[llvm-bugs] Issue 3627 in oss-fuzz: ASSERT: Res == 0
Comment #9 on issue 3627 by monor...@clusterfuzz-external.iam.gserviceaccount.com: ASSERT: Res == 0 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3627#c9 ClusterFuzz has detected this issue as fixed in range 201710160455:201710190451. Detailed report: https://oss-fuzz.com/testcase?key=5935702182199296 Project: llvm Fuzzer: libFuzzer_llvm_llvm-isel-fuzzer--aarch64-gisel Fuzz target binary: llvm-isel-fuzzer--aarch64-gisel Job Type: libfuzzer_asan_llvm Platform Id: linux Crash Type: ASSERT Crash Address: Crash State: Res == 0 _start Sanitizer: address (ASAN) Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201710121744:201710130152 Fixed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201710160455:201710190451 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=5935702182199296 See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 3653 in oss-fuzz: llvm/llvm-dwarfdump-fuzzer: Heap-buffer-overflow in llvm::identify_magic
Comment #2 on issue 3653 by monor...@clusterfuzz-external.iam.gserviceaccount.com: llvm/llvm-dwarfdump-fuzzer: Heap-buffer-overflow in llvm::identify_magic https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3653#c2 ClusterFuzz has detected this issue as fixed in range 201710160455:201710190451. Detailed report: https://oss-fuzz.com/testcase?key=6095520196984832 Project: llvm Fuzzer: libFuzzer_llvm_llvm-dwarfdump-fuzzer Fuzz target binary: llvm-dwarfdump-fuzzer Job Type: libfuzzer_asan_llvm Platform Id: linux Crash Type: Heap-buffer-overflow READ 4 Crash Address: 0x60c00240 Crash State: llvm::identify_magic llvm::object::ObjectFile::createObjectFile _start Sanitizer: address (ASAN) Recommended Security Severity: Medium Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201708280446:201708291805 Fixed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201710160455:201710190451 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=6095520196984832 See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 3660 in oss-fuzz: llvm/llvm-isel-fuzzer--aarch64-gisel: ASSERT: isReg() && "This is not a register operand!"
Comment #5 on issue 3660 by monor...@clusterfuzz-external.iam.gserviceaccount.com: llvm/llvm-isel-fuzzer--aarch64-gisel: ASSERT: isReg() && "This is not a register operand!" https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3660#c5 ClusterFuzz has detected this issue as fixed in range 201710160455:201710190451. Detailed report: https://oss-fuzz.com/testcase?key=5516525822803968 Project: llvm Fuzzer: libFuzzer_llvm_llvm-isel-fuzzer--aarch64-gisel Fuzz target binary: llvm-isel-fuzzer--aarch64-gisel Job Type: libfuzzer_asan_llvm Platform Id: linux Crash Type: ASSERT Crash Address: Crash State: isReg() && "This is not a register operand!" AArch64InstructionSelector::selectAddrModeIndexed llvm::OptionalRegressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201710150453:201710160455 Fixed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201710160455:201710190451 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=5516525822803968 See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 3661 in oss-fuzz: llvm/clang-proto-fuzzer: Null-dereference READ in llvm::SCEV::getType
Comment #4 on issue 3661 by monor...@clusterfuzz-external.iam.gserviceaccount.com: llvm/clang-proto-fuzzer: Null-dereference READ in llvm::SCEV::getType https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3661#c4 ClusterFuzz has detected this issue as fixed in range 201710160455:201710190451. Detailed report: https://oss-fuzz.com/testcase?key=5425692935192576 Project: llvm Fuzzer: libFuzzer_llvm_clang-proto-fuzzer Fuzz target binary: clang-proto-fuzzer Job Type: libfuzzer_asan_llvm Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x Crash State: llvm::SCEV::getType llvm::ScalarEvolution::getMulExpr llvm::ScalarEvolution::getMulExpr Sanitizer: address (ASAN) Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201710131611:201710131923 Fixed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201710160455:201710190451 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=5425692935192576 See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 3627 in oss-fuzz: ASSERT: Res == 0
Updates: Labels: ClusterFuzz-Verified Status: Verified Comment #10 on issue 3627 by monor...@clusterfuzz-external.iam.gserviceaccount.com: ASSERT: Res == 0 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3627#c10 ClusterFuzz testcase 5935702182199296 is verified as fixed, so closing issue as verified. If this is incorrect, please file a bug on https://github.com/google/oss-fuzz/issues/new -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 3653 in oss-fuzz: llvm/llvm-dwarfdump-fuzzer: Heap-buffer-overflow in llvm::identify_magic
