clang: static analyzer crash when analyzing aspack.c

[edwintorok]

Bugzilla Link	3422
Resolution	FIXED
Resolved on	Jan 27, 2009 12:30
Version	unspecified
OS	Linux
Attachments	preprocessed file
CC	@tkremenek

Extended Description

On SVN r63101, x86-64 Linux:

ANALYZE: ../../../clamav-devel/libclamav/aspack.c readstream ANALYZE: ../../../clamav-devel/libclamav/aspack.c getdec ANALYZE: ../../../clamav-devel/libclamav/aspack.c build_decrypt_array ../../../clamav-devel/libclamav/aspack.c:147:3: warning: dead assignment i = 0; ^ ~ ANALYZE: ../../../clamav-devel/libclamav/aspack.c getbits ANALYZE: ../../../clamav-devel/libclamav/aspack.c build_decrypt_dictionaries ANALYZE: ../../../clamav-devel/libclamav/aspack.c decrypt ANALYZE: ../../../clamav-devel/libclamav/aspack.c decomp_block ANALYZE: ../../../clamav-devel/libclamav/aspack.c unaspack212 clang: /home/edwin/llvm-svn/llvm/include/llvm/Support/Casting.h:199: typename llvm::cast_retty<To, From>::ret_type llvm::cast(const Y&) [with X = clang::PointerType, Y = clang::Type]: Assertion `isa(Val) && "cast() argument of incompatible type!"' failed. 0 clang 0x0000000001036e4f 1 libc.so.6 0x00002b8d4aafbf60 2 libc.so.6 0x00002b8d4aafbed5 gsignal + 53 3 libc.so.6 0x00002b8d4aafd3f3 abort + 387 4 libc.so.6 0x00002b8d4aaf4dc9 __assert_fail + 233 5 clang 0x0000000000a6bb86 6 clang 0x0000000000a6a4d1 clang::ElementRegion::getRValueType(clang::ASTContext&) const + 97 7 clang 0x0000000000a6bb9a clang::TypedRegion::getLValueType(clang::ASTContext&) const + 10 8 clang 0x0000000000a14e8f 9 clang 0x0000000000a52533 clang::GRExprEngine::VisitCast(clang::Expr, clang::Expr, clang::ExplodedNode, clang::ExplodedNodeSet&) + 2675 10 clang 0x0000000000a4d317 clang::GRExprEngine::Visit(clang::Stmt, clang::ExplodedNode, clang::ExplodedNodeSet&) + 951 11 clang 0x0000000000a502a1 clang::GRExprEngine::VisitBinaryOperator(clang::BinaryOperator, clang::ExplodedNode, clang::ExplodedNodeSet&) + 545 12 clang 0x0000000000a4d2e8 clang::GRExprEngine::Visit(clang::Stmt, clang::ExplodedNode, clang::ExplodedNodeSet&) + 904 13 clang 0x0000000000a539cf clang::GRExprEngine::ProcessStmt(clang::Stmt, clang::GRStmtNodeBuilder&) + 591 14 clang 0x0000000000a58c65 clang::GRCoreEngine::ProcessStmt(clang::Stmt, clang::GRStmtNodeBuilderImpl&) + 85 15 clang 0x0000000000a4469d clang::GRCoreEngineImpl::HandlePostStmt(clang::PostStmt const&, clang::CFGBlock, unsigned int, clang::ExplodedNodeImpl) + 205 16 clang 0x0000000000a44b84 clang::GRCoreEngineImpl::ExecuteWorkList(unsigned int) + 484 17 clang 0x000000000059ad0c 18 clang 0x000000000059a715 19 clang 0x000000000059aac6 20 clang 0x0000000000a862e5 clang::ParseAST(clang::Preprocessor&, clang::ASTConsumer*, bool, bool) + 245 21 clang 0x00000000005cfe14 22 clang 0x00000000005d4d67 main + 1383 23 libc.so.6 0x00002b8d4aae81a6 __libc_start_main + 230 24 clang 0x0000000000592f89 std::ios_base::Init::~Init() + 65

[tkremenek]

Fixed: http://lists.cs.uiuc.edu/pipermail/cfe-commits/Week-of-Mon-20090126/011396.html

