<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Sat, Aug 23, 2014 at 11:17 PM, David Kilzer <span dir="ltr"><<a href="mailto:ddkilzer@kilzer.net" target="_blank">ddkilzer@kilzer.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="">> * Crash in ASTMatchers running `test/Analysis/PR2978.m` test, possibly due to invalid code in `-dealloc` method. Haven't figured out how to make a stand-alone test case yet.<br>
<br>
</div>Something is going horribly wrong dereferencing a `clang::Stmt *` into a `const clang::Stmt &` in this call:<br>
<br>
Finder.match(*S, Ctx);<br>
<br>
Changing the pointer type to `const clang::Stmt *` as passed into the method had no effect. I also tried this to no avail:<br>
<br>
const Stmt &SRef = *S;<br>
Finder.match(SRef, Ctx);<br>
<br>
Here's an lldb session showing the badness. I know something is going wrong because the value of `Node.Aligner` in the `match()` method is the same value as the `S` pointer (`0x000000010a033ce0`) prior to the call:<br>
<br>
<br>
```<br>
(lldb) run<br>
Process 6895 launched: '/Volumes/Data/clang.git/llvm/Debug+Asserts/bin/clang' (x86_64)<br>
Process 6895 stopped<br>
* thread #1: tid = 0x39e920, 0x00000001010a5250 clang`scan_dealloc_for_self_after_super_dealloc(S=0x000000010a033ce0, Callback=0x00007fff5fbfc410, Ctx=0x000000010a822000) + 624 at CheckObjCDealloc.cpp:70, queue = 'com.apple.main-thread', stop reason = breakpoint 1.1<br>
frame #0: 0x00000001010a5250 clang`scan_dealloc_for_self_after_super_dealloc(S=0x000000010a033ce0, Callback=0x00007fff5fbfc410, Ctx=0x000000010a822000) + 624 at CheckObjCDealloc.cpp:70<br>
67 stmt(hasDescendant(declRefExpr(to(varDecl(hasName("self"))))<br>
68 .bind("self"))).bind("stmt");<br>
69 Finder.addMatcher(Matcher, &Callback);<br>
-> 70 Finder.match(*S, Ctx);<br>
71 if (Callback.FoundMatch())<br>
72 return true;<br>
73<br>
(lldb) p *S<br>
(clang::Stmt) $4 = {<br>
= {<br>
Aligner = 0x000000000000008d<br>
StmtBits = (sClass = 141)<br>
CompoundStmtBits = (NumStmts = 0)<br>
ExprBits = {<br>
ValueKind = 0<br>
ObjectKind = 0<br>
TypeDependent = 0<br>
ValueDependent = 0<br>
InstantiationDependent = 0<br>
ContainsUnexpandedParameterPack = 0<br>
}<br>
CharacterLiteralBits = (Kind = 0)<br>
FloatingLiteralBits = (Semantics = 0, IsExact = 0)<br>
UnaryExprOrTypeTraitExprBits = (Kind = 0, IsType = 0)<br>
DeclRefExprBits = {<br>
HasQualifier = 0<br>
HasTemplateKWAndArgsInfo = 0<br>
HasFoundDecl = 0<br>
HadMultipleCandidates = 0<br>
RefersToEnclosingLocal = 0<br>
}<br>
CastExprBits = (Kind = 0, BasePathSize = 0)<br>
CallExprBits = (NumPreArgs = 0)<br>
ExprWithCleanupsBits = (NumObjects = 0)<br>
PseudoObjectExprBits = (NumSubExprs = 0, ResultIndex = 0)<br>
ObjCIndirectCopyRestoreExprBits = (ShouldCopy = 0)<br>
InitListExprBits = (HadArrayRangeDesignator = 0)<br>
TypeTraitExprBits = (Kind = 0, Value = 0, NumArgs = 0)<br>
}<br>
}<br>
(lldb) p S->getStmtClassName()<br>
(const char *) $5 = 0x00000001044ea946 "ReturnStmt"<br>
(lldb) p (*S).getStmtClassName()<br>
