[llvm-bugs] [Bug 25609] New: Assertion UNREACHABLE: "Unexpected ProgramPoint" with widen-loops=true

[via llvm-bugs]

https://llvm.org/bugs/show_bug.cgi?id=25609

            Bug ID: 25609
           Summary: Assertion UNREACHABLE: "Unexpected ProgramPoint" with
                    widen-loops=true
           Product: clang
           Version: trunk
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
          Assignee: kremenek at apple.com
          Reporter: eveson.sean at gmail.com
                CC: llvm-bugs at lists.llvm.org
    Classification: Unclassified

The Analyzer crashes on the following test case with widen-loops=true:

$ cat test.c
int *p;
void bar();

void foo() {
    if (p == 0)
        bar();
    for (int i = 0; i < 99; i++) {}
    int x = p[0];
}

$ clang -cc1 -analyze -analyzer-config widen-loops=true test.c
Unexpected ProgramPoint
UNREACHABLE executed at
llvm/tools/clang/lib/StaticAnalyzer/Core/PathDiagnostic.cpp:688!

In the test case the problem occurs when trying to report a null dereference on
the last line of 'foo'.

The issue seems to happen when the FindLastStoreBRVisitor looks for the point
at which an SVal last changed. In this case the pointer 'p' was last changed
when the loop was widened (on block entrance). This causes the assertion when
trying to create a PathDiagnosticLocation, since the ProgramPoint being a
BlockEntrance is not an expected case.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20151123/851232f2/attachment-0001.html>