<html>
<head>
<base href="https://bugs.llvm.org/">
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - Failed assertion after r366151"
href="https://bugs.llvm.org/show_bug.cgi?id=43529">43529</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>Failed assertion after r366151
</td>
</tr>
<tr>
<th>Product</th>
<td>libraries
</td>
</tr>
<tr>
<th>Version</th>
<td>trunk
</td>
</tr>
<tr>
<th>Hardware</th>
<td>PC
</td>
</tr>
<tr>
<th>OS</th>
<td>All
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>enhancement
</td>
</tr>
<tr>
<th>Priority</th>
<td>P
</td>
</tr>
<tr>
<th>Component</th>
<td>Backend: X86
</td>
</tr>
<tr>
<th>Assignee</th>
<td>unassignedbugs@nondot.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>natechancellor@gmail.com
</td>
</tr>
<tr>
<th>CC</th>
<td>craig.topper@gmail.com, llvm-bugs@lists.llvm.org, llvm-dev@redking.me.uk, spatel+llvm@rotateright.com
</td>
</tr></table>
<p>
<div>
<pre>When building an i386_defconfig Linux kernel, there is a crash with
kernel/jump_label.o:
clang-9:
/home/nathan/cbl/git/tc-build/llvm-project/llvm/include/llvm/CodeGen/MachineOperand.h:527:
int64_t llvm::MachineOperand::getImm() const: Assertion `isImm() && "Wrong
MachineOperand accessor"' failed.
Stack dump:
0. Program arguments: /home/nathan/cbl/tmp/llvm-r366151/bin/clang-9 -cc1
-triple i386-unknown-linux-gnu -S -disable-free -main-file-name jump_label.c
-mrelocation-model static -mthread-model posix -fno-delete-null-pointer-checks
-mllvm -warn-stack-size=1024 -mregparm 3 -freg-struct-return -mdisable-fp-elim
-relaxed-aliasing -mdisable-tail-calls -fmath-errno -masm-verbose
-no-integrated-as -mconstructor-aliases -ffreestanding -fuse-init-array
-target-cpu i686 -target-feature +retpoline-indirect-calls -target-feature
+retpoline-indirect-branches -target-feature -sse -target-feature -mmx
-target-feature -sse2 -target-feature -3dnow -target-feature -avx
-target-feature +retpoline-external-thunk -no-implicit-float -dwarf-column-info
-debugger-tuning=gdb -coverage-notes-file
/home/nathan/src/linux/out-r366151/kernel/jump_label.gcno -nostdsysteminc
-nobuiltininc -resource-dir /home/nathan/cbl/tmp/llvm-r366151/lib/clang/9.0.0
-dependency-file kernel/.jump_label.o.d -MT kernel/jump_label.o
-sys-header-deps -isystem
/home/nathan/cbl/tmp/llvm-r366151/lib/clang/9.0.0/include -include
../include/linux/kconfig.h -include ../include/linux/compiler_types.h -I
../arch/x86/include -I ./arch/x86/include/generated -I ../include -I ./include
-I ../arch/x86/include/uapi -I ./arch/x86/include/generated/uapi -I
../include/uapi -I ./include/generated/uapi -D __KERNEL__ -D CONFIG_AS_CFI=1 -D
CONFIG_AS_CFI_SIGNAL_FRAME=1 -D CONFIG_AS_CFI_SECTIONS=1 -D CONFIG_AS_SSSE3=1
-D CONFIG_AS_AVX=1 -D CONFIG_AS_AVX2=1 -D CONFIG_AS_AVX512=1 -D
CONFIG_AS_SHA1_NI=1 -D CONFIG_AS_SHA256_NI=1 -I ../kernel -I ./kernel -D
KBUILD_BASENAME="jump_label" -D KBUILD_MODNAME="jump_label" -O2 -Wall -Wundef
-Werror=strict-prototypes -Wno-trigraphs -Werror=implicit-function-declaration
-Werror=implicit-int -Wno-format-security -Werror=unknown-warning-option
-Wno-sign-compare -Wno-address-of-packed-member -Wno-format-invalid-specifier
