<table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Issue</th>
<td>
<a href=https://github.com/llvm/llvm-project/issues/106576>106576</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>
Crash on code with StmtExpr and atomic char load in `Expr::EvaluateAsRValue`
</td>
</tr>
<tr>
<th>Labels</th>
<td>
new issue
</td>
</tr>
<tr>
<th>Assignees</th>
<td>
</td>
</tr>
<tr>
<th>Reporter</th>
<td>
michael-jabbour-sonarsource
</td>
</tr>
</table>
<pre>
The following example crashes `clang-16`, `clang-17` and `clang-18`:
```c
typedef _Atomic char atomic_char;
atomic_char counter;
char load_plus_one() {
return ({counter;}) + 1;
}
```
See [on Compiler Explorer](https://godbolt.org/z/s6hxnY518).
The crash seems reproducible on release builds on Ubuntu 22 installed from apt.llvm.org, but I can't observe it on non-asserted builds on Compiler Explorer for some reason...
<details>
<summary>Stack trace</summary>
```
$ clang-18 -fsyntax-only minimal.c
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0. Program arguments: clang-18 -fsyntax-only minimal.c
1. minimal.c:6:26: current parser token ';'
2. minimal.c:5:22: parsing function body 'load_plus_one'
3. minimal.c:5:22: in compound statement ('{}')
Stack dump without symbol names (ensure you have llvm-symbolizer in your PATH or set the environment var `LLVM_SYMBOLIZER_PATH` to point to it):
0 libLLVM-18.so.18.1 0x000079cec1794716 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) + 54
1 libLLVM-18.so.18.1 0x000079cec17926d0 llvm::sys::RunSignalHandlers() + 80
2 libLLVM-18.so.18.1 0x000079cec16e41f0
3 libc.so.6 0x000079cec0242520
4 libclang-cpp.so.18.1 0x000079cec90da059
5 libclang-cpp.so.18.1 0x000062b1379df1f8
clang-18: error: clang frontend command failed with exit code 139 (use -v to see invocation)
Ubuntu clang version 18.1.8 (++20240731024944+3b5b5c1ec4a3-1~exp1~20240731145000.144)
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
clang-18: note: diagnostic msg:
```
I am able to get a better stack trace on clang-16:
```
$ clang-16 -fsyntax-only minimal.c
*** stack smashing detected ***: terminated
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0. Program arguments: clang-16 -fsyntax-only minimal.c
1. minimal.c:6:26: current parser token ';'
2. minimal.c:5:22: parsing function body 'load_plus_one'
3. minimal.c:5:22: in compound statement ('{}')
Stack dump without symbol names (ensure you have llvm-symbolizer in your PATH or set the environment var `LLVM_SYMBOLIZER_PATH` to point to it):
0 libLLVM-16.so.1 0x0000794646bbec16 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) + 54
1 libLLVM-16.so.1 0x0000794646bbcdb0 llvm::sys::RunSignalHandlers() + 80
2 libLLVM-16.so.1 0x0000794646afd600
3 libc.so.6 0x0000794645442520
4 libc.so.6 0x00007946454969fc pthread_kill + 300
