[LLVMbugs] [Bug 18227] New: Assertion failure in ResolveCondition with cfg-temporary-dtors=true

bugzilla-daemon at llvm.org bugzilla-daemon at llvm.org
Thu Dec 12 05:59:42 PST 2013


            Bug ID: 18227
           Summary: Assertion failure in ResolveCondition with
           Product: clang
           Version: trunk
          Hardware: PC
                OS: All
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
          Assignee: kremenek at apple.com
          Reporter: dconnelly at google.com
                CC: llvmbugs at cs.uiuc.edu
    Classification: Unclassified

Created attachment 11715
  --> http://llvm.org/bugs/attachment.cgi?id=11715&action=edit
Stack trace

Testing against r197139 on both Linux and Mac. As noted in the summary, the
assertion only fails with cfg-temporary-dtors=true.

A small crashing input is below. I can only reproduce the crash under the
following restrictions on the input:

- The condition of the ternary operator must have the form "(x R y) S (z T w)"
for any x,y,z,w of any type, but R,S,T must each be '&&' or '||'. It is not
required that R,S,T all be the same.
- A().a() can be either the if-value or the else-value or both of the ternary
operator. All three crash.
- The A::a member function must be called on the temporary A instance; A()
alone doesn't crash.
- The destructor A::~A must be explicitly defined. Using the auto-generated
destructor won't crash.

Preprocessed source

# 1 "<built-in>" 1
# 1 "main.cc" 1
struct A {
  ~A() {}
  void a() {}

int main() {
  (false && false) && (false && false) ? (void)0 : A().a();


clang++ --analyze -Xclang -analyzer-config -Xclang cfg-temporary-dtors=true

Dumped invocation

"/media/gallia/analyzer/build/Debug+Asserts/bin/clang" -cc1 -triple
x86_64-unknown-linux-gnu -analyze -disable-free -main-file-name main.cc
-analyzer-store=region -analyzer-opt-analyze-nested-blocks
-analyzer-eagerly-assume -analyzer-checker=core -analyzer-checker=unix
-analyzer-checker=deadcode -analyzer-checker=cplusplus
-analyzer-checker=security.insecureAPI.vfork -analyzer-output plist -w
-mrelocation-model static -mdisable-fp-elim -fmath-errno -masm-verbose
-mconstructor-aliases -munwind-tables -target-cpu x86-64 -target-linker-version
2.22 -fdeprecated-macro -ferror-limit 19 -fmessage-length 318 -mstackrealign
-fobjc-runtime=gcc -fcxx-exceptions -fexceptions -fdiagnostics-show-option
-fcolor-diagnostics -vectorize-slp -analyzer-config cfg-temporary-dtors=true -x
c++ main-77ac9d.cpp

Stack trace


You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20131212/b63d91ad/attachment.html>

More information about the llvm-bugs mailing list