search

thradams / cake

Cake a C23 front end and transpiler written in C
http://thradams.com/cake/index.html
GNU General Public License v3.0
533 stars 21 forks source link

Segmentation fault in flow analysis (`-fanalyzer`) #156

Closed iphydf closed 2 months ago

iphydf commented 6 months ago 
typedef struct {
  char b;
  _Bool d;
} e;
e *f;
void g() {
  for (int c;;) {
    e *a = &f[c];
  }
}

The variable can also be a parameter:

typedef struct {
  char d;
  _Bool e;
} f;
void g(f *b) {
  for (int c; c < 10; ++c) {                                                                                                                      
    f *a = &b[c];
  }
}

Error:

#21 1.063 Program received signal SIGSEGV, Segmentation fault.
#21 1.063 0x000000000042806b in set_object_state (ctx=0x7ffd6ebaf480, p_type=0x7fef075beb40, p_object=0x7fef075a1eb8, p_source_type=0x7fef075beb40, p_object_source=0x48, error_position=0x7fef075be020) at object.c:787
#21 1.063 787           p_object->state = p_object_source->state;
#21 1.063 #0  0x000000000042806b in set_object_state (ctx=0x7ffd6ebaf480, 
#21 1.063     p_type=0x7fef075beb40, p_object=0x7fef075a1eb8, 
#21 1.063     p_source_type=0x7fef075beb40, p_object_source=0x48, 
#21 1.063     error_position=0x7fef075be020) at object.c:787
#21 1.063 #1  0x0000000000427c1b in set_object_state (ctx=0x7ffd6ebaf480, 
#21 1.063     p_type=0x7ffd6ebae450, p_object=0x7fef075be660, 
#21 1.063     p_source_type=0x7fef075bb698, p_object_source=0x7ffd6ebaea10, 
#21 1.063     error_position=0x7fef075be020) at object.c:668
#21 1.066 #2  0x000000000042802e in set_object_state (ctx=0x7ffd6ebaf480, 
#21 1.066     p_type=0x7fef075bb5e0, p_object=0x7fef075bb598, 
#21 1.066     p_source_type=0x7fef075bb698, p_object_source=0x7ffd6ebaea10, 
#21 1.066     error_position=0x7fef075be020) at object.c:770
#21 1.066 #3  0x000000000042a348 in object_assignment (ctx=0x7ffd6ebaf480, 
#21 1.066     p_source_obj_opt=0x7ffd6ebaea10, p_source_obj_type=0x7fef075bb698, 
#21 1.066     p_dest_obj_opt=0x7fef075bb598, p_dest_obj_type=0x7fef075bb5e0, 
#21 1.066     error_position=0x7fef075be020, bool_source_zero_value=false, 
#21 1.066     source_state_after=OBJECT_STATE_MOVED, 
#21 1.066     assigment_type=ASSIGMENT_TYPE_OBJECTS) at object.c:1820
#21 1.066 #4  0x00000000004436df in flow_visit_init_declarator_list (
#21 1.066     ctx=0x7ffd6ebaeeb0, p_init_declarator_list=0x7fef075a1458)
#21 1.066     at flow_visit.c:2516
#21 1.066 #5  0x0000000000442c21 in flow_visit_declaration (ctx=0x7ffd6ebaeeb0, 
#21 1.066     p_declaration=0x7fef075a1440) at flow_visit.c:2843
#21 1.067 #6  0x0000000000445f5c in flow_visit_block_item (ctx=0x7ffd6ebaeeb0, 
#21 1.067     p_block_item=0x7fef075bb290) at flow_visit.c:2123
#21 1.067 #7  0x0000000000445f03 in flow_visit_block_item_list (ctx=0x7ffd6ebaeeb0, 
#21 1.067     p_block_item_list=0x7fef07599b20) at flow_visit.c:2141
#21 1.067 #8  0x00000000004439cd in flow_visit_compound_statement (ctx=0x7ffd6ebaeeb0, 
#21 1.067     p_compound_statement=0x7fef07599b10) at flow_visit.c:1774