Updates: Labels: ClusterFuzz-Verified Status: Verified Comment #3 on issue 3653 by monor...@clusterfuzz-external.iam.gserviceaccount.com: llvm/llvm-dwarfdump-fuzzer: Heap-buffer-overflow in llvm::identify_magic https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3653#c3 ClusterFuzz testcase 6095520196984832 is verified as fixed, so closing issue as verified. If this is incorrect, please file a bug on https://github.com/google/oss-fuzz/issues/new -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 3661 in oss-fuzz: llvm/clang-proto-fuzzer: Null-dereference READ in llvm::SCEV::getType
Updates: Labels: ClusterFuzz-Verified Status: Verified Comment #5 on issue 3661 by monor...@clusterfuzz-external.iam.gserviceaccount.com: llvm/clang-proto-fuzzer: Null-dereference READ in llvm::SCEV::getType https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3661#c5 ClusterFuzz testcase 5425692935192576 is verified as fixed, so closing issue as verified. If this is incorrect, please file a bug on https://github.com/google/oss-fuzz/issues/new -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 3660 in oss-fuzz: llvm/llvm-isel-fuzzer--aarch64-gisel: ASSERT: isReg() && "This is not a register operand!"
Updates: Labels: ClusterFuzz-Verified Status: Verified Comment #6 on issue 3660 by monor...@clusterfuzz-external.iam.gserviceaccount.com: llvm/llvm-isel-fuzzer--aarch64-gisel: ASSERT: isReg() && "This is not a register operand!" https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3660#c6 ClusterFuzz testcase 5516525822803968 is verified as fixed, so closing issue as verified. If this is incorrect, please file a bug on https://github.com/google/oss-fuzz/issues/new -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 3681 in oss-fuzz: llvm/llvm-isel-fuzzer--aarch64-O2: ASSERT: ShiftAmt <= BitWidth && "Invalid shift amount"
Status: New Owner: CC: k...@google.com, masc...@google.com, jdevlieg...@apple.com, llvm-b...@lists.llvm.org, v...@apple.com Labels: ClusterFuzz Stability-Memory-AddressSanitizer Reproducible Engine-libfuzzer Proj-llvm Reported-2017-10-19 New issue 3681 by monor...@clusterfuzz-external.iam.gserviceaccount.com: llvm/llvm-isel-fuzzer--aarch64-O2: ASSERT: ShiftAmt <= BitWidth && "Invalid shift amount" https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3681 Detailed report: https://oss-fuzz.com/testcase?key=4605473736097792 Project: llvm Fuzzer: libFuzzer_llvm_llvm-isel-fuzzer--aarch64-O2 Fuzz target binary: llvm-isel-fuzzer--aarch64-O2 Job Type: libfuzzer_asan_llvm Platform Id: linux Crash Type: ASSERT Crash Address: Crash State: ShiftAmt <= BitWidth && "Invalid shift amount" llvm::BasicAAResult::GetLinearExpression llvm::BasicAAResult::DecomposeGEPExpression Sanitizer: address (ASAN) Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201710160455:201710190451 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=4605473736097792 Issue filed automatically. See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information. When you fix this bug, please * mention the fix revision(s). * state whether the bug was a short-lived regression or an old bug in any stable releases. * add any other useful information. This information can help downstream consumers. If you have questions for the OSS-Fuzz team, please file an issue at https://github.com/google/oss-fuzz/issues. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 3683 in oss-fuzz: llvm/llvm-isel-fuzzer--x86_64-O2: Use-after-poison in DAGCombiner::useDivRem
Status: New Owner: CC: k...@google.com, masc...@google.com, jdevlieg...@apple.com, llvm-b...@lists.llvm.org, v...@apple.com Labels: ClusterFuzz Stability-Memory-AddressSanitizer Reproducible Engine-libfuzzer Proj-llvm Reported-2017-10-19 New issue 3683 by monor...@clusterfuzz-external.iam.gserviceaccount.com: llvm/llvm-isel-fuzzer--x86_64-O2: Use-after-poison in DAGCombiner::useDivRem https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3683 Detailed report: https://oss-fuzz.com/testcase?key=6048513491206144 Project: llvm Fuzzer: libFuzzer_llvm_llvm-isel-fuzzer--x86_64-O2 Fuzz target binary: llvm-isel-fuzzer--x86_64-O2 Job Type: libfuzzer_asan_llvm Platform Id: linux Crash Type: Use-after-poison READ 8 Crash Address: 0x621315f0 Crash State: DAGCombiner::useDivRem DAGCombiner::visit DAGCombiner::combine Sanitizer: address (ASAN) Recommended Security Severity: High Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201710160455:201710190451 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=6048513491206144 Issue filed automatically. See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information. When you fix this bug, please * mention the fix revision(s). * state whether the bug was a short-lived regression or an old bug in any stable releases. * add any other useful information. This information can help downstream consumers. If you have questions for the OSS-Fuzz team, please file an issue at https://github.com/google/oss-fuzz/issues. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 3684 in oss-fuzz: llvm/llvm-isel-fuzzer--aarch64-O2: ASSERT: NumBytes >= 0 && "Negative stack allocation size!?"
