search

llvm / llvm-project

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
http://llvm.org
Other
29.26k stars 12.08k forks source link

optin.mpi.MPI-Checker crashes on MPI_Wait in loop #48019

Open ZedThree opened 3 years ago

ZedThree commented 3 years ago
Bugzilla Link 48675
Version unspecified
OS Linux
Attachments Minimal crashing example
CC @devincoughlin

Extended Description

clang-tidy crashes when using the optin.mpi.MPI-Checker check on the attached source code.

$ clang-tidy -checks=-,clang-analyzer-optin.mpi ./checkUnmatchedWaits_mvce.cpp PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash backtrace. Stack dump:

  1. Program arguments: clang-tidy -checks=-,clang-analyzer-optin.mpi ./checkUnmatchedWaits_mvce.cpp
  2. parser at end of file
  3. While analyzing stack:

    ​0 Calling foo

  4. /home/peter/Learning/clang-tidy-crash/checkUnmatchedWaits_mvce.cpp:20:7: Error evaluating statement
  5. /home/peter/Learning/clang-tidy-crash/checkUnmatchedWaits_mvce.cpp:20:7: Error evaluating statement

    ​0 0x00007fa6e923a76d llvm::sys::PrintStackTrace(llvm::raw_ostream&) (/usr/bin/../lib64/libLLVM.so.11+0xa5076d)

    ​1 0x00007fa6e92380e0 llvm::sys::RunSignalHandlers() (/usr/bin/../lib64/libLLVM.so.11+0xa4e0e0)

    ​2 0x00007fa6e923ad22 (/usr/bin/../lib64/libLLVM.so.11+0xa50d22)

    ​3 0x00007fa6f135f1d0 __restore_rt (/lib64/libpthread.so.0+0x141d0)

    ​4 0x00007fa6f098a879 clang::ento::mpi::MPIChecker::checkUnmatchedWaits(clang::ento::CallEvent const&, clang::ento::CheckerContext&) const (/usr/bin/../lib64/libclang-cpp.so.11+0x2ce1879)

    ​5 0x00007fa6f098cef4 (/usr/bin/../lib64/libclang-cpp.so.11+0x2ce3ef4)

    ​6 0x00007fa6f070dffa clang::ento::CheckerManager::runCheckersForCallEvent(bool, clang::ento::ExplodedNodeSet&, clang::ento::ExplodedNodeSet const&, clang::ento::CallEvent const&, clang::ento::ExprEngine&, bool) (/usr/bin/../lib64/libclang-cpp.so.11+0x2a64ffa)

    ​7 0x00007fa6f074f0d6 clang::ento::ExprEngine::evalCall(clang::ento::ExplodedNodeSet&, clang::ento::ExplodedNode*, clang::ento::CallEvent const&) (/usr/bin/../lib64/libclang-cpp.so.11+0x2aa60d6)

    ​8 0x00007fa6f074eea4 clang::ento::ExprEngine::VisitCallExpr(clang::CallExpr const, clang::ento::ExplodedNode, clang::ento::ExplodedNodeSet&) (/usr/bin/../lib64/libclang-cpp.so.11+0x2aa5ea4)

    ​9 0x00007fa6f07324d2 clang::ento::ExprEngine::Visit(clang::Stmt const, clang::ento::ExplodedNode, clang::ento::ExplodedNodeSet&) (/usr/bin/../lib64/libclang-cpp.so.11+0x2a894d2)

    ​10 0x00007fa6f072d8f2 clang::ento::ExprEngine::ProcessStmt(clang::Stmt const, clang::ento::ExplodedNode) (/usr/bin/../lib64/libclang-cpp.so.11+0x2a848f2)

    ​11 0x00007fa6f072d5ca clang::ento::ExprEngine::processCFGElement(clang::CFGElement, clang::ento::ExplodedNode, unsigned int, clang::ento::NodeBuilderContext) (/usr/bin/../lib64/libclang-cpp.so.11+0x2a845ca)