[edwintorok]

preprocessed file for second crash

[edwintorok]

Another crash with same message:

ANALYZE: ../../../clamav-devel/libclamav/pdf.c cli_pdf clang: /home/edwin/llvm-svn/llvm/include/llvm/Support/Casting.h:199: typename llvm::cast_retty<To, From>::ret_type llvm::cast(const Y&) [with X = clang::PointerType, Y = clang::Type]: Assertion `isa(Val) && "cast() argument of incompatible type!"' failed. 0 clang 0x0000000001036e4f 1 libc.so.6 0x00002b608b516f60 2 libc.so.6 0x00002b608b516ed5 gsignal + 53 3 libc.so.6 0x00002b608b5183f3 abort + 387 4 libc.so.6 0x00002b608b50fdc9 __assert_fail + 233 5 clang 0x0000000000a6bb86 6 clang 0x0000000000a6a4d1 clang::ElementRegion::getRValueType(clang::ASTContext&) const + 97 7 clang 0x0000000000a2d95a 8 clang 0x0000000000a2e9db 9 clang 0x0000000000a52bbf clang::GRExprEngine::VisitCallRec(clang::CallExpr, clang::ExplodedNode, clang::ExprIterator, clang::ExprIterator, clang::ExplodedNodeSet&, clang::FunctionTypeProto const, unsigned int) + 1151 10 clang 0x0000000000a52855 clang::GRExprEngine::VisitCallRec(clang::CallExpr, clang::ExplodedNode, clang::ExprIterator, clang::ExprIterator, clang::ExplodedNodeSet&, clang::FunctionTypeProto const, unsigned int) + 277 11 clang 0x0000000000a52855 clang::GRExprEngine::VisitCallRec(clang::CallExpr, clang::ExplodedNode, clang::ExprIterator, clang::ExprIterator, clang::ExplodedNodeSet&, clang::FunctionTypeProto const, unsigned int) + 277 12 clang 0x0000000000a52855 clang::GRExprEngine::VisitCallRec(clang::CallExpr, clang::ExplodedNode, clang::ExprIterator, clang::ExprIterator, clang::ExplodedNodeSet&, clang::FunctionTypeProto const, unsigned int) + 277 13 clang 0x0000000000a52855 clang::GRExprEngine::VisitCallRec(clang::CallExpr, clang::ExplodedNode, clang::ExprIterator, clang::ExprIterator, clang::ExplodedNodeSet&, clang::FunctionTypeProto const, unsigned int) + 277 14 clang 0x0000000000a53424 clang::GRExprEngine::VisitCall(clang::CallExpr, clang::ExplodedNode, clang::ExprIterator, clang::ExprIterator, clang::ExplodedNodeSet&) + 180 15 clang 0x0000000000a4d21c clang::GRExprEngine::Visit(clang::Stmt, clang::ExplodedNode, clang::ExplodedNodeSet&) + 700 16 clang 0x0000000000a539cf clang::GRExprEngine::ProcessStmt(clang::Stmt, clang::GRStmtNodeBuilder&) + 591 17 clang 0x0000000000a58c65 clang::GRCoreEngine::ProcessStmt(clang::Stmt, clang::GRStmtNodeBuilderImpl&) + 85 18 clang 0x0000000000a4469d clang::GRCoreEngineImpl::HandlePostStmt(clang::PostStmt const&, clang::CFGBlock, unsigned int, clang::ExplodedNodeImpl) + 205 19 clang 0x0000000000a44b84 clang::GRCoreEngineImpl::ExecuteWorkList(unsigned int) + 484 20 clang 0x000000000059ad0c 21 clang 0x000000000059a715 22 clang 0x000000000059aac6 23 clang 0x0000000000a862e5 clang::ParseAST(clang::Preprocessor&, clang::ASTConsumer*, bool, bool) + 245 24 clang 0x00000000005cfe14 25 clang 0x00000000005d4d67 main + 1383 26 libc.so.6 0x00002b608b5031a6 __libc_start_main + 230 27 clang 0x0000000000592f89 std::ios_base::Init::~Init() + 65