[llvm-bugs] [Bug 49231] New: clang segment fault in TypeLocVisitor::Visit

via llvm-bugs llvm-bugs at lists.llvm.org
Wed Feb 17 13:13:36 PST 2021 

https://bugs.llvm.org/show_bug.cgi?id=49231

            Bug ID: 49231
           Summary: clang segment fault in TypeLocVisitor::Visit
           Product: clang
           Version: 11.0
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P
         Component: -New Bugs
          Assignee: unassignedclangbugs at nondot.org
          Reporter: zhan3299 at purdue.edu
                CC: htmldeveloper at gmail.com, llvm-bugs at lists.llvm.org,
                    neeilans at live.com, richard-llvm at metafoo.co.uk

When compiling a crafted C code, clang crashes. (both version 6.0.0 and 11.0.0)


$ cat /tmp/test-68e0d5.c
# 1 "<built-in>"
# 1 "test.c"
void a long (b) __attribute__((__vector_size__(16)))


$ cat  /tmp/test-68e0d5.sh

# Crash reproducer for clang version 11.1.0
(https://github.com/llvm/llvm-project.git
1fdec59bffc11ae37eb51a1b9869f0696bfd5312)
# Driver args: "test.c"
# Original command:  "/data/xxx/git/llvm-project/build/bin/clang-11" "-cc1"
"-triple" "x86_64-unknown-linux-gnu" "-emit-obj" "-mrelax-all" "-disable-free"
"-main-file-name" "test.c" "-mrelocation-model" "static" "-mframe-pointer=all"
"-fmath-errno" "-fno-rounding-math" "-mconstructor-aliases" "-munwind-tables"
"-target-cpu" "x86-64" "-fno-split-dwarf-inlining" "-debugger-tuning=gdb"
"-resource-dir" "/data/xxx/git/llvm-project/build/lib/clang/11.1.0"
"-internal-isystem" "/usr/local/include" "-internal-isystem"
"/data/xxx/git/llvm-project/build/lib/clang/11.1.0/include"
"-internal-externc-isystem" "/usr/include/x86_64-linux-gnu"
"-internal-externc-isystem" "/include" "-internal-externc-isystem"
"/usr/include" "-fdebug-compilation-dir" "/data/xxx/docker_share/clang"
"-ferror-limit" "19" "-fgnuc-version=4.2.1" "-fcolor-diagnostics" "-faddrsig"
"-o" "/tmp/test-7f0d60.o" "-x" "c" "test.c"
 "/data/xxx/git/llvm-project/build/bin/clang-11" "-cc1" "-triple"
"x86_64-unknown-linux-gnu" "-emit-obj" "-mrelax-all" "-disable-free"
"-main-file-name" "test.c" "-mrelocation-model" "static" "-mframe-pointer=all"
"-fmath-errno" "-fno-rounding-math" "-mconstructor-aliases" "-munwind-tables"
"-target-cpu" "x86-64" "-fno-split-dwarf-inlining" "-debugger-tuning=gdb"
"-ferror-limit" "19" "-fgnuc-version=4.2.1" "-fcolor-diagnostics" "-faddrsig"
"-x" "c" "test-68e0d5.c"


