Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enabling the LifetimeEnds CFGElement crashes the compiler during CFG construction #1026

Closed
sulekhark opened this issue Apr 13, 2021 · 0 comments
Closed

Enabling the LifetimeEnds CFGElement crashes the compiler during CFG construction #1026

sulekhark opened this issue Apr 13, 2021 · 0 comments

Comments

@sulekhark
Copy link
Contributor

Test case:

extern int bar(char *s, int n);

// test case from CodeGen/lifetime2.c
void backpatched_goto2() {
{
char x;
label:
bar(&x, 1);
}
goto label;
}
Command line: ./bin/clang -cc1 -analyze -analyzer-checker=debug.DumpCFG -analyzer-config cfg-lifetime=true,cfg-temporary-dtors=false,cfg-rich-constructors=false -analyzer-config cfg-implicit-dtors=false ../DEBUG_lifetime/r1.cpp

Crash Backtrace:

Starting program: /home/sulekha/Work/checkedc-clang/build/bin/clang -cc1 -analyze -analyzer-checker=debug.DumpCFG -analyzer-config cfg-lifetime=true,cfg-temporary-dtors=false,cfg-rich-constructors=false -analyzer-config cfg-implicit-dtors=false ../DEBUG_lifetime/r1.cpp
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
clang: /home/sulekha/Work/checkedc-clang/src/clang/lib/Analysis/CFG.cpp:333: int {anonymous}::LocalScope::const_iterator::distance({anonymous}::LocalScope::const_iterator): Assertion `F != const_iterator() && "L iterator is not reachable from F iterator."' failed.

Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) where
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1 0x00007ffff7a57859 in __GI_abort () at abort.c:79
#2 0x00007ffff7a57729 in __assert_fail_base (fmt=0x7ffff7bed588 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x555561fbc050 "F != const_iterator() && "L iterator is not reachable from F iterator."",
file=0x555561fbbd70 "/home/sulekha/Work/checkedc-clang/src/clang/lib/Analysis/CFG.cpp", line=333, function=) at assert.c:92
#3 0x00007ffff7a68f36 in GI___assert_fail (assertion=0x555561fbc050 "F != const_iterator() && "L iterator is not reachable from F iterator."", file=0x555561fbbd70 "/home/sulekha/Work/checkedc-clang/src/clang/lib/Analysis/CFG.cpp", line=333,
function=0x555561fbbff0 "int {anonymous}::LocalScope::const_iterator::distance({anonymous}::LocalScope::const_iterator)") at assert.c:101
#4 0x000055555dff2c85 in (anonymous namespace)::LocalScope::const_iterator::distance (this=0x7fffffffb970, L=...) at /home/sulekha/Work/checkedc-clang/src/clang/lib/Analysis/CFG.cpp:333
#5 0x000055555dff8fd7 in (anonymous namespace)::CFGBuilder::prependAutomaticObjLifetimeWithTerminator (this=0x7fffffffbb80, Blk=0x555564cac768, B=..., E=...) at /home/sulekha/Work/checkedc-clang/src/clang/lib/Analysis/CFG.cpp:2089
#6 0x000055555dff6d08 in (anonymous namespace)::CFGBuilder::buildCFG (this=0x7fffffffbb80, D=0x555564c85068, Statement=0x555564c85420) at /home/sulekha/Work/checkedc-clang/src/clang/lib/Analysis/CFG.cpp:1556
#7 0x000055555e003119 in clang::CFG::buildCFG (D=0x555564c85068, Statement=0x555564c85420, C=0x555564c2a940, BO=...) at /home/sulekha/Work/checkedc-clang/src/clang/lib/Analysis/CFG.cpp:4955
#8 0x000055555dfe0767 in clang::AnalysisDeclContext::getCFG (this=0x555564c3d820) at /home/sulekha/Work/checkedc-clang/src/clang/lib/Analysis/AnalysisDeclContext.cpp:218
#9 0x000055555bd5fe83 in clang::ento::AnalysisManager::getCFG (this=0x555564c45990, D=0x555564c85068) at /home/sulekha/Work/checkedc-clang/src/clang/include/clang/StaticAnalyzer/Core/PathSensitive/AnalysisManager.h:109
#10 0x000055555bcf1671 in (anonymous namespace)::AnalysisConsumer::HandleCode (this=0x555564c34600, D=0x555564c85068, Mode=1, IMode=clang::ento::ExprEngine::Inline_Minimal, VisitedCallees=0x0)
at /home/sulekha/Work/checkedc-clang/src/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:657
#11 0x000055555bceffcd in (anonymous namespace)::AnalysisConsumer::VisitFunctionDecl (this=0x555564c34600, FD=0x555564c85068) at /home/sulekha/Work/checkedc-clang/src/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:305
#12 0x000055555bd05848 in clang::RecursiveASTVisitor<(anonymous namespace)::AnalysisConsumer>::WalkUpFromFunctionDecl (this=0x555564c34600, D=0x555564c85068) at tools/clang/include/clang/AST/DeclNodes.inc:401
#13 0x000055555bcfa48d in clang::RecursiveASTVisitor<(anonymous namespace)::AnalysisConsumer>::TraverseFunctionDecl (this=0x555564c34600, D=0x555564c85068) at /home/sulekha/Work/checkedc-clang/src/clang/include/clang/AST/RecursiveASTVisitor.h:2060
#14 0x000055555bcf28d6 in clang::RecursiveASTVisitor<(anonymous namespace)::AnalysisConsumer>::TraverseDecl (this=0x555564c34600, D=0x555564c85068) at tools/clang/include/clang/AST/DeclNodes.inc:401
#15 0x000055555bcf0a0a in (anonymous namespace)::AnalysisConsumer::runAnalysisOnTranslationUnit (this=0x555564c34600, C=...) at /home/sulekha/Work/checkedc-clang/src/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:510
#16 0x000055555bcf0c46 in (anonymous namespace)::AnalysisConsumer::HandleTranslationUnit (this=0x555564c34600, C=...) at /home/sulekha/Work/checkedc-clang/src/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:544
#17 0x000055555c7670b7 in clang::ParseAST (S=..., PrintStats=false, SkipFunctionBodies=false) at /home/sulekha/Work/checkedc-clang/src/clang/lib/Parse/ParseAST.cpp:171
#18 0x000055555a338ec9 in clang::ASTFrontendAction::ExecuteAction (this=0x555564c15d90) at /home/sulekha/Work/checkedc-clang/src/clang/lib/Frontend/FrontendAction.cpp:1057
#19 0x000055555a338820 in clang::FrontendAction::Execute (this=0x555564c15d90) at /home/sulekha/Work/checkedc-clang/src/clang/lib/Frontend/FrontendAction.cpp:950
#20 0x000055555a2c92f5 in clang::CompilerInstance::ExecuteAction (this=0x555564c0aea0, Act=...) at /home/sulekha/Work/checkedc-clang/src/clang/lib/Frontend/CompilerInstance.cpp:984
#21 0x000055555a4d449f in clang::ExecuteCompilerInvocation (Clang=0x555564c0aea0) at /home/sulekha/Work/checkedc-clang/src/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:278
#22 0x0000555557aa68c5 in cc1_main (Argv=..., Argv0=0x7fffffffe539 "/home/sulekha/Work/checkedc-clang/build/bin/clang", MainAddr=0x555557a99eda <GetExecutablePath[abi:cxx11](char const*, bool)>) at /home/sulekha/Work/checkedc-clang/src/clang/tools/driver/cc1_main.cpp:240
#23 0x0000555557a9b783 in ExecuteCC1Tool (ArgV=...) at /home/sulekha/Work/checkedc-clang/src/clang/tools/driver/driver.cpp:330
#24 0x0000555557a9bf49 in main (argc=9, argv=0x7fffffffe298) at /home/sulekha/Work/checkedc-clang/src/clang/tools/driver/driver.cpp:407
sulekhark added a commit that referenced this issue Apr 16, 2021
@sulekhark
Fix for #1026: Enabling LifetimeEnds CFGElement crashes the compiler …
1d5b7e0 
…during CFG construction (#1028)

* Fix for the crash during CFG construction when CFGLifetimeEnds elements are added to the CFG.

* Incorporated review comments.
@secure-sw-dev-bot secure-sw-dev-bot mentioned this issue Jan 16, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sulekhark