[WebKit Checkers] Recognize Objective-C and CF pointer conversion functions.

[rniwa]

Recognize dynamic_objc_cast, checked_objc_cast, dynamic_cf_cast, and checked_cf_cast.

[llvmbot]

@llvm/pr-subscribers-clang-static-analyzer-1

@llvm/pr-subscribers-clang

Author: Ryosuke Niwa (rniwa)

Changes

Recognize dynamic_objc_cast, checked_objc_cast, dynamic_cf_cast, and checked_cf_cast.

---

Full diff: https://github.com/llvm/llvm-project/pull/132784.diff

5 Files Affected:

• (modified) clang/lib/StaticAnalyzer/Checkers/WebKit/PtrTypesSemantics.cpp (+4-1)
• (modified) clang/lib/StaticAnalyzer/Checkers/WebKit/RawPtrRefCallArgsChecker.cpp (+2-5)
• (modified) clang/test/Analysis/Checkers/WebKit/objc-mock-types.h (+143)
• (modified) clang/test/Analysis/Checkers/WebKit/unretained-call-args.mm (+22)
• (modified) clang/test/Analysis/Checkers/WebKit/unretained-local-vars.mm (+27)

diff --git a/clang/lib/StaticAnalyzer/Checkers/WebKit/PtrTypesSemantics.cpp b/clang/lib/StaticAnalyzer/Checkers/WebKit/PtrTypesSemantics.cpp
index b4d2353a03cd2..7bc04ee565d03 100644
--- a/clang/lib/StaticAnalyzer/Checkers/WebKit/PtrTypesSemantics.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/WebKit/PtrTypesSemantics.cpp
@@ -418,7 +418,10 @@ bool isPtrConversion(const FunctionDecl *F) {
       FunctionName == "dynamicDowncast" || FunctionName == "downcast" ||
       FunctionName == "checkedDowncast" ||
       FunctionName == "uncheckedDowncast" || FunctionName == "bitwise_cast" ||
-      FunctionName == "bridge_cast")
+      FunctionName == "bridge_cast" || FunctionName == "bridge_id_cast" ||
+      FunctionName == "dynamic_cf_cast" || FunctionName == "checked_cf_cast" ||
+      FunctionName == "dynamic_objc_cast" ||
+      FunctionName == "checked_objc_cast")
     return true;
 
   return false;
diff --git a/clang/lib/StaticAnalyzer/Checkers/WebKit/RawPtrRefCallArgsChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/WebKit/RawPtrRefCallArgsChecker.cpp
index 39e9cd023d1f7..ce8f0df697b06 100644
--- a/clang/lib/StaticAnalyzer/Checkers/WebKit/RawPtrRefCallArgsChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/WebKit/RawPtrRefCallArgsChecker.cpp
@@ -286,15 +286,12 @@ class RawPtrRefCallArgsChecker
         overloadedOperatorType == OO_PipePipe)
       return true;
 
-    if (isCtorOfSafePtr(Callee))
+    if (isCtorOfSafePtr(Callee) || isPtrConversion(Callee))
       return true;
 
     auto name = safeGetName(Callee);
     if (name == "adoptRef" || name == "getPtr" || name == "WeakPtr" ||
-        name == "dynamicDowncast" || name == "downcast" ||
-        name == "checkedDowncast" || name == "uncheckedDowncast" ||
-        name == "bitwise_cast" || name == "is" || name == "equal" ||
-        name == "hash" || name == "isType" ||
+        name == "is" || name == "equal" || name == "hash" || name == "isType" ||
         // FIXME: Most/all of these should be implemented via attributes.
         name == "equalIgnoringASCIICase" ||
         name == "equalIgnoringASCIICaseCommon" ||
diff --git a/clang/test/Analysis/Checkers/WebKit/objc-mock-types.h b/clang/test/Analysis/Checkers/WebKit/objc-mock-types.h
index 5bd265596a0b4..a30ce2e7e7729 100644
--- a/clang/test/Analysis/Checkers/WebKit/objc-mock-types.h
+++ b/clang/test/Analysis/Checkers/WebKit/objc-mock-types.h
@@ -5,6 +5,7 @@
 #define CF_BRIDGED_TYPE(T) __attribute__((objc_bridge(T)))
 #define CF_BRIDGED_MUTABLE_TYPE(T) __attribute__((objc_bridge_mutable(T)))
 typedef CF_BRIDGED_TYPE(id) void * CFTypeRef;
+typedef unsigned long long CFTypeID;
 typedef signed char BOOL;
 typedef unsigned char Boolean;
 typedef signed long CFIndex;
@@ -21,6 +22,8 @@ typedef struct CF_BRIDGED_MUTABLE_TYPE(CFRunLoopRef) __CFRunLoop * CFRunLoopRef;
 
