clang: incorrect compilation / segment fault in Expr::EvaluateKnownConstIntCheckOverflow / assertion `Result && "Could not evaluate expression"' failed #48583
Comments
|
It seems that the program compiled by trunk has an invalid output. The valid output should be 2 (where d = c = 2). For trunk, it prints 1 (https://godbolt.org/z/njo3Gj). For clang 6.0.0 and 7.0.0, it prints 2 (https://godbolt.org/z/8re8cG). For GCC, it prints 2 (https://godbolt.org/z/Wfodrr). |
|
I somehow feel it is serious, as trunk mis-compiles the program. I can understand the second argument of __builtin_expect should be an integer instead of function invocation according to the standard. But without warning, it will cause a problem. So I want to change the importance to 'release blocker'. However, I am not so sure whether it worths the effort. I do apologize in advance for any inconvenience caused. Thanks! |
|
Further reduced: int main() { If we reduce further to ... then Clang and GCC both reject saying that the statement-expression is not a constant expression. Similarly: int maybe_vla(int n) { ... is rejected by both Clang and GCC because the statement-expression is not an ICE, but int maybe_vla(int n) { ... is accepted. This seems like a bug in both compilers to me: __builtin_expect isn't supposed to affect the interpretation of its first operand, and presumably shouldn't be weakening the strict ICE checks. So I think the original testcase is probably invalid. Nonetheless, there is a bug here in how we evaluate ICEs involving statement expressions. For example, given: #define fold(x) (__builtin_constant_p(x) ? (x) : (x)) int f() { we incorrectly constant-evaluate the bound of 'arr' to 0. |
|
Fixed in bdf6fbc. @tstellar, feel free to cherry-pick to the 12.0 release after this has had a couple of days in tree. The fix should be pretty safe, and fixes a wrong-code bug. However, it's not a recent regression, and the situation that triggers the bug is very obscure, so I think it would also be OK to defer this fix to the Clang 13 release. |
|
I can open a separate bug if necessary but bdf6fbc causes a crash while compiling mm/gup.c in the Linux kernel on the 5.4 branch. creduce spits out: $ cat gup.i $ clang -fsyntax-only -x c gup.i
PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT: |
Given that this patch caused a regression, I won't merge it into release/12.x, until we can find a fix for the regression. |
|
This bug was not resolved in time for the 12.0.0 release, so it will have to wait for 12.0.1. If you feel this is a high-priority bug that should be fixed for 12.0.0, please re-add release-12.0.0 to the Blocks field and add a comment explaining why this is high-priority. |
|
mentioned in issue llvm/llvm-bugzilla-archive#49254 |
|
mentioned in issue #48661 |
|
mentioned in issue llvm/llvm-bugzilla-archive#49619 |
Extended Description
There is a valid C program which crashes clang version 8.0 - 11.0 (https://godbolt.org/z/3T8ePj).
It also triggers an assertion `Result && "Could not evaluate expression"' failed in trunk. I attached the output of trunk version below (the stdio.h including and printf can be reduced).
$ cat test.c
#include <stdio.h>
long a() { return 0; }
int main() {
int b = 1, c = 2;
int d = __builtin_choose_expr(__builtin_expect(({ 0; }), a()), b, c);
printf("%d\n", d);
}
$ cat /tmp/test-fb042e.sh
Crash reproducer for clang version 12.0.0 (https://github.com/llvm/llvm-project.git b46924e)
Driver args: "-c" "test.c"
Original command: "/data/xxx/git/llvm-project/build_12/bin/clang-12" "-cc1" "-triple" "x86_64-unknown-linux-gnu" "-emit-obj" "-mrelax-all" "--mrelax-relocations" "-disable-free" "-main-file-name" "test.c" "-mrelocation-model" "static" "-mframe-pointer=all" "-fmath-errno" "-fno-rounding-math" "-mconstructor-aliases" "-munwind-tables" "-target-cpu" "x86-64" "-tune-cpu" "generic" "-fno-split-dwarf-inlining" "-debugger-tuning=gdb" "-resource-dir" "/data/xxx/git/llvm-project/build_12/lib/clang/12.0.0" "-internal-isystem" "/usr/local/include" "-internal-isystem" "/data/xxx/git/llvm-project/build_12/lib/clang/12.0.0/include" "-internal-externc-isystem" "/usr/include/x86_64-linux-gnu" "-internal-externc-isystem" "/include" "-internal-externc-isystem" "/usr/include" "-fdebug-compilation-dir" "/data/xxx/docker_share/clang" "-ferror-limit" "19" "-fgnuc-version=4.2.1" "-fcolor-diagnostics" "-faddrsig" "-o" "test.o" "-x" "c" "test.c"
"/data/xxx/git/llvm-project/build_12/bin/clang-12" "-cc1" "-triple" "x86_64-unknown-linux-gnu" "-emit-obj" "-mrelax-all" "--mrelax-relocations" "-disable-free" "-main-file-name" "test.c" "-mrelocation-model" "static" "-mframe-pointer=all" "-fmath-errno" "-fno-rounding-math" "-mconstructor-aliases" "-munwind-tables" "-target-cpu" "x86-64" "-tune-cpu" "generic" "-fno-split-dwarf-inlining" "-debugger-tuning=gdb" "-ferror-limit" "19" "-fgnuc-version=4.2.1" "-fcolor-diagnostics" "-faddrsig" "-x" "c" "test-fb042e.c"
$ ./clang -c test.c
clang: /data/xxx/git/llvm-project/clang/lib/AST/ExprConstant.cpp:14979: llvm::APSInt clang::Expr::EvaluateKnownConstIntCheckOverflow(const clang::ASTContext &, SmallVectorImplclang::PartialDiagnosticAt *) const: Assertion `Result && "Could not evaluate expression"' failed.
PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0. Program arguments: /data/xxx/git/llvm-project/build_12/bin/clang -c test.c
#0 0x0000000000d89891 __interceptor_backtrace.part.117 (/data/xxx/git/llvm-project/build_12/bin/clang+0xd89891)
#1 0x000000000d59d8da llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) /data/xxx/git/llvm-project/llvm/lib/Support/Unix/Signals.inc:561:7
#2 0x000000000d594061 llvm::sys::RunSignalHandlers() /data/xxx/git/llvm-project/llvm/lib/Support/Signals.cpp:72:18
#3 0x000000000d59a4ff llvm::sys::CleanupOnSignal(unsigned long) /data/xxx/git/llvm-project/llvm/lib/Support/Unix/Signals.inc:0:3
#4 0x000000000d2b2385 (anonymous namespace)::CrashRecoveryContextImpl::HandleCrash(int, unsigned long) /data/xxx/git/llvm-project/llvm/lib/Support/CrashRecoveryContext.cpp:75:5
#5 0x000000000d2b2e4c CrashRecoverySignalHandler(int) /data/xxx/git/llvm-project/llvm/lib/Support/CrashRecoveryContext.cpp:389:1
#6 0x00007f74347648a0 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x128a0)
#7 0x00007f7434187f47 raise /build/glibc-2ORdQG/glibc-2.27/signal/../sysdeps/unix/sysv/linux/raise.c:51:0
#8 0x00007f74341898b1 abort /build/glibc-2ORdQG/glibc-2.27/stdlib/abort.c:81:0
#9 0x00007f743417942a __assert_fail_base /build/glibc-2ORdQG/glibc-2.27/assert/assert.c:89:0
#10 0x00007f74341794a2 (/lib/x86_64-linux-gnu/libc.so.6+0x304a2)
#11 0x000000001d435f84 clang::Expr::EvaluateKnownConstIntCheckOverflow(clang::ASTContext const&, llvm::SmallVectorImpl<std::pair<clang::SourceLocation, clang::PartialDiagnostic> >) const /data/xxx/git/llvm-project/clang/lib/AST/ExprConstant.cpp:0:3
#12 0x000000001962daf7 llvm::APSInt::operator=(llvm::APSInt&&) /data/xxx/git/llvm-project/llvm/include/llvm/ADT/APSInt.h:0:0
#13 0x000000001962daf7 clang::Sema::VerifyIntegerConstantExpression(clang::Expr, llvm::APSInt*, clang::Sema::VerifyICEDiagnoser&, clang::Sema::AllowFoldKind) /data/xxx/git/llvm-project/clang/lib/Sema/SemaExpr.cpp:16139:0
#14 0x000000001961f7b9 clang::Sema::VerifyIntegerConstantExpression(clang::Expr*, llvm::APSInt*, unsigned int, clang::Sema::AllowFoldKind) /data/xxx/git/llvm-project/clang/lib/Sema/SemaExpr.cpp:16041:10
#15 0x000000001961f7b9 clang::Sema::ActOnChooseExpr(clang::SourceLocation, clang::Expr*, clang::Expr*, clang::Expr*, clang::SourceLocation) /data/xxx/git/llvm-project/clang/lib/Sema/SemaExpr.cpp:15135:0
#16 0x00000000180fc5b2 clang::Parser::ParseBuiltinPrimaryExpression() /data/xxx/git/llvm-project/clang/lib/Parse/ParseExpr.cpp:2608:19
#17 0x00000000180da7f1 clang::Parser::ParseCastExpression(clang::Parser::CastParseKind, bool, bool&, clang::Parser::TypeCastState, bool, bool*) /data/xxx/git/llvm-project/clang/lib/Parse/ParseExpr.cpp:1309:12
#18 0x00000000180c5564 clang::Parser::ParseCastExpression(clang::Parser::CastParseKind, bool, clang::Parser::TypeCastState, bool, bool*) /data/xxx/git/llvm-project/clang/lib/Parse/ParseExpr.cpp:681:20
#19 0x00000000180c5564 clang::Parser::ParseAssignmentExpression(clang::Parser::TypeCastState) /data/xxx/git/llvm-project/clang/lib/Parse/ParseExpr.cpp:173:0
#20 0x0000000017fffcab clang::Parser::ParseInitializer() /data/xxx/git/llvm-project/clang/include/clang/Parse/Parser.h:0:14
#21 0x0000000017fffcab clang::Parser::ParseDeclarationAfterDeclaratorAndAttributes(clang::Declarator&, clang::Parser::ParsedTemplateInfo const&, clang::Parser::ForRangeInit*) /data/xxx/git/llvm-project/clang/lib/Parse/ParseDecl.cpp:2302:0
