[llvm-bugs] [Bug 43668] New: Throwing C++ exceptions crashes in code which is compiled with clang++ 8 and running on Cygwin64
https://bugs.llvm.org/show_bug.cgi?id=43668
Bug ID: 43668
Summary: Throwing C++ exceptions crashes in code which is
compiled with clang++ 8 and running on Cygwin64
Product: clang
Version: 8.0
Hardware: PC
OS: Windows NT
Status: NEW
Severity: enhancement
Priority: P
Component: C++
Assignee: unassignedclangb...@nondot.org
Reporter: zettsu.tats...@gmail.com
CC: blitzrak...@gmail.com, dgre...@apple.com,
erik.pilking...@gmail.com, llvm-bugs@lists.llvm.org,
richard-l...@metafoo.co.uk
Throwing C++ exceptions crashes in code which is compiled with clang++ 8.0.1
(Target: x86_64-unknown-windows-cygnus) and running on Cygwin 64-bit
installation 3.0.7. Compiling with -O0 option causes a crash and compiling with
-O2 option does not.
This does not occur with Cygwin g++ 7.4.0, MinGW g++ 8.2.0 and Windows native
clang++ 8.0.1 (Target: x86_64-pc-windows-msvc).
The following code crashes. Full source code is available on
https://github.com/zettsu-t/throwAndCatch .
1. A free function calls another function
2. The later function invokes (calls the operator() of) a std::function
instance
3. The invoked instance throws an exception.
void invokeFunc(std::function& func) {
func();
}
void throwInLocal(void) {
throw std::runtime_error("Error");
}
std::function funcObj = &throwInLocal;
invokeFunc(funcObj);
This is a gdb backtrace when throwing an exception crashed.
gdb: unknown target exception 0x20474343 at 0x7fface6ea839
Thread 1 "throw_catch_clang" received signal ?, Unknown signal.
0x7fface6ea839 in RaiseException () from
/cygdrive/c/WINDOWS/System32/KERNELBASE.dll
(gdb) bt
#0 0x7fface6ea839 in RaiseException () from
/cygdrive/c/WINDOWS/System32/KERNELBASE.dll
#1 0x0003de6bcbf1 in cyggcc_s-seh-1!_Unwind_RaiseException () from
/usr/bin/cyggcc_s-seh-1.dll
#2 0x0003c3599148 in cygstdc++-6!.cxa_throw () from
/usr/bin/cygstdc++-6.dll
#3 0x000100401948 in (anonymous namespace)::throwInLocal () at
throw_catch_main.cpp:12
#4 0x000100402c65 in std::_Function_handler::_M_invoke(std::_Any_data const&)
(__functor=...) at
/usr/lib/gcc/x86_64-pc-cygwin/7.4.0/include/c++/bits/std_function.h:316
#5 0x0001004032aa in std::function::operator()() const
(this=0xcb58)
at
/usr/lib/gcc/x86_64-pc-cygwin/7.4.0/include/c++/bits/std_function.h:706
#6 0xc8a8 in ?? ()
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
I found invoking the std::function instance in other statements prevents
crashes like shown below.
