[PATCH] D12119: Analyzer: Fix a crasher in UbigraphViz
Ismail Pazarbasi via cfe-commits
cfe-commits at lists.llvm.org
Sat Aug 22 04:46:46 PDT 2015
ismailp added inline comments.
================
Comment at: lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:749
@@ -748,3 @@
-
- assert (Src != Dst && "Self-edges are not allowed.");
-
----------------
krememek wrote:
> Did you look at the test case that causes this assertion to fail? I think it would be good to know if this assertion is actually safe to remove. I'm a bit skeptical that it is safe to remove, and that (per my last review) that this may be detecting that an invariant is getting violated. If you are not certain how to investigate that part, please report which test is triggering the problem and myself or someone else familiar with the engine core can take a look. Thanks.
There wasn't a test that checks Ubigraph generator. After making the patch below, I picked a few existing tests, and added '-analyzer-viz-egraph-ubigraph' to their RUN lines. Then, I ran lit.py, and 'tests/Analysis/cfg.cpp' has crashed. I have minimized the test case to understand the problem.
Self-loop happens during implicit destructor of `Aggregate` in the following minimized test case:
```
struct LifetimeExtend { LifetimeExtend(int); ~LifetimeExtend(); };
struct Aggregate { const LifetimeExtend a; const LifetimeExtend b; };
void test_lifetime_extended_temporaries() {
{
Aggregate aggregate{LifetimeExtend(4), LifetimeExtend(4)};
4;
}
}
```
The destructor of `a` has a self-loop. My hypothesis is that `a` and `b` have the same `ProgramState`s. `b`'s destructor is visited first, since it's destroyed first. When destructor of `a` gets visited, analyzer calls `ProgramState::Profile` and finds the same state as `b`'s destructor. Therefore, both `a`'s destructor and `b`'s destructor have the same `ExplodedNode`. Do you think this is correct?
I have added -analyzer-viz-egraph-ubigraph to a few more C++ tests. I didn't observe any crash. However, I didn't verify that it generates correct ubigraph output.
http://reviews.llvm.org/D12119
More information about the cfe-commits
mailing list