search

llvm / llvm-project

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
http://llvm.org
Other
27.92k stars 11.53k forks source link

Assertion `!isNull() && "Cannot retrieve a NULL type pointer" #44212

Open llvmbot opened 4 years ago

llvmbot commented 4 years ago
Bugzilla Link 44867
Version trunk
OS All
Reporter LLVM Bugzilla Contributor
CC @zygoloid

Extended Description

The valid code can be compiled by gcc but triggered an ice in clang.

POC:

main() { **(int(*)[]) !8 / 0; }

Run script:

Crash reproducer for clang version 11.0.0 (https://github.com/llvm/llvm-project.git 56b7f595d2b402ff177ca42214325c8fdea10fb0)

# Driver args: "-x" "c" "-o" "tm" "./test1.c"
# Original command:  "/data/rxz226/llvm-project/bld/bin/clang-11" "-cc1" "-triple" "x86_64-unknown-linux-gnu" "-emit-obj" "-mrelax-all" "-disable-free" "-main-file-name" "test1.c" "-mrelocation-model" "static" "-mthread-model" "posix" "-mframe-pointer=all" "-fmath-errno" "-fno-rounding-math" "-masm-verbose" "-mconstructor-aliases" "-munwind-tables" "-target-cpu" "x86-64" "-dwarf-column-info" "-fno-split-dwarf-inlining" "-debugger-tuning=gdb" "-resource-dir" "/data/rxz226/llvm-project/bld/lib/clang/11.0.0" "-internal-isystem" "/usr/local/include" "-internal-isystem" "/data/rxz226/llvm-project/bld/lib/clang/11.0.0/include" "-internal-externc-isystem" "/usr/include/x86_64-linux-gnu" "-internal-externc-isystem" "/include" "-internal-externc-isystem" "/usr/include" "-fdebug-compilation-dir" "/home/rxz226/c_reduce" "-ferror-limit" "19" "-fmessage-length" "0" "-fgnuc-version=4.2.1" "-fobjc-runtime=gcc" "-fdiagnostics-show-option" "-fcolor-diagnostics" "-faddrsig" "-o" "/tmp/test1-4936bf.o" "-x" "c" "./test1.c"
 "/data/rxz226/llvm-project/bld/bin/clang-11" "-cc1" "-triple" "x86_64-unknown-linux-gnu" "-emit-obj" "-mrelax-all" "-disable-free" "-main-file-name" "test1.c" "-mrelocation-model" "static" "-mthread-model" "posix" "-mframe-pointer=all" "-fmath-errno" "-fno-rounding-math" "-masm-verbose" "-mconstructor-aliases" "-munwind-tables" "-target-cpu" "x86-64" "-dwarf-column-info" "-fno-split-dwarf-inlining" "-debugger-tuning=gdb" "-ferror-limit" "19" "-fmessage-length" "0" "-fgnuc-version=4.2.1" "-fobjc-runtime=gcc" "-fdiagnostics-show-option" "-fcolor-diagnostics" "-faddrsig" "-x" "c" "test1-195d79.c"
---

