search

llvm / llvm-project

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
http://llvm.org
Other
27.61k stars 11.35k forks source link

[LLDB] the value of the variable is incorrect #93929

Open IOVOVHS opened 2 months ago

IOVOVHS commented 2 months ago 
static uint64_t  func_25(int64_t  p_26)
{ /* block id: 9 */
    int32_t *l_44 = &g_45[0];
    uint8_t *l_47 = &g_4;
    uint8_t **l_46 = &l_47;
    int32_t l_50 = 0x6EF5427EL;
    int32_t l_55[10][7][3] = {{{0xEC28D216L,5L,0x28DFE901L},{1L,1L,(-1L)},{0x78C3A3B2L,0xD7BF5F1EL,0x28DFE901L},{0xF941663BL,1L,0xF941663BL},{0xEC28D216L,0x78C3A3B2L,(-1L)},{0xA3C8FCBDL,0xF941663BL,0xF941663BL},{(-1L),0xEC28D216L,0x28DFE901L}},{{0x72C6516EL,0xA3C8FCBDL,(-1L)},{(-1L),(-1L),0L},{0xA3C8FCBDL,0x72C6516EL,0x77E9FB13L},{0xEC28D216L,(-1L),0xEC28D216L},{0xF941663BL,0xA3C8FCBDL,1L},{0x78C3A3B2L,0xEC28D216L,0xEC28D216L},{1L,0xF941663BL,0x77E9FB13L}},{{0xD7BF5F1EL,0x78C3A3B2L,0L},{1L,1L,(-1L)},{0x78C3A3B2L,0xD7BF5F1EL,0x28DFE901L},{0xF941663BL,1L,0xF941663BL},{0xEC28D216L,0x78C3A3B2L,(-1L)},{0xA3C8FCBDL,0xF941663BL,0xF941663BL},{(-1L),0xEC28D216L,0x28DFE901L}},{{0x72C6516EL,0xA3C8FCBDL,(-1L)},{(-1L),(-1L),0L},{0xA3C8FCBDL,0x72C6516EL,0x77E9FB13L},{0xEC28D216L,(-1L),0xEC28D216L},{0xF941663BL,0xA3C8FCBDL,1L},{0x78C3A3B2L,0xEC28D216L,0xEC28D216L},{1L,0xF941663BL,0x77E9FB13L}},{{0xD7BF5F1EL,0x78C3A3B2L,0L},{1L,1L,(-1L)},{0x78C3A3B2L,0xD7BF5F1EL,0x28DFE901L},{0xF941663BL,1L,0xF941663BL},{0xEC28D216L,0x78C3A3B2L,(-1L)},{0xA3C8FCBDL,0xF941663BL,0xF941663BL},{(-1L),0xEC28D216L,0x28DFE901L}},{{0x72C6516EL,0xA3C8FCBDL,(-1L)},{(-1L),(-1L),0L},{0xA3C8FCBDL,0x72C6516EL,0x77E9FB13L},{0xEC28D216L,(-1L),0xEC28D216L},{0xF941663BL,0xA3C8FCBDL,1L},{0x78C3A3B2L,0xEC28D216L,0xEC28D216L},{1L,0xF941663BL,0x77E9FB13L}},{{0xD7BF5F1EL,0x78C3A3B2L,0L},{1L,1L,(-1L)},{0x78C3A3B2L,0xD7BF5F1EL,0x28DFE901L},{0xF941663BL,1L,0xF941663BL},{0xEC28D216L,0x78C3A3B2L,(-1L)},{0xA3C8FCBDL,0xF941663BL,0xF941663BL},{(-1L),0xEC28D216L,0x28DFE901L}},{{0x72C6516EL,0xA3C8FCBDL,(-1L)},{(-1L),(-1L),0L},