std::function funcObj = &throwInLocal;
funcObj();
invokeFunc(funcObj);
--
You are receiving this mail because:
You are on the CC list for the bug.___
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 18198 in oss-fuzz: llvm:clang-fuzzer: ASSERT: NextLocalOffset + TokLength + 1 > NextLocalOffset && NextLocalOffset + TokLength
Status: New Owner: CC: k...@google.com, masc...@google.com, jdevlieg...@apple.com, igm...@gmail.com, mit...@google.com, bigchees...@gmail.com, eney...@google.com, llvm-b...@lists.llvm.org, j...@chromium.org, v...@apple.com, mitchphi...@outlook.com, xpl...@gmail.com, akils...@apple.com Labels: ClusterFuzz Stability-Memory-AddressSanitizer Reproducible Engine-libfuzzer OS-Linux Proj-llvm Reported-2019-10-14 Type: Bug New issue 18198 by ClusterFuzz-External: llvm:clang-fuzzer: ASSERT: NextLocalOffset + TokLength + 1 > NextLocalOffset && NextLocalOffset + TokLength https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18198 Detailed Report: https://oss-fuzz.com/testcase?key=5724163800563712 Project: llvm Fuzzing Engine: libFuzzer Fuzz Target: clang-fuzzer Job Type: libfuzzer_asan_llvm Platform Id: linux Crash Type: ASSERT Crash Address: Crash State: NextLocalOffset + TokLength + 1 > NextLocalOffset && NextLocalOffset + TokLength clang::SourceManager::createExpansionLocImpl clang::SourceManager::createMacroArgExpansionLoc Sanitizer: address (ASAN) Crash Revision: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&revision=201910130337 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=5724163800563712 Issue filed automatically. See https://google.github.io/oss-fuzz/advanced-topics/reproducing for instructions to reproduce this bug locally. When you fix this bug, please * mention the fix revision(s). * state whether the bug was a short-lived regression or an old bug in any stable releases. * add any other useful information. This information can help downstream consumers. If you need to contact the OSS-Fuzz team with a question, concern, or any other feedback, please file an issue at https://github.com/google/oss-fuzz/issues. Comments on individual Monorail issues are not monitored. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 43669] New: Segfault when compiling boot/beast when openmp is enabled
https://bugs.llvm.org/show_bug.cgi?id=43669 Bug ID: 43669 Summary: Segfault when compiling boot/beast when openmp is enabled Product: clang Version: 9.0 Hardware: PC OS: Linux Status: NEW Severity: enhancement Priority: P Component: Frontend Assignee: unassignedclangb...@nondot.org Reporter: jc_mon...@emailplus.org CC: llvm-bugs@lists.llvm.org, neeil...@live.com, richard-l...@metafoo.co.uk clang 9 segfaults when compiling one of the boost/beast sample programs when openmp is enabled: clang++ -fopenmp=libomp -c -O0 -emit-llvm -save-temps websocket_server_async.cpp Stack dump: 0. Program arguments: /usr/bin/clang-9 -cc1 -triple x86_64-pc-linux-gnu -emit-llvm-bc -emit-llvm-uselists -save-temps=cwd -disable-free -disable-llvm-verifier -discard-value-names -main-file-name websocket_server_async.cpp -mrelocation-model pic -pic-level 2 -pic-is-pie -mthread-model posix -mdisable-fp-elim -fmath-errno -masm-verbose -mconstructor-aliases -munwind-tables -fuse-init-array -target-cpu x86-64 -dwarf-column-info -debugger-tuning=gdb -coverage-notes-file /home/jean-claude/code/clang-beast-test/websocket_server_async.gcno -resource-dir /usr/lib/clang/9.0.0 -O0 -fdeprecated-macro -fdebug-compilation-dir /home/jean-claude/code/clang-beast-test -ferror-limit 19 -fmessage-length 0 -fopenmp -stack-protector 2 -fobjc-runtime=gcc -fcxx-exceptions -fexceptions -fdiagnostics-show-option -fcolor-diagnostics -disable-llvm-passes -faddrsig -o websocket_server_async.tmp.bc -x c++-cpp-output websocket_server_async.ii 1. parser at end of file 2. Per-file LLVM IR generation 3. /usr/include/boost/beast/http/detail/rfc7230.ipp:80:1: Generating code for declaration 'boost::beast::http::detail::is_token_char' #0 0x7f11ebe70b7b llvm::sys::PrintStackTrace(llvm::raw_ostream&) (/usr/bin/../lib/libLLVM-9.so+0xb08b7b) #1 0x7f11ebe6ea44 llvm::sys::RunSignalHandlers() (/usr/bin/../lib/libLLVM-9.so+0xb06a44) #2 0x7f11ebe6ebd6 (/usr/bin/../lib/libLLVM-9.so+0xb06bd6) #3 