search

carbon-language / carbon-lang

Carbon Language's main repository: documents, design, implementation, and related tools. (NOTE: Carbon Language is experimental; see README)
http://docs.carbon-lang.dev/
Other
32.35k stars 1.48k forks source link

Fuzzer issue: use of binding with no corresponding value #4157

Closed geoffromer closed 3 months ago

geoffromer commented 3 months ago

Description of the bug:

The toolchain crashes with "CHECK failure at toolchain/check/eval.cpp:1341: bind_name.name_id == SemIR::NameId::SelfType: Use of binding comp_time_bind1 with no corresponding value."

What did you do, or what's a simple way to reproduce the bug?

I ran bazel run -c dbg toolchain/driver:carbon -- compile test.carbon with the following test file:

class C(T:!p){class Cell(T:!{}){fn C->Cell(T){}}}

What did you expect to happen?

I expected the toolchain to terminate normally, with or without an error.

What actually happened?

The toolchain crashed

Any other information, logs, or outputs that you want to share?

Here's the crash log:

Please report issues to https://github.com/carbon-language/carbon-lang/issues and include the crash backtrace.
Stack dump:
0.      Program arguments: /usr/local/google/home/gromer/.cache/bazel/_bazel_gromer/6b556be8ddbdbba287a2e1ef86f733d5/execroot/_main/bazel-out/k8-dbg/bin/toolchain/driver/carbon compile test.carbon
1.      Check::Context
          NodeStack:
            0. ClassDefinitionStart: class0
            1. ClassDefinitionStart: class1
            2. FunctionIntroducer: no value
            3. IdentifierName: name0
          inst_block_stack_:
            0. block<invalid> {
                package: <namespace> = namespace [template] {
                  .Core = <unexpected>.inst+2
                  .C = <unexpected>.inst+7.loc1_14
                }
                <unexpected>.inst+1 = import Core
                <unexpected>.inst+2: <namespace> = namespace <unexpected>.inst+1, [template] {
                  has_error
                }
                <unexpected>.inst+7.loc1_14: %C.type = class_decl @C [template = constants.%C.1] {
                  <unexpected>.inst+3.loc1_12: <error> = name_ref p, <error> [template = <error>]
                  <unexpected>.inst+4.loc1_9: <error> = param T
                  <unexpected>.inst+5.loc1_9: <error> = bind_symbolic_name T 0, <unexpected>.inst+4.loc1_9 [symbolic = <unexpected>.inst+5.loc1_9 (constants.%T.1)]
                }
              }
            1. block10 {
                <unexpected>.inst+18.loc1_32: %Cell.type = class_decl @Cell [template = constants.%Cell.1] {
                  <unexpected>.inst+13.loc1_30: %.2 = struct_literal ()
                  <unexpected>.inst+14.loc1_30: type = converted <unexpected>.inst+13.loc1_30, constants.%.2 [template = constants.%.2]
                  <unexpected>.inst+15.loc1_26: %.2 = param T
                  <unexpected>.inst+16.loc1_26: %.2 = bind_symbolic_name T 1, <unexpected>.inst+15.loc1_26 [symbolic = <unexpected>.inst+16.loc1_26 (constants.%T.2)]
                }
              }
            2. block18 {}
            3. block<invalid> {
                <unexpected>.inst+22.loc1_39: %Cell.type = name_ref Cell, <unexpected>.inst+18.loc1_32 [template = constants.%Cell.1]
                <unexpected>.inst+23.loc1_44: %.2 = name_ref T, <unexpected>.inst+16.loc1_26 [symbolic = constants.%T.2]
              }
          param_and_arg_refs_stack:
            0. block<invalid> {
                <unexpected>.inst+23.loc1_44: %.2 = name_ref T, <unexpected>.inst+16.loc1_26 [symbolic = constants.%T.2]
              }
          args_type_info_stack_:
            0. block<invalid> {}
            1. block<invalid> {}
2.      test.carbon:1:39: Check::HandleCallExpr
class C(T:!p){class Cell(T:!{}){fn C->Cell(T){}}}
                                      ^~~~~~~
 #0 0x000055a8f3dfc0bd llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) /proc/self/cwd/external/_main~llvm_project~llvm-project/llvm/lib/Support/Unix/Signals.inc:723:11
 #1 0x000055a8f3dfc5fb PrintStackTraceSignalHandler(void*) /proc/self/cwd/external/_main~llvm_project~llvm-project/llvm/lib/Support/Unix/Signals.inc:798:1
 #2 0x000055a8f3df9ca6 llvm::sys::RunSignalHandlers() /proc/self/cwd/external/_main~llvm_project~llvm-project/llvm/lib/Support/Signals.cpp:105:5
 #3 0x000055a8f3dfd065 SignalHandler(int) /proc/self/cwd/external/_main~llvm_project~llvm-project/llvm/lib/Support/Unix/Signals.inc:413:1
 #4 0x00007fc1a5741510 (/lib/x86_64-linux-gnu/libc.so.6+0x3c510)
 #5 0x00007fc1a578f16c __pthread_kill_implementation ./nptl/pthread_kill.c:44:76
 #6 0x00007fc1a5741472 raise ./signal/../sysdeps/posix/raise.c:27:6
 #7 0x00007fc1a572b4b2 abort ./stdlib/abort.c:81:7
 #8 0x000055a8f3d27815 (/usr/local/google/home/gromer/.cache/bazel/_bazel_gromer/6b556be8ddbdbba287a2e1ef86f733d5/execroot/_main/bazel-out/k8-dbg/bin/toolchain/driver/carbon+0x7024815)
 #9 0x000055a8efbeeea5 (/usr/local/google/home/gromer/.cache/bazel/_bazel_gromer/6b556be8ddbdbba287a2e1ef86f733d5/execroot/_main/bazel-out/k8-dbg/bin/toolchain/driver/carbon+0x2eebea5)
#10 0x000055a8f04540d6 Carbon::Check::TryEvalInstInContext(Carbon::Check::(anonymous namespace)::EvalContext&, Carbon::SemIR::InstId, Carbon::SemIR::Inst) /proc/self/cwd/toolchain/check/eval.cpp:1341:11
#11 0x000055a8f0454bd8 Carbon::Check::TryEvalBlockForSpecific(Carbon::Check::Context&, Carbon::SemIR::GenericInstanceId, Carbon::SemIR::GenericInstIndex::Region) /proc/self/cwd/toolchain/check/eval.cpp:1478:21
#12 0x000055a8f0475750 Carbon::Check::MakeGenericInstance(Carbon::Check::Context&, Carbon::SemIR::GenericId, Carbon::SemIR::InstBlockId) /proc/self/cwd/toolchain/check/generic.cpp:271:26
#13 0x000055a8f0456d99 Carbon::Check::MakeConstantForCall(Carbon::Check::(anonymous namespace)::EvalContext&, Carbon::Check::SemIRLoc, Carbon::SemIR::Call) /proc/self/cwd/toolchain/check/eval.cpp:1056:26
#14 0x000055a8f0453e1b Carbon::Check::TryEvalInstInContext(Carbon::Check::(anonymous namespace)::EvalContext&, Carbon::SemIR::InstId, Carbon::SemIR::Inst) /proc/self/cwd/toolchain/check/eval.cpp:1314:14
