Crash with 1:18~++20230930042448+d222c5ec47a0-1~exp1~20230930162603.353 amd64 #67979
Assignees
Labels
clang:frontend
Language frontend issues, e.g. anything involving "Sema"
crash-on-valid
needs-reduction
Large reproducer that should be reduced into a simpler form
Comments
dtcxzyw
added
clang:frontend
|
@llvm/issue-subscribers-clang-frontend
```
[ 32%] Building CXX object frmts/pds/CMakeFiles/gdal_PDS.dir/pds4vector.cpp.o
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0. Program arguments: /usr/lib/llvm-18/bin/clang++ -DDONT_DEPRECATE_SPRINTF -DGDAL_COMPILATION -DHAVE_AVX_AT_COMPILE_TIME -DHAVE_SSE_AT_COMPILE_TIME -DHAVE_SSSE3_AT_COMPILE_TIME -DRENAME_INTERNAL_LIBGEOTIFF_SYMBOLS -DRENAME_INTERNAL_LIBTIFF_SYMBOLS -I/home/werdna/git/gdal/apps -I/home/werdna/git/gdal/alg -I/home/werdna/git/gdal/gcore -I/home/werdna/git/gdal.llvm/gcore -I/home/werdna/git/gdal/port -I/home/werdna/git/gdal.llvm/port -I/home/werdna/git/gdal/ogr -I/home/werdna/git/gdal/ogr/ogrsf_frmts -I/home/werdna/git/gdal/frmts -I/home/werdna/git/gdal/ogr/ogrsf_frmts/generic -I/home/werdna/git/gdal/frmts/raw -I/home/werdna/git/gdal/frmts/vrt -I/home/werdna/git/gdal/ogr/ogrsf_frmts/geojson -I/home/werdna/git/gdal/ogr/ogrsf_frmts/vrt -I/home/werdna/git/gdal/frmts/gtiff -I/home/werdna/git/gdal/frmts/gtiff/libgeotiff -I/home/werdna/git/gdal/frmts/gtiff/libtiff -I/usr/include/json-c -fno-finite-math-only -fvisibility=hidden -g -fPIC -Wall -Wextra -Winit-self -Wunused-parameter -Wmissing-declarations -Wshorten-64-to-32 -Wshadow -Wshadow-field -Wmissing-include-dirs -Wformat -Werror=format-security -Wno-format-nonliteral -Werror=vla -Wdate-time -Wnull-dereference -Wextra-semi -Wcomma -Wfloat-conversion -Wdocumentation -Wno-documentation-deprecated-sync -Wunused-private-field -Wnon-virtual-dtor -Woverloaded-virtual -Wsuggest-override -fno-operator-names -Wzero-as-null-pointer-constant -std=gnu++11 -MD -MT frmts/pds/CMakeFiles/gdal_PDS.dir/pds4vector.cpp.o -MF CMakeFiles/gdal_PDS.dir/pds4vector.cpp.o.d -o CMakeFiles/gdal_PDS.dir/pds4vector.cpp.o -c /home/werdna/git/gdal/frmts/pds/pds4vector.cpp
1. <eof> parser at end of file
2. /home/werdna/git/gdal/frmts/pds/pds4vector.cpp:2578:30: instantiating function definition 'PDS4EditableSynchronizer<PDS4FixedWidthTable>::EditableSyncToDisk'
#0 0x00007f9c3cf34956 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/usr/lib/llvm-18/bin/../lib/libLLVM-18.so.1+0xd34956)
#1 0x00007f9c3cf32980 llvm::sys::RunSignalHandlers() (/usr/lib/llvm-18/bin/../lib/libLLVM-18.so.1+0xd32980)
#2 0x00007f9c3ce834a0 (/usr/lib/llvm-18/bin/../lib/libLLVM-18.so.1+0xc834a0)
#3 0x00007f9c3ba3c4b0 (/lib/x86_64-linux-gnu/libc.so.6+0x3c4b0)
#4 0x00007f9c3cedc7b6 llvm::StringRef::find_last_of(llvm::StringRef, unsigned long) const (/usr/lib/llvm-18/bin/../lib/libLLVM-18.so.1+0xcdc7b6)
#5 0x00007f9c44750b4e clang::ASTContext::getRawCommentForDeclNoCacheImpl(clang::Decl const*, clang::SourceLocation, std::map<unsigned int, clang::RawComment*, std::less<unsigned int>, std::allocator<std::pair<unsigned int const, clang::RawComment*>>> const&) const (/usr/lib/llvm-18/bin/../lib/libclang-cpp.so.18+0xb50b4e)
#6 0x00007f9c4475179e clang::ASTContext::attachCommentsToJustParsedDecls(llvm::
ArrayRef<clang::Decl*>, clang::Preprocessor const*) (/usr/lib/llvm-18/bin/../lib/libclang-cpp.so.18+0xb5179e)
#7 0x00007f9c4500fae7 clang::Sema::ActOnStartOfFunctionDef(clang::Scope*, clang::Decl*, clang::Sema::SkipBodyInfo*, clang::Sema::FnBodyKind) (/usr/lib/llvm-18/bin/../lib/libclang-cpp.so.18+0x140fae7)
#8 0x00007f9c455ea719 clang::Sema::InstantiateFunctionDefinition(clang::SourceLocation, clang::FunctionDecl*, bool, bool, bool) (/usr/lib/llvm-18/bin/../lib/libclang-cpp.so.18+0x19ea719)
#9 0x00007f9c455ed0c7 clang::Sema::PerformPendingInstantiations(bool) (/usr/lib/llvm-18/bin/../lib/libclang-cpp.so.18+0x19ed0c7)
#10 0x00007f9c44e62c3f clang::Sema::ActOnEndOfTranslationUnitFragment(clang::Sema::TUFragmentKind) (/usr/lib/llvm-18/bin/../lib/libclang-cpp.so.18+0x1262c3f)
