[llvm-bugs] [Bug 46366] New: clang++ segmentation fault compiling firefox>=76
via llvm-bugs
llvm-bugs at lists.llvm.org
Wed Jun 17 08:32:09 PDT 2020
https://bugs.llvm.org/show_bug.cgi?id=46366
Bug ID: 46366
Summary: clang++ segmentation fault compiling firefox>=76
Product: clang
Version: 10.0
Hardware: All
OS: NetBSD
Status: NEW
Severity: release blocker
Priority: P
Component: -New Bugs
Assignee: unassignedclangbugs at nondot.org
Reporter: tk at giga.or.at
CC: htmldeveloper at gmail.com, llvm-bugs at lists.llvm.org,
neeilans at live.com, richard-llvm at metafoo.co.uk
Created attachment 23623
--> https://bugs.llvm.org/attachment.cgi?id=23623&action=edit
creduced test case
When building firefox>=76 on NetBSD 9.99.63 with clang 10.0.0nb2 from pkgsrc, I
get a segmentation fault (firefox 75 builds fine).
Stack dump:
0. Program arguments: /usr/pkg/bin/clang++ -std=gnu++17 -o
Unified_cpp_layout_style4.o -c
-I/scratch/www/firefox/work/build/dist/stl_wrappers
-I/scratch/www/firefox/work/build/dist/system_wrappers -include
/scratch/www/firefox/work/firefox-76.0.1/config/gcc_hidden.h -U_FORTIFY_SOURCE
-D_FORTIFY_SOURCE=2 -fstack-protector-strong -DNDEBUG=1 -DTRIMMED=1
-DOS_POSIX=1 -DOS_NETBSD=1 -DOS_BSD=1 -DMOZ_HAS_MOZGLUE -DMOZILLA_INTERNAL_API
-DIMPL_LIBXUL -DSTATIC_EXPORTABLE_JS_API
-I/scratch/www/firefox/work/firefox-76.0.1/layout/style
-I/scratch/www/firefox/work/build/layout/style
-I/scratch/www/firefox/work/build/ipc/ipdl/_ipdlheaders
-I/scratch/www/firefox/work/firefox-76.0.1/ipc/chromium/src
-I/scratch/www/firefox/work/firefox-76.0.1/ipc/glue
-I/scratch/www/firefox/work/firefox-76.0.1/layout/base
-I/scratch/www/firefox/work/firefox-76.0.1/layout/generic
-I/scratch/www/firefox/work/firefox-76.0.1/layout/svg
-I/scratch/www/firefox/work/firefox-76.0.1/layout/xul
-I/scratch/www/firefox/work/firefox-76.0.1/dom/base
-I/scratch/www/firefox/work/firefox-76.0.1/dom/html
-I/scratch/www/firefox/work/firefox-76.0.1/dom/xul
-I/scratch/www/firefox/work/firefox-76.0.1/image
-I/scratch/www/firefox/work/build/dist/include
-I/scratch/www/firefox/work/.buildlink/include/nspr
-I/scratch/www/firefox/work/.buildlink/include/nss
-I/scratch/www/firefox/work/build/dist/include/nss
-I/scratch/www/firefox/work/.x11-buildlink/include/pixman-1 -fPIC -DPIC
-DMOZILLA_CLIENT -include /scratch/www/firefox/work/build/mozilla-config.h
-Qunused-arguments -g -I/scratch/www/firefox/work/.buildlink/include
-I/scratch/www/firefox/work/.buildlink/include/nss/nss
-I/scratch/www/firefox/work/.x11-buildlink/include
-I/scratch/www/firefox/work/.x11-buildlink/include/libdrm
-I/scratch/www/firefox/work/.buildlink/include/glib-2.0
-I/scratch/www/firefox/work/.buildlink/include/gio-unix-2.0
-I/scratch/www/firefox/work/.buildlink/lib/glib-2.0/include
-I/scratch/www/firefox/work/.buildlink/include/ffmpeg4
-I/scratch/www/firefox/work/.x11-buildlink/include/freetype2 -Qunused-arguments
-Wall -Wbitfield-enum-conversion -Wempty-body -Wignored-qualifiers
-Woverloaded-virtual -Wpointer-arith -Wshadow-field-in-constructor-modified
-Wsign-compare -Wtype-limits -Wunreachable-code -Wunreachable-code-return
-Wwrite-strings -Wno-invalid-offsetof -Wclass-varargs -Wempty-init-stmt
-Wfloat-overflow-conversion -Wfloat-zero-conversion -Wloop-analysis
-Wc++2a-compat -Wcomma -Wimplicit-fallthrough -Wunused-function
-Wunused-variable -Wstring-conversion -Wtautological-overlap-compare
-Wtautological-unsigned-enum-zero-compare -Wtautological-unsigned-zero-compare
