[llvm-bugs] [Bug 34496] New: [osx.cocoa.RetainCount] Crash with function named 'C'

Wed Sep 6 01:27:31 PDT 2017

https://bugs.llvm.org/show_bug.cgi?id=34496

            Bug ID: 34496
           Summary: [osx.cocoa.RetainCount] Crash with function named 'C'
           Product: clang
           Version: trunk
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: Static Analyzer
          Assignee: kremenek at apple.com
          Reporter: v.reichelt at netcologne.de
                CC: llvm-bugs at lists.llvm.org

Running the command
  clang++ --analyze -Xclang -analyzer-checker -Xclang osx.cocoa.RetainCount -c
bug.cc
on the following line of code:

===================================
int C() { return 0; }
===================================

triggers the assertion below.
If I rename the function, everything works fine.
This happens on trunk (r312474), LLVM-5.0.0 is not affected.

===================================
clang-6.0: /tmp/LLVM/llvm/include/llvm/ADT/StringRef.h:239: char
llvm::StringRef::operator[](size_t) const: Assertion `Index < Length &&
"Invalid index!"' failed.
#0 0x0000000001ea65ca llvm::sys::PrintStackTrace(llvm::raw_ostream&)
(/LLVM/LLVM-trunk-312474/bin/clang-6.0+0x1ea65ca)
#1 0x0000000001ea425e llvm::sys::RunSignalHandlers()
(/LLVM/LLVM-trunk-312474/bin/clang-6.0+0x1ea425e)
#2 0x0000000001ea43ac SignalHandler(int)
(/LLVM/LLVM-trunk-312474/bin/clang-6.0+0x1ea43ac)
#3 0x00000038b4c0f710 __restore_rt (/lib64/libpthread.so.0+0x38b4c0f710)
#4 0x00000038b4432625 __GI_raise (/lib64/libc.so.6+0x38b4432625)
#5 0x00000038b4433e05 __GI_abort (/lib64/libc.so.6+0x38b4433e05)
#6 0x00000038b442b74e __assert_fail_base (/lib64/libc.so.6+0x38b442b74e)
#7 0x00000038b442b810 __GI___assert_perror_fail (/lib64/libc.so.6+0x38b442b810)
#8 0x0000000003565b81 (anonymous
namespace)::RetainSummaryManager::getFunctionSummary(clang::FunctionDecl
const*) (/LLVM/LLVM-trunk-312474/bin/clang-6.0+0x3565b81)
#9 0x0000000003565f09 void
clang::ento::check::BeginFunction::_checkBeginFunction<(anonymous
namespace)::RetainCountChecker>(void*, clang::ento::CheckerContext&)
(/LLVM/LLVM-trunk-312474/bin/clang-6.0+0x3565f09)
#10 0x00000000036679a4
clang::ento::CheckerManager::runCheckersForBeginFunction(clang::ento::ExplodedNodeSet&,
clang::BlockEdge const&, clang::ento::ExplodedNode*, clang::ento::ExprEngine&)
(/LLVM/LLVM-trunk-312474/bin/clang-6.0+0x36679a4)
#11 0x000000000368dfd9
clang::ento::ExprEngine::processBeginOfFunction(clang::ento::NodeBuilderContext&,
clang::ento::ExplodedNode*, clang::ento::ExplodedNodeSet&, clang::BlockEdge
const&) (/LLVM/LLVM-trunk-312474/bin/clang-6.0+0x368dfd9)
#12 0x0000000003674cbd
clang::ento::CoreEngine::ExecuteWorkList(clang::LocationContext const*,
unsigned int, llvm::IntrusiveRefCntPtr<clang::ento::ProgramState const>)
(/LLVM/LLVM-trunk-312474/bin/clang-6.0+0x3674cbd)
#13 0x0000000002beb09a (anonymous
namespace)::AnalysisConsumer::ActionExprEngine(clang::Decl*, bool,
clang::ento::ExprEngine::InliningModes, llvm::DenseSet<clang::Decl const*,
llvm::DenseMapInfo<clang::Decl const*> >*) [clone .part.4651]
(/LLVM/LLVM-trunk-312474/bin/clang-6.0+0x2beb09a)
#14 0x0000000002beb854 (anonymous
namespace)::AnalysisConsumer::HandleCode(clang::Decl*, unsigned int,
clang::ento::ExprEngine::InliningModes, llvm::DenseSet<clang::Decl const*,
llvm::DenseMapInfo<clang::Decl const*> >*)
(/LLVM/LLVM-trunk-312474/bin/clang-6.0+0x2beb854)
#15 0x0000000002bfc358 (anonymous
namespace)::AnalysisConsumer::HandleTranslationUnit(clang::ASTContext&) [clone
.part.4701] (/LLVM/LLVM-trunk-312474/bin/clang-6.0+0x2bfc358)
#16 0x0000000002c287f8 clang::ParseAST(clang::Sema&, bool, bool)
(/LLVM/LLVM-trunk-312474/bin/clang-6.0+0x2c287f8)
#17 0x000000000243f2be clang::FrontendAction::Execute()
(/LLVM/LLVM-trunk-312474/bin/clang-6.0+0x243f2be)
#18 0x000000000240d906
clang::CompilerInstance::ExecuteAction(clang::FrontendAction&)
(/LLVM/LLVM-trunk-312474/bin/clang-6.0+0x240d906)
#19 0x00000000024e0eeb
clang::ExecuteCompilerInvocation(clang::CompilerInstance*)
(/LLVM/LLVM-trunk-312474/bin/clang-6.0+0x24e0eeb)
#20 0x000000000080eff8 cc1_main(llvm::ArrayRef<char const*>, char const*,
void*) (/LLVM/LLVM-trunk-312474/bin/clang-6.0+0x80eff8)
#21 0x000000000080d2fb main (/LLVM/LLVM-trunk-312474/bin/clang-6.0+0x80d2fb)
clang version 6.0.0 (trunk)
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /LLVM/LLVM-trunk/bin
===================================

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20170906/8a50ce5b/attachment.html>