[llvm-bugs] [Bug 51842] New: analyzer fires assert with implicit moves in blocks in C mode

Tue Sep 14 01:30:20 PDT 2021

https://bugs.llvm.org/show_bug.cgi?id=51842

            Bug ID: 51842
           Summary: analyzer fires assert with implicit moves in blocks in
                    C mode
           Product: clang
           Version: trunk
          Hardware: PC
                OS: Windows NT
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
          Assignee: dcoughlin at apple.com
          Reporter: mizvekov at gmail.com
                CC: dcoughlin at apple.com, llvm-bugs at lists.llvm.org

Crashes when analyzing this program, with runtime checks enabled:
```
typedef struct {
  int x;
} S;

void foo() {
  ^{
    S s;
    return s;
  };
}
```
With: `clang -cc1 -analyze -w -analyzer-checker=core -fblocks`.

Backtrace:
```
Assertion failed: !location.getAs<NonLoc>() && "location cannot be a NonLoc.",
file ..\..\clang\lib\StaticAnalyzer\Core\ExprEngine.cpp, line 2967
PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash
backtrace, preprocessed source, and associated run script.
Stack dump:
0.      Program arguments: build\\dbg\\llvm\\bin\\clang.exe -cc1 -analyze -w
-analyzer-checker=core -fblocks -verify
..\\..\\clang\\test\\Analysis\\blocks-nrvo.c
1.      <eof> parser at end of file
2.      While analyzing stack:
        #0 Calling anonymous code
3.      ..\..\clang\test\Analysis\blocks-nrvo.c:12:12: Error evaluating
statement
4.      ..\..\clang\test\Analysis\blocks-nrvo.c:12:12: Error evaluating
statement
PS build\dbg> .\llvm\bin\clang.exe -cc1 -analyze -w -analyzer-checker=core
-fblocks -verify ..\..\clang\test\Analysis\blocks-nrvo.c
Assertion failed: !location.getAs<NonLoc>() && "location cannot be a NonLoc.",
file ..\..\clang\lib\StaticAnalyzer\Core\ExprEngine.cpp, line 2967
PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash
backtrace, preprocessed source, and associated run script.
Stack dump:
0.      Program arguments: build\\dbg\\llvm\\bin\\clang.exe -cc1 -analyze -w
-analyzer-checker=core -fblocks -verify
..\\..\\clang\\test\\Analysis\\blocks-nrvo.c
1.      <eof> parser at end of file
2.      While analyzing stack:


        #0 Calling anonymous code
3.      ..\..\clang\test\Analysis\blocks-nrvo.c:12:12: Error evaluating
statement
4.      ..\..\clang\test\Analysis\blocks-nrvo.c:12:12: Error evaluating
statement
 #0 0x00007ff7d03dd94c HandleAbort llvm\lib\Support\Windows\Signals.inc:408:0
 #1 0x00007ffa1179bc31 (C:\Windows\SYSTEM32\ucrtbased.dll+0x6bc31)
 #2 0x00007ffa1179d889 (C:\Windows\SYSTEM32\ucrtbased.dll+0x6d889)
 #3 0x00007ffa117a34b5 (C:\Windows\SYSTEM32\ucrtbased.dll+0x734b5)
 #4 0x00007ffa117a3027 (C:\Windows\SYSTEM32\ucrtbased.dll+0x73027)
 #5 0x00007ffa117a1091 (C:\Windows\SYSTEM32\ucrtbased.dll+0x71091)
 #6 0x00007ffa117a3a1f (C:\Windows\SYSTEM32\ucrtbased.dll+0x73a1f)
 #7 0x00007ff7d496fae2 clang::ento::ExprEngine::evalLoad(class
clang::ento::ExplodedNodeSet &, class clang::Expr const *, class clang::Expr
const *, class clang::ento::ExplodedNode *, class
llvm::IntrusiveRefCntPtr<class clang::ento::ProgramState const>, class
clang::ento::SVal, class clang::ProgramPointTag const *, class clang::QualType)
clang\lib\StaticAnalyzer\Core\ExprEngine.cpp:2967:0
 #8 0x00007ff7d4a7ba55 clang::ento::ExprEngine::VisitCast(class clang::CastExpr
const *, class clang::Expr const *, class clang::ento::ExplodedNode *, class
clang::ento::ExplodedNodeSet &)
clang\lib\StaticAnalyzer\Core\ExprEngineC.cpp:299:0
 #9 0x00007ff7d496a76f clang::ento::ExprEngine::Visit(class clang::Stmt const
