Sorted instances of Check by ghewgill · Pull Request #12 · danmar/cppcheck

ghewgill · 2011-02-02T10:09:21Z

I noticed that the instances().sort() in Check::Check() doesn't actually sort anything.

The first commit adds a test case to check whether the instances list really is sorted. This should fail.

The second commit addresses a problem with the virtual name() function. If the sort() actually did something (see below), it would try to call the pure virtual name() function before the Check instance was fully constructed. This is likely to crash depending on the library's behaviour when pure virtual functions are called. Each derived class passes its name to the Check constructor(s) which stores it in a local instance variable so the sort has something to compare.

The third commit addresses the sort operation itself. Sorting a list of pointers compares pointer values, not what they point to; the operator<(const Check *) never gets called. This commit specialises std::less<Check *> and passes an instance of that to the sort() function as a comparator.

… Check::name()

danmar · 2011-02-02T14:09:59Z

interesting.. I'll look into it in the evening

danmar · 2011-02-02T17:36:59Z

I merged it with:
26b21a5

It is still very broken, but at least, it does not fail. Here is the previous error: ``` TestSimplifyTypedef::simplifyTypedef129 terminate called after throwing an instance of 'InternalError' Program received signal SIGABRT, Aborted. __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 51 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory. (gdb) bt #0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 #1 0x00007ffff612a801 in __GI_abort () at abort.c:79 danmar#2 0x00007ffff6b1d957 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6 danmar#3 0x00007ffff6b23ab6 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6 danmar#4 0x00007ffff6b23af1 in std::terminate() () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6 danmar#5 0x00007ffff6b23d24 in __cxa_throw () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6 danmar#6 0x0000555556366bf8 in Tokenizer::cppcheckError (this=0x7fffffffc2d0, tok=0x607000006760) at ../lib/tokenize.cpp:8721 danmar#7 0x000055555636a4bb in Tokenizer::validate (this=0x7fffffffc2d0) at ../lib/tokenize.cpp:9154 danmar#8 0x000055555633e3aa in Tokenizer::simplifyTokenList1 (this=0x7fffffffc2d0, FileName=0x603000002d50 "test.cpp") at ../lib/tokenize.cpp:4477 danmar#9 0x00005555563223ca in Tokenizer::simplifyTokens1 (this=0x7fffffffc2d0, configuration="") at ../lib/tokenize.cpp:2286 danmar#10 0x00005555563235c8 in Tokenizer::tokenize (this=0x7fffffffc2d0, code=..., FileName=0x555556fda9a0 "test.cpp", configuration="") at ../lib/tokenize.cpp:2345 danmar#11 0x00005555569410ea in TestSimplifyTypedef::tok[abi:cxx11](char const*, bool, cppcheck::Platform::PlatformType, bool) (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>, code=0x7fffffffcb70 "class c {\n typedef char foo[4];\n foo _a;\n constexpr operator foo &() const noexcept { return _a; }\n};", simplify=false, type=cppcheck::Platform::Native, debugwarnings=true) at ../test/testsimplifytypedef.cpp:192 danmar#12 0x000055555697239e in TestSimplifyTypedef::simplifyTypedef129 (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>) at ../test/testsimplifytypedef.cpp:2599 danmar#13 0x000055555694092c in TestSimplifyTypedef::run (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>) at ../test/testsimplifytypedef.cpp:167 danmar#14 0x00005555569cab84 in TestFixture::run (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>, str="simplifyTypedef129") at ../test/testsuite.cpp:306 danmar#15 0x00005555569cb445 in TestFixture::runTests (args=...) at ../test/testsuite.cpp:329 danmar#16 0x000055555687bdfb in main (argc=2, argv=0x7fffffffd988) at ../test/testrunner.cpp:44 ```