#11 0x00007f9c44e63291 clang::Sema::ActOnEndOfTranslationUnit() (/usr/lib/llvm-18/bin/../lib/libclang-cpp.so.18+0x1263291)
#12 0x00007f9c44744339 clang::Parser::ParseTopLevelDecl(clang::OpaquePtr<clang::DeclGroupRef>&, clang::Sema::ModuleImportState&) (/usr/lib/llvm-18/bin/../lib/libclang-cpp.so.18+0xb44339)
#13 0x00007f9c4467e41e clang::ParseAST(clang::Sema&, bool, bool) (/usr/lib/llvm-18/bin/../lib/libclang-cpp.so.18+0xa7e41e)
#14 0x00007f9c4642a1f5 clang::FrontendAction::Execute() (/usr/lib/llvm-18/bin/../lib/libclang-cpp.so.18+0x282a1f5)
#15 0x00007f9c463a19d4 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/usr/lib/llvm-18/bin/../lib/libclang-cpp.so.18+0x27a19d4)
#16 0x00007f9c464a3fb0 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/usr/lib/llvm-18/bin/../lib/libclang-cpp.so.18+0x28a3fb0)
#17 0x000055e5ce7dd24b cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/usr/lib/llvm-18/bin/clang+++0x1324b)
#18 0x000055e5ce7da705 (/usr/lib/llvm-18/bin/clang+++0x10705)
#19 0x00007f9c460667d9 (/usr/lib/llvm-18/bin/../lib/libclang-cpp.so.18+0x24667d9)
#20 0x00007f9c3ce8323c llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>) (/usr/lib/llvm-18/bin/../lib/libLLVM-18.so.1+0xc8323c)
#21 0x00007f9c4606614e clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const (/usr/lib/llvm-18/bin/../lib/libclang-cpp.so.18+0x246614e)
#22 0x00007f9c4602ef51 clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&, clang::driver::Command const*&, bool) const (/usr/lib/llvm-18/bin/../lib/libclang-cpp.so.18+0x242ef51)
#23 0x00007f9c4602f19e clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&, bool) const (/usr/lib/llvm-18/bin/../lib/libclang-cpp.so.18+0x242f19e)
#24 0x00007f9c4604a78c clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&) (/usr/lib/llvm-18/bin/../lib/libclang-cpp.so.18+0x244a78c)
#25 0x000055e5ce7da064 clang_main(int, char**, llvm::ToolContext const&) (/usr/lib/llvm-18/bin/clang+++0x10064)
#26 0x000055e5ce7e7482 main (/usr/lib/llvm-18/bin/clang+++0x1d482)
#27 0x00007f9c3ba23a90 __libc_start_call_main ./csu/../sysdeps/nptl/libc_start_call_main.h:74:3
#28 0x00007f9c3ba23b49 call_init ./csu/../csu/libc-start.c:128:20
#29 0x00007f9c3ba23b49 __libc_start_main ./csu/../csu/libc-start.c:347:5
#30 0x000055e5ce7d70d5 _start (/usr/lib/llvm-18/bin/clang+++0xd0d5)
clang++: error: clang frontend command failed with exit code 139 (use -v to see invocation)
Ubuntu clang version 18.0.0 (++20230930042448+d222c5ec47a0-1~exp1~20230930162603.353)
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/lib/llvm-18/bin
clang++: note: diagnostic msg:
********************
```
Firefox wont let me attach .ccp and .sh files here, so the files are at:
https://www.aitchison.me.uk/cppcheck/20231002/pds4vector-abdd70.cpp |
shafik
added
the
needs-reduction
|
I'll work on a smaller reproducer, but the first clue is that However, if I run the generated .sh the compile succeeds with no crash and generates the .o file. |
|
Hmm. I don't think we can make a reproducer this way. The bug appears to be at the cpp level (in GNU terms; I don't know my way around clang/llvm terminology). This is a full I can make frmts/pds/pds4vector.cpp compile without crashing by adding pairs of '#if 1' and '#endif' inside the {} of most of the functions in this file. |
|
Since I cannot reduce the reproducer I'll say that clang++ crashes while compiling |
CC @tahonermann so that commit was your PR but I don't see anything there that seems related to the crash but perhaps you have some insights. |
|
Thanks, @shafik, I'll take a closer look. |
|
I spent a little time looking at the reported stack trace and related code. I don't think the changes I made in 256a0b2 are a direct cause of the crash, but it does look like they might have exposed a latent bug. The crash is occurring in code that uses source locations to fetch comments from around a declaration in the source code and the changes I made modified the source locations associated with instantiated function definitions. I tried reproducing using the linked I have not tried building gdal. @andrew-aitchison, do you think you could construct a smaller reproducer by starting with the gdal distribution and modifying its |