Status: New Owner: CC: k...@google.com, masc...@google.com, jdevlieg...@apple.com, llvm-b...@lists.llvm.org, v...@apple.com Labels: ClusterFuzz Stability-Memory-AddressSanitizer Reproducible Engine-libfuzzer Proj-llvm Reported-2017-10-19 New issue 3684 by monor...@clusterfuzz-external.iam.gserviceaccount.com: llvm/llvm-isel-fuzzer--aarch64-O2: ASSERT: NumBytes >= 0 && "Negative stack allocation size!?" https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3684 Detailed report: https://oss-fuzz.com/testcase?key=6392155435171840 Project: llvm Fuzzer: libFuzzer_llvm_llvm-isel-fuzzer--aarch64-O2 Fuzz target binary: llvm-isel-fuzzer--aarch64-O2 Job Type: libfuzzer_asan_llvm Platform Id: linux Crash Type: ASSERT Crash Address: Crash State: NumBytes >= 0 && "Negative stack allocation size!?" llvm::AArch64FrameLowering::emitPrologue PEI::runOnMachineFunction Sanitizer: address (ASAN) Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201710160455:201710190451 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=6392155435171840 Issue filed automatically. See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information. When you fix this bug, please * mention the fix revision(s). * state whether the bug was a short-lived regression or an old bug in any stable releases. * add any other useful information. This information can help downstream consumers. If you have questions for the OSS-Fuzz team, please file an issue at https://github.com/google/oss-fuzz/issues. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 3685 in oss-fuzz: llvm/llvm-isel-fuzzer--aarch64-O2: ASSERT: N->getOpcode() != ISD::DELETED_NODE && "Node was deleted but visit returned NULL
Status: New Owner: CC: k...@google.com, masc...@google.com, jdevlieg...@apple.com, llvm-b...@lists.llvm.org, v...@apple.com Labels: ClusterFuzz Stability-Memory-AddressSanitizer Reproducible Engine-libfuzzer Proj-llvm Reported-2017-10-19 New issue 3685 by monor...@clusterfuzz-external.iam.gserviceaccount.com: llvm/llvm-isel-fuzzer--aarch64-O2: ASSERT: N->getOpcode() != ISD::DELETED_NODE && "Node was deleted but visit returned NULL https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3685 Detailed report: https://oss-fuzz.com/testcase?key=6546691445489664 Project: llvm Fuzzer: libFuzzer_llvm_llvm-isel-fuzzer--aarch64-O2 Fuzz target binary: llvm-isel-fuzzer--aarch64-O2 Job Type: libfuzzer_asan_llvm Platform Id: linux Crash Type: ASSERT Crash Address: Crash State: N->getOpcode() != ISD::DELETED_NODE && "Node was deleted but visit returned NULL DAGCombiner::combine llvm::SelectionDAG::Combine Sanitizer: address (ASAN) Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201710160455:201710190451 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=6546691445489664 Issue filed automatically. See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information. When you fix this bug, please * mention the fix revision(s). * state whether the bug was a short-lived regression or an old bug in any stable releases. * add any other useful information. This information can help downstream consumers. If you have questions for the OSS-Fuzz team, please file an issue at https://github.com/google/oss-fuzz/issues. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 3688 in oss-fuzz: llvm/llvm-special-case-list-fuzzer: ASSERT: !Key.empty()
