[clang] [clang] Increase the default expression nesting limit (PR #104717)

Tue Aug 20 15:49:08 PDT 2024

dyung wrote:

We are also seeing the test `Parser/parser_overflow.c` failing when run with ASan or UBSan. Running with `-fbracket-depth` options, I find that on my linux box, the test starts to segfault when the value is >= 1022:
```
dyung at aldebaran:~/src/upstream/llvm_clean_git/clang/test/Parser$ ~/src/upstream/7597e09-linux/bin/clang -fsyntax-only -DHUGE 2>&1 parser_overflow.c -fbracket-depth=1021
parser_overflow.c:11:1025: fatal error: bracket nesting level exceeded maximum of 1021
parser_overflow.c:11:1025: note: use -fbracket-depth=N to increase maximum nesting level
1 error generated.

dyung at aldebaran:~/src/upstream/llvm_clean_git/clang/test/Parser$ ~/src/upstream/7597e09-linux/bin/clang -fsyntax-only -DHUGE 2>&1 parser_overflow.c -fbracket-depth=1022
Segmentation fault (core dumped)
```

The test when run as-is with the ASan enabled compiler produces a stack trace that looks like this (snipped for brevity):
```
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.      Program arguments: /home/dyung/src/upstream/7597e09-linux/bin/clang -cc1 -internal-isystem /home/dyung/src/upstream/7597e09-linux/lib/clang/20/include -nostdsysteminc /home/dyung/src/upstream/llvm_clean_git/clang/test/Parser/parser_overflow.c -fsyntax-only -DHUGE
1.      /home/dyung/src/upstream/llvm_clean_git/clang/test/Parser/parser_overflow.c:11:1028: current parser token '{'
2.      /home/dyung/src/upstream/llvm_clean_git/clang/test/Parser/parser_overflow.c:8:16: parsing function body 'foo'
3.      /home/dyung/src/upstream/llvm_clean_git/clang/test/Parser/parser_overflow.c:8:16: in compound statement ('{}')
4.      /home/dyung/src/upstream/llvm_clean_git/clang/test/Parser/parser_overflow.c:11:5: in compound statement ('{}')
5.      /home/dyung/src/upstream/llvm_clean_git/clang/test/Parser/parser_overflow.c:11:6: in compound statement ('{}')

...

1024.   /home/dyung/src/upstream/llvm_clean_git/clang/test/Parser/parser_overflow.c:11:1025: in compound statement ('{}')
1025.   /home/dyung/src/upstream/llvm_clean_git/clang/test/Parser/parser_overflow.c:11:1026: in compound statement ('{}')
1026.   /home/dyung/src/upstream/llvm_clean_git/clang/test/Parser/parser_overflow.c:11:1027: in compound statement ('{}')
  #0 0x00007fd6fc4d4d40 __interceptor_backtrace.part.0 /build/gcc-9-9QDOt0/gcc-9-9.4.0/build/x86_64-linux-gnu/libsanitizer/asan/../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:4022:28
  #1 0x0000558bf98f07e2 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/home/dyung/src/upstream/7597e09-linux/bin/clang+0x93707e2)
  #2 0x0000558bf98e0dbf llvm::sys::RunSignalHandlers() (/home/dyung/src/upstream/7597e09-linux/bin/clang+0x9360dbf)
  #3 0x0000558bf98e1585 SignalHandler(int) Signals.cpp:0:0
  #4 0x00007fd6fc459420 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x14420)
  #5 0x0000558c0531a96c clang::Parser::ParseStatementOrDeclarationAfterAttributes(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*, clang::ParsedAttributes&, clang::ParsedAttributes&) (/home/dyung/src/upstream/7597e09-linux/bin/clang+0x14d9a96c)
  #6 0x0000558c05323ce3 clang::Parser::ParseStatementOrDeclaration(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*) (/home/dyung/src/upstream/7597e09-linux/bin/clang+0x14da3ce3)
  #7 0x0000558c05328f3f clang::Parser::ParseCompoundStatementBody(bool) (/home/dyung/src/upstream/7597e09-linux/bin/clang+0x14da8f3f)
  #8 0x0000558c0532acfd clang::Parser::ParseCompoundStatement(bool, unsigned int) (/home/dyung/src/upstream/7597e09-linux/bin/clang+0x14daacfd)
  #9 0x0000558c0531af45 clang::Parser::ParseStatementOrDeclarationAfterAttributes(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*, clang::ParsedAttributes&, clang::ParsedAttributes&) (/home/dyung/src/upstream/7597e09-linux/bin/clang+0x14d9af45)
 #10 0x0000558c05323ce3 clang::Parser::ParseStatementOrDeclaration(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*) (/home/dyung/src/upstream/7597e09-linux/bin/clang+0x14da3ce3)
 #11 0x0000558c05328f3f clang::Parser::ParseCompoundStatementBody(bool) (/home/dyung/src/upstream/7597e09-linux/bin/clang+0x14da8f3f)
 #12 0x0000558c0532acfd clang::Parser::ParseCompoundStatement(bool, unsigned int) (/home/dyung/src/upstream/7597e09-linux/bin/clang+0x14daacfd)

... (Repeats many times)

#253 0x0000558c0531af45 clang::Parser::ParseStatementOrDeclarationAfterAttributes(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*, clang::ParsedAttributes&, clang::ParsedAttributes&) (/home/dyung/src/upstream/7597e09-linux/bin/clang+0x14d9af45)
#254 0x0000558c05323ce3 clang::Parser::ParseStatementOrDeclaration(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*) (/home/dyung/src/upstream/7597e09-linux/bin/clang+0x14da3ce3)
#255 0x0000558c05328f3f clang::Parser::ParseCompoundStatementBody(bool) (/home/dyung/src/upstream/7597e09-linux/bin/clang+0x14da8f3f)
AddressSanitizer:DEADLYSIGNAL
=================================================================
==251308==ERROR: AddressSanitizer: stack-overflow on address 0x7fff60f79d48 (pc 0x558c0531a96c bp 0x7fff60f7ac20 sp 0x7fff60f79c90 T0)
    #0 0x558c0531a96b in clang::Parser::ParseStatementOrDeclarationAfterAttributes(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*, clang::ParsedAttributes&, clang::ParsedAttributes&) (/home/dyung/src/upstream/7597e09-linux/bin/clang-20+0x14d9a96b)
    #1 0x558c05323ce2 in clang::Parser::ParseStatementOrDeclaration(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*) (/home/dyung/src/upstream/7597e09-linux/bin/clang-20+0x14da3ce2)
    #2 0x558c05328f3e in clang::Parser::ParseCompoundStatementBody(bool) [clone .localalias] (/home/dyung/src/upstream/7597e09-linux/bin/clang-20+0x14da8f3e)
    #3 0x558c0532acfc in clang::Parser::ParseCompoundStatement(bool, unsigned int) (/home/dyung/src/upstream/7597e09-linux/bin/clang-20+0x14daacfc)
    #4 0x558c0531af44 in clang::Parser::ParseStatementOrDeclarationAfterAttributes(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*, clang::ParsedAttributes&, clang::ParsedAttributes&) (/home/dyung/src/upstream/7597e09-linux/bin/clang-20+0x14d9af44)
    #5 0x558c05323ce2 in clang::Parser::ParseStatementOrDeclaration(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*) (/home/dyung/src/upstream/7597e09-linux/bin/clang-20+0x14da3ce2)
    #6 0x558c05328f3e in clang::Parser::ParseCompoundStatementBody(bool) [clone .localalias] (/home/dyung/src/upstream/7597e09-linux/bin/clang-20+0x14da8f3e)
    #7 0x558c0532acfc in clang::Parser::ParseCompoundStatement(bool, unsigned int) (/home/dyung/src/upstream/7597e09-linux/bin/clang-20+0x14daacfc)

...

    #244 0x558c0531af44 in clang::Parser::ParseStatementOrDeclarationAfterAttributes(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*, clang::ParsedAttributes&, clang::ParsedAttributes&) (/home/dyung/src/upstream/7597e09-linux/bin/clang-20+0x14d9af44)
    #245 0x558c05323ce2 in clang::Parser::ParseStatementOrDeclaration(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*) (/home/dyung/src/upstream/7597e09-linux/bin/clang-20+0x14da3ce2)
    #246 0x558c05328f3e in clang::Parser::ParseCompoundStatementBody(bool) [clone .localalias] (/home/dyung/src/upstream/7597e09-linux/bin/clang-20+0x14da8f3e)
    #247 0x558c0532acfc in clang::Parser::ParseCompoundStatement(bool, unsigned int) (/home/dyung/src/upstream/7597e09-linux/bin/clang-20+0x14daacfc)
    #248 0x558c0531af44 in clang::Parser::ParseStatementOrDeclarationAfterAttributes(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*, clang::ParsedAttributes&, clang::ParsedAttributes&) (/home/dyung/src/upstream/7597e09-linux/bin/clang-20+0x14d9af44)

SUMMARY: AddressSanitizer: stack-overflow (/home/dyung/src/upstream/7597e09-linux/bin/clang-20+0x14d9a96b) in clang::Parser::ParseStatementOrDeclarationAfterAttributes(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*, clang::ParsedAttributes&, clang::ParsedAttributes&)
==251308==ABORTING
```

https://github.com/llvm/llvm-project/pull/104717