<html>
<head>
<base href="https://bugs.llvm.org/">
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - Crash when using LLVM10 built with MSVC for x86-32 Debug"
href="https://bugs.llvm.org/show_bug.cgi?id=46176">46176</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>Crash when using LLVM10 built with MSVC for x86-32 Debug
</td>
</tr>
<tr>
<th>Product</th>
<td>libraries
</td>
</tr>
<tr>
<th>Version</th>
<td>10.0
</td>
</tr>
<tr>
<th>Hardware</th>
<td>PC
</td>
</tr>
<tr>
<th>OS</th>
<td>Windows NT
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>normal
</td>
</tr>
<tr>
<th>Priority</th>
<td>P
</td>
</tr>
<tr>
<th>Component</th>
<td>Backend: X86
</td>
</tr>
<tr>
<th>Assignee</th>
<td>unassignedbugs@nondot.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>srj@google.com
</td>
</tr>
<tr>
<th>CC</th>
<td>craig.topper@gmail.com, llvm-bugs@lists.llvm.org, llvm-dev@redking.me.uk, spatel+llvm@rotateright.com
</td>
</tr></table>
<p>
<div>
<pre>(Reporting on behalf of Alex Reinking, who found this while debugging Halide:)
# Overview:
There is an apparently 100% reproducible crash when using LLVM 10 build using
MSVC 2017 or 2019, for Windows x86 (32-bit), Debug mode only.
The crash appears due to a double-free in the destructor of SmallVector,
perhaps due to a bug in the copy/move/operator= operations of SmallVector. In
particular, the object whose destructor triggers the crash is a lambda
capture-by-value clone of a small-vector that was initially created on the
stack.
The stack trace looks like:
```
ntdll.dll!77289c43() Unknown
ntdll.dll![Frames below may be incorrect and/or missing, no symbols loaded
for ntdll.dll] Unknown
[External Code]
<span class="quote">> demo.exe!llvm::SmallVectorImpl<llvm::LLT>::~SmallVectorImpl<llvm::LLT>() Line 336 C++</span >
demo.exe!llvm::SmallVector<llvm::LLT,4>::~SmallVector<llvm::LLT,4>() Line
844 C++
[External Code]
demo.exe!llvm::LegalityPredicates::all<std::function<bool
__cdecl(llvm::LegalityQuery const &)>>(std::function<bool
__cdecl(llvm::LegalityQuery const &)> P0, std::function<bool
__cdecl(llvm::LegalityQuery const &)> P1) Line 194 C++
demo.exe!llvm::LegalizeRuleSet::actionForCartesianProduct(llvm::LegalizeActions::LegalizeAction
Action, std::initializer_list<llvm::LLT> Types0,
std::initializer_list<llvm::LLT> Types1) Line 448 C++
demo.exe!llvm::LegalizeRuleSet::legalForCartesianProduct(std::initializer_list<llvm::LLT>
Types0, std::initializer_list<llvm::LLT> Types1) Line 518 C++
demo.exe!main() Line 15 C++
```
In the debugger output window we see: `Invalid address specified to
RtlValidateHeap( 02150000, 01B5ECC8 )`, which looks a lot like it's trying to
free a stack address. The 2nd argument is the pointer passed to free (stored in
SmallVector's BeginX field).
# Steps To Repeat:
Note that Visual Studio 16.6.x (the latest) exposes a bug in LLVM that has now
been patched, but prevents it from compiling. The instructions below use Visual
Studio 15.9.23 (2017) instead.
## Without vcpkg
Get and compile LLVM:
```
D:\>"C:\Program Files (x86)\Microsoft Visual
Studio\2017\Community\VC\Auxiliary\Build\vcvarsall.bat" amd64_x86
D:\>git clone <a href="https://github.com/llvm/llvm-project.git">https://github.com/llvm/llvm-project.git</a> --depth 1 -b
release/10.x
D:\>mkdir llvm-x86
D:\llvm-x86>cmake -G Ninja ^
-DCMAKE_BUILD_TYPE=Debug ^
-DCMAKE_INSTALL_PREFIX=../llvm-x86-install ^
-DLLVM_ENABLE_TERMINFO=OFF ^
-DLLVM_TARGETS_TO_BUILD=X86 ^
-DLLVM_ENABLE_ASSERTIONS=ON ^
-DLLVM_ENABLE_EH=ON ^
-DLLVM_ENABLE_RTTI=ON ^
-DLLVM_BUILD_32_BITS=ON ^
..\llvm-project\llvm
D:\llvm-x86>cmake --build . --target install
D:\llvm-x86>cd ..
