Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[clang] Assertion `Offset >= Size' failed #122117

Open
wxie7 opened this issue Jan 8, 2025 · 2 comments
Open

[clang] Assertion `Offset >= Size' failed #122117

wxie7 opened this issue Jan 8, 2025 · 2 comments
Labels
clang:codegen crash Prefer [crash-on-valid] or [crash-on-invalid] generated by fuzzer

Comments

@wxie7
Copy link

wxie7 commented Jan 8, 2025

code:

struct S {
  short a;
  char b[~(__SIZE_TYPE__)0 / __CHAR_BIT__ - 1];
};
void foo(void) {
  struct S s = {0};
}

just crash on assertions trunk
https://godbolt.org/z/f4fMjK7W5
I didn't find any similar open issues.
generated via fuzzing

Backtrace 

clang: /root/llvm-project/clang/lib/CodeGen/CGRecordLayoutBuilder.cpp:1011: void {anonymous}::CGRecordLowering::insertPadding(): Assertion `Offset >= Size' failed.
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.	Program arguments: /opt/compiler-explorer/clang-assertions-trunk/bin/clang -gdwarf-4 -g -o /app/output.s -mllvm --x86-asm-syntax=intel -fno-verbose-asm -S --gcc-toolchain=/opt/compiler-explorer/gcc-snapshot -fcolor-diagnostics -fno-crash-diagnostics -x c -std=c2x -c <source>
1.	<eof> parser at end of file
2.	<source>:5:6: LLVM IR generation of declaration 'foo'
3.	<source>:5:6: Generating code for declaration 'foo'
 #0 0x0000000003c8d758 llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x3c8d758)
 #1 0x0000000003c8b464 llvm::sys::CleanupOnSignal(unsigned long) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x3c8b464)
 #2 0x0000000003bd89a8 CrashRecoverySignalHandler(int) CrashRecoveryContext.cpp:0:0
 #3 0x0000713555042520 (/lib/x86_64-linux-gnu/libc.so.6+0x42520)
 #4 0x00007135550969fc pthread_kill (/lib/x86_64-linux-gnu/libc.so.6+0x969fc)
 #5 0x0000713555042476 gsignal (/lib/x86_64-linux-gnu/libc.so.6+0x42476)
 #6 0x00007135550287f3 abort (/lib/x86_64-linux-gnu/libc.so.6+0x287f3)
 #7 0x000071355502871b (/lib/x86_64-linux-gnu/libc.so.6+0x2871b)
 #8 0x0000713555039e96 (/lib/x86_64-linux-gnu/libc.so.6+0x39e96)
 #9 0x0000000003fe38d9 (anonymous namespace)::CGRecordLowering::lower(bool) CGRecordLayoutBuilder.cpp:0:0
#10 0x0000000003fe4de8 clang::CodeGen::CodeGenTypes::ComputeRecordLayout(clang::RecordDecl const*, llvm::StructType*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x3fe4de8)
#11 0x000000000413817d clang::CodeGen::CodeGenTypes::ConvertRecordDeclType(clang::RecordDecl const*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x413817d)
#12 0x0000000004139ffb clang::CodeGen::CodeGenTypes::ConvertType(clang::QualType) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x4139ffb)
#13 0x000000000413ba75 clang::CodeGen::CodeGenTypes::ConvertTypeForMem(clang::QualType) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x413ba75)
#14 0x000000000444eefd clang::CodeGen::CodeGenFunction::EmitAutoVarAlloca(clang::VarDecl const&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x444eefd)
#15 0x0000000004454b7b clang::CodeGen::CodeGenFunction::EmitVarDecl(clang::VarDecl const&) (.part.0) CGDecl.cpp:0:0
#16 0x0000000004454dd6 clang::CodeGen::CodeGenFunction::EmitDecl(clang::Decl const&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x4454dd6)
#17 0x0000000003feae17 clang::CodeGen::CodeGenFunction::EmitDeclStmt(clang::DeclStmt const&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x3feae17)
#18 0x0000000004001b65 clang::CodeGen::CodeGenFunction::EmitSimpleStmt(clang::Stmt const*, llvm::ArrayRef<clang::Attr const*>) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x4001b65)
#19 0x0000000003ff9765 clang::CodeGen::CodeGenFunction::EmitStmt(clang::Stmt const*, llvm::ArrayRef<clang::Attr const*>) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x3ff9765)
#20 0x000000000400156c clang::CodeGen::CodeGenFunction::EmitCompoundStmtWithoutScope(clang::CompoundStmt const&, bool, clang::CodeGen::AggValueSlot) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x400156c)
#21 0x000000000406ab5c clang::CodeGen::CodeGenFunction::EmitFunctionBody(clang::Stmt const*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x406ab5c)
#22 0x000000000407ddae clang::CodeGen::CodeGenFunction::GenerateCode(clang::GlobalDecl, llvm::Function*, clang::CodeGen::CGFunctionInfo const&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x407ddae)
#23 0x00000000040e6ffa clang::CodeGen::CodeGenModule::EmitGlobalFunctionDefinition(clