Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clang/LLVM crash when using __builtin_dump_struct on struct with 3 or more bit-fields #54462

Closed
cmdneo opened this issue Mar 20, 2022 · 3 comments
Labels
clang:codegen crash Prefer [crash-on-valid] or [crash-on-invalid]

Comments

@cmdneo
Copy link

cmdneo commented Mar 20, 2022

Clang crashes with segmentation fault when using __builtin_dump_struct for dumping a struct with 3 or more bit-fields
Also see same at: https://godbolt.org/z/WPzfs3M8q

Using clang-13 on fedora-35(64-bit)
Stack dump

0.	Program arguments: /usr/bin/clang-13 -cc1 -triple x86_64-redhat-linux-gnu -emit-obj -mrelax-all --mrelax-relocations -disable-free -disable-llvm-verifier -discard-value-names -main-file-name test.c -mrelocation-model static -mframe-pointer=all -fmath-errno -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/home/amiy/projects/lab-bt/crash -resource-dir /usr/lib64/clang/13.0.0 -internal-isystem /usr/lib64/clang/13.0.0/include -internal-isystem /usr/local/include -internal-isystem /usr/bin/../lib/gcc/x86_64-redhat-linux/11/../../../../x86_64-redhat-linux/include -internal-externc-isystem /include -internal-externc-isystem /usr/include -fdebug-compilation-dir=/home/amiy/projects/lab-bt/crash -ferror-limit 19 -fgnuc-version=4.2.1 -fcolor-diagnostics -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/test-361c30.o -x c test.c
1.	<eof> parser at end of file
2.	test.c:9:5: LLVM IR generation of declaration 'main'
3.	test.c:9:5: Generating code for declaration 'main'
Stack dump without symbol names (ensure you have llvm-symbolizer in your PATH or set the environment var `LLVM_SYMBOLIZER_PATH` to point to it):
/lib64/libLLVM-13.so(_ZN4llvm3sys15PrintStackTraceERNS_11raw_ostreamEi+0x36)[0x7f95408ff9a6]
/lib64/libLLVM-13.so(_ZN4llvm3sys17RunSignalHandlersEv+0x34)[0x7f95408fd734]
/lib64/libLLVM-13.so(+0xb5d8b6)[0x7f95408fd8b6]
/lib64/libc.so.6(+0x42750)[0x7f953f9b9750]
/lib64/libLLVM-13.so(_ZN4llvm11PointerType3getEPNS_4TypeEj+0x15)[0x7f9540a81f05]
/lib64/libclang-cpp.so.13(+0x1a919cd)[0x7f95478919cd]
/lib64/libclang-cpp.so.13(+0x1b610ea)[0x7f95479610ea]
/lib64/libclang-cpp.so.13(_ZN5clang7CodeGen15CodeGenFunction15EmitBuiltinExprENS_10GlobalDeclEjPKNS_8CallExprENS0_15ReturnValueSlotE+0x9489)[0x7f954796ac69]
/lib64/libclang-cpp.so.13(_ZN5clang7CodeGen15CodeGenFunction12EmitCallExprEPKNS_8CallExprENS0_15ReturnValueSlotE+0x1ed)[0x7f9547a23e5d]
/lib64/libclang-cpp.so.13(+0x1c63935)[0x7f9547a63935]
/lib64/libclang-cpp.so.13(_ZN5clang7CodeGen15CodeGenFunction14EmitScalarExprEPKNS_4ExprEb+0x66)[0x7f9547a64706]