 extern const CFAllocatorRef kCFAllocatorDefault;
 typedef struct _NSZone NSZone;
+CFTypeID CFGetTypeID(CFTypeRef cf);
+CFTypeID CFArrayGetTypeID();
 CFMutableArrayRef CFArrayCreateMutable(CFAllocatorRef allocator, CFIndex capacity);
 extern void CFArrayAppendValue(CFMutableArrayRef theArray, const void *value);
 CFArrayRef CFArrayCreate(CFAllocatorRef allocator, const void **values, CFIndex numValues);
@@ -29,6 +32,7 @@ CFIndex CFArrayGetCount(CFArrayRef theArray);
 typedef const struct CF_BRIDGED_TYPE(NSDictionary) __CFDictionary * CFDictionaryRef;
 typedef struct CF_BRIDGED_MUTABLE_TYPE(NSMutableDictionary) __CFDictionary * CFMutableDictionaryRef;
 
+CFTypeID CFDictionaryGetTypeID();
 CFDictionaryRef CFDictionaryCreate(CFAllocatorRef allocator, const void **keys, const void **values, CFIndex numValues);
 CFDictionaryRef CFDictionaryCreateCopy(CFAllocatorRef allocator, CFDictionaryRef theDict);
 CFDictionaryRef CFDictionaryCreateMutableCopy(CFAllocatorRef allocator, CFIndex capacity, CFDictionaryRef theDict);
@@ -135,6 +139,8 @@ __attribute__((objc_root_class))
 
 namespace WTF {
 
+void WTFCrash(void);
+
 template<typename T> class RetainPtr;
 template<typename T> RetainPtr<T> adoptNS(T*);
 template<typename T> RetainPtr<T> adoptCF(T);
@@ -273,11 +279,148 @@ inline CFTypeRef bridge_cast(NSObject *object)
     return (__bridge CFTypeRef)object;
 }
 
+template <typename ExpectedType>
+struct ObjCTypeCastTraits {
+public:
+    static bool isType(id object) { return [object isKindOfClass:[ExpectedType class]]; }
+
+    template <typename ArgType>
+    static bool isType(const ArgType *object) { return [object isKindOfClass:[ExpectedType class]]; }
+};
+
+template <typename ExpectedType, typename ArgType>
+inline bool is_objc(ArgType * source)
+{
+    return source && ObjCTypeCastTraits<ExpectedType>::isType(source);
+}
+
+template<typename T> inline T *checked_objc_cast(id object)
+{
+    if (!object)
+        return nullptr;
+
+    if (!is_objc<T>(object))
+      WTFCrash();
+
+    return reinterpret_cast<T*>(object);
+}
+
+template<typename T, typename U> inline T *checked_objc_cast(U *object)
+{
+    if (!object)
+        return nullptr;
+
+    if (!is_objc<T>(object))
+      WTFCrash();
+
+    return static_cast<T*>(object);
+}
+
+template<typename T, typename U> RetainPtr<T> dynamic_objc_cast(RetainPtr<U>&& object)
+{
+    if (!is_objc<T>(object.get()))
+        return nullptr;
+    return adoptNS(static_cast<T*>(object.leakRef()));
+}
+
+template<typename T> RetainPtr<T> dynamic_objc_cast(RetainPtr<id>&& object)
+{
+    if (!is_objc<T>(object.get()))
+        return nullptr;
+    return adoptNS(reinterpret_cast<T*>(object.leakRef()));
+}
+
+template<typename T, typename U> RetainPtr<T> dynamic_objc_cast(const RetainPtr<U>& object)
+{
+    if (!is_objc<T>(object.get()))
+        return nullptr;
+    return static_cast<T*>(object.get());
+}
+
+template<typename T> RetainPtr<T> dynamic_objc_cast(const RetainPtr<id>& object)
+{
+    if (!is_objc<T>(object.get()))
+        return nullptr;
+    return reinterpret_cast<T*>(object.get());
+}
+
+template<typename T> T *dynamic_objc_cast(NSObject *object)
+{
+    if (!is_objc<T>(object))
+        return nullptr;
+    return static_cast<T*>(object);
+}
+
+template<typename T> T *dynamic_objc_cast(id object)
+{
+    if (!is_objc<T>(object))
+        return nullptr;
+    return reinterpret_cast<T*>(object);
+}
+
+template <typename> struct CFTypeTrait;
+
+template<typename T> T dynamic_cf_cast(CFTypeRef object)
+{
+    if (!object)
+        return nullptr;
+
+    if (CFGetTypeID(object) != CFTypeTrait<T>::typeID())
+        return nullptr;
+
+    return static_cast<T>(const_cast<CF_BRIDGED_TYPE(id) void*>(object));
+}
+
+template<typename T> T checked_cf_cast(CFTypeRef object)
+{
+    if (!object)
+        return nullptr;
+
+    if (CFGetTypeID(object) != CFTypeTrait<T>::typeID())
+      WTFCrash();
+
+    return static_cast<T>(const_cast<CF_BRIDGED_TYPE(id) void*>(object));
+}
+
+template<typename T, typename U> RetainPtr<T> dynamic_cf_cast(RetainPtr<U>&& object)
+{
+    if (!object)
+        return nullptr;
+
+    if (CFGetTypeID(object.get()) != CFTypeTrait<T>::typeID())
+        return nullptr;
+
+    return adoptCF(static_cast<T>(const_cast<CF_BRIDGED_TYPE(id) void*>(object.leakRef())));
 }
 