5 libc.so.6 0x0000794645442476 raise + 22
6 libc.so.6 0x00007946454287f3 abort + 211
7 libc.so.6 0x0000794645489676
8 libc.so.6 0x000079464553659a __fortify_fail + 42
9 libc.so.6 0x0000794645536566
10 libclang-cpp.so.16 0x000079464e2f1cde
11 libclang-cpp.so.16 0x000079464e2daf1b
12 libclang-cpp.so.16 0x000079464e2f1307
13 libclang-cpp.so.16 0x000079464e2af018
14 libclang-cpp.so.16 0x000079464e2d67a2
15 libclang-cpp.so.16 0x000079464e2af018
16 libclang-cpp.so.16 0x000079464e2acaf0
17 libclang-cpp.so.16 0x000079464e2a8bca clang::Expr::EvaluateAsRValue(clang::Expr::EvalResult&, clang::ASTContext const&, bool) const + 602
18 libclang-cpp.so.16 0x000079464e7e5412
19 libclang-cpp.so.16 0x000079464e7e2255
20 libclang-cpp.so.16 0x000079464e7d6995
21 libclang-cpp.so.16 0x000079464e7d901f clang::Sema::CheckCompletedExpr(clang::Expr*, clang::SourceLocation, bool) + 207
22 libclang-cpp.so.16 0x000079464eb14604 clang::Sema::ActOnFinishFullExpr(clang::Expr*, clang::SourceLocation, bool, bool, bool) + 324
23 libclang-cpp.so.16 0x000079464ecf0db5 clang::Sema::BuildReturnStmt(clang::SourceLocation, clang::Expr*, bool) + 2485
24 libclang-cpp.so.16 0x000079464ecf033e clang::Sema::ActOnReturnStmt(clang::SourceLocation, clang::Expr*, clang::Scope*) + 94
25 libclang-cpp.so.16 0x000079464e0748b6 clang::Parser::ParseReturnStatement() + 326
26 libclang-cpp.so.16 0x000079464e06eee9 clang::Parser::ParseStatementOrDeclarationAfterAttributes(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*, clang::ParsedAttributes&, clang::ParsedAttributes&) + 2649
27 libclang-cpp.so.16 0x000079464e06e25d clang::Parser::ParseStatementOrDeclaration(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*) + 349
28 libclang-cpp.so.16 0x000079464e0766f0 clang::Parser::ParseCompoundStatementBody(bool) + 1600
29 libclang-cpp.so.16 0x000079464e0777af clang::Parser::ParseFunctionStatementBody(clang::Decl*, clang::Parser::ParseScope&) + 175
30 libclang-cpp.so.16 0x000079464e091910 clang::Parser::ParseFunctionDefinition(clang::ParsingDeclarator&, clang::Parser::ParsedTemplateInfo const&, clang::Parser::LateParsedAttrList*) + 3376
31 libclang-cpp.so.16 0x000079464dfe1832 clang::Parser::ParseDeclGroup(clang::ParsingDeclSpec&, clang::DeclaratorContext, clang::ParsedAttributes&, clang::SourceLocation*, clang::Parser::ForRangeInit*) + 4802
32 libclang-cpp.so.16 0x000079464e090a47 clang::Parser::ParseDeclOrFunctionDefInternal(clang::ParsedAttributes&, clang::ParsedAttributes&, clang::ParsingDeclSpec&, clang::AccessSpecifier) + 1031
33 libclang-cpp.so.16 0x000079464e090469 clang::Parser::ParseDeclarationOrFunctionDefinition(clang::ParsedAttributes&, clang::ParsedAttributes&, clang::ParsingDeclSpec*, clang::AccessSpecifier) + 457
34 libclang-cpp.so.16 0x000079464e08f707 clang::Parser::ParseExternalDeclaration(clang::ParsedAttributes&, clang::ParsedAttributes&, clang::ParsingDeclSpec*) + 1943
35 libclang-cpp.so.16 0x000079464e08daae clang::Parser::ParseTopLevelDecl(clang::OpaquePtr<clang::DeclGroupRef>&, clang::Sema::ModuleImportState&) + 1182
36 libclang-cpp.so.16 0x000079464dfcd75e clang::ParseAST(clang::Sema&, bool, bool) + 718
37 libclang-cpp.so.16 0x000079464fbe5565 clang::FrontendAction::Execute() + 85
38 libclang-cpp.so.16 0x000079464fb62754 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) + 724
39 libclang-cpp.so.16 0x000079464fc5dfe4 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) + 660
40 clang-16 0x000057ac82bf7f4c cc1_main(llvm::ArrayRef<char const*>, char const*, void*) + 2348
41 clang-16 0x000057ac82bf51f0
42 libclang-cpp.so.16 0x000079464f83e9a2
43 libLLVM-16.so.1 0x0000794646afd39c llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>) + 140
44 libclang-cpp.so.16 0x000079464f83e0c3 clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const + 355
45 libclang-cpp.so.16 0x000079464f809922 clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&, clang::driver::Command const*&, bool) const + 866
46 libclang-cpp.so.16 0x000079464f809b7e clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&, bool) const + 142
47 libclang-cpp.so.16 0x000079464f8242fd clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&) + 349
48 clang-16 0x000057ac82bf48b5 clang_main(int, char**) + 11541
49 libc.so.6 0x0000794645429d90
50 libc.so.6 0x0000794645429e40 __libc_start_main + 128
51 clang-16 0x000057ac82bf1855 _start + 37
clang: error: clang frontend command failed with exit code 134 (use -v to see invocation)
Ubuntu clang version 16.0.6 (++20231112100510+7cbf1a259152-1~exp1~20231112100554.106)
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
clang: note: diagnostic msg:
```
</details>
</pre>
<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJzsWk9v47iS_zTKhYhBUv8POThOspNBBt1IsgPMXgyKKtmclkgtSaWdOcxnX5CSHNmJrd7uefMe8F4jaMtSFesPq35VKpoZIzYS4CqIr4P45oJ1dqv0VSP4lkF9-TsrCtXpS6Mk00Z1msNFocrXq-ctoErVtfoq5AbBjjVtDYhrZrZgUJBgXjO5uSRJkOCAriZ30iDBiMlycitzROEywDcBHv9PcP_H--_2tYUSKrReWtUIjviWacT89dpdB-H1lH3yBHHVSQvHFP5RrVi5buvOrJWEgGYBzVGQDnRIg-20RO5-ej1ZJb3xdPQakbdF05sjxafCngBQEF8riVaqaUUNGt3u2lpp0EF8E9Bsa21rnAvoXUDvNqosVG0XSm8CevdHQO9Mst3J32LiNFxMV3b74L2ODEBjkIZWq7LjoqgBKYk01MAMoKITdWncnf8uOmk7RCkS0lhW11CiSqsGsdYu6vql6cWuUNFZdI84kwFNLVKFAf0CSFi3iFTykhkD2kI5WfuddahSGhnVANLAjJKLxYH2QbgqwTJRmyC8HbyOgnBluqZh-jUIb58s41-Q1YxDEK6cJ_aPPgyX4SuN0Bhb6LIyr9Ky3aWS9StqhBQNqxdDXH1-uF0-3SLTFY2wiKGi2zgfKm2RVehoW4TddsWCqyagd85Tw8dlq9XvwG1A74QxHZiA3vkIF5LXXQnI7jepYPxLbwxdodZvFgdjoER9crnbjpMZo7hgzru6k8hwLVo7uK53Sdk17T5n8CLA-WetNpo1iOlN14C0TvFv9AJx_G_3wmUShEua-AU6rUFa1DJtQCOrvoBLidRFPk17dnrMHjt26tgdm0OIqpPcCiWRQw_Hf5R6w0rh6ZWERFw1repkiYxlFpyNPjlp6nLWZWUa0PzYSeirsFvVWWRem0LVSLLGIRTNQJpOA3pVHdqyF0B-K3si8QdoJ_BVdRp9Xj7_hFwYg_U7CfJFaCW9-BemHY49PPz6y_rpt1-uPz3c_8_t49qxOJizCrVKSB9Lwjrl9juGalE4tkuSLYxakGxBEEJ4hzHGac6BkzSPUpJ4tRxbuDSvpr_4rIW03sLnPpayNyLNvq6VsRpYE9DExZOQdsSrOBr2-1uk06TEH0l_7OST2EhW_8RkWYM2I3DSa5QNCUjRvIQEIlIN9KGn544ymRJhGtGYDkRRT-QjmrftftkJfY5LhuMhBuJz5AktSJjmZUWqbKgIYzEKlwi0VnqfPw4fpQVZughsXH5WTDjcdKGFYCcs4qoERELnhawzgC5f3J4bACTki-LMxf4-OAcI7td-AW1cYjjdFlkf0NcBvaaYRjgNCaZRHkUBvQ6LuIg5AR6x8JL8CbuW_DkSkSjGGC-IIxyEPDO9Aets2GXJOokuW35ZC9ntLjeyG4uHBlaiRpVQ-2RVRuz6R_djbbgR3g8BveuMDuhdIeR7d0llwX2Wgm2kMlZw1JiN5_sInu-RgylXoaxCG_C4C9aCdok9wr2rJ_smIpzF-eQ8wgV0-BtEmIaZrQOmEixwh7N7Cqe2Bd0I6fD336pMzDjxP2Xin1gmEg9gaAKiURIlReGQ9B9dJE7J5mXxl5SIj9dnVZngcwUiSqI4el8geqL9vwPqPMkrjlrrkW_9RdS1Vyoc5cTzS0Q0ShOkmTDgeSntWZOTKtIsrULECgcXnoOQniU9yZLlSZr0RNmsSnGYxDlD63WltBXV69qVJy8pGnTLv2mNZJBI8PvKeaAf0IrwEgZqMktdsooUAzX9hrVDPCQ6CWepWYXJUMFJNK9JkrLBJ-SD_uDM2sk8NWdjP0PSeeqs4KwH3j5pbnetHq5eWN0xC0vz-CurO5e7J-kewXS1HbJ4QrV8el65pmXnehNpRopCqdplor_nQyTBoz-yOZ1TiCMyUufz1JTG8ZDssxGVlkmej9SzEZWWOSbV1N4naFh_tdoC_-LeRGuwUHpvvfefq_QH_nryhfVh36q9ucpn7BiQdDZ8CxIlOPpYtSW3n-SdkMJs77q6_lHdjj97XUM6ADidTR5e4bKIP9b12r3VP_oRyJNt7KGe7zX62IgDH0bZuL-zecorHIZwxok_qtiUhasW_O1ez3x03yw-4DTKimS61mff_kyuRz2HRmRSB0M6oC2dRRacAEB-Vs5ewid9A7xm2tu_rCzopbVaFJ11DeekB3hqWF3_Cty6F53V1B_eqd5LIe2C8PY9uLwTXzqmAW9mgvfY_T3_VMkPpR1TDDGVREMnR2cRFydA4_I7vPiv4rYhbvYWz-I1TpOkwmc1WA298t7ya1W-BjSbJi7Zd2F0FvRxmqasOivybujxj0VOeJzzT0TKwXb1mbuPBpIOABPOlhuck5ycd82o5w1UQoohEI4YhNyMgaL0t2z4MzRtzSzcy0odFOYTXA_Mwlv8Pwhjp6EQjj1iOFcxywpIFtKzyjlL_kurrj1p51ML_L2-bx74OJTnM_ybMGJQ9U7pRyY3cC_F1BdRNvYx4WyJxjlmUTrri096EgL30oKWrH7vm-8Ar3cUZ_275O7l3z0TlQC9j3YcDq8R4WyhxzmOkvMVZAJ4B4afjP2_3O7jXT9hdxSPU4DZNgJnVYrPb_Ttrt_XQ7z_G0wdNjGPwsGa-XYjKxmDs9Y8q_YBXqDuAXRqxqeW_W8Hn-1R1drn_CNUH9ast77rF1V2Ndw3rdLWY_cUeUk2Zt9cN1NWvEzj92Ysn56PWjknefrWcthOpuObWThX-asC4jg5aHPvhoHu0kf52B0C7yxMRxVjOZmrtFWR0DQ-aPrHozA_SJUcDmQMYg_MPVLpzbfp2M-Hc9W34nFZQXTY8nqBb9q8DaOzc9q-RWgyDlsj_DYmPJ4hxCnjGS2qtIo44pysGyYO-6al1uzVB9lqOJWVfS1zQbdCh_foCr0oUU60oGE0bHdE5tWI9wcL0VwxqLIQ8nEkEIXvZlJHA6kw55OB10ozs30Erl5Av47Fbz8BYxXUrwdOGMeba-0d4WzsR5O5d8OQS9Go-xy-Od0xD6f7XWrxMiLCakVW_XnFcYB_uC3GDnSqdTqyOghXk77XaiE3A0r0e7ZnWK_5bkdI_6VgRvC18eTDZh8Quxtrq5mwZnx8tByraxekfYM9PHckkzfK5eEMIxznDNEciFYZznNKT7rM5wF7BwqjHw-S5ojRHwydaOnOkC5PTmaycR4XzWGqs6pI4f9r1c-qMKdN-lkVrt88MOnD96D7pq2n8dMy4bbOj5S_3QvDJp_wBRknmdEs2mc0olV5Su7N5PoAHD9AxVM-_Bt9cfTOF2Xz4Bdl40hnROFRuk_F5bT7IHE09JBRPjv4pnmZj2NyfHLWnUOE0XrtHq-NZdp6LXpxdMDweILhh8qTLI5Rz9dbnk5OG3_kZDb6gZPZZIEXycHJbEgIoQTjmOCAXqe8qAijcU5iOjmZ3RPF0YLg5O89mf2OY9n-BzZvP8i5KK_CMg9zdgFXJKVRHiVpSi62VzQFXlUsT0hIMsjDImO4SjmuaEzStCguxJU_mM5oTuKYxmSRsTiGKCFVDFGW5TSIMDRM1PsfHF34I9ErgpM4TS5qVkBt_G_SKJXwFfmnAaVBfHOhr_wRXNFtTBDhWhhr3paxwtZw5euyP0B2m-9j4ck29nbX6v7cdPIjslqxErkATfCZCXyCLzpdX33_Se9g2csV_b8AAAD__1pj0cQ">