GrammaTech
Simple varargs example that crashes clang-mutate
The following is sufficient to crash clang-mutate.
#include <stdarg.h>
void write_trace_blobs(int n_vars, ...)
{
va_list ap;
}
Run with:
clang-mutate -sexp
-fields=children,opcode,class,counter,unbound_vals,unbound_funs,types,syn_ctx,parent_counter,macros,guard_stmt,full_stmt,begin_addr,end_addr,includes,declares,is_decl,opcode,children,begin_off,end_off,size,in_macro_expansion
-aux=asts,types,macros that-file.c -- -lpthread -lpthread
This will only crash clang-mutate when clang is built with assertions enabled.
Another way to reproduce this, without requiring header files, is:
void f(__builtin_va_list);
(Compile on Linux with GCC or Clang; MSVC uses a different builtin and so this won't reproduce when emulating MSVC.)
The issue boils down to the fact that we use a PresumedLoc for locations but have no strategy for what to do when that location is invalid. In this case, the location is invalid because the compiler generated the code for the user. What location should we fall back to in that circumstance, and how do we do it without littering the code with conditional branches?
With help from @jaruchti, it looks like we may not need to use PresumedLoc at all. It appears that we get the line and column information from it, but then don't do anything with it. I'll investigate whether this can be replaced with a less constrained source location type.