[llvm-bugs] [Bug 36381] New: Crash in NonNullParamChecker / clang::ento::RangedConstraintManager::assumeSymUnsupported()

via llvm-bugs llvm-bugs at lists.llvm.org
Wed Feb 14 05:41:54 PST 2018 

https://bugs.llvm.org/show_bug.cgi?id=36381

            Bug ID: 36381
           Summary: Crash in NonNullParamChecker /
                    clang::ento::RangedConstraintManager::assumeSymUnsuppo
                    rted()
           Product: clang
           Version: unspecified
          Hardware: PC
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: Static Analyzer
          Assignee: dcoughlin at apple.com
          Reporter: alexfh at google.com
                CC: ekarpenkov at apple.com, llvm-bugs at lists.llvm.org

Here's a test case I reduced manually from the output of creduce:
class C {};
void f(C i) {
  auto lambda = [&] { f(i); };
  typedef decltype(lambda) T;
  static char *p;
  T **pfn = static_cast<T **>(static_cast<void*>(&p));
  *pfn = new T(lambda);
  (**pfn)();
}

Stack trace:
clang::ento::RangedConstraintManager::assumeSymUnsupported
clang::ento::RangedConstraintManager::assumeSym
clang::ento::SimpleConstraintManager::assumeAux
clang::ento::SimpleConstraintManager::assume
clang::ento::SimpleConstraintManager::assume
clang::ento::ConstraintManager::assumeDual
::NonNullParamChecker::checkPreCall
clang::ento::check::PreCall::_checkCall
clang::ento::CheckerFn::operator()
::CheckCallContext::runChecker
expandGraphWithCheckers
clang::ento::CheckerManager::runCheckersForCallEvent
clang::ento::CheckerManager::runCheckersForPreCall
clang::ento::ExprEngine::VisitCXXConstructExpr
clang::ento::ExprEngine::Visit
clang::ento::ExprEngine::ProcessStmt
clang::ento::ExprEngine::processCFGElement
clang::ento::CoreEngine::HandlePostStmt
clang::ento::CoreEngine::ExecuteWorkList
::AnalysisConsumer::ActionExprEngine
::AnalysisConsumer::HandleCode
::AnalysisConsumer::HandleTranslationUnit

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20180214/d8e16133/attachment.html>

More information about the llvm-bugs mailing list