*, class clang::ento::ExplodedNode *, class clang::ento::ExplodedNodeSet &)
clang\lib\StaticAnalyzer\Core\ExprEngine.cpp:1739:0
#10 0x00007ff7d4963b0f clang::ento::ExprEngine::ProcessStmt(class clang::Stmt
const *, class clang::ento::ExplodedNode *)
clang\lib\StaticAnalyzer\Core\ExprEngine.cpp:792:0
#11 0x00007ff7d496376b clang::ento::ExprEngine::processCFGElement(class
clang::CFGElement, class clang::ento::ExplodedNode *, unsigned int, struct
clang::ento::NodeBuilderContext *)
clang\lib\StaticAnalyzer\Core\ExprEngine.cpp:638:0
#12 0x00007ff7d49589e1 clang::ento::CoreEngine::HandlePostStmt(class
clang::CFGBlock const *, unsigned int, class clang::ento::ExplodedNode *)
clang\lib\StaticAnalyzer\Core\CoreEngine.cpp:470:0
#13 0x00007ff7d4959c05 clang::ento::CoreEngine::dispatchWorkItem(class
clang::ento::ExplodedNode *, class clang::ProgramPoint, class
clang::ento::WorkListUnit const &)
clang\lib\StaticAnalyzer\Core\CoreEngine.cpp:194:0
#14 0x00007ff7d4959707 clang::ento::CoreEngine::ExecuteWorkList(class
clang::LocationContext const *, unsigned int, class
llvm::IntrusiveRefCntPtr<class clang::ento::ProgramState const>)
clang\lib\StaticAnalyzer\Core\CoreEngine.cpp:148:0
#15 0x00007ff7d3bdd745 clang::ento::ExprEngine::ExecuteWorkList(class
clang::LocationContext const *, unsigned int)
clang\include\clang\StaticAnalyzer\Core\PathSensitive\ExprEngine.h:193:0
#16 0x00007ff7d3bc2a29 `anonymous
namespace'::AnalysisConsumer::RunPathSensitiveChecks
clang\lib\StaticAnalyzer\Frontend\AnalysisConsumer.cpp:680:0
#17 0x00007ff7d3bc27da `anonymous namespace'::AnalysisConsumer::HandleCode
clang\lib\StaticAnalyzer\Frontend\AnalysisConsumer.cpp:649:0
#18 0x00007ff7d3bc2304 `anonymous
namespace'::AnalysisConsumer::HandleDeclsCallGraph
clang\lib\StaticAnalyzer\Frontend\AnalysisConsumer.cpp:487:0
#19 0x00007ff7d3bc387f `anonymous
namespace'::AnalysisConsumer::runAnalysisOnTranslationUnit
clang\lib\StaticAnalyzer\Frontend\AnalysisConsumer.cpp:537:0
#20 0x00007ff7d3bc1f9c `anonymous
namespace'::AnalysisConsumer::HandleTranslationUnit
clang\lib\StaticAnalyzer\Frontend\AnalysisConsumer.cpp:568:0
#21 0x00007ff7d4abe1b8 clang::ParseAST(class clang::Sema &, bool, bool)
clang\lib\Parse\ParseAST.cpp:178:0
#22 0x00007ff7d18f8ab7 clang::ASTFrontendAction::ExecuteAction(void)
clang\lib\Frontend\FrontendAction.cpp:1060:0
#23 0x00007ff7d18f846e clang::FrontendAction::Execute(void)
clang\lib\Frontend\FrontendAction.cpp:955:0
#24 0x00007ff7d1878fd6 clang::CompilerInstance::ExecuteAction(class
clang::FrontendAction &) clang\lib\Frontend\CompilerInstance.cpp:974:0
#25 0x00007ff7d1ae21a7 clang::ExecuteCompilerInvocation(class
clang::CompilerInstance *)
clang\lib\FrontendTool\ExecuteCompilerInvocation.cpp:278:0
#26 0x00007ff7cdc0d294 cc1_main(class llvm::ArrayRef<char const *>, char const
*, void *) clang\tools\driver\cc1_main.cpp:246:0
#27 0x00007ff7cdbf8ed0 ExecuteCC1Tool clang\tools\driver\driver.cpp:317:0
#28 0x00007ff7cdbf976c main clang\tools\driver\driver.cpp:388:0
#29 0x00007ff7d7681559 invoke_main
d:\a01\_work\3\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:79:0
#30 0x00007ff7d76813fe __scrt_common_main_seh
d:\a01\_work\3\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:288:0
#31 0x00007ff7d76812be __scrt_common_main
d:\a01\_work\3\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:331:0
#32 0x00007ff7d76815ee mainCRTStartup
d:\a01\_work\3\s\src\vctools\crt\vcstartup\src\startup\exe_main.cpp:17:0
```

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20210914/a769522f/attachment.html>