[LLVMbugs] [Bug 15533] New: Static analyzer crashes when checking the nginx lua code base

bugzilla-daemon at llvm.org bugzilla-daemon at llvm.org
Sun Mar 17 16:55:34 PDT 2013


http://llvm.org/bugs/show_bug.cgi?id=15533

            Bug ID: 15533
           Summary: Static analyzer crashes when checking the nginx lua
                    code base
           Product: clang
           Version: trunk
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
          Assignee: kremenek at apple.com
          Reporter: agentzh at gmail.com
                CC: llvmbugs at cs.uiuc.edu
    Classification: Unclassified

Created attachment 10193
  --> http://llvm.org/bugs/attachment.cgi?id=10193&action=edit
The preprocessed C source and run script

I built a new clang from the latest SVN trunk:

    clang version 3.3 (trunk 177212)

with both llvm and compiler-rt updated from SVN at the same time. An earlier
SVN trunk before the 3.2 release did work properly.

When checking the ngx_http_lua_util.c file in the nginx lua module, the latest
clang crashes (an earlier SVN trunk did not crash).

Here is what I'm getting:

clang:
/home/agentzh/svn/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2140:
virtual bool
clang::ento::GRBugReporter::generatePathDiagnostic(clang::ento::PathDiagnostic
&, clang::ento::PathDiagnosticConsumer &, ArrayRef<clang::ento::BugReport *>
&): Assertion `R->isValid() && "Report selected by trimmed graph marked
invalid."' failed.
0  clang           0x000000000307641e llvm::sys::PrintStackTrace(_IO_FILE*) +
46
1  clang           0x00000000030766db
2  clang           0x000000000307693a
3  libpthread.so.0 0x000000388160efe0
4  libc.so.6       0x0000003880e35935 gsignal + 53
5  libc.so.6       0x0000003880e370e8 abort + 328
6  libc.so.6       0x0000003880e2e6a2
7  libc.so.6       0x0000003880e2e752
8  clang           0x00000000014b661f
clang::ento::GRBugReporter::generatePathDiagnostic(clang::ento::PathDiagnostic&,
clang::ento::PathDiagnosticConsumer&, llvm::ArrayRef<clang::ento::BugReport*>&)
+ 559
9  clang           0x00000000014bbb18
clang::ento::BugReporter::FlushReport(clang::ento::BugReport*,
clang::ento::PathDiagnosticConsumer&, llvm::ArrayRef<clang::ento::BugReport*>)
+ 648
10 clang           0x00000000014b63b5
clang::ento::BugReporter::FlushReport(clang::ento::BugReportEquivClass&) + 325
11 clang           0x00000000014b6130 clang::ento::BugReporter::FlushReports()
+ 512
12 clang           0x00000000012e3db2
13 clang           0x00000000012e3ad4
14 clang           0x00000000012e33d5
15 clang           0x00000000012e3038
16 clang           0x00000000012e20a7
17 clang           0x0000000000d13d89 clang::ParseAST(clang::Sema&, bool, bool)
+ 809
18 clang           0x00000000008504d8 clang::ASTFrontendAction::ExecuteAction()
+ 312
19 clang           0x000000000085004f clang::FrontendAction::Execute() + 191
20 clang           0x000000000081f51e
clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) + 782
21 clang           0x00000000007e31e4
clang::ExecuteCompilerInvocation(clang::CompilerInstance*) + 1028
22 clang           0x00000000007cfebb cc1_main(char const**, char const**, char
const*, void*) + 699
23 clang           0x00000000007dbb89 main + 473
24 libc.so.6       0x0000003880e21735 __libc_start_main + 245
25 clang           0x00000000007cfb25
Stack dump:
0.    Program arguments: /opt/llvm/bin/clang -cc1 -triple
x86_64-unknown-linux-gnu -analyze -disable-free -main-file-name
ngx_http_lua_util.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks
-analyzer-eagerly-assume -analyzer-checker=core -analyzer-checker=unix
-analyzer-checker=deadcode
-analyzer-checker=security.insecureAPI.UncheckedReturn
-analyzer-checker=security.insecureAPI.getpw
-analyzer-checker=security.insecureAPI.gets
-analyzer-checker=security.insecureAPI.mktemp
-analyzer-checker=security.insecureAPI.mkstemp
-analyzer-checker=security.insecureAPI.vfork -analyzer-output plist -w
-mrelocation-model static -fmath-errno -masm-verbose -mconstructor-aliases
-munwind-tables -fuse-init-array -target-cpu x86-64 -target-linker-version
2.22.52.0.1 -momit-leaf-frame-pointer -resource-dir
/opt/llvm/bin/../lib/clang/3.3 -D NDK_SET_VAR -D NDK_UPSTREAM_LIST -D
NDK_SET_VAR -I /opt/pcre821jit/include -I src/api -I nginx/src/core -I
nginx/src/event -I nginx/src/event/modules -I nginx/src/os/unix -I
../ndk-nginx-module/objs -I nginx/objs/addon/ndk -I nginx/objs -I
/usr/local/openresty-debug/luajit/include/luajit-2.0 -I
/opt/drizzle/include/libdrizzle-1.0 -I objs -I nginx/src/http -I
nginx/src/http/modules -I ../ndk-nginx-module/src -I nginx/src/mail
-internal-isystem /usr/local/include -internal-isystem
/opt/llvm/bin/../lib/clang/3.3/include -internal-externc-isystem /include
-internal-externc-isystem /usr/include -O2 -Wextra -Wall -Wno-unused-parameter
-Wunused-function -Wunused-variable -Wunused-value -Werror
-fdebug-compilation-dir /home/agentzh/git/lua-nginx-module -ferror-limit 19
-fmessage-length 127 -mstackrealign -fobjc-runtime=gcc
-fobjc-default-synthesize-properties -fdiagnostics-show-option
-fcolor-diagnostics -backend-option -vectorize-loops -o ngx_http_lua_util.plist
-x c src/ngx_http_lua_util.c 
1.    <eof> parser at end of file
clang: error: unable to execute command: Aborted (core dumped)
clang: error: clang frontend command failed due to signal (use -v to see
invocation)
clang version 3.3 (trunk 177212)
Target: x86_64-unknown-linux-gnu
Thread model: posix
clang: note: diagnostic msg: PLEASE submit a bug report to
http://llvm.org/bugs/ and include the crash backtrace, preprocessed source, and
associated run script.
clang: note: diagnostic msg: 
********************

PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
Preprocessed source(s) and associated run script(s) are located at:
clang: note: diagnostic msg: /tmp/ngx_http_lua_util-CZRJUs.c
clang: note: diagnostic msg: /tmp/ngx_http_lua_util-CZRJUs.sh
clang: note: diagnostic msg: 

********************

I've attached the files /tmp/ngx_http_lua_util-CZRJUs.c and
/tmp/ngx_http_lua_util-CZRJUs.sh to this report.

Thanks!
-agentzh

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20130317/bb12bfd3/attachment.html>


More information about the llvm-bugs mailing list