#15 0x000055a8f04531f5 Carbon::Check::TryEvalInst(Carbon::Check::Context&, Carbon::SemIR::InstId, Carbon::SemIR::Inst) /proc/self/cwd/toolchain/check/eval.cpp:1453:10
#16 0x000055a8f0401124 Carbon::Check::Context::FinishInst(Carbon::SemIR::InstId, Carbon::SemIR::Inst) /proc/self/cwd/toolchain/check/context.cpp:96:19
#17 0x000055a8f04013d7 Carbon::Check::Context::AddInstInNoBlock(Carbon::SemIR::LocIdAndInst) /proc/self/cwd/toolchain/check/context.cpp:122:3
#18 0x000055a8f040149d Carbon::Check::Context::AddInst(Carbon::SemIR::LocIdAndInst) /proc/self/cwd/toolchain/check/context.cpp:126:18
#19 0x000055a8f03f1398 Carbon::SemIR::InstId Carbon::Check::Context::AddInst<Carbon::SemIR::Call, Carbon::Parse::NodeId>(Carbon::Parse::NodeId, Carbon::SemIR::Call) /proc/self/cwd/./toolchain/check/context.h:70:12
#20 0x000055a8f03f100c Carbon::Check::PerformCallToGenericClass(Carbon::Check::Context&, Carbon::Parse::NodeId, Carbon::SemIR::InstId, Carbon::SemIR::ClassId, llvm::ArrayRef<Carbon::SemIR::InstId>) /proc/self/cwd/toolchain/check/call.cpp:30:18
#21 0x000055a8f03f08f9 Carbon::Check::PerformCall(Carbon::Check::Context&, Carbon::Parse::NodeId, Carbon::SemIR::InstId, llvm::ArrayRef<Carbon::SemIR::InstId>) /proc/self/cwd/toolchain/check/call.cpp:68:16
#22 0x000055a8f037a0c9 Carbon::Check::HandleParseNode(Carbon::Check::Context&, Carbon::Parse::NodeIdForKind<Carbon::Parse::NodeKind::CallExpr>) /proc/self/cwd/toolchain/check/handle_call_expr.cpp:32:18
#23 0x000055a8f033230b Carbon::Check::ProcessNodeIds(Carbon::Check::Context&, llvm::raw_ostream*, Carbon::ErrorTrackingDiagnosticConsumer&, Carbon::Parse::NodeLocConverter*) /proc/self/cwd/./toolchain/parse/node_kind.def:209:1
#24 0x000055a8f030f7e3 Carbon::Check::CheckParseTree(llvm::MutableArrayRef<Carbon::Parse::NodeLocConverter*>, Carbon::Check::(anonymous namespace)::UnitInfo&, int, llvm::raw_ostream*) /proc/self/cwd/toolchain/check/check.cpp:916:8
#25 0x000055a8f030c7fb Carbon::Check::CheckParseTrees(llvm::MutableArrayRef<Carbon::Check::Unit>, bool, llvm::raw_ostream*) /proc/self/cwd/toolchain/check/check.cpp:1261:5
#26 0x000055a8efbec775 Carbon::Driver::Compile(Carbon::Driver::CompileOptions const&, Carbon::Driver::CodegenOptions const&) /proc/self/cwd/toolchain/driver/driver.cpp:908:3
#27 0x000055a8efbebd26 Carbon::Driver::RunCommand(llvm::ArrayRef<llvm::StringRef>) /proc/self/cwd/toolchain/driver/driver.cpp:491:14
#28 0x000055a8efbcfd8a main /proc/self/cwd/toolchain/driver/driver_main.cpp:32:25
#29 0x00007fc1a572c6ca __libc_start_call_main ./csu/../sysdeps/nptl/libc_start_call_main.h:74:3
#30 0x00007fc1a572c785 call_init ./csu/../csu/libc-start.c:128:20
#31 0x00007fc1a572c785 __libc_start_main ./csu/../csu/libc-start.c:347:5
#32 0x000055a8efbcfb21 _start (/usr/local/google/home/gromer/.cache/bazel/_bazel_gromer/6b556be8ddbdbba287a2e1ef86f733d5/execroot/_main/bazel-out/k8-dbg/bin/toolchain/driver/carbon+0x2eccb21)
CHECK failure at toolchain/check/eval.cpp:1341: bind_name.name_id == SemIR::NameId::SelfType: Use of binding comp_time_bind1 with no corresponding value.
geoffromer commented 3 months ago

@zygoloid I'm assigning this to you because the crash is in code you added recently.