Status: New Owner: CC: k...@google.com, masc...@google.com, jdevlieg...@apple.com, llvm-b...@lists.llvm.org, v...@apple.com Labels: ClusterFuzz Stability-Memory-AddressSanitizer Reproducible Engine-libfuzzer Proj-llvm Reported-2017-10-19 New issue 3688 by monor...@clusterfuzz-external.iam.gserviceaccount.com: llvm/llvm-special-case-list-fuzzer: ASSERT: !Key.empty() https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3688 Detailed report: https://oss-fuzz.com/testcase?key=6748633157337088 Project: llvm Fuzzer: libFuzzer_llvm_llvm-special-case-list-fuzzer Fuzz target binary: llvm-special-case-list-fuzzer Job Type: libfuzzer_asan_llvm Platform Id: linux Crash Type: ASSERT Crash Address: Crash State: !Key.empty() llvm::SpecialCaseList::Matcher::insert llvm::SpecialCaseList::parse Sanitizer: address (ASAN) Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201710160455:201710190451 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=6748633157337088 Issue filed automatically. See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information. When you fix this bug, please * mention the fix revision(s). * state whether the bug was a short-lived regression or an old bug in any stable releases. * add any other useful information. This information can help downstream consumers. If you have questions for the OSS-Fuzz team, please file an issue at https://github.com/google/oss-fuzz/issues. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 34999] New: libFuzzer: fuzz executable does not respect SIGPIPE
https://bugs.llvm.org/show_bug.cgi?id=34999 Bug ID: 34999 Summary: libFuzzer: fuzz executable does not respect SIGPIPE Product: compiler-rt Version: unspecified Hardware: PC OS: Linux Status: NEW Severity: normal Priority: P Component: compiler-rt Assignee: unassignedb...@nondot.org Reporter: sanne.wo...@arm.com CC: llvm-bugs@lists.llvm.org I'm seeing the following behaviour on HEAD. In bash, I run the following command: ./fuzz_target 2>&1 | less As I understand it, when I quit less, bash sends SIGPIPE to fuzz_target. I'd expect fuzz_target to exit() in response since its output pipe is broken. However, fuzz_target keeps running (no output though, because the pipe is broken). ./fuzz_target is compiled by linking fuzz_target.o (which defines LLVMFuzzerTestOneInput) with a statically linked libFuzzer.a . -- You are receiving this mail because: You are on the CC list for the bug.___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 3690 in oss-fuzz: llvm/llvm-isel-fuzzer--aarch64-gisel: ASSERT: VSTOffset == 0 || !F->hasName()
Status: New Owner: CC: k...@google.com, masc...@google.com, jdevlieg...@apple.com, llvm-b...@lists.llvm.org, v...@apple.com Labels: ClusterFuzz Stability-Memory-AddressSanitizer Reproducible Engine-libfuzzer Proj-llvm Reported-2017-10-19 New issue 3690 by monor...@clusterfuzz-external.iam.gserviceaccount.com: llvm/llvm-isel-fuzzer--aarch64-gisel: ASSERT: VSTOffset == 0 | | !F->hasName() https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3690 Detailed report: https://oss-fuzz.com/testcase?key=5963982092369920 Project: llvm Fuzzer: libFuzzer_llvm_llvm-isel-fuzzer--aarch64-gisel Fuzz target binary: llvm-isel-fuzzer--aarch64-gisel Job Type: libfuzzer_asan_llvm Platform Id: linux Crash Type: ASSERT Crash Address: Crash State: VSTOffset == 0 || !F->hasName() BitcodeReader::materialize BitcodeReader::materializeModule Sanitizer: address (ASAN) Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201710121744:201710130152 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=5963982092369920 Issue filed automatically. See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information. When you fix this bug, please * mention the fix revision(s). * state whether the bug was a short-lived regression or an old bug in any stable releases. * add any other useful information. This information can help downstream consumers. If you have questions for the OSS-Fuzz team, please file an issue at https://github.com/google/oss-fuzz/issues. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 3695 in oss-fuzz: llvm/llvm-isel-fuzzer--aarch64-gisel: Direct-leak in llvm::MDTuple::getImpl