$ ./clang test.c
test.c:1:6: error: variable has incomplete type 'void'
void a long (b) __attribute__((__vector_size__(16)))
     ^
test.c:1:7: error: expected ';' after top level declarator
void a long (b) __attribute__((__vector_size__(16)))
      ^
      ;
unsupported TypeLoc kind in declarator!
UNREACHABLE executed at
/home/xxx/data/git/llvm-project/clang/lib/Sema/SemaType.cpp:6059!
PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash
backtrace, preprocessed source, and associated run script.
Stack dump:
0.      Program arguments: /data/xxx/git/llvm-project/build/bin/clang-11 -cc1
-triple x86_64-unknown-linux-gnu -emit-obj -mrelax-all -disable-free
-main-file-name test.c -mrelocation-model static -mframe-pointer=all
-fmath-errno -fno-rounding-math -mconstructor-aliases -munwind-tables
-target-cpu x86-64 -fno-split-dwarf-inlining -debugger-tuning=gdb -resource-dir
/data/xxx/git/llvm-project/build/lib/clang/11.1.0 -internal-isystem
/usr/local/include -internal-isystem
/data/xxx/git/llvm-project/build/lib/clang/11.1.0/include
-internal-externc-isystem /usr/include/x86_64-linux-gnu
-internal-externc-isystem /include -internal-externc-isystem /usr/include
-fdebug-compilation-dir /data/xxx/docker_share/clang -ferror-limit 19
-fgnuc-version=4.2.1 -fcolor-diagnostics -faddrsig -o /tmp/test-7f0d60.o -x c
test.c
1.      <eof> parser at end of file
 #0 0x0000000006e97306 llvm::sys::PrintStackTrace(llvm::raw_ostream&)
/home/xxx/data/git/llvm-project/llvm/lib/Support/Unix/Signals.inc:560:7
 #1 0x0000000006e9266e llvm::sys::RunSignalHandlers()
/home/xxx/data/git/llvm-project/llvm/lib/Support/Signals.cpp:69:18
 #2 0x0000000006e97caa SignalHandler(int)
/home/xxx/data/git/llvm-project/llvm/lib/Support/Unix/Signals.inc:396:3
 #3 0x00007f6c6fe138a0 __restore_rt
(/lib/x86_64-linux-gnu/libpthread.so.0+0x128a0)
 #4 0x00007f6c6ead9f47 gsignal
/build/glibc-2ORdQG/glibc-2.27/signal/../sysdeps/unix/sysv/linux/raise.c:51:0
 #5 0x00007f6c6eadb8b1 abort /build/glibc-2ORdQG/glibc-2.27/stdlib/abort.c:81:0
 #6 0x0000000006c97244
/home/xxx/data/git/llvm-project/llvm/lib/Support/ErrorHandling.cpp:210:3
 #7 0x000000000e6b1aa7
(/data/xxx/git/llvm-project/build/bin/clang-11+0xe6b1aa7)
 #8 0x000000000e6b18b4
(/data/xxx/git/llvm-project/build/bin/clang-11+0xe6b18b4)
 #9 0x000000000e6ae9c6 clang::TypeLocVisitor<(anonymous
namespace)::DeclaratorLocFiller, void>::Visit(clang::UnqualTypeLoc)
/home/xxx/data/git/llvm-project/build/tools/clang/include/clang/AST/TypeNodes.inc:78:1
#10 0x000000000e6ae9c6 GetTypeSourceInfoForDeclarator((anonymous
namespace)::TypeProcessingState&, clang::QualType, clang::TypeSourceInfo*)
/home/xxx/data/git/llvm-project/clang/lib/Sema/SemaType.cpp:6174:0
#11 0x000000000e679e92 GetFullTypeForDeclarator((anonymous
namespace)::TypeProcessingState&, clang::QualType, clang::TypeSourceInfo*)
/home/xxx/data/git/llvm-project/clang/lib/Sema/SemaType.cpp:0:10
#12 0x000000000e663954 clang::Sema::GetTypeForDeclarator(clang::Declarator&,
clang::Scope*)
/home/xxx/data/git/llvm-project/clang/lib/Sema/SemaType.cpp:5599:10
#13 0x000000000ceab743 clang::TypeSourceInfo::getType() const
/home/xxx/data/git/llvm-project/clang/include/clang/AST/Type.h:0:0
#14 0x000000000ceab743 clang::Sema::HandleDeclarator(clang::Scope*,
clang::Declarator&, llvm::MutableArrayRef<clang::TemplateParameterList*>)
/home/xxx/data/git/llvm-project/clang/lib/Sema/SemaDecl.cpp:5757:0
#15 0x000000000ceaa141 clang::Sema::ActOnDeclarator(clang::Scope*,
clang::Declarator&)
/home/xxx/data/git/llvm-project/clang/lib/Sema/SemaDecl.cpp:5544:15
#16 0x000000000c8843c8 clang::Sema::getCurScope() const
/home/xxx/data/git/llvm-project/clang/include/clang/Sema/Sema.h:0:39
#17 0x000000000c8843c8 clang::Parser::getCurScope() const
/home/xxx/data/git/llvm-project/clang/include/clang/Parse/Parser.h:440:0
#18 0x000000000c8843c8
clang::Parser::ParseDeclarationAfterDeclaratorAndAttributes(clang::Declarator&,
clang::Parser::ParsedTemplateInfo const&, clang::Parser::ForRangeInit*)