#22 0x0000000017ff7169 clang::Parser::ParseDeclGroup(clang::ParsingDeclSpec&, clang::DeclaratorContext, clang::SourceLocation*, clang::Parser::ForRangeInit*) /data/xxx/git/llvm-project/clang/lib/Parse/ParseDecl.cpp:2038:21
#23 0x0000000017fe141c clang::Parser::ParseSimpleDeclaration(clang::DeclaratorContext, clang::SourceLocation&, clang::Parser::ParsedAttributesWithRange&, bool, clang::Parser::ForRangeInit*, clang::SourceLocation*) /data/xxx/git/llvm-project/clang/lib/Parse/ParseDecl.cpp:1754:10
#24 0x0000000017fe043f clang::Parser::ParseDeclaration(clang::DeclaratorContext, clang::SourceLocation&, clang::Parser::ParsedAttributesWithRange&, clang::SourceLocation*) /data/xxx/git/llvm-project/clang/lib/Parse/ParseDecl.cpp:1687:12
#25 0x0000000018293d42 clang::Parser::ParseStatementOrDeclarationAfterAttributes(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*, clang::Parser::ParsedAttributesWithRange&) /data/xxx/git/llvm-project/clang/lib/Parse/ParseStmt.cpp:0:16
#26 0x000000001829089a clang::Parser::ParseStatementOrDeclaration(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*) /data/xxx/git/llvm-project/clang/lib/Parse/ParseStmt.cpp:106:20
#27 0x00000000182af9e5 clang::Parser::ParseCompoundStatementBody(bool) /data/xxx/git/llvm-project/clang/lib/Parse/ParseStmt.cpp:1099:11
#28 0x00000000182b580f clang::ActionResult<clang::Stmt*, true>::isInvalid() const /data/xxx/git/llvm-project/clang/include/clang/Sema/Ownership.h:0:0
#29 0x00000000182b580f clang::Parser::ParseFunctionStatementBody(clang::Decl*, clang::Parser::ParseScope&) /data/xxx/git/llvm-project/clang/lib/Parse/ParseStmt.cpp:2263:0
#30 0x0000000017f77add clang::Parser::ParseFunctionDefinition(clang::ParsingDeclarator&, clang::Parser::ParsedTemplateInfo const&, clang::Parser::LateParsedAttrList*) /data/xxx/git/llvm-project/clang/lib/Parse/Parser.cpp:0:10
#31 0x0000000017ff6aa0 clang::Parser::ParseDeclGroup(clang::ParsingDeclSpec&, clang::DeclaratorContext, clang::SourceLocation*, clang::Parser::ForRangeInit*) /data/xxx/git/llvm-project/clang/lib/Parse/ParseDecl.cpp:1976:27
#32 0x0000000017f737b2 clang::Parser::ParseDeclOrFunctionDefInternal(clang::Parser::ParsedAttributesWithRange&, clang::ParsingDeclSpec&, clang::AccessSpecifier) /data/xxx/git/llvm-project/clang/lib/Parse/Parser.cpp:1134:10
#33 0x0000000017f705d7 clang::Parser::ParseDeclarationOrFunctionDefinition(clang::Parser::ParsedAttributesWithRange&, clang::ParsingDeclSpec*, clang::AccessSpecifier) /data/xxx/git/llvm-project/clang/lib/Parse/Parser.cpp:1150:12
#34 0x0000000017f6d3ad clang::Parser::ParseExternalDeclaration(clang::Parser::ParsedAttributesWithRange&, clang::ParsingDeclSpec*) /data/xxx/git/llvm-project/clang/lib/Parse/Parser.cpp:0:12
#35 0x0000000017f662ee clang::Parser::ParseTopLevelDecl(clang::OpaquePtrclang::DeclGroupRef&, bool) /data/xxx/git/llvm-project/clang/lib/Parse/Parser.cpp:716:10
#36 0x0000000017f52b99 clang::ParseAST(clang::Sema&, bool, bool) /data/xxx/git/llvm-project/clang/lib/Parse/ParseAST.cpp:157:15
#37 0x00000000102ed733 clang::ASTFrontendAction::ExecuteAction() /data/xxx/git/llvm-project/clang/lib/Frontend/FrontendAction.cpp:1058:1
#38 0x00000000129dd448 clang::CodeGenAction::ExecuteAction() /data/xxx/git/llvm-project/clang/lib/CodeGen/CodeGenAction.cpp:1082:30
#39 0x00000000102ea56d clang::FrontendAction::Execute() /data/xxx/git/llvm-project/clang/lib/Frontend/FrontendAction.cpp:0:8
