[llvm-bugs] [Bug 41478] New: clang::tooling::getUSRsForDeclaration segfault for forward declaration

via llvm-bugs llvm-bugs at lists.llvm.org
Fri Apr 12 02:34:59 PDT 2019 

https://bugs.llvm.org/show_bug.cgi?id=41478

            Bug ID: 41478
           Summary: clang::tooling::getUSRsForDeclaration segfault for
                    forward declaration
           Product: clang
           Version: 8.0
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P
         Component: libclang
          Assignee: unassignedclangbugs at nondot.org
          Reporter: winterch at in.tum.de
                CC: klimek at google.com, llvm-bugs at lists.llvm.org,
                    richard-llvm at metafoo.co.uk

Created attachment 21766
  --> https://bugs.llvm.org/attachment.cgi?id=21766&action=edit
The minimal example to reproduce

clang::tooling::getUSRsForDeclaration segfault when presented with a forward
declaration without a definition. 

This is caused by repeated call to RecordDecl->getDefinition() in 

AdditionalUSRFinder::handleCXXRecordDecl
https://clang.llvm.org/doxygen/USRFindingAction_8cpp_source.html#l00105

which returns a nullptr

followed by

AdditionalUSRFinder::addUSRsOfCtorDtors
https://clang.llvm.org/doxygen/USRFindingAction_8cpp_source.html#l00124

where it is this time called on the nullptr returned before, resulting in a
segfault


A simple fix would be checking for nullptr before the second call, as is done
directly afterwards, e.g. duplicating lines 

https://clang.llvm.org/doxygen/USRFindingAction_8cpp_source.html#l00126
to
https://clang.llvm.org/doxygen/USRFindingAction_8cpp_source.html#l00128

directly before 

https://clang.llvm.org/doxygen/USRFindingAction_8cpp_source.html#l00124


This segfault/assertion fail can be reproduced by running the example attached
(main.cpp) on the file test.cpp

Tested with clang/llvm version 8 but the code is unchanged for 9 as well.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20190412/6224a308/attachment.html>

More information about the llvm-bugs mailing list