[llvm-bugs] [Bug 52185] New: crash on -O2 and -O3 at llvm/include/llvm/ADT/ArrayRef.h:257: const T& llvm::ArrayRef<T>::operator[](size_t) const [with T = llvm::Value*; size_t = long unsigned int]: Assertion `Index < Length && "Invalid index!"' failed
via llvm-bugs
llvm-bugs at lists.llvm.org
Fri Oct 15 01:20:45 PDT 2021
https://bugs.llvm.org/show_bug.cgi?id=52185
Bug ID: 52185
Summary: crash on -O2 and -O3 at
llvm/include/llvm/ADT/ArrayRef.h:257: const T&
llvm::ArrayRef<T>::operator[](size_t) const [with T =
llvm::Value*; size_t = long unsigned int]: Assertion
`Index < Length && "Invalid index!"' failed
Product: libraries
Version: trunk
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: Scalar Optimizations
Assignee: unassignedbugs at nondot.org
Reporter: haoxintu at gmail.com
CC: llvm-bugs at lists.llvm.org
Hi all.
Here are two test programs that make clang crash at -O2 and -O3 separately.
$cat small-1.c
#include <stdint.h>
uint8_t a, f, e, d, c, b;
g(int) {}
j(int8_t i, int8_t l) {
if (g(a = 0)) {
int8_t m;
if (l) {
int8_t *k;
o:
for (; c;)
p:
if (a ? (a *= *k) <= 0 : 0 <= 0)
for (; b; e = a)
;
}
if (f) {
a = 10;
if (0 / 0) {
int16_t n = 0;
int8_t *r;
s:
for (; *r;) {
uint8_t q;
if (n)
for (n = 4; q; q++)
r = &n;
goto p;
}
}
if (d)
goto s;
uint64_t r;
if (m)
for (l = 1; r;)
;
}
for (; m; m++) {
int8_t t;
uint32_t u;
for (; i; i = l)
for (; f;)
goto o;
}
}
}
$ cat small-2.c
#include <stdint.h>
int a, b, c, e, f, g, i;
uint8_t d;
y(int) {}
j(int8_t k, int8_t l) {
int m, n;
if (y(d = 0)) {
int8_t o;
if (l ? 0 : (0 == 0) / k) {
int8_t *p = m;
uint32_t *q = n;
r:
s:
if (*q)
d << 0 ? d *= *p : 0;
}
if (g)
for (;;) {
int64_t q;
if (0) {
int16_t t;
int8_t *u;
v:
(k ? d : 0) && (i = 0);
for (; *u; *u += 1)
for (; t; t++)
u = &t;
uint8_t *w = &d;
for (*w = 1; w <= 5;)
;
goto s;
}
if (e)
goto v;
if (o)
for (; l; l++)
;
}
for (; o; o++) {
int8_t x;
if (n)
for (k = 3;;) {
for (; f; f = ((n /= c) || b) && (d ^= a))
;
goto r;
}
}
}
}
$clang -w -O2 small-1.c
//or
$clang -w -O3 small-2.c
clang-14:
/home/haoxin/haoxin-data/compilers/llvm-project/llvm/include/llvm/ADT/ArrayRef.h:257:
const T& llvm::ArrayRef<T>::operator[](size_t) const [with T = llvm::Value*;
size_t = long unsigned int]: Assertion `Index < Length && "Invalid index!"'
failed.
PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash
backtrace, preprocessed source, and associated run script.