Stack dump:
---
clang: /home/rxz226/llvm-project/clang/include/clang/AST/Type.h:670: const clang::ExtQualsTypeCommonBase* clang::QualType
::getCommonPtr() const: Assertion `!isNull() && "Cannot retrieve a NULL type pointer"' failed.
Stack dump:
0.      Program arguments: /home/rxz226/llvm-project/bld/bin/clang -x c -o tm ./test1.c
1.      ./test1.c:1:31: current parser token '}'
2.      ./test1.c:1:8: parsing function body 'main'
3.      ./test1.c:1:8: in compound statement ('{}')
 #​0 0x000000000511679b llvm::sys::PrintStackTrace(llvm::raw_ostream&) /home/rxz226/llvm-project/llvm/lib/Support/Unix/Sig
nals.inc:564:0
 #​1 0x000000000511682e PrintStackTraceSignalHandler(void*) /home/rxz226/llvm-project/llvm/lib/Support/Unix/Signals.inc:62
5:0
 #​2 0x00000000051145b6 llvm::sys::RunSignalHandlers() /home/rxz226/llvm-project/llvm/lib/Support/Signals.cpp:68:0
 #​3 0x0000000005115fd7 llvm::sys::CleanupOnSignal(unsigned long) /home/rxz226/llvm-project/llvm/lib/Support/Unix/Signals.
inc:361:0
 #​4 0x000000000501be1f (anonymous namespace)::CrashRecoveryContextImpl::HandleCrash(int, unsigned long) /home/rxz226/llvm
-project/llvm/lib/Support/CrashRecoveryContext.cpp:80:0
 #​5 0x000000000501c2fe CrashRecoverySignalHandler(int) /home/rxz226/llvm-project/llvm/lib/Support/CrashRecoveryContext.cp
p:362:0
 #​6 0x00007fdf1bcd6390 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x11390)
 #​7 0x00007fdf1a9e5428 raise /build/glibc-LK5gWL/glibc-2.23/signal/../sysdeps/unix/sysv/linux/raise.c:54:0
 #​8 0x00007fdf1a9e702a abort /build/glibc-LK5gWL/glibc-2.23/stdlib/abort.c:91:0
 #​9 0x00007fdf1a9ddbd7 __assert_fail_base /build/glibc-LK5gWL/glibc-2.23/assert/assert.c:92:0
#​10 0x00007fdf1a9ddc82 (/lib/x86_64-linux-gnu/libc.so.6+0x2dc82)
#​11 0x00000000053ea7d3 clang::QualType::getCommonPtr() const /home/rxz226/llvm-project/clang/include/clang/AST/Type.h:671
:0
#​12 0x00000000053ebdd8 clang::QualType::getTypePtr() const /home/rxz226/llvm-project/clang/include/clang/AST/Type.h:6257:
0
...
---
shafik commented 1 year ago

Confirmed: https://godbolt.org/z/rnhdnb6Ea

Assertion:

clang: /root/llvm-project/clang/include/clang/AST/Type.h:752:
const clang::ExtQualsTypeCommonBase* clang::QualType::getCommonPtr() const:
Assertion `!isNull() && "Cannot retrieve a NULL type pointer"' failed.

Backtrace:

PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.  Program arguments: /opt/compiler-explorer/clang-assertions-trunk/bin/clang -gdwarf-4 -g -o /app/output.s -S --gcc-toolchain=/opt/compiler-explorer/gcc-9.2.0 -fcolor-diagnostics -fno-crash-diagnostics <source>
1.  <source>:1:31: current parser token '}'
2.  <source>:1:8: parsing function body 'main'
3.  <source>:1:8: in compound statement ('{}')
 #0 0x000055ac0fc961df llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x3bb41df)
 #1 0x000055ac0fc93f4c llvm::sys::CleanupOnSignal(unsigned long) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x3bb1f4c)
 #2 0x000055ac0fbdd658 CrashRecoverySignalHandler(int) CrashRecoveryContext.cpp:0:0
 #3 0x00007f5bfe0e2420 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x14420)
 #4 0x00007f5bfdbaf00b raise (/lib/x86_64-linux-gnu/libc.so.6+0x4300b)
 #5 0x00007f5bfdb8e859 abort (/lib/x86_64-linux-gnu/libc.so.6+0x22859)
 #6 0x00007f5bfdb8e729 (/lib/x86_64-linux-gnu/libc.so.6+0x22729)
 #7 0x00007f5bfdb9ffd6 (/lib/x86_64-linux-gnu/libc.so.6+0x33fd6)
 #8 0x000055ac13500ff3 (anonymous namespace)::LValue::addUnsizedArray((anonymous namespace)::EvalInfo&, clang::Expr const*, clang::QualType) ExprConstant.cpp:0:0
 #9 0x000055ac13582cca (anonymous namespace)::PointerExprEvaluator::VisitCastExpr(clang::CastExpr const*) ExprConstant.cpp:0:0
#10 0x000055ac1353aa7e clang::StmtVisitorBase<llvm::make_const_ptr, (anonymous namespace)::PointerExprEvaluator, bool>::Visit(clang::Stmt const*) ExprConstant.cpp:0:0
#11 0x000055ac1353c4a6 EvaluatePointer(clang::Expr const*, (anonymous namespace)::LValue&, (anonymous namespace)::EvalInfo&, bool) ExprConstant.cpp:0:0
#12 0x000055ac1354d5a6 clang::StmtVisitorBase<llvm::make_const_ptr, (anonymous namespace)::LValueExprEvaluator, bool>::Visit(clang::Stmt const*) ExprConstant.cpp:0:0
#13 0x000055ac1354e24d EvaluateLValue(clang::Expr const*, (anonymous namespace)::LValue&, (anonymous namespace)::EvalInfo&, bool) ExprConstant.cpp:0:0
#14 0x000055ac13568239 (anonymous namespace)::IntExprEvaluator::VisitCastExpr(clang::CastExpr const*) ExprConstant.cpp:0:0
#15 0x000055ac13533eea clang::StmtVisitorBase<llvm::make_const_ptr, (anonymous namespace)::IntExprEvaluator, bool>::Visit(clang::Stmt const*) ExprConstant.cpp:0:0
#16 0x000055ac13522ba6 Evaluate(clang::APValue&, (anonymous namespace)::EvalInfo&, clang::Expr const*) ExprConstant.cpp:0:0
#17 0x000055ac1352548e (anonymous namespace)::DataRecursiveIntBinOpEvaluator::process((anonymous namespace)::DataRecursiveIntBinOpEvaluator::EvalResult&) ExprConstant.cpp:0:0
#18 0x000055ac13587c8b (anonymous namespace)::IntExprEvaluator::VisitBinaryOperator(clang::BinaryOperator const*) ExprConstant.cpp:0:0
#19 0x000055ac13534175 clang::StmtVisitorBase<llvm::make_const_ptr, (anonymous namespace)::IntExprEvaluator, bool>::Visit(clang::Stmt const*) ExprConstant.cpp:0:0
#20 0x000055ac13522ba6 Evaluate(clang::APValue&, (anonymous namespace)::EvalInfo&, clang::Expr const*) ExprConstant.cpp:0:0
#21 0x000055ac1352c8c9 EvaluateAsRValue((anonymous namespace)::EvalInfo&, clang::Expr const*, clang::APValue&) ExprConstant.cpp:0:0
#22 0x000055ac1352d5f1 clang::Expr::EvaluateForOverflow(clang::ASTContext const&) const (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x744b5f1)
#23 0x000055ac125a3825 clang::Sema::CheckForIntOverflow(clang::Expr*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x64c1825)
#24 0x000055ac125f6bd5 clang::Sema::CheckCompletedExpr(clang::Expr*, clang::SourceLocation, bool) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x6514bd5)
#25 0x000055ac12a7304a clang::Sema::ActOnFinishFullExpr(clang::Expr*, clang::SourceLocation, bool, bool, bool) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x699104a)
#26 0x000055ac12cf718e clang::Sema::ActOnExprStmt(clang::ActionResult<clang::Expr*, true>, bool) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x6c1518e)
#27 0x000055ac124c5c91 clang::Parser::ParseExprStatement(clang::Parser::ParsedStmtContext) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x63e3c91)
#28 0x000055ac124bc09b clang::Parser::ParseStatementOrDeclarationAfterAttributes(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*, clang::ParsedAttributes&, clang::ParsedAttributes&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x63da09b)
#29 0x000055ac124bcf05 clang::Parser::ParseStatementOrDeclaration(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x63daf05)
