[llvm-bugs] [Bug 46264] New: clang analyzer on crashes on RegionStoreManager::getBinding

via llvm-bugs llvm-bugs at lists.llvm.org
Wed Jun 10 00:17:45 PDT 2020 

https://bugs.llvm.org/show_bug.cgi?id=46264

            Bug ID: 46264
           Summary: clang analyzer on crashes on
                    RegionStoreManager::getBinding
           Product: clang
           Version: trunk
          Hardware: PC
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: Static Analyzer
          Assignee: dcoughlin at apple.com
          Reporter: hokein at google.com
                CC: dcoughlin at apple.com, llvm-bugs at lists.llvm.org

A testcase:

// ./clang-tidy -checks="-*,clang-analyzer*" /tmp/crash.cc
namespace a {
class b {
public:
  typedef int b::*c;
  operator c() { return d ? &b::d : 0; }
  int d;
};
} // namespace a
using a::b;
class e {
  void f();
  void g();
  b h;
};
void e::f() {
  e *i;
  if (h)
    i->g();
}



stack trace:

F0610 08:26:50.863129    7644 logging.cc:106] assert.h assertion failed at
/llvm-project/clang/lib/StaticAnalyzer/Core/RegionStore.cpp:1439 in
clang::ento::SVal (anonymous
namespace)::RegionStoreManager::getBinding(RegionBindingsConstRef,
clang::ento::Loc, clang::QualType): !T->isVoidType() && "Attempting to
dereference a void pointer!"
*** Check failure stack trace: ***
    @     0x55abd68e8646  __assert_fail
    @     0x55abd4fc9c72  (anonymous
namespace)::RegionStoreManager::getBinding()
    @     0x55abd4fc41be  (anonymous
namespace)::RegionStoreManager::getBinding()
    @     0x55abd4f25866  clang::ento::bugreporter::trackExpressionValue()
    @     0x55abd4f2c4c2  (anonymous namespace)::ReturnVisitor::VisitNode()
    @     0x55abd4f146fa  generateVisitorsDiagnostics()
    @     0x55abd4f10144 
clang::ento::PathSensitiveBugReporter::generatePathDiagnostics()
    @     0x55abd4f1327d 
clang::ento::PathSensitiveBugReporter::generateDiagnosticForConsumerMap()
    @     0x55abd4f0e0c0  clang::ento::BugReporter::FlushReport()
    @     0x55abd4f0df8b  clang::ento::BugReporter::FlushReports()
    @     0x55abd4c3628d  (anonymous namespace)::AnalysisConsumer::HandleCode()
    @     0x55abd4c164f3  (anonymous
namespace)::AnalysisConsumer::HandleTranslationUnit()
    @     0x55abd526976c  clang::MultiplexConsumer::HandleTranslationUnit()

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20200610/e9aaa1ec/attachment.html>

More information about the llvm-bugs mailing list