{0xA3C8FCBDL,0x72C6516EL,0x77E9FB13L},{0xEC28D216L,(-1L),0xEC28D216L},{0xF941663BL,0xA3C8FCBDL,1L},{0x78C3A3B2L,0xEC28D216L,0xEC28D216L},{1L,0xF941663BL,0x77E9FB13L}},{{0xD7BF5F1EL,0x78C3A3B2L,0L},{1L,1L,(-1L)},{0x78C3A3B2L,0xD7BF5F1EL,0x28DFE901L},{0xF941663BL,1L,0xF941663BL},{0xEC28D216L,0x78C3A3B2L,(-1L)},{0xA3C8FCBDL,0xF941663BL,0xF941663BL},{(-1L),0xEC28D216L,0x28DFE901L}},{{0x72C6516EL,0xA3C8FCBDL,(-1L)},{(-1L),(-1L),(-1L)},{0xF941663BL,0x77E9FB13L,(-1L)},{0xD7BF5F1EL,5L,0xD7BF5F1EL},{0x72C6516EL,0xF941663BL,0L},{0xEC28D216L,0xD7BF5F1EL,0xD7BF5F1EL},{0L,0x72C6516EL,(-1L)}}};
    int64_t *l_68 = (void*)0;
    int64_t *l_69 = (void*)0;
    int32_t l_70 = 0x08C81983L;
    uint8_t *l_93 = (void*)0;
    int32_t *l_403 = &g_318[4][1];
    uint16_t *l_404 = &g_196;
    uint16_t *l_415 = (void*)0;
    uint16_t *l_416 = (void*)0;
    uint16_t *l_417 = &g_200;
    uint32_t *l_418 = &g_10;
    uint32_t l_419 = 4UL;
    int i, j, k;
    (*g_400) = func_27(((((*l_46) = func_33(func_39(((*l_44) = g_8), l_46, (((safe_add_func_int16_t_s_s(l_50, (safe_lshift_func_uint64_t_u_s(((safe_div_func_uint32_t_u_u((l_55[4][4][2] = l_50), ((safe_div_func_uint32_t_u_u(0x828E8BF3L, 0xE6B711A4L)) ^ (safe_mul_func_int64_t_s_s((l_70 ^= (safe_lshift_func_uint16_t_u_u((safe_mul_func_int32_t_s_s(l_50, (-1L))), ((safe_div_func_int32_t_s_s(((safe_lshift_func_uint32_t_u_u((((g_15 ^ g_6) < 0x6B3EL) , 4294967295UL), 31)) , 0x6C7BFB9EL), p_26)) , 65535UL)))), g_15))))) & g_18), 60)))) == (-5L)) ^ l_50), &l_47), g_8, l_50, (*g_84), l_50)) == l_93) , 0xEC46L), g_18, g_10, g_10, &l_50);
    (*g_136) &= ((safe_mul_func_uint16_t_u_u((((*l_403) = ((*l_44) = p_26)) , ((0x2C60L || (((g_274 &= p_26) , ((*l_404) |= 0xC69DL)) , (g_4 ^ 0L))) , (safe_lshift_func_int32_t_s_u(p_26, l_50)))), (((safe_div_func_int8_t_s_s((g_186[3] ^= (((*l_418) |= (safe_mul_func_uint16_t_u_u(((*l_417) |= ((safe_mod_func_int32_t_s_s((-9L), p_26)) | 1UL)), 0x7476L))) ^ p_26)), l_419)) , l_55[1][4][2]) < p_26))) , l_50);
    (*g_136) = p_26;
    return p_26;
}

