[llvm-bugs] [Bug 51592] New: clang crashes on valid code at -O3 on x86_64-linux-gnu: Assertion `L && L->getHeader() == P->getParent()' failed
via llvm-bugs
llvm-bugs at lists.llvm.org
Mon Aug 23 15:46:14 PDT 2021
https://bugs.llvm.org/show_bug.cgi?id=51592
Bug ID: 51592
Summary: clang crashes on valid code at -O3 on
x86_64-linux-gnu: Assertion `L && L->getHeader() ==
P->getParent()' failed
Product: libraries
Version: trunk
Hardware: PC
OS: All
Status: NEW
Severity: enhancement
Priority: P
Component: Global Analyses
Assignee: unassignedbugs at nondot.org
Reporter: zhendong.su at inf.ethz.ch
CC: llvm-bugs at lists.llvm.org
[512] % clangtk -v
clang version 14.0.0 (https://github.com/llvm/llvm-project.git
236a90802d5a7f6823685990fe76fd9beec9b4a5)
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /local/suz-local/opfuzz/bin
Found candidate GCC installation: /usr/lib/gcc/i686-linux-gnu/8
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/6
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/6.5.0
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/7
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/7.5.0
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/8
Selected GCC installation: /usr/lib/gcc/x86_64-linux-gnu/7.5.0
Candidate multilib: .;@m64
Candidate multilib: 32;@m32
Candidate multilib: x32;@mx32
Selected multilib: .;@m64
[513] %
[513] % clangtk -O2 -c small.c
[514] %
[514] % clangtk -O3 -c small.c
clangtk:
/local/suz-local/software/clangbuild/llvm-project/llvm/lib/Analysis/ScalarEvolution.cpp:5899:
llvm::ConstantRange llvm::ScalarEvolution::getRangeForUnknownRecurrence(const
llvm::SCEVUnknown*): Assertion `L && L->getHeader() == P->getParent()' failed.
PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash
backtrace, preprocessed source, and associated run script.
Stack dump:
0. Program arguments: clangtk -I/usr/local/include/csmith
-I/local/suz-local/software/local/include -O3 -c small.c
1. <eof> parser at end of file
2. Optimizer
#0 0x000055681fc2a1ff PrintStackTraceSignalHandler(void*) Signals.cpp:0:0
#1 0x000055681fc27ff0 llvm::sys::CleanupOnSignal(unsigned long)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x3a2bff0)
#2 0x000055681fb73cd8 CrashRecoverySignalHandler(int)
CrashRecoveryContext.cpp:0:0
#3 0x00007ff6495ce980 __restore_rt
(/lib/x86_64-linux-gnu/libpthread.so.0+0x12980)
#4 0x00007ff64827ffb7 raise
/build/glibc-S9d2JN/glibc-2.27/signal/../sysdeps/unix/sysv/linux/raise.c:51:0
#5 0x00007ff648281921 abort /build/glibc-S9d2JN/glibc-2.27/stdlib/abort.c:81:0
#6 0x00007ff64827148a __assert_fail_base
/build/glibc-S9d2JN/glibc-2.27/assert/assert.c:89:0
#7 0x00007ff648271502 (/lib/x86_64-linux-gnu/libc.so.6+0x30502)
#8 0x000055681eccd548
llvm::ScalarEvolution::getRangeForUnknownRecurrence(llvm::SCEVUnknown const*)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x2ad1548)
#9 0x000055681ecce76b llvm::ScalarEvolution::getRangeRef(llvm::SCEV const*,
llvm::ScalarEvolution::RangeSignHint)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x2ad276b)
#10 0x000055681eccfec0 StrengthenNoWrapFlags(llvm::ScalarEvolution*,
llvm::SCEVTypes, llvm::ArrayRef<llvm::SCEV const*>, llvm::SCEV::NoWrapFlags)
ScalarEvolution.cpp:0:0
#11 0x000055681ecd7975
llvm::ScalarEvolution::getAddExpr(llvm::SmallVectorImpl<llvm::SCEV const*>&,
llvm::SCEV::NoWrapFlags, unsigned int)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x2adb975)
#12 0x000055681e101eb4 llvm::ScalarEvolution::getAddExpr(llvm::SCEV const*,
llvm::SCEV const*, llvm::SCEV::NoWrapFlags, unsigned int)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x1f05eb4)
#13 0x000055681ece06f6 llvm::ScalarEvolution::getMinusSCEV(llvm::SCEV const*,
llvm::SCEV const*, llvm::SCEV::NoWrapFlags, unsigned int)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x2ae46f6)
#14 0x000055681ecf3a44
llvm::ScalarEvolution::computeExitLimitFromSingleExitSwitch(llvm::Loop const*,
llvm::SwitchInst*, llvm::BasicBlock*, bool)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x2af7a44)
#15 0x000055681eccb816 llvm::ScalarEvolution::computeExitLimit(llvm::Loop
