[llvm-bugs] [Bug 41388] New: clang-tidy with EnumCastOutOfRange crashes with Assertion `op == BO_Add' failed.
via llvm-bugs
llvm-bugs at lists.llvm.org
Thu Apr 4 23:57:36 PDT 2019
https://bugs.llvm.org/show_bug.cgi?id=41388
Bug ID: 41388
Summary: clang-tidy with EnumCastOutOfRange crashes with
Assertion `op == BO_Add' failed.
Product: clang
Version: unspecified
Hardware: PC
OS: Linux
Status: NEW
Severity: enhancement
Priority: P
Component: Static Analyzer
Assignee: dcoughlin at apple.com
Reporter: mikael.holmen at ericsson.com
CC: dcoughlin at apple.com, llvm-bugs at lists.llvm.org
Created attachment 21734
--> https://bugs.llvm.org/attachment.cgi?id=21734&action=edit
reproducer
Reproduce with:
clang-tidy -allow-enabling-analyzer-alpha-checkers
-checks=clang-analyzer-alpha.cplusplus.EnumCastOutOfRange bbi-26444.c --
which yields
clang-tidy: ../tools/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp:427:
clang::ento::SVal clang::ento::SValBuilder::evalBinOp(ProgramStateRef,
BinaryOperator::Opcode, clang::ento::SVal, clang::ento::SVal, clang::QualType):
Assertion `op == BO_Add' failed.
Program received signal SIGABRT, Aborted.
0x00007ffff67bbc37 in __GI_raise (sig=sig at entry=6) at
../nptl/sysdeps/unix/sysv/linux/raise.c:56
56 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) where
#0 0x00007ffff67bbc37 in __GI_raise (sig=sig at entry=6) at
../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1 0x00007ffff67bf028 in __GI_abort () at abort.c:89
#2 0x00007ffff67b4bf6 in __assert_fail_base (fmt=0x7ffff6909058 "%s%s%s:%u:
%s%sAssertion `%s' failed.\n%n", assertion=assertion at entry=0x4523f45 "op ==
BO_Add", file=file at entry=0x4523a34
"../tools/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp", line=line at entry=427,
function=function at entry=0x4523f52 "clang::ento::SVal
clang::ento::SValBuilder::evalBinOp(ProgramStateRef, BinaryOperator::Opcode,
clang::ento::SVal, clang::ento::SVal, clang::QualType)") at assert.c:92
#3 0x00007ffff67b4ca2 in __GI___assert_fail (assertion=0x4523f45 "op ==
BO_Add", file=0x4523a34
"../tools/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp", line=427,
function=0x4523f52 "clang::ento::SVal
clang::ento::SValBuilder::evalBinOp(ProgramStateRef, BinaryOperator::Opcode,
clang::ento::SVal, clang::ento::SVal, clang::QualType)") at assert.c:101
#4 0x00000000020008db in clang::ento::SValBuilder::evalBinOp (this=0x60db190,
state=..., op=clang::BO_EQ, lhs=..., rhs=..., type=...) at
../tools/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp:427
#5 0x0000000002000bd6 in clang::ento::SValBuilder::evalEQ (this=0x60db190,
state=..., lhs=..., rhs=...) at
../tools/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp:443
#6 0x0000000002000c5e in clang::ento::SValBuilder::evalEQ (this=0x60db190,
state=..., lhs=..., rhs=...) at
../tools/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp:449
#7 0x0000000001b2921e in (anonymous
namespace)::ConstraintBasedEQEvaluator::operator() (this=0x7fffffff8120,
EnumDeclInitValue=...) at
../tools/clang/lib/StaticAnalyzer/Checkers/EnumCastOutOfRangeChecker.cpp:47
