[LLVMbugs] [Bug 10616] New: Crash in static analyzer

[bugzilla-daemon at llvm.org]

http://llvm.org/bugs/show_bug.cgi?id=10616

           Summary: Crash in static analyzer
           Product: clang
           Version: trunk
          Platform: PC
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
        AssignedTo: kremenek at apple.com
        ReportedBy: chris at bubblescope.net
                CC: llvmbugs at cs.uiuc.edu


Created an attachment (id=7039)
 --> (http://llvm.org/bugs/attachment.cgi?id=7039)
crashing preprocessed file

The attached code crashes the static analyzer, but compiles fine in clang. This
file comes from the open source application 'GAP'.

The error I recieve is:

In file included from ../../src/finfield.c:1:
../../src/finfield.c:1395:45: warning: The left operand to '+' is always 0
    vX = ( (1)==0 ? 0 : ( (v)<=(1) ? (1)-(v)+1 : *(sX)-(v)+1 +(1) ) );
                                     ~~~~~~~^
../../src/finfield.c:1587:51: warning: The left operand to '+' is always 0
        vL = ( (1)==0 ? 0 : ( (vL)<=(1) ? (1)-(vL)+1 : *(sX)-(vL)+1 +(1) ) );
                                          ~~~~~~~~^
0  clang             0x0000000105068902
llvm::SmallVectorImpl<llvm_regmatch_t>::resize(unsigned int) + 1402
1  clang             0x0000000105068e89
llvm::SmallVectorImpl<llvm_regmatch_t>::resize(unsigned int) + 2817
2  libsystem_c.dylib 0x00007fff8e434cfa _sigtramp + 26
3  libsystem_c.dylib 0x00007fd04aa60e00 _sigtramp + 18446743870711709984
4  clang             0x00000001044730cc
clang::ento::EnhancedBugReport::registerInitialVisitors(clang::ento::BugReporterContext&,
clang::ento::ExplodedNode const*) + 52
5  clang             0x00000001044b8f0f
llvm::FoldingSetNodeWrapper<llvm::APSInt>::~FoldingSetNodeWrapper() + 38773
6  clang             0x00000001044b23c4
llvm::FoldingSetNodeWrapper<llvm::APSInt>::~FoldingSetNodeWrapper() + 11306
7  clang             0x00000001044b7b78
llvm::FoldingSetNodeWrapper<llvm::APSInt>::~FoldingSetNodeWrapper() + 33758
8  clang             0x0000000104463e52
clang::ASTContext::getQualifiedType(clang::QualType, clang::Qualifiers) const +
9900
9  clang             0x0000000104464186
clang::ASTContext::getQualifiedType(clang::QualType, clang::Qualifiers) const +
10720
10 clang             0x000000010446444b
clang::ASTContext::getQualifiedType(clang::QualType, clang::Qualifiers) const +
11429
11 clang             0x0000000104464723
clang::ASTContext::getQualifiedType(clang::QualType, clang::Qualifiers) const +
12157
12 clang             0x00000001041fca4f llvm::IRBuilder<false,
llvm::ConstantFolder, llvm::IRBuilderDefaultInserter<false>
>::CreatePHI(llvm::Type*, unsigned int, llvm::Twine const&) + 895
13 clang             0x000000010401c931 clang::io::Emit64(llvm::raw_ostream&,
unsigned long long) + 6177
14 clang             0x0000000104007295 char const** llvm::SmallVectorImpl<char
const*>::insert<__gnu_cxx::__normal_iterator<char const**, std::vector<char
const*, std::allocator<char const*> > > >(char const**,
__gnu_cxx::__normal_iterator<char const**, std::vector<char const*,
std::allocator<char const*> > >, __gnu_cxx::__normal_iterator<char const**,
std::vector<char const*, std::allocator<char const*> > >) + 2601
15 clang             0x0000000104001c2b
16 clang             0x00000001040045d8
llvm::formatted_raw_ostream::releaseStream() + 1596
17 clang             0x0000000104001134
Stack dump:
0.    Program arguments: /clang/bin//clang -cc1 -triple
x86_64-apple-macosx10.7.0 -analyze -disable-free -disable-llvm-verifier
-main-file-name out.c -analyzer-store=region
-analyzer-opt-analyze-nested-blocks -analyzer-eagerly-assume
-analyzer-checker=core -analyzer-checker=deadcode -analyzer-checker=security
-analyzer-checker=unix -analyzer-checker=osx -analyzer-output plist -w
-pic-level 1 -mdisable-fp-elim -masm-verbose -munwind-tables -target-cpu core2
-target-linker-version 126.3.2 -resource-dir /clang/bin/../lib/clang/3.0
-ferror-limit 19 -fmessage-length 0 -stack-protector 1 -fblocks
-fdiagnostics-show-option -analyzer-output=html -o
/var/folders/c2/j2pf8rdj4w1dr624t90z2q700000gn/T/scan-build-2011-08-09-3 -x c
out.c 
1.    <eof> parser at end of file
scan-build: 0 bugs found.
scan-build: The analyzer encountered problems on some source files.
scan-build: Preprocessed versions of these sources were deposited in
'/var/folders/c2/j2pf8rdj4w1dr624t90z2q700000gn/T/scan-build-2011-08-09-3/failures'.
scan-build: Please consider submitting a bug report using these files:
scan-build:   http://clang.llvm.org/StaticAnalysisUsage.html#filingbugs

-- 
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.