const*, llvm::BasicBlock*, bool)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x2acf816)
#16 0x000055681eccbc1d
llvm::ScalarEvolution::computeBackedgeTakenCount(llvm::Loop const*, bool)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x2acfc1d)
#17 0x000055681eccc39c llvm::ScalarEvolution::getBackedgeTakenInfo(llvm::Loop
const*) (/local/suz-local/software/local/clang-trunk/bin/clang-14+0x2ad039c)
#18 0x000055681ece54c1
llvm::ScalarEvolution::hasLoopInvariantBackedgeTakenCount(llvm::Loop const*)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x2ae94c1)
#19 0x000055681f9c57a7 (anonymous
namespace)::LoopIdiomRecognize::runOnLoop(llvm::Loop*)
LoopIdiomRecognize.cpp:0:0
#20 0x000055681f9c7919 llvm::LoopIdiomRecognizePass::run(llvm::Loop&,
llvm::AnalysisManager<llvm::Loop, llvm::LoopStandardAnalysisResults&>&,
llvm::LoopStandardAnalysisResults&, llvm::LPMUpdater&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x37cb919)
#21 0x0000556820df5741 llvm::detail::PassModel<llvm::Loop,
llvm::LoopIdiomRecognizePass, llvm::PreservedAnalyses,
llvm::AnalysisManager<llvm::Loop, llvm::LoopStandardAnalysisResults&>,
llvm::LoopStandardAnalysisResults&, llvm::LPMUpdater&>::run(llvm::Loop&,
llvm::AnalysisManager<llvm::Loop, llvm::LoopStandardAnalysisResults&>&,
llvm::LoopStandardAnalysisResults&, llvm::LPMUpdater&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x4bf9741)
#22 0x0000556820f38cfe llvm::Optional<llvm::PreservedAnalyses>
llvm::PassManager<llvm::Loop, llvm::AnalysisManager<llvm::Loop,
llvm::LoopStandardAnalysisResults&>, llvm::LoopStandardAnalysisResults&,
llvm::LPMUpdater&>::runSinglePass<llvm::Loop,
std::unique_ptr<llvm::detail::PassConcept<llvm::Loop,
llvm::AnalysisManager<llvm::Loop, llvm::LoopStandardAnalysisResults&>,
llvm::LoopStandardAnalysisResults&, llvm::LPMUpdater&>,
std::default_delete<llvm::detail::PassConcept<llvm::Loop,
llvm::AnalysisManager<llvm::Loop, llvm::LoopStandardAnalysisResults&>,
llvm::LoopStandardAnalysisResults&, llvm::LPMUpdater&> > > >(llvm::Loop&,
std::unique_ptr<llvm::detail::PassConcept<llvm::Loop,
llvm::AnalysisManager<llvm::Loop, llvm::LoopStandardAnalysisResults&>,
llvm::LoopStandardAnalysisResults&, llvm::LPMUpdater&>,
std::default_delete<llvm::detail::PassConcept<llvm::Loop,
llvm::AnalysisManager<llvm::Loop, llvm::LoopStandardAnalysisResults&>,
llvm::LoopStandardAnalysisResults&, llvm::LPMUpdater&> > >&,
llvm::AnalysisManager<llvm::Loop, llvm::LoopStandardAnalysisResults&>&,
llvm::LoopStandardAnalysisResults&, llvm::LPMUpdater&,
llvm::PassInstrumentation&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x4d3ccfe)
#23 0x0000556820f38f6e llvm::PassManager<llvm::Loop,
llvm::AnalysisManager<llvm::Loop, llvm::LoopStandardAnalysisResults&>,
llvm::LoopStandardAnalysisResults&,
llvm::LPMUpdater&>::runWithoutLoopNestPasses(llvm::Loop&,
llvm::AnalysisManager<llvm::Loop, llvm::LoopStandardAnalysisResults&>&,
llvm::LoopStandardAnalysisResults&, llvm::LPMUpdater&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x4d3cf6e)
#24 0x0000556820f3a2a8 llvm::PassManager<llvm::Loop,
llvm::AnalysisManager<llvm::Loop, llvm::LoopStandardAnalysisResults&>,
llvm::LoopStandardAnalysisResults&, llvm::LPMUpdater&>::run(llvm::Loop&,
llvm::AnalysisManager<llvm::Loop, llvm::LoopStandardAnalysisResults&>&,
llvm::LoopStandardAnalysisResults&, llvm::LPMUpdater&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x4d3e2a8)
#25 0x0000556820f3b7ac llvm::FunctionToLoopPassAdaptor::run(llvm::Function&,
llvm::AnalysisManager<llvm::Function>&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x4d3f7ac)
#26 0x0000556820c9bee1 llvm::detail::PassModel<llvm::Function,
llvm::FunctionToLoopPassAdaptor, llvm::PreservedAnalyses,
llvm::AnalysisManager<llvm::Function> >::run(llvm::Function&,
llvm::AnalysisManager<llvm::Function>&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x4a9fee1)
#27 0x000055681f3ecfec llvm::PassManager<llvm::Function,
llvm::AnalysisManager<llvm::Function> >::run(llvm::Function&,
llvm::AnalysisManager<llvm::Function>&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x31f0fec)
