<html>
<head>
<base href="https://bugs.llvm.org/">
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - Segfault/Assertion failure in ___kmp_fast_free"
href="https://bugs.llvm.org/show_bug.cgi?id=43363">43363</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>Segfault/Assertion failure in ___kmp_fast_free
</td>
</tr>
<tr>
<th>Product</th>
<td>OpenMP
</td>
</tr>
<tr>
<th>Version</th>
<td>unspecified
</td>
</tr>
<tr>
<th>Hardware</th>
<td>PC
</td>
</tr>
<tr>
<th>OS</th>
<td>Linux
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>normal
</td>
</tr>
<tr>
<th>Priority</th>
<td>P
</td>
</tr>
<tr>
<th>Component</th>
<td>Runtime Library
</td>
</tr>
<tr>
<th>Assignee</th>
<td>unassignedbugs@nondot.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>lennart.braun@posteo.de
</td>
</tr>
<tr>
<th>CC</th>
<td>llvm-bugs@lists.llvm.org
</td>
</tr></table>
<p>
<div>
<pre>Created <span class=""><a href="attachment.cgi?id=22530" name="attach_22530" title="reproducer and asan/gdb traces">attachment 22530</a> <a href="attachment.cgi?id=22530&action=edit" title="reproducer and asan/gdb traces">[details]</a></span>
reproducer and asan/gdb traces
Hi everyone,
I ran into an issue which causes crashes of our application when compiled with
Clang and libomp (8.0.1 each). I was able to reproduce it with version
9.0.0rc6 of libomp compiled with debug symbols and ASan.
Most of the time, ASan reports a SEGV caused by a READ operation in
___kmp_fast_free (according to GDB at kmp_alloc.cpp:1956, according to ASan in
kmp_alloc.cpp:1944).
Sometimes one of the following assertions fails:
<a href="https://github.com/llvm/llvm-project/blob/12f174e98c3514755b21db2f040544c0b2ed5f67/openmp/runtime/src/kmp_alloc.cpp#L1970-L1976">https://github.com/llvm/llvm-project/blob/12f174e98c3514755b21db2f040544c0b2ed5f67/openmp/runtime/src/kmp_alloc.cpp#L1970-L1976</a>
<a href="https://github.com/llvm/llvm-project/blob/12f174e98c3514755b21db2f040544c0b2ed5f67/openmp/runtime/src/kmp_alloc.cpp#L1980">https://github.com/llvm/llvm-project/blob/12f174e98c3514755b21db2f040544c0b2ed5f67/openmp/runtime/src/kmp_alloc.cpp#L1980</a>
To reproduce the crash I have attached some example code (crash_omp.cpp) which
is based on one of our test cases. I tried to strip all unnecessary code and
make the example as small as possible. Hence, the code itself probably does
not make much sense anymore. On my machine the crash appears usually in
iteration 4 of the loop in the main function. Compile it as:
$ clang++ -o crash_omp -std=c++17 -fopenmp=libomp -g -fsanitize=address
crash_omp.cpp
I run Arch Linux on x86_64 and used the following versions of libomp and Clang:
libomp 9.0.0-rc6 (from
<a href="https://github.com/llvm/llvm-project/archive/llvmorg-9.0.0-rc6.tar.gz">https://github.com/llvm/llvm-project/archive/llvmorg-9.0.0-rc6.tar.gz</a>)
compiled with:
cmake .. -G Ninja \
-DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++ \
-DCMAKE_C_FLAGS=-fsanitize=address \
-DCMAKE_BUILD_TYPE=Debug \
-DCMAKE_INSTALL_PREFIX=/usr
$ clang++ --version
clang version 8.0.1 (tags/RELEASE_801/final)
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
Attachments:
* crash_omp.cpp
* asan_output.txt
* gdb_stacktrace.txt
Please let me know if you need more information.
Best
Lennart
PS:
While debugging I noticed that
#pragma omp taskloop num_tasks(n) default(shared)
with n == 0 causes libomp to perform a division by 0 which results in a crash
with SIGFPE. I don't know if this behavior is intended or an error message is
preferred here. (The spec requires n to be positive
<a href="https://www.openmp.org/spec-html/5.0/openmpsu47.html">https://www.openmp.org/spec-html/5.0/openmpsu47.html</a>)</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are on the CC list for the bug.</li>
</ul>
</body>
</html>