* Better handle const/noexcept methods/conversion operator const or noexcept in a method / (conversion) operator definition were badly parsed, ending in a bad ast. This patch tries to make it better, at least making the ast less bad, so as to avoid errors in later checks. * Fix parsing of some operator It is still very broken, but at least, it does not fail. Here is the previous error: ``` TestSimplifyTypedef::simplifyTypedef129 terminate called after throwing an instance of 'InternalError' Program received signal SIGABRT, Aborted. __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 51 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory. (gdb) bt #0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 #1 0x00007ffff612a801 in __GI_abort () at abort.c:79 #2 0x00007ffff6b1d957 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6 #3 0x00007ffff6b23ab6 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6 #4 0x00007ffff6b23af1 in std::terminate() () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6 #5 0x00007ffff6b23d24 in __cxa_throw () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6 #6 0x0000555556366bf8 in Tokenizer::cppcheckError (this=0x7fffffffc2d0, tok=0x607000006760) at ../lib/tokenize.cpp:8721 #7 0x000055555636a4bb in Tokenizer::validate (this=0x7fffffffc2d0) at ../lib/tokenize.cpp:9154 #8 0x000055555633e3aa in Tokenizer::simplifyTokenList1 (this=0x7fffffffc2d0, FileName=0x603000002d50 "test.cpp") at ../lib/tokenize.cpp:4477 #9 0x00005555563223ca in Tokenizer::simplifyTokens1 (this=0x7fffffffc2d0, configuration="") at ../lib/tokenize.cpp:2286 #10 0x00005555563235c8 in Tokenizer::tokenize (this=0x7fffffffc2d0, code=..., FileName=0x555556fda9a0 "test.cpp", configuration="") at ../lib/tokenize.cpp:2345 #11 0x00005555569410ea in TestSimplifyTypedef::tok[abi:cxx11](char const*, bool, cppcheck::Platform::PlatformType, bool) (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>, code=0x7fffffffcb70 "class c {\n typedef char foo[4];\n foo _a;\n constexpr operator foo &() const noexcept { return _a; }\n};", simplify=false, type=cppcheck::Platform::Native, debugwarnings=true) at ../test/testsimplifytypedef.cpp:192 #12 0x000055555697239e in TestSimplifyTypedef::simplifyTypedef129 (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>) at ../test/testsimplifytypedef.cpp:2599 #13 0x000055555694092c in TestSimplifyTypedef::run (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>) at ../test/testsimplifytypedef.cpp:167 #14 0x00005555569cab84 in TestFixture::run (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>, str="simplifyTypedef129") at ../test/testsuite.cpp:306 #15 0x00005555569cb445 in TestFixture::runTests (args=...) at ../test/testsuite.cpp:329 #16 0x000055555687bdfb in main (argc=2, argv=0x7fffffffd988) at ../test/testrunner.cpp:44 ``` * Replace some ASSERT_EQUALS with TODO_ASSERT_EQUALS when the actual result is still wrong * Remove invalid code from simplifyTypedef129 * Properly skip parentheses

* Better handle const/noexcept methods/conversion operator const or noexcept in a method / (conversion) operator definition were badly parsed, ending in a bad ast. This patch tries to make it better, at least making the ast less bad, so as to avoid errors in later checks. * Fix parsing of some operator It is still very broken, but at least, it does not fail. Here is the previous error: ``` TestSimplifyTypedef::simplifyTypedef129 terminate called after throwing an instance of 'InternalError' Program received signal SIGABRT, Aborted. __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 51 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory. (gdb) bt #0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51 #1 0x00007ffff612a801 in __GI_abort () at abort.c:79 danmar#2 0x00007ffff6b1d957 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6 danmar#3 0x00007ffff6b23ab6 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6 danmar#4 0x00007ffff6b23af1 in std::terminate() () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6 danmar#5 0x00007ffff6b23d24 in __cxa_throw () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6 danmar#6 0x0000555556366bf8 in Tokenizer::cppcheckError (this=0x7fffffffc2d0, tok=0x607000006760) at ../lib/tokenize.cpp:8721 danmar#7 0x000055555636a4bb in Tokenizer::validate (this=0x7fffffffc2d0) at ../lib/tokenize.cpp:9154 danmar#8 0x000055555633e3aa in Tokenizer::simplifyTokenList1 (this=0x7fffffffc2d0, FileName=0x603000002d50 "test.cpp") at ../lib/tokenize.cpp:4477 danmar#9 0x00005555563223ca in Tokenizer::simplifyTokens1 (this=0x7fffffffc2d0, configuration="") at ../lib/tokenize.cpp:2286 danmar#10 0x00005555563235c8 in Tokenizer::tokenize (this=0x7fffffffc2d0, code=..., FileName=0x555556fda9a0 "test.cpp", configuration="") at ../lib/tokenize.cpp:2345 danmar#11 0x00005555569410ea in TestSimplifyTypedef::tok[abi:cxx11](char const*, bool, cppcheck::Platform::PlatformType, bool) (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>, code=0x7fffffffcb70 "class c {\n typedef char foo[4];\n foo _a;\n constexpr operator foo &() const noexcept { return _a; }\n};", simplify=false, type=cppcheck::Platform::Native, debugwarnings=true) at ../test/testsimplifytypedef.cpp:192 danmar#12 0x000055555697239e in TestSimplifyTypedef::simplifyTypedef129 (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>) at ../test/testsimplifytypedef.cpp:2599 danmar#13 0x000055555694092c in TestSimplifyTypedef::run (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>) at ../test/testsimplifytypedef.cpp:167 danmar#14 0x00005555569cab84 in TestFixture::run (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>, str="simplifyTypedef129") at ../test/testsuite.cpp:306 danmar#15 0x00005555569cb445 in TestFixture::runTests (args=...) at ../test/testsuite.cpp:329 danmar#16 0x000055555687bdfb in main (argc=2, argv=0x7fffffffd988) at ../test/testrunner.cpp:44 ``` * Replace some ASSERT_EQUALS with TODO_ASSERT_EQUALS when the actual result is still wrong * Remove invalid code from simplifyTypedef129 * Properly skip parentheses

AddressSanitizer:DEADLYSIGNAL ================================================================= ==232899==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000050 (pc 0x55abb8090d86 bp 0x7ffcbc7b97b0 sp 0x7ffcbc7b96a0 T0) ==232899==The signal is caused by a READ memory access. ==232899==Hint: address points to the zero page. #0 0x55abb8090d86 in Token::varId() const /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/token.h:871:16 #1 0x55abb8090d86 in CheckFunctions::useStandardLibrary() /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/checkfunctions.cpp:769:80 danmar#2 0x55abb80926ed in CheckFunctions::runChecks(Tokenizer const&, ErrorLogger*) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/checkfunctions.h:77:24 danmar#3 0x55abb8355804 in CppCheck::checkNormalTokens(Tokenizer const&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/cppcheck.cpp:1103:20 danmar#4 0x55abb8369c2d in CppCheck::checkFile(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::istream*) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/cppcheck.cpp:936:17 danmar#5 0x55abb83754f1 in CppCheck::check(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/cppcheck.cpp:558:12 danmar#6 0x55abb7d7ed03 in LLVMFuzzerTestOneInput /home/user/CLionProjects/cppcheck-rider/oss-fuzz/main.cpp:45:18 danmar#7 0x55abb7c25538 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x573538) (BuildId: 9b6f489166c86142b87bd650e508e6d1ecb4ca9c) danmar#8 0x55abb7c26210 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x574210) (BuildId: 9b6f489166c86142b87bd650e508e6d1ecb4ca9c) danmar#9 0x55abb7c272a1 in fuzzer::Fuzzer::MutateAndTestOne() (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5752a1) (BuildId: 9b6f489166c86142b87bd650e508e6d1ecb4ca9c) danmar#10 0x55abb7c280c7 in fuzzer::Fuzzer::Loop(std::vector<fuzzer::SizedFile, std::allocator<fuzzer::SizedFile>>&) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5760c7) (BuildId: 9b6f489166c86142b87bd650e508e6d1ecb4ca9c) danmar#11 0x55abb7c085b2 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5565b2) (BuildId: 9b6f489166c86142b87bd650e508e6d1ecb4ca9c) danmar#12 0x55abb7b8cfa7 in main (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x4dafa7) (BuildId: 9b6f489166c86142b87bd650e508e6d1ecb4ca9c) danmar#13 0x7f5b5e558ccf (/usr/lib/libc.so.6+0x27ccf) (BuildId: 8bfe03f6bf9b6a6e2591babd0bbc266837d8f658) danmar#14 0x7f5b5e558d89 in __libc_start_main (/usr/lib/libc.so.6+0x27d89) (BuildId: 8bfe03f6bf9b6a6e2591babd0bbc266837d8f658) danmar#15 0x55abb7bf2354 in _start (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x540354) (BuildId: 9b6f489166c86142b87bd650e508e6d1ecb4ca9c) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/token.h:871:16 in Token::varId() const ==232899==ABORTING

==237109==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000050 (pc 0x559a429ab30d bp 0x7ffdfaee8450 sp 0x7ffdfaee8320 T0) ==237109==The signal is caused by a READ memory access. ==237109==Hint: address points to the zero page. #0 0x559a429ab30d in Token::valueType() const /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/token.h:332:16 #1 0x559a429ab30d in CheckOther::checkIncompleteStatement() /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/checkother.cpp:1941:79 danmar#2 0x559a42a05e0c in CheckOther::runChecks(Tokenizer const&, ErrorLogger*) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/checkother.h:102:20 danmar#3 0x559a42b9e824 in CppCheck::checkNormalTokens(Tokenizer const&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/cppcheck.cpp:1103:20 danmar#4 0x559a42bb2c4d in CppCheck::checkFile(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::istream*) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/cppcheck.cpp:936:17 danmar#5 0x559a42bbe511 in CppCheck::check(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/cppcheck.cpp:558:12 danmar#6 0x559a425c7d03 in LLVMFuzzerTestOneInput /home/user/CLionProjects/cppcheck-rider/oss-fuzz/main.cpp:45:18 danmar#7 0x559a4246e538 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x573538) (BuildId: fb3fc26fe0a2374418e90abefc930d3bf5ef711a) danmar#8 0x559a4246f210 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x574210) (BuildId: fb3fc26fe0a2374418e90abefc930d3bf5ef711a) danmar#9 0x559a424702a1 in fuzzer::Fuzzer::MutateAndTestOne() (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5752a1) (BuildId: fb3fc26fe0a2374418e90abefc930d3bf5ef711a) danmar#10 0x559a424710c7 in fuzzer::Fuzzer::Loop(std::vector<fuzzer::SizedFile, std::allocator<fuzzer::SizedFile>>&) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5760c7) (BuildId: fb3fc26fe0a2374418e90abefc930d3bf5ef711a) danmar#11 0x559a424515b2 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5565b2) (BuildId: fb3fc26fe0a2374418e90abefc930d3bf5ef711a) danmar#12 0x559a423d5fa7 in main (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x4dafa7) (BuildId: fb3fc26fe0a2374418e90abefc930d3bf5ef711a) danmar#13 0x7f0546b58ccf (/usr/lib/libc.so.6+0x27ccf) (BuildId: 8bfe03f6bf9b6a6e2591babd0bbc266837d8f658) danmar#14 0x7f0546b58d89 in __libc_start_main (/usr/lib/libc.so.6+0x27d89) (BuildId: 8bfe03f6bf9b6a6e2591babd0bbc266837d8f658) danmar#15 0x559a4243b354 in _start (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x540354) (BuildId: fb3fc26fe0a2374418e90abefc930d3bf5ef711a) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/token.h:332:16 in Token::valueType() const ==237109==ABORTING

AddressSanitizer:DEADLYSIGNAL ================================================================= ==239799==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000050 (pc 0x559dd20fb7f0 bp 0x7fff65cb9cf0 sp 0x7fff65cb96e0 T0) ==239799==The signal is caused by a READ memory access. ==239799==Hint: address points to the zero page. #0 0x559dd20fb7f0 in Token::exprId() const /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/token.h:884:13 #1 0x559dd20fb7f0 in programMemoryParseCondition(ProgramMemory&, Token const*, Token const*, Settings const*, bool) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/programmemory.cpp:323:21 danmar#2 0x559dd20fb3b5 in programMemoryParseCondition(ProgramMemory&, Token const*, Token const*, Settings const*, bool) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/programmemory.cpp:307:9 danmar#3 0x559dd20fb3b5 in programMemoryParseCondition(ProgramMemory&, Token const*, Token const*, Settings const*, bool) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/programmemory.cpp:307:9 danmar#4 0x559dd210c712 in fillProgramMemoryFromConditions(ProgramMemory&, Scope const*, Token const*, Settings const*) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/programmemory.cpp:350:13 danmar#5 0x559dd210c58c in fillProgramMemoryFromConditions(ProgramMemory&, Scope const*, Token const*, Settings const*) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/programmemory.cpp:341:5 danmar#6 0x559dd20fec3d in fillProgramMemoryFromConditions(ProgramMemory&, Token const*, Settings const*) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/programmemory.cpp:356:5 danmar#7 0x559dd20fec3d in ProgramMemoryState::addState(Token const*, std::unordered_map<ExprIdToken, ValueFlow::Value, ExprIdToken::Hash, std::equal_to<ExprIdToken>, std::allocator<std::pair<ExprIdToken const, ValueFlow::Value>>> const&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/programmemory.cpp:471:5 danmar#8 0x559dd2538e25 in ValueFlowAnalyzer::updateState(Token const*) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/valueflow.cpp:3046:13 danmar#9 0x559dd1fa7380 in valueFlowGenericForward(Token*, Token const*, ValuePtr<Analyzer> const&, TokenList const&, ErrorLogger*, Settings const&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/forwardanalyzer.cpp:913:22 danmar#10 0x559dd252f52a in valueFlowForward(Token*, Token const*, Token const*, ValueFlow::Value, TokenList const&, ErrorLogger*, Settings const&, SourceLocation) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/valueflow.cpp:2119:12 danmar#11 0x559dd2579491 in valueFlowSymbolic(TokenList const&, SymbolDatabase const&, ErrorLogger*, Settings const&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/valueflow.cpp:5513:13 danmar#12 0x559dd2579491 in ValueFlow::setValues(TokenList&, SymbolDatabase&, ErrorLogger*, Settings const&, TimerResultsIntf*)::$_10::operator()(TokenList&, SymbolDatabase&, ErrorLogger*, Settings const&, std::set<Scope const*, std::less<Scope const*>, std::allocator<Scope const*>> const&) const /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/valueflow.cpp:9565:9 danmar#13 0x559dd2579491 in ValueFlowPassAdaptor<ValueFlow::setValues(TokenList&, SymbolDatabase&, ErrorLogger*, Settings const&, TimerResultsIntf*)::$_10>::run(ValueFlowState const&) const /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/valueflow.cpp:9500:9 danmar#14 0x559dd24dfda4 in ValueFlowPassRunner::run(ValuePtr<ValueFlowPass> const&) const /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/valueflow.cpp:9428:19 danmar#15 0x559dd24df868 in ValueFlowPassRunner::run_once(std::initializer_list<ValuePtr<ValueFlowPass>>) const::'lambda'(ValuePtr<ValueFlowPass> const&)::operator()(ValuePtr<ValueFlowPass> const&) const /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/valueflow.cpp:9385:20 danmar#16 0x559dd24df868 in bool __gnu_cxx::__ops::_Iter_pred<ValueFlowPassRunner::run_once(std::initializer_list<ValuePtr<ValueFlowPass>>) const::'lambda'(ValuePtr<ValueFlowPass> const&)>::operator()<ValuePtr<ValueFlowPass> const*>(ValuePtr<ValueFlowPass> const*) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/13.2.1/../../../../include/c++/13.2.1/bits/predefined_ops.h:318:16 danmar#17 0x559dd24df868 in ValuePtr<ValueFlowPass> const* std::__find_if<ValuePtr<ValueFlowPass> const*, __gnu_cxx::__ops::_Iter_pred<ValueFlowPassRunner::run_once(std::initializer_list<ValuePtr<ValueFlowPass>>) const::'lambda'(ValuePtr<ValueFlowPass> const&)>>(ValuePtr<ValueFlowPass> const*, ValuePtr<ValueFlowPass> const*, __gnu_cxx::__ops::_Iter_pred<ValueFlowPassRunner::run_once(std::initializer_list<ValuePtr<ValueFlowPass>>) const::'lambda'(ValuePtr<ValueFlowPass> const&)>, std::random_access_iterator_tag) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/13.2.1/../../../../include/c++/13.2.1/bits/stl_algobase.h:2080:8 