    ​12 0x00007fa6f07176d4 clang::ento::CoreEngine::dispatchWorkItem(clang::ento::ExplodedNode*, clang::ProgramPoint, clang::ento::WorkListUnit const&) (/usr/bin/../lib64/libclang-cpp.so.11+0x2a6e6d4)

    ​13 0x00007fa6f07172e7 clang::ento::CoreEngine::ExecuteWorkList(clang::LocationContext const*, unsigned int, llvm::IntrusiveRefCntPtr) (/usr/bin/../lib64/libclang-cpp.so.11+0x2a6e2e7)

    ​14 0x00007fa6f0b3fb43 (/usr/bin/../lib64/libclang-cpp.so.11+0x2e96b43)

    ​15 0x00007fa6f0b12afa (/usr/bin/../lib64/libclang-cpp.so.11+0x2e69afa)

    ​16 0x00007fa6f048a3dc clang::MultiplexConsumer::HandleTranslationUnit(clang::ASTContext&) (/usr/bin/../lib64/libclang-cpp.so.11+0x27e13dc)

    ​17 0x00007fa6ee5ee8a5 clang::ParseAST(clang::Sema&, bool, bool) (/usr/bin/../lib64/libclang-cpp.so.11+0x9458a5)

    ​18 0x00007fa6f04541a4 clang::FrontendAction::Execute() (/usr/bin/../lib64/libclang-cpp.so.11+0x27ab1a4)

    ​19 0x00007fa6f0407fed clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/usr/bin/../lib64/libclang-cpp.so.11+0x275efed)

    ​20 0x00007fa6f067d753 clang::tooling::FrontendActionFactory::runInvocation(std::shared_ptr, clang::FileManager, std::shared_ptr, clang::DiagnosticConsumer) (/usr/bin/../lib64/libclang-cpp.so.11+0x29d4753)

    ​21 0x00000000008f9771 (/usr/bin/clang-tidy-11.0.0+0x8f9771)

    ​22 0x00007fa6f067d425 clang::tooling::ToolInvocation::runInvocation(char const, clang::driver::Compilation, std::shared_ptr, std::shared_ptr) (/usr/bin/../lib64/libclang-cpp.so.11+0x29d4425)

    ​23 0x00007fa6f067c75f clang::tooling::ToolInvocation::run() (/usr/bin/../lib64/libclang-cpp.so.11+0x29d375f)

    ​24 0x00007fa6f067ebb0 clang::tooling::ClangTool::run(clang::tooling::ToolAction*) (/usr/bin/../lib64/libclang-cpp.so.11+0x29d5bb0)

    ​25 0x00000000008f4fad (/usr/bin/clang-tidy-11.0.0+0x8f4fad)

    ​26 0x00000000004391dc (/usr/bin/clang-tidy-11.0.0+0x4391dc)

    ​27 0x00007fa6e8320152 __libc_start_main /usr/src/debug/glibc-2.32-4.1.x86_64/csu/../csu/libc-start.c:314:16

    ​28 0x0000000000436e3e (/usr/bin/clang-tidy-11.0.0+0x436e3e)

    Segmentation fault (core dumped)

I've reduced the failing code down to a single function:

include

extern bool condition();

void foo(int loop, int proc_in, int proc_out) { for (int i = 0; i < loop; i++) { MPI_Request req; double in; double out;

if (condition()) {
  MPI_Irecv(&in, 1, MPI_DOUBLE, proc_in, 0, MPI_COMM_WORLD, &req);
}

if (condition()) {
  MPI_Send(&out, 1, MPI_DOUBLE, proc_out, 0, MPI_COMM_WORLD);
}

if (condition()) {
  MPI_Wait(&req, MPI_STATUS_IGNORE);  // Line 20, crash
}

} }

The conditionals and loop are both needed to cause the crash. A compile_commands.json with the MPI include path is needed too.

llvmbot commented 3 years ago

This appears to be a static analyser bug rather than clang tidy

ZedThree commented 3 years ago

assigned to @devincoughlin