|
I will try to produce a simpler CMakeLists.txt |
|
This script does a full cmake but the make does then go straight to the problem compile: It does assume that the compiler under test in set in you environment; I have: |
|
OK, this tar ball has two scripts: The crash.cpp source is slightly sensitive; I can stop it crashing by adding a single to a row of stars in a multi-line C-style comment. |
|
nocrash1.cpp.patch.txt |
chenshanzhi
added a commit
to chenshanzhi/llvm-project
that referenced
this issue
Jan 19, 2024
This crash is basically caused by calling `ASTContext::getRawCommentForDeclNoCacheImp` with its input arguments `RepresentativeLocForDecl` and `CommentsInTheFile` refering to different files. A reduced reproducer is provided in this patch. After the source locations for instantiations of funtion template are corrected in the commit 256a0b2, the variable `CommitsInThisFile` in the function `ASTContext::attachCommentsToJustParsedDecls` would refer to the source file rather than the header file for implicit function template instantiation. Therefore, in the first loop in `ASTContext::attachCommentsToJustParsedDecls`, `D` should also be adjusted for relevant scenarios like the second loop. Fixes llvm#67979 llvm#68524 llvm#70550
chenshanzhi
added a commit
to chenshanzhi/llvm-project
that referenced
this issue
Jan 22, 2024
This crash is basically caused by calling `ASTContext::getRawCommentForDeclNoCacheImp` with its input arguments `RepresentativeLocForDecl` and `CommentsInTheFile` refering to different files. A reduced reproducer is provided in this patch. After the source locations for instantiations of funtion template are corrected in the commit 256a0b2, the variable `CommitsInThisFile` in the function `ASTContext::attachCommentsToJustParsedDecls` would refer to the source file rather than the header file for implicit function template instantiation. Therefore, in the first loop in `ASTContext::attachCommentsToJustParsedDecls`, `D` should also be adjusted for relevant scenarios like the second loop. Fixes llvm#67979 llvm#68524 llvm#70550
vfdff
pushed a commit
that referenced
this issue
Jan 29, 2024
This crash is basically caused by calling `ASTContext::getRawCommentForDeclNoCacheImp` with its input arguments `RepresentativeLocForDecl` and `CommentsInTheFile` refering to different files. A reduced reproducer is provided in this patch. After the source locations for instantiations of funtion template are corrected in the commit 256a0b2, the variable `CommitsInThisFile` in the function `ASTContext::attachCommentsToJustParsedDecls` would refer to the source file rather than the header file for implicit function template instantiation. Therefore, in the first loop in `ASTContext::attachCommentsToJustParsedDecls`, `D` should also be adjusted for relevant scenarios like the second loop. Fixes #67979 Fixes #68524 Fixes #70550
llvmbot
pushed a commit
to llvmbot/llvm-project
that referenced
this issue
Feb 4, 2024
This crash is basically caused by calling `ASTContext::getRawCommentForDeclNoCacheImp` with its input arguments `RepresentativeLocForDecl` and `CommentsInTheFile` refering to different files. A reduced reproducer is provided in this patch. After the source locations for instantiations of funtion template are corrected in the commit 256a0b2, the variable `CommitsInThisFile` in the function `ASTContext::attachCommentsToJustParsedDecls` would refer to the source file rather than the header file for implicit function template instantiation. Therefore, in the first loop in `ASTContext::attachCommentsToJustParsedDecls`, `D` should also be adjusted for relevant scenarios like the second loop. Fixes llvm#67979 Fixes llvm#68524 Fixes llvm#70550 (cherry picked from commit 5f4ee5a)