0x7f11ea0d1fb0 __restore_rt (/usr/bin/../lib/libc.so.6+0x3bfb0) #4 0x7f11ebfe1844 llvm::PointerType::get(llvm::Type*, unsigned int) (/usr/bin/../lib/libLLVM-9.so+0xc79844) #5 0x7f11eac0b308 clang::CodeGen::CodeGenFunction::EmitCheckedInBoundsGEP(llvm::Value*, llvm::ArrayRef, bool, bool, clang::SourceLocation, llvm::Twine const&) (/usr/bin/../lib/libclangCodeGen.so.9+0x240308) clang-9: error: unable to execute command: Segmentation fault (core dumped) clang-9: error: clang frontend command failed due to signal (use -v to see invocation) clang version 9.0.0 (tags/RELEASE_900/final) Target: x86_64-pc-linux-gnu Thread model: posix InstalledDir: /usr/bin clang-9: note: diagnostic msg: PLEASE submit a bug report to and include the crash backtrace, preprocessed source, and associated run script. clang-9: note: diagnostic msg: PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT: Preprocessed source(s) and associated run script(s) are located at: clang-9: note: diagnostic msg: /tmp/websocket_server_async-ec90ef.cpp clang-9: note: diagnostic msg: /tmp/websocket_server_async-ec90ef.sh clang-9: note: diagnostic msg: Compiled program is https://www.boost.org/doc/libs/1_71_0/libs/beast/example/websocket/server/async/websocket_server_async.cpp Using clang 9 from arch clang version 9.0.0 (tags/RELEASE_900/final) Target: x86_64-pc-linux-gnu Thread model: posix InstalledDir: /usr/bin It's also reproducible in wandbox: https://wandbox.org/permlink/sOJ5tV7g62wqKUGI -- You are receiving this mail because: You are on the CC list for the bug.___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 43670] New: analyzer does not know that failed syscalls set errno
https://bugs.llvm.org/show_bug.cgi?id=43670
Bug ID: 43670
Summary: analyzer does not know that failed syscalls set errno
Product: clang
Version: 9.0
Hardware: PC
OS: Linux
Status: NEW
Severity: enhancement
Priority: P
Component: Static Analyzer
Assignee: dcough...@apple.com
Reporter: n...@chello.at
CC: dcough...@apple.com, llvm-bugs@lists.llvm.org
The following code will produce a report, even though the analyzer could/should
deduce that errno is set to non-zero if socket returns < 0.
Adding the __builtin_unreachable fixes the report, but this should be automatic
for reading errno after entering a branch that requires a failed syscall.
#include
#include
#include
#include
#include
#include
#include
extern int dosomething(char *);
static int connect_socket(char **mname) {
int ret;
*mname = (char *)malloc(PATH_MAX);
int fd = socket(AF_UNIX, SOCK_SEQPACKET | SOCK_CLOEXEC, 0);
if (fd < 0) {
ret = errno;
// if (ret == 0)
// __builtin_unreachable();
free(*mname);
return ret;
}
{
ret = recv(fd, *mname, PATH_MAX, 0);
if (ret > 0) return 0;
}
close(fd);
return ret;
}
int do_init()
{
char *mname;
int ret = connect_socket(&mname);
if (ret)
return ret;
return dosomething(mname);
}
--
You are receiving this mail because:
You are on the CC list for the bug.___
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 43671] New: Use cmp+sbb instead of test+set for select of constants
https://bugs.llvm.org/show_bug.cgi?id=43671
Bug ID: 43671
Summary: Use cmp+sbb instead of test+set for select of
constants
Product: libraries
Version: trunk
Hardware: PC
OS: Linux
Status: NEW
Severity: enhancement
Priority: P
Component: Backend: X86
Assignee: unassignedb...@nondot.org
Reporter: david.bolvan...@gmail.com
CC: craig.top...@gmail.com, llvm-bugs@lists.llvm.org,
llvm-...@redking.me.uk, spatel+l...@rotateright.com
Motivation cases:
int foo(unsigned a) {
return a ? -1 : 1;
}
unsigned foo(unsigned a) {
return a ? 10 : 8;
}
Seems like, for some cases x ? A : B the GCC's code:
foo(unsigned int):
cmp edi, 1
sbb eax, eax
and eax, -2
add eax, 10
ret
Block RThroughput: 1.2
is better than Clang trunk's:
foo(unsigned int):
xor eax, eax
testedi, edi
setne al
add eax, eax
add eax, 8
ret
Block RThroughput: 1.3
I dont know the generalized rule here, but it seems like cmp+sbb is better when
A - B (or B - A) is 2, but also cmp+sbb is better in this case:
int foo(unsigned a) {
return a ? -1 : -9;
}
If we ignore cases when A or B is 0/1 (some other transformation kicks in;
codegen is good), it seems like cmp+sbb codegen is never worse than current
test+set+add codegen.
