search

Quuxplusone / LLVMBugzillaTest

0 stars 0 forks source link

After 9c4baf5101e, Assertion failed: (!Op->getType()->isPointerTy() && "Can't extend pointer!"), function getZeroExtendExpr, file llvm/lib/Analysis/ScalarEvolution.cpp, line 1585. #51561

Open Quuxplusone opened 2 years ago

Quuxplusone commented 2 years ago
Bugzilla Link PR52594
Status NEW
Importance P enhancement
Reported by Dimitry Andric (dimitry@andric.com)
Reported on 2021-11-23 13:24:23 -0800
Last modified on 2021-11-25 01:06:58 -0800
Version trunk
Hardware PC All
CC efriedma@quicinc.com, emaste@freebsd.org, htmldeveloper@gmail.com, llvm-bugs@lists.llvm.org, markj@FreeBSD.org, max.kazantsev@azul.com
Fixed by commit(s)
Attachments
Blocks
Blocked by
See also 
As reported in https://bugs.freebsd.org/260000, after clang 13 was imported
into the base system, building libarchive with address sanitizer results in the
following assertion:

Assertion failed: (!Op->getType()->isPointerTy() && "Can't extend pointer!"),
function getZeroExtendExpr, file /root/freebsd/contrib/llvm-
project/llvm/lib/Analysis/ScalarEvolution.cpp, line 1582.
PLEASE submit a bug report to https://bugs.freebsd.org/submit/ and include the
crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.      Program arguments: /usr/bin/cc -cc1 -triple i386-unknown-freebsd14.0 -
emit-obj --mrelax-relocations -disable-free -main-file-name
archive_read_support_format_tar.c -mrelocation-model pic -pic-level 2 -fhalf-no-
semantic-interposition -mframe-pointer=all -fno-rounding-math -mconstructor-
aliases -munwind-tables -target-cpu i686 -target-feature +mmx -target-feature
+sse -target-feature +sse2 -debug-info-kind=standalone -dwarf-version=4 -
debugger-tuning=gdb --compress-debug-sections=zlib -fcoverage-compilation-
dir=/usr/obj/usr/home/markj/src/freebsd/amd64.amd64/obj-lib32/lib/libarchive -
sys-header-deps -D COMPAT_32BIT -D PIC -D HAVE_ICONV=1 -D HAVE_ICONV_H=1 -D
ICONV_CONST= -D HAVE_BZLIB_H=1 -D HAVE_LIBLZMA=1 -D HAVE_LZMA_H=1 -D
HAVE_ZSTD_H=1 -D HAVE_LIBZSTD=1 -D
PLATFORM_CONFIG_H=\"/usr/home/markj/src/freebsd/lib/libarchive/config_freebsd.h\"
-D WITH_OPENSSL -O2 -Wno-format-zero-length -Wsystem-headers -Werror -Wall -Wno-
format-y2k -W -Wno-unused-parameter -Wstrict-prototypes -Wmissing-prototypes -
Wpointer-arith -Wreturn-type -Wcast-qual -Wwrite-strings -Wswitch -Wshadow -
Wunused-parameter -Wchar-subscripts -Wnested-externs -Wredundant-decls -Wold-
style-definition -Wno-pointer-sign -Wmissing-variable-declarations -Wthread-
safety -Wno-empty-body -Wno-string-plus-int -Wno-unused-const-variable -Wno-
error=unused-but-set-variable -std=gnu99 -fconst-strings -fdebug-compilation-
dir=/usr/obj/usr/home/markj/src/freebsd/amd64.amd64/obj-lib32/lib/libarchive -
ferror-limit 19 -fsanitize=address -fsanitize-recover=address -fsanitize-
address-use-after-scope -fno-assume-sane-operator-new -stack-protector 2 -fgnuc-
version=4.2.1 -vectorize-loops -vectorize-slp -faddrsig -
D__GCC_HAVE_DWARF2_CFI_ASM=1 -x c archive_read_support_format_tar-29e157.c
1.      <eof> parser at end of file
2.      Code generation
3.      Running pass 'Function Pass Manager' on module
'archive_read_support_format_tar-29e157.c'.
4.      Running pass 'Loop Pass Manager' on function '@tar_read_header'
5.      Running pass 'Loop Strength Reduction' on basic block '%while.cond45.i'
#0 0x00000000050964e0 PrintStackTrace /root/freebsd/contrib/llvm-
project/llvm/lib/Support/Unix/Signals.inc:565:13
#1 0x00000000050947f5 RunSignalHandlers /root/freebsd/contrib/llvm-
project/llvm/lib/Support/Signals.cpp:98:18
#2 0x0000000005096c10 SignalHandler /root/freebsd/contrib/llvm-
project/llvm/lib/Support/Unix/Signals.inc:0:3
#3 0x000000080a8e85d0 handle_signal
/root/freebsd/lib/libthr/thread/thr_sig.c:0:3
Abort trap (core dumped)

This regressed after https://github.com/llvm/llvm-project/commit/9c4baf5101e
("[ScalarEvolution] Strictly enforce pointer/int type rules"), which added the
assertion.

The important thing is that it's caused by a combination of targeting (32-bit)
i386, and using address sanitizer. Minimized test case:

// clang -cc1 -triple i386-- -S -O2 -fsanitize=address
archive_read_support_format_tar-min.c
long long b;
char c;
void *d;
void e();
int f() {
  int a;
  char *g = d;
  a = b = 0;
  while (*g) {
    b++;
    if (b)
      return 0;
    g++;
  }
  switch (b) {
  case 1:
    break;
  default:
    return 0;
  }
  while (*g && g < &c + a)
    g++;
  e(g);
  return 0;
}
Quuxplusone commented 2 years ago

https://reviews.llvm.org/D114555

Quuxplusone commented 2 years ago 
(In reply to Eli Friedman from comment #1)
> https://reviews.llvm.org/D114555

Thanks, this fixes both the original and minimized test cases!