Status: New Owner: CC: k...@google.com, masc...@google.com, jdevlieg...@apple.com, llvm-b...@lists.llvm.org, v...@apple.com Labels: ClusterFuzz Stability-Memory-AddressSanitizer Reproducible Stability-Memory-LeakSanitizer Engine-libfuzzer Proj-llvm Reported-2017-10-19 New issue 3695 by monor...@clusterfuzz-external.iam.gserviceaccount.com: llvm/llvm-isel-fuzzer--aarch64-gisel: Direct-leak in llvm::MDTuple::getImpl https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3695 Detailed report: https://oss-fuzz.com/testcase?key=5260607780552704 Project: llvm Fuzzer: libFuzzer_llvm_llvm-isel-fuzzer--aarch64-gisel Fuzz target binary: llvm-isel-fuzzer--aarch64-gisel Job Type: libfuzzer_asan_llvm Platform Id: linux Crash Type: Direct-leak Crash Address: Crash State: llvm::MDTuple::getImpl BitcodeReaderMetadataList::getMetadataFwdRef llvm::MetadataLoader::MetadataLoaderImpl::getMetadataFwdRefOrLoad Sanitizer: address (ASAN) Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201710160455:201710190451 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=5260607780552704 Issue filed automatically. See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information. When you fix this bug, please * mention the fix revision(s). * state whether the bug was a short-lived regression or an old bug in any stable releases. * add any other useful information. This information can help downstream consumers. If you have questions for the OSS-Fuzz team, please file an issue at https://github.com/google/oss-fuzz/issues. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 3697 in oss-fuzz: llvm/llvm-isel-fuzzer--aarch64-gisel: Out-of-memory in llvm_llvm-isel-fuzzer--aarch64-gisel
Status: New Owner: CC: k...@google.com, masc...@google.com, jdevlieg...@apple.com, llvm-b...@lists.llvm.org, v...@apple.com Labels: ClusterFuzz Reproducible Engine-libfuzzer Proj-llvm Reported-2017-10-19 New issue 3697 by monor...@clusterfuzz-external.iam.gserviceaccount.com: llvm/llvm-isel-fuzzer--aarch64-gisel: Out-of-memory in llvm_llvm-isel-fuzzer--aarch64-gisel https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3697 Detailed report: https://oss-fuzz.com/testcase?key=6663546499760128 Project: llvm Fuzzer: libFuzzer_llvm_llvm-isel-fuzzer--aarch64-gisel Fuzz target binary: llvm-isel-fuzzer--aarch64-gisel Job Type: libfuzzer_asan_llvm Platform Id: linux Crash Type: Out-of-memory (exceeds 2048 MB) Crash Address: Crash State: llvm_llvm-isel-fuzzer--aarch64-gisel Sanitizer: address (ASAN) Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201710121744:201710130152 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=6663546499760128 Issue filed automatically. See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information. When you fix this bug, please * mention the fix revision(s). * state whether the bug was a short-lived regression or an old bug in any stable releases. * add any other useful information. This information can help downstream consumers. If you have questions for the OSS-Fuzz team, please file an issue at https://github.com/google/oss-fuzz/issues. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 35000] New: [refactoring] idea: convert a ternary operator into an if statement and vice-versa
https://bugs.llvm.org/show_bug.cgi?id=35000
Bug ID: 35000
Summary: [refactoring] idea: convert a ternary operator into an
if statement and vice-versa
Product: clang
Version: trunk
Hardware: PC
OS: All
Status: NEW
Severity: enhancement
Priority: P
Component: libclang
Assignee: unassignedclangb...@nondot.org
Reporter: arpha...@gmail.com
CC: kli...@google.com, llvm-bugs@lists.llvm.org
This is a possible idea for a new refactoring action for clang-refactor &
editors that support integration with Clang's refactoring engine.
This idea suggests adding a refactoring that can convert a ternary operator
into an if statement and vice-versa. For example, this statement:
int x = expression ? a : b;
Can become:
int x;
if (expression) {
x = a;
} else {
x = b;
}
and vice-versa.