-Wno-gnu -Wno-tautological-compare -Wno-unused-const-variable
-Wdeclaration-after-statement -Wvla -Wno-pointer-sign -Werror=date-time
-Werror=incompatible-pointer-types -Wno-initializer-overrides -Wno-format
-Wno-sign-compare -Wno-format-zero-length -std=gnu89 -fno-dwarf-directory-asm
-fdebug-compilation-dir /home/nathan/src/linux/out-r366151 -ferror-limit 19
-fmessage-length 0 -fwrapv -stack-protector 2 -mstack-alignment=4
-fcf-protection=none -fwchar-type=short -fno-signed-wchar -fobjc-runtime=gcc
-fno-common -fdiagnostics-show-option -fcolor-diagnostics -vectorize-loops
-vectorize-slp -o /tmp/jump_label-e89b10.s -x c ../kernel/jump_label.c
1. <eof> parser at end of file
2. Code generation
3. Running pass 'Function Pass Manager' on module
'../kernel/jump_label.c'.
4. Running pass 'Two-Address instruction pass' on function
'@jump_label_init'
#0 0x0000000002262674 PrintStackTraceSignalHandler(void*)
(/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x2262674)
#1 0x00000000022603f0 llvm::sys::RunSignalHandlers()
(/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x22603f0)
#2 0x0000000002262a78 SignalHandler(int)
(/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x2262a78)
#3 0x00007f7b903d5d00 __restore_rt (/usr/lib/libpthread.so.0+0x13d00)
#4 0x00007f7b8fcc8755 raise (/usr/lib/libc.so.6+0x3a755)
#5 0x00007f7b8fcb3851 abort (/usr/lib/libc.so.6+0x25851)
#6 0x00007f7b8fcb3727 _nl_load_domain.cold (/usr/lib/libc.so.6+0x25727)
#7 0x00007f7b8fcc1026 (/usr/lib/libc.so.6+0x33026)
#8 0x00000000014641d5
llvm::X86InstrInfo::convertToThreeAddress(llvm::ilist_iterator<llvm::ilist_detail::node_options<llvm::MachineBasicBlock,
true, false, void>, false, false>&, llvm::MachineInstr&, llvm::LiveVariables*)
const (/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x14641d5)
#9 0x0000000001bf9ca2 (anonymous
namespace)::TwoAddressInstructionPass::tryInstructionTransform(llvm::MachineInstrBundleIterator<llvm::MachineInstr,
false>&, llvm::MachineInstrBundleIterator<llvm::MachineInstr, false>&, unsigned
int, unsigned int, unsigned int, bool)
(/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x1bf9ca2)
#10 0x0000000001bf7115 (anonymous
namespace)::TwoAddressInstructionPass::runOnMachineFunction(llvm::MachineFunction&)
(/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x1bf7115)
#11 0x000000000198ccfd
llvm::MachineFunctionPass::runOnFunction(llvm::Function&)
(/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x198ccfd)
#12 0x0000000001d0a52c llvm::FPPassManager::runOnFunction(llvm::Function&)
(/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x1d0a52c)
#13 0x0000000001d0a8f8 llvm::FPPassManager::runOnModule(llvm::Module&)
(/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x1d0a8f8)
#14 0x0000000001d0b01f llvm::legacy::PassManagerImpl::run(llvm::Module&)
(/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x1d0b01f)
#15 0x000000000241cfbe clang::EmitBackendOutput(clang::DiagnosticsEngine&,
clang::HeaderSearchOptions const&, clang::CodeGenOptions const&,
clang::TargetOptions const&, clang::LangOptions const&, llvm::DataLayout
