<html>

    <head>

      <base href="https://bugs.llvm.org/">

    </head>

    <body><table border="1" cellspacing="0" cellpadding="8">

        <tr>

          <th>Bug ID</th>

          <td><a class="bz_bug_link 

          bz_status_NEW "

   title="NEW - Analyzer crashes with cplusplus.SmartPtrModeling"

   href="https://bugs.llvm.org/show_bug.cgi?id=51152">51152</a>

          </td>

        </tr>

        <tr>

          <th>Summary</th>

          <td>Analyzer crashes with cplusplus.SmartPtrModeling

          </td>

        </tr>

        <tr>

          <th>Product</th>

          <td>clang

          </td>

        </tr>

        <tr>

          <th>Version</th>

          <td>trunk

          </td>

        </tr>

        <tr>

          <th>Hardware</th>

          <td>PC

          </td>

        </tr>

        <tr>

          <th>OS</th>

          <td>Linux

          </td>

        </tr>

        <tr>

          <th>Status</th>

          <td>NEW

          </td>

        </tr>

        <tr>

          <th>Severity</th>

          <td>enhancement

          </td>

        </tr>

        <tr>

          <th>Priority</th>

          <td>P

          </td>

        </tr>

        <tr>

          <th>Component</th>

          <td>Static Analyzer

          </td>

        </tr>

        <tr>

          <th>Assignee</th>

          <td>dcoughlin@apple.com

          </td>

        </tr>

        <tr>

          <th>Reporter</th>

          <td>v.reichelt@netcologne.de

          </td>

        </tr>

        <tr>

          <th>CC</th>

          <td>dcoughlin@apple.com, llvm-bugs@lists.llvm.org

          </td>

        </tr></table>

      <p>

        <div>

        <pre>Running clang's analyzer with

"clang++ --analyze -Xclang -analyzer-checker -Xclang cplusplus.SmartPtrModeling

-c"

on the following valid code snippet triggers a crash:

================================

void foo(void (*f)(int, int))

{

  f(0, 0);

}

================================

This regression was introduced last week.

Stack dump:

0.      Program arguments: /LLVM/LLVM-trunk/bin/clang++ --analyze -Xclang

-analyzer-checker -Xclang cplusplus.SmartPtrModeling -c CLbug.cc

1.      <eof> parser at end of file

2.      While analyzing stack: 

        #0 Calling foo(void (*)(int, int))

3.      CLbug.cc:3:3: Error evaluating statement

4.      CLbug.cc:3:3: Error evaluating statement

 #0 0x000000000307f660 PrintStackTraceSignalHandler(void*) Signals.cpp:0:0

 #1 0x000000000307d4f4 llvm::sys::CleanupOnSignal(unsigned long)

(/LLVM/LLVM-trunk/bin/clang+++0x307d4f4)

 #2 0x0000000002fccee8 CrashRecoverySignalHandler(int)

CrashRecoveryContext.cpp:0:0

 #3 0x00007f9f4360c680 __restore_rt sigaction.c:0:0

 #4 0x00000000049c4aca (anonymous

namespace)::SmartPtrModeling::evalCall(clang::ento::CallEvent const&,

clang::ento::CheckerContext&) const SmartPtrModeling.cpp:0:0

 #5 0x0000000004b32117

clang::ento::CheckerManager::runCheckersForEvalCall(clang::ento::ExplodedNodeSet&,

clang::ento::ExplodedNodeSet const&, clang::ento::CallEvent const&,

clang::ento::ExprEngine&, clang::ento::EvalCallOptions const&)

(/LLVM/LLVM-trunk/bin/clang+++0x4b32117)

 #6 0x0000000004b9e58b

clang::ento::ExprEngine::evalCall(clang::ento::ExplodedNodeSet&,

clang::ento::ExplodedNode*, clang::ento::CallEvent const&)

(/LLVM/LLVM-trunk/bin/clang+++0x4b9e58b)

 #7 0x0000000004b9f487 clang::ento::ExprEngine::VisitCallExpr(clang::CallExpr

const*, clang::ento::ExplodedNode*, clang::ento::ExplodedNodeSet&)

(/LLVM/LLVM-trunk/bin/clang+++0x4b9f487)

 #8 0x0000000004b7b5aa clang::ento::ExprEngine::Visit(clang::Stmt const*,

clang::ento::ExplodedNode*, clang::ento::ExplodedNodeSet&)

(/LLVM/LLVM-trunk/bin/clang+++0x4b7b5aa)

 #9 0x0000000004b7c422 clang::ento::ExprEngine::ProcessStmt(clang::Stmt const*,

clang::ento::ExplodedNode*) (/LLVM/LLVM-trunk/bin/clang+++0x4b7c422)