#21 1.067 #9  0x00000000004460e3 in flow_visit_primary_block (ctx=0x7ffd6ebaeeb0, 
#21 1.067     p_primary_block=0x7fef075bb260) at flow_visit.c:2061
#21 1.067 #10 0x0000000000445ffc in flow_visit_unlabeled_statement (ctx=0x7ffd6ebaeeb0, 
#21 1.067     p_unlabeled_statement=0x7fef075cb2f0) at flow_visit.c:2083
#21 1.067 #11 0x0000000000446c0f in flow_visit_statement (ctx=0x7ffd6ebaeeb0, 
#21 1.067     p_statement=0x7fef075cb2d0) at flow_visit.c:2109
#21 1.067 #12 0x0000000000446ba1 in flow_visit_secondary_block (ctx=0x7ffd6ebaeeb0, 
#21 1.067     p_secondary_block=0x7fef075cb2b0) at flow_visit.c:440
#21 1.068 #13 0x0000000000446b4b in flow_visit_for_statement (ctx=0x7ffd6ebaeeb0, 
#21 1.068     p_iteration_statement=0x7fef07599a90) at flow_visit.c:1941
#21 1.068 #14 0x0000000000446533 in flow_visit_iteration_statement (ctx=0x7ffd6ebaeeb0, 
#21 1.068     p_iteration_statement=0x7fef07599a90) at flow_visit.c:1959
#21 1.068 #15 0x0000000000446108 in flow_visit_primary_block (ctx=0x7ffd6ebaeeb0, 
#21 1.068     p_primary_block=0x7fef075bb170) at flow_visit.c:2065
#21 1.068 #16 0x0000000000445ffc in flow_visit_unlabeled_statement (ctx=0x7ffd6ebaeeb0, 
#21 1.068     p_unlabeled_statement=0x7fef075cb250) at flow_visit.c:2083
#21 1.068 #17 0x0000000000445f81 in flow_visit_block_item (ctx=0x7ffd6ebaeeb0, 
#21 1.068     p_block_item=0x7fef075bb140) at flow_visit.c:2127
#21 1.068 #18 0x0000000000445f03 in flow_visit_block_item_list (ctx=0x7ffd6ebaeeb0, 
#21 1.068     p_block_item_list=0x7fef07599a60) at flow_visit.c:2141
#21 1.069 #19 0x00000000004439cd in flow_visit_compound_statement (ctx=0x7ffd6ebaeeb0, 
#21 1.069     p_compound_statement=0x7fef07599a50) at flow_visit.c:1774
#21 1.072 #20 0x0000000000442cac in flow_visit_declaration (ctx=0x7ffd6ebaeeb0, 
#21 1.072     p_declaration=0x7fef075cb7a0) at flow_visit.c:2857
#21 1.072 #21 0x0000000000443ab7 in flow_start_visit_declaration (ctx=0x7ffd6ebaeeb0, 
#21 1.072     p_declaration=0x7fef075cb7a0) at flow_visit.c:2879
#21 1.073 #22 0x000000000042f9af in function_definition_or_declaration (
#21 1.073     ctx=0x7ffd6ebaf480) at parser.c:2142
#21 1.073 #23 0x00000000004391e5 in external_declaration (ctx=0x7ffd6ebaf480)
#21 1.073     at parser.c:6467
#21 1.073 #24 0x000000000043914f in translation_unit (ctx=0x7ffd6ebaf480, 
#21 1.073     berror=0x7ffd6ebaefcf) at parser.c:6448
#21 1.073 #25 0x00000000004392a6 in parse (ctx=0x7ffd6ebaf480, list=0x7ffd6ebaf170, 
#21 1.073     berror=0x7ffd6ebaf0df) at parser.c:6547
#21 1.074 #26 0x0000000000439f32 in compile_one_file (
#21 1.074     file_name=0x7ffd6ebaf960 "/src/workspace/c-toxcore/crash.c", 
#21 1.074     options=0x7ffd6ebb0358, 
#21 1.074     out_file_name=0x7ffd6ebaff60 "/src/workspace/c-toxcore/out/crash.c", 
#21 1.074     argc=3, argv=0x7ffd6ebb05d8, report=0x7ffd6ebb0568) at parser.c:6834
#21 1.074 #27 0x000000000043a575 in compile (argc=3, argv=0x7ffd6ebb05d8, 
#21 1.074     report=0x7ffd6ebb0568) at parser.c:7067
#21 1.074 #28 0x000000000044910f in main (argc=3, argv=0x7ffd6ebb05d8) at main.c:59