const&, llvm::Module*, clang::BackendAction,
std::unique_ptr<llvm::raw_pwrite_stream,
std::default_delete<llvm::raw_pwrite_stream> >)
(/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x241cfbe)
#16 0x0000000002af4f1c
clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&)
(/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x2af4f1c)
#17 0x00000000031973e3 clang::ParseAST(clang::Sema&, bool, bool)
(/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x31973e3)
#18 0x0000000002a68e28 clang::FrontendAction::Execute()
(/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x2a68e28)
#19 0x00000000029d3bf2
clang::CompilerInstance::ExecuteAction(clang::FrontendAction&)
(/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x29d3bf2)
#20 0x0000000002aefb93
clang::ExecuteCompilerInvocation(clang::CompilerInstance*)
(/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x2aefb93)
#21 0x0000000001444e62 cc1_main(llvm::ArrayRef<char const*>, char const*,
void*) (/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x1444e62)
#22 0x0000000001443059 main
(/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x1443059)
#23 0x00007f7b8fcb4ee3 __libc_start_main (/usr/lib/libc.so.6+0x26ee3)
#24 0x00000000014400ee _start
(/home/nathan/cbl/tmp/llvm-r366151/bin/clang-9+0x14400ee)
clang-9: error: unable to execute command: Aborted (core dumped)
clang-9: error: clang frontend command failed due to signal (use -v to see
invocation)
ClangBuiltLinux clang version 9.0.0 (git://github.com/llvm/llvm-project
51193871dafd99e79d7d19f62cffbdcdda238530) (based on LLVM 9.0.0svn)
Target: i386-unknown-linux-gnu
Thread model: posix
InstalledDir: /home/nathan/cbl/tmp/llvm-r366151/bin
clang-9: note: diagnostic msg: PLEASE submit a bug report to
<a href="https://bugs.llvm.org/">https://bugs.llvm.org/</a> and include the crash backtrace, preprocessed source,
and associated run script.
clang-9: note: diagnostic msg:
********************
PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
Preprocessed source(s) and associated run script(s) are located at:
clang-9: note: diagnostic msg: /tmp/jump_label-878b6e.c
clang-9: note: diagnostic msg: /tmp/jump_label-878b6e.sh
clang-9: note: diagnostic msg:
********************
While the stack trace is from clang-9 at r366151, this was reproducible on
trunk a few days ago. I believe that this is directly related to a failure to
boot as r366150 has no issues but r366151 does.
(gdb) lx-dmesg
[ 0.000000] Linux version 5.4.0-rc1+ (nathan@archlinux-threadripper)
(ClangBuiltLinux clang version 10.0.0 (git://github.com/llvm/llvm-project
34f9e98aaecd1dbe58c255119d69b83e1019d7c1) (based on LLVM 10.0.0svn)) #1 SMP Mon
Sep 30 19:24:20 MST 2019
[ 0.000000] x86/fpu: x87 FPU will use FXSAVE
[ 0.000000] BUG: unable to handle page fault for address: 7da8e734
[ 0.000000] #PF: supervisor read access in kernel mode
[ 0.000000] #PF: error_code(0x0000) - not-present page
[ 0.000000] *pde = 00000000
[ 0.000000] Oops: 0000 [#1] SMP
[ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 5.4.0-rc1+ #1
[ 0.000000] EIP: jump_label_cmp+0x5/0x50