(const char *) $6 = 0x00000001044ea946 "ReturnStmt"<br>
(lldb) s<br>
Process 6895 stopped<br>
* thread #1: tid = 0x39e920, 0x00000001010b0b7a clang`void clang::ast_matchers::MatchFinder::match<clang::Stmt>(this=0x00007fff5fbfbe38, Node=0x000000010a033ce0, Context=0x000000010a822000) + 42 at ASTMatchFinder.h:160, queue = 'com.apple.main-thread', stop reason = step in<br>
frame #0: 0x00000001010b0b7a clang`void clang::ast_matchers::MatchFinder::match<clang::Stmt>(this=0x00007fff5fbfbe38, Node=0x000000010a033ce0, Context=0x000000010a822000) + 42 at ASTMatchFinder.h:160<br>
157 ///<br>
158 /// @{<br>
159 template <typename T> void match(const T &Node, ASTContext &Context) {<br>
-> 160 match(clang::ast_type_traits::DynTypedNode::create(Node), Context);<br>
161 }<br>
162 void match(const clang::ast_type_traits::DynTypedNode &Node,<br>
163 ASTContext &Context);<br>
(lldb) p Node.getStmtClassName()<br>
(const char *) $7 = 0x0000002000000000<br>
(lldb) p Node<br>
(const clang::Stmt) $8 = {<br>
= {<br>
Aligner = 0x000000010a033ce0<br></blockquote><div><br></div><div>Is this an LLDB bug? Given that the bug was unrelated to this, it looks like this might be an issue in LLDB's understanding of references. In particular, it looks like it's confused as to whether 'Node' is represented as a Stmt or as a pointer to a Stmt.</div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
StmtBits = (sClass = 224)<br>
CompoundStmtBits = (NumStmts = 656188)<br>
ExprBits = {<br>
ValueKind = 0<br>
ObjectKind = 3<br>
TypeDependent = 1<br>
ValueDependent = 1<br>
InstantiationDependent = 0<br>
ContainsUnexpandedParameterPack = 0<br>
}<br>
CharacterLiteralBits = (Kind = 3)<br>
FloatingLiteralBits = (Semantics = 3, IsExact = 0)<br>
UnaryExprOrTypeTraitExprBits = (Kind = 3, IsType = 0)<br>
DeclRefExprBits = {<br>
HasQualifier = 1<br>
HasTemplateKWAndArgsInfo = 1<br>
HasFoundDecl = 0<br>
HadMultipleCandidates = 0<br>
RefersToEnclosingLocal = 0<br>
}<br>
CastExprBits = (Kind = 3, BasePathSize = 40)<br>
CallExprBits = (NumPreArgs = 1)<br>
ExprWithCleanupsBits = (NumObjects = 2563)<br>
PseudoObjectExprBits = (NumSubExprs = 3, ResultIndex = 10)<br>
ObjCIndirectCopyRestoreExprBits = (ShouldCopy = 1)<br>
InitListExprBits = (HadArrayRangeDesignator = 1)<br>
TypeTraitExprBits = (Kind = 3, Value = 0, NumArgs = 5)<br>
}<br>
}<br>
(lldb)<br>
```<br>
<br>
One thing I can't tell is if `make` is compiling with the trunk clang I'm building, or whether it's using the clang I have installed with Xcode.<br>
<br>
<a href="http://reviews.llvm.org/D5042" target="_blank">http://reviews.llvm.org/D5042</a><br>
<br>
<br>
<br>
_______________________________________________<br>
cfe-commits mailing list<br>
<a href="mailto:cfe-commits@cs.uiuc.edu">cfe-commits@cs.uiuc.edu</a><br>
<a href="http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits" target="_blank">http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits</a><br>
</blockquote></div><br></div></div>