[llvm-bugs] [Bug 42423] New: static analyzer makes incorrect assumption of dynamic type

via llvm-bugs llvm-bugs at lists.llvm.org
Thu Jun 27 06:10:41 PDT 2019 

https://bugs.llvm.org/show_bug.cgi?id=42423

            Bug ID: 42423
           Summary: static analyzer makes incorrect assumption of dynamic
                    type
           Product: clang
           Version: unspecified
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: C++
          Assignee: unassignedclangbugs at nondot.org
          Reporter: martongabesz at gmail.com
                CC: blitzrakete at gmail.com, dgregor at apple.com,
                    erik.pilkington at gmail.com, llvm-bugs at lists.llvm.org,
                    richard-llvm at metafoo.co.uk

Created attachment 22153
  --> https://bugs.llvm.org/attachment.cgi?id=22153&action=edit
reproducer

The following lit test fails, but it should pass.

 1 // RUN: %clang_analyze_cc1 -triple x86_64-pc-linux-gnu \
 2 // RUN:   -analyzer-checker=core,debug.ExprInspection \
 3 // RUN:   -verify %s
 4
 5 void clang_analyzer_eval(int);
 6
 7 struct B {
 8   virtual int f(int x) { return 0; }
 9 };
10
11 struct D : B {
12   virtual int f(int x) { return 1; }
13 };
14
15 void test_virt2(B* obj) {
16   // The dynamic type is known.
17   clang_analyzer_eval(B().f(1));  // expected-warning{{FALSE}}
18   clang_analyzer_eval(D().f(1));  // expected-warning{{TRUE}}
19   // We cannot decide about the dynamic type.
20   clang_analyzer_eval(obj->f(1)); // expected-warning{{UNKNOWN}}
22 }

This is the error:
Command Output (stderr):
--
error: 'warning' diagnostics seen but not expected:
  File
/home/egbomrt/WORK/llvm5/git/llvm-project/clang/test/Analysis/virtual_func_bug.cpp
Line 20: FALSE
1 error generated.

So, it seems like there is a state split at line 20. Maybe the analyzer assumes
that the `obj` has a concrete type `B` at one branch and at the other branch it
is unknown?

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20190627/ff63bb2e/attachment-0001.html>

More information about the llvm-bugs mailing list