[llvm-bugs] [Bug 51440] New: clang9 and clang10 got LLVM error: out of memory on compiling std::get<> calls with undefined sanitizer

via llvm-bugs llvm-bugs at lists.llvm.org
Wed Aug 11 07:53:15 PDT 2021 

https://bugs.llvm.org/show_bug.cgi?id=51440

            Bug ID: 51440
           Summary: clang9 and clang10 got LLVM error: out of memory on
                    compiling std::get<> calls with undefined sanitizer
           Product: clang
           Version: 10.0
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: C++17
          Assignee: unassignedclangbugs at nondot.org
          Reporter: strizhak.ni at phystech.edu
                CC: blitzrakete at gmail.com, erik.pilkington at gmail.com,
                    llvm-bugs at lists.llvm.org, richard-llvm at metafoo.co.uk

Created attachment 25121
  --> https://bugs.llvm.org/attachment.cgi?id=25121&action=edit
Source code, where bug appears

In file attached the simplest example of code. Bug exist on clang9 and clang10,
but not exist on clang8. I didn't check latest clang releases.

While compiling object file, clang use lots of RAM, until it ends, than
failing. In compilation string I use prlimit to limit about 15 GB ram usage, to
not wait too long.

Compile string:

$ prlimit --as=15000000000 /usr/bin/clang++-9 -O3 -fsanitize=undefined -g
-fsanitize-undefined-trap-on-error -std=c++1z -o object_file.o -c
cpp_bug_on_clang9_san.cpp

Code example: (also attached)

```
#include <vector>
#include <variant>

class class1{};
class class2{};
class class3{};
class class4{};
class class5{};
class class6{};
class class7{};
class class8{};
class class9{};
class class0{};
enum class EnumName{
    FIRST, SECOND, THIRD
};

using Arg = std::variant<class1, bool, class2, class3, class4, const void *,
class5, class6, const char *, short *, EnumName, class7,
                class7 *, class8, unsigned int, char, double, class9 *, float,
long int, class0, short, int *, class1 *>;

struct StructName {
    Arg argument;
    int identificator;
};

bool foo1(char);
bool foo2(short);
bool foo3(char);
bool foo4(class1);
bool foo5(class2);
bool foo6(class3);
bool foo7(class4);
bool foo8(class5);
bool foo9(class6);
bool foo10(class7);

bool foo4(const StructName &arg)
{
    switch (arg.identificator) {
        case 0:
            return foo1(std::get<char>(arg.argument));
        case 1:
            return foo2(std::get<short>(arg.argument));
        case 2:
            return foo3(std::get<char>(arg.argument));
        case 3:
            return foo4(std::get<class1>(arg.argument));
        case 4:
            return foo5(std::get<class2>(arg.argument));
        case 5:
            return foo6(std::get<class3>(arg.argument));
        case 6:
            return foo7(std::get<class4>(arg.argument));
        case 7:
            return foo8(std::get<class5>(arg.argument));
        case 8:
            return foo9(std::get<class6>(arg.argument));
        case 9:
            return foo10(std::get<class7>(arg.argument));
        default:
            return false;
    }
    return true;
}
```