[ 0.000000] Code: 70 04 01 cf 01 cb 8b 72 08 29 ce 03 48 08 89 70 08 89 3a
89 5a 04 89 4a 08 5e 5f 5b 5d c3 8d b4 26 00 00 00 00 55 89 e5 57 56 <8b> 48 08
83 e1 fc 8d 74 01 08 8b 4a 08 83 e1 fc 8d 7c 11 08 b9 ff
[ 0.000000] EAX: 7da8e72c EBX: bbde3980 ECX: c1151650 EDX: 7da8e738
[ 0.000000] ESI: bbde3974 EDI: 00000000 EBP: c1d13ed0 ESP: c1d13ec8
[ 0.000000] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00210046
[ 0.000000] CR0: 80050033 CR2: 7da8e734 CR3: 01ec8000 CR4: 00000600
[ 0.000000] Call Trace:
[ 0.000000] sort_r+0x1c5/0x370
[ 0.000000] ? jump_label_text_reserved+0xb0/0xb0
[ 0.000000] sort+0x10/0x20
[ 0.000000] ? jump_label_text_reserved+0xb0/0xb0
[ 0.000000] ? jump_label_swap+0x40/0x40
[ 0.000000] jump_label_init+0x50/0xef
[ 0.000000] ? jump_label_swap+0x40/0x40
[ 0.000000] ? jump_label_text_reserved+0xb0/0xb0
[ 0.000000] setup_arch+0xef/0x5f1
[ 0.000000] ? vprintk_func+0x90/0xa0
[ 0.000000] ? printk+0x1e/0x40
[ 0.000000] start_kernel+0x5d/0x363
[ 0.000000] i386_start_kernel+0x20f/0x211
[ 0.000000] startup_32_smp+0x164/0x168
[ 0.000000] Modules linked in:
[ 0.000000] CR2: 000000007da8e734
[ 0.000000] random: get_random_bytes called from oops_exit+0x3b/0x70 with
crng_init=0
[ 0.000000] ---[ end trace 0000000000000000 ]---
[ 0.000000] EIP: jump_label_cmp+0x5/0x50
[ 0.000000] Code: 70 04 01 cf 01 cb 8b 72 08 29 ce 03 48 08 89 70 08 89 3a
89 5a 04 89 4a 08 5e 5f 5b 5d c3 8d b4 26 00 00 00 00 55 89 e5 57 56 <8b> 48 08
83 e1 fc 8d 74 01 08 8b 4a 08 83 e1 fc 8d 7c 11 08 b9 ff
[ 0.000000] EAX: 7da8e72c EBX: bbde3980 ECX: c1151650 EDX: 7da8e738
[ 0.000000] ESI: bbde3974 EDI: 00000000 EBP: c1d13ed0 ESP: c1d13ec8
[ 0.000000] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00210046
[ 0.000000] CR0: 80050033 CR2: 7da8e734 CR3: 01ec8000 CR4: 00000600
[ 0.000000] Kernel panic - not syncing: Attempted to kill the idle task!
[ 0.000000] ---[ end Kernel panic - not syncing: Attempted to kill the idle
task! ]---
When creducing the crash from jump_label.o, it spits out:
a() {
int b, c = &b;
d(c - (long)a);
for (; a < &b;)
;
}
Which I believe comes from jump_label_init:
<a href="https://github.com/torvalds/linux/blob/54ecb8f7028c5eb3d740bb82b0f1d90f2df63c5c/kernel/jump_label.c#L453-L496">https://github.com/torvalds/linux/blob/54ecb8f7028c5eb3d740bb82b0f1d90f2df63c5c/kernel/jump_label.c#L453-L496</a>
Should you need to reproduce this within the Linux kernel source code:
make -j$(nproc) ARCH=i386 CC=clang O=out distclean defconfig
kernel/jump_label.o
is enough on the latest tip of tree.
Further information/files:
<a href="https://github.com/ClangBuiltLinux/continuous-integration/pull/182">https://github.com/ClangBuiltLinux/continuous-integration/pull/182</a>
<a href="https://github.com/ClangBuiltLinux/linux/issues/726">https://github.com/ClangBuiltLinux/linux/issues/726</a>
<a href="https://github.com/nathanchance/creduce-files/tree/a9eeba779a6c6ec2af500c4936aa18f3cb4599a9/cbl-718">https://github.com/nathanchance/creduce-files/tree/a9eeba779a6c6ec2af500c4936aa18f3cb4599a9/cbl-718</a></pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are on the CC list for the bug.</li>
</ul>
</body>
</html>