search

llvm / llvm-project

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
http://llvm.org
Other
28.43k stars 11.75k forks source link

CFI and FullLTO crashes in DAG Instruction Selection with Assertion in `isa<To>(Val) && "cast<Ty>() argument of incompatible type!"' failed. #112053

Open gulfemsavrun opened 4 hours ago

gulfemsavrun commented 4 hours ago

When we combine Full LTO (aka traditional LTO) with CFI, we run into the following assertion failure:

FAILED: kernel_x64/obj/zircon/system/ulib/pretty/pretty.hexdump.cc.o 
../../prebuilt/third_party/python3/linux-x64/bin/python3 -S ../../build/tracer/restat_cacher.py --outputs {{output}} {{output}}.d --   ../clang-ci-linux-build-install/bin/clang++ -MD -MF kernel_x64/obj/zircon/system/ulib/pretty/pretty.hexdump.cc.o.d -o kernel_x64/obj/zircon/system/ulib/pretty/pretty.hexdump.cc.o -D_LIBCPP_DISABLE_VISIBILITY_ANNOTATIONS -D_LIBCPP_ENABLE_THREAD_SAFETY_ANNOTATIONS=1 -DKERNEL_BASE=0xffffffff80100000 -DSMP_MAX_CPUS=32 -D_KERNEL -DLK -DENABLE_PANIC_SHELL -DZIRCON_TOOLCHAIN -DLK_DEBUGLEVEL=2 -DDEBUG_PRINT_LEVEL=2 -DVM_TRACING_LEVEL=0 -DFUTEX_BLOCK_TRACING_ENABLED=false -DLOCK_TRACING_ENABLED=false -DEXPERIMENTAL_THREAD_SAMPLER_ENABLED=false -DJTRACE_TARGET_BUFFER_SIZE=0 -DSCHEDULER_TRACING_LEVEL=0 -DSCHEDULER_QUEUE_TRACING_ENABLED=false -DSCHEDULER_EXTRA_INVARIANT_VALIDATION=false -DSCHEDULER_LOCK_SPIN_TRACING_COMPRESSED=false -DSCHEDULER_LOCK_SPIN_TRACING_ENABLED=false -DWAIT_QUEUE_DEPTH_TRACING_ENABLED=false -DVIRTUAL_HEAP=0 -DHARDEN_SLS -DKERNEL_RETPOLINE=1 -DX64_KERNEL_JCC_WORKAROUND -DARCH_X86 -DKERNEL_LOAD_OFFSET=0x00100000 -DZERO_CALL_USED_REGS -DKERNEL_IMAGE_MAX_SIZE=67108864 -DWITH_FRAME_POINTERS=1 -DZX_ASSERT_LEVEL=2 -I../../zircon/kernel/include -I../../zircon/kernel/lib/libc/include -I../../zircon/kernel/lib/ktl/include -I../../sdk/lib/fit/include -I../../sdk/lib/stdcompat/include -I../../zircon/kernel/lib/heap/include -I../../zircon/kernel/lib/lockup_detector/include -I../../zircon/system/ulib/lazy_init/include -I../../zircon/system/ulib/lockdep/include -I../../zircon/system/ulib/ffl/include -I../../zircon/kernel/lib/kconcurrent/include -I../../zircon/system/ulib/concurrent/include -I../../zircon/kernel/vm/include -I../../zircon/kernel/vm/phys/include -I../../zircon/kernel/lib/user_copy/include -I../../zircon/kernel/lib/acpi_lite/include -I../../zircon/kernel/lib/boot-options/include -I../../zircon/kernel/lib/devicetree/include -I../../zircon/system/ulib/uart/include -I../../zircon/system/ulib/hwreg/include -I../../zircon/kernel/phys/lib/memalloc/include -I../../zircon/system/ulib/zircon-internal/include -I../../zircon/kernel/lib/ktrace/include -I../../zircon/kernel/lib/special-sections/include -I../../src/performance/lib/fxt/include -I../../zircon/system/ulib/fbl/include -I../../zircon/kernel/lib/fbl/include -I../../zircon/system/ulib/mmio-ptr/include -I../../zircon/system/ulib/zx/include -I../../zircon/kernel/lib/backtrace/include -I../../zircon/kernel/lib/version/include -I../../zircon/kernel/lib/wake-vector/include -I../../zircon/kernel/lib/arch/x86/include -I../../zircon/kernel/lib/arch/include -I../../sdk/lib/zbi-format/include -I../../zircon/system/public -I../../zircon/kernel/arch/x86/include -I../../zircon/system/ulib/bitmap/include -I../../zircon/kernel/arch/x86/page_tables/include -I../../zircon/system/ulib/page_tables/include -I../../zircon/system/ulib/pretty/include -idirafter ../../zircon/kernel/lib/libc/include-after -idirafter ../../zircon/kernel/lib/ktl/include-after -Xclang -debug-info-kind=constructor -g3 -grecord-gcc-switches -gdwarf-4 -gz=zstd -fdata-sections -ffunction-sections -O2 -flto -mllvm -wholeprogramdevirt-branch-funnel-threshold=0 -ffat-lto-objects -fwhole-program-vtables -fsanitize=cfi-cast-strict -fsanitize=cfi-derived-cast -fsanitize=cfi-unrelated-cast -fsanitize=cfi-nvcall -fsanitize=cfi-vcall -fsanitize=cfi-icall -fsanitize=cfi-mfcall -Wall -Wextra -Wconversion -Wextra-semi -Wimplicit-fallthrough -Wnewline-eof -Wstrict-prototypes -Wwrite-strings -Wno-sign-conversion -Wno-unused-parameter -Wnonportable-system-include-path -Wno-missing-field-initializers -Wno-extra-qualification -Wno-cast-function-type-strict -Wno-cast-function-type-mismatch -Wno-unknown-warning-option -Wno-missing-template-arg-list-after-template-kw -Wno-deprecated-pragma -ftrivial-auto-var-init=pattern -ffile-compilation-dir=. -no-canonical-prefixes -fvisibility=hidden -Wthread-safety -Wno-unknown-warning-option -Wno-thread-safety-reference-return -Werror -Wa,--fatal-warnings -Wno-error=deprecated-declarations -fno-common -fsized-deallocation --target=x86_64-fuchsia -march=x86-64-v2 -mtune=generic -mbranches-within-32B-boundaries -fcolor-diagnostics -fcrash-diagnostics-dir=clang-crashreports -fcrash-diagnostics=all -ffuchsia-api-level=4293918720 -fpie -ffreestanding -include ../../zircon/kernel/include/hidden.h -fno-unwind-tables -mno-red-zone -Wformat=2 -Wmissing-declarations -Wvla -Wshadow -mno-red-zone -mfsgsbase -msoft-float -mno-mmx -mno-sse -mno-sse2 -mno-3dnow -mno-avx -mno-avx2 -mcmodel=kernel -mharden-sls=all -mretpoline -mretpoline-external-thunk -mbranches-within-32B-boundaries -fno-finite-loops -fzero-call-used-regs=used-gpr -fdata-sections -fno-omit-frame-pointer -momit-leaf-frame-pointer -fno-omit-frame-pointer -momit-leaf-frame-pointer -fdata-sections -ffunction-sections -Wno-gnu-string-literal-operator-template -Wno-deprecated-this-capture -std=c++20 -fno-exceptions -fno-rtti -Xclang -fexperimental-omit-vtable-rtti -fvisibility-inlines-hidden -ftemplate-backtrace-limit=0 -faligned-new=8 -fno-exceptions -c ../../zircon/system/ulib/pretty/hexdump.cc
clang++: llvm/include/llvm/Support/Casting.h:578: decltype(auto) llvm::cast(From *) [To = llvm::MDNode, From = llvm::Metadata]: Assertion `isa<To>(Val) && "cast<Ty>() argument of incompatible type!"' failed.
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.  Program arguments: ../clang-ci-linux-build-install/bin/clang++ -MD -MF kernel_x64/obj/zircon/system/ulib/pretty/pretty.hexdump.cc.o.d -o kernel_x64/obj/zircon/system/ulib/pretty/pretty.hexdump.cc.o -D_LIBCPP_DISABLE_VISIBILITY_ANNOTATIONS -D_LIBCPP_ENABLE_THREAD_SAFETY_ANNOTATIONS=1 -DKERNEL_BASE=0xffffffff80100000 -DSMP_MAX_CPUS=32 -D_KERNEL -DLK -DENABLE_PANIC_SHELL -DZIRCON_TOOLCHAIN -DLK_DEBUGLEVEL=2 -DDEBUG_PRINT_LEVEL=2 -DVM_TRACING_LEVEL=0 -DFUTEX_BLOCK_TRACING_ENABLED=false -DLOCK_TRACING_ENABLED=false -DEXPERIMENTAL_THREAD_SAMPLER_ENABLED=false -DJTRACE_TARGET_BUFFER_SIZE=0 -DSCHEDULER_TRACING_LEVEL=0 -DSCHEDULER_QUEUE_TRACING_ENABLED=false -DSCHEDULER_EXTRA_INVARIANT_VALIDATION=false -DSCHEDULER_LOCK_SPIN_TRACING_COMPRESSED=false -DSCHEDULER_LOCK_SPIN_TRACING_ENABLED=false -DWAIT_QUEUE_DEPTH_TRACING_ENABLED=false -DVIRTUAL_HEAP=0 -DHARDEN_SLS -DKERNEL_RETPOLINE=1 -DX64_KERNEL_JCC_WORKAROUND -DARCH_X86 -DKERNEL_LOAD_OFFSET=0x00100000 -DZERO_CALL_USED_REGS -DKERNEL_IMAGE_MAX_SIZE=67108864 -DWITH_FRAME_POINTERS=1 -DZX_ASSERT_LEVEL=2 -I../../zircon/kernel/include -I../../zircon/kernel/lib/libc/include -I../../zircon/kernel/lib/ktl/include -I../../sdk/lib/fit/include -I../../sdk/lib/stdcompat/include -I../../zircon/kernel/lib/heap/include -I../../zircon/kernel/lib/lockup_detector/include -I../../zircon/system/ulib/lazy_init/include -I../../zircon/system/ulib/lockdep/include -I../../zircon/system/ulib/ffl/include -I../../zircon/kernel/lib/kconcurrent/include -I../../zircon/system/ulib/concurrent/include -I../../zircon/kernel/vm/include -I../../zircon/kernel/vm/phys/include -I../../zircon/kernel/lib/user_copy/include -I../../zircon/kernel/lib/acpi_lite/include -I../../zircon/kernel/lib/boot-options/include -I../../zircon/kernel/lib/devicetree/include -I../../zircon/system/ulib/uart/include -I../../zircon/system/ulib/hwreg/include -I../../zircon/kernel/phys/lib/memalloc/include -I../../zircon/system/ulib/zircon-internal/include -I../../zircon/kernel/lib/ktrace/include -I../../zircon/kernel/lib/special-sections/include -I../../src/performance/lib/fxt/include -I../../zircon/system/ulib/fbl/include -I../../zircon/kernel/lib/fbl/include -I../../zircon/system/ulib/mmio-ptr/include -I../../zircon/system/ulib/zx/include -I../../zircon/kernel/lib/backtrace/include -I../../zircon/kernel/lib/version/include -I../../zircon/kernel/lib/wake-vector/include -I../../zircon/kernel/lib/arch/x86/include -I../../zircon/kernel/lib/arch/include -I../../sdk/lib/zbi-format/include -I../../zircon/system/public -I../../zircon/kernel/arch/x86/include -I../../zircon/system/ulib/bitmap/include -I../../zircon/kernel/arch/x86/page_tables/include -I../../zircon/system/ulib/page_tables/include -I../../zircon/system/ulib/pretty/include -idirafter ../../zircon/kernel/lib/libc/include-after -idirafter ../../zircon/kernel/lib/ktl/include-after -Xclang -debug-info-kind=constructor -g3 -grecord-gcc-switches -gdwarf-4 -gz=zstd -fdata-sections -ffunction-sections -O2 -flto -mllvm -wholeprogramdevirt-branch-funnel-threshold=0 -ffat-lto-objects -fwhole-program-vtables -fsanitize=cfi-cast-strict -fsanitize=cfi-derived-cast -fsanitize=cfi-unrelated-cast -fsanitize=cfi-nvcall -fsanitize=cfi-vcall -fsanitize=cfi-icall -fsanitize=cfi-mfcall -Wall -Wextra -Wconversion -Wextra-semi -Wimplicit-fallthrough -Wnewline-eof -Wstrict-prototypes -Wwrite-strings -Wno-sign-conversion -Wno-unused-parameter -Wnonportable-system-include-path -Wno-missing-field-initializers -Wno-extra-qualification -Wno-cast-function-type-strict -Wno-cast-function-type-mismatch -Wno-unknown-warning-option -Wno-missing-template-arg-list-after-template-kw -Wno-deprecated-pragma -ftrivial-auto-var-init=pattern -ffile-compilation-dir=. -no-canonical-prefixes -fvisibility=hidden -Wthread-safety -Wno-unknown-warning-option -Wno-thread-safety-reference-return -Werror -Wa,--fatal-warnings -Wno-error=deprecated-declarations -fno-common -fsized-deallocation --target=x86_64-fuchsia -march=x86-64-v2 -mtune=generic -mbranches-within-32B-boundaries -fcolor-diagnostics -fcrash-diagnostics-dir=clang-crashreports -fcrash-diagnostics=all -ffuchsia-api-level=4293918720 -fpie -ffreestanding -include ../../zircon/kernel/include/hidden.h -fno-unwind-tables -mno-red-zone -Wformat=2 -Wmissing-declarations -Wvla -Wshadow -mno-red-zone -mfsgsbase -msoft-float -mno-mmx -mno-sse -mno-sse2 -mno-3dnow -mno-avx -mno-avx2 -mcmodel=kernel -mharden-sls=all -mretpoline -mretpoline-external-thunk -mbranches-within-32B-boundaries -fno-finite-loops -fzero-call-used-regs=used-gpr -fdata-sections -fno-omit-frame-pointer -momit-leaf-frame-pointer -fno-omit-frame-pointer -momit-leaf-frame-pointer -fdata-sections -ffunction-sections -Wno-gnu-string-literal-operator-template -Wno-deprecated-this-capture -std=c++20 -fno-exceptions -fno-rtti -Xclang -fexperimental-omit-vtable-rtti -fvisibility-inlines-hidden -ftemplate-backtrace-limit=0 -faligned-new=8 -fno-exceptions -c ../../zircon/system/ulib/pretty/hexdump.cc
1.  <eof> parser at end of file
2.  Code generation
3.  Running pass 'Function Pass Manager' on module '../../zircon/system/ulib/pretty/hexdump.cc'.
4.  Running pass 'X86 DAG->DAG Instruction Selection' on function '@hexdump_very_ex'
#0 0x0000558bcfc66028 (../clang-ci-linux-build-install/bin/clang+++0x91d0028)
clang++: error: clang frontend command failed with exit code 134 (use -v to see invocation)
gulfemsavrun commented 4 hours ago

I'm attaching the crash reproducer. clang-crashreports.zip

ilovepi commented 1 hour ago

I'll look into this next week. I believe this is related to CFI's interaction with FatLTO.