#8 0x0000000001b2911f in std::__find_if<llvm::APSInt*, (anonymous
namespace)::ConstraintBasedEQEvaluator> (__first=0x7fffffff82f0,
__last=0x7fffffff8300, __pred=...) at
/usr/bin/../lib/gcc/x86_64-linux-gnu/4.8/../../../../include/c++/4.8/bits/stl_algo.h:242
#9 0x0000000001b28f39 in std::find_if<llvm::APSInt*, (anonymous
namespace)::ConstraintBasedEQEvaluator> (__first=0x7fffffff82f0,
__last=0x7fffffff8300, __pred=...) at
/usr/bin/../lib/gcc/x86_64-linux-gnu/4.8/../../../../include/c++/4.8/bits/stl_algo.h:4464
#10 0x0000000001b28eb8 in std::none_of<llvm::APSInt*, (anonymous
namespace)::ConstraintBasedEQEvaluator> (__first=0x7fffffff82f0,
__last=0x7fffffff8300, __pred=...) at
/usr/bin/../lib/gcc/x86_64-linux-gnu/4.8/../../../../include/c++/4.8/bits/stl_algo.h:747
#11 0x0000000001b28de0 in std::any_of<llvm::APSInt*, (anonymous
namespace)::ConstraintBasedEQEvaluator> (__first=0x7fffffff82f0,
__last=0x7fffffff8300, __pred=...) at
/usr/bin/../lib/gcc/x86_64-linux-gnu/4.8/../../../../include/c++/4.8/bits/stl_algo.h:765
#12 0x0000000001b28b78 in llvm::any_of<llvm::SmallVector<llvm::APSInt, 6u>&,
(anonymous namespace)::ConstraintBasedEQEvaluator> (Range=llvm::SmallVector of
Size 1, Capacity 6 = {...}, P=...) at ../include/llvm/ADT/STLExtras.h:1193
#13 0x0000000001b28a09 in (anonymous
namespace)::EnumCastOutOfRangeChecker::checkPreStmt (this=0x606d410,
CE=0x60d0f58, C=...) at
../tools/clang/lib/StaticAnalyzer/Checkers/EnumCastOutOfRangeChecker.cpp:116
#14 0x0000000001b288d5 in
clang::ento::check::PreStmt<clang::CastExpr>::_checkStmt<(anonymous
namespace)::EnumCastOutOfRangeChecker> (checker=0x606d410, S=0x60d0f58, C=...)
at ../tools/clang/include/clang/StaticAnalyzer/Core/Checker.h:85
#15 0x0000000001f0b9b2 in clang::ento::CheckerFn<void (clang::Stmt const*,
clang::ento::CheckerContext&)>::operator()(clang::Stmt const*,
clang::ento::CheckerContext&) const (this=0x7fffffff84d0, ps=..., ps=...) at
../tools/clang/include/clang/StaticAnalyzer/Core/CheckerManager.h:69
#16 0x0000000001efa9fd in (anonymous
namespace)::CheckStmtContext::runChecker(clang::ento::CheckerFn<void
(clang::Stmt const*, clang::ento::CheckerContext&)>, clang::ento::NodeBuilder&,
clang::ento::ExplodedNode*) (this=0x7fffffff8660, checkFn=..., Bldr=...,
Pred=0x60de3f8) at
../tools/clang/lib/StaticAnalyzer/Core/CheckerManager.cpp:176
#17 0x0000000001ef6408 in expandGraphWithCheckers<(anonymous
namespace)::CheckStmtContext> (checkCtx=..., Dst=..., Src=...) at
../tools/clang/lib/StaticAnalyzer/Core/CheckerManager.cpp:138
#18 0x0000000001ef5f9b in clang::ento::CheckerManager::runCheckersForStmt
(this=0x6067ee0, isPreVisit=true, Dst=..., Src=..., S=0x60d0f58, Eng=...,
WasInlined=false) at
../tools/clang/lib/StaticAnalyzer/Core/CheckerManager.cpp:191
#19 0x0000000001f3c545 in clang::ento::CheckerManager::runCheckersForPreStmt
(this=0x6067ee0, Dst=..., Src=..., S=0x60d0f58, Eng=...) at
../tools/clang/include/clang/StaticAnalyzer/Core/CheckerManager.h:207
#20 0x0000000001f4ecb5 in clang::ento::ExprEngine::VisitCast
(this=0x7fffffffaaf8, CastE=0x60d0f58, Ex=0x60d0f38, Pred=0x60de3f8, Dst=...)