-Wno-error=tautological-type-limit-compare -Wno-inline-new-delete
-Wno-error=deprecated-declarations -Wno-error=array-bounds
-Wno-error=backend-plugin -Wno-error=return-std-move
-Wno-error=atomic-alignment -Wno-error=deprecated-copy -Wformat
-Wformat-security -Wno-gnu-zero-variadic-macro-arguments
-Wno-unknown-warning-option -fno-sized-deallocation -fno-aligned-new -O2
-D_GLIBCXX_INCLUDE_NEXT_C_HEADERS -g -D_FORTIFY_SOURCE=2 -fstack-check
-fno-exceptions -fno-strict-aliasing -Dunix -fno-rtti -ffunction-sections
-fdata-sections -fno-exceptions -fno-math-errno -pthread -pipe -O2
-fomit-frame-pointer -funwind-tables -fexperimental-new-pass-manager -MD -MP
-MF .deps/Unified_cpp_layout_style4.o.pp Unified_cpp_layout_style4.cpp
-fstack-protector-all
1. <eof> parser at end of file
2. Code generation
3. Running pass 'Function Pass Manager' on module
'Unified_cpp_layout_style4.cpp'.
4. Running pass 'X86 Optimize Call Frame' on function
'@_ZN7mozilla15StyleOwnedSliceINS_20StyleGenericCalcNodeINS_29StyleCalcLengthPercentageLeafEEEE8CopyFromERKS4_'
#0 0x00007a29fba8013e llvm::sys::PrintStackTrace(llvm::raw_ostream&)
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/Support/Unix/Signals.inc:564:11
#1 0x00007a29fba7da34 llvm::sys::RunSignalHandlers()
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/Support/Signals.cpp:68:20
#2 0x00007a29fba7e40f SignalHandler(int)
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/Support/Unix/Signals.inc:396:31
#3 0x00007a29fa0a8c70 __sigtramp_siginfo_2 (/usr/lib/libc.so.12+0xa8c70)
(sorry, backtraces are not longer on NetBSD)
I've run creduce for a bit over three weeks to reduce it to a ~1500 byte test
case. In the process I had two different gdb backtraces that I noticed.
First one:
#0 0x000070336b00752a in (anonymous
namespace)::X86CallFrameOptimization::isProfitable (this=0x703367bff920,
this=0x703367bff920,
CallSeqVector=..., MF=...) at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/Target/X86/X86CallFrameOptimization.cpp:205
205
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/Target/X86/X86CallFrameOptimization.cpp:
No such file or directory.
(gdb) bt
#0 0x000070336b00752a in (anonymous
namespace)::X86CallFrameOptimization::isProfitable (this=0x703367bff920,
this=0x703367bff920,
CallSeqVector=..., MF=...) at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/Target/X86/X86CallFrameOptimization.cpp:205
#1 (anonymous namespace)::X86CallFrameOptimization::runOnMachineFunction
(this=<optimized out>, MF=...)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/Target/X86/X86CallFrameOptimization.cpp:265
#2 0x0000703368dc410e in llvm::MachineFunctionPass::runOnFunction
(this=0x703367bff920, F=...)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/CodeGen/MachineFunctionPass.cpp:73
#3 0x0000703368ba0d19 in llvm::FPPassManager::runOnFunction
(this=this at entry=0x70336ff62a00, F=...)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/IR/LegacyPassManager.cpp:1481
#4 0x0000703368ba1452 in llvm::FPPassManager::runOnModule
(this=0x70336ff62a00, M=...)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/IR/LegacyPassManager.cpp:1517
#5 0x0000703368ba17cd in (anonymous namespace)::MPPassManager::runOnModule
(M=..., this=0x70336fec8200)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/IR/LegacyPassManager.cpp:1582
#6 llvm::legacy::PassManagerImpl::run (this=0x70336d3cd300, M=...)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/IR/LegacyPassManager.cpp:1694
