Infinite Loops Crash the Compiler

Question

Infinite Loops Crash the Compiler

Closed this issue a year ago · 1 comments

The following C file crashes clang:

void f(void) { while (1); }

It was compiled with

$ clang -O2 --sysroot=$(lc32newlib-sysroot) -o x x.c -Tlc32Sim.ld

The crash dump is

# *** IR Dump Before Prologue/Epilogue Insertion & Frame Finalization (prologepilog) ***:
# Machine code for function f: NoPHIs, TracksLiveness, NoVRegs, TiedOpsRewritten, TracksDebugUserValues

bb.0.entry:
  successors: %bb.1(0x80000000); %bb.1(100.00%)


bb.1.while.body:
; predecessors: %bb.0, %bb.1
  successors: %bb.1(0x80000000); %bb.1(100.00%)

  C_BR_UNCOND %bb.1

# End machine code for function f.

clang-16: /nix/store/bq6i259677ryi9asym11r160zdpkgdzs-source/llvm/include/llvm/ADT/ilist_iterator.h:138: llvm::ilist_iterator<OptionsT, IsReverse, IsConst>::reference llvm::ilist_iterator<OptionsT, IsReverse, IsConst>::operator*() const [with OptionsT = llvm::ilist_detail::node_options<llvm::MachineInstr, true, true, void>; bool IsReverse = false; bool IsConst = false; reference = llvm::MachineInstr&]: Assertion `!NodePtr->isKnownSentinel()' failed.
PLEASE submit a bug report to https://github.com/lc-3-2/llvm/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.      Program arguments: /nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16 -cc1 -triple lc_3.2-none -emit-obj -disable-free -clear-ast-before-backend -main-file-name x.c -mrelocation-model static -mframe-pointer=all -fmath-errno -ffp-contract=on -fno-rounding-math -fno-verbose-asm -mconstructor-aliases -nostdsysteminc -mllvm -treat-scalable-fixed-error-as-warning -debugger-tuning=gdb -fcoverage-compilation-dir=/home/ammra/lc-3.2 -resource-dir /nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/lib/clang/16 -isysroot /nix/store/j0q65hiq9f65gladkvgf7z2bjb39ljdx-newlib-lc-3.2-dev/lc_3.2-none/ -internal-isystem /nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/lib/clang/16/include -internal-isystem /nix/store/j0q65hiq9f65gladkvgf7z2bjb39ljdx-newlib-lc-3.2-dev/lc_3.2-none/include -O2 -fdebug-compilation-dir=/home/ammra/lc-3.2 -ferror-limit 19 -fgnuc-version=4.2.1 -fcolor-diagnostics -vectorize-loops -vectorize-slp -mllvm -print-before-all -faddrsig -o /tmp/x-5e3871.o -x c x.c
1.      <eof> parser at end of file
2.      Code generation
3.      Running pass 'Function Pass Manager' on module 'x.c'.
4.      Running pass 'Prologue/Epilogue Insertion & Frame Finalization' on function '@f'
 #0 0x0000000001c3abae llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0x1c3abae)
 #1 0x0000000001c383ab SignalHandler(int) (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0x1c383ab)
 #2 0x00007f96e605cd60 __restore_rt (/nix/store/46m4xx889wlhsdj72j38fnlyyvvvvbyb-glibc-2.37-8/lib/libc.so.6+0x38d60)
 #3 0x00007f96e60abadc __pthread_kill_implementation (/nix/store/46m4xx889wlhsdj72j38fnlyyvvvvbyb-glibc-2.37-8/lib/libc.so.6+0x87adc)
 #4 0x00007f96e605ccb6 gsignal (/nix/store/46m4xx889wlhsdj72j38fnlyyvvvvbyb-glibc-2.37-8/lib/libc.so.6+0x38cb6)
 #5 0x00007f96e60468ba abort (/nix/store/46m4xx889wlhsdj72j38fnlyyvvvvbyb-glibc-2.37-8/lib/libc.so.6+0x228ba)
 #6 0x00007f96e60467d9 _nl_load_domain.cold (/nix/store/46m4xx889wlhsdj72j38fnlyyvvvvbyb-glibc-2.37-8/lib/libc.so.6+0x227d9)
 #7 0x00007f96e60559c6 (/nix/store/46m4xx889wlhsdj72j38fnlyyvvvvbyb-glibc-2.37-8/lib/libc.so.6+0x319c6)
 #8 0x0000000000aa12f9 llvm::LC32RegisterInfo::genAddLargeImm(llvm::MachineInstrBundleIterator<llvm::MachineInstr, false>, llvm::DebugLoc&, llvm::Register, llvm::Register, long, bool, unsigned int, unsigned int) const (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0xaa12f9)
