)
#27 0x00007f29333f51b4 clang::tooling::ToolInvocation::runInvocation(char const*, clang::driver::Compilation*, std::shared_ptr<clang::CompilerInvocation>, std::shared_ptr<clang::PCHContainerOperations>) (/usr/lib/llvm-16/bin/../lib/libclang-cpp.so.16+0x29f51b4)
#28 0x00007f29333f42e4 clang::tooling::ToolInvocation::run() (/usr/lib/llvm-16/bin/../lib/libclang-cpp.so.16+0x29f42e4)
#29 0x00007f29333f6a1f clang::tooling::ClangTool::run(clang::tooling::ToolAction*) (/usr/lib/llvm-16/bin/../lib/libclang-cpp.so.16+0x29f6a1f)
#30 0x000055fb4ebb25c1 clang::tidy::runClangTidy(clang::tidy::ClangTidyContext&, clang::tooling::CompilationDatabase const&, llvm::ArrayRef<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, llvm::IntrusiveRefCntPtr<llvm::vfs::OverlayFileSystem>, bool, bool, llvm::StringRef) (/usr/lib/llvm-16/bin/clang-tidy+0x148d5c1)
#31 0x000055fb4df48352 clang::tidy::clangTidyMain(int, char const**) (/usr/lib/llvm-16/bin/clang-tidy+0x823352)
#32 0x00007f2928a29d90 __libc_start_call_main ./csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#33 0x00007f2928a29e40 call_init ./csu/../csu/libc-start.c:128:20
#34 0x00007f2928a29e40 __libc_start_main ./csu/../csu/libc-start.c:379:5
#35 0x000055fb4df43885 _start (/usr/lib/llvm-16/bin/clang-tidy+0x81e885)
Segmentation fault (core dumped)
```
Minimal reproducer:
```c++
/**
* @file TestGalore.cpp
* @author Xavier Roche (xavier.ro...@algolia.com)
* @brief Reproducing case for clangd crash
* LLVM_SYMBOLIZER_PATH=llvm-symbolizer-16 clang-tidy-16 --checks=bugprone-unchecked-optional-access TestGalore.cpp
* @date 2023-08-17
*/
#include <optional>
#include <tuple>
namespace algolia::testGalore {
class Error
{
public:
explicit Error() = default;
bool failed() const { return false; }
};
template<typename T>
using Result = std::tuple<T, Error>;
struct Response
{
int magic;
};
class ExecuteQuery
{
private:
void _processStuff();
Result<Response> _callStuff();
private:
std::optional<bool> _enabled = std::nullopt;
};
Error somethingElse(const int& value)
{
return Error{};
}
void ExecuteQuery::_processStuff()
{
if (not _enabled.value()) {
return;
}
auto [answer, error] = _callStuff();
error = somethingElse(answer.magic);
if (error.failed()) {
return;
}
return;
}
}; // namespace algolia::testGalore
```
![]()
_______________________________________________
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
