Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clang-13 crashes in clang::Expr::EvaluateAsConstantExpr #53628

Closed
AMS21 opened this issue Feb 7, 2022 · 4 comments
Closed

Clang-13 crashes in clang::Expr::EvaluateAsConstantExpr #53628

AMS21 opened this issue Feb 7, 2022 · 4 comments
Assignees
@dmpolukhin
Labels
clang:frontend Language frontend issues, e.g. anything involving "Sema" crash Prefer [crash-on-valid] or [crash-on-invalid]

Comments

@AMS21
Copy link
Contributor

AMS21 commented Feb 7, 2022
edited
Loading

Not sure how helpful these will be.
clang version:
clang version 13.0.0 Target: x86_64-pc-linux-gnu Thread model: posix InstalledDir: /usr/bin

repro1.zip
output:

PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.      Program arguments: /usr/bin/clang-13 -cc1 -triple x86_64-pc-linux-gnu -emit-obj -mrelax-all --mrelax-relocations -disable-free -disable-llvm-verifier -discard-value-names -main-file-name Parser.cpp -mrelocation-model pic -pic-level 2 -pic-is-pie -mframe-pointer=all -mdisable-tail-calls -fmath-errno -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -tune-cpu generic -debug-info-kind=constructor -dwarf-version=4 -debugger-tuning=gdb -fcoverage-compilation-dir=/mnt/data/dev/DLXEmu/build-clang -sys-header-deps -D SPDLOG_COMPILED_LIB -std=gnu++2b -fdeprecated-macro -fdebug-compilation-dir=/mnt/data/dev/DLXEmu/build-clang -ferror-limit 19 -fsanitize=address,alignment,array-bounds,bool,builtin,enum,float-cast-overflow,float-divide-by-zero,function,integer-divide-by-zero,nonnull-attribute,null,nullability-arg,nullability-assign,nullability-return,pointer-overflow,return,returns-nonnull-attribute,shift-base,shift-exponent,signed-integer-overflow,unreachable,vla-bound,vptr -fsanitize-recover=float-divide-by-zero -fsanitize-system-ignorelist=/usr/lib/clang/13.0.0/share/asan_ignorelist.txt -fsanitize-address-use-after-scope -fno-assume-sane-operator-new -stack-protector 2 -fgnuc-version=4.2.1 -fcxx-exceptions -fexceptions -fcolor-diagnostics -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -x c++ Parser-0e184c.cpp
1.      /mnt/data/dev/DLXEmu/DLXLib/src/Parser.cpp:427:5: current parser token 'ParsedProgram'
2.      /mnt/data/dev/DLXEmu/DLXLib/src/Parser.cpp:30:1: parsing namespace 'dlx'
3.      /mnt/data/dev/DLXEmu/DLXLib/src/Parser.cpp:213:5: parsing function body 'dlx::Parser::Parse'
 #0 0x00007fdcbe606c93 (/usr/bin/../lib/libLLVM-13.so+0xba2c93)
 #1 0x00007fdcbe6044a6 (/usr/bin/../lib/libLLVM-13.so+0xba04a6)
 #2 0x00007fdcbd6beda0 __restore_rt sigaction.c:0:0
 #3 0x00007fdcc51cbae8 (/usr/bin/../lib/libclang-cpp.so.13+0xf39ae8)
 #4 0x00007fdcc51d1967 (/usr/bin/../lib/libclang-cpp.so.13+0xf3f967)
 #5 0x00007fdcc51d6606 clang::Expr::EvaluateAsConstantExpr(clang::Expr::EvalResult&, clang::ASTContext const&, clang::Expr::ConstantExprKind) const (/usr/bin/../lib/libclang-cpp.so.13+0xf44606)
 #6 0x00007fdcc595b9c3 clang::Sema::PopExpressionEvaluationContext() (/usr/bin/../lib/libclang-cpp.so.13+0x16c99c3)
 #7 0x00007fdcc57c386e clang::Sema::ActOnFinishFunctionBody(clang::Decl*, clang::Stmt*, bool) (/usr/bin/../lib/libclang-cpp.so.13+0x153186e)
 #8 0x00007fdcc4f3aad4 clang::Parser::ParseFunctionStatementBody(clang::Decl*, clang::Parser::ParseScope&) (/usr/bin/../lib/libclang-cpp.so.13+0xca8ad4)
 #9 0x00007fdcc4f6dc2d clang::Parser::ParseFunctionDefinition(clang::ParsingDeclarator&, clang::Parser::ParsedTemplateInfo const&, clang::Parser::LateParsedAttrList*) (/usr/bin/../lib/libclang-cpp.so.13+0xcdbc2d)
#10 0x00007fdcc4ea9a2e clang::Parser::ParseDeclGroup(clang::ParsingDeclSpec&, clang::DeclaratorContext, clang::SourceLocation*, clang::Parser::ForRangeInit*) (/usr/bin/../lib/libclang-cpp.so.13+0xc17a2e)
