Clang OOM on program with large integer in nested designator
langston-barrett opened this issue · 2 comments
langston-barrett commented
This bug was found with a fuzzer; please feel free to close if it's not helpful.
// https://godbolt.org/z/84fdeMsEz
struct A { int b[1]; };
A t[0] = { [0xffffffffffffffff].b[0] = 0 };<source>:2:12: warning: nested designators are a C99 extension [-Wc99-designator]
A t[0] = { [0xffffffffffffffff].b[0] = 0 };
^~~~~~~~~~~~~~~~~~~~~~~~~
<source>:2:12: warning: array designators are a C99 extension [-Wc99-designator]
A t[0] = { [0xffffffffffffffff].b[0] = 0 };
^~~~~~~~~~~~~~~~~~~~
LLVM ERROR: out of memory
Allocation failed
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0. Program arguments: /opt/compiler-explorer/clang-assertions-trunk/bin/clang++ -gdwarf-4 -g -o /app/output.s -mllvm --x86-asm-syntax=intel -S --gcc-toolchain=/opt/compiler-explorer/gcc-snapshot -fcolor-diagnostics -fno-crash-diagnostics -c -O0 -emit-llvm -Xclang -disable-llvm-passes <source>
1. <source>:2:43: current parser token ';'
#0 0x000055b12dc8b07f llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x401107f)
#1 0x000055b12dc88dbc llvm::sys::CleanupOnSignal(unsigned long) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x400edbc)
#2 0x000055b12dbd6428 CrashRecoverySignalHandler(int) CrashRecoveryContext.cpp:0:0
#3 0x00007f97cf7f9420 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x14420)
#4 0x00007f97cf2c600b raise (/lib/x86_64-linux-gnu/libc.so.6+0x4300b)
#5 0x00007f97cf2a5859 abort (/lib/x86_64-linux-gnu/libc.so.6+0x22859)
#6 0x000055b12dbe17cf (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x3f677cf)
#7 0x000055b12dbe17eb (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x3f677eb)
#8 0x00007f97cf68bc12 operator new(unsigned long, std::align_val_t) (/lib/x86_64-linux-gnu/libstdc++.so.6+0xaac12)
#9 0x000055b131432c6d llvm::BumpPtrAllocatorImpl<llvm::MallocAllocator, 4096ul, 4096ul, 128ul>::Allocate(unsigned long, unsigned long) (.constprop.0) Expr.cpp:0:0
#10 0x000055b13144cf25 clang::ASTVector<clang::Stmt*>::grow(clang::ASTContext const&, unsigned long) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x77d2f25)
#11 0x000055b13144d1ce clang::InitListExpr::updateInit(clang::ASTContext const&, unsigned int, clang::Expr*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x77d31ce)
#12 0x000055b130ab2ad9 (anonymous namespace)::InitListChecker::getStructuredSubobjectInit(clang::InitListExpr*, unsigned int, clang::QualType, clang::InitListExpr*, unsigned int, clang::SourceRange, bool) (.constprop.0) SemaInit.cpp:0:0
#13 0x000055b130acb9cd (anonymous namespace)::InitListChecker::CheckDesignatedInitializer(clang::InitializedEntity const&, clang::InitListExpr*, clang::DesignatedInitExpr*, unsigned int, clang::QualType&, clang::DeclContext::specific_decl_iterator<clang::FieldDecl>*, llvm::APSInt*, unsigned int&, clang::InitListExpr*, unsigned int&, bool, bool) SemaInit.cpp:0:0
#14 0x000055b130acc67f (anonymous namespace)::InitListChecker::CheckDesignatedInitializer(clang::InitializedEntity const&, clang::InitListExpr*, clang::DesignatedInitExpr*, unsigned int, clang::QualType&, clang::DeclContext::specific_decl_iterator<clang::FieldDecl>*, llvm::APSInt*, unsigned int&, clang::InitListExpr*, unsigned int&, bool, bool) SemaInit.cpp:0:0
#15 0x000055b130ac78cc (anonymous namespace)::InitListChecker::CheckArrayType(clang::InitializedEntity const&, clang::InitListExpr*, clang::QualType&, llvm::APSInt, bool, unsigned int&, clang::InitListExpr*, unsigned int&) SemaInit.cpp:0:0
#16 0x000055b130ac85fb (anonymous namespace)::InitListChecker::CheckListElementTypes(clang::InitializedEntity const&, clang::InitListExpr*, clang::QualType&, bool, unsigned int&, clang::InitListExpr*, unsigned int&, bool) (.constprop.0) SemaInit.cpp:0:0
#17 0x000055b130ab829d (anonymous namespace)::InitListChecker::CheckExplicitInitList(clang::InitializedEntity const&, clang::InitListExpr*, clang::QualType&, clang::InitListExpr*, bool) (.constprop.0) SemaInit.cpp:0:0
#18 0x000055b130ab8c66 (anonymous namespace)::InitListChecker::InitListChecker(clang::Sema&, clang::InitializedEntity const&, clang::InitListExpr*, clang::QualType&, bool, bool, bool) SemaInit.cpp:0:0
#19 0x000055b130ac1160 TryListInitialization(clang::Sema&, clang::InitializedEntity const&, clang::InitializationKind const&, clang::InitListExpr*, clang::InitializationSequence&, bool) SemaInit.cpp:0:0
#20 0x000055b130abf24b clang::InitializationSequence::InitializeFrom(clang::Sema&, clang::InitializedEntity const&, clang::InitializationKind const&, llvm::MutableArrayRef<clang::Expr*>, bool, bool) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x6e4524b)
#21 0x000055b1306d45bf clang::Sema::AddInitializerToDecl(clang::Decl*, clang::Expr*, bool) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x6a5a5bf)
#22 0x000055b13039a82e clang::Parser::ParseDeclarationAfterDeclaratorAndAttributes(clang::Declarator&, clang::Parser::ParsedTemplateInfo const&, clang::Parser::ForRangeInit*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x672082e)
#23 0x000055b1303abdb8 clang::Parser::ParseDeclGroup(clang::ParsingDeclSpec&, clang::DeclaratorContext, clang::ParsedAttributes&, clang::SourceLocation*, clang::Parser::ForRangeInit*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x6731db8)
#24 0x000055b130374452 clang::Parser::ParseDeclOrFunctionDefInternal(clang::ParsedAttributes&, clang::ParsedAttributes&, clang::ParsingDeclSpec&, clang::AccessSpecifier) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x66fa452)
#25 0x000055b130374d0f clang::Parser::ParseDeclarationOrFunctionDefinition(clang::ParsedAttributes&, clang::ParsedAttributes&, clang::ParsingDeclSpec*, clang::AccessSpecifier) (.part.0) Parser.cpp:0:0
#26 0x000055b13037b799 clang::Parser::ParseExternalDeclaration(clang::ParsedAttributes&, clang::ParsedAttributes&, clang::ParsingDeclSpec*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x6701799)
#27 0x000055b13037c0ed clang::Parser::ParseTopLevelDecl(clang::OpaquePtr<clang::DeclGroupRef>&, clang::Sema::ModuleImportState&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x67020ed)
#28 0x000055b13036ffba clang::ParseAST(clang::Sema&, bool, bool) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x66f5fba)
#29 0x000055b12eeb2c48 clang::CodeGenAction::ExecuteAction() (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x5238c48)
#30 0x000055b12e717cb9 clang::FrontendAction::Execute() (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x4a9dcb9)
#31 0x000055b12e69c1e6 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x4a221e6)
#32 0x000055b12e7fbe77 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x4b81e77)
#33 0x000055b12b2124c6 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x15984c6)
#34 0x000055b12b20e2ea ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&, llvm::ToolContext const&) driver.cpp:0:0
#35 0x000055b12e4fccdd void llvm::function_ref<void ()>::callback_fn<clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const::'lambda'()>(long) Job.cpp:0:0
#36 0x000055b12dbd6910 llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x3f5c910)
#37 0x000055b12e4fd59f clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const (.part.0) Job.cpp:0:0
#38 0x000055b12e4c4ddc clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&, clang::driver::Command const*&, bool) const (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x484addc)
#39 0x000055b12e4c587d clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&, bool) const (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x484b87d)
#40 0x000055b12e4cd52d clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x485352d)
#41 0x000055b12b210970 clang_main(int, char**, llvm::ToolContext const&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x1596970)
#42 0x000055b12b11c4d5 main (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x14a24d5)
#43 0x00007f97cf2a7083 __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24083)
#44 0x000055b12b208ffe _start (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+++0x158effe)
clang++: error: clang frontend command failed with exit code 134 (use -v to see invocation)
Compiler returned: 134I didn't find any other OOMs with nested designators: https://github.com/llvm/llvm-project/issues?q=is%3Aissue+nested+designator+
llvmbot commented
@llvm/issue-subscribers-clang-frontend
efriedma-quic commented
"out of memory" errors aren't really a bug in some cases; in general, you can legitimately write constructs which require an arbitrary amount of memory to represent. In this particular case, though, we should probably error out before hitting the OOM.