Stack dump:
0. Program arguments:
/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14 -cc1 -triple
x86_64-unknown-linux-gnu -emit-obj --mrelax-relocations -disable-free
-main-file-name small-1.c -mrelocation-model static -mframe-pointer=none
-fmath-errno -fno-rounding-math -mconstructor-aliases -funwind-tables=2
-target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb
-fcoverage-compilation-dir=/home/haoxin/haoxin-data/dut-research/covsmith-test/20210819/36
-resource-dir
/home/haoxin/haoxin-data/compilers/llvm-project/build/lib/clang/14.0.0
-internal-isystem
/home/haoxin/haoxin-data/compilers/llvm-project/build/lib/clang/14.0.0/include
-internal-isystem /usr/local/include -internal-isystem
/usr/lib/gcc/x86_64-linux-gnu/9/../../../../x86_64-linux-gnu/include
-internal-externc-isystem /usr/include/x86_64-linux-gnu
-internal-externc-isystem /include -internal-externc-isystem /usr/include -O2
-w
-fdebug-compilation-dir=/home/haoxin/haoxin-data/dut-research/covsmith-test/20210819/36
-ferror-limit 19 -fgnuc-version=4.2.1 -fcolor-diagnostics -vectorize-loops
-vectorize-slp -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/small-1-05f30f.o
-x c small-1.c
1. <eof> parser at end of file
2. Optimizer
#0 0x000055d7dfe9d4e4 PrintStackTraceSignalHandler(void*) Signals.cpp:0:0
#1 0x000055d7dfe9abfe SignalHandler(int) Signals.cpp:0:0
#2 0x00007f515dacf3c0 __restore_rt
(/lib/x86_64-linux-gnu/libpthread.so.0+0x153c0)
#3 0x00007f515d56e18b raise
/build/glibc-eX1tMB/glibc-2.31/signal/../sysdeps/unix/sysv/linux/raise.c:51:1
#4 0x00007f515d54d859 abort /build/glibc-eX1tMB/glibc-2.31/stdlib/abort.c:81:7
#5 0x00007f515d54d729 get_sysdep_segment_value
/build/glibc-eX1tMB/glibc-2.31/intl/loadmsgcat.c:509:8
#6 0x00007f515d54d729 _nl_load_domain
/build/glibc-eX1tMB/glibc-2.31/intl/loadmsgcat.c:970:34
#7 0x00007f515d55ef36 (/lib/x86_64-linux-gnu/libc.so.6+0x36f36)
#8 0x000055d7e00e2635
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x3e8e635)
#9 0x000055d7e00ea644
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x3e96644)
#10 0x000055d7e00fcd12
llvm::slpvectorizer::BoUpSLP::isGatherShuffledEntry(llvm::slpvectorizer::BoUpSLP::TreeEntry
const*, llvm::SmallVectorImpl<int>&,
llvm::SmallVectorImpl<llvm::slpvectorizer::BoUpSLP::TreeEntry const*>&)
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x3ea8d12)
#11 0x000055d7e010a104
llvm::slpvectorizer::BoUpSLP::getEntryCost(llvm::slpvectorizer::BoUpSLP::TreeEntry
const*, llvm::ArrayRef<llvm::Value*>)
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x3eb6104)
#12 0x000055d7e0126cbf
llvm::slpvectorizer::BoUpSLP::getTreeCost(llvm::ArrayRef<llvm::Value*>)
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x3ed2cbf)
#13 0x000055d7e012b3d6
llvm::SLPVectorizerPass::tryToVectorizeList(llvm::ArrayRef<llvm::Value*>,
llvm::slpvectorizer::BoUpSLP&, bool) (.constprop.1) SLPVectorizer.cpp:0:0
#14 0x000055d7e0130b6a
llvm::SLPVectorizerPass::vectorizeChainsInBlock(llvm::BasicBlock*,
llvm::slpvectorizer::BoUpSLP&)
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x3edcb6a)
#15 0x000055d7e01332c9 llvm::SLPVectorizerPass::runImpl(llvm::Function&,
llvm::ScalarEvolution*, llvm::TargetTransformInfo*, llvm::TargetLibraryInfo*,
llvm::AAResults*, llvm::LoopInfo*, llvm::DominatorTree*,
llvm::AssumptionCache*, llvm::DemandedBits*, llvm::OptimizationRemarkEmitter*)
(.part.0) SLPVectorizer.cpp:0:0
#16 0x000055d7e0133f0c llvm::SLPVectorizerPass::run(llvm::Function&,
llvm::AnalysisManager<llvm::Function>&)
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x3edff0c)
#17 0x000055d7e1116b86 llvm::detail::PassModel<llvm::Function,
llvm::SLPVectorizerPass, llvm::PreservedAnalyses,
llvm::AnalysisManager<llvm::Function> >::run(llvm::Function&,
llvm::AnalysisManager<llvm::Function>&)
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x4ec2b86)
#18 0x000055d7df578176 llvm::PassManager<llvm::Function,
llvm::AnalysisManager<llvm::Function> >::run(llvm::Function&,
