<html>

    <head>

      <base href="https://bugs.llvm.org/">

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - clang crashes on simple valid C code with "Error evaluating branch" (on trunk version)"

   href="https://bugs.llvm.org/show_bug.cgi?id=50268">50268</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>clang crashes on simple valid C code with "Error evaluating branch" (on trunk version)

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>clang

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>trunk

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>PC

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>Linux

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>normal

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>Static Analyzer

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>dcoughlin@apple.com

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>haoxintu@gmail.com

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>dcoughlin@apple.com, llvm-bugs@lists.llvm.org

          </td>

        </tr></table>

      <p>

        <div>

        <pre>Hi all.

$cat small.c

#include <stdint.h>

uint64_t a, c;

int b;

void d() {

  c -= a;

  0 >= b;

  c != b;

  c ? 0: 2;

}

$clang --analyze small.c

PLEASE submit a bug report to <a href="https://bugs.llvm.org/">https://bugs.llvm.org/</a> and include the crash

backtrace, preprocessed source, and associated run script.

Stack dump:

0.      Program arguments: clang --analyze small.c

1.      <eof> parser at end of file

2.      While analyzing stack: 

        #0 Calling d

3.      small.c:8:3: Error evaluating branch

 #0 0x000055c34f34b81c llvm::sys::PrintStackTrace(llvm::raw_ostream&, int)

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x363681c)

 #1 0x000055c34f3496d4 llvm::sys::RunSignalHandlers()

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x36346d4)

 #2 0x000055c34f349955 llvm::sys::CleanupOnSignal(unsigned long)

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x3634955)

 #3 0x000055c34f2a4108 CrashRecoverySignalHandler(int)

CrashRecoveryContext.cpp:0:0

 #4 0x00007fd758d85980 __restore_rt

(/lib/x86_64-linux-gnu/libpthread.so.0+0x12980)

 #5 0x000055c350d82f80 clang::ento::ProgramState::FindGDM(void*) const

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x506df80)

 #6 0x000055c350d8d1b7 clang::ento::ProgramStateTrait<(anonymous

namespace)::ClassMap>::lookup_type clang::ento::ProgramState::get<(anonymous

namespace)::ClassMap>(clang::ento::ProgramStateTrait<(anonymous

namespace)::ClassMap>::key_type) const RangeConstraintManager.cpp:0:0

 #7 0x000055c350d9e740 (anonymous

namespace)::RangeConstraintManager::track(llvm::IntrusiveRefCntPtr<clang::ento::ProgramState

const>, (anonymous namespace)::EqualityInfo) (.isra.772)

RangeConstraintManager.cpp:0:0

 #8 0x000055c350d9f6fb (anonymous

namespace)::RangeConstraintManager::assumeSymEQ(llvm::IntrusiveRefCntPtr<clang::ento::ProgramState

const>, clang::ento::SymExpr const*, llvm::APSInt const&, llvm::APSInt const&)

RangeConstraintManager.cpp:0:0

 #9 0x000055c350da0c68

clang::ento::RangedConstraintManager::assumeSymUnsupported(llvm::IntrusiveRefCntPtr<clang::ento::ProgramState

const>, clang::ento::SymExpr const*, bool)

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x508bc68)

#10 0x000055c350dbca0f

clang::ento::SimpleConstraintManager::assumeAux(llvm::IntrusiveRefCntPtr<clang::ento::ProgramState

const>, clang::ento::NonLoc, bool)

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x50a7a0f)

#11 0x000055c350dbdf05

clang::ento::SimpleConstraintManager::assume(llvm::IntrusiveRefCntPtr<clang::ento::ProgramState

const>, clang::ento::NonLoc, bool)

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x50a8f05)

#12 0x000055c350dbe057

clang::ento::SimpleConstraintManager::assume(llvm::IntrusiveRefCntPtr<clang::ento::ProgramState

const>, clang::ento::DefinedSVal, bool)

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x50a9057)

#13 0x000055c35088f691

clang::ento::ProgramState::assume(clang::ento::DefinedOrUnknownSVal) const

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x4b7a691)

#14 0x000055c350d2d47e clang::ento::ExprEngine::processBranch(clang::Stmt

const*, clang::ento::NodeBuilderContext&, clang::ento::ExplodedNode*,

clang::ento::ExplodedNodeSet&, clang::CFGBlock const*, clang::CFGBlock const*)

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x501847e)

#15 0x000055c350cea7ab clang::ento::CoreEngine::HandleBranch(clang::Stmt

const*, clang::Stmt const*, clang::CFGBlock const*, clang::ento::ExplodedNode*)

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x4fd57ab)

#16 0x000055c350cee611 clang::ento::CoreEngine::HandleBlockExit(clang::CFGBlock

const*, clang::ento::ExplodedNode*)

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x4fd9611)

#17 0x000055c350ceeaa8 clang::ento::CoreEngine::HandlePostStmt(clang::CFGBlock

const*, unsigned int, clang::ento::ExplodedNode*)

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x4fd9aa8)

#18 0x000055c350ceece7

clang::ento::CoreEngine::dispatchWorkItem(clang::ento::ExplodedNode*,

clang::ProgramPoint, clang::ento::WorkListUnit const&)

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x4fd9ce7)

#19 0x000055c350ceef64

clang::ento::CoreEngine::ExecuteWorkList(clang::LocationContext const*,

unsigned int, llvm::IntrusiveRefCntPtr<clang::ento::ProgramState const>)

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x4fd9f64)

#20 0x000055c35084c14f (anonymous

namespace)::AnalysisConsumer::HandleCode(clang::Decl*, unsigned int,

clang::ento::ExprEngine::InliningModes, llvm::DenseSet<clang::Decl const*,

llvm::DenseMapInfo<clang::Decl const*> >*) AnalysisConsumer.cpp:0:0

#21 0x000055c35086a636 (anonymous

namespace)::AnalysisConsumer::HandleDeclsCallGraph(unsigned int)

AnalysisConsumer.cpp:0:0

#22 0x000055c35086b762 (anonymous

namespace)::AnalysisConsumer::HandleTranslationUnit(clang::ASTContext&)

AnalysisConsumer.cpp:0:0

#23 0x000055c350e1af59 clang::ParseAST(clang::Sema&, bool, bool)

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x5105f59)

#24 0x000055c34fc2deb1 clang::FrontendAction::Execute()

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x3f18eb1)

#25 0x000055c34fbcaff2

clang::CompilerInstance::ExecuteAction(clang::FrontendAction&)

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x3eb5ff2)

#26 0x000055c34fcf8b8a

clang::ExecuteCompilerInvocation(clang::CompilerInstance*)

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x3fe3b8a)

#27 0x000055c34cfedc9c cc1_main(llvm::ArrayRef<char const*>, char const*,

void*)

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x12d8c9c)

#28 0x000055c34cfe8f99 ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&)

driver.cpp:0:0

#29 0x000055c34fa849b5 void llvm::function_ref<void

()>::callback_fn<clang::driver::CC1Command::Execute(llvm::ArrayRef<llvm::Optional<llvm::StringRef>

<span class="quote">>, std::__cxx11::basic_string<char, std::char_traits<char>,</span >

std::allocator<char> >*, bool*) const::'lambda'()>(long) Job.cpp:0:0

#30 0x000055c34f2a41e3

llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>)

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x358f1e3)

#31 0x000055c34fa85354

clang::driver::CC1Command::Execute(llvm::ArrayRef<llvm::Optional<llvm::StringRef>

<span class="quote">>, std::__cxx11::basic_string<char, std::char_traits<char>,</span >

std::allocator<char> >*, bool*) const (.part.161) Job.cpp:0:0

#32 0x000055c34fa5d61a

clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&,

clang::driver::Command const*&) const

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x3d4861a)

#33 0x000055c34fa5e2bf

clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&,

llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*> >&) const

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x3d492bf)

#34 0x000055c34fa66c5a

clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&,

llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*> >&)

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x3d51c5a)

#35 0x000055c34cf112a5 main

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x11fc2a5)

#36 0x00007fd757a19bf7 __libc_start_main

/build/glibc-S9d2JN/glibc-2.27/csu/../csu/libc-start.c:344:0

#37 0x000055c34cfe8b0a _start

(/media/haoxin/SeagateData/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin/clang-13+0x12d3b0a)

clang-13: error: clang frontend command failed with exit code 139 (use -v to

see invocation)

clang version 13.0.0 (<a href="https://github.com/llvm/llvm-project">https://github.com/llvm/llvm-project</a>

e5984a3680bef22d422beaafa73bf131d7197973)

Target: x86_64-unknown-linux-gnu

Thread model: posix

InstalledDir:

/home/haoxin/haoxin-data/dut-research/compilers/llvm-project/build-20210502/bin

clang-13: note: diagnostic msg: 

********************

PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:

Preprocessed source(s) and associated run script(s) are located at:

clang-13: note: diagnostic msg: /tmp/small-cd818a.c

clang-13: note: diagnostic msg: /tmp/small-cd818a.sh

clang-13: note: diagnostic msg: 

********************

Reproduced in GodBolt: <a href="https://godbolt.org/z/vbTch5oW9">https://godbolt.org/z/vbTch5oW9</a>

Thanks,

Haoxin</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>