#40 0x00000000100f5a87 llvm::Error::operator bool() /data/xxx/git/llvm-project/llvm/include/llvm/Support/Error.h:0:0
#41 0x00000000100f5a87 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) /data/xxx/git/llvm-project/clang/lib/Frontend/CompilerInstance.cpp:949:0
#42 0x00000000107e829e clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /data/xxx/git/llvm-project/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:278:25
#43 0x0000000000e277af cc1_main(llvm::ArrayRef<char const*>, char const*, void*) /data/xxx/git/llvm-project/clang/tools/driver/cc1_main.cpp:240:15
#44 0x0000000000e0f567 ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&) /data/xxx/git/llvm-project/clang/tools/driver/driver.cpp:330:12
#45 0x000000000fc7c44d clang::driver::CC1Command::Execute(llvm::ArrayRef<llvm::Optionalllvm::StringRef >, std::__cxx11::basic_string<char, std::char_traits, std::allocator >, bool) const::$_1::operator()() const /data/xxx/git/llvm-project/clang/lib/Driver/Job.cpp:404:30
#46 0x000000000fc7c44d void llvm::function_ref<void ()>::callback_fn<clang::driver::CC1Command::Execute(llvm::ArrayRef<llvm::Optionalllvm::StringRef >, std::__cxx11::basic_string<char, std::char_traits, std::allocator >, bool) const::$_1>(long) /data/xxx/git/llvm-project/llvm/include/llvm/ADT/STLExtras.h:185:0
#47 0x000000000d2b1f24 llvm::function_ref<void ()>::operator()() const /data/xxx/git/llvm-project/llvm/include/llvm/ADT/STLExtras.h:209:12
#48 0x000000000d2b1f24 llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>) /data/xxx/git/llvm-project/llvm/lib/Support/CrashRecoveryContext.cpp:424:0
#49 0x000000000fc79da2 clang::driver::CC1Command::Execute(llvm::ArrayRef<llvm::Optionalllvm::StringRef >, std::__cxx11::basic_string<char, std::char_traits, std::allocator >, bool) const /data/xxx/git/llvm-project/clang/lib/Driver/Job.cpp:404:7
#50 0x000000000fb7111e clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&, clang::driver::Command const*&) const /data/xxx/git/llvm-project/clang/lib/Driver/Compilation.cpp:195:15
#51 0x000000000fb71d6c clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*> >&) const /data/xxx/git/llvm-project/clang/lib/Driver/Compilation.cpp:248:19
#52 0x000000000fbd4e2a llvm::SmallVectorBase::empty() const /data/xxx/git/llvm-project/llvm/include/llvm/ADT/SmallVector.h:0:0
#53 0x000000000fbd4e2a clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*> >&) /data/xxx/git/llvm-project/clang/lib/Driver/Driver.cpp:1517:0
#54 0x0000000000e0c4af main /data/xxx/git/llvm-project/clang/tools/driver/driver.cpp:502:21
#55 0x00007f743416ab97 __libc_start_main /build/glibc-2ORdQG/glibc-2.27/csu/../csu/libc-start.c:344:0
#56 0x0000000000d072ca _start (/data/xxx/git/llvm-project/build_12/bin/clang+0xd072ca)
clang-12: error: clang frontend command failed with exit code 134 (use -v to see invocation)
clang version 12.0.0 (https://github.com/llvm/llvm-project.git b46924e)
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /data/xxx/git/llvm-project/build_12/bin
clang-12: note: diagnostic msg:
PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
Preprocessed source(s) and associated run script(s) are located at:
clang-12: note: diagnostic msg: /tmp/test-fb042e.c
clang-12: note: diagnostic msg: /tmp/test-fb042e.sh
clang-12: note: diagnostic msg:
The text was updated successfully, but these errors were encountered: