
<html>

    <head>

      <base href="https://bugs.llvm.org/">

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - clang::tooling::getUSRsForDeclaration segfault for forward declaration"

   href="https://bugs.llvm.org/show_bug.cgi?id=41478">41478</a>

          </td>

        </tr>


        <tr>

          <th>Summary</th>

          <td>clang::tooling::getUSRsForDeclaration segfault for forward declaration

          </td>

        </tr>


        <tr>

          <th>Product</th>

          <td>clang

          </td>

        </tr>


        <tr>

          <th>Version</th>

          <td>8.0

          </td>

        </tr>


        <tr>

          <th>Hardware</th>

          <td>PC

          </td>

        </tr>


        <tr>

          <th>OS</th>

          <td>Linux

          </td>

        </tr>


        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>


        <tr>

          <th>Severity</th>

          <td>normal

          </td>

        </tr>


        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>


        <tr>

          <th>Component</th>

          <td>libclang

          </td>

        </tr>


        <tr>

          <th>Assignee</th>

          <td>unassignedclangbugs@nondot.org

          </td>

        </tr>


        <tr>

          <th>Reporter</th>

          <td>winterch@in.tum.de

          </td>

        </tr>


        <tr>

          <th>CC</th>

          <td>klimek@google.com, llvm-bugs@lists.llvm.org, richard-llvm@metafoo.co.uk

          </td>

        </tr></table>

      <p>

        <div>

        <pre>Created <span class=""><a href="attachment.cgi?id=21766" name="attach_21766" title="The minimal example to reproduce">attachment 21766</a> <a href="attachment.cgi?id=21766&action=edit" title="The minimal example to reproduce">[details]</a></span>

The minimal example to reproduce


clang::tooling::getUSRsForDeclaration segfault when presented with a forward

declaration without a definition. 


This is caused by repeated call to RecordDecl->getDefinition() in 


AdditionalUSRFinder::handleCXXRecordDecl

<a href="https://clang.llvm.org/doxygen/USRFindingAction_8cpp_source.html#l00105">https://clang.llvm.org/doxygen/USRFindingAction_8cpp_source.html#l00105</a>


which returns a nullptr


followed by


AdditionalUSRFinder::addUSRsOfCtorDtors

<a href="https://clang.llvm.org/doxygen/USRFindingAction_8cpp_source.html#l00124">https://clang.llvm.org/doxygen/USRFindingAction_8cpp_source.html#l00124</a>


where it is this time called on the nullptr returned before, resulting in a

segfault


A simple fix would be checking for nullptr before the second call, as is done

directly afterwards, e.g. duplicating lines 


<a href="https://clang.llvm.org/doxygen/USRFindingAction_8cpp_source.html#l00126">https://clang.llvm.org/doxygen/USRFindingAction_8cpp_source.html#l00126</a>

to

<a href="https://clang.llvm.org/doxygen/USRFindingAction_8cpp_source.html#l00128">https://clang.llvm.org/doxygen/USRFindingAction_8cpp_source.html#l00128</a>


directly before 


<a href="https://clang.llvm.org/doxygen/USRFindingAction_8cpp_source.html#l00124">https://clang.llvm.org/doxygen/USRFindingAction_8cpp_source.html#l00124</a>


This segfault/assertion fail can be reproduced by running the example attached

(main.cpp) on the file test.cpp


Tested with clang/llvm version 8 but the code is unchanged for 9 as well.</pre>

        </div>

      </p>


      <hr>

      <span>You are receiving this mail because:</span>


      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>