at ../tools/clang/lib/StaticAnalyzer/Core/ExprEngineC.cpp:301
#21 0x0000000001f2ba13 in clang::ento::ExprEngine::Visit (this=0x7fffffffaaf8,
S=0x60d0f58, Pred=0x60de3f8, DstTop=...) at
../tools/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp:1644
#22 0x0000000001f27f1a in clang::ento::ExprEngine::ProcessStmt
(this=0x7fffffffaaf8, currStmt=0x60d0f58, Pred=0x60de360) at
../tools/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp:741
#23 0x0000000001f27bd9 in clang::ento::ExprEngine::processCFGElement
(this=0x7fffffffaaf8, E=..., Pred=0x60de360, StmtIdx=1, Ctx=0x7fffffffa5f8) at
../tools/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp:588
#24 0x0000000001f12e59 in clang::ento::CoreEngine::HandlePostStmt
(this=0x7fffffffab18, B=0x60d6568, StmtIdx=1, Pred=0x60de360) at
../tools/clang/lib/StaticAnalyzer/Core/CoreEngine.cpp:438
#25 0x0000000001f12721 in clang::ento::CoreEngine::dispatchWorkItem
(this=0x7fffffffab18, Pred=0x60de360, Loc=..., WU=...) at
../tools/clang/lib/StaticAnalyzer/Core/CoreEngine.cpp:192
#26 0x0000000001f122ae in clang::ento::CoreEngine::ExecuteWorkList
(this=0x7fffffffab18, L=0x60d8aa0, Steps=224997, InitState=...) at
../tools/clang/lib/StaticAnalyzer/Core/CoreEngine.cpp:148
#27 0x00000000018f8078 in clang::ento::ExprEngine::ExecuteWorkList
(this=0x7fffffffaaf8, L=0x60d8aa0, Steps=225000) at
../tools/clang/include/clang/StaticAnalyzer/Core/PathSensitive/ExprEngine.h:167
#28 0x00000000018902c8 in (anonymous
namespace)::AnalysisConsumer::RunPathSensitiveChecks (this=0x605c610,
D=0x60d0e98, IMode=clang::ento::ExprEngine::Inline_Regular,
VisitedCallees=0x7fffffffb0f8) at
../tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:740
#29 0x000000000188fc25 in (anonymous namespace)::AnalysisConsumer::HandleCode
(this=0x605c610, D=0x60d0e98, Mode=2,
IMode=clang::ento::ExprEngine::Inline_Regular, VisitedCallees=0x7fffffffb0f8)
at ../tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:715
#30 0x000000000188f7b6 in (anonymous
namespace)::AnalysisConsumer::HandleDeclsCallGraph (this=0x605c610,
LocalTUDeclsSize=4) at
../tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:506
#31 0x000000000188e1dd in (anonymous
namespace)::AnalysisConsumer::runAnalysisOnTranslationUnit (this=0x605c610,
C=...) at ../tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:553
#32 0x000000000188dcc3 in (anonymous
namespace)::AnalysisConsumer::HandleTranslationUnit (this=0x605c610, C=...) at
../tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:584
#33 0x000000000219bb71 in clang::MultiplexConsumer::HandleTranslationUnit
(this=0x605beb0, Ctx=...) at
../tools/clang/lib/Frontend/MultiplexConsumer.cpp:292
#34 0x00000000023e605d in clang::ParseAST (S=..., PrintStats=false,
SkipFunctionBodies=false) at ../tools/clang/lib/Parse/ParseAST.cpp:171
#35 0x000000000216308e in clang::ASTFrontendAction::ExecuteAction
(this=0x600f880) at ../tools/clang/lib/Frontend/FrontendAction.cpp:1035
#36 0x0000000002162ac0 in clang::FrontendAction::Execute (this=0x600f880) at
../tools/clang/lib/Frontend/FrontendAction.cpp:934
#37 0x00000000020fda74 in clang::CompilerInstance::ExecuteAction
(this=0x7fffffffb7e8, Act=...) at
../tools/clang/lib/Frontend/CompilerInstance.cpp:950
#38 0x00000000016c1a62 in clang::tooling::FrontendActionFactory::runInvocation
(this=0x7fffffffc7c0, Invocation=std::shared_ptr (empty) 0x0, Files=0x5fb73c0,
PCHContainerOps=..., DiagConsumer=0x7fffffffcb68) at
../tools/clang/lib/Tooling/Tooling.cpp:369
#39 0x0000000000f9437e in
clang::tidy::runClangTidy(clang::tidy::ClangTidyContext&,
clang::tooling::CompilationDatabase const&, llvm::ArrayRef<std::string>,
llvm::IntrusiveRefCntPtr<llvm::vfs::OverlayFileSystem>, bool,
llvm::StringRef)::ActionFactory::runInvocation(std::shared_ptr<clang::CompilerInvocation>,
clang::FileManager*, std::shared_ptr<clang::PCHContainerOperations>,
clang::DiagnosticConsumer*) (this=0x7fffffffc7c0, Invocation=warning: RTTI
symbol not found for class
'std::_Sp_counted_deleter<clang::CompilerInvocation*,
std::default_delete<clang::CompilerInvocation>, std::allocator<void>,
(__gnu_cxx::_Lock_policy)2>'
warning: RTTI symbol not found for class
'std::_Sp_counted_deleter<clang::CompilerInvocation*,
std::default_delete<clang::CompilerInvocation>, std::allocator<void>,
(__gnu_cxx::_Lock_policy)2>'
std::shared_ptr (count 2, weak 0) 0x6008810, Files=0x5fb73c0,
PCHContainerOps=warning: RTTI symbol not found for class
'std::_Sp_counted_deleter<clang::PCHContainerOperations*,
std::__shared_ptr<clang::PCHContainerOperations,
(__gnu_cxx::_Lock_policy)2>::_Deleter<std::allocator<clang::PCHContainerOperations>
>, std::allocator<clang::PCHContainerOperations>, (__gnu_cxx::_Lock_policy)2>'
warning: RTTI symbol not found for class
'std::_Sp_counted_deleter<clang::PCHContainerOperations*,
std::__shared_ptr<clang::PCHContainerOperations,
(__gnu_cxx::_Lock_policy)2>::_Deleter<std::allocator<clang::PCHContainerOperations>
>, std::allocator<clang::PCHContainerOperations>, (__gnu_cxx::_Lock_policy)2>'
std::shared_ptr (count 3, weak 0) 0x5fa8580, DiagConsumer=0x7fffffffcb68) at
../tools/clang/tools/extra/clang-tidy/ClangTidy.cpp:526
#40 0x00000000016c18f7 in clang::tooling::ToolInvocation::runInvocation
(this=0x7fffffffc348, BinaryName=0x5fa36c8
"/data/repo/master/llvm-master/build-all-Debug/bin/clang-tool",
Compilation=0x6007d50, Invocation=std::shared_ptr (empty) 0x0,
PCHContainerOps=std::shared_ptr (empty) 0x0) at
../tools/clang/lib/Tooling/Tooling.cpp:344
#41 0x00000000016c0a8f in clang::tooling::ToolInvocation::run
(this=0x7fffffffc348) at ../tools/clang/lib/Tooling/Tooling.cpp:329
#42 0x00000000016c2c75 in clang::tooling::ClangTool::run (this=0x7fffffffcc50,
Action=0x7fffffffc7c0) at ../tools/clang/lib/Tooling/Tooling.cpp:518
#43 0x0000000000f91a3b in clang::tidy::runClangTidy (Context=...,
Compilations=..., InputFiles=llvm::ArrayRef of length 1 = {...}, BaseFS=...,
EnableCheckProfile=false, StoreCheckProfile="") at
../tools/clang/tools/extra/clang-tidy/ClangTidy.cpp:547
#44 0x0000000000443900 in clang::tidy::clangTidyMain (argc=4,
argv=0x7fffffffda48) at
../tools/clang/tools/extra/clang-tidy/tool/ClangTidyMain.cpp:430
#45 0x0000000000442de2 in main (argc=5, argv=0x7fffffffda48) at
../tools/clang/tools/extra/clang-tidy/tool/ClangTidyMain.cpp:491
(gdb)
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20190405/86878f82/attachment.html>
More information about the llvm-bugs
mailing list