This is an archive of the discontinued LLVM Phabricator instance.

Assert in performTrivialCopy - Bug report and a possible solution
AbandonedPublic

Authored by szepet on Aug 24 2016, 2:01 PM.

Details

Summary

I ran into a bug, when I was implementing a checker and tested it on LLVM with CodeChecker. And I got the next error message:


I got the same results even when I tried to use MallocChecker or other (probably well tested) checkers. From that I draw the next conclusion: The error was probably triggered by the last changes of SymbolRecord.h (line:260, commit: https://reviews.llvm.org/rL270511#ffc63071 line:112 in the commit) and during the analysis of that line the getArgSVal() return an UndefinedVal. (It can happen, see: http://clang.llvm.org/doxygen/Environment_8cpp_source.html#l00069) And it seems the perfromTrivialCopy function does not handle this case. (If it should not happen than the call itself is the problem, but at least I could draw attention on this assert.)

I changed the code to accept UndefinedVal too and it seems working (okay,it is more precise to say it`s not asserting...), but I have only limited knowledge in this topic.

Diff Detail

Event Timeline

szepet updated this revision to Diff 69146.Aug 24 2016, 2:01 PM
szepet retitled this revision from to Assert in performTrivialCopy - Bug report and a possible solution.
szepet updated this object.
szepet added a reviewer: jordan_rose.
szepet added a subscriber: xazax.hun.
szepet updated this object.Aug 24 2016, 2:04 PM
dcoughlin edited edge metadata.Aug 24 2016, 7:18 PM

I'm not sure that weakening the assert is the right thing to do here. It seems like if V is undef that the analyzer ideally ought to have issued a diagnostic (and a sink) somewhere before. Do you have a test case that reproduces? (It would be good to add that to the tests in any event!).

Also: I think r270511 is unlikely to be the change that caused this -- that is a change in LLVM's treatment of DebugInfo, which shouldn't affect the analyzer.

Also: I think r270511 is unlikely to be the change that caused this -- that is a change in LLVM's treatment of DebugInfo, which shouldn't affect the analyzer.

I think Peter means that, that revision introduced the code that the analyzer fails to analyze (and not the bug in the analyzer).

zaks.anna edited edge metadata.Aug 26 2016, 11:06 AM

Also: I think r270511 is unlikely to be the change that caused this -- that is a change in LLVM's treatment of DebugInfo, which shouldn't affect the analyzer.

I think Peter means that, that revision introduced the code that the analyzer fails to analyze (and not the bug in the analyzer).

Can you add a reduced test case?

zaks.anna requested changes to this revision.Sep 12 2016, 10:48 AM
zaks.anna edited edge metadata.
This revision now requires changes to proceed.Sep 12 2016, 10:48 AM
szepet abandoned this revision.Oct 4 2016, 8:13 AM

At first I was not able to reproduce it. Then I realized it was my foul because I used the analyzer without the core checkers in this case. Sorry for the false positive.

Should this revision be closed?