report of assertion failure in clang

Is this a known issue?

cristi:tmp diciu$ cat test.c

struct v
{
unsigned int m;
void * ref;
int z;
};

int main()
{
short buf[1];

buf[0] = 66;

struct v st2 = {
.ref = buf
};

st2.m = 10;

short * u = (short *)st2.ref;
printf(“%d\n”, *u);

return 0;
}

cristi:tmp diciu$ ~/Downloads/checker-137/clang -x c test.c -checker-cfref
test.c:16:10: warning: incompatible pointer to integer conversion initializing ‘short [1]’, expected ‘unsigned int’
.ref = buf
^~~
ANALYZE: test.c main
Assertion failed: (T->isPointerType()), function VisitCast, file GRExprEngine.cpp, line 1738.
0 clang 0x00a84582 std::vector<llvm::sys::Path, std::allocatorllvm::sys::Path >::_M_insert_aux(__gnu_cxx::__normal_iterator<llvm::sys::Path*, std::vector<llvm::sys::Path, std::allocatorllvm::sys::Path > >, llvm::sys::Path const&) + 7746
1 libSystem.B.dylib 0x96edd2bb _sigtramp + 43
2 libSystem.B.dylib 0xffffffff _sigtramp + 1762798959
3 libSystem.B.dylib 0x96f5123a raise + 26
4 libSystem.B.dylib 0x96f5d679 abort + 73
5 libSystem.B.dylib 0x96f523db __assert_rtn + 101
6 clang 0x00311d21 clang::CFGBlock::operator(unsigned long) const + 77345
7 clang 0x00309458 clang::CFGBlock::operator(unsigned long) const + 42328
8 clang 0x0030a5a4 clang::CFGBlock::operator(unsigned long) const + 46756
9 clang 0x00308f6a clang::CFGBlock::operator(unsigned long) const + 41066
10 clang 0x00314140 clang::CFGBlock::operator(unsigned long) const + 86592
11 clang 0x0031a741 clang::GRCoreEngineclang::GRExprEngine::ProcessStmt(clang::Stmt*, clang::GRStmtNodeBuilderImpl&) + 97
12 clang 0x002fe386 llvm::ImutAVLFactory<llvm::ImutKeyValueInfo<unsigned int, unsigned int> >::Add_internal(std::pair<unsigned int, unsigned int> const&, llvm::ImutAVLTree<llvm::ImutKeyValueInfo<unsigned int, unsigned int> >) + 9398
13 clang 0x002fe598 llvm::ImutAVLFactory<llvm::ImutKeyValueInfo<unsigned int, unsigned int> >::Add_internal(std::pair<unsigned int, unsigned int> const&, llvm::ImutAVLTree<llvm::ImutKeyValueInfo<unsigned int, unsigned int> >
) + 9928
14 clang 0x00008d7c llvm::cast_retty<clang::CXXRecordType, clang::Type*>::ret_type llvm::cast<clang::CXXRecordType, clang::Type*>(clang::Type* const&) + 9836
15 clang 0x00008638 llvm::cast_retty<clang::CXXRecordType, clang::Type*>::ret_type llvm::cast<clang::CXXRecordType, clang::Type*>(clang::Type* const&) + 7976
16 clang 0x00008be9 llvm::cast_retty<clang::CXXRecordType, clang::Type*>::ret_type llvm::cast<clang::CXXRecordType, clang::Type*>(clang::Type* const&) + 9433
17 clang 0x00356d3b clang::OverloadedFunctionDecl::getDeclContext() + 587
18 clang 0x000479f2 clang::TokenRewriter::AddTokenAfter(std::_List_const_iteratorclang::Token, char const*) + 5586
19 clang 0x0004ab34 clang::TokenRewriter::AddTokenAfter(std::_List_const_iteratorclang::Token, char const*) + 18196
20 clang 0x00001936 _mh_execute_header + 2358
Abort trap

Known issue…clang doesn’t support initializer lists that use designators (.ref notation below).

The code generator is suppose to issue a diagnostic I believe. Daniel?

snaroff

Yes, the root issue here is probably lack of support for designators.
However, I don't think the analyzer should be crashing unless we
happen to be creating invalid ASTs. Ted?

- Daniel

That's not a known issue. Please file a Bugzilla report (against the static analyzer) with this test case so we can keep track of it! Thanks!

The assertion failure is in the static analyzer, which is why I asked Cristian to file a new Bugzilla report. If Clang doesn’t reject code with designated initializers then the static analyzer should gracefully fail when it encounters them instead of crash.

Sure…I missed the -checker-cfref flag on the command line (should have looked more closely).

Sorry for the confusion,

snaroff

It’s under bugzillla #3297.

I’ve added a note on the bug entry - it looks like it’s the ordering in which the designated initializers appear which matters when triggering the bug (i.e. the void * member needs to be the first).

Thanks Cristian!