[LLVMbugs] [Bug 11249] New: clang analyzer crash when initializing struct with unnamed bitfield

bugzilla-daemon at llvm.org bugzilla-daemon at llvm.org
Thu Oct 27 17:37:17 PDT 2011 

http://llvm.org/bugs/show_bug.cgi?id=11249

           Summary: clang analyzer crash when initializing struct with
                    unnamed bitfield
           Product: clang
           Version: trunk
          Platform: Macintosh
        OS/Version: MacOS X
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
        AssignedTo: kremenek at apple.com
        ReportedBy: shartwell at vmware.com
                CC: llvmbugs at cs.uiuc.edu


Created an attachment (id=7542)
 --> (http://llvm.org/bugs/attachment.cgi?id=7542)
minimal C statements to cause static analyzer crash

Running Checker-258 on the attached C source file crashes the clang analyzer.
It also crashes when directly invoking /usr/bin/clang --analyze from the Xcode
4.2 Lion SDK (clang 3.0).

The minimal source seems to require the following conditions in order to crash:
-- the initialization must happen inside a function
-- the struct must have an unnamed bitfield
-- which must be followed by an array and an unsigned field
Changing any of these conditions will cause the static analyzer to run without
crashing.

Note that clang compiles this file just fine; this only affects the static
analyzer.

Example invocation:
       ./checker-258/scan-build clang -c staticanalyzer_crash.c
Output:
       Assertion failed: (isa<X>(Val) && "cast<Ty>() argument of incompatible
type!"), function cast, file
/tmp/checker-258-src/include/llvm/Support/Casting.h, line 194.
Stack dump:
0.    Program arguments:
/Volumes/Development/tools/clang-static-analyzer/checker-258/bin/clang-3.0 -cc1
-triple x86_64-apple-macosx10.7.2 -analyze -disable-free -main-file-name
staticanalyzer_crash.c -analyzer-store=region
-analyzer-opt-analyze-nested-blocks -analyzer-eagerly-assume
-analyzer-checker=core -analyzer-checker=deadcode -analyzer-checker=security
-analyzer-checker=unix -analyzer-checker=osx -analyzer-output plist -w
-pic-level 1 -mdisable-fp-elim -masm-verbose -munwind-tables -target-cpu core2
-resource-dir
/Volumes/Development/tools/clang-static-analyzer/checker-258/bin/../lib/clang/3.0
-fmodule-cache-path
/var/folders/t_/nkqdpfz139gbxcl1f7nx_87h63cm03/T/clang-module-cache
-ferror-limit 19 -fmessage-length 0 -stack-protector 1 -fblocks
-fobjc-runtime-has-arc -fobjc-runtime-has-weak -fobjc-dispatch-method=mixed
-fdiagnostics-show-option -analyzer-output=html -o
/var/folders/t_/nkqdpfz139gbxcl1f7nx_87h63cm03/T/scan-build-2011-10-27-2 -x c
staticanalyzer_crash.c 
1.    <eof> parser at end of file
2.    staticanalyzer_crash.c:8:6: Error evaluating statement
3.    staticanalyzer_crash.c:8:6: Error evaluating statement

-- 
Configure bugmail: http://llvm.org/bugs/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the llvm-bugs mailing list