Current codegen: https://godbolt.org/z/GSa0wc
--
You are receiving this mail because:
You are on the CC list for the bug.___
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 43672] New: [LLVM-COV] Macro argument in non-executed if block incorrectly marked as executed
https://bugs.llvm.org/show_bug.cgi?id=43672
Bug ID: 43672
Summary: [LLVM-COV] Macro argument in non-executed if block
incorrectly marked as executed
Product: Runtime Libraries
Version: 9.0
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: libprofile library
Assignee: unassignedb...@nondot.org
Reporter: hannes.fra...@smartoptics.de
CC: llvm-bugs@lists.llvm.org
$ clang++-9 -v
clang version 9.0.0-svn374193-1~exp1~20191009183050.56 (branches/release_90)
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/5
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/5.5.0
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/6
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/6.5.0
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/7
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/7.4.0
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/9
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/5
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/5.5.0
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/6
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/6.5.0
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/7
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/7.4.0
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/9
Selected GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/9
Candidate multilib: .;@m64
Selected multilib: .;@m64
$ cat macro.cpp
#include
#define NOT_CALLED(x) std::cout << (x) << std::endl
int main() {
if (false)
NOT_CALLED("macro argument");
if (false) {
NOT_CALLED("macro argument");
}
}
$ clang++-9 -O0 -g -fcoverage-mapping -fprofile-instr-generate=macro.profraw
macro.cpp && ./a.out && llvm-profdata-9 merge macro.profraw -o macro.profdata
&& llvm-cov-9 show -instr-profile macro.profdata ./a.out
1| |#include
2| |
3| 0|#define NOT_CALLED(x) std::cout << (x) << std::endl
4| |
5| 1|int main() {
6| 1|if (false)
7| 1| NOT_CALLED("macro argument");
8| 1|
9| 1|if (false) {
10| 0| NOT_CALLED("macro argument");
11| 0|}
12| 1|}
Everything between '' is colored red. If not using curly braces the
macro argument (and therefore the whole line) is marked as executed.
