[llvm-bugs] [Bug 31498] New: clang-check static analyzer crashes when processing union

via llvm-bugs llvm-bugs at lists.llvm.org
Fri Dec 30 06:22:08 PST 2016 

https://llvm.org/bugs/show_bug.cgi?id=31498

            Bug ID: 31498
           Summary: clang-check static analyzer crashes when processing
                    union
           Product: new-bugs
           Version: trunk
          Hardware: PC
                OS: Windows NT
            Status: NEW
          Severity: normal
          Priority: P
         Component: new bugs
          Assignee: unassignedbugs at nondot.org
          Reporter: adamf88 at gmail.com
                CC: llvm-bugs at lists.llvm.org
    Classification: Unclassified

Created attachment 17792
  --> https://llvm.org/bugs/attachment.cgi?id=17792&action=edit
Sample program

Tested on Windows. Llvm build snapshot: 288665

If I run clang-check with command:
clang-check.exe test.cpp -analyze

On the code below:

void* __cdecl memcpy(void* _Dst, void const* _Src, size_t _Size);

struct Test{
    union    {
        char* heapbuf;
        char  stackbuf[8];
    } data;
    unsigned size;

    Test() = default;
    Test(const Test& other)    {
        size = other.size;
        memcpy(data.stackbuf, other.data.stackbuf, size);
        data.stackbuf[size] = 0;
    }
};

Test read(){
    return Test();
}

int main(){
    Test b = read();
    char* data = new char[b.size];
    return 0;
}

Then I receive error message:
Running without flags.
Assertion failed: T::isKind(*this), file
D:\src\llvm_package_288665\llvm\tools\clang\include\clang/StaticAnalyzer/Core/PathSensitive/SVals.h,
line 76
Wrote crash dump file
"C:\Users\AdamF\AppData\Local\Temp\clang-check.exe-016bb1.dmp"
0x01D74378 (0x00000016 0x034600E1 0x00000001 0x02697E2D)
0x03469EE5 (0x03E6FA58 0x03F45652 0x0000004C 0x00000003)
0x0345FF9B (0x03E6FA58 0x03F45652 0x0000004C 0x00C2E2D8)
0x03460183 (0x03E6FA58 0x03F45652 0x0000004C 0x00F668C4)
0x02697E2D (0x00C2E34C 0x00C2E3EC 0x00D25198 0x00F669A8)
0x02697A8B (0x00C2E3EC 0x00C2E46C 0x00C2E468 0x00D25198)
0x0269766D (0x00000002 0x00D37051 0x00000000 0x00F6694C)
0x00D25198 (0x00D37051 0x00000000 0x00F6694C 0x00F66870) <unknown module>

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20161230/98d0605b/attachment.html>

More information about the llvm-bugs mailing list