#28 0x000055681d9a1541 llvm::detail::PassModel<llvm::Function,
llvm::PassManager<llvm::Function, llvm::AnalysisManager<llvm::Function> >,
llvm::PreservedAnalyses, llvm::AnalysisManager<llvm::Function>
>::run(llvm::Function&, llvm::AnalysisManager<llvm::Function>&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x17a5541)
#29 0x000055681eb30204
llvm::CGSCCToFunctionPassAdaptor::run(llvm::LazyCallGraph::SCC&,
llvm::AnalysisManager<llvm::LazyCallGraph::SCC, llvm::LazyCallGraph&>&,
llvm::LazyCallGraph&, llvm::CGSCCUpdateResult&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x2934204)
#30 0x000055681d9a2191 llvm::detail::PassModel<llvm::LazyCallGraph::SCC,
llvm::CGSCCToFunctionPassAdaptor, llvm::PreservedAnalyses,
llvm::AnalysisManager<llvm::LazyCallGraph::SCC, llvm::LazyCallGraph&>,
llvm::LazyCallGraph&, llvm::CGSCCUpdateResult&>::run(llvm::LazyCallGraph::SCC&,
llvm::AnalysisManager<llvm::LazyCallGraph::SCC, llvm::LazyCallGraph&>&,
llvm::LazyCallGraph&, llvm::CGSCCUpdateResult&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x17a6191)
#31 0x000055681eb28cd3 llvm::PassManager<llvm::LazyCallGraph::SCC,
llvm::AnalysisManager<llvm::LazyCallGraph::SCC, llvm::LazyCallGraph&>,
llvm::LazyCallGraph&, llvm::CGSCCUpdateResult&>::run(llvm::LazyCallGraph::SCC&,
llvm::AnalysisManager<llvm::LazyCallGraph::SCC, llvm::LazyCallGraph&>&,
llvm::LazyCallGraph&, llvm::CGSCCUpdateResult&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x292ccd3)
#32 0x000055681f4f8b31 llvm::detail::PassModel<llvm::LazyCallGraph::SCC,
llvm::PassManager<llvm::LazyCallGraph::SCC,
llvm::AnalysisManager<llvm::LazyCallGraph::SCC, llvm::LazyCallGraph&>,
llvm::LazyCallGraph&, llvm::CGSCCUpdateResult&>, llvm::PreservedAnalyses,
llvm::AnalysisManager<llvm::LazyCallGraph::SCC, llvm::LazyCallGraph&>,
llvm::LazyCallGraph&, llvm::CGSCCUpdateResult&>::run(llvm::LazyCallGraph::SCC&,
llvm::AnalysisManager<llvm::LazyCallGraph::SCC, llvm::LazyCallGraph&>&,
llvm::LazyCallGraph&, llvm::CGSCCUpdateResult&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x32fcb31)
#33 0x000055681eb2c1a0
llvm::DevirtSCCRepeatedPass::run(llvm::LazyCallGraph::SCC&,
llvm::AnalysisManager<llvm::LazyCallGraph::SCC, llvm::LazyCallGraph&>&,
llvm::LazyCallGraph&, llvm::CGSCCUpdateResult&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x29301a0)
#34 0x000055681f4f8af1 llvm::detail::PassModel<llvm::LazyCallGraph::SCC,
llvm::DevirtSCCRepeatedPass, llvm::PreservedAnalyses,
llvm::AnalysisManager<llvm::LazyCallGraph::SCC, llvm::LazyCallGraph&>,
llvm::LazyCallGraph&, llvm::CGSCCUpdateResult&>::run(llvm::LazyCallGraph::SCC&,
llvm::AnalysisManager<llvm::LazyCallGraph::SCC, llvm::LazyCallGraph&>&,
llvm::LazyCallGraph&, llvm::CGSCCUpdateResult&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x32fcaf1)
#35 0x000055681eb2a72c
llvm::ModuleToPostOrderCGSCCPassAdaptor::run(llvm::Module&,
llvm::AnalysisManager<llvm::Module>&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x292e72c)
#36 0x000055681f4f8b71 llvm::detail::PassModel<llvm::Module,
llvm::ModuleToPostOrderCGSCCPassAdaptor, llvm::PreservedAnalyses,
llvm::AnalysisManager<llvm::Module> >::run(llvm::Module&,
llvm::AnalysisManager<llvm::Module>&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x32fcb71)
#37 0x000055681f3eb094 llvm::PassManager<llvm::Module,
llvm::AnalysisManager<llvm::Module> >::run(llvm::Module&,
llvm::AnalysisManager<llvm::Module>&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x31ef094)
#38 0x000055681f4fb2b8 llvm::ModuleInlinerWrapperPass::run(llvm::Module&,
llvm::AnalysisManager<llvm::Module>&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x32ff2b8)
#39 0x0000556820c9c161 llvm::detail::PassModel<llvm::Module,
llvm::ModuleInlinerWrapperPass, llvm::PreservedAnalyses,
llvm::AnalysisManager<llvm::Module> >::run(llvm::Module&,
llvm::AnalysisManager<llvm::Module>&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x4aa0161)
#40 0x000055681f3eb094 llvm::PassManager<llvm::Module,
llvm::AnalysisManager<llvm::Module> >::run(llvm::Module&,
llvm::AnalysisManager<llvm::Module>&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x31ef094)
