[llvm-bugs] [Bug 41307] New: Crash in WebAssembly CFG Stackify

via llvm-bugs llvm-bugs at lists.llvm.org
Fri Mar 29 08:53:00 PDT 2019 

https://bugs.llvm.org/show_bug.cgi?id=41307

            Bug ID: 41307
           Summary: Crash in WebAssembly CFG Stackify
           Product: libraries
           Version: trunk
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: Backend: WebAssembly
          Assignee: unassignedbugs at nondot.org
          Reporter: sbc at chromium.org
                CC: llvm-bugs at lists.llvm.org

Test file from gcc torture tests:

```
#if (__SIZEOF_INT__ <= 2)
#define LIMIT 10000
#else
#define LIMIT 1000000
#endif

void *volatile p;

int
main (void)
{
  int n = 0;
  if (0)
    {
    lab:;
    }
  int x[n % 1000 + 1];
  x[0] = 1;
  x[n % 1000] = 2;
  p = x;
  n++;
  if (n < LIMIT)
    goto lab;
  return 0;
}
```

$ clang --target=wasm32 -c vla-dealloc-1.c

Stack dump:
0.      Program arguments:
/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/clang-9 -cc1 -triple wasm32
-emit-obj -mrelax-all -disable-free -main-file-name vla-dealloc-1.c
-mrelocation-model static -mthread-model posix -masm-verbose
-mconstructor-aliases -fuse-init-array -target-cpu generic -fvisibility hidden
-dwarf-column-info -debugger-tuning=gdb -momit-leaf-frame-pointer
-coverage-notes-file
/usr/local/google/home/sbc/dev/wasm/waterfall/src/vla-dealloc-1.gcno
-resource-dir /usr/local/google/home/sbc/dev/wasm/llvm-build/lib/clang/9.0.0
-internal-isystem /include -fdebug-compilation-dir
/usr/local/google/home/sbc/dev/wasm/waterfall/src -ferror-limit 19
-fmessage-length 148 -fobjc-runtime=gnustep -fno-common
-fdiagnostics-show-option -fcolor-diagnostics -o vla-dealloc-1.o -x c
./work/gcc/gcc/testsuite/gcc.c-torture/execute/vla-dealloc-1.c 
1.      <eof> parser at end of file
2.      Code generation
3.      Running pass 'Function Pass Manager' on module
'./work/gcc/gcc/testsuite/gcc.c-torture/execute/vla-dealloc-1.c'.
4.      Running pass 'WebAssembly CFG Stackify' on function '@__original_main'
 #0 0x00007f1a5ebc96f4 PrintStackTraceSignalHandler(void*)
(/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/../lib/libLLVMSupport.so.9svn+0x16e6f4)
 #1 0x00007f1a5ebc73be llvm::sys::RunSignalHandlers()
(/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/../lib/libLLVMSupport.so.9svn+0x16c3be)
 #2 0x00007f1a5ebc99a8 SignalHandler(int)
(/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/../lib/libLLVMSupport.so.9svn+0x16e9a8)
 #3 0x00007f1a5e4cc0c0 __restore_rt
(/lib/x86_64-linux-gnu/libpthread.so.0+0x110c0)
 #4 0x00007f1a60fbb818 (anonymous
namespace)::WebAssemblyCFGStackify::placeMarkers(llvm::MachineFunction&)
(/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/../lib/libLLVMWebAssemblyCodeGen.so.9svn+0x36818)
 #5 0x00007f1a60fb8f13 (anonymous
namespace)::WebAssemblyCFGStackify::runOnMachineFunction(llvm::MachineFunction&)
(/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/../lib/libLLVMWebAssemblyCodeGen.so.9svn+0x33f13)
 #6 0x00007f1a5fc257da
llvm::MachineFunctionPass::runOnFunction(llvm::Function&)
(/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/../lib/libLLVMCodeGen.so.9svn+0x2227da)
 #7 0x00007f1a5f7d0c19 llvm::FPPassManager::runOnFunction(llvm::Function&)
(/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/../lib/libLLVMCore.so.9svn+0x1d8c19)
 #8 0x00007f1a5f7d0eb8 llvm::FPPassManager::runOnModule(llvm::Module&)
(/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/../lib/libLLVMCore.so.9svn+0x1d8eb8)
 #9 0x00007f1a5f7d14dd llvm::legacy::PassManagerImpl::run(llvm::Module&)
(/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/../lib/libLLVMCore.so.9svn+0x1d94dd)
#10 0x00007f1a5dafdcfc clang::EmitBackendOutput(clang::DiagnosticsEngine&,
clang::HeaderSearchOptions const&, clang::CodeGenOptions const&,
clang::TargetOptions const&, clang::LangOptions const&, llvm::DataLayout
const&, llvm::Module*, clang::BackendAction,
std::unique_ptr<llvm::raw_pwrite_stream,
std::default_delete<llvm::raw_pwrite_stream> >)
(/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/../lib/libclangCodeGen.so.9svn+0x99cfc)
#11 0x00007f1a5dd99e27
clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&)
(/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/../lib/libclangCodeGen.so.9svn+0x335e27)
#12 0x00007f1a5ab9ce03 clang::ParseAST(clang::Sema&, bool, bool)
(/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/../lib/../lib/libclangParse.so.9svn+0x2fe03)
#13 0x00007f1a5d7bcab0 clang::FrontendAction::Execute()
(/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/../lib/libclangFrontend.so.9svn+0xe6ab0)
#14 0x00007f1a5d75a441
clang::CompilerInstance::ExecuteAction(clang::FrontendAction&)
(/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/../lib/libclangFrontend.so.9svn+0x84441)
#15 0x00007f1a5d6d0169
clang::ExecuteCompilerInvocation(clang::CompilerInstance*)
(/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/../lib/libclangFrontendTool.so.9svn+0x4169)
#16 0x00000000004135f7 cc1_main(llvm::ArrayRef<char const*>, char const*,
void*) (/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/clang-9+0x4135f7)
#17 0x00000000004115c2 main
(/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/clang-9+0x4115c2)
#18 0x00007f1a5c8232b1 __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x202b1)
#19 0x000000000040e80a _start
(/usr/local/google/home/sbc/dev/wasm/llvm-build/bin/clang-9+0x40e80a)
clang-9: error: unable to execute command: Segmentation fault
clang-9: error: clang frontend command failed due to signal (use -v to see
invocation)
clang version 9.0.0 (https://github.com/llvm/llvm-project.git
6a75c36ea9bd2bbc8b58fa8732a843477a5fbd69)
Target: wasm32
Thread model: posix
InstalledDir:
/usr/local/google/home/sbc/dev/wasm/waterfall/src/../../llvm-build/bin
clang-9: note: diagnostic msg: PLEASE submit a bug report to
https://bugs.llvm.org/ and include the crash backtrace, preprocessed source,
and associated run script.
clang-9: note: diagnostic msg: 
********************

PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
Preprocessed source(s) and associated run script(s) are located at:
clang-9: note: diagnostic msg: /tmp/vla-dealloc-1-8f89cb.c
clang-9: note: diagnostic msg: /tmp/vla-dealloc-1-8f89cb.sh
clang-9: note: diagnostic msg:

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20190329/7d696afc/attachment.html>

More information about the llvm-bugs mailing list