r309036 - [StaticAnalyzer] LoopUnrolling - Attempt to fix a crash in r309006.
Kostya Serebryany via cfe-commits
cfe-commits at lists.llvm.org
Tue Jul 25 16:23:32 PDT 2017
Looks like one more failure (this time under ubsan) remains in this code
http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux-fast/builds/6708/steps/check-clang%20ubsan/logs/stdio
Please fix asap.
/mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Core/LoopUnrolling.cpp:188:45:
runtime error: member call on null pointer of type
'clang::LocationContext'
#0 0x6aa767d in clang::ento::isUnrolledLoopBlock(clang::CFGBlock
const*, clang::ento::ExplodedNode*, clang::ento::AnalysisManager&)
/mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Core/LoopUnrolling.cpp:188:45
#1 0x6a651ed in
clang::ento::ExprEngine::processCFGBlockEntrance(clang::BlockEdge
const&, clang::ento::NodeBuilderWithSinks&,
clang::ento::ExplodedNode*)
/mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp:1519:9
#2 0x6a401a0 in
clang::ento::CoreEngine::HandleBlockEdge(clang::BlockEdge const&,
clang::ento::ExplodedNode*)
/mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Core/CoreEngine.cpp:334:10
#3 0x6a3fd33 in
clang::ento::CoreEngine::dispatchWorkItem(clang::ento::ExplodedNode*,
clang::ProgramPoint, clang::ento::WorkListUnit const&)
/mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Core/CoreEngine.cpp:246:7
#4 0x6a3f97b in
clang::ento::CoreEngine::ExecuteWorkList(clang::LocationContext
const*, unsigned int,
llvm::IntrusiveRefCntPtr<clang::ento::ProgramState const>)
/mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Core/CoreEngine.cpp:235:5
#5 0x53edd9e in
clang::ento::ExprEngine::ExecuteWorkList(clang::LocationContext
const*, unsigned int)
/mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/include/clang/StaticAnalyzer/Core/PathSensitive/ExprEngine.h:109:19
#6 0x539ac8e in (anonymous
namespace)::AnalysisConsumer::ActionExprEngine(clang::Decl*, bool,
clang::ento::ExprEngine::InliningModes, llvm::DenseSet<clang::Decl
const*, llvm::DenseMapInfo<clang::Decl const*> >*)
/mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:717:7
#7 0x539a478 in (anonymous
namespace)::AnalysisConsumer::HandleCode(clang::Decl*, unsigned int,
clang::ento::ExprEngine::InliningModes, llvm::DenseSet<clang::Decl
const*, llvm::DenseMapInfo<clang::Decl const*> >*)
/mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:685:5
#8 0x538e22d in (anonymous
namespace)::AnalysisConsumer::HandleDeclsCallGraph(unsigned int)
/mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:498:5
#9 0x538bb29 in (anonymous
namespace)::AnalysisConsumer::HandleTranslationUnit(clang::ASTContext&)
/mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:550:7
#10 0x5462b99 in clang::ParseAST(clang::Sema&, bool, bool)
/mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/Parse/ParseAST.cpp:159:13
#11 0x3fc98f2 in clang::FrontendAction::Execute()
/mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/Frontend/FrontendAction.cpp:902:8
#12 0x3f57d74 in
clang::CompilerInstance::ExecuteAction(clang::FrontendAction&)
/mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/Frontend/CompilerInstance.cpp:980:11
#13 0x415a1ac in
clang::ExecuteCompilerInvocation(clang::CompilerInstance*)
/mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:251:25
#14 0xe8a5fe in cc1_main(llvm::ArrayRef<char const*>, char const*,
void*) /mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/tools/driver/cc1_main.cpp:221:13
#15 0xe7ca13 in ExecuteCC1Tool(llvm::ArrayRef<char const*>,
llvm::StringRef)
/mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/cla
On Tue, Jul 25, 2017 at 2:54 PM, Peter Szecsi via cfe-commits <
cfe-commits at lists.llvm.org> wrote:
> Author: szepet
> Date: Tue Jul 25 14:54:58 2017
> New Revision: 309036
>
> URL: http://llvm.org/viewvc/llvm-project?rev=309036&view=rev
> Log:
> [StaticAnalyzer] LoopUnrolling - Attempt to fix a crash in r309006.
>
>
> Modified:
> cfe/trunk/lib/StaticAnalyzer/Core/LoopUnrolling.cpp
>
> Modified: cfe/trunk/lib/StaticAnalyzer/Core/LoopUnrolling.cpp
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/
> StaticAnalyzer/Core/LoopUnrolling.cpp?rev=309036&
> r1=309035&r2=309036&view=diff
> ============================================================
> ==================
> --- cfe/trunk/lib/StaticAnalyzer/Core/LoopUnrolling.cpp (original)
> +++ cfe/trunk/lib/StaticAnalyzer/Core/LoopUnrolling.cpp Tue Jul 25
> 14:54:58 2017
> @@ -183,8 +183,10 @@ bool isUnrolledLoopBlock(const CFGBlock
> LBV.setBlocksOfLoop(E.first, M);
> // In case of an inlined function call check if any of its
> callSiteBlock is
> // marked.
> - while (SearchedBlock && BlockSet.find(SearchedBlock) ==
> BlockSet.end()) {
> + while (BlockSet.find(SearchedBlock) == BlockSet.end() &&
> !StackFrame->inTopFrame()) {
> SearchedBlock = StackFrame->getCallSiteBlock();
> + if(!SearchedBlock)
> + break;
> StackFrame = StackFrame->getParent()->getCurrentStackFrame();
> }
> delete M;
>
>
> _______________________________________________
> cfe-commits mailing list
> cfe-commits at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20170725/17558328/attachment-0001.html>
More information about the cfe-commits
mailing list