#41 0x000055681ff24124 (anonymous
namespace)::EmitAssemblyHelper::EmitAssemblyWithNewPassManager(clang::BackendAction,
std::unique_ptr<llvm::raw_pwrite_stream,
std::default_delete<llvm::raw_pwrite_stream> >) BackendUtil.cpp:0:0
#42 0x000055681ff29373 clang::EmitBackendOutput(clang::DiagnosticsEngine&,
clang::HeaderSearchOptions const&, clang::CodeGenOptions const&,
clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef,
llvm::Module*, clang::BackendAction, std::unique_ptr<llvm::raw_pwrite_stream,
std::default_delete<llvm::raw_pwrite_stream> >)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x3d2d373)
#43 0x0000556820c1b78a
clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x4a1f78a)
#44 0x0000556821aff229 clang::ParseAST(clang::Sema&, bool, bool)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x5903229)
#45 0x0000556820c1b928 clang::CodeGenAction::ExecuteAction()
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x4a1f928)
#46 0x0000556820565491 clang::FrontendAction::Execute()
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x4369491)
#47 0x000055682050185a
clang::CompilerInstance::ExecuteAction(clang::FrontendAction&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x430585a)
#48 0x00005568206340ca
clang::ExecuteCompilerInvocation(clang::CompilerInstance*)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x44380ca)
#49 0x000055681d7072ec cc1_main(llvm::ArrayRef<char const*>, char const*,
void*) (/local/suz-local/software/local/clang-trunk/bin/clang-14+0x150b2ec)
#50 0x000055681d702689 ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&)
driver.cpp:0:0
#51 0x00005568203af315 void llvm::function_ref<void
()>::callback_fn<clang::driver::CC1Command::Execute(llvm::ArrayRef<llvm::Optional<llvm::StringRef>
>, std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> >*, bool*) const::'lambda'()>(long) Job.cpp:0:0
#52 0x000055681fb742c3
llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x39782c3)
#53 0x00005568203b1694
clang::driver::CC1Command::Execute(llvm::ArrayRef<llvm::Optional<llvm::StringRef>
>, std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> >*, bool*) const
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x41b5694)
#54 0x00005568203873ca
clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&,
clang::driver::Command const*&) const
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x418b3ca)
#55 0x000055682038806f
clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&,
llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*> >&) const
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x418c06f)
#56 0x0000556820391c8a
clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&,
llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*> >&)
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x4195c8a)
#57 0x000055681d62e227 main
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x1432227)
#58 0x00007ff648262bf7 __libc_start_main
/build/glibc-S9d2JN/glibc-2.27/csu/../csu/libc-start.c:344:0
#59 0x000055681d7021fa _start
(/local/suz-local/software/local/clang-trunk/bin/clang-14+0x15061fa)
clang-14: error: clang frontend command failed with exit code 134 (use -v to
see invocation)
clang version 14.0.0 (https://github.com/llvm/llvm-project.git
236a90802d5a7f6823685990fe76fd9beec9b4a5)
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /local/suz-local/opfuzz/bin
clang-14: note: diagnostic msg:
********************
PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
Preprocessed source(s) and associated run script(s) are located at:
clang-14: note: diagnostic msg: /tmp/small-4626d0.c
clang-14: note: diagnostic msg: /tmp/small-4626d0.sh
clang-14: note: diagnostic msg:
********************
[515] %
[515] % cat small.c
int *a, d;
static int **b = &a, ***c = &b;
short e;
int f(int *g) {
L:
for (e = 0; e != 2; e++)
if (d) {
if (e)
goto L;
*b = g;
if (***c)
return 0;
}
*c = 0;
return 0;
}
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20210823/eb91832f/attachment-0001.html>
More information about the llvm-bugs
mailing list