danmar#18 0x559dd24ac9b3 in ValuePtr<ValueFlowPass> const* std::__find_if<ValuePtr<ValueFlowPass> const*, __gnu_cxx::__ops::_Iter_pred<ValueFlowPassRunner::run_once(std::initializer_list<ValuePtr<ValueFlowPass>>) const::'lambda'(ValuePtr<ValueFlowPass> const&)>>(ValuePtr<ValueFlowPass> const*, ValuePtr<ValueFlowPass> const*, __gnu_cxx::__ops::_Iter_pred<ValueFlowPassRunner::run_once(std::initializer_list<ValuePtr<ValueFlowPass>>) const::'lambda'(ValuePtr<ValueFlowPass> const&)>) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/13.2.1/../../../../include/c++/13.2.1/bits/stl_algobase.h:2117:14 danmar#19 0x559dd24ac9b3 in ValuePtr<ValueFlowPass> const* std::find_if<ValuePtr<ValueFlowPass> const*, ValueFlowPassRunner::run_once(std::initializer_list<ValuePtr<ValueFlowPass>>) const::'lambda'(ValuePtr<ValueFlowPass> const&)>(ValuePtr<ValueFlowPass> const*, ValuePtr<ValueFlowPass> const*, ValueFlowPassRunner::run_once(std::initializer_list<ValuePtr<ValueFlowPass>>) const::'lambda'(ValuePtr<ValueFlowPass> const&)) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/13.2.1/../../../../include/c++/13.2.1/bits/stl_algo.h:3923:14 danmar#20 0x559dd24ac9b3 in bool std::none_of<ValuePtr<ValueFlowPass> const*, ValueFlowPassRunner::run_once(std::initializer_list<ValuePtr<ValueFlowPass>>) const::'lambda'(ValuePtr<ValueFlowPass> const&)>(ValuePtr<ValueFlowPass> const*, ValuePtr<ValueFlowPass> const*, ValueFlowPassRunner::run_once(std::initializer_list<ValuePtr<ValueFlowPass>>) const::'lambda'(ValuePtr<ValueFlowPass> const&)) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/13.2.1/../../../../include/c++/13.2.1/bits/stl_algo.h:477:24 danmar#21 0x559dd24ac9b3 in bool std::any_of<ValuePtr<ValueFlowPass> const*, ValueFlowPassRunner::run_once(std::initializer_list<ValuePtr<ValueFlowPass>>) const::'lambda'(ValuePtr<ValueFlowPass> const&)>(ValuePtr<ValueFlowPass> const*, ValuePtr<ValueFlowPass> const*, ValueFlowPassRunner::run_once(std::initializer_list<ValuePtr<ValueFlowPass>>) const::'lambda'(ValuePtr<ValueFlowPass> const&)) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/13.2.1/../../../../include/c++/13.2.1/bits/stl_algo.h:496:15 danmar#22 0x559dd24ac9b3 in ValueFlowPassRunner::run_once(std::initializer_list<ValuePtr<ValueFlowPass>>) const /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/valueflow.cpp:9384:16 danmar#23 0x559dd24ac9b3 in ValueFlow::setValues(TokenList&, SymbolDatabase&, ErrorLogger*, Settings const&, TimerResultsIntf*) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/valueflow.cpp:9554:12 danmar#24 0x559dd2392276 in Tokenizer::simplifyTokens1(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenize.cpp:3395:13 danmar#25 0x559dd1ed4304 in CppCheck::checkFile(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::istream*) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/cppcheck.cpp:906:32 danmar#26 0x559dd1ee0521 in CppCheck::check(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/cppcheck.cpp:558:12 danmar#27 0x559dd18e9d03 in LLVMFuzzerTestOneInput /home/user/CLionProjects/cppcheck-rider/oss-fuzz/main.cpp:45:18 danmar#28 0x559dd1790538 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x573538) (BuildId: c702153d07ad5f19357ff1899a39d599da20f3e2) danmar#29 0x559dd1791210 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x574210) (BuildId: c702153d07ad5f19357ff1899a39d599da20f3e2) danmar#30 0x559dd17922a1 in fuzzer::Fuzzer::MutateAndTestOne() (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5752a1) (BuildId: c702153d07ad5f19357ff1899a39d599da20f3e2) danmar#31 0x559dd17930c7 in fuzzer::Fuzzer::Loop(std::vector<fuzzer::SizedFile, std::allocator<fuzzer::SizedFile>>&) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5760c7) (BuildId: c702153d07ad5f19357ff1899a39d599da20f3e2) danmar#32 0x559dd17735b2 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5565b2) (BuildId: c702153d07ad5f19357ff1899a39d599da20f3e2) danmar#33 0x559dd16f7fa7 in main (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x4dafa7) (BuildId: c702153d07ad5f19357ff1899a39d599da20f3e2) danmar#34 0x7feca7a45ccf (/usr/lib/libc.so.6+0x27ccf) (BuildId: 8bfe03f6bf9b6a6e2591babd0bbc266837d8f658) danmar#35 0x7feca7a45d89 in __libc_start_main (/usr/lib/libc.so.6+0x27d89) (BuildId: 8bfe03f6bf9b6a6e2591babd0bbc266837d8f658) danmar#36 0x559dd175d354 in _start (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x540354) (BuildId: c702153d07ad5f19357ff1899a39d599da20f3e2) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/token.h:884:13 in Token::exprId() const ==239799==ABORTING