Console output:
```
LLVM ERROR: out of memory
Stack dump:
0.      Program arguments: /usr/lib/llvm-9/bin/clang -cc1 -triple
x86_64-pc-linux-gnu -emit-obj -disable-free -disable-llvm-verifier
-discard-value-names -main-file-name cpp_bug_on_clang9_san.cpp
-mrelocation-model static -mthread-model posix -fmath-errno -masm-verbose
-mconstructor-aliases -munwind-tables -fuse-init-array -target-cpu x86-64
-dwarf-column-info -debug-info-kind=limited -dwarf-version=4
-debugger-tuning=gdb -momit-leaf-frame-pointer -coverage-notes-file
/home/swx964246/build_sanitizer_clang9_release/object_file.gcno -resource-dir
/usr/lib/llvm-9/lib/clang/9.0.0 -internal-isystem
/usr/bin/../lib/gcc/x86_64-linux-gnu/8/../../../../include/c++/8
-internal-isystem
/usr/bin/../lib/gcc/x86_64-linux-gnu/8/../../../../include/x86_64-linux-gnu/c++/8
-internal-isystem
/usr/bin/../lib/gcc/x86_64-linux-gnu/8/../../../../include/x86_64-linux-gnu/c++/8
-internal-isystem
/usr/bin/../lib/gcc/x86_64-linux-gnu/8/../../../../include/c++/8/backward
-internal-isystem /usr/local/include -internal-isystem
/usr/lib/llvm-9/lib/clang/9.0.0/include -internal-externc-isystem
/usr/include/x86_64-linux-gnu -internal-externc-isystem /include
-internal-externc-isystem /usr/include -O3 -std=c++1z -fdeprecated-macro
-fdebug-compilation-dir /home/swx964246/build_sanitizer_clang9_release
-ferror-limit 19 -fmessage-length 0
-fsanitize=address,alignment,array-bounds,bool,builtin,enum,float-cast-overflow,function,integer-divide-by-zero,nonnull-attribute,null,object-size,pointer-overflow,return,returns-nonnull-attribute,shift-base,shift-exponent,signed-integer-overflow,unreachable,vla-bound
-fsanitize-trap=alignment,array-bounds,bool,builtin,enum,float-cast-overflow,function,integer-divide-by-zero,nonnull-attribute,null,object-size,pointer-overflow,return,returns-nonnull-attribute,shift-base,shift-exponent,signed-integer-overflow,unreachable,vla-bound
-fsanitize-blacklist=/usr/lib/llvm-9/lib/clang/9.0.0/share/asan_blacklist.txt
-fsanitize-address-use-after-scope -fno-assume-sane-operator-new
-fobjc-runtime=gcc -fcxx-exceptions -fexceptions -fdiagnostics-show-option
-fcolor-diagnostics -vectorize-loops -vectorize-slp -faddrsig -o object_file.o
-x c++ cpp_bug_on_clang9_san.cpp
1.      <eof> parser at end of file
2.      Per-module optimization passes
3.      Running pass 'CallGraph Pass Manager' on module
'cpp_bug_on_clang9_san.cpp'.
 #0 0x00007ff7da87835f llvm::sys::PrintStackTrace(llvm::raw_ostream&)
(/usr/lib/x86_64-linux-gnu/libLLVM-9.so.1+0xa3835f)
 #1 0x00007ff7da876780 llvm::sys::RunSignalHandlers()
(/usr/lib/x86_64-linux-gnu/libLLVM-9.so.1+0xa36780)
 #2 0x00007ff7da878761 (/usr/lib/x86_64-linux-gnu/libLLVM-9.so.1+0xa38761)
 #3 0x00007ff7e04fd980 __restore_rt
(/lib/x86_64-linux-gnu/libpthread.so.0+0x12980)
 #4 0x00007ff7d914efb7 gsignal
/build/glibc-S9d2JN/glibc-2.27/signal/../sysdeps/unix/sysv/linux/raise.c:51:0
 #5 0x00007ff7d9150921 abort /build/glibc-S9d2JN/glibc-2.27/stdlib/abort.c:81:0
 #6 0x00007ff7da7dd0a3 llvm::report_bad_alloc_error(char const*, bool)
(/usr/lib/x86_64-linux-gnu/libLLVM-9.so.1+0x99d0a3)
 #7 0x00007ff7da7dd102 (/usr/lib/x86_64-linux-gnu/libLLVM-9.so.1+0x99d102)
 #8 0x00007ff7d9b4a2ac operator new(unsigned long)
(/usr/lib/x86_64-linux-gnu/libstdc++.so.6+0x932ac)
 #9 0x00007ff7dac8fe77 (/usr/lib/x86_64-linux-gnu/libLLVM-9.so.1+0xe4fe77)
#10 0x00007ff7dac8fcf6 (/usr/lib/x86_64-linux-gnu/libLLVM-9.so.1+0xe4fcf6)
#11 0x00007ff7dac90432 (/usr/lib/x86_64-linux-gnu/libLLVM-9.so.1+0xe50432)
#12 0x00007ff7dafdf2b0 (/usr/lib/x86_64-linux-gnu/libLLVM-9.so.1+0x119f2b0)
#13 0x00007ff7dafdd71f llvm::CloneAndPruneIntoFromInst(llvm::Function*,
llvm::Function const*, llvm::Instruction const*, llvm::ValueMap<llvm::Value
const*, llvm::WeakTrackingVH, llvm::ValueMapConfig<llvm::Value const*,
llvm::sys::SmartMutex<false> > >&, bool,
llvm::SmallVectorImpl<llvm::ReturnInst*>&, char const*, llvm::ClonedCodeInfo*)
(/usr/lib/x86_64-linux-gnu/libLLVM-9.so.1+0x119d71f)
#14 0x00007ff7dafe0216 llvm::CloneAndPruneFunctionInto(llvm::Function*,
llvm::Function const*, llvm::ValueMap<llvm::Value const*, llvm::WeakTrackingVH,
llvm::ValueMapConfig<llvm::Value const*, llvm::sys::SmartMutex<false> > >&,
bool, llvm::SmallVectorImpl<llvm::ReturnInst*>&, char const*,
llvm::ClonedCodeInfo*, llvm::Instruction*)
(/usr/lib/x86_64-linux-gnu/libLLVM-9.so.1+0x11a0216)
#15 0x00007ff7daffb874 llvm::InlineFunction(llvm::CallSite,
llvm::InlineFunctionInfo&, llvm::AAResults*, bool, llvm::Function*)
(/usr/lib/x86_64-linux-gnu/libLLVM-9.so.1+0x11bb874)
#16 0x00007ff7db3c24d3
llvm::LegacyInlinerBase::inlineCalls(llvm::CallGraphSCC&)
(/usr/lib/x86_64-linux-gnu/libLLVM-9.so.1+0x15824d3)
#17 0x00007ff7db50a5fb (/usr/lib/x86_64-linux-gnu/libLLVM-9.so.1+0x16ca5fb)
#18 0x00007ff7da9779a0 llvm::legacy::PassManagerImpl::run(llvm::Module&)
(/usr/lib/x86_64-linux-gnu/libLLVM-9.so.1+0xb379a0)
#19 0x00007ff7df27f5b2 EmitAssembly
/build/llvm-toolchain-9-uSl4bC/llvm-toolchain-9-9/tools/clang/lib/CodeGen/BackendUtil.cpp:894:3
#20 0x00007ff7df27f5b2 clang::EmitBackendOutput(clang::DiagnosticsEngine&,
clang::HeaderSearchOptions const&, clang::CodeGenOptions const&,
clang::TargetOptions const&, clang::LangOptions const&, llvm::DataLayout
const&, llvm::Module*, clang::BackendAction,
std::unique_ptr<llvm::raw_pwrite_stream,
std::default_delete<llvm::raw_pwrite_stream> >)
/build/llvm-toolchain-9-uSl4bC/llvm-toolchain-9-9/tools/clang/lib/CodeGen/BackendUtil.cpp:1498:15
#21 0x00007ff7df4b5ead ~unique_ptr
/usr/lib/gcc/x86_64-linux-gnu/7.4.0/../../../../include/c++/7.4.0/bits/unique_ptr.h:267:6
#22 0x00007ff7df4b5ead HandleTranslationUnit
/build/llvm-toolchain-9-uSl4bC/llvm-toolchain-9-9/tools/clang/lib/CodeGen/CodeGenAction.cpp:303:7
#23 0x00007ff7de7e5a03 __normal_iterator
/usr/lib/gcc/x86_64-linux-gnu/7.4.0/../../../../include/c++/7.4.0/bits/stl_iterator.h:783:20
#24 0x00007ff7de7e5a03 begin
/usr/lib/gcc/x86_64-linux-gnu/7.4.0/../../../../include/c++/7.4.0/bits/stl_vector.h:564:16
#25 0x00007ff7de7e5a03
finalize<std::vector<std::unique_ptr<clang::TemplateInstantiationCallback,
std::default_delete<clang::TemplateInstantiationCallback> >,
std::allocator<std::unique_ptr<clang::TemplateInstantiationCallback,
std::default_delete<clang::TemplateInstantiationCallback> > > > >
/build/llvm-toolchain-9-uSl4bC/llvm-toolchain-9-9/tools/clang/include/clang/Sema/TemplateInstCallback.h:54:16
#26 0x00007ff7de7e5a03 clang::ParseAST(clang::Sema&, bool, bool)
/build/llvm-toolchain-9-uSl4bC/llvm-toolchain-9-9/tools/clang/lib/Parse/ParseAST.cpp:178:3
#27 0x00007ff7dfa874c8 clang::FrontendAction::Execute()
/build/llvm-toolchain-9-uSl4bC/llvm-toolchain-9-9/tools/clang/lib/Frontend/FrontendAction.cpp:938:10
#28 0x00007ff7dfa46ce0 getPtr
/build/llvm-toolchain-9-uSl4bC/llvm-toolchain-9-9/include/llvm/Support/Error.h:273:42
#29 0x00007ff7dfa46ce0 operator bool
/build/llvm-toolchain-9-uSl4bC/llvm-toolchain-9-9/include/llvm/Support/Error.h:236:16
#30 0x00007ff7dfa46ce0
clang::CompilerInstance::ExecuteAction(clang::FrontendAction&)
/build/llvm-toolchain-9-uSl4bC/llvm-toolchain-9-9/tools/clang/lib/Frontend/CompilerInstance.cpp:944:23
#31 0x00007ff7dfaea210
clang::ExecuteCompilerInvocation(clang::CompilerInstance*)
/build/llvm-toolchain-9-uSl4bC/llvm-toolchain-9-9/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:291:25
#32 0x0000000000498a5b cc1_main(llvm::ArrayRef<char const*>, char const*,
void*) (/usr/lib/llvm-9/bin/clang+0x498a5b)
#33 0x0000000000496d71 main (/usr/lib/llvm-9/bin/clang+0x496d71)
#34 0x00007ff7d9131bf7 __libc_start_main
/build/glibc-S9d2JN/glibc-2.27/csu/../csu/libc-start.c:344:0
#35 0x00000000004941ea _start (/usr/lib/llvm-9/bin/clang+0x4941ea)
clang: error: unable to execute command: Aborted
clang: error: clang frontend command failed due to signal (use -v to see
invocation)
clang version 9.0.0-2~ubuntu18.04.2 (tags/RELEASE_900/final)
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
clang: note: diagnostic msg: PLEASE submit a bug report to
https://bugs.llvm.org/ and include the crash backtrace, preprocessed source,
and associated run script.
clang: note: diagnostic msg:
```

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20210811/0ac6f82a/attachment-0001.html>

More information about the llvm-bugs mailing list