--
You are receiving this mail because:
You are on the CC list for the bug.___
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 35001] New: uninitialized value false positive with identical conditions
https://bugs.llvm.org/show_bug.cgi?id=35001
Bug ID: 35001
Summary: uninitialized value false positive with identical
conditions
Product: clang
Version: 5.0
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: Static Analyzer
Assignee: dcough...@apple.com
Reporter: ss...@arista.com
CC: llvm-bugs@lists.llvm.org
clang version 5.0.0 (trunk)
Target: i686-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
Found candidate GCC installation: /usr/bin/../lib/gcc/i686-redhat-linux/5.4.0
Found candidate GCC installation: /usr/lib/gcc/i686-redhat-linux/5.4.0
Selected GCC installation: /usr/bin/../lib/gcc/i686-redhat-linux/5.4.0
Candidate multilib: .;@m32
Selected multilib: .;@m32
This snippet (foo.cpp) makes the analyzer to warn about an uninitialized value:
#include
void run( double limit ) {
int a;
if ( limit > 0 ) {
a = 1;
}
if ( limit > 0 ) {
std::cout << a;
}
}
clang++ --analyze -Xanalyzer -analyzer-output=text -std=c++11 foo.cpp
foo.cpp:10:7: warning: 1st function call argument is an uninitialized value
std::cout << a;
^~
foo.cpp:4:4: note: 'a' declared without an initial value
int a;
^
foo.cpp:6:4: note: Taking false branch
if ( limit > 0 ) {
^
foo.cpp:9:4: note: Taking true branch
if ( limit > 0 ) {
^
foo.cpp:10:7: note: 1st function call argument is an uninitialized value
std::cout << a;
^~
1 warning generated.
Making the value type an 'int' does not show the same symptoms, ie. void run(
int limi )
--
You are receiving this mail because:
You are on the CC list for the bug.___
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 34991] clang crashes on valid code at -Os and above on x86_64-linux-gnu: Assertion `CastInst::castIsValid(opc, C, Ty) && "Invalid constantexpr cast!"' failed
https://bugs.llvm.org/show_bug.cgi?id=34991 Davide Italiano changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED -- You are receiving this mail because: You are on the CC list for the bug.___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 15479] non-terminating loop at -Os causes clang to hang
https://bugs.llvm.org/show_bug.cgi?id=15479 Davide Italiano changed: What|Removed |Added CC||dav...@freebsd.org Resolution|--- |FIXED Status|NEW |RESOLVED -- You are receiving this mail because: You are on the CC list for the bug.___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 34537] clang crashes on valid code at -O3 in 64-bit mode on x86_64-linux-gnu while running pass 'Machine InstCombiner': Assertion `!NodePtr->isKnownSentinel()' failed
https://bugs.llvm.org/show_bug.cgi?id=34537 Davide Italiano changed: What|Removed |Added Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #3 from Davide Italiano --- The examples don't crash anymore (at any optimization level) [davide@localhost bin]$ ./clang -O3 small.c [davide@localhost bin]$ ./clang -O2 small.c [davide@localhost bin]$ ./clang -O1 small.c [davide@localhost bin]$ ./clang -O0 small.c [davide@localhost bin]$ ./clang -Os small.c -- You are receiving this mail because: You are on the CC list for the bug.___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 35003] New: [X86] Help update_llc_test_checks.py recognise retl/retq to reduce CHECK duplication
https://bugs.llvm.org/show_bug.cgi?id=35003
Bug ID: 35003
Summary: [X86] Help update_llc_test_checks.py recognise
retl/retq to reduce CHECK duplication
Product: new-bugs
Version: unspecified
Hardware: PC
OS: Windows NT
Status: NEW
Severity: enhancement
Priority: P
Component: new bugs
Assignee: unassignedb...@nondot.org
Reporter: llvm-...@redking.me.uk
CC: craig.top...@gmail.com, llvm-bugs@lists.llvm.org,
spatel+l...@rotateright.com
We have a lot of i686 and x86_64 tests that generate identical codegen apart
from the retl/retq return op.
It'd avoid a lot of code duplication if we replaced this with a ret{lq} pattern
match.
--
You are receiving this mail because:
You are on the CC list for the bug.___
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 35004] New: [refactoring] idea: convert a switch statement to an if
https://bugs.llvm.org/show_bug.cgi?id=35004
Bug ID: 35004
Summary: [refactoring] idea: convert a switch statement to an
if
Product: clang
Version: trunk
Hardware: PC
OS: All
Status: NEW
Severity: enhancement
Priority: P
Component: libclang
Assignee: unassignedclangb...@nondot.org
Reporter: arpha...@gmail.com
CC: kli...@google.com, llvm-bugs@lists.llvm.org
This is a possible idea for a new refactoring action for clang-refactor &
editors that support integration with Clang's refactoring engine.
This idea suggests adding a refactoring that can convert a switch statement
into an if statement. For example, this statement:
switch (x) {
case 0:
foo();
break;
case 1:
bar();
break;
}
Can become:
if (x == 1) {
foo();
} else if (x == 2) {
bar();
}
(Note: I'm intending to add an operation that implements the reverse, i.e.
convert if to switch).
--
You are receiving this mail because:
You are on the CC list for the bug.___
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 35005] New: regression: "fatal error: error in backend: Broken function found, compilation aborted!"
https://bugs.llvm.org/show_bug.cgi?id=35005
Bug ID: 35005
Summary: regression: "fatal error: error in backend: Broken
function found, compilation aborted!"
Product: new-bugs
Version: trunk
Hardware: Macintosh
OS: MacOS X
Status: NEW
Severity: release blocker
Priority: P
Component: new bugs
Assignee: unassignedb...@nondot.org
Reporter: s...@rogue-research.com
CC: llvm-bugs@lists.llvm.org
I do nightly builds of the VTK project with recent clang (that I manually
update occasionally). VTK with UBSan build with clang r315034. Then I updated
to r316042 and it failed to build. I updated just now to r316166 and it still
fails, with the message below.
I've attached the .c and .sh files. The .crash file the message mentions isn't
actually there for some reason.
Did not see access type in access path!
%28 = load i32, i32* %org_ref, align 8, !dbg !1333, !tbaa !1334
!1334 = !{!1335, !1278, i64 832}
fatal error: error in backend: Broken function found, compilation aborted!
clang-6.0: error: clang frontend command failed with exit code 70 (use -v to
see invocation)
clang version 6.0.0 (trunk 316166)
Target: x86_64-apple-darwin15.6.0
Thread model: posix
InstalledDir: /Users/builder/llvm/llvm-rel-install/bin
clang-6.0: note: diagnostic msg: PLEASE submit a bug report to
http://llvm.org/bugs/ and include the crash backtrace, preprocessed source, and
associated run script.
clang-6.0: note: diagnostic msg:
PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
Preprocessed source(s) and associated run script(s) are located at:
clang-6.0: note: diagnostic msg:
/var/folders/_j/yk9_m1js2jq67w2sbxfgrxkrgn/T/pshinter-fd47a6.c
clang-6.0: note: diagnostic msg:
/var/folders/_j/yk9_m1js2jq67w2sbxfgrxkrgn/T/pshinter-fd47a6.sh
clang-6.0: note: diagnostic msg: Crash backtrace is located in
clang-6.0: note: diagnostic msg:
/Users/builder/Library/Logs/DiagnosticReports/clang-6.0__.crash
clang-6.0: note: diagnostic msg: (choose the .crash file that corresponds to
your crash)
clang-6.0: note: diagnostic msg:
--
You are receiving this mail because:
You are on the CC list for the bug.___
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 3700 in oss-fuzz: llvm/llvm-isel-fuzzer--aarch64-O2: Out-of-memory in llvm_llvm-isel-fuzzer--aarch64-O2
Status: New Owner: CC: k...@google.com, masc...@google.com, jdevlieg...@apple.com, llvm-b...@lists.llvm.org, v...@apple.com Labels: ClusterFuzz Reproducible Engine-libfuzzer Proj-llvm Reported-2017-10-19 New issue 3700 by monor...@clusterfuzz-external.iam.gserviceaccount.com: llvm/llvm-isel-fuzzer--aarch64-O2: Out-of-memory in llvm_llvm-isel-fuzzer--aarch64-O2 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3700 Detailed report: https://oss-fuzz.com/testcase?key=5991579404730368 Project: llvm Fuzzer: libFuzzer_llvm_llvm-isel-fuzzer--aarch64-O2 Fuzz target binary: llvm-isel-fuzzer--aarch64-O2 Job Type: libfuzzer_asan_llvm Platform Id: linux Crash Type: Out-of-memory (exceeds 2048 MB) Crash Address: Crash State: llvm_llvm-isel-fuzzer--aarch64-O2 Sanitizer: address (ASAN) Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201710160455:201710190451 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=5991579404730368 Issue filed automatically. See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information. When you fix this bug, please * mention the fix revision(s). * state whether the bug was a short-lived regression or an old bug in any stable releases. * add any other useful information. This information can help downstream consumers. If you have questions for the OSS-Fuzz team, please file an issue at https://github.com/google/oss-fuzz/issues. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 3701 in oss-fuzz: llvm/llvm-isel-fuzzer--x86_64-O2: ASSERT: idx < size()
Status: New Owner: CC: k...@google.com, masc...@google.com, jdevlieg...@apple.com, llvm-b...@lists.llvm.org, v...@apple.com Labels: ClusterFuzz Stability-Memory-AddressSanitizer Reproducible Engine-libfuzzer Proj-llvm Reported-2017-10-20 New issue 3701 by monor...@clusterfuzz-external.iam.gserviceaccount.com: llvm/llvm-isel-fuzzer--x86_64-O2: ASSERT: idx < size() https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3701 Detailed report: https://oss-fuzz.com/testcase?key=5552830912921600 Project: llvm Fuzzer: libFuzzer_llvm_llvm-isel-fuzzer--x86_64-O2 Fuzz target binary: llvm-isel-fuzzer--x86_64-O2 Job Type: libfuzzer_asan_llvm Platform Id: linux Crash Type: ASSERT Crash Address: Crash State: idx < size() BitcodeReader::parseFunctionBody BitcodeReader::materialize Sanitizer: address (ASAN) Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201710160455:201710190451 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=5552830912921600 Issue filed automatically. See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information. When you fix this bug, please * mention the fix revision(s). * state whether the bug was a short-lived regression or an old bug in any stable releases. * add any other useful information. This information can help downstream consumers. If you have questions for the OSS-Fuzz team, please file an issue at https://github.com/google/oss-fuzz/issues. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 3702 in oss-fuzz: llvm/llvm-isel-fuzzer--aarch64-O2: ASSERT: (DeferredFunctionInfo[Fn] == 0 || DeferredFunctionInfo[Fn] == CurBit) && "Mismat
Status: New Owner: CC: k...@google.com, masc...@google.com, jdevlieg...@apple.com, llvm-b...@lists.llvm.org, v...@apple.com Labels: ClusterFuzz Stability-Memory-AddressSanitizer Reproducible Engine-libfuzzer Proj-llvm Reported-2017-10-20 New issue 3702 by monor...@clusterfuzz-external.iam.gserviceaccount.com: llvm/llvm-isel-fuzzer--aarch64-O2: ASSERT: (DeferredFunctionInfo[Fn] == 0 | | DeferredFunctionInfo[Fn] == CurBit) && "Mismat https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3702 Detailed report: https://oss-fuzz.com/testcase?key=6089797387943936 Project: llvm Fuzzer: libFuzzer_llvm_llvm-isel-fuzzer--aarch64-O2 Fuzz target binary: llvm-isel-fuzzer--aarch64-O2 Job Type: libfuzzer_asan_llvm Platform Id: linux Crash Type: ASSERT Crash Address: Crash State: (DeferredFunctionInfo[Fn] == 0 || DeferredFunctionInfo[Fn] == CurBit) && "Mismat BitcodeReader::rememberAndSkipFunctionBody BitcodeReader::parseModule Sanitizer: address (ASAN) Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201710160455:201710190451 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=6089797387943936 Issue filed automatically. See https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md for more information. When you fix this bug, please * mention the fix revision(s). * state whether the bug was a short-lived regression or an old bug in any stable releases. * add any other useful information. This information can help downstream consumers. If you have questions for the OSS-Fuzz team, please file an issue at https://github.com/google/oss-fuzz/issues. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 35006] New: Clang-format misalignment
https://bugs.llvm.org/show_bug.cgi?id=35006 Bug ID: 35006 Summary: Clang-format misalignment Product: clang Version: 5.0 Hardware: PC OS: Windows NT Status: NEW Severity: enhancement Priority: P Component: Formatter Assignee: unassignedclangb...@nondot.org Reporter: amaca...@gmail.com CC: djas...@google.com, kli...@google.com, llvm-bugs@lists.llvm.org Created attachment 19316 --> https://bugs.llvm.org/attachment.cgi?id=19316&action=edit C source file Running clang-format with -style=file -i over attached C source file, with attached .clang-format results in what I suspect to be a misalignment on line 22 -- You are receiving this mail because: You are on the CC list for the bug.___ llvm-bugs mailing list llvm-bugs@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