AddressSanitizer:DEADLYSIGNAL ================================================================= ==247105==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000040 (pc 0x55dd2f3cde37 bp 0x7ffcb1f26ad0 sp 0x7ffcb1f269a0 T0) ==247105==The signal is caused by a READ memory access. ==247105==Hint: address points to the zero page. #0 0x55dd2f3cde37 in Token::variable() const /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/token.h:1082:16 #1 0x55dd2f3cde37 in CheckUninitVar::isVariableUsage(Token const*, Library const&, bool, CheckUninitVar::Alloc, int) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/checkuninitvar.cpp:1290:42 danmar#2 0x55dd2f3c9322 in CheckUninitVar::isVariableUsage(Token const*, bool, CheckUninitVar::Alloc, int) const /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/checkuninitvar.cpp:1343:12 danmar#3 0x55dd2f3c9322 in CheckUninitVar::checkLoopBodyRecursive(Token const*, Variable const&, CheckUninitVar::Alloc, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, bool&) const /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/checkuninitvar.cpp:1037:39 danmar#4 0x55dd2f3b5995 in CheckUninitVar::checkLoopBody(Token const*, Variable const&, CheckUninitVar::Alloc, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, bool) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/checkuninitvar.cpp:1072:31 danmar#5 0x55dd2f3bbf99 in CheckUninitVar::checkScopeForVariable(Token const*, Variable const&, bool*, bool*, CheckUninitVar::Alloc*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::map<int, VariableValue, std::less<int>, std::allocator<std::pair<int const, VariableValue>>>&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/checkuninitvar.cpp:637:35 danmar#6 0x55dd2f3b3850 in CheckUninitVar::checkScope(Scope const*, std::set<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> const&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/checkuninitvar.cpp:201:17 danmar#7 0x55dd2f3b258a in CheckUninitVar::check() /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/checkuninitvar.cpp:131:13 danmar#8 0x55dd2f3d9d64 in CheckUninitVar::runChecks(Tokenizer const&, ErrorLogger*) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/checkuninitvar.h:86:24 danmar#9 0x55dd2f485834 in CppCheck::checkNormalTokens(Tokenizer const&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/cppcheck.cpp:1103:20 danmar#10 0x55dd2f499c5d in CppCheck::checkFile(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::istream*) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/cppcheck.cpp:936:17 danmar#11 0x55dd2f4a5521 in CppCheck::check(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/cppcheck.cpp:558:12 danmar#12 0x55dd2eeaed03 in LLVMFuzzerTestOneInput /home/user/CLionProjects/cppcheck-rider/oss-fuzz/main.cpp:45:18 danmar#13 0x55dd2ed55538 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x573538) (BuildId: a183bbe392f62ddef4ec71808dcbc702acf3775d) danmar#14 0x55dd2ed56210 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x574210) (BuildId: a183bbe392f62ddef4ec71808dcbc702acf3775d) danmar#15 0x55dd2ed572a1 in fuzzer::Fuzzer::MutateAndTestOne() (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5752a1) (BuildId: a183bbe392f62ddef4ec71808dcbc702acf3775d) danmar#16 0x55dd2ed580c7 in fuzzer::Fuzzer::Loop(std::vector<fuzzer::SizedFile, std::allocator<fuzzer::SizedFile>>&) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5760c7) (BuildId: a183bbe392f62ddef4ec71808dcbc702acf3775d) danmar#17 0x55dd2ed385b2 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5565b2) (BuildId: a183bbe392f62ddef4ec71808dcbc702acf3775d) danmar#18 0x55dd2ecbcfa7 in main (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x4dafa7) (BuildId: a183bbe392f62ddef4ec71808dcbc702acf3775d) danmar#19 0x7f09f9558ccf (/usr/lib/libc.so.6+0x27ccf) (BuildId: 8bfe03f6bf9b6a6e2591babd0bbc266837d8f658) danmar#20 0x7f09f9558d89 in __libc_start_main (/usr/lib/libc.so.6+0x27d89) (BuildId: 8bfe03f6bf9b6a6e2591babd0bbc266837d8f658) danmar#21 0x55dd2ed22354 in _start (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x540354) (BuildId: a183bbe392f62ddef4ec71808dcbc702acf3775d) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/token.h:1082:16 in Token::variable() const ==247105==ABORTING

