<html>

    <head>

      <base href="https://bugs.llvm.org/">

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - Static analyzer crashes on GTest's EXPECT_THAT"

   href="https://bugs.llvm.org/show_bug.cgi?id=38735">38735</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>Static analyzer crashes on GTest's EXPECT_THAT

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>clang

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>trunk

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>PC

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>Linux

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>normal

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>Static Analyzer

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>dcoughlin@apple.com

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>ibiryukov@google.com

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>ekarpenkov@apple.com, llvm-bugs@lists.llvm.org

          </td>

        </tr></table>

      <p>

        <div>

        <pre>Can be reproduced on existing unittest that uses EXPECT_THAT, e.g.:

./bin/clang-tidy --checks='-*,clang-analyzer*'

$LLVM_SOURCE_DIR/tools/clang/tools/extra/unittests/clangd/ClangdTests.cpp

A minimal example that also crashes it:

#include "gmock/gmock.h"

#include "gtest/gtest.h"

TEST(Foo, Bar) {

  EXPECT_THAT("Foo", ::testing::HasSubstr("oo"));

}

Crash stacktrace:

#0  getBaseRegion () at

../tools/clang/lib/StaticAnalyzer/Core/MemRegion.cpp:1129

#1  0x0000000001bc6ff6 in isLiveRegion () at

../tools/clang/lib/StaticAnalyzer/Core/SymbolManager.cpp:435

#2  0x00000000019c9d43 in checkDeadSymbols ()

    at ../tools/clang/lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp:252

#3  _checkDeadSymbols<(anonymous namespace)::InnerPointerChecker> ()

    at ../tools/clang/include/clang/StaticAnalyzer/Core/Checker.h:321

#4  0x0000000001b23cb5 in operator() ()

    at ../tools/clang/include/clang/StaticAnalyzer/Core/CheckerManager.h:70

#5  runChecker () at

../tools/clang/lib/StaticAnalyzer/Core/CheckerManager.cpp:568

#6  expandGraphWithCheckers<(anonymous namespace)::CheckDeadSymbolsContext> ()

    at ../tools/clang/lib/StaticAnalyzer/Core/CheckerManager.cpp:129

#7  runCheckersForDeadSymbols () at

../tools/clang/lib/StaticAnalyzer/Core/CheckerManager.cpp:582

#8  0x0000000001b3adad in removeDead () at

../tools/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp:680

#9  0x0000000001b3907c in ProcessStmt () at

../tools/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp:722

#10 0x0000000001b38e0c in processCFGElement ()

    at ../tools/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp:570

#11 0x0000000001b2d7c1 in HandlePostStmt () at

../tools/clang/lib/StaticAnalyzer/Core/CoreEngine.cpp:437

#12 0x0000000001b2ca7b in ExecuteWorkList () at

../tools/clang/lib/StaticAnalyzer/Core/CoreEngine.cpp:147

#13 0x00000000018f5222 in ExecuteWorkList ()

    at

../tools/clang/include/clang/StaticAnalyzer/Core/PathSensitive/ExprEngine.h:168

#14 ActionExprEngine () at

../tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:754

#15 0x00000000018f4da3 in HandleCode ()

    at ../tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:783

#16 0x00000000018ec80f in HandleDeclsCallGraph ()

    at ../tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:512

#17 runAnalysisOnTranslationUnit ()

    at ../tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:559

#18 HandleTranslationUnit () at

../tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:590

#19 0x0000000001d1891c in HandleTranslationUnit ()

    at ../tools/clang/lib/Frontend/MultiplexConsumer.cpp:287

#20 0x0000000001e4acf5 in ParseAST () at

../tools/clang/lib/Parse/ParseAST.cpp:170

#21 0x0000000001cff2e0 in Execute () at

../tools/clang/lib/Frontend/FrontendAction.cpp:910

#22 0x0000000001ca4ee1 in ExecuteAction () at

../tools/clang/lib/Frontend/CompilerInstance.cpp:961

#23 0x00000000017d3816 in runInvocation () at

../tools/clang/lib/Tooling/Tooling.cpp:362

#24 0x00000000011c1b15 in runInvocation () at

../tools/clang/tools/extra/clang-tidy/ClangTidy.cpp:556

#25 0x00000000017d3586 in runInvocation () at

../tools/clang/lib/Tooling/Tooling.cpp:337

#26 0x00000000017d2fcc in run () at ../tools/clang/lib/Tooling/Tooling.cpp:322

#27 0x00000000017d45f1 in run () at ../tools/clang/lib/Tooling/Tooling.cpp:496

#28 0x00000000011be885 in runClangTidy () at

../tools/clang/tools/extra/clang-tidy/ClangTidy.cpp:577

#29 0x0000000000f561c0 in clangTidyMain ()

    at ../tools/clang/tools/extra/clang-tidy/tool/ClangTidyMain.cpp:424

#30 main () at ../tools/clang/tools/extra/clang-tidy/tool/ClangTidyMain.cpp:576</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>