[LLVMbugs] [Bug 16085] New: Dominator analysis does not handle NULL successors

bugzilla-daemon Tue, 21 May 2013 03:55:04 -0700

http://llvm.org/bugs/show_bug.cgi?id=16085


            Bug ID: 16085
           Summary: Dominator analysis does not handle NULL successors
           Product: clang
           Version: trunk
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
          Assignee: [email protected]
          Reporter: [email protected]
                CC: [email protected]
    Classification: Unclassified

CFGBuilder introduces NULL successors if the terminator condition can be
evaluated to a boolean value.

These NULL successors are unexpected / unhandled elsewhere, including:
- clang::DominatorTree::dump() [DT->getNode(*I) may evaluate to 0]
- llvm::DFSPass() [Succ may evaluate to 0]

E.g.

$ echo "int main() { return 0 ? 0 : 0; }" | clang -cc1 -analyze
-analyzer-checker=debug.DumpDominators -x c -

segfaults with a null ptr dereference.


PS: This could be unhandled in code other than the dominator analysis as well.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

_______________________________________________
LLVMbugs mailing list
[email protected]
http://lists.cs.uiuc.edu/mailman/listinfo/llvmbugs

[LLVMbugs] [Bug 16085] New: Dominator analysis does not handle NULL successors

Reply via email to