llvmbot
pushed a commit
to llvmbot/llvm-project
that referenced
this issue
Feb 8, 2024
This crash is basically caused by calling `ASTContext::getRawCommentForDeclNoCacheImp` with its input arguments `RepresentativeLocForDecl` and `CommentsInTheFile` refering to different files. A reduced reproducer is provided in this patch. After the source locations for instantiations of funtion template are corrected in the commit 256a0b2, the variable `CommitsInThisFile` in the function `ASTContext::attachCommentsToJustParsedDecls` would refer to the source file rather than the header file for implicit function template instantiation. Therefore, in the first loop in `ASTContext::attachCommentsToJustParsedDecls`, `D` should also be adjusted for relevant scenarios like the second loop. Fixes llvm#67979 Fixes llvm#68524 Fixes llvm#70550 (cherry picked from commit 5f4ee5a)
tstellar
pushed a commit
to tstellar/llvm-project
that referenced
this issue
Feb 14, 2024
This crash is basically caused by calling `ASTContext::getRawCommentForDeclNoCacheImp` with its input arguments `RepresentativeLocForDecl` and `CommentsInTheFile` refering to different files. A reduced reproducer is provided in this patch. After the source locations for instantiations of funtion template are corrected in the commit 256a0b2, the variable `CommitsInThisFile` in the function `ASTContext::attachCommentsToJustParsedDecls` would refer to the source file rather than the header file for implicit function template instantiation. Therefore, in the first loop in `ASTContext::attachCommentsToJustParsedDecls`, `D` should also be adjusted for relevant scenarios like the second loop. Fixes llvm#67979 Fixes llvm#68524 Fixes llvm#70550 (cherry picked from commit 5f4ee5a)
tstellar
pushed a commit
to tstellar/llvm-project
that referenced
this issue
Feb 14, 2024
This crash is basically caused by calling `ASTContext::getRawCommentForDeclNoCacheImp` with its input arguments `RepresentativeLocForDecl` and `CommentsInTheFile` refering to different files. A reduced reproducer is provided in this patch. After the source locations for instantiations of funtion template are corrected in the commit 256a0b2, the variable `CommitsInThisFile` in the function `ASTContext::attachCommentsToJustParsedDecls` would refer to the source file rather than the header file for implicit function template instantiation. Therefore, in the first loop in `ASTContext::attachCommentsToJustParsedDecls`, `D` should also be adjusted for relevant scenarios like the second loop. Fixes llvm#67979 Fixes llvm#68524 Fixes llvm#70550 (cherry picked from commit 5f4ee5a)
tstellar
pushed a commit
to tstellar/llvm-project
that referenced
this issue
Feb 14, 2024
This crash is basically caused by calling `ASTContext::getRawCommentForDeclNoCacheImp` with its input arguments `RepresentativeLocForDecl` and `CommentsInTheFile` refering to different files. A reduced reproducer is provided in this patch. After the source locations for instantiations of funtion template are corrected in the commit 256a0b2, the variable `CommitsInThisFile` in the function `ASTContext::attachCommentsToJustParsedDecls` would refer to the source file rather than the header file for implicit function template instantiation. Therefore, in the first loop in `ASTContext::attachCommentsToJustParsedDecls`, `D` should also be adjusted for relevant scenarios like the second loop. Fixes llvm#67979 Fixes llvm#68524 Fixes llvm#70550 (cherry picked from commit 5f4ee5a)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Firefox wont let me attach .ccp and .sh files here, so the files are at:
https://www.aitchison.me.uk/cppcheck/20231002/pds4vector-abdd70.cpp
https://www.aitchison.me.uk/cppcheck/20231002/pds4vector-abdd70.sh
The text was updated successfully, but these errors were encountered: