search

llvm / llvm-project

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
http://llvm.org
Other
29.05k stars 11.98k forks source link

clang-analyzer crash: in clang::Decl::getAsFunction() ? #32166

Open LebedevRI opened 7 years ago

LebedevRI commented 7 years ago
Bugzilla Link 32819
Version trunk
OS Linux
Attachments reduced testcase (i'm not sure i reduced it properly), stderr, original preprocessed unreduced sources
CC @devincoughlin

Extended Description

clang version 5.0.0-svn301352-1~exp1 (trunk)

LebedevRI commented 7 years ago

I see, thanks!

Those are the arguments the driver passes to -cc1. Would you be willing to share the command line that you used? (i.e., the user interface to the tool.) Did you run the analyzer from clang-tidy? Did you use scan-build?

I used scan-build.

$ git clone https://github.com/darktable-org/rawspeed.git $ mkdir rawspeed/build && cd rawspeed/build scan-build-5.0 --help > checkslist manually keep only the checks, and only the check names, regex it so each check is prefixed with -enable-checker, drop debug checkers, and replace \n with " " $ scan-build-5.0 --use-cc=clang-5.0 --use-c++=clang++-5.0 $(cat checkslist) cmake ../ && scan-build-5.0 --use-cc=clang-5.0 --use-c++=clang++-5.0 $(cat checkslist) -v -v -v -maxloop 1024 make -j9

BTW that resulted in more clang-analyzer bug reports, but i believe there were only these two unique crashes, rest were duplicates.

We'd like to improve the analyzer/clang-tidy user interface so people don't run the all the alpha checks. The alpha checks are work in progress and often incomplete or not polished yet, so we want to make sure that users aren't accidentally running them.

That is why i opened #​32812 :)

devincoughlin commented 7 years ago

I see, thanks!

Those are the arguments the driver passes to -cc1. Would you be willing to share the command line that you used? (i.e., the user interface to the tool.) Did you run the analyzer from clang-tidy? Did you use scan-build?

We'd like to improve the analyzer/clang-tidy user interface so people don't run the all the alpha checks. The alpha checks are work in progress and often incomplete or not polished yet, so we want to make sure that users aren't accidentally running them.

LebedevRI commented 7 years ago

The execution arguments are in stderr file. I did try to creduce this, but i don't really know how to write proper interestingness test for this problem, so as you can see in this bug, i think reduction failed.

devincoughlin commented 7 years ago

Thanks for this report too!

Can you comment with the command-line you used to run the analyzer? This will help us to reproduce it.

