[LLVMbugs] [Bug 11282] New: ExplodedGraph.h:95 -- void clang::ento::ExplodedNode::NodeGroup::setFlag(): Assertion `P == 0' failed.

bugzilla-daemon at llvm.org bugzilla-daemon at llvm.org
Tue Nov 1 03:45:19 PDT 2011 

http://llvm.org/bugs/show_bug.cgi?id=11282

             Bug #: 11282
           Summary: ExplodedGraph.h:95 -- void
                    clang::ento::ExplodedNode::NodeGroup::setFlag():
                    Assertion `P == 0' failed.
           Product: clang
           Version: trunk
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: Static Analyzer
        AssignedTo: kremenek at apple.com
        ReportedBy: dimhen at gmail.com
                CC: llvmbugs at cs.uiuc.edu
    Classification: Unclassified


$ clang --version
clang version 3.1 (trunk 143455)
Target: x86_64-unknown-linux-gnu
Thread model: posix

compiled by
$ gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/local/gcc_current/libexec/gcc/x86_64-unknown-linux-gnu/4.7.0/lto-wrapper
Target: x86_64-unknown-linux-gnu
Configured with: /home/dim/src/gcc-current/configure
--prefix=/usr/local/gcc_current --with-multilib-list=m64 --enable-__cxa_atexit
--enable-bootstrap --enable-shared --enable-threads=posix
--enable-checking=df,rtl,fold,yes --with-system-zlib
--disable-libunwind-exceptions --enable-gnu-unique-object
--enable-linker-build-id --enable-languages=c,c++,lto --enable-plugin
--with-tune=generic --enable-version-specific-runtime-libs
Thread model: posix
gcc version 4.7.0 20111031 (experimental) [trunk revision 180696] (GCC) 

$ uname -a
Linux dim.cp.ru 2.6.40.6-0.fc15.x86_64 #1 SMP Tue Oct 4 00:39:50 UTC 2011
x86_64 x86_64 x86_64 GNU/Linux

$ cat tsts.c
extern int foo();
extern int* baz();
extern int n;

void bar(int *x)
{
    int *pm;

    if(n*2) {
        int *pk  = baz();
    pm = pk;
    }
    do {
    *x = foo();
    } while (0);
}

$ clang -cc1 -analyze -analyzer-checker=core  tsts.c 
clang:
/home/dim/src/llvm/tools/clang/lib/StaticAnalyzer/Core/../../../include/clang/StaticAnalyzer/Core/PathSensitive/ExplodedGraph.h:95:
void clang::ento::ExplodedNode::NodeGroup::setFlag(): Assertion `P == 0'
failed.
0  clang           0x00000000019c39cf
1  clang           0x00000000019c3eb9
2  libpthread.so.0 0x00000035a4e0eef0
3  libc.so.6       0x00000035a4a352d5 gsignal + 53
4  libc.so.6       0x00000035a4a36beb abort + 379
5  libc.so.6       0x00000035a4a2dc5e
6  libc.so.6       0x00000035a4a2dd02
7  clang           0x0000000000daa8bc
clang::ento::NodeBuilder::generateNodeImpl(clang::ProgramPoint const&,
clang::ento::ProgramState const*, clang::ento::ExplodedNode*, bool) + 236
8  clang           0x0000000000cd825d
9  clang           0x0000000000cd90cf
10 clang           0x0000000000d9f7eb
clang::ento::CheckerManager::runCheckersForLocation(clang::ento::ExplodedNodeSet&,
clang::ento::ExplodedNodeSet const&, clang::ento::SVal, bool, clang::Stmt
const*, clang::ento::ExprEngine&) + 1307
11 clang           0x0000000000dbd51b
clang::ento::ExprEngine::evalLocation(clang::ento::ExplodedNodeSet&,
clang::Stmt const*, clang::ento::ExplodedNode*, clang::ento::ProgramState
const*, clang::ento::SVal, clang::ProgramPointTag const*, bool) + 699
12 clang           0x0000000000dbe447
clang::ento::ExprEngine::evalStore(clang::ento::ExplodedNodeSet&, clang::Expr
const*, clang::Expr const*, clang::ento::ExplodedNode*,
clang::ento::ProgramState const*, clang::ento::SVal, clang::ento::SVal,
clang::ProgramPointTag const*) + 279
13 clang           0x0000000000dc750a
clang::ento::ExprEngine::VisitBinaryOperator(clang::BinaryOperator const*,
clang::ento::ExplodedNode*, clang::ento::ExplodedNodeSet&) + 3738
14 clang           0x0000000000dbf1c7
clang::ento::ExprEngine::Visit(clang::Stmt const*, clang::ento::ExplodedNode*,
clang::ento::ExplodedNodeSet&) + 1447
15 clang           0x0000000000dc1343
clang::ento::ExprEngine::ProcessStmt(clang::CFGStmt,
clang::ento::ExplodedNode*) + 1299
16 clang           0x0000000000dc1a5f
clang::ento::ExprEngine::processCFGElement(clang::CFGElement,
clang::ento::ExplodedNode*, unsigned int, clang::ento::NodeBuilderContext*) +
239
17 clang           0x0000000000daa427
clang::ento::CoreEngine::HandlePostStmt(clang::CFGBlock const*, unsigned int,
clang::ento::ExplodedNode*) + 135
18 clang           0x0000000000dab5bb
clang::ento::CoreEngine::ExecuteWorkList(clang::LocationContext const*,
unsigned int, clang::ento::ProgramState const*) + 731
19 clang           0x0000000000ccd428
20 clang           0x0000000000ccdd8d
21 clang           0x0000000000cce141
22 clang           0x0000000000ccec1e
23 clang           0x00000000009da13a clang::ParseAST(clang::Sema&, bool) + 394
24 clang           0x00000000007858a5
clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) + 373
25 clang           0x000000000076c136
clang::ExecuteCompilerInvocation(clang::CompilerInstance*) + 1158
26 clang           0x00000000007670ec cc1_main(char const**, char const**, char
const*, void*) + 524
27 clang           0x00000000007599b4 main + 8084
28 libc.so.6       0x00000035a4a2139d __libc_start_main + 237
29 clang           0x000000000076306d
Stack dump:
0.    Program arguments: clang -cc1 -analyze -analyzer-checker=core tsts.c 
1.    <eof> parser at end of file
2.    tsts.c:14:2: Error evaluating statement
3.    tsts.c:14:2: Error evaluating statement

-- 
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the llvm-bugs mailing list