--
You are receiving this mail because:
You are on the CC list for the bug.___
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 43673] New: wasm: zero initialized arrays get encoded in data section
https://bugs.llvm.org/show_bug.cgi?id=43673 Bug ID: 43673 Summary: wasm: zero initialized arrays get encoded in data section Product: libraries Version: 9.0 Hardware: Macintosh OS: All Status: NEW Severity: normal Priority: P Component: Backend: WebAssembly Assignee: unassignedb...@nondot.org Reporter: geert.aj.cust...@gmail.com CC: llvm-bugs@lists.llvm.org Created attachment 22669 --> https://bugs.llvm.org/attachment.cgi?id=22669&action=edit source that causes the bug Hello, At the moment the value of global arrays get encoded into the data section of a wasm module, without it being needed. Memory is guaranteed to be zero initialized by the wasm spec. The result of this is that large zero initialized arrays still get inlcuded in the data section of the module, leading to extremely large binaries. Attached is an example program that showcases the issue. Compiling the source code results in a binary of size 9.5MB, mostly consisting of zeroes. Mutliplying the "number" variable by 10 increases the binary size to 95MB. Clearly, adding a bunch more zeroes can lead to large binaries, so this could be seen as an amplification attack... I would expect clang/llvm to only describe the array in the globals section, and not to paste the whole contents of the array in the data section if the array is zero. Regards, Geert -- You are receiving this mail because: You are on the CC list for the bug.___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 15988 in oss-fuzz: llvm/clang-fuzzer: Null-dereference READ in clang::Parser::ParseExternalDeclaration
Updates: Labels: Deadline-Approaching Comment #1 on issue 15988 by sheriff...@chromium.org: llvm/clang-fuzzer: Null-dereference READ in clang::Parser::ParseExternalDeclaration https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15988#c1 This bug is approaching its deadline for being fixed, and will be automatically derestricted within 7 days. If a fix is planned within 2 weeks after the deadline has passed, a grace extension can be granted. - Your friendly Sheriffbot -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 16027 in oss-fuzz: llvm/llvm-opt-fuzzer--x86_64-licm: ASSERT: idx < size()
Updates: Labels: Deadline-Approaching Comment #1 on issue 16027 by sheriff...@chromium.org: llvm/llvm-opt-fuzzer--x86_64-licm: ASSERT: idx < size() https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16027#c1 This bug is approaching its deadline for being fixed, and will be automatically derestricted within 7 days. If a fix is planned within 2 weeks after the deadline has passed, a grace extension can be granted. - Your friendly Sheriffbot -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 15990 in oss-fuzz: llvm/clang-fuzzer: Null-dereference READ in clang::Sema::BuildPossibleImplicitMemberExpr
Updates: Labels: Deadline-Approaching Comment #1 on issue 15990 by sheriff...@chromium.org: llvm/clang-fuzzer: Null-dereference READ in clang::Sema::BuildPossibleImplicitMemberExpr https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15990#c1 This bug is approaching its deadline for being fixed, and will be automatically derestricted within 7 days. If a fix is planned within 2 weeks after the deadline has passed, a grace extension can be granted. - Your friendly Sheriffbot -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 18203 in oss-fuzz: llvm:clang-fuzzer: Stack-overflow in Evaluate
Status: New Owner: CC: k...@google.com, masc...@google.com, jdevlieg...@apple.com, igm...@gmail.com, mit...@google.com, bigchees...@gmail.com, eney...@google.com, llvm-b...@lists.llvm.org, j...@chromium.org, v...@apple.com, mitchphi...@outlook.com, xpl...@gmail.com, akils...