UNREACHABLE at SimpleConstraintManager::assumeAux

martong commented 6 years ago
UNREACHABLE executed at ../../git/llvm/tools/clang/lib/StaticAnalyzer/Core/SimpleConstraintManager.cpp:68!
#0 0x00007fc907a5fec9 llvm::sys::PrintStackTrace(llvm::raw_ostream&) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/lib/Support/Unix/Signals.inc:398:11
#1 0x00007fc907a60079 PrintStackTraceSignalHandler(void*) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/lib/Support/Unix/Signals.inc:462:1
#2 0x00007fc907a5e623 llvm::sys::RunSignalHandlers() /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/lib/Support/Signals.cpp:0:5
#3 0x00007fc907a603d4 SignalHandler(int) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/lib/Support/Unix/Signals.inc:252:1
#4 0x00007fc906bf4390 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x11390)
#5 0x00007fc903eec428 gsignal /build/glibc-Cl5G7W/glibc-2.23/signal/../sysdeps/unix/sysv/linux/raise.c:54:0
#6 0x00007fc903eee02a abort /build/glibc-Cl5G7W/glibc-2.23/stdlib/abort.c:91:0
#7 0x00007fc907974200 LLVMInstallFatalErrorHandler /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/lib/Support/ErrorHandling.cpp:204:0
#8 0x00007fc8f98ff5c8 clang::ento::SimpleConstraintManager::assumeAux(llvm::IntrusiveRefCntPtr<clang::ento::ProgramState const>, clang::ento::NonLoc, bool) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Core/SimpleConstraintManager.cpp:0:5
#9 0x00007fc8f98ff377 clang::ento::SimpleConstraintManager::assume(llvm::IntrusiveRefCntPtr<clang::ento::ProgramState const>, clang::ento::NonLoc, bool) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Core/SimpleConstraintManager.cpp:47:11
#10 0x00007fc8f98ff2e2 clang::ento::SimpleConstraintManager::assume(llvm::IntrusiveRefCntPtr<clang::ento::ProgramState const>, clang::ento::DefinedSVal, bool) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Core/SimpleConstraintManager.cpp:42:10
#11 0x00007fc8f9f53ded clang::ento::ConstraintManager::assumeDual(llvm::IntrusiveRefCntPtr<clang::ento::ProgramState const>, clang::ento::DefinedSVal) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/include/clang/StaticAnalyzer/Core/PathSensitive/ConstraintManager.h:76:30
#12 0x00007fc8f9f51552 clang::ento::ProgramState::assume(clang::ento::DefinedOrUnknownSVal) const /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/include/clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h:674:9
#13 0x00007fc8fa1195d0 (anonymous namespace)::DereferenceChecker::checkBind(clang::ento::SVal, clang::ento::SVal, clang::Stmt const*, clang::ento::CheckerContext&) const /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp:259:40
#14 0x00007fc8fa1194ab void clang::ento::check::Bind::_checkBind<(anonymous namespace)::DereferenceChecker>(void*, clang::ento::SVal const&, clang::ento::SVal const&, clang::Stmt const*, clang::ento::CheckerContext&) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/include/clang/StaticAnalyzer/Core/Checker.h:216:3
#15 0x00007fc8f97c03c5 clang::ento::CheckerFn<void (clang::ento::SVal const&, clang::ento::SVal const&, clang::Stmt const*, clang::ento::CheckerContext&)>::operator()(clang::ento::SVal const&, clang::ento::SVal const&, clang::Stmt const*, clang::ento::CheckerContext&) const /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/include/clang/StaticAnalyzer/Core/CheckerManager.h:59:5
#16 0x00007fc8f97b42d1 (anonymous namespace)::CheckBindContext::runChecker(clang::ento::CheckerFn<void (clang::ento::SVal const&, clang::ento::SVal const&, clang::Stmt const*, clang::ento::CheckerContext&)>, clang::ento::NodeBuilder&, clang::ento::ExplodedNode*) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Core/CheckerManager.cpp:359:5
#17 0x00007fc8f97b1ab9 void expandGraphWithCheckers<(anonymous namespace)::CheckBindContext>((anonymous namespace)::CheckBindContext, clang::ento::ExplodedNodeSet&, clang::ento::ExplodedNodeSet const&) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Core/CheckerManager.cpp:122:20
#18 0x00007fc8f97b1813 clang::ento::CheckerManager::runCheckersForBind(clang::ento::ExplodedNodeSet&, clang::ento::ExplodedNodeSet const&, clang::ento::SVal, clang::ento::SVal, clang::Stmt const*, clang::ento::ExprEngine&, clang::ProgramPoint const&) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Core/CheckerManager.cpp:371:1
#19 0x00007fc8f97f5ba2 clang::ento::ExprEngine::evalBind(clang::ento::ExplodedNodeSet&, clang::Stmt const*, clang::ento::ExplodedNode*, clang::ento::SVal, clang::ento::SVal, bool, clang::ProgramPoint const*) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp:2548:23
#20 0x00007fc8f982705c clang::ento::ExprEngine::VisitDeclStmt(clang::DeclStmt const*, clang::ento::ExplodedNode*, clang::ento::ExplodedNodeSet&) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Core/ExprEngineC.cpp:616:9
#21 0x00007fc8f97f4e85 clang::ento::ExprEngine::Visit(clang::Stmt const*, clang::ento::ExplodedNode*, clang::ento::ExplodedNodeSet&) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp:1396:7
#22 0x00007fc8f97f1641 clang::ento::ExprEngine::ProcessStmt(clang::CFGStmt, clang::ento::ExplodedNode*) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp:566:5
#23 0x00007fc8f97f12fa clang::ento::ExprEngine::processCFGElement(clang::CFGElement, clang::ento::ExplodedNode*, unsigned int, clang::ento::NodeBuilderContext*) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp:410:7
#24 0x00007fc8f97d4b06 clang::ento::CoreEngine::HandlePostStmt(clang::CFGBlock const*, unsigned int, clang::ento::ExplodedNode*) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Core/CoreEngine.cpp:533:1
#25 0x00007fc8f97d4406 clang::ento::CoreEngine::dispatchWorkItem(clang::ento::ExplodedNode*, clang::ProgramPoint, clang::ento::WorkListUnit const&) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Core/CoreEngine.cpp:282:1
#26 0x00007fc8f97d3f68 clang::ento::CoreEngine::ExecuteWorkList(clang::LocationContext const*, unsigned int, llvm::IntrusiveRefCntPtr<clang::ento::ProgramState const>) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Core/CoreEngine.cpp:216:3
#27 0x00007fc8fb4ed925 clang::ento::ExprEngine::ExecuteWorkList(clang::LocationContext const*, unsigned int) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/include/clang/StaticAnalyzer/Core/PathSensitive/ExprEngine.h:114:19
#28 0x00007fc8fb48e1eb (anonymous namespace)::AnalysisConsumer::ActionExprEngine(clang::Decl*, bool, clang::ento::ExprEngine::InliningModes, llvm::DenseSet<clang::Decl const*, llvm::DenseMapInfo<clang::Decl const*> >*) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:720:7
#29 0x00007fc8fb48df81 (anonymous namespace)::AnalysisConsumer::RunPathSensitiveChecks(clang::Decl*, clang::ento::ExprEngine::InliningModes, llvm::DenseSet<clang::Decl const*, llvm::DenseMapInfo<clang::Decl const*> >*) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:742:5
#30 0x00007fc8fb48dc35 (anonymous namespace)::AnalysisConsumer::HandleCode(clang::Decl*, unsigned int, clang::ento::ExprEngine::InliningModes, llvm::DenseSet<clang::Decl const*, llvm::DenseMapInfo<clang::Decl const*> >*) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:688:15
#31 0x00007fc8fb48123e (anonymous namespace)::AnalysisConsumer::HandleDeclsCallGraph(unsigned int) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:500:5
#32 0x00007fc8fb47f4ad (anonymous namespace)::AnalysisConsumer::HandleTranslationUnit(clang::ASTContext&) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:555:5
#33 0x00007fc90503991e clang::MultiplexConsumer::HandleTranslationUnit(clang::ASTContext&) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/Frontend/MultiplexConsumer.cpp:0:15
#34 0x00007fc8fe69fde6 clang::ParseAST(clang::Sema&, bool, bool) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/Parse/ParseAST.cpp:159:13
#35 0x00007fc90500229c clang::ASTFrontendAction::ExecuteAction() /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/Frontend/FrontendAction.cpp:1000:1
#36 0x00007fc905001d10 clang::FrontendAction::Execute() /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/Frontend/FrontendAction.cpp:901:7
#37 0x00007fc904f76f1a clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/Frontend/CompilerInstance.cpp:992:7
#38 0x00007fc904b3dce6 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:252:8
#39 0x0000000000425649 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/tools/driver/cc1_main.cpp:221:11
#40 0x0000000000418189 ExecuteCC1Tool(llvm::ArrayRef<char const*>, llvm::StringRef) /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/tools/driver/driver.cpp:309:5
#41 0x0000000000416e8d main /home/egbomrt/WORK/llvm2/build/debug/../../git/llvm/tools/clang/tools/driver/driver.cpp:388:5
#42 0x00007fc903ed7830 __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/../csu/libc-start.c:325:0
#43 0x0000000000415cb9 _start (/home/egbomrt/WORK/llvm2/build/debug/bin/clang-6.0+0x415cb9)
martong commented 6 years ago
Causes sigabort during radiosw analysis.
martong commented 6 years ago
@dkrupp This issue is originated from a CTU analysis, but to solve it we need help from someone who has strong knowledge in the analyzer engine. @szelethus, are you interested?
Szelethus commented 6 years ago
I have little experience with CTU with ConstraintManager, but sure, I'd be happy to look into it :)
martong commented 6 years ago
This unreachable assert is the symptom of the more specific issue #469 .
Ericsson / clang

UNREACHABLE at SimpleConstraintManager::assumeAux #466