AddressSanitizer:DEADLYSIGNAL ================================================================= ==247108==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000028 (pc 0x55e3348f5ccd bp 0x7ffc2c750a70 sp 0x7ffc2c7508a0 T0) ==247108==The signal is caused by a READ memory access. ==247108==Hint: address points to the zero page. #0 0x55e3348f5ccd in compilePrecedence2(Token*&, (anonymous namespace)::AST_state&) /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/13.2.1/../../../../include/c++/13.2.1/bits/stl_deque.h #1 0x55e3348f1a17 in compilePrecedence3(Token*&, (anonymous namespace)::AST_state&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenlist.cpp:1038:5 danmar#2 0x55e3348f13b5 in compilePointerToElem(Token*&, (anonymous namespace)::AST_state&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenlist.cpp:1137:5 danmar#3 0x55e3348f13b5 in compileMulDiv(Token*&, (anonymous namespace)::AST_state&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenlist.cpp:1147:5 danmar#4 0x55e3348f1095 in compileAddSub(Token*&, (anonymous namespace)::AST_state&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenlist.cpp:1166:5 danmar#5 0x55e3348f1095 in compileShift(Token*&, (anonymous namespace)::AST_state&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenlist.cpp:1176:5 danmar#6 0x55e3348f0d15 in compileThreewayComp(Token*&, (anonymous namespace)::AST_state&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenlist.cpp:1186:5 danmar#7 0x55e3348f0d15 in compileRelComp(Token*&, (anonymous namespace)::AST_state&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenlist.cpp:1196:5 danmar#8 0x55e3348f07b5 in compileEqComp(Token*&, (anonymous namespace)::AST_state&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenlist.cpp:1206:5 danmar#9 0x55e3348f07b5 in compileAnd(Token*&, (anonymous namespace)::AST_state&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenlist.cpp:1216:5 danmar#10 0x55e3348efe9a in compileXor(Token*&, (anonymous namespace)::AST_state&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenlist.cpp:1235:5 danmar#11 0x55e3348efe9a in compileOr(Token*&, (anonymous namespace)::AST_state&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenlist.cpp:1245:5 danmar#12 0x55e3348efe9a in compileLogicAnd(Token*&, (anonymous namespace)::AST_state&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenlist.cpp:1255:5 danmar#13 0x55e3348ee8d9 in compileLogicOr(Token*&, (anonymous namespace)::AST_state&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenlist.cpp:1274:5 danmar#14 0x55e3348ee8d9 in compileAssignTernary(Token*&, (anonymous namespace)::AST_state&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenlist.cpp:1284:5 danmar#15 0x55e3348eb768 in compileComma(Token*&, (anonymous namespace)::AST_state&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenlist.cpp:1325:5 danmar#16 0x55e3348eb768 in compileExpression(Token*&, (anonymous namespace)::AST_state&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenlist.cpp:1343:9 danmar#17 0x55e3348e0f49 in createAstAtToken(Token*, bool) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenlist.cpp:1689:9 danmar#18 0x55e3348dd43e in TokenList::createAst() const /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenlist.cpp:1717:15 danmar#19 0x55e334811894 in Tokenizer::simplifyTokens1(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/tokenize.cpp:3363:14 danmar#20 0x55e334354304 in CppCheck::checkFile(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::istream*) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/cppcheck.cpp:906:32 danmar#21 0x55e334360521 in CppCheck::check(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/cppcheck.cpp:558:12 danmar#22 0x55e333d69d03 in LLVMFuzzerTestOneInput /home/user/CLionProjects/cppcheck-rider/oss-fuzz/main.cpp:45:18 danmar#23 0x55e333c10538 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x573538) (BuildId: a183bbe392f62ddef4ec71808dcbc702acf3775d) danmar#24 0x55e333c11210 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x574210) (BuildId: a183bbe392f62ddef4ec71808dcbc702acf3775d) danmar#25 0x55e333c122a1 in fuzzer::Fuzzer::MutateAndTestOne() (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5752a1) (BuildId: a183bbe392f62ddef4ec71808dcbc702acf3775d) danmar#26 0x55e333c130c7 in fuzzer::Fuzzer::Loop(std::vector<fuzzer::SizedFile, std::allocator<fuzzer::SizedFile>>&) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5760c7) (BuildId: a183bbe392f62ddef4ec71808dcbc702acf3775d) danmar#27 0x55e333bf35b2 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5565b2) (BuildId: a183bbe392f62ddef4ec71808dcbc702acf3775d) danmar#28 0x55e333b77fa7 in main (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x4dafa7) (BuildId: a183bbe392f62ddef4ec71808dcbc702acf3775d) danmar#29 0x7fcdfb758ccf (/usr/lib/libc.so.6+0x27ccf) (BuildId: 8bfe03f6bf9b6a6e2591babd0bbc266837d8f658) danmar#30 0x7fcdfb758d89 in __libc_start_main (/usr/lib/libc.so.6+0x27d89) (BuildId: 8bfe03f6bf9b6a6e2591babd0bbc266837d8f658) danmar#31 0x55e333bdd354 in _start (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x540354) (BuildId: a183bbe392f62ddef4ec71808dcbc702acf3775d) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /usr/bin/../lib64/gcc/x86_64-pc-linux-gnu/13.2.1/../../../../include/c++/13.2.1/bits/stl_deque.h in compilePrecedence2(Token*&, (anonymous namespace)::AST_state&) ==247108==ABORTING

==259642== ERROR: libFuzzer: timeout after 1537 seconds #0 0x55762d55826f in __sanitizer_print_stack_trace (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x69126f) (BuildId: 2562fad265b6bfd58db51b519e5f777c259c8898) #1 0x55762d45b3a5 in fuzzer::PrintStackTrace() (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5943a5) (BuildId: 2562fad265b6bfd58db51b519e5f777c259c8898) danmar#2 0x55762d43a2b2 in fuzzer::Fuzzer::StaticAlarmCallback() (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5732b2) (BuildId: 2562fad265b6bfd58db51b519e5f777c259c8898) danmar#3 0x7fecb8d6f70f (/usr/lib/libc.so.6+0x3e70f) (BuildId: 8bfe03f6bf9b6a6e2591babd0bbc266837d8f658) danmar#4 0x55762d458f29 in __sanitizer_cov_trace_const_cmp1 (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x591f29) (BuildId: 2562fad265b6bfd58db51b519e5f777c259c8898) danmar#5 0x55762dfbf594 in multiCompareImpl(Token const*, char const*, int) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/token.cpp:641:31 danmar#6 0x55762dfbf594 in Token::Match(Token const*, char const*, int) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/token.cpp:787:29 danmar#7 0x55762dc05470 in getUnsafeFunction[abi:cxx11](Tokenizer const*, Settings const*, Scope const*, int, bool (*)(Settings const*, Token const*, long long*)) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/ctu.cpp:446:13 danmar#8 0x55762dc05470 in CTU::getUnsafeUsage[abi:cxx11](Tokenizer const*, Settings const*, bool (*)(Settings const*, Token const*, long long*)) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/ctu.cpp:485:71 danmar#9 0x55762d724f68 in CheckBufferOverrun::getFileInfo(Tokenizer const*, Settings const*) const /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/checkbufferoverrun.cpp:952:34 danmar#10 0x55762db6b343 in CppCheck::checkNormalTokens(Tokenizer const&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/cppcheck.cpp:1136:57 danmar#11 0x55762db7ec5d in CppCheck::checkFile(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::istream*) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/cppcheck.cpp:936:17 danmar#12 0x55762db8a521 in CppCheck::check(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> const&) /home/user/CLionProjects/cppcheck-rider/oss-fuzz/../lib/cppcheck.cpp:558:12 danmar#13 0x55762d593d03 in LLVMFuzzerTestOneInput /home/user/CLionProjects/cppcheck-rider/oss-fuzz/main.cpp:45:18 danmar#14 0x55762d43a538 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x573538) (BuildId: 2562fad265b6bfd58db51b519e5f777c259c8898) danmar#15 0x55762d43b210 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x574210) (BuildId: 2562fad265b6bfd58db51b519e5f777c259c8898) danmar#16 0x55762d43c2a1 in fuzzer::Fuzzer::MutateAndTestOne() (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5752a1) (BuildId: 2562fad265b6bfd58db51b519e5f777c259c8898) danmar#17 0x55762d43d0c7 in fuzzer::Fuzzer::Loop(std::vector<fuzzer::SizedFile, std::allocator<fuzzer::SizedFile>>&) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5760c7) (BuildId: 2562fad265b6bfd58db51b519e5f777c259c8898) danmar#18 0x55762d41d5b2 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x5565b2) (BuildId: 2562fad265b6bfd58db51b519e5f777c259c8898) danmar#19 0x55762d3a1fa7 in main (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x4dafa7) (BuildId: 2562fad265b6bfd58db51b519e5f777c259c8898) danmar#20 0x7fecb8d58ccf (/usr/lib/libc.so.6+0x27ccf) (BuildId: 8bfe03f6bf9b6a6e2591babd0bbc266837d8f658) danmar#21 0x7fecb8d58d89 in __libc_start_main (/usr/lib/libc.so.6+0x27d89) (BuildId: 8bfe03f6bf9b6a6e2591babd0bbc266837d8f658) danmar#22 0x55762d407354 in _start (/home/user/CLionProjects/cppcheck-rider/oss-fuzz/oss-fuzz-client+0x540354) (BuildId: 2562fad265b6bfd58db51b519e5f777c259c8898)