D:\>cd this-gist
D:\this-gist>mkdir build
D:\this-gist\build>cmake -G Ninja -DCMAKE_BUILD_TYPE=Debug
-DCMAKE_PREFIX_PATH=D:/llvm-x86-install ..
D:\this-gist\build>demo
BOOM!
```
## With vcpkg
Compile with:
```
<span class="quote">> mkdir build
> cd build
> cmake -G Ninja -DCMAKE_BUILD_TYPE=Debug -DCMAKE_TOOLCHAIN_FILE=D:/vcpkg/scripts/buildsystems/vcpkg.cmake ..</span >
```
Compiler info:
```
Microsoft (R) C/C++ Optimizing Compiler Version 19.26.28806 for x86
Copyright (C) Microsoft Corporation. All rights reserved.
```
CMake info:
```
cmake version 3.17.2
```
vcpkg list (only x86-windows is relevant):
```
glew:x64-windows 2.1.0-7 The OpenGL
Extension Wrangler Library (GLEW) is ...
glew:x86-windows 2.1.0-7 The OpenGL
Extension Wrangler Library (GLEW) is ...
libjpeg-turbo:x64-windows 2.0.4
libjpeg-turbo is a JPEG image codec that uses SI...
libjpeg-turbo:x86-windows 2.0.4
libjpeg-turbo is a JPEG image codec that uses SI...
libpng:x64-windows 1.6.37-7 libpng is a
library implementing an interface fo...
libpng:x86-windows 1.6.37-7 libpng is a
library implementing an interface fo...
llvm:x64-windows 10.0.0 The LLVM
Compiler Infrastructure
llvm:x86-windows 10.0.0 The LLVM
Compiler Infrastructure
llvm[clang-tools-extra]:x64-windows Build Clang
tools.
llvm[clang-tools-extra]:x86-windows Build Clang
tools.
llvm[clang]:x64-windows Build C
Language Family Front-end.
llvm[clang]:x86-windows Build C
Language Family Front-end.
llvm[disable-abi-breaking-checks]:x64-windows Build LLVM
with LLVM_ABI_BREAKING_CHECKS=FORCE_OFF.
llvm[disable-abi-breaking-checks]:x86-windows Build LLVM
with LLVM_ABI_BREAKING_CHECKS=FORCE_OFF.
llvm[disable-assertions]:x64-windows Build LLVM
without assertions.
llvm[disable-assertions]:x86-windows Build LLVM
without assertions.
llvm[disable-clang-static-analyzer]:x64-windows Build
without static analyzer.
llvm[disable-clang-static-analyzer]:x86-windows Build
without static analyzer.
llvm[enable-rtti]:x64-windows Build LLVM
with run-time type information.
llvm[enable-rtti]:x86-windows Build LLVM
with run-time type information.
llvm[lld]:x64-windows Build LLVM
linker.
llvm[lld]:x86-windows Build LLVM
linker.
llvm[target-all]:x64-windows Build with
all backends.
llvm[target-all]:x86-windows Build with
all backends.
llvm[tools]:x64-windows Build LLVM
tools.
llvm[tools]:x86-windows Build LLVM
tools.
openblas:x64-windows 0.3.9-1 OpenBLAS is
an optimized BLAS library based on G...
opencl:x64-windows 2.2-2 C/C++
headers and ICD loader (Installable Client...
opengl:x64-windows 0.0-5 Open
Graphics Library (OpenGL)[3][4][5] is a cro...
opengl:x86-windows 0.0-5 Open
Graphics Library (OpenGL)[3][4][5] is a cro...
zlib:x64-windows 1.2.11-6 A
compression library
zlib:x86-windows 1.2.11-6 A
compression library
```</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are on the CC list for the bug.</li>
</ul>
</body>
</html>