#7 0x0000703368ba1a5d in llvm::legacy::PassManager::run
(this=this at entry=0x7f7fff20d5a0, M=...)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/IR/LegacyPassManager.cpp:1725
#8 0x000070336e8b05da in (anonymous
namespace)::EmitAssemblyHelper::EmitAssemblyWithNewPassManager (this=<optimized
out>,
Action=<optimized out>, OS=...) at
/scratch/lang/clang/work/clang-10.0.0.src/lib/CodeGen/BackendUtil.cpp:1329
#9 0x000070336e8b3f88 in clang::EmitBackendOutput (Diags=..., HeaderOpts=...,
CGOpts=..., TOpts=..., LOpts=..., TDesc=..., M=0x70336ff39f00,
Action=Action at entry=clang::Backend_EmitObj, OS=...) at
/usr/include/g++/bits/unique_ptr.h:366
#10 0x000070336eba6f39 in clang::BackendConsumer::HandleTranslationUnit
(this=0x70336ff71a80, C=...) at /usr/include/g++/bits/unique_ptr.h:345
#11 0x000070336db6f61a in clang::ParseAST (S=..., PrintStats=<optimized out>,
SkipFunctionBodies=<optimized out>)
at /scratch/lang/clang/work/.buildlink/include/llvm/ADT/StringRef.h:143
#12 0x000070336f09b14e in clang::FrontendAction::Execute
(this=this at entry=0x70336ff6e540)
at
/scratch/lang/clang/work/clang-10.0.0.src/lib/Frontend/FrontendAction.cpp:936
#13 0x000070336f057109 in clang::CompilerInstance::ExecuteAction
(this=this at entry=0x70336ff71600, Act=...)
at
/scratch/lang/clang/work/clang-10.0.0.src/lib/Frontend/CompilerInstance.cpp:965
#14 0x000070336f1215e5 in clang::ExecuteCompilerInvocation
(Clang=Clang at entry=0x70336ff71600)
at
/scratch/lang/clang/work/clang-10.0.0.src/lib/FrontendTool/ExecuteCompilerInvocation.cpp:290
#15 0x0000000000414f92 in cc1_main (Argv=..., Argv0=<optimized out>,
MainAddr=MainAddr at entry=0x4139c0 <GetExecutablePath[abi:cxx11](char const*,
bool)>)
at /scratch/lang/clang/work/clang-10.0.0.src/tools/driver/cc1_main.cpp:240
#16 0x0000000000412b95 in ExecuteCC1Tool (ArgV=...) at
/scratch/lang/clang/work/.buildlink/include/llvm/ADT/ArrayRef.h:188
#17 0x000070336eda1612 in clang::driver::CC1Command::<lambda()>::operator()
(__closure=0x70336ffa6400)
at /scratch/lang/clang/work/clang-10.0.0.src/lib/Driver/Job.cpp:417
#18
llvm::function_ref<void()>::callback_fn<clang::driver::CC1Command::Execute(llvm::ArrayRef<llvm::Optional<llvm::StringRef>
>, std::__cxx11::string*, bool*) const::<lambda()> >(intptr_t)
(callable=callable at entry=140187717923984)
at /scratch/lang/clang/work/.buildlink/include/llvm/ADT/STLExtras.h:108
#19 0x00007033689ab733 in llvm::function_ref<void ()>::operator()() const
(this=<synthetic pointer>, this=<synthetic pointer>)
at /scratch/lang/llvm/work/llvm-10.0.0.src/include/llvm/ADT/STLExtras.h:124
#20 llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>)
(this=this at entry=0x7f7fff20f470, Fn=...)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/Support/CrashRecoveryContext.cpp:417
--Type <RET> for more, q to quit, c to continue without paging--
#21 0x000070336eda5923 in clang::driver::CC1Command::Execute
(this=0x70336ff53500, Redirects=..., ErrMsg=<optimized out>,
ExecutionFailed=<optimized out>) at
/scratch/lang/clang/work/.buildlink/include/llvm/ADT/STLExtras.h:117
#22 0x000070336ed7a48f in clang::driver::Compilation::ExecuteCommand
(this=this at entry=0x70336fec9200, C=...,
FailingCommand=@0x7f7fff20f5f0: 0x0) at
/usr/include/g++/bits/stl_vector.h:1059
#23 0x000070336ed7ad10 in clang::driver::Compilation::ExecuteJobs
(this=this at entry=0x70336fec9200, Jobs=..., FailingCommands=...)
at /scratch/lang/clang/work/clang-10.0.0.src/lib/Driver/Compilation.cpp:233
#24 0x000070336ed89dd5 in clang::driver::Driver::ExecuteCompilation
(this=this at entry=0x7f7fff20f728, C=..., FailingCommands=...)
at
/scratch/lang/clang/work/clang-10.0.0.src/include/clang/Driver/Compilation.h:202
#25 0x00000000004113c9 in main (argc_=<optimized out>, argv_=<optimized out>)
at /scratch/lang/clang/work/clang-10.0.0.src/tools/driver/driver.cpp:498
(gdb) q
Second one:
#0 0x000072306819008d in llvm::SmallVectorImpl<llvm::MachineInstr*>::operator=
(this=0x7f7ffeea5290, RHS=...)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/include/llvm/ADT/SmallVector.h:706
706 /scratch/lang/llvm/work/llvm-10.0.0.src/include/llvm/ADT/SmallVector.h:
No such file or directory.
(gdb) bt
#0 0x000072306819008d in llvm::SmallVectorImpl<llvm::MachineInstr*>::operator=
(this=0x7f7ffeea5290, RHS=...)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/include/llvm/ADT/SmallVector.h:706
#1 0x000072306a4083a4 in llvm::SmallVector<llvm::MachineInstr*,
4u>::SmallVector (RHS=..., this=0x7f7ffeea5290)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/include/llvm/ADT/SmallVector.h:68
#2 (anonymous namespace)::X86CallFrameOptimization::CallContext::CallContext
(this=0x7f7ffeea5270)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/Target/X86/X86CallFrameOptimization.cpp:70
#3 (anonymous namespace)::X86CallFrameOptimization::isProfitable
(this=0x723066b1da20, this=0x723066b1da20, CallSeqVector=..., MF=...)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/Target/X86/X86CallFrameOptimization.cpp:205
#4 (anonymous namespace)::X86CallFrameOptimization::runOnMachineFunction
(this=<optimized out>, MF=...)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/Target/X86/X86CallFrameOptimization.cpp:265
#5 0x00007230681c410e in llvm::MachineFunctionPass::runOnFunction
(this=0x723066b1da20, F=...)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/CodeGen/MachineFunctionPass.cpp:73
#6 0x0000723067fa0d19 in llvm::FPPassManager::runOnFunction
(this=this at entry=0x72306f302d80, F=...)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/IR/LegacyPassManager.cpp:1481
#7 0x0000723067fa1452 in llvm::FPPassManager::runOnModule
(this=0x72306f302d80, M=...)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/IR/LegacyPassManager.cpp:1517
#8 0x0000723067fa17cd in (anonymous namespace)::MPPassManager::runOnModule
(M=..., this=0x72306f269800)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/IR/LegacyPassManager.cpp:1582
#9 llvm::legacy::PassManagerImpl::run (this=0x7230673b0400, M=...)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/IR/LegacyPassManager.cpp:1694
#10 0x0000723067fa1a5d in llvm::legacy::PassManager::run
(this=this at entry=0x7f7fff29f5d0, M=...)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/IR/LegacyPassManager.cpp:1725
#11 0x000072306dcb05da in (anonymous
namespace)::EmitAssemblyHelper::EmitAssemblyWithNewPassManager (this=<optimized
out>,
Action=<optimized out>, OS=...) at
/scratch/lang/clang/work/clang-10.0.0.src/lib/CodeGen/BackendUtil.cpp:1329
#12 0x000072306dcb3f88 in clang::EmitBackendOutput (Diags=..., HeaderOpts=...,
CGOpts=..., TOpts=..., LOpts=..., TDesc=..., M=0x72306f2d9f00,
Action=Action at entry=clang::Backend_EmitObj, OS=...) at
/usr/include/g++/bits/unique_ptr.h:366
#13 0x000072306dfa6f39 in clang::BackendConsumer::HandleTranslationUnit
(this=0x72306f311a80, C=...) at /usr/include/g++/bits/unique_ptr.h:345
#14 0x000072306cf6f61a in clang::ParseAST (S=..., PrintStats=<optimized out>,
SkipFunctionBodies=<optimized out>)
at /scratch/lang/clang/work/.buildlink/include/llvm/ADT/StringRef.h:143
#15 0x000072306e49b14e in clang::FrontendAction::Execute
(this=this at entry=0x72306f30e540)
at
/scratch/lang/clang/work/clang-10.0.0.src/lib/Frontend/FrontendAction.cpp:936
#16 0x000072306e457109 in clang::CompilerInstance::ExecuteAction
(this=this at entry=0x72306f311600, Act=...)
at
/scratch/lang/clang/work/clang-10.0.0.src/lib/Frontend/CompilerInstance.cpp:965
#17 0x000072306e5215e5 in clang::ExecuteCompilerInvocation
(Clang=Clang at entry=0x72306f311600)
at
/scratch/lang/clang/work/clang-10.0.0.src/lib/FrontendTool/ExecuteCompilerInvocation.cpp:290
#18 0x0000000000414f92 in cc1_main (Argv=..., Argv0=<optimized out>,
MainAddr=MainAddr at entry=0x4139c0 <GetExecutablePath[abi:cxx11](char const*,
bool)>)
at /scratch/lang/clang/work/clang-10.0.0.src/tools/driver/cc1_main.cpp:240
#19 0x0000000000412b95 in ExecuteCC1Tool (ArgV=...) at
/scratch/lang/clang/work/.buildlink/include/llvm/ADT/ArrayRef.h:188
#20 0x000072306e1a1612 in clang::driver::CC1Command::<lambda()>::operator()
(__closure=0x72306f346400)
at /scratch/lang/clang/work/clang-10.0.0.src/lib/Driver/Job.cpp:417
#21
llvm::function_ref<void()>::callback_fn<clang::driver::CC1Command::Execute(llvm::ArrayRef<llvm::Optional<llvm::StringRef>
>, std::__cxx11::string*, bool*) const::<lambda()> >(intptr_t)
(callable=callable at entry=140187718522048)
at /scratch/lang/clang/work/.buildlink/include/llvm/ADT/STLExtras.h:108
#22 0x0000723067dab733 in llvm::function_ref<void ()>::operator()() const
(this=<synthetic pointer>, this=<synthetic pointer>)
at /scratch/lang/llvm/work/llvm-10.0.0.src/include/llvm/ADT/STLExtras.h:124
#23 llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>)
(this=this at entry=0x7f7fff2a14a0, Fn=...)
at
/scratch/lang/llvm/work/llvm-10.0.0.src/lib/Support/CrashRecoveryContext.cpp:417
#24 0x000072306e1a5923 in clang::driver::CC1Command::Execute
(this=0x72306f2f3500, Redirects=..., ErrMsg=<optimized out>,
ExecutionFailed=<optimized out>) at
/scratch/lang/clang/work/.buildlink/include/llvm/ADT/STLExtras.h:117
#25 0x000072306e17a48f in clang::driver::Compilation::ExecuteCommand
(this=this at entry=0x72306f269200, C=...,
FailingCommand=@0x7f7fff2a1620: 0x0) at
/usr/include/g++/bits/stl_vector.h:1059
#26 0x000072306e17ad10 in clang::driver::Compilation::ExecuteJobs
(this=this at entry=0x72306f269200, Jobs=..., FailingCommands=...)
at /scratch/lang/clang/work/clang-10.0.0.src/lib/Driver/Compilation.cpp:233
#27 0x000072306e189dd5 in clang::driver::Driver::ExecuteCompilation
(this=this at entry=0x7f7fff2a1758, C=..., FailingCommands=...)
at
/scratch/lang/clang/work/clang-10.0.0.src/include/clang/Driver/Compilation.h:202
#28 0x00000000004113c9 in main (argc_=<optimized out>, argv_=<optimized out>)
at /scratch/lang/clang/work/clang-10.0.0.src/tools/driver/driver.cpp:498
(gdb)
The minimal compiler command line is:
/usr/pkg/bin/clang++ -std=gnu++17 -O2 -c -fPIC -pthread -pipe
-fexperimental-new-pass-manager big.ii
The "-fexperimental-new-pass-manager" and "-O2" are necessary, without either
it doesn't segfault.
big.ii (creduce output) is attached.
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20200617/8ce3eca4/attachment-0001.html>
More information about the llvm-bugs
mailing list