This program is generated by csmith. Using clang-15 to compile the program at the optimization level of O1, the breakpoint can be stopped at line 128.This line is used to update the variable g_400.

(lldb) b 128
(lldb) r
(lldb) p l_55[0][0][0]
(int32_t) $0 =0

The program compiled with O0 printed the correct values.

(lldb) b 128
(lldb) r
(lldb) p l_55[0][0][0]
(int32_t) $0 = -332869098

It is worth noting that, GDB shows here that the variable l_55 has been optimized, but in reality, llvm-dwarfdump is used to print dwarf information, and the variable l_55 has a location attribute.

clang random_69.c -I $csmith_h -O1 -o random_69_1_clang.o -g -w

lldb version 15.0.7 clang version 15.0.7 GNU gdb (GDB) 13.2 test_case.zip

llvmbot commented 2 months ago

@llvm/issue-subscribers-lldb

Author: None (IOVOVHS)

```c static uint64_t func_25(int64_t p_26) { /* block id: 9 */ int32_t *l_44 = &g_45[0]; uint8_t *l_47 = &g_4; uint8_t **l_46 = &l_47; int32_t l_50 = 0x6EF5427EL; int32_t l_55[10][7][3] = {{{0xEC28D216L,5L,0x28DFE901L},{1L,1L,(-1L)},{0x78C3A3B2L,0xD7BF5F1EL,0x28DFE901L},{0xF941663BL,1L,0xF941663BL},{0xEC28D216L,0x78C3A3B2L,(-1L)},{0xA3C8FCBDL,0xF941663BL,0xF941663BL},{(-1L),0xEC28D216L,0x28DFE901L}},{{0x72C6516EL,0xA3C8FCBDL,(-1L)},{(-1L),(-1L),0L},{0xA3C8FCBDL,0x72C6516EL,0x77E9FB13L},{0xEC28D216L,(-1L),0xEC28D216L},{0xF941663BL,0xA3C8FCBDL,1L},{0x78C3A3B2L,0xEC28D216L,0xEC28D216L},{1L,0xF941663BL,0x77E9FB13L}},{{0xD7BF5F1EL,0x78C3A3B2L,0L},{1L,1L,(-1L)},{0x78C3A3B2L,0xD7BF5F1EL,0x28DFE901L},{0xF941663BL,1L,0xF941663BL},{0xEC28D216L,0x78C3A3B2L,(-1L)},{0xA3C8FCBDL,0xF941663BL,0xF941663BL},{(-1L),0xEC28D216L,0x28DFE901L}},{{0x72C6516EL,0xA3C8FCBDL,(-1L)},{(-1L),(-1L),0L},{0xA3C8FCBDL,0x72C6516EL,0x77E9FB13L},{0xEC28D216L,(-1L),0xEC28D216L},{0xF941663BL,0xA3C8FCBDL,1L},{0x78C3A3B2L,0xEC28D216L,0xEC28D216L},{1L,0xF941663BL,0x77E9FB13L}},{{0xD7BF5F1EL,0x78C3A3B2L,0L},{1L,1L,(-1L)},{0x78C3A3B2L,0xD7BF5F1EL,0x28DFE901L},{0xF941663BL,1L,0xF941663BL},{0xEC28D216L,0x78C3A3B2L,(-1L)},{0xA3C8FCBDL,0xF941663BL,0xF941663BL},{(-1L),0xEC28D216L,0x28DFE901L}},{{0x72C6516EL,0xA3C8FCBDL,(-1L)},{(-1L),(-1L),0L},{0xA3C8FCBDL,0x72C6516EL,0x77E9FB13L},{0xEC28D216L,(-1L),0xEC28D216L},{0xF941663BL,0xA3C8FCBDL,1L},{0x78C3A3B2L,0xEC28D216L,0xEC28D216L},{1L,0xF941663BL,0x77E9FB13L}},{{0xD7BF5F1EL,0x78C3A3B2L,0L},{1L,1L,(-1L)},{0x78C3A3B2L,0xD7BF5F1EL,0x28DFE901L},{0xF941663BL,1L,0xF941663BL},{0xEC28D216L,0x78C3A3B2L,(-1L)},{0xA3C8FCBDL,0xF941663BL,0xF941663BL},{(-1L),0xEC28D216L,0x28DFE901L}},{{0x72C6516EL,0xA3C8FCBDL,(-1L)},{(-1L),(-1L),0L},{0xA3C8FCBDL,0x72C6516EL,0x77E9FB13L},{0xEC28D216L,(-1L),0xEC28D216L},{0xF941663BL,0xA3C8FCBDL,1L},{0x78C3A3B2L,0xEC28D216L,0xEC28D216L},{1L,0xF941663BL,0x77E9FB13L}},{{0xD7BF5F1EL,0x78C3A3B2L,0L},{1L,1L,(-1L)},{0x78C3A3B2L,0xD7BF5F1EL,0x28DFE901L},{0xF941663BL,1L,0xF941663BL},{0xEC28D216L,0x78C3A3B2L,(-1L)},{0xA3C8FCBDL,0xF941663BL,0xF941663BL},{(-1L),0xEC28D216L,0x28DFE901L}},{{0x72C6516EL,0xA3C8FCBDL,(-1L)},{(-1L),(-1L),(-1L)},{0xF941663BL,0x77E9FB13L,(-1L)},{0xD7BF5F1EL,5L,0xD7BF5F1EL},{0x72C6516EL,0xF941663BL,0L},{0xEC28D216L,0xD7BF5F1EL,0xD7BF5F1EL},{0L,0x72C6516EL,(-1L)}}}; int64_t *l_68 = (void*)0; int64_t *l_69 = (void*)0; int32_t l_70 = 0x08C81983L; uint8_t *l_93 = (void*)0; int32_t *l_403 = &g_318[4][1]; uint16_t *l_404 = &g_196; uint16_t *l_415 = (void*)0; uint16_t *l_416 = (void*)0; uint16_t *l_417 = &g_200; uint32_t *l_418 = &g_10; uint32_t