Description
The following code crashes the Clang Static Analyzer when built with assertions:
// =============================================================
enum PrimaryColors {
Color_Red = 0x01,
Color_Green = 0x02,
Color_Blue = 0x04,
Color_None = 0x00
};
extern void ReportMissing(PrimaryColors color);
struct ColorInfo {
PrimaryColors getColor() const { return m_color; }
PrimaryColors m_color;
};
void CheckColor(ColorInfo *pColorInfo, bool AllowSkip) {
extern bool SkipCheck;
if (SkipCheck || !pColorInfo) {
if (AllowSkip)
return;
}
if ((pColorInfo->getColor() & Color_Red) == 0)
ReportMissing(Color_Red);
}
// -------------------------------------------------------------
Specifically, using Clang 19.1.0:
$ clang++ --analyze test.cpp
clang++: /root/llvm-project/clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp:1290: bool isInitializationOfVar(const clang::ento::ExplodedNode*, const clang::ento::VarRegion*): Assertion `VR->getDecl()->isStaticLocal() && "non-static stackless VarRegion"' failed.
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
...
$
FTR, with a non-assetions compiler, it gets a sensible warning from the analyzer:
$ clang++ --analyze test.cpp
test.cpp:21:8: warning: Called C++ object pointer is null [core.CallAndMessage]
21 | if ((pColorInfo->getColor() & Color_Red) == 0)
| ^~~~~~~~~~~~~~~~~~~~~~
1 warning generated.
$
Looking through history, I see it passed with llvm 9.0, and crashes beginning with llvm 10.0.