+} // namespace WTF
+
+#define WTF_DECLARE_CF_TYPE_TRAIT(ClassName) \
+template <> \
+struct WTF::CFTypeTrait<ClassName##Ref> { \
+    static inline CFTypeID typeID(void) { return ClassName##GetTypeID(); } \
+};
+
+WTF_DECLARE_CF_TYPE_TRAIT(CFArray);
+WTF_DECLARE_CF_TYPE_TRAIT(CFDictionary);
+
+#define WTF_DECLARE_CF_MUTABLE_TYPE_TRAIT(ClassName, MutableClassName) \
+template <> \
+struct WTF::CFTypeTrait<MutableClassName##Ref> { \
+    static inline CFTypeID typeID(void) { return ClassName##GetTypeID(); } \
+};
+
+WTF_DECLARE_CF_MUTABLE_TYPE_TRAIT(CFArray, CFMutableArray);
+WTF_DECLARE_CF_MUTABLE_TYPE_TRAIT(CFDictionary, CFMutableDictionary);
+
 using WTF::RetainPtr;
 using WTF::adoptNS;
 using WTF::adoptCF;
 using WTF::retainPtr;
 using WTF::downcast;
 using WTF::bridge_cast;
+using WTF::is_objc;
+using WTF::checked_objc_cast;
+using WTF::dynamic_objc_cast;
+using WTF::checked_cf_cast;
+using WTF::dynamic_cf_cast;
\ No newline at end of file
diff --git a/clang/test/Analysis/Checkers/WebKit/unretained-call-args.mm b/clang/test/Analysis/Checkers/WebKit/unretained-call-args.mm
index 3ea701d23b518..589182320a1af 100644
--- a/clang/test/Analysis/Checkers/WebKit/unretained-call-args.mm
+++ b/clang/test/Analysis/Checkers/WebKit/unretained-call-args.mm
@@ -375,6 +375,28 @@ bool baz(NSObject *obj) {
   }
 }
 
+namespace ptr_conversion {
+
+SomeObj *provide_obj();
+
+void dobjc(SomeObj* obj) {
+  [dynamic_objc_cast<OtherObj>(obj) doMoreWork:nil];
+}
+
+void cobjc(SomeObj* obj) {
+  [checked_objc_cast<OtherObj>(obj) doMoreWork:nil];
+}
+
+unsigned dcf(CFTypeRef obj) {
+  return CFArrayGetCount(dynamic_cf_cast<CFArrayRef>(obj));
+}
+
+unsigned ccf(CFTypeRef obj) {
+  return CFArrayGetCount(checked_cf_cast<CFArrayRef>(obj));
+}
+
+} // ptr_conversion
+
 @interface TestObject : NSObject
 - (void)doWork:(NSString *)msg, ...;
 - (void)doWorkOnSelf;
diff --git a/clang/test/Analysis/Checkers/WebKit/unretained-local-vars.mm b/clang/test/Analysis/Checkers/WebKit/unretained-local-vars.mm
index 21ef6a5dca519..0a3d9e54fa024 100644
--- a/clang/test/Analysis/Checkers/WebKit/unretained-local-vars.mm
+++ b/clang/test/Analysis/Checkers/WebKit/unretained-local-vars.mm
@@ -359,6 +359,33 @@ void bar() {
   }
 }
 
+namespace ptr_conversion {
+
+SomeObj *provide_obj();
+
+void dobjc(SomeObj* obj) {
+  if (auto *otherObj = dynamic_objc_cast<OtherObj>(obj))
+    [otherObj doMoreWork:nil];
+}
+
+void cobjc(SomeObj* obj) {
+  auto *otherObj = checked_objc_cast<OtherObj>(obj);
+  [otherObj doMoreWork:nil];
+}
+
+unsigned dcf(CFTypeRef obj) {
+  if (CFArrayRef array = dynamic_cf_cast<CFArrayRef>(obj))
+    return CFArrayGetCount(array);
+  return 0;
+}
+
+unsigned ccf(CFTypeRef obj) {
+  CFArrayRef array = checked_cf_cast<CFArrayRef>(obj);
+  return CFArrayGetCount(array);
+}
+
+} // ptr_conversion
+
 bool doMoreWorkOpaque(OtherObj*);
 
 @implementation OtherObj

[t-rasmud]

Is this missing bridge_id_cast? I also don't seem to find any test case using bridge_id_cast.

[rniwa]

oh yeah, indeed, I'm missing bridge_id_cast.

[rniwa]

Added a new test case for this.

[t-rasmud]

LGTM!

[rniwa]

Thanks for the review!

[llvm-ci]

LLVM Buildbot has detected a new failure on builder llvm-clang-x86_64-sie-ubuntu-fast running on sie-linux-worker while building clang at step 6 "test-build-unified-tree-check-all".

Full details are available at: https://lab.llvm.org/buildbot/#/builders/144/builds/21412

Here is the relevant piece of the build log for the reference

Step 6 (test-build-unified-tree-check-all) failure: test (failure)
******************** TEST 'Clang :: Analysis/Checkers/WebKit/forward-decl-checker.mm' FAILED ********************
Exit Code: 134

Command Output (stderr):
--
/home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/build/bin/clang -cc1 -internal-isystem /home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/build/lib/clang/21/include -nostdsysteminc -analyze -analyzer-constraints=range -setup-static-analyzer -analyzer-checker=alpha.webkit.ForwardDeclChecker -verify /home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/llvm-project/clang/test/Analysis/Checkers/WebKit/forward-decl-checker.mm # RUN: at line 1
+ /home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/build/bin/clang -cc1 -internal-isystem /home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/build/lib/clang/21/include -nostdsysteminc -analyze -analyzer-constraints=range -setup-static-analyzer -analyzer-checker=alpha.webkit.ForwardDeclChecker -verify /home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/llvm-project/clang/test/Analysis/Checkers/WebKit/forward-decl-checker.mm
clang: /home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/llvm-project/llvm/include/llvm/Support/Casting.h:662: decltype(auto) llvm::dyn_cast(From*) [with To = clang::ParenExpr; From = clang::Expr]: Assertion `detail::isPresent(Val) && "dyn_cast on a non-existent value"' failed.
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.	Program arguments: /home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/build/bin/clang -cc1 -internal-isystem /home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/build/lib/clang/21/include -nostdsysteminc -analyze -analyzer-constraints=range -setup-static-analyzer -analyzer-checker=alpha.webkit.ForwardDeclChecker -verify /home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/llvm-project/clang/test/Analysis/Checkers/WebKit/forward-decl-checker.mm
1.	<eof> parser at end of file
 #0 0x00005f939b9545f0 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/build/bin/clang+0x21b55f0)
 #1 0x00005f939b9519ff llvm::sys::RunSignalHandlers() (/home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/build/bin/clang+0x21b29ff)
 #2 0x00005f939b951b4a SignalHandler(int, siginfo_t*, void*) Signals.cpp:0:0
 #3 0x00007b4a8f852520 (/lib/x86_64-linux-gnu/libc.so.6+0x42520)
 #4 0x00007b4a8f8a69fc __pthread_kill_implementation ./nptl/pthread_kill.c:44:76
 #5 0x00007b4a8f8a69fc __pthread_kill_internal ./nptl/pthread_kill.c:78:10
 #6 0x00007b4a8f8a69fc pthread_kill ./nptl/pthread_kill.c:89:10
 #7 0x00007b4a8f852476 gsignal ./signal/../sysdeps/posix/raise.c:27:6
 #8 0x00007b4a8f8387f3 abort ./stdlib/abort.c:81:7
 #9 0x00007b4a8f83871b _nl_load_domain ./intl/loadmsgcat.c:1177:9
#10 0x00007b4a8f849e96 (/lib/x86_64-linux-gnu/libc.so.6+0x39e96)
#11 0x00005f939e478c54 (/home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/build/bin/clang+0x4cd9c54)
#12 0x00005f939efd4608 clang::Expr::IgnoreParenCasts() (/home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/build/bin/clang+0x5835608)
#13 0x00005f939db23e0b clang::RecursiveASTVisitor<(anonymous namespace)::ForwardDeclChecker::checkASTDecl(clang::TranslationUnitDecl const*, clang::ento::AnalysisManager&, clang::ento::BugReporter&) const::LocalVisitor>::TraverseObjCMessageExpr(clang::ObjCMessageExpr*, llvm::SmallVectorImpl<llvm::PointerIntPair<clang::Stmt*, 1u, bool, llvm::PointerLikeTypeTraits<clang::Stmt*>, llvm::PointerIntPairInfo<clang::Stmt*, 1u, llvm::PointerLikeTypeTraits<clang::Stmt*>>>>*) ForwardDeclChecker.cpp:0:0
#14 0x00005f939db1ea69 clang::RecursiveASTVisitor<(anonymous namespace)::ForwardDeclChecker::checkASTDecl(clang::TranslationUnitDecl const*, clang::ento::AnalysisManager&, clang::ento::BugReporter&) const::LocalVisitor>::TraverseStmt(clang::Stmt*, llvm::SmallVectorImpl<llvm::PointerIntPair<clang::Stmt*, 1u, bool, llvm::PointerLikeTypeTraits<clang::Stmt*>, llvm::PointerIntPairInfo<clang::Stmt*, 1u, llvm::PointerLikeTypeTraits<clang::Stmt*>>>>*) (.constprop.0) ForwardDeclChecker.cpp:0:0
#15 0x00005f939db2f7f5 clang::RecursiveASTVisitor<(anonymous namespace)::ForwardDeclChecker::checkASTDecl(clang::TranslationUnitDecl const*, clang::ento::AnalysisManager&, clang::ento::BugReporter&) const::LocalVisitor>::TraverseFunctionHelper(clang::FunctionDecl*) ForwardDeclChecker.cpp:0:0
#16 0x00005f939db2fa33 clang::RecursiveASTVisitor<(anonymous namespace)::ForwardDeclChecker::checkASTDecl(clang::TranslationUnitDecl const*, clang::ento::AnalysisManager&, clang::ento::BugReporter&) const::LocalVisitor>::TraverseCXXMethodDecl(clang::CXXMethodDecl*) ForwardDeclChecker.cpp:0:0
#17 0x00005f939db1844e clang::RecursiveASTVisitor<(anonymous namespace)::ForwardDeclChecker::checkASTDecl(clang::TranslationUnitDecl const*, clang::ento::AnalysisManager&, clang::ento::BugReporter&) const::LocalVisitor>::TraverseDeclContextHelper(clang::DeclContext*) (.part.0) ForwardDeclChecker.cpp:0:0
#18 0x00005f939db1763b clang::RecursiveASTVisitor<(anonymous namespace)::ForwardDeclChecker::checkASTDecl(clang::TranslationUnitDecl const*, clang::ento::AnalysisManager&, clang::ento::BugReporter&) const::LocalVisitor>::TraverseDecl(clang::Decl*) ForwardDeclChecker.cpp:0:0
#19 0x00005f939db280c3 clang::RecursiveASTVisitor<(anonymous namespace)::ForwardDeclChecker::checkASTDecl(clang::TranslationUnitDecl const*, clang::ento::AnalysisManager&, clang::ento::BugReporter&) const::LocalVisitor>::TraverseClassTemplateDecl(clang::ClassTemplateDecl*) ForwardDeclChecker.cpp:0:0
#20 0x00005f939db1844e clang::RecursiveASTVisitor<(anonymous namespace)::ForwardDeclChecker::checkASTDecl(clang::TranslationUnitDecl const*, clang::ento::AnalysisManager&, clang::ento::BugReporter&) const::LocalVisitor>::TraverseDeclContextHelper(clang::DeclContext*) (.part.0) ForwardDeclChecker.cpp:0:0
#21 0x00005f939db17c88 clang::RecursiveASTVisitor<(anonymous namespace)::ForwardDeclChecker::checkASTDecl(clang::TranslationUnitDecl const*, clang::ento::AnalysisManager&, clang::ento::BugReporter&) const::LocalVisitor>::TraverseDecl(clang::Decl*) ForwardDeclChecker.cpp:0:0
#22 0x00005f939db1844e clang::RecursiveASTVisitor<(anonymous namespace)::ForwardDeclChecker::checkASTDecl(clang::TranslationUnitDecl const*, clang::ento::AnalysisManager&, clang::ento::BugReporter&) const::LocalVisitor>::TraverseDeclContextHelper(clang::DeclContext*) (.part.0) ForwardDeclChecker.cpp:0:0
#23 0x00005f939db271bb clang::RecursiveASTVisitor<(anonymous namespace)::ForwardDeclChecker::checkASTDecl(clang::TranslationUnitDecl const*, clang::ento::AnalysisManager&, clang::ento::BugReporter&) const::LocalVisitor>::TraverseTranslationUnitDecl(clang::TranslationUnitDecl*) ForwardDeclChecker.cpp:0:0
#24 0x00005f939db184e4 void clang::ento::check::ASTDecl<clang::TranslationUnitDecl>::_checkDecl<(anonymous namespace)::ForwardDeclChecker>(void*, clang::Decl const*, clang::ento::AnalysisManager&, clang::ento::BugReporter&) ForwardDeclChecker.cpp:0:0
#25 0x00005f939dbe3b99 clang::ento::CheckerManager::runCheckersOnASTDecl(clang::Decl const*, clang::ento::AnalysisManager&, clang::ento::BugReporter&) (/home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/build/bin/clang+0x4444b99)
#26 0x00005f939d7b8e19 (anonymous namespace)::AnalysisConsumer::HandleTranslationUnit(clang::ASTContext&) AnalysisConsumer.cpp:0:0
#27 0x00005f939dd7e48c clang::ParseAST(clang::Sema&, bool, bool) (/home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/build/bin/clang+0x45df48c)
#28 0x00005f939c5cd6a9 clang::FrontendAction::Execute() (/home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/build/bin/clang+0x2e2e6a9)
#29 0x00005f939c54c4f5 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/build/bin/clang+0x2dad4f5)
#30 0x00005f939c6b5608 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/build/bin/clang+0x2f16608)
#31 0x00005f939a429687 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/build/bin/clang+0xc8a687)
#32 0x00005f939a41fd9a ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&, llvm::ToolContext const&) driver.cpp:0:0
#33 0x00005f939a42437e clang_main(int, char**, llvm::ToolContext const&) (/home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/build/bin/clang+0xc8537e)
#34 0x00005f939a35220b main (/home/buildbot/buildbot-root/llvm-clang-x86_64-sie-ubuntu-fast/build/bin/clang+0xbb320b)
#35 0x00007b4a8f839d90 __libc_start_call_main ./csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#36 0x00007b4a8f839e40 call_init ./csu/../csu/libc-start.c:128:20
#37 0x00007b4a8f839e40 __libc_start_main ./csu/../csu/libc-start.c:379:5
...

[rniwa]

Oops, fixing this in #133341.