#11 0x00007fdcc4f69725 (/usr/bin/../lib/libclang-cpp.so.13+0xcd7725)
#12 0x00007fdcc4f6feca clang::Parser::ParseExternalDeclaration(clang::ParsedAttributesWithRange&, clang::ParsingDeclSpec*) (/usr/bin/../lib/libclang-cpp.so.13+0xcddeca)
#13 0x00007fdcc4ebde82 clang::Parser::ParseInnerNamespace(llvm::SmallVector<clang::Parser::InnerNamespaceInfo, 4u> const&, unsigned int, clang::SourceLocation&, clang::ParsedAttributes&, clang::BalancedDelimiterTracker&) (/usr/bin/../lib/libclang-cpp.so.13+0xc2be82)
#14 0x00007fdcc4ec2640 clang::Parser::ParseNamespace(clang::DeclaratorContext, clang::SourceLocation&, clang::SourceLocation) (/usr/bin/../lib/libclang-cpp.so.13+0xc30640)
#15 0x00007fdcc4eaaa4e clang::Parser::ParseDeclaration(clang::DeclaratorContext, clang::SourceLocation&, clang::ParsedAttributesWithRange&, clang::SourceLocation*) (/usr/bin/../lib/libclang-cpp.so.13+0xc18a4e)
#16 0x00007fdcc4f6fa55 clang::Parser::ParseExternalDeclaration(clang::ParsedAttributesWithRange&, clang::ParsingDeclSpec*) (/usr/bin/../lib/libclang-cpp.so.13+0xcdda55)
#17 0x00007fdcc4f70f4a clang::Parser::ParseTopLevelDecl(clang::OpaquePtr<clang::DeclGroupRef>&, bool) (/usr/bin/../lib/libclang-cpp.so.13+0xcdef4a)
#18 0x00007fdcc4e7fc22 clang::ParseAST(clang::Sema&, bool, bool) (/usr/bin/../lib/libclang-cpp.so.13+0xbedc22)
#19 0x00007fdcc6a25899 clang::FrontendAction::Execute() (/usr/bin/../lib/libclang-cpp.so.13+0x2793899)
#20 0x00007fdcc69af9ec clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/usr/bin/../lib/libclang-cpp.so.13+0x271d9ec)
#21 0x00007fdcc6aa5c99 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/usr/bin/../lib/libclang-cpp.so.13+0x2813c99)
#22 0x000056549989d8e9 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/usr/bin/clang-13+0x128e9)
#23 0x000056549989acf9 (/usr/bin/clang-13+0xfcf9)
#24 0x00005654998973e3 main (/usr/bin/clang-13+0xc3e3)
#25 0x00007fdcbd6a9b25 __libc_start_main (/usr/bin/../lib/libc.so.6+0x27b25)
#26 0x000056549989a65e _start (/usr/bin/clang-13+0xf65e)
./Parser-0e184c.sh: line 4: 10634 Segmentation fault      (core dumped) "/usr/bin/clang-13" "-cc1" "-triple" "x86_64-pc-linux-gnu" "-emit-obj" "-mrelax-all" "--mrelax-relocations" "-disable-free" "-disable-llvm-verifier" "-discard-value-names" "-main-file-name" "Parser.cpp" "-mrelocation-model" "pic" "-pic-level" "2" "-pic-is-pie" "-mframe-pointer=all" "-mdisable-tail-calls" "-fmath-errno" "-fno-rounding-math" "-mconstructor-aliases" "-munwind-tables" "-target-cpu" "x86-64" "-tune-cpu" "generic" "-debug-info-kind=constructor" "-dwarf-version=4" "-debugger-tuning=gdb" "-fcoverage-compilation-dir=/mnt/data/dev/DLXEmu/build-clang" "-sys-header-deps" "-D" "SPDLOG_COMPILED_LIB" "-std=gnu++2b" "-fdeprecated-macro" "-fdebug-compilation-dir=/mnt/data/dev/DLXEmu/build-clang" "-ferror-limit" "19" "-fsanitize=address,alignment,array-bounds,bool,builtin,enum,float-cast-overflow,float-divide-by-zero,function,integer-divide-by-zero,nonnull-attribute,null,nullability-arg,nullability-assign,nullability-return,pointer-overflow,return,returns-nonnull-attribute,shift-base,shift-exponent,signed-integer-overflow,unreachable,vla-bound,vptr" "-fsanitize-recover=float-divide-by-zero" "-fsanitize-system-ignorelist=/usr/lib/clang/13.0.0/share/asan_ignorelist.txt" "-fsanitize-address-use-after-scope" "-fno-assume-sane-operator-new" "-stack-protector" "2" "-fgnuc-version=4.2.1" "-fcxx-exceptions" "-fexceptions" "-fcolor-diagnostics" "-faddrsig" "-D__GCC_HAVE_DWARF2_CFI_ASM=1" "-x" "c++" "Parser-0e184c.cpp"