@apple.com Labels: ClusterFuzz Stability-Memory-AddressSanitizer Reproducible Engine-libfuzzer OS-Linux Proj-llvm Reported-2019-10-14 Type: Bug New issue 18203 by ClusterFuzz-External: llvm:clang-fuzzer: Stack-overflow in Evaluate https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18203 Detailed Report: https://oss-fuzz.com/testcase?key=5650154685726720 Project: llvm Fuzzing Engine: libFuzzer Fuzz Target: clang-fuzzer Job Type: libfuzzer_asan_llvm Platform Id: linux Crash Type: Stack-overflow Crash Address: 0x7ffe0c40 Crash State: Evaluate IntExprEvaluator::VisitCastExpr clang::StmtVisitorBasebool>::Visit Sanitizer: address (ASAN) Regressed: https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201903250252:201903260256 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=5650154685726720 Issue filed automatically. See https://google.github.io/oss-fuzz/advanced-topics/reproducing for instructions to reproduce this bug locally. When you fix this bug, please * mention the fix revision(s). * state whether the bug was a short-lived regression or an old bug in any stable releases. * add any other useful information. This information can help downstream consumers. If you need to contact the OSS-Fuzz team with a question, concern, or any other feedback, please file an issue at https://github.com/google/oss-fuzz/issues. Comments on individual Monorail issues are not monitored. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 13543 in oss-fuzz: llvm/llvm-isel-fuzzer--aarch64-gisel: ASSERT: N1.getValueType() == N2.getValueType() && N1.getValueType() == VT && "Binary ope
Updates: Labels: ClusterFuzz-Verified Status: Verified Comment #3 on issue 13543 by ClusterFuzz-External: llvm/llvm-isel-fuzzer--aarch64-gisel: ASSERT: N1.getValueType() == N2.getValueType() && N1.getValueType() == VT && "Binary ope https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13543#c3 ClusterFuzz testcase 5719829103771648 is verified as fixed in https://oss-fuzz.com/revisions?job=libfuzzer_asan_llvm&range=201910130337:201910140329 If this is incorrect, please file a bug on https://github.com/google/oss-fuzz/issues/new -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 18208 in oss-fuzz: llvm:llvm-opt-fuzzer--x86_64-loop_unroll: Use-of-uninitialized-value in bool llvm::DenseMapBase
Status: New Owner: CC: k...@google.com, masc...@google.com, jdevlieg...@apple.com, igm...@gmail.com, mit...@google.com, bigchees...@gmail.com, eney...@google.com, llvm-b...@lists.llvm.org, j...@chromium.org, v...@apple.com, mitchphi...@outlook.com, xpl...@gmail.com, akils...@apple.com Labels: ClusterFuzz Reproducible Stability-Memory-MemorySanitizer Engine-libfuzzer OS-Linux Proj-llvm Security_Severity-Medium Reported-2019-10-14 Type: Bug-Security New issue 18208 by ClusterFuzz-External: llvm:llvm-opt-fuzzer--x86_64-loop_unroll: Use-of-uninitialized-value in bool llvm::DenseMapBasellvm::detail::DenseSetEm https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18208 Detailed Report: https://oss-fuzz.com/testcase?key=5077047453417472 Project: llvm Fuzzing Engine: libFuzzer Fuzz Target: llvm-opt-fuzzer--x86_64-loop_unroll Job Type: libfuzzer_msan_llvm Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: bool llvm::DenseMapBasellvm::detail::DenseSetEm llvm::detail::DenseSetPair* llvm::DenseMapBase llvm::UniqueStringSaver::save Sanitizer: memory (MSAN) Recommended Security Severity: Medium Crash Revision: https://oss-fuzz.com/revisions?job=libfuzzer_msan_llvm&revision=201906300300 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=5077047453417472 Issue filed automatically. See https://google.github.io/oss-fuzz/advanced-topics/reproducing for instructions to reproduce this bug locally. When you fix this bug, please * mention the fix revision(s). * state whether the bug was a short-lived regression or an old bug in any stable releases. * add any other useful information. This information can help downstream consumers. If you need to contact the OSS-Fuzz team with a question, concern, or any other feedback, please file an issue at https://github.com/google/oss-fuzz/issues. Comments on individual Monorail issues are not monitored. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 43663] CodeExtractor: converting to users fails lit tests
https://bugs.llvm.org/show_bug.cgi?id=43663 Eli Friedman changed: What|Removed |Added Resolution|--- |INVALID Status|NEW |RESOLVED --- Comment #1 from Eli Friedman --- The original code is correct. Your proposed code isn't. I don't see the problem. (Note that the loop modifies the use-list of "header".) -- You are receiving this mail because: You are on the CC list for the bug.___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 43641] [MemorySSA][SimpleUnswitch] Assertion `dominates(MD, U) && "Memory Def does not dominate it's uses"' failed