/home/xxx/data/git/llvm-project/clang/lib/Parse/ParseDecl.cpp:2148:0
#19 0x000000000c880fc7 clang::Parser::ParseDeclGroup(clang::ParsingDeclSpec&,
clang::DeclaratorContext, clang::SourceLocation*, clang::Parser::ForRangeInit*)
/home/xxx/data/git/llvm-project/clang/lib/Parse/ParseDecl.cpp:1986:9
#20 0x000000000c83020d
clang::Parser::ParseDeclOrFunctionDefInternal(clang::Parser::ParsedAttributesWithRange&,
clang::ParsingDeclSpec&, clang::AccessSpecifier)
/home/xxx/data/git/llvm-project/clang/lib/Parse/Parser.cpp:0:10
#21 0x000000000c82e939
clang::Parser::ObjCDeclContextSwitch::~ObjCDeclContextSwitch()
/home/xxx/data/git/llvm-project/clang/include/clang/Parse/Parser.h:0:0
#22 0x000000000c82e939
clang::Parser::ParseDeclarationOrFunctionDefinition(clang::Parser::ParsedAttributesWithRange&,
clang::ParsingDeclSpec*, clang::AccessSpecifier)
/home/xxx/data/git/llvm-project/clang/lib/Parse/Parser.cpp:1116:0
#23 0x000000000c82c6a1
clang::Parser::ParseExternalDeclaration(clang::Parser::ParsedAttributesWithRange&,
clang::ParsingDeclSpec*)
/home/xxx/data/git/llvm-project/clang/lib/Parse/Parser.cpp:935:12
#24 0x000000000c827ecc
clang::Parser::ParseTopLevelDecl(clang::OpaquePtr<clang::DeclGroupRef>&, bool)
/home/xxx/data/git/llvm-project/clang/lib/Parse/Parser.cpp:683:10
#25 0x000000000c81d07b clang::ParseAST(clang::Sema&, bool, bool)
/home/xxx/data/git/llvm-project/clang/lib/Parse/ParseAST.cpp:157:15
#26 0x000000000861c2a2 clang::ASTFrontendAction::ExecuteAction()
/home/xxx/data/git/llvm-project/clang/lib/Frontend/FrontendAction.cpp:1059:1
#27 0x00000000099decd8 clang::CodeGenAction::ExecuteAction()
/home/xxx/data/git/llvm-project/clang/lib/CodeGen/CodeGenAction.cpp:1184:28
#28 0x000000000861a51a clang::FrontendAction::Execute()
/home/xxx/data/git/llvm-project/clang/lib/Frontend/FrontendAction.cpp:954:10
#29 0x000000000854eaa7 llvm::Error::operator bool()
/home/xxx/data/git/llvm-project/llvm/include/llvm/Support/Error.h:0:0
#30 0x000000000854eaa7
clang::CompilerInstance::ExecuteAction(clang::FrontendAction&)
/home/xxx/data/git/llvm-project/clang/lib/Frontend/CompilerInstance.cpp:984:0
#31 0x00000000088f183f clang::CompilerInstance::getFrontendOpts()
/home/xxx/data/git/llvm-project/clang/include/clang/Frontend/CompilerInstance.h:0:0
#32 0x00000000088f183f
clang::ExecuteCompilerInvocation(clang::CompilerInstance*)
/home/xxx/data/git/llvm-project/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:279:0
#33 0x0000000000b094cc llvm::TimeTraceScope::~TimeTraceScope()
/home/xxx/data/git/llvm-project/llvm/include/llvm/Support/TimeProfiler.h:0:0
#34 0x0000000000b094cc cc1_main(llvm::ArrayRef<char const*>, char const*,
void*) /home/xxx/data/git/llvm-project/clang/tools/driver/cc1_main.cpp:241:0
#35 0x0000000000afaf3b ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&)
/home/xxx/data/git/llvm-project/clang/tools/driver/driver.cpp:330:12
#36 0x0000000000af6966 main
/home/xxx/data/git/llvm-project/clang/tools/driver/driver.cpp:407:12
#37 0x00007f6c6eabcb97 __libc_start_main
/build/glibc-2ORdQG/glibc-2.27/csu/../csu/libc-start.c:344:0
#38 0x0000000000af38ea _start
(/data/xxx/git/llvm-project/build/bin/clang-11+0xaf38ea)
clang-11: error: unable to execute command: Aborted (core dumped)
clang-11: error: clang frontend command failed due to signal (use -v to see
invocation)
clang version 11.1.0 (https://github.com/llvm/llvm-project.git
1fdec59bffc11ae37eb51a1b9869f0696bfd5312)
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /data/xxx/git/llvm-project/build/bin
clang-11: note: diagnostic msg:
********************

PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
Preprocessed source(s) and associated run script(s) are located at:
clang-11: note: diagnostic msg: /tmp/test-68e0d5.c
clang-11: note: diagnostic msg: /tmp/test-68e0d5.sh
clang-11: note: diagnostic msg:

********************

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20210217/9b63b51f/attachment-0001.html>

More information about the llvm-bugs mailing list