llvm::AnalysisManager<llvm::Function>&)
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x3324176)
#19 0x000055d7dd943f26 llvm::detail::PassModel<llvm::Function,
llvm::PassManager<llvm::Function, llvm::AnalysisManager<llvm::Function> >,
llvm::PreservedAnalyses, llvm::AnalysisManager<llvm::Function>
>::run(llvm::Function&, llvm::AnalysisManager<llvm::Function>&)
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x16eff26)
#20 0x000055d7df576c99 llvm::ModuleToFunctionPassAdaptor::run(llvm::Module&,
llvm::AnalysisManager<llvm::Module>&)
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x3322c99)
#21 0x000055d7dd944846 llvm::detail::PassModel<llvm::Module,
llvm::ModuleToFunctionPassAdaptor, llvm::PreservedAnalyses,
llvm::AnalysisManager<llvm::Module> >::run(llvm::Module&,
llvm::AnalysisManager<llvm::Module>&)
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x16f0846)
#22 0x000055d7df5746af llvm::PassManager<llvm::Module,
llvm::AnalysisManager<llvm::Module> >::run(llvm::Module&,
llvm::AnalysisManager<llvm::Module>&)
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x33206af)
#23 0x000055d7e01e9aae (anonymous
namespace)::EmitAssemblyHelper::EmitAssemblyWithNewPassManager(clang::BackendAction,
std::unique_ptr<llvm::raw_pwrite_stream,
std::default_delete<llvm::raw_pwrite_stream> >) BackendUtil.cpp:0:0
#24 0x000055d7e01eeb25 clang::EmitBackendOutput(clang::DiagnosticsEngine&,
clang::HeaderSearchOptions const&, clang::CodeGenOptions const&,
clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef,
llvm::Module*, clang::BackendAction, std::unique_ptr<llvm::raw_pwrite_stream,
std::default_delete<llvm::raw_pwrite_stream> >)
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x3f9ab25)
#25 0x000055d7e10b0b91
clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&)
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x4e5cb91)
#26 0x000055d7e1dea059 clang::ParseAST(clang::Sema&, bool, bool)
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x5b96059)
#27 0x000055d7e10af5b8 clang::CodeGenAction::ExecuteAction()
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x4e5b5b8)
#28 0x000055d7e0927659 clang::FrontendAction::Execute()
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x46d3659)
#29 0x000055d7e08b68fe
clang::CompilerInstance::ExecuteAction(clang::FrontendAction&)
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x46628fe)
#30 0x000055d7e0a07633
clang::ExecuteCompilerInvocation(clang::CompilerInstance*)
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x47b3633)
#31 0x000055d7dd658c9d cc1_main(llvm::ArrayRef<char const*>, char const*,
void*)
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x1404c9d)
#32 0x000055d7dd6550a8 ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&)
driver.cpp:0:0
#33 0x000055d7dd589c59 main
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x1335c59)
#34 0x00007f515d54f0b3 __libc_start_main
/build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:342:3
#35 0x000055d7dd654c1e _start
(/home/haoxin/haoxin-data/compilers/llvm-project/build/bin/clang-14+0x1400c1e)
clang-14: error: unable to execute command: Aborted (core dumped)
clang-14: error: clang frontend command failed due to signal (use -v to see
invocation)
clang version 14.0.0 (https://github.com/llvm/llvm-project
67b10532c637b22c0926517d27f84759893a7258)
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /home/haoxin/haoxin-data/compilers/llvm-project/build/bin
clang-14: note: diagnostic msg:
********************
PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
Preprocessed source(s) and associated run script(s) are located at:
clang-14: note: diagnostic msg: /tmp/small-1-9764b0.c
clang-14: note: diagnostic msg: /tmp/small-1-9764b0.sh
clang-14: note: diagnostic msg:
********************
Thanks,
Haoxin
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20211015/de82de98/attachment-0001.html>
More information about the llvm-bugs
mailing list