 #9 0x0000000000a9bc21 llvm::LC32FrameLowering::emitPrologue(llvm::MachineFunction&, llvm::MachineBasicBlock&) const (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0xa9bc21)
#10 0x00000000011a4796 (anonymous namespace)::PEI::runOnMachineFunction(llvm::MachineFunction&) (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0x11a4796)
#11 0x0000000000e2b15b llvm::MachineFunctionPass::runOnFunction(llvm::Function&) (.part.0) (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0xe2b15b)
#12 0x0000000001486cf0 llvm::FPPassManager::runOnFunction(llvm::Function&) (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0x1486cf0)
#13 0x0000000001486e31 llvm::FPPassManager::runOnModule(llvm::Module&) (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0x1486e31)
#14 0x0000000001487749 llvm::legacy::PassManagerImpl::run(llvm::Module&) (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0x1487749)
#15 0x0000000002028cda clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::HeaderSearchOptions const&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef, llvm::Module*, clang::BackendAction, std::unique_ptr<llvm::raw_pwrite_stream, std::default_delete<llvm::raw_pwrite_stream>>) (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0x2028cda)
#16 0x0000000002e75e9b clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&) (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0x2e75e9b)
#17 0x0000000003c355f9 clang::ParseAST(clang::Sema&, bool, bool) (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0x3c355f9)
#18 0x00000000027fc779 clang::FrontendAction::Execute() (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0x27fc779)
#19 0x000000000278262e clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0x278262e)
#20 0x00000000028cd34b clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0x28cd34b)
#21 0x0000000000a7f493 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0xa7f493)
#22 0x0000000000a7b7a8 ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&) (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0xa7b7a8)
#23 0x0000000000a7c350 clang_main(int, char**) (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0xa7c350)
#24 0x00007f96e6047ace __libc_start_call_main (/nix/store/46m4xx889wlhsdj72j38fnlyyvvvvbyb-glibc-2.37-8/lib/libc.so.6+0x23ace)
#25 0x00007f96e6047b89 __libc_start_main@GLIBC_2.2.5 (/nix/store/46m4xx889wlhsdj72j38fnlyyvvvvbyb-glibc-2.37-8/lib/libc.so.6+0x23b89)
#26 0x0000000000a76265 _start (/nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin/clang-16+0xa76265)
clang-16: error: unable to execute command: Aborted
clang-16: error: clang frontend command failed due to signal (use -v to see invocation)
clang version 16.0.6
Target: lc_3.2-none
Thread model: posix
InstalledDir: /nix/store/l77vg74cqfmqfwkr9wpjvfmrqhfvf1ra-llvm-lc-3.2-dev/bin
clang-16: note: diagnostic msg:
********************

PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
Preprocessed source(s) and associated run script(s) are located at:
clang-16: note: diagnostic msg: /tmp/x-c3aa10.c
clang-16: note: diagnostic msg: /tmp/x-c3aa10.sh
clang-16: note: diagnostic msg:

********************

It seems the issue is when the first basic block is empty. In that case, genAddLargeImm is passed MBB.end() as the iterator, and it eventually tries to dereference this. A quick solution is to pass MBB on calls to the function.

Answer 1 · 2023-09-13T04:03:46.000Z

Until I can fix this, a workaround is to compile without optimizations. That will ensure the first basic block is non-empty.