<html>

    <head>

      <base href="https://bugs.llvm.org/">

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - Crash on clang_getCursor with lambda expression"

   href="https://bugs.llvm.org/show_bug.cgi?id=46147">46147</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>Crash on clang_getCursor with lambda expression

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>clang

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>10.0

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>PC

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>Linux

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>normal

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>libclang

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>unassignedclangbugs@nondot.org

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>aaronpuchert@alice-dsl.net

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>klimek@google.com, llvm-bugs@lists.llvm.org, richard-llvm@metafoo.co.uk

          </td>

        </tr></table>

      <p>

        <div>

        <pre>Create a file test.cpp with content

void a(int b) { int c[b]; [&] { c

Then running "c-index-test -cursor-at=test.cpp:1:34 test.cpp" crashes with an

assertion in cxcursor::MakeCXCursor(Stmt const*, Decl const*,

CXTranslationUnitImpl*, SourceRange) in clang/tools/libclang/CXCursor.cpp

because the first parameter is nullptr.

The parameter comes from this loop in CursorVisitor::RunVisitorWorkList,

CIndex.cpp:

        // Visit init captures

        for (auto InitExpr : E->capture_inits()) {

          if (Visit(InitExpr))

            return true;

        }

E->capture_inits() contains two Expr*, the first is a nullptr. The full stack:

[Assertion]

#4  clang::cxcursor::MakeCXCursor (S=0x0, Parent=0x7fffd80677c8,

TU=0x7fffd80076f0, RegionOfInterest=...)

    at ../clang/tools/libclang/CXCursor.cpp:129

#5  clang::cxcursor::CursorVisitor::EnqueueWorkList (this=0x7fffe53dc628,

WL=..., S=0x0)

    at ../clang/tools/libclang/CIndex.cpp:3019

#6  clang::cxcursor::CursorVisitor::Visit (this=0x7fffe53dc628, S=0x0)

    at ../clang/tools/libclang/CIndex.cpp:3247

#7  clang::cxcursor::CursorVisitor::RunVisitorWorkList (this=0x7fffe53dc628,

WL=...)

    at ../clang/tools/libclang/CIndex.cpp:3205

#8  clang::cxcursor::CursorVisitor::Visit (this=0x7fffe53dc628,

S=0x7fffd80680c8)

    at ../clang/tools/libclang/CIndex.cpp:3248

#9  clang::cxcursor::CursorVisitor::VisitChildren (this=0x7fffe53dc628,

Cursor=...)

    at ../clang/tools/libclang/CIndex.cpp:508

#10 clang::cxcursor::CursorVisitor::Visit (this=0x7fffe53dc628, Cursor=...,

CheckedRegionOfInterest=false)

    at ../clang/tools/libclang/CIndex.cpp:222

#11 clang::cxcursor::CursorVisitor::VisitFunctionDecl (this=0x7fffe53dc628,

ND=0x7fffd80677c8)

    at ../clang/tools/libclang/CIndex.cpp:896

#12 clang::declvisitor::Base<std::add_pointer, clang::cxcursor::CursorVisitor,

bool>::Visit (

    this=0x7fffe53dc628, D=0x7fffd80677c8) at

llvm/tools/clang/include/clang/AST/DeclNodes.inc:401

#13 clang::cxcursor::CursorVisitor::VisitChildren (this=0x7fffe53dc628,

Cursor=...)

    at ../clang/tools/libclang/CIndex.cpp:503

#14 clang::cxcursor::CursorVisitor::Visit (this=0x7fffe53dc628, Cursor=...,

CheckedRegionOfInterest=true)

    at ../clang/tools/libclang/CIndex.cpp:222

#15 clang::cxcursor::CursorVisitor::visitDeclsFromFileRegion

(this=0x7fffe53dc628, File=..., Offset=33, 

    Length=0) at ../clang/tools/libclang/CIndex.cpp:368

#16 clang::cxcursor::CursorVisitor::visitFileRegion (this=0x7fffe53dc628)

    at ../clang/tools/libclang/CIndex.cpp:282

#17 clang::cxcursor::getCursor (TU=0x7fffd80076f0, SLoc=...) at

../clang/tools/libclang/CIndex.cpp:6008

#18 clang_getCursor (TU=0x7fffd80076f0, Loc=...) at

../clang/tools/libclang/CIndex.cpp:5709

#19 inspect_cursor_at (argc=3, argv=0x7fffffffddd8, locations_flag=0x20eefc

"-cursor-at=", 

    handler=0x229960 <inspect_print_cursor>) at

../clang/tools/c-index-test/c-index-test.c:2856

#20 cindextest_main (argc=3, argv=0x7fffffffddd8) at

../clang/tools/c-index-test/c-index-test.c:4837

#21 thread_runner (client_data_v=0x7fffffffdcb0) at

../clang/tools/c-index-test/c-index-test.c:4958

#22 threadFuncSync (Arg=0x7fffffffdc28) at

../llvm/lib/Support/Unix/Threading.inc:47

#23 start_thread () from /lib64/libpthread.so.0

#24 clone () from /lib64/libc.so.6</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>