[19.1.0] clangd crashes while running boost-use-ranges clang-tidy check

[xb284524239]

My Environment：

OS: Windows 10
LLVM Version: 19.1.0 (include clangd、clang-tidy、clang++, etc.)
CMake Version: 3.30.3 
IDE: VSCode

Problem Description:
I have found after multiple attempts that when I configure the .clang-tidy file in the root directory of my project, the Clang Language Server frequently crashes to the point of being completely unusable. However, when I delete the .clang-tidy file, everything returns to normal.

The .clang-tidy file:

Checks: "
        *,
        -llvmlibc-*,
        -fuchsia-*,
"

[EugeneZelenko]

@xb284524239: Could you please try to run Clang-tidy standalone? Just to narrow down source of problem.

[xb284524239]

@xb284524239: Could you please try to run Clang-tidy standalone? Just to narrow down source of problem.

PS C:\Users\paul> clang-tidy --version
LLVM (http://llvm.org/):
  LLVM version 19.1.0
  Optimized build.
PS C:\Users\paul>

@EugeneZelenko Hello, I usually use it via VSCode. Could you please tell me how to use Clang-tidy standalone?

[EugeneZelenko]

See https://clang.llvm.org/extra/clang-tidy/. There is also run-clang-tidy script to run on compile database (could be generated by CMake).

[EugeneZelenko]

run-clang-tidy deals with compile database.

[xb284524239]

@EugeneZelenko
Hello Sir,

After multiple tests, I have finally identified the cause of the Clang Language Server crashes. The specific reasons are as follows:

1. The following .clang-tidy configuration file causes the Clang Language Server to crash:

Checks: "
        *
"

2. The following .clang-tidy configuration file does not cause the Clang Language Server to crash:

Checks: "
        *,
        -boost-use-ranges
"

The only difference between the two configuration files is that the second one includes an additional -boost-use-ranges configuration. Therefore, I suspect that there is a bug in clang-tidy.exe when handling the boost-use-ranges check, which leads to the Clang Language Server crashing.

By the way, my project is a very simple Hello-World-level demo and does not use the Boost library. If needed, I can send you my demo code (for testing purposes).

[llvmbot]

@llvm/issue-subscribers-clang-tidy

Author: Paul Xu (xb284524239)

``` My Environment：

OS: Windows 10
LLVM Version: 19.1.0 (include clangd、clang-tidy、clang++, etc.)
CMake Version: 3.30.3
IDE: VSCode

Problem Description:
I have found after multiple attempts that when I configure the `.clang-tidy` file in the root directory of my project, the Clang Language Server frequently crashes to the point of being completely unusable. However, when I delete the `.clang-tidy` file, everything returns to normal.


The `.clang-tidy` file: 

Checks: "
,
-llvmlibc-,
-fuchsia-*,
"

![bbb](https://github.com/user-attachments/assets/640c6803-42aa-47d0-9784-41d51323a181)

![20240920111639](https://github.com/user-attachments/assets/07cd7050-0e65-4f7f-87dc-7714818e46e5)

</details>

[EugeneZelenko]

@xb284524239: Please provide reproducer. https://godbolt.org should be helpful.

[xb284524239]

@EugeneZelenko

Hello, here is my demo code, and I have recorded a video to reproduce the issue. In my video, there is only one check item in the .clang-tidy file: boost-use-ranges. If I delete this check item or modify it to -boost-use-ranges, then the Clang Language Server will not crash.

# CMakeLists.txt

cmake_minimum_required(VERSION 3.30)
project(Test006 VERSION 0.1.0 LANGUAGES C CXX)
add_executable(Test006 main.cpp test.cpp)

// main.cpp

#include "test.h"
int main(int, char **) { test(); }

// test.h

#pragma once
void test();

// test.cpp

#include "test.h"
#include <iostream>
void test() {
  std::cout << "Hello, I'm only use for testing clang-tidy!" << std::endl;
}

// .clang-tidy

Checks: "boost-use-ranges"

6ff8f55f853bc24005a656594593d8ac.mp4

[HighCommander4]

Thank you @xb284524239 for the reduced code example. I can reproduce the crash using this example.

The crash occurs when opening test.cpp, but interestingly, it seems to only happen if test.h has been opened previously.

I have not been able to reproduce the crash with clangd --check=test.cpp, or with clang-tidy on the command line, which suggests that even though the crash is in a clang-tidy checker, it may only occur when the checker is run via clangd.

[llvmbot]

@llvm/issue-subscribers-clangd

Author: Paul Xu (xb284524239)

``` My Environment：

OS: Windows 10
LLVM Version: 19.1.0 (include clangd、clang-tidy、clang++, etc.)
CMake Version: 3.30.3
IDE: VSCode

Problem Description:
I have found after multiple attempts that when I configure the `.clang-tidy` file in the root directory of my project, the Clang Language Server frequently crashes to the point of being completely unusable. However, when I delete the `.clang-tidy` file, everything returns to normal.


The `.clang-tidy` file: 

Checks: "
,
-llvmlibc-,
-fuchsia-*,
"

![bbb](https://github.com/user-attachments/assets/640c6803-42aa-47d0-9784-41d51323a181)

![20240920111639](https://github.com/user-attachments/assets/07cd7050-0e65-4f7f-87dc-7714818e46e5)

</details>

[HighCommander4]

The reason for the crash is that UseRangesCheck::getReplacerMap() is capturing the local variable Results in the static lambda AddFrom. Since the lambda is static, when the function is called a second time, the lambda still references and uses the Result variable from the first invocation, which has been destroyed by that point. (Credit to @hia3 for spotting this here.)

To trigger the crash, it's sufficient to just open any two files in clangd with this checker enabled, even if the contents are empty, since each time a file is opened clangd will call into this function when registering the matchers for the checker.

The function does get called once for each source file with clang-tidy as well (e.g. with clang-tidy source1.cpp source2.cpp it will get called twice), but since the calls occur in sequence on the same thread, in my local testing the crash is avoided because the local variable has the same address each time. (It's still undefined behaviour, of course.) Clangd on the other hand will handle each file on its own thread, and thus with local variables stored in a different region on the stack, and the crash occurs fairly readily.

[HighCommander4]

Proposed fix: #111282

[xb284524239]

The reason for the crash is that UseRangesCheck::getReplacerMap() is capturing the local variable Results in the static lambda AddFrom. Since the lambda is static, when the function is called a second time, the lambda still references and uses the Result variable from the first invocation, which has been destroyed by that point. (Credit to @hia3 for spotting this here.)

To trigger the crash, it's sufficient to just open any two files in clangd with this checker enabled, even if the contents are empty, since each time a file is opened clangd will call into this function when registering the matchers for the checker.

The function does get called once for each source file with clang-tidy as well (e.g. with clang-tidy source1.cpp source2.cpp it will get called twice), but since the calls occur in sequence on the same thread, in my local testing the crash is avoided because the local variable has the same address each time. (It's still undefined behaviour, of course.) Clangd on the other hand will handle each file on its own thread, and thus with local variables stored in a different region on the stack, and the crash occurs fairly readily.

@HighCommander4 Thank you for telling me the reason.