
<div dir="ltr">Looks like one more failure (this time under ubsan) remains in this code<div><a href="http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux-fast/builds/6708/steps/check-clang%20ubsan/logs/stdio">http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux-fast/builds/6708/steps/check-clang%20ubsan/logs/stdio</a><br></div><div>Please fix asap. </div><div><pre style="font-family:"Courier New",courier,monotype,monospace;color:rgb(0,0,0);font-size:medium"><span class="gmail-stdout">/mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Core/LoopUnrolling.cpp:188:45: runtime error: member call on null pointer of type 'clang::LocationContext'

    #0 0x6aa767d in clang::ento::isUnrolledLoopBlock(clang::CFGBlock const*, clang::ento::ExplodedNode*, clang::ento::AnalysisManager&) /mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Core/LoopUnrolling.cpp:188:45

    #1 0x6a651ed in clang::ento::ExprEngine::processCFGBlockEntrance(clang::BlockEdge const&, clang::ento::NodeBuilderWithSinks&, clang::ento::ExplodedNode*) /mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp:1519:9

    #2 0x6a401a0 in clang::ento::CoreEngine::HandleBlockEdge(clang::BlockEdge const&, clang::ento::ExplodedNode*) /mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Core/CoreEngine.cpp:334:10

    #3 0x6a3fd33 in clang::ento::CoreEngine::dispatchWorkItem(clang::ento::ExplodedNode*, clang::ProgramPoint, clang::ento::WorkListUnit const&) /mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Core/CoreEngine.cpp:246:7

    #4 0x6a3f97b in clang::ento::CoreEngine::ExecuteWorkList(clang::LocationContext const*, unsigned int, llvm::IntrusiveRefCntPtr<clang::ento::ProgramState const>) /mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Core/CoreEngine.cpp:235:5

    #5 0x53edd9e in clang::ento::ExprEngine::ExecuteWorkList(clang::LocationContext const*, unsigned int) /mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/include/clang/StaticAnalyzer/Core/PathSensitive/ExprEngine.h:109:19

    #6 0x539ac8e in (anonymous namespace)::AnalysisConsumer::ActionExprEngine(clang::Decl*, bool, clang::ento::ExprEngine::InliningModes, llvm::DenseSet<clang::Decl const*, llvm::DenseMapInfo<clang::Decl const*> >*) /mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:717:7

    #7 0x539a478 in (anonymous namespace)::AnalysisConsumer::HandleCode(clang::Decl*, unsigned int, clang::ento::ExprEngine::InliningModes, llvm::DenseSet<clang::Decl const*, llvm::DenseMapInfo<clang::Decl const*> >*) /mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:685:5

    #8 0x538e22d in (anonymous namespace)::AnalysisConsumer::HandleDeclsCallGraph(unsigned int) /mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:498:5

    #9 0x538bb29 in (anonymous namespace)::AnalysisConsumer::HandleTranslationUnit(clang::ASTContext&) /mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:550:7

    #10 0x5462b99 in clang::ParseAST(clang::Sema&, bool, bool) /mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/Parse/ParseAST.cpp:159:13

    #11 0x3fc98f2 in clang::FrontendAction::Execute() /mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/Frontend/FrontendAction.cpp:902:8

    #12 0x3f57d74 in clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) /mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/Frontend/CompilerInstance.cpp:980:11

    #13 0x415a1ac in clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:251:25

    #14 0xe8a5fe in cc1_main(llvm::ArrayRef<char const*>, char const*, void*) /mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/clang/tools/driver/cc1_main.cpp:221:13

    #15 0xe7ca13 in ExecuteCC1Tool(llvm::ArrayRef<char const*>, llvm::StringRef) /mnt/b/sanitizer-buildbot3/sanitizer-x86_64-linux-fast/build/llvm/tools/cla</span></pre></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Jul 25, 2017 at 2:54 PM, Peter Szecsi via cfe-commits <span dir="ltr"><<a href="mailto:cfe-commits@lists.llvm.org" target="_blank">cfe-commits@lists.llvm.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Author: szepet<br>

Date: Tue Jul 25 14:54:58 2017<br>

New Revision: 309036<br>

<br>

URL: <a href="http://llvm.org/viewvc/llvm-project?rev=309036&view=rev" rel="noreferrer" target="_blank">http://llvm.org/viewvc/llvm-<wbr>project?rev=309036&view=rev</a><br>

Log:<br>

[StaticAnalyzer] LoopUnrolling - Attempt to fix a crash in r309006.<br>

<br>

<br>

Modified:<br>

    cfe/trunk/lib/StaticAnalyzer/<wbr>Core/LoopUnrolling.cpp<br>

<br>

Modified: cfe/trunk/lib/StaticAnalyzer/<wbr>Core/LoopUnrolling.cpp<br>

URL: <a href="http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/LoopUnrolling.cpp?rev=309036&r1=309035&r2=309036&view=diff" rel="noreferrer" target="_blank">http://llvm.org/viewvc/llvm-<wbr>project/cfe/trunk/lib/<wbr>StaticAnalyzer/Core/<wbr>LoopUnrolling.cpp?rev=309036&<wbr>r1=309035&r2=309036&view=diff</a><br>

==============================<wbr>==============================<wbr>==================<br>

--- cfe/trunk/lib/StaticAnalyzer/<wbr>Core/LoopUnrolling.cpp (original)<br>

+++ cfe/trunk/lib/StaticAnalyzer/<wbr>Core/LoopUnrolling.cpp Tue Jul 25 14:54:58 2017<br>

@@ -183,8 +183,10 @@ bool isUnrolledLoopBlock(const CFGBlock<br>

     LBV.setBlocksOfLoop(E.first, M);<br>

     // In case of an inlined function call check if any of its callSiteBlock is<br>

     // marked.<br>

-    while (SearchedBlock && BlockSet.find(SearchedBlock) == BlockSet.end()) {<br>

+    while (BlockSet.find(SearchedBlock) == BlockSet.end() && !StackFrame->inTopFrame()) {<br>

       SearchedBlock = StackFrame->getCallSiteBlock()<wbr>;<br>

+      if(!SearchedBlock)<br>

+        break;<br>

       StackFrame = StackFrame->getParent()-><wbr>getCurrentStackFrame();<br>

     }<br>

     delete M;<br>

<br>

<br>

______________________________<wbr>_________________<br>

cfe-commits mailing list<br>

<a href="mailto:cfe-commits@lists.llvm.org">cfe-commits@lists.llvm.org</a><br>

<a href="http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits" rel="noreferrer" target="_blank">http://lists.llvm.org/cgi-bin/<wbr>mailman/listinfo/cfe-commits</a><br>

</blockquote></div><br></div>