l_419 = 4UL; int i, j, k; (*g_400) = func_27(((((*l_46) = func_33(func_39(((*l_44) = g_8), l_46, (((safe_add_func_int16_t_s_s(l_50, (safe_lshift_func_uint64_t_u_s(((safe_div_func_uint32_t_u_u((l_55[4][4][2] = l_50), ((safe_div_func_uint32_t_u_u(0x828E8BF3L, 0xE6B711A4L)) ^ (safe_mul_func_int64_t_s_s((l_70 ^= (safe_lshift_func_uint16_t_u_u((safe_mul_func_int32_t_s_s(l_50, (-1L))), ((safe_div_func_int32_t_s_s(((safe_lshift_func_uint32_t_u_u((((g_15 ^ g_6) < 0x6B3EL) , 4294967295UL), 31)) , 0x6C7BFB9EL), p_26)) , 65535UL)))), g_15))))) & g_18), 60)))) == (-5L)) ^ l_50), &l_47), g_8, l_50, (*g_84), l_50)) == l_93) , 0xEC46L), g_18, g_10, g_10, &l_50); (*g_136) &= ((safe_mul_func_uint16_t_u_u((((*l_403) = ((*l_44) = p_26)) , ((0x2C60L || (((g_274 &= p_26) , ((*l_404) |= 0xC69DL)) , (g_4 ^ 0L))) , (safe_lshift_func_int32_t_s_u(p_26, l_50)))), (((safe_div_func_int8_t_s_s((g_186[3] ^= (((*l_418) |= (safe_mul_func_uint16_t_u_u(((*l_417) |= ((safe_mod_func_int32_t_s_s((-9L), p_26)) | 1UL)), 0x7476L))) ^ p_26)), l_419)) , l_55[1][4][2]) < p_26))) , l_50); (*g_136) = p_26; return p_26; } ``` This program is generated by csmith. Using clang-15 to compile the program at the optimization level of O1, the breakpoint can be stopped at line 128.This line is used to update the variable g_400. ``` (lldb) b 128 (lldb) r (lldb) p l_55[0][0][0] (int32_t) $0 =0 ``` The program compiled with O0 printed the correct values. ``` (lldb) b 128 (lldb) r (lldb) p l_55[0][0][0] (int32_t) $0 = -332869098 ``` It is worth noting that, GDB shows here that the variable l_55 has been optimized, but in reality, llvm-dwarfdump is used to print dwarf information, and the variable l_55 has a location attribute. clang random_69.c -I $csmith_h -O1 -o random_69_1_clang.o -g -w lldb version 15.0.7 clang version 15.0.7 GNU gdb (GDB) 13.2 [test_case.zip](https://github.com/user-attachments/files/15509283/test_case.zip)
IOVOVHS commented 2 months ago

May I ask which specific version of LLDB will receive faster confirmation? Is the version of LLDB/LLVM I am using too old? Or did I not submit the report correctly?I may need to do test case reduction. This issue is about the debugger printing an incorrect value, which should actually print the initialization value of the variable instead of 0. Is this type of error acceptable? Or should I switch to another version for testing?Or rather, I should confirm if the compiler was unable to provide the correct debugging information.

DavidSpickett commented 1 month ago

Hi, this got buried didn't it, sorry about that.

I would first reduce the reproducer, perhaps creduce could help you. Otherwise by hand. As we're not gonna know which of those variables is at fault.

It would then be good to know if GDB is able to report correctly, because that either means clang is correct or if it isn't, GDB has some workaround we don't know about.

If the issue still reprodces with a build of lldb from the main branch it may get fixed. Otherwise, the 18.x branches and older are now closed to new changes.

DavidSpickett commented 1 month ago

llvm-dwarfdump is a useful tool to inspect the dwarf, but as I said, try swapping compilers and debuggers first, see what happens.

IOVOVHS commented 1 month ago

Thank you for your reply. I will submit the reduced test cases in the future. If this is confirmed as a bug, I will also try to reduce this test case and use tools like llvm dwarfdump.