LebedevRI commented 7 years ago 
bt

#​0 0x00007faa01951b8a llvm::sys::PrintStackTrace(llvm::raw_ostream&) (/usr/lib/x86_64-linux-gnu/libLLVM-5.0.so.1+0x863b8a)
#​1 0x00007faa0194fd1e llvm::sys::RunSignalHandlers() (/usr/lib/x86_64-linux-gnu/libLLVM-5.0.so.1+0x861d1e)
#​2 0x00007faa0194fe42 (/usr/lib/x86_64-linux-gnu/libLLVM-5.0.so.1+0x861e42)
#​3 0x00007faa043770c0 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x110c0)
#​4 0x000055a4fb158280 clang::Decl::getAsFunction() (/usr/lib/llvm-5.0/bin/clang+++0x158b280)
#​5 0x000055a4fad66cd4 (/usr/lib/llvm-5.0/bin/clang+++0x1199cd4)
#​6 0x000055a4faf918c7 (/usr/lib/llvm-5.0/bin/clang+++0x13c48c7)
#​7 0x000055a4faf92bda clang::ento::CheckerManager::runCheckersForCallEvent(bool, clang::ento::ExplodedNodeSet&, clang::ento::ExplodedNodeSet const&, clang::ento::CallEvent const&, clang::ento::ExprEngine&, bool) (/usr/lib/llvm-5.0/bin/clang+++0x13c5bda)
#​8 0x000055a4fafdc0ab clang::ento::ExprEngine::evalCall(clang::ento::ExplodedNodeSet&, clang::ento::ExplodedNode*, clang::ento::CallEvent const&) (/usr/lib/llvm-5.0/bin/clang+++0x140f0ab)
#​9 0x000055a4fafdc320 clang::ento::ExprEngine::VisitCallExpr(clang::CallExpr const*, clang::ento::ExplodedNode*, clang::ento::ExplodedNodeSet&) (/usr/lib/llvm-5.0/bin/clang+++0x140f320)
#​10 0x000055a4fafcae61 clang::ento::ExprEngine::Visit(clang::Stmt const*, clang::ento::ExplodedNode*, clang::ento::ExplodedNodeSet&) (/usr/lib/llvm-5.0/bin/clang+++0x13fde61)
#​11 0x000055a4fafccb7c clang::ento::ExprEngine::ProcessStmt(clang::CFGStmt, clang::ento::ExplodedNode*) (/usr/lib/llvm-5.0/bin/clang+++0x13ffb7c)
#​12 0x000055a4fafccda6 clang::ento::ExprEngine::processCFGElement(clang::CFGElement, clang::ento::ExplodedNode*, unsigned int, clang::ento::NodeBuilderContext*) (/usr/lib/llvm-5.0/bin/clang+++0x13ffda6)
#​13 0x000055a4faf9e71e clang::ento::CoreEngine::HandlePostStmt(clang::CFGBlock const*, unsigned int, clang::ento::ExplodedNode*) (/usr/lib/llvm-5.0/bin/clang+++0x13d171e)
#​14 0x000055a4faf9e8cc clang::ento::CoreEngine::dispatchWorkItem(clang::ento::ExplodedNode*, clang::ProgramPoint, clang::ento::WorkListUnit const&) (/usr/lib/llvm-5.0/bin/clang+++0x13d18cc)
#&#8203;15 0x000055a4faf9f40d clang::ento::CoreEngine::ExecuteWorkList(clang::LocationContext const*, unsigned int, llvm::IntrusiveRefCntPtr<clang::ento::ProgramState const>) (/usr/lib/llvm-5.0/bin/clang+++0x13d240d)
#&#8203;16 0x000055a4fa6bf649 (/usr/lib/llvm-5.0/bin/clang+++0xaf2649)
#&#8203;17 0x000055a4fa6bff67 (/usr/lib/llvm-5.0/bin/clang+++0xaf2f67)
#&#8203;18 0x000055a4fa6c8408 (/usr/lib/llvm-5.0/bin/clang+++0xafb408)
#&#8203;19 0x000055a4fa6cdb48 clang::ParseAST(clang::Sema&, bool, bool) (/usr/lib/llvm-5.0/bin/clang+++0xb00b48)
#&#8203;20 0x000055a4fa474c76 clang::FrontendAction::Execute() (/usr/lib/llvm-5.0/bin/clang+++0x8a7c76)
#&#8203;21 0x000055a4fa4473a6 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/usr/lib/llvm-5.0/bin/clang+++0x87a3a6)
#&#8203;22 0x000055a4fa4f5a22 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/usr/lib/llvm-5.0/bin/clang+++0x928a22)
#&#8203;23 0x000055a4fa0f0d48 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/usr/lib/llvm-5.0/bin/clang+++0x523d48)
#&#8203;24 0x000055a4fa0e0549 main (/usr/lib/llvm-5.0/bin/clang+++0x513549)
#&#8203;25 0x00007faa0028e2b1 __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b1)
#&#8203;26 0x000055a4fa0eed6a _start (/usr/lib/llvm-5.0/bin/clang+++0x521d6a)
Stack dump:
0.  Program arguments: ... (see stderr)
1.  <eof> parser at end of file
2.  While analyzing stack: 
    #0 ~unique_ptr<unsigned char, void (*)(void *)>() noexcept
    llvm/llvm-project#373 unique_ptr<rawspeed::uchar8, decltype(&alignedFree)> Buffer::Create(rawspeed::Buffer::size_type size)
    llvm/llvm-project#374 Buffer::Buffer(rawspeed::Buffer::size_type size_) : NULL TYPE(Create(size_), size_) {}
3.  /usr/lib64/gcc/x86_64-linux-gnu/6.3.0/../../../../include/c++/6.3.0/bits/unique_ptr.h:239:4: Error evaluating statement
4.  /usr/lib64/gcc/x86_64-linux-gnu/6.3.0/../../../../include/c++/6.3.0/bits/unique_ptr.h:239:4: Error evaluating statement
LebedevRI commented 7 years ago

assigned to @tkremenek