#30 0x000055ac124bdeea clang::Parser::ParseCompoundStatementBody(bool) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x63dbeea)
#31 0x000055ac124bf8ea clang::Parser::ParseFunctionStatementBody(clang::Decl*, clang::Parser::ParseScope&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x63dd8ea)
#32 0x000055ac123eaf51 clang::Parser::ParseFunctionDefinition(clang::ParsingDeclarator&, clang::Parser::ParsedTemplateInfo const&, clang::Parser::LateParsedAttrList*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x6308f51)
#33 0x000055ac12411690 clang::Parser::ParseDeclGroup(clang::ParsingDeclSpec&, clang::DeclaratorContext, clang::ParsedAttributes&, clang::SourceLocation*, clang::Parser::ForRangeInit*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x632f690)
#34 0x000055ac123de811 clang::Parser::ParseDeclOrFunctionDefInternal(clang::ParsedAttributes&, clang::ParsedAttributes&, clang::ParsingDeclSpec&, clang::AccessSpecifier) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x62fc811)
#35 0x000055ac123df0cf clang::Parser::ParseDeclarationOrFunctionDefinition(clang::ParsedAttributes&, clang::ParsedAttributes&, clang::ParsingDeclSpec*, clang::AccessSpecifier) (.part.0) Parser.cpp:0:0
#36 0x000055ac123e5a91 clang::Parser::ParseExternalDeclaration(clang::ParsedAttributes&, clang::ParsedAttributes&, clang::ParsingDeclSpec*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x6303a91)
#37 0x000055ac123e63c3 clang::Parser::ParseTopLevelDecl(clang::OpaquePtr<clang::DeclGroupRef>&, clang::Sema::ModuleImportState&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x63043c3)
#38 0x000055ac123e68a4 clang::Parser::ParseFirstTopLevelDecl(clang::OpaquePtr<clang::DeclGroupRef>&, clang::Sema::ModuleImportState&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x63048a4)
#39 0x000055ac123da16a clang::ParseAST(clang::Sema&, bool, bool) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x62f816a)
#40 0x000055ac10eddf78 clang::CodeGenAction::ExecuteAction() (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x4dfbf78)
#41 0x000055ac10737ea9 clang::FrontendAction::Execute() (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x4655ea9)
#42 0x000055ac106bce46 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x45dae46)
#43 0x000055ac1081ad26 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x4738d26)
#44 0x000055ac0d15bf5c cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x1079f5c)
#45 0x000055ac0d157c7a ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&, llvm::ToolContext const&) driver.cpp:0:0
#46 0x000055ac10523d7d void llvm::function_ref<void ()>::callback_fn<clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const::'lambda'()>(long) Job.cpp:0:0
#47 0x000055ac0fbddb60 llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x3afbb60)
#48 0x000055ac105245ff clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const (.part.0) Job.cpp:0:0
#49 0x000055ac104ebbfc clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&, clang::driver::Command const*&, bool) const (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x4409bfc)
#50 0x000055ac104ec68d clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&, bool) const (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x440a68d)
#51 0x000055ac104f476d clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x441276d)
#52 0x000055ac0d15a1da clang_main(int, char**, llvm::ToolContext const&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x10781da)
#53 0x000055ac0d061215 main (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0xf7f215)
#54 0x00007f5bfdb90083 __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24083)
#55 0x000055ac0d152a5e _start (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x1070a5e)
clang: error: clang frontend command failed with exit code 134 (use -v to see invocation)
Compiler returned: 134
llvmbot commented 1 year ago

@llvm/issue-subscribers-clang-frontend

zwuis commented 1 month ago

Crashes when checking this assertion:

https://github.com/llvm/llvm-project/blob/5d833ee6acc85bf108a8787ba233e955728868ab/clang/lib/AST/ExprConstant.cpp#L1726-L1730

I guess this assertion can be removed.

zygoloid commented 1 month ago

Slightly reduced: int* f() { return *(int(*)[])0; }

Suggest changing the assert:

-   assert(getType(Base)->isPointerType() || getType(Base)->isArrayType()); 
+   assert(!Base || getType(Base)->isPointerType() || getType(Base)->isArrayType());