Clang-tidy crash

[jan-revay]

$ clang-tidy-12 ProblematicFile.cpp 
PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash backtrace.
Stack dump:
0.    Program arguments: clang-tidy-12 LogicPowerup.cpp
1.    <eof> parser at end of file
Stack dump without symbol names (ensure you have llvm-symbolizer in your PATH or set the environment var `LLVM_SYMBOLIZER_PATH` to point to it):
/lib/x86_64-linux-gnu/libLLVM-12.so.1(_ZN4llvm3sys15PrintStackTraceERNS_11raw_ostreamEi+0x23)[0x7fdfc65bdef3]
/lib/x86_64-linux-gnu/libLLVM-12.so.1(_ZN4llvm3sys17RunSignalHandlersEv+0x50)[0x7fdfc65bc210]
/lib/x86_64-linux-gnu/libLLVM-12.so.1(+0xbd955f)[0x7fdfc65be55f]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x153c0)[0x7fdfcddf43c0]
clang-tidy-12[0x7e1d83]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(+0xee0141)[0x7fdfcc07b141]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(_ZN5clang12ast_matchers8internal21BoundNodesTreeBuilder12visitMatchesEPNS2_7VisitorE+0x9c)[0x7fdfcc09e8ac]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(+0xedf84d)[0x7fdfcc07a84d]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(+0xef5d1f)[0x7fdfcc090d1f]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(+0xee812f)[0x7fdfcc08312f]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(+0xee75d3)[0x7fdfcc0825d3]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(+0xf03527)[0x7fdfcc09e527]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(+0xee3e1a)[0x7fdfcc07ee1a]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(+0xee13f2)[0x7fdfcc07c3f2]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(+0xee67bb)[0x7fdfcc0817bb]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(+0xee3b98)[0x7fdfcc07eb98]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(+0xee13f2)[0x7fdfcc07c3f2]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(_ZN5clang12ast_matchers11MatchFinder8matchASTERNS_10ASTContextE+0x2ec)[0x7fdfcc05ea7c]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(_ZN5clang17MultiplexConsumer21HandleTranslationUnitERNS_10ASTContextE+0x2c)[0x7fdfcd09ac3c]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(_ZN5clang8ParseASTERNS_4SemaEbb+0x244)[0x7fdfcbad3d94]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(_ZN5clang14FrontendAction7ExecuteEv+0x48)[0x7fdfcd069118]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(_ZN5clang16CompilerInstance13ExecuteActionERNS_14FrontendActionE+0x8a1)[0x7fdfccff6dd1]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(_ZN5clang7tooling21FrontendActionFactory13runInvocationESt10shared_ptrINS_18CompilerInvocationEEPNS_11FileManagerES2_INS_22PCHContainerOperationsEEPNS_18DiagnosticConsumerE+0x1ad)[0x7fdfcd1da8ed]
clang-tidy-12[0x87f646]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(_ZN5clang7tooling14ToolInvocation13runInvocationEPKcPNS_6driver11CompilationESt10shared_ptrINS_18CompilerInvocationEES7_INS_22PCHContainerOperationsEE+0x11a)[0x7fdfcd1da64a]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(_ZN5clang7tooling14ToolInvocation3runEv+0x9d4)[0x7fdfcd1d9a74]
/lib/x86_64-linux-gnu/libclang-cpp.so.12(_ZN5clang7tooling9ClangTool3runEPNS0_10ToolActionE+0xba8)[0x7fdfcd1dbb28]
clang-tidy-12[0x87c377]
clang-tidy-12[0x45833d]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf3)[0x7fdfc54940b3]
clang-tidy-12[0x45612e]
Segmentation fault (core dumped)

Unfortunately I cannot include the code files as they are propertialy. I found a exact line that causes the problem.

Crash is caused by a line in a file "ProblematicFile.cpp" (I obfuscated the names because the code is propertialy):

if(some_namespace::class1_instance.class2_instance.X)  /// THIS LINE CAUSES THE CRASH
{
    ....
}

class1 is defined in an included header file "Header.h" that as a standalone file was parsed by clang-tidy successfully:

....

namespace some_namespace {
extern const class class1 : public base_class1 {
public:
    class class2 : public base_class2 {
    public:
        class2();
        static const unsigned X;
        static const unsigned Y;
        static const unsigned Z;
    } class2_instance;
} class1_instance;
};
  
....

However I was unable to reproduce the crash just from the code I provided here... base_class1 and base_class2 are quite large classes.

P.S.: It crashes with clang-tidy-13 as well... (tested via clangd)

[llvmbot]

@llvm/issue-subscribers-clang-tidy

[llvmbot]

@llvm/issue-subscribers-bug

[jan-revay]

Update:

Running:
$ clang-tidy-13 -checks=-readability-static-accessed-through-instance ProblematicFile.cpp
resp.
$ clang-tidy-12 -checks=-readability-static-accessed-through-instance ProblematicFile.cpp

Does not fail, hence it seems that readability-static-accessed-through-instance causes the issue.

[njames93]

Using that check would it be possible to create a minimal reproducer. If you can't would you be able to build a debug clang-tidy potentially with sanatizers and provide a stack trace when it crashes

[jan-revay]

Ok, I will try if I will have some free time.

Hmm... after running

cmake -DLLVM_ENABLE_PROJECTS=clang-tools-extra -DLLVM_ENABLE_ASSERTIONS=On ../llvm
make

where will I find the clang-tidy binary? Can't find it anywhere... :D

---

Btw. The aforementioned file also crashes clang-tidy-14 and adding

// NOLINTBEGIN(*)
....
// NOLINTEND(*)

at beginning and the end of the problematic file does not solve the issue either. (the crash report is exactly the same)

[LegalizeAdulthood]

Related to #53359 and #53285 ?

[PiotrZSL]

Duplicate of #53874
Crash happen in StaticAccessedThroughInstanceCheck, fixed in Clang 15
Fixed by ac616fb