https://bugs.llvm.org/show_bug.cgi?id=43641 Alina Sbirlea changed: What|Removed |Added Status|CONFIRMED |RESOLVED Resolution|--- |FIXED --- Comment #3 from Alina Sbirlea --- Resolved by rL374850. -- You are receiving this mail because: You are on the CC list for the bug.___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 43360] [meta] 9.0.1 Release Blockers
https://bugs.llvm.org/show_bug.cgi?id=43360 Bug 43360 depends on bug 41380, which changed state. Bug 41380 Summary: [InstrProf] Errors after static registration changes in r353547 https://bugs.llvm.org/show_bug.cgi?id=41380 What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are on the CC list for the bug.___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 41380] [InstrProf] Errors after static registration changes in r353547
https://bugs.llvm.org/show_bug.cgi?id=41380 Tom Stellard changed: What|Removed |Added Fixed By Commit(s)|r372020 r372182 |r372020 r372182 r374858 Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #25 from Tom Stellard --- Merged: r374858 -- You are receiving this mail because: You are on the CC list for the bug.___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] Issue 18240 in oss-fuzz: llvm:llvm-opt-fuzzer--x86_64-gvn: ASSERT: isFPPredicate() && "Invalid FCmp predicate value"
Status: New Owner: CC: k...@google.com, masc...@google.com, jdevlieg...@apple.com, igm...@gmail.com, mit...@google.com, bigchees...@gmail.com, eney...@google.com, llvm-b...@lists.llvm.org, j...@chromium.org, v...@apple.com, mitchphi...@outlook.com, xpl...@gmail.com, akils...@apple.com Labels: ClusterFuzz Stability-Memory-AddressSanitizer Reproducible Engine-libfuzzer OS-Linux Proj-llvm Reported-2019-10-15 Type: Bug New issue 18240 by ClusterFuzz-External: llvm:llvm-opt-fuzzer--x86_64-gvn: ASSERT: isFPPredicate() && "Invalid FCmp predicate value" https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18240 Detailed Report: https://oss-fuzz.com/testcase?key=5722946110226432 Project: llvm Fuzzing Engine: libFuzzer Fuzz Target: llvm-opt-fuzzer--x86_64-gvn Job Type: libfuzzer_msan_llvm Platform Id: linux Crash Type: ASSERT Crash Address: Crash State: isFPPredicate() && "Invalid FCmp predicate value" llvm::FCmpInst::AssertOK BitcodeReader::parseFunctionBody Sanitizer: memory (MSAN) Crash Revision: https://oss-fuzz.com/revisions?job=libfuzzer_msan_llvm&revision=201906300300 Reproducer Testcase: https://oss-fuzz.com/download?testcase_id=5722946110226432 Issue filed automatically. See https://google.github.io/oss-fuzz/advanced-topics/reproducing for instructions to reproduce this bug locally. When you fix this bug, please * mention the fix revision(s). * state whether the bug was a short-lived regression or an old bug in any stable releases. * add any other useful information. This information can help downstream consumers. If you need to contact the OSS-Fuzz team with a question, concern, or any other feedback, please file an issue at https://github.com/google/oss-fuzz/issues. Comments on individual Monorail issues are not monitored. -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment. ___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 43360] [meta] 9.0.1 Release Blockers
https://bugs.llvm.org/show_bug.cgi?id=43360 Bug 43360 depends on bug 43378, which changed state. Bug 43378 Summary: Please merge r372188 to 9.0.0 for PR43164 https://bugs.llvm.org/show_bug.cgi?id=43378 What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED -- You are receiving this mail because: You are on the CC list for the bug.___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
[llvm-bugs] [Bug 43378] Please merge r372188 to 9.0.0 for PR43164
https://bugs.llvm.org/show_bug.cgi?id=43378 Tom Stellard changed: What|Removed |Added Status|NEW |RESOLVED Fixed By Commit(s)|r372188 |r372188 r374861 Resolution|--- |FIXED --- Comment #3 from Tom Stellard --- Merged: r374861 -- You are receiving this mail because: You are on the CC list for the bug.___ llvm-bugs mailing list llvm-bugs@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
