| Issue |
104801
|
| Summary |
[analyzer] Analyzer crashes with #pragma omp parallel for
|
| Labels |
new issue
|
| Assignees |
|
| Reporter |
VReichelt
|
The clang analyzer runs into an assertion when running the command `clang++ --analyze -fopenmp -c bug.cc` on the following code:
```
int* foo(int m, int n)
{
int* p = new int[m];
for (int i = 0; i < m; ++i)
p[i] = 1;
#pragma omp parallel for
for (int i = 0; i < n; ++i)
p[i] += 2;
return p;
}
```
Assertion:
```
clang++: /tmp/LLVM/llvm-project/clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp:1290: bool isInitializationOfVar(const clang::ento::ExplodedNode*, const clang::ento::VarRegion*): Assertion `VR->getDecl()->isStaticLocal() && "non-static stackless VarRegion"' failed.
```
This happens at least since version 16.0.0 and is still reproducible with today's git revision.
Stack dump:
```
0. Program arguments: /LLVM/bin/clang++ --analyze -fopenmp bug.cc
1. <eof> parser at end of file
#0 0x00000000037e2718 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/LLVM/bin/clang+++0x37e2718)
#1 0x00000000037e057c llvm::sys::CleanupOnSignal(unsigned long) (/LLVM/bin/clang+++0x37e057c)
#2 0x000000000372c200 CrashRecoverySignalHandler(int) CrashRecoveryContext.cpp:0:0
#3 0x00007fccbb312ce0 __restore_rt (/lib64/libpthread.so.0+0x12ce0)
#4 0x00007fccb9d91a9f raise (/lib64/libc.so.6+0x4ea9f)
#5 0x00007fccb9d64e05 abort (/lib64/libc.so.6+0x21e05)
#6 0x00007fccb9d64cd9 _nl_load_domain.cold.0 (/lib64/libc.so.6+0x21cd9)
#7 0x00007fccb9d8a3f6 (/lib64/libc.so.6+0x473f6)
#8 0x000000000587e69a (anonymous namespace)::StoreSiteFinder::VisitNode(clang::ento::ExplodedNode const*, clang::ento::BugReporterContext&, clang::ento::PathSensitiveBugReport&) BugReporterVisitors.cpp:0:0
#9 0x000000000586d258 generateVisitorsDiagnostics(clang::ento::PathSensitiveBugReport*, clang::ento::ExplodedNode const*, clang::ento::BugReporterContext&) BugReporter.cpp:0:0
#10 0x000000000586e553 (anonymous namespace)::PathDiagnosticBuilder::findValidReport(llvm::ArrayRef<clang::ento::PathSensitiveBugReport*>&, clang::ento::PathSensitiveBugReporter&) BugReporter.cpp:0:0
#11 0x0000000005872d39 clang::ento::PathSensitiveBugReporter::generatePathDiagnostics(llvm::ArrayRef<clang::ento::PathDiagnosticConsumer*>, llvm::ArrayRef<clang::ento::PathSensitiveBugReport*>&) (/LLVM/bin/clang+++0x5872d39)
#12 0x0000000005873106 clang::ento::PathSensitiveBugReporter::generateDiagnosticForConsumerMap(clang::ento::BugReport*, llvm::ArrayRef<clang::ento::PathDiagnosticConsumer*>, llvm::ArrayRef<clang::ento::BugReport*>) (/LLVM/bin/clang+++0x5873106)
#13 0x000000000586fc33 clang::ento::BugReporter::FlushReport(clang::ento::BugReportEquivClass&) (/LLVM/bin/clang+++0x586fc33)
#14 0x0000000005870a8f clang::ento::BugReporter::FlushReports() (/LLVM/bin/clang+++0x5870a8f)
#15 0x00000000053b3602 (anonymous namespace)::AnalysisConsumer::HandleCode(clang::Decl*, unsigned int, clang::ento::ExprEngine::InliningModes, llvm::DenseSet<clang::Decl const*, llvm::DenseMapInfo<clang::Decl const*, void>>*) AnalysisConsumer.cpp:0:0
#16 0x00000000053d151f (anonymous namespace)::AnalysisConsumer::HandleDeclsCallGraph(unsigned int) AnalysisConsumer.cpp:0:0
#17 0x00000000053d1f41 (anonymous namespace)::AnalysisConsumer::HandleTranslationUnit(clang::ASTContext&) AnalysisConsumer.cpp:0:0
#18 0x0000000005a151dc clang::ParseAST(clang::Sema&, bool, bool) (/LLVM/bin/clang+++0x5a151dc)
#19 0x0000000004293bd9 clang::FrontendAction::Execute() (/LLVM/bin/clang+++0x4293bd9)
#20 0x0000000004224859 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/LLVM/bin/clang+++0x4224859)
#21 0x0000000004363f11 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/LLVM/bin/clang+++0x4363f11)
#22 0x0000000000bbd840 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/LLVM/bin/clang+++0xbbd840)
#23 0x0000000000bb5f3f ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&, llvm::ToolContext const&) driver.cpp:0:0
#24 0x0000000004070979 void llvm::function_ref<void ()>::callback_fn<clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const::'lambda'()>(long) Job.cpp:0:0
#25 0x000000000372c6b2 llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>) (/LLVM/bin/clang+++0x372c6b2)
#26 0x0000000004071036 clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const (.part.284) Job.cpp:0:0
#27 0x000000000403d3d4 clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&, clang::driver::Command const*&, bool) const (/LLVM/bin/clang+++0x403d3d4)
#28 0x000000000403de2b clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&, bool) const (/LLVM/bin/clang+++0x403de2b)
#29 0x0000000004047346 clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&) (/LLVM/bin/clang+++0x4047346)
#30 0x0000000000bb9ed5 clang_main(int, char**, llvm::ToolContext const&) (/LLVM/bin/clang+++0xbb9ed5)
#31 0x0000000000acaf03 main (/LLVM/bin/clang+++0xacaf03)
#32 0x00007fccb9d7dcf3 __libc_start_main (/lib64/libc.so.6+0x3acf3)
#33 0x0000000000bb567e _start (/LLVM/bin/clang+++0xbb567e)
clang++: error: clang frontend command failed with exit code 134 (use -v to see invocation)
clang version 20.0.0git (https://github.com/llvm/llvm-project.git 065d2d9c60da0214c17a8300385b22be1c26dc70)
Target: x86_64-unknown-linux-gnu
```
![]()
_______________________________________________
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