#10 0x0000000004b7c607

clang::ento::ExprEngine::processCFGElement(clang::CFGElement,

clang::ento::ExplodedNode*, unsigned int, clang::ento::NodeBuilderContext*)

(/LLVM/LLVM-trunk/bin/clang+++0x4b7c607)

#11 0x0000000004b3911d clang::ento::CoreEngine::HandlePostStmt(clang::CFGBlock

const*, unsigned int, clang::ento::ExplodedNode*)

(/LLVM/LLVM-trunk/bin/clang+++0x4b3911d)

#12 0x0000000004b39602

clang::ento::CoreEngine::ExecuteWorkList(clang::LocationContext const*,

unsigned int, llvm::IntrusiveRefCntPtr<clang::ento::ProgramState const>)

(/LLVM/LLVM-trunk/bin/clang+++0x4b39602)

#13 0x00000000046a436f (anonymous

namespace)::AnalysisConsumer::HandleCode(clang::Decl*, unsigned int,

clang::ento::ExprEngine::InliningModes, llvm::DenseSet<clang::Decl const*,

llvm::DenseMapInfo<clang::Decl const*> >*) AnalysisConsumer.cpp:0:0

#14 0x00000000046ba758 (anonymous

namespace)::AnalysisConsumer::HandleDeclsCallGraph(unsigned int)

AnalysisConsumer.cpp:0:0

#15 0x00000000046bb872 (anonymous

namespace)::AnalysisConsumer::HandleTranslationUnit(clang::ASTContext&)

AnalysisConsumer.cpp:0:0

#16 0x0000000004c77739 clang::ParseAST(clang::Sema&, bool, bool)

(/LLVM/LLVM-trunk/bin/clang+++0x4c77739)

#17 0x0000000003a4a379 clang::FrontendAction::Execute()

(/LLVM/LLVM-trunk/bin/clang+++0x3a4a379)

#18 0x00000000039dd896

clang::CompilerInstance::ExecuteAction(clang::FrontendAction&)

(/LLVM/LLVM-trunk/bin/clang+++0x39dd896)

#19 0x0000000003b0be5c

clang::ExecuteCompilerInvocation(clang::CompilerInstance*)

(/LLVM/LLVM-trunk/bin/clang+++0x3b0be5c)

#20 0x000000000099fda1 cc1_main(llvm::ArrayRef<char const*>, char const*,

void*) (/LLVM/LLVM-trunk/bin/clang+++0x99fda1)

#21 0x000000000099b611 ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&)

driver.cpp:0:0

#22 0x000000000386d635 void llvm::function_ref<void

()>::callback_fn<clang::driver::CC1Command::Execute(llvm::ArrayRef<llvm::Optional<llvm::StringRef>

<span class="quote">>, std::__cxx11::basic_string<char, std::char_traits<char>,</span >

std::allocator<char> >*, bool*) const::'lambda'()>(long) Job.cpp:0:0

#23 0x0000000002fcd054

llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>)

(/LLVM/LLVM-trunk/bin/clang+++0x2fcd054)

#24 0x000000000386deac

clang::driver::CC1Command::Execute(llvm::ArrayRef<llvm::Optional<llvm::StringRef>

<span class="quote">>, std::__cxx11::basic_string<char, std::char_traits<char>,</span >

std::allocator<char> >*, bool*) const (.part.0) Job.cpp:0:0

#25 0x0000000003840d07

clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&,

clang::driver::Command const*&) const (/LLVM/LLVM-trunk/bin/clang+++0x3840d07)

#26 0x00000000038417f9

clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&,

llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*> >&) const

(/LLVM/LLVM-trunk/bin/clang+++0x38417f9)

#27 0x000000000384e151

clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&,

llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*> >&)

(/LLVM/LLVM-trunk/bin/clang+++0x384e151)

#28 0x00000000008d8235 main (/LLVM/LLVM-trunk/bin/clang+++0x8d8235)

#29 0x00007f9f423483d5 __libc_start_main (/lib64/libc.so.6+0x223d5)

#30 0x000000000099afc9 _start (/LLVM/LLVM-trunk/bin/clang+++0x99afc9)

clang-13: error: clang frontend command failed with exit code 139 (use -v to

see invocation)

clang version 13.0.0 (<a href="https://github.com/llvm/llvm-project.git">https://github.com/llvm/llvm-project.git</a>

21401a72629cc591bab7ec6816f03e6c550f3fb3)

Target: x86_64-unknown-linux-gnu

Thread model: posix

InstalledDir: /LLVM/LLVM-trunk/bin</pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are on the CC list for the bug.</li>

      </ul>

    </body>

</html>