repro2.zip
output:

PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.      Program arguments: /usr/bin/clang-13 -cc1 -triple x86_64-pc-linux-gnu -emit-obj -mrelax-all --mrelax-relocations -disable-free -disable-llvm-verifier -discard-value-names -main-file-name Tokenizer.cpp -mrelocation-model pic -pic-level 2 -pic-is-pie -mframe-pointer=all -fmath-errno -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -tune-cpu generic -debug-info-kind=constructor -dwarf-version=4 -debugger-tuning=gdb -fcoverage-compilation-dir=/mnt/data/dev/OpenAutoIt/build-clang -sys-header-deps -D FMT_LOCALE -D CMAKE_INTDIR=\"Debug\" -std=gnu++2b -fdeprecated-macro -fdebug-compilation-dir=/mnt/data/dev/OpenAutoIt/build-clang -ferror-limit 19 -stack-protector 2 -fgnuc-version=4.2.1 -fcxx-exceptions -fexceptions -fcolor-diagnostics -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -x c++ Tokenizer-497028.cpp
1.      /mnt/data/dev/OpenAutoIt/OpenAutoItParser/src/Tokenizer.cpp:319:1: current parser token '}'
2.      /mnt/data/dev/OpenAutoIt/OpenAutoItParser/src/Tokenizer.cpp:170:1: parsing namespace 'OpenAutoIt'
3.      /mnt/data/dev/OpenAutoIt/OpenAutoItParser/src/Tokenizer.cpp:173:5: parsing function body 'OpenAutoIt::Tokenize'
 #0 0x00007f9877f3ac93 (/usr/bin/../lib/libLLVM-13.so+0xba2c93)
 #1 0x00007f9877f384a6 (/usr/bin/../lib/libLLVM-13.so+0xba04a6)
 #2 0x00007f9876ff2da0 __restore_rt sigaction.c:0:0
 #3 0x00007f987eaffae8 (/usr/bin/../lib/libclang-cpp.so.13+0xf39ae8)
 #4 0x00007f987eb05967 (/usr/bin/../lib/libclang-cpp.so.13+0xf3f967)
 #5 0x00007f987eb0a606 clang::Expr::EvaluateAsConstantExpr(clang::Expr::EvalResult&, clang::ASTContext const&, clang::Expr::ConstantExprKind) const (/usr/bin/../lib/libclang-cpp.so.13+0xf44606)
 #6 0x00007f987f28f9c3 clang::Sema::PopExpressionEvaluationContext() (/usr/bin/../lib/libclang-cpp.so.13+0x16c99c3)
 #7 0x00007f987f0f786e clang::Sema::ActOnFinishFunctionBody(clang::Decl*, clang::Stmt*, bool) (/usr/bin/../lib/libclang-cpp.so.13+0x153186e)
 #8 0x00007f987e86ead4 clang::Parser::ParseFunctionStatementBody(clang::Decl*, clang::Parser::ParseScope&) (/usr/bin/../lib/libclang-cpp.so.13+0xca8ad4)
 #9 0x00007f987e8a1c2d clang::Parser::ParseFunctionDefinition(clang::ParsingDeclarator&, clang::Parser::ParsedTemplateInfo const&, clang::Parser::LateParsedAttrList*) (/usr/bin/../lib/libclang-cpp.so.13+0xcdbc2d)
#10 0x00007f987e7dda2e clang::Parser::ParseDeclGroup(clang::ParsingDeclSpec&, clang::DeclaratorContext, clang::SourceLocation*, clang::Parser::ForRangeInit*) (/usr/bin/../lib/libclang-cpp.so.13+0xc17a2e)
#11 0x00007f987e89d725 (/usr/bin/../lib/libclang-cpp.so.13+0xcd7725)
#12 0x00007f987e8a3eca clang::Parser::ParseExternalDeclaration(clang::ParsedAttributesWithRange&, clang::ParsingDeclSpec*) (/usr/bin/../lib/libclang-cpp.so.13+0xcddeca)
#13 0x00007f987e7f1e82 clang::Parser::ParseInnerNamespace(llvm::SmallVector<clang::Parser::InnerNamespaceInfo, 4u> const&, unsigned int, clang::SourceLocation&, clang::ParsedAttributes&, clang::BalancedDelimiterTracker&) (/usr/bin/../lib/libclang-cpp.so.13+0xc2be82)
#14 0x00007f987e7f6640 clang::Parser::ParseNamespace(clang::DeclaratorContext, clang::SourceLocation&, clang::SourceLocation) (/usr/bin/../lib/libclang-cpp.so.13+0xc30640)
#15 0x00007f987e7dea4e clang::Parser::ParseDeclaration(clang::DeclaratorContext, clang::SourceLocation&, clang::ParsedAttributesWithRange&, clang::SourceLocation*) (/usr/bin/../lib/libclang-cpp.so.13+0xc18a4e)
#16 0x00007f987e8a3a55 clang::Parser::ParseExternalDeclaration(clang::ParsedAttributesWithRange&, clang::ParsingDeclSpec*) (/usr/bin/../lib/libclang-cpp.so.13+0xcdda55)
#17 0x00007f987e8a4f4a clang::Parser::ParseTopLevelDecl(clang::OpaquePtr<clang::DeclGroupRef>&, bool) (/usr/bin/../lib/libclang-cpp.so.13+0xcdef4a)
#18 0x00007f987e7b3c22 clang::ParseAST(clang::Sema&, bool, bool) (/usr/bin/../lib/libclang-cpp.so.13+0xbedc22)
#19 0x00007f9880359899 clang::FrontendAction::Execute() (/usr/bin/../lib/libclang-cpp.so.13+0x2793899)
#20 0x00007f98802e39ec clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/usr/bin/../lib/libclang-cpp.so.13+0x271d9ec)
#21 0x00007f98803d9c99 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/usr/bin/../lib/libclang-cpp.so.13+0x2813c99)
#22 0x0000560fb71698e9 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/usr/bin/clang-13+0x128e9)
#23 0x0000560fb7166cf9 (/usr/bin/clang-13+0xfcf9)
#24 0x0000560fb71633e3 main (/usr/bin/clang-13+0xc3e3)
#25 0x00007f9876fddb25 __libc_start_main (/usr/bin/../lib/libc.so.6+0x27b25)
#26 0x0000560fb716665e _start (/usr/bin/clang-13+0xf65e)
./Tokenizer-497028.sh: line 4: 10677 Segmentation fault      (core dumped) "/usr/bin/clang-13" "-cc1" "-triple" "x86_64-pc-linux-gnu" "-emit-obj" "-mrelax-all" "--mrelax-relocations" "-disable-free" "-disable-llvm-verifier" "-discard-value-names" "-main-file-name" "Tokenizer.cpp" "-mrelocation-model" "pic" "-pic-level" "2" "-pic-is-pie" "-mframe-pointer=all" "-fmath-errno" "-fno-rounding-math" "-mconstructor-aliases" "-munwind-tables" "-target-cpu" "x86-64" "-tune-cpu" "generic" "-debug-info-kind=constructor" "-dwarf-version=4" "-debugger-tuning=gdb" "-fcoverage-compilation-dir=/mnt/data/dev/OpenAutoIt/build-clang" "-sys-header-deps" "-D" "FMT_LOCALE" "-D" "CMAKE_INTDIR=\"Debug\"" "-std=gnu++2b" "-fdeprecated-macro" "-fdebug-compilation-dir=/mnt/data/dev/OpenAutoIt/build-clang" "-ferror-limit" "19" "-stack-protector" "2" "-fgnuc-version=4.2.1" "-fcxx-exceptions" "-fexceptions" "-fcolor-diagnostics" "-faddrsig" "-D__GCC_HAVE_DWARF2_CFI_ASM=1" "-x" "c++" "Tokenizer-497028.cpp"
@tbaederr
Copy link
Contributor

tbaederr commented Feb 7, 2022

This still reproduces in current clang compiled from main with -std=gnu++2b:

0x00007fffe7e6388c in __pthread_kill_implementation () from /lib64/libc.so.6
Missing separate debuginfos, use: dnf debuginfo-install glibc-2.34-25.fc35.x86_64 libedit-3.1-40.20210910cvs.fc35.x86_64 libgcc-11.2.1-7.fc35.x86_64 libstdc++-11.2.1-7.fc35.x86_64 libxml2-2.9.12-6.fc35.x86_64 ncurses-libs-6.2-8.20210508.fc35.x86_64 xz-libs-5.2.5-7.fc35.x86_64 zlib-1.2.11-30.fc35.x86_64
(gdb) bt
#0  0x00007fffe7e6388c in __pthread_kill_implementation () from /lib64/libc.so.6
#1  0x00007fffe7e166a6 in raise () from /lib64/libc.so.6
#2  0x00007fffe7e007d3 in abort () from /lib64/libc.so.6
#3  0x00007fffe7e006fb in __assert_fail_base.cold () from /lib64/libc.so.6
#4  0x00007fffe7e0f396 in __assert_fail () from /lib64/libc.so.6
#5  0x00007ffff532f23c in RemoveNestedImmediateInvocation (SemaRef=..., Rec=..., It=...)
    at /home/tbaeder/code/llvm-project/clang/lib/Sema/SemaExpr.cpp:16836
#6  0x00007ffff532f448 in HandleImmediateInvocations (SemaRef=..., Rec=...)
    at /home/tbaeder/code/llvm-project/clang/lib/Sema/SemaExpr.cpp:16865
#7  0x00007ffff532f940 in clang::Sema::PopExpressionEvaluationContext (this=0x32ba20)
    at /home/tbaeder/code/llvm-project/clang/lib/Sema/SemaExpr.cpp:16925
#8  0x00007ffff5096e64 in ExitFunctionBodyRAII::~ExitFunctionBodyRAII (this=0x7fffffff8150,
    __in_chrg=<optimized out>) at /home/tbaeder/code/llvm-project/clang/lib/Sema/SemaDecl.cpp:14599
#9  0x00007ffff507a937 in clang::Sema::ActOnFinishFunctionBody (this=0x32ba20, dcl=0x4e3f038,
    Body=0x55725a0, IsInstantiation=false)
    at /home/tbaeder/code/llvm-project/clang/lib/Sema/SemaDecl.cpp:14983
#10 0x00007ffff5078841 in clang::Sema::ActOnFinishFunctionBody (this=0x32ba20, D=0x4e3f038,
    BodyArg=0x55725a0) at /home/tbaeder/code/llvm-project/clang/lib/Sema/SemaDecl.cpp:14589
#11 0x00007ffff40980f4 in clang::Parser::ParseFunctionStatementBody (this=0x336450, Decl=0x4e3f038,
    BodyScope=...) at /home/tbaeder/code/llvm-project/clang/lib/Parse/ParseStmt.cpp:2379
#12 0x00007ffff40b87d4 in clang::Parser::ParseFunctionDefinition (this=0x336450, D=...,
    TemplateInfo=..., LateParsedAttrs=0x7fffffff8e30)
    at /home/tbaeder/code/llvm-project/clang/lib/Parse/Parser.cpp:1378

@tbaederr tbaederr added clang:frontend Language frontend issues, e.g. anything involving "Sema" and removed new issue labels Feb 7, 2022
@llvmbot
Copy link
Collaborator

llvmbot commented Feb 7, 2022

@llvm/issue-subscribers-clang-frontend

@dmpolukhin
Copy link
Contributor

I believe https://reviews.llvm.org/D133948 fixes this crash.

@dmpolukhin dmpolukhin self-assigned this Sep 17, 2022
@EugeneZelenko EugeneZelenko added the crash Prefer [crash-on-valid] or [crash-on-invalid] label Sep 17, 2022
@HighCommander4
Copy link
Collaborator

HighCommander4 commented Sep 28, 2022
edited
Loading

Perhaps we could consider backporting this fix to the 15.x branch? It seems pretty safe, and clangd users are running into it (clangd/clangd#1311).

@HighCommander4 HighCommander4 mentioned this issue Sep 28, 2022
Closed
@DimitryAndric DimitryAndric mentioned this issue Jan 29, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dmpolukhin dmpolukhin

Labels
clang:frontend Language frontend issues, e.g. anything involving "Sema" crash Prefer [crash-on-valid] or [crash-on-invalid]
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@HighCommander4 @EugeneZelenko @AMS21 @dmpolukhin @tbaederr @llvmbot