/lib64/libclang-cpp.so.13(_ZN5clang7CodeGen15CodeGenFunction11EmitAnyExprEPKNS_4ExprENS0_12AggValueSlotEb+0xbf)[0x7f9547a0ab9f]
/lib64/libclang-cpp.so.13(_ZN5clang7CodeGen15CodeGenFunction15EmitIgnoredExprEPKNS_4ExprE+0x76)[0x7f9547a233c6]
/lib64/libclang-cpp.so.13(_ZN5clang7CodeGen15CodeGenFunction8EmitStmtEPKNS_4StmtEN4llvm8ArrayRefIPKNS_4AttrEEE+0x142)[0x7f9547b6a1c2]
/lib64/libclang-cpp.so.13(_ZN5clang7CodeGen15CodeGenFunction28EmitCompoundStmtWithoutScopeERKNS_12CompoundStmtEbNS0_12AggValueSlotE+0x92)[0x7f9547b70432]
/lib64/libclang-cpp.so.13(_ZN5clang7CodeGen15CodeGenFunction16EmitFunctionBodyEPKNS_4StmtE+0x4e)[0x7f9547bc1aae]
/lib64/libclang-cpp.so.13(_ZN5clang7CodeGen15CodeGenFunction12GenerateCodeENS_10GlobalDeclEPN4llvm8FunctionERKNS0_14CGFunctionInfoE+0x203)[0x7f9547bcfa93]
/lib64/libclang-cpp.so.13(_ZN5clang7CodeGen13CodeGenModule28EmitGlobalFunctionDefinitionENS_10GlobalDeclEPN4llvm11GlobalValueE+0x18e)[0x7f9547c0203e]
/lib64/libclang-cpp.so.13(_ZN5clang7CodeGen13CodeGenModule20EmitGlobalDefinitionENS_10GlobalDeclEPN4llvm11GlobalValueE+0x25d)[0x7f9547bfe73d]
/lib64/libclang-cpp.so.13(+0x1e04b17)[0x7f9547c04b17]
/lib64/libclang-cpp.so.13(+0x1e6ab71)[0x7f9547c6ab71]
/lib64/libclang-cpp.so.13(+0x1db1757)[0x7f9547bb1757]
/lib64/libclang-cpp.so.13(_ZN5clang8ParseASTERNS_4SemaEbb+0x214)[0x7f95469dd3a4]
/lib64/libclang-cpp.so.13(_ZN5clang14FrontendAction7ExecuteEv+0xc9)[0x7f954827bc69]
/lib64/libclang-cpp.so.13(_ZN5clang16CompilerInstance13ExecuteActionERNS_14FrontendActionE+0x129)[0x7f9548219219]
/lib64/libclang-cpp.so.13(_ZN5clang25ExecuteCompilerInvocationEPNS_16CompilerInstanceE+0x5ab)[0x7f95482eb64b]
/usr/bin/clang-13(_Z8cc1_mainN4llvm8ArrayRefIPKcEES2_Pv+0x890)[0x562f0c070430]
/usr/bin/clang-13(+0x137bc)[0x562f0c06d7bc]
/usr/bin/clang-13(main+0x3ca)[0x562f0c069b4a]
/lib64/libc.so.6(+0x2d560)[0x7f953f9a4560]
/lib64/libc.so.6(__libc_start_main+0x7c)[0x7f953f9a460c]
/usr/bin/clang-13(_start+0x25)[0x562f0c06cbf5]
clang-13: error: unable to execute command: Segmentation fault (core dumped)
clang-13: error: clang frontend command failed due to signal (use -v to see invocation)
clang version 13.0.0 (Fedora 13.0.0-3.fc35)
Target: x86_64-redhat-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
clang-13: note: diagnostic msg: 
********************

Source for reproducing

#include <stdio.h>

typedef struct bitf_3 {
	unsigned atomic : 1;
	unsigned anychar : 1;
	unsigned is_group : 1;
} bitf_3;

int main() {
	bitf_3 bf3 = { 0 };
	__builtin_dump_struct(&bf3, &printf);
}

Associated run script:

# Crash reproducer for clang version 13.0.0 (Fedora 13.0.0-3.fc35)
# Driver args: "test.c"
# Original command:  "/usr/bin/clang-13" "-cc1" "-triple" "x86_64-redhat-linux-gnu" "-emit-obj" "-mrelax-all" "--mrelax-relocations" "-disable-free" "-disable-llvm-verifier" "-discard-value-names" "-main-file-name" "test.c" "-mrelocation-model" "static" "-mframe-pointer=all" "-fmath-errno" "-fno-rounding-math" "-mconstructor-aliases" "-munwind-tables" "-target-cpu" "x86-64" "-tune-cpu" "generic" "-debugger-tuning=gdb" "-fcoverage-compilation-dir=/home/amiy/projects/lab-bt/crash" "-resource-dir" "/usr/lib64/clang/13.0.0" "-internal-isystem" "/usr/lib64/clang/13.0.0/include" "-internal-isystem" "/usr/local/include" "-internal-isystem" "/usr/bin/../lib/gcc/x86_64-redhat-linux/11/../../../../x86_64-redhat-linux/include" "-internal-externc-isystem" "/include" "-internal-externc-isystem" "/usr/include" "-fdebug-compilation-dir=/home/amiy/projects/lab-bt/crash" "-ferror-limit" "19" "-fgnuc-version=4.2.1" "-fcolor-diagnostics" "-faddrsig" "-D__GCC_HAVE_DWARF2_CFI_ASM=1" "-o" "/tmp/test-361c30.o" "-x" "c" "test.c"
 "/usr/bin/clang-13" "-cc1" "-triple" "x86_64-redhat-linux-gnu" "-emit-obj" "-mrelax-all" "--mrelax-relocations" "-disable-free" "-disable-llvm-verifier" "-discard-value-names" "-main-file-name" "test.c" "-mrelocation-model" "static" "-mframe-pointer=all" "-fmath-errno" "-fno-rounding-math" "-mconstructor-aliases" "-munwind-tables" "-target-cpu" "x86-64" "-tune-cpu" "generic" "-debugger-tuning=gdb" "-fcoverage-compilation-dir=/home/amiy/projects/lab-bt/crash" "-fdebug-compilation-dir=/home/amiy/projects/lab-bt/crash" "-ferror-limit" "19" "-fgnuc-version=4.2.1" "-fcolor-diagnostics" "-faddrsig" "-D__GCC_HAVE_DWARF2_CFI_ASM=1" "-x" "c" "test-d9989f.c"
@EugeneZelenko EugeneZelenko added clang:codegen crash Prefer [crash-on-valid] or [crash-on-invalid] and removed new issue labels Mar 20, 2022
@llvmbot
Copy link
Collaborator

llvmbot commented Mar 20, 2022

@llvm/issue-subscribers-clang-codegen

@int6
Copy link
Contributor

int6 commented Mar 23, 2022

i try to fix it

erichkeane pushed a commit that referenced this issue Mar 24, 2022
…_dump_struct

Fix clang crash and add bitfield support in __builtin_dump_struct.

In clang13.0.x, a struct with three or more members and a bitfield at
the same time will cause a crash. In clang15.x, as long as the struct
has one bitfield, it will cause a crash in clang.

Open issue: #54462

Differential Revision: https://reviews.llvm.org/D122248
@int6
Copy link
Contributor

int6 commented Apr 1, 2022

Fixed in https://reviews.llvm.org/D122248

@int6 int6 closed this as completed Apr 1, 2022
mem-frob pushed a commit to draperlaboratory/hope-llvm-project that referenced this issue Oct 7, 2022
…_dump_struct

Fix clang crash and add bitfield support in __builtin_dump_struct.

In clang13.0.x, a struct with three or more members and a bitfield at
the same time will cause a crash. In clang15.x, as long as the struct
has one bitfield, it will cause a crash in clang.

Open issue: llvm/llvm-project#54462

Differential Revision: https://reviews.llvm.org/D122248
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
clang:codegen crash Prefer [crash-on-valid] or [crash-on-invalid]
Projects
None yet
Development

No branches or pull requests

4 participants