search

llvm / llvm-project

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
http://llvm.org
Other
28.33k stars 11.7k forks source link

Clang Segmentation Fault with 2D Array. #45984

Open llvmbot opened 4 years ago

llvmbot commented 4 years ago
Bugzilla Link 46639
Version 10.0
OS Linux
Attachments cpp and sh files generated before dump.
Reporter LLVM Bugzilla Contributor
CC @DimitryAndric,@rogerorr

Extended Description

Hi,

When using 2D array with clang, I found a way to cause a segmentation fault of the clang compiler (checked 10 on my WSL) and on the trunk version with godbolt.

The minimal example is the following :

 class A {
     public:
     ~A(){} // No custom destructor => No error
 };

int main() {

  auto a = new A[2][3];

  A (*b) [] = (A (*)[])a; // Adding dimension [3] solves the error too.

  delete[] b;

  return 0;
}

This code compiles without warning nor errors with MSVC 19.24 and gcc 7.5. I do not mind the error or warning from clang, but the seg fault that follows is an issue.

Attached is the cpp and sh generated by clang on crash.

Best,

Karol

DimitryAndric commented 4 years ago

This is actually an assertion:

Assertion failed: (!elementType->isArrayType()), function emitArrayDestroy, file clang/lib/CodeGen/CGDecl.cpp, line 2149.

llvmbot commented 4 years ago

If needed, here is the dump from clang :

test.cpp:13:3: warning: deleting pointer to incomplete type 'A []' may cause undefined behavior [-Wdelete-incomplete] delete[] b; ^ ~ Stack dump:

  1. Program arguments: /usr/lib/llvm-10/bin/clang -cc1 -triple x86_64-pc-linux-gnu -emit-obj -mrelax-all -disable-free -disable-llvm-verifier -discard-value-names -main-file-name test.cpp -mrelocation-model static -mthread-model posix -mframe-pointer=all -fmath-errno -fno-rounding-math -masm-verbose -mconstructor-aliases -munwind-tables -target-cpu x86-64 -dwarf-column-info -fno-split-dwarf-inlining -debugger-tuning=gdb -resource-dir /usr/lib/llvm-10/lib/clang/10.0.0 -internal-isystem /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9 -internal-isystem /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/x86_64-linux-gnu/c++/9 -internal-isystem /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/x86_64-linux-gnu/c++/9 -internal-isystem /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/backward -internal-isystem /usr/local/include -internal-isystem /usr/lib/llvm-10/lib/clang/10.0.0/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -fdeprecated-macro -fdebug-compilation-dir /mnt/d/LinuxFS/TEST -ferror-limit 19 -fmessage-length 0 -fgnuc-version=4.2.1 -fobjc-runtime=gcc -fcxx-exceptions -fexceptions -fdiagnostics-show-option -fcolor-diagnostics -faddrsig -o /tmp/test-58b933.o -x c++ test.cpp
  2. parser at end of file
  3. test.cpp:7:5: LLVM IR generation of declaration 'main'
  4. test.cpp:7:5: Generating code for declaration 'main'

    ​0 0x00007fcb5e8914ff llvm::sys::PrintStackTrace(llvm::raw_ostream&) (/lib/x86_64-linux-gnu/libLLVM-10.so.1+0x9814ff)

    ​1 0x00007fcb5e88f7b0 llvm::sys::RunSignalHandlers() (/lib/x86_64-linux-gnu/libLLVM-10.so.1+0x97f7b0)

    ​2 0x00007fcb5e891ac5 (/lib/x86_64-linux-gnu/libLLVM-10.so.1+0x981ac5)

    ​3 0x00007fcb650723c0 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x153c0)

    ​4 0x00007fcb62ff0cd7 clang::Decl::getASTContext() const (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0xa40cd7)

    ​5 0x00007fcb63003e7f clang::CXXRecordDecl::getDestructor() const (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0xa53e7f)

    ​6 0x00007fcb63a5ce89 clang::CodeGen::CodeGenFunction::destroyCXXObject(clang::CodeGen::CodeGenFunction&, clang::CodeGen::Address, clang::QualType) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x14ace89)

    ​7 0x00007fcb63a8f634 clang::CodeGen::CodeGenFunction::emitArrayDestroy(llvm::Value, llvm::Value, clang::QualType, clang::CharUnits, void (*)(clang::CodeGen::CodeGenFunction&, clang::CodeGen::Address, clang::QualType), bool, bool) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x14df634)

    ​8 0x00007fcb63acd78f clang::CodeGen::CodeGenFunction::EmitCXXDeleteExpr(clang::CXXDeleteExpr const*) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x151d78f)

    ​9 0x00007fcb63aebe6d (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x153be6d)

    ​10 0x00007fcb63ae135f clang::CodeGen::CodeGenFunction::EmitScalarExpr(clang::Expr const*, bool) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x153135f)

    ​11 0x00007fcb63aa0948 clang::CodeGen::CodeGenFunction::EmitAnyExpr(clang::Expr const*, clang::CodeGen::AggValueSlot, bool) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x14f0948)

    ​12 0x00007fcb63aa08f9 clang::CodeGen::CodeGenFunction::EmitIgnoredExpr(clang::Expr const*) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x14f08f9)

    ​13 0x00007fcb63bd45c4 clang::CodeGen::CodeGenFunction::EmitStmt(clang::Stmt const, llvm::ArrayRef<clang::Attr const>) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x16245c4)

    ​14 0x00007fcb63bde2fc clang::CodeGen::CodeGenFunction::EmitCompoundStmtWithoutScope(clang::CompoundStmt const&, bool, clang::CodeGen::AggValueSlot) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x162e2fc)

    ​15 0x00007fcb63c1fc62 clang::CodeGen::CodeGenFunction::EmitFunctionBody(clang::Stmt const*) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x166fc62)

    ​16 0x00007fcb63c204bf clang::CodeGen::CodeGenFunction::GenerateCode(clang::GlobalDecl, llvm::Function*, clang::CodeGen::CGFunctionInfo const&) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x16704bf)

    ​17 0x00007fcb63c37cfd clang::CodeGen::CodeGenModule::EmitGlobalFunctionDefinition(clang::GlobalDecl, llvm::GlobalValue*) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x1687cfd)

    ​18 0x00007fcb63c31e52 clang::CodeGen::CodeGenModule::EmitGlobalDefinition(clang::GlobalDecl, llvm::GlobalValue*) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x1681e52)

    ​19 0x00007fcb63c3a662 clang::CodeGen::CodeGenModule::EmitTopLevelDecl(clang::Decl*) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x168a662)

    ​20 0x00007fcb63ca9dbf (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x16f9dbf)

    ​21 0x00007fcb63c179c2 (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x16679c2)

    ​22 0x00007fcb62e05ba4 clang::ParseAST(clang::Sema&, bool, bool) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x855ba4)

    ​23 0x00007fcb6427be58 clang::FrontendAction::Execute() (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x1ccbe58)

    ​24 0x00007fcb642348a1 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x1c848a1)

    ​25 0x00007fcb642dfdaf clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x1d2fdaf)

    ​26 0x000000000041229d cc1_main(llvm::ArrayRef<char const>, char const, void*) (/usr/lib/llvm-10/bin/clang+0x41229d)

    ​27 0x00000000004105b1 (/usr/lib/llvm-10/bin/clang+0x4105b1)

    ​28 0x000000000041036d main (/usr/lib/llvm-10/bin/clang+0x41036d)

    ​29 0x00007fcb5d9c70b3 __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b3)

    ​30 0x000000000040d7ce _start (/usr/lib/llvm-10/bin/clang+0x40d7ce)

    clang: error: unable to execute command: Segmentation fault (core dumped) clang: error: clang frontend command failed due to signal (use -v to see invocation) clang version 10.0.0-4ubuntu1 Target: x86_64-pc-linux-gnu Thread model: posix InstalledDir: /usr/bin clang: note: diagnostic msg: PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash backtrace, preprocessed source, and associated run script. clang: note: diagnostic msg:

PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT: Preprocessed source(s) and associated run script(s) are located at: clang: note: diagnostic msg: /tmp/test-fa1306.cpp clang: note: diagnostic msg: /tmp/test-fa1306.sh clang: note: diagnostic msg:

Endilll commented 1 year ago

Still crashing as of post-17 trunk: https://godbolt.org/z/hdWGc9qqb

<source>:12:3: warning: deleting pointer to incomplete type 'A[]' may cause undefined behavior [-Wdelete-incomplete]
   12 |   delete[] b;
      |   ^        ~

clang++: /root/llvm-project/clang/lib/CodeGen/CGDecl.cpp:2294:
void clang::CodeGen::CodeGenFunction::emitArrayDestroy(llvm::Value*, llvm::Value*, clang::QualType, clang::CharUnits, void (*)(clang::CodeGen::CodeGenFunction&, clang::CodeGen::Address, clang::QualType), bool, bool):
Assertion `!elementType->isArrayType()' failed.

PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.  Program arguments: /opt/compiler-explorer/clang-assertions-trunk/bin/clang++ -gdwarf-4 -g -o /app/output.s -mllvm --x86-asm-syntax=intel -S --gcc-toolchain=/opt/compiler-explorer/gcc-snapshot -fcolor-diagnostics -fno-crash-diagnostics <source>
1.  <eof> parser at end of file
2.  <source>:6:5: LLVM IR generation of declaration 'main'
3.  <source>:6:5: Generating code for declaration 'main'
 #0 0x0000000003673848 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x3673848)
 #1 0x00000000036716cc llvm::sys::CleanupOnSignal(unsigned long) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x36716cc)
 #2 0x00000000035bef28 CrashRecoverySignalHandler(int) CrashRecoveryContext.cpp:0:0
 #3 0x00007fab25329420 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x14420)
 #4 0x00007fab24dec00b raise (/lib/x86_64-linux-gnu/libc.so.6+0x4300b)
 #5 0x00007fab24dcb859 abort (/lib/x86_64-linux-gnu/libc.so.6+0x22859)
 #6 0x00007fab24dcb729 (/lib/x86_64-linux-gnu/libc.so.6+0x22729)
 #7 0x00007fab24ddcfd6 (/lib/x86_64-linux-gnu/libc.so.6+0x33fd6)
 #8 0x0000000003d2e00c clang::CodeGen::CodeGenFunction::emitArrayDestroy(llvm::Value*, llvm::Value*, clang::QualType, clang::CharUnits, void (*)(clang::CodeGen::CodeGenFunction&, clang::CodeGen::Address, clang::QualType), bool, bool) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x3d2e00c)
 #9 0x0000000003d9b566 clang::CodeGen::CodeGenFunction::EmitCXXDeleteExpr(clang::CXXDeleteExpr const*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x3d9b566)
#10 0x0000000003dbabde clang::StmtVisitorBase<std::add_pointer, (anonymous namespace)::ScalarExprEmitter, llvm::Value*>::Visit(clang::Stmt*) CGExprScalar.cpp:0:0
#11 0x0000000003dc26dc clang::CodeGen::CodeGenFunction::EmitScalarExpr(clang::Expr const*, bool) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x3dc26dc)
#12 0x0000000003d58c76 clang::CodeGen::CodeGenFunction::EmitAnyExpr(clang::Expr const*, clang::CodeGen::AggValueSlot, bool) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x3d58c76)
#13 0x0000000003d79c2b clang::CodeGen::CodeGenFunction::EmitIgnoredExpr(clang::Expr const*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x3d79c2b)
#14 0x0000000003989432 clang::CodeGen::CodeGenFunction::EmitStmt(clang::Stmt const*, llvm::ArrayRef<clang::Attr const*>) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x3989432)
#15 0x000000000398f8ac clang::CodeGen::CodeGenFunction::EmitCompoundStmtWithoutScope(clang::CompoundStmt const&, bool, clang::CodeGen::AggValueSlot) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x398f8ac)
#16 0x00000000039ed076 clang::CodeGen::CodeGenFunction::EmitFunctionBody(clang::Stmt const*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x39ed076)
#17 0x0000000003a0016a clang::CodeGen::CodeGenFunction::GenerateCode(clang::GlobalDecl, llvm::Function*, clang::CodeGen::CGFunctionInfo const&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x3a0016a)
#18 0x0000000003a614cd clang::CodeGen::CodeGenModule::EmitGlobalFunctionDefinition(clang::GlobalDecl, llvm::GlobalValue*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x3a614cd)
#19 0x0000000003a5c685 clang::CodeGen::CodeGenModule::EmitGlobalDefinition(clang::GlobalDecl, llvm::GlobalValue*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x3a5c685)
#20 0x0000000003a5cc43 clang::CodeGen::CodeGenModule::EmitGlobal(clang::GlobalDecl) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x3a5cc43)
#21 0x0000000003a65e13 clang::CodeGen::CodeGenModule::EmitTopLevelDecl(clang::Decl*) (.part.0) CodeGenModule.cpp:0:0
#22 0x00000000048c8726 (anonymous namespace)::CodeGeneratorImpl::HandleTopLevelDecl(clang::DeclGroupRef) ModuleBuilder.cpp:0:0
#23 0x00000000048baec8 clang::BackendConsumer::HandleTopLevelDecl(clang::DeclGroupRef) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x48baec8)
#24 0x0000000005d80464 clang::ParseAST(clang::Sema&, bool, bool) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x5d80464)
#25 0x00000000048c5798 clang::CodeGenAction::ExecuteAction() (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x48c5798)
#26 0x000000000412d9d9 clang::FrontendAction::Execute() (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x412d9d9)
#27 0x00000000040b1d6e clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x40b1d6e)
#28 0x000000000420dc46 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x420dc46)
#29 0x0000000000bcb672 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0xbcb672)
#30 0x0000000000bc3e5a ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&, llvm::ToolContext const&) driver.cpp:0:0
#31 0x0000000003f11c19 void llvm::function_ref<void ()>::callback_fn<clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const::'lambda'()>(long) Job.cpp:0:0
#32 0x00000000035bf3d4 llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x35bf3d4)
#33 0x0000000003f1220f clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const (.part.0) Job.cpp:0:0
#34 0x0000000003eda175 clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&, clang::driver::Command const*&, bool) const (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x3eda175)
#35 0x0000000003edabdd clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&, bool) const (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x3edabdd)
#36 0x0000000003ee2705 clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x3ee2705)
#37 0x0000000000bc9927 clang_main(int, char**, llvm::ToolContext const&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0xbc9927)
#38 0x0000000000ac39f1 main (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0xac39f1)
#39 0x00007fab24dcd083 __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24083)
#40 0x0000000000bc393e _start (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0xbc393e)
clang++: error: clang frontend command failed with exit code 134 (use -v to see invocation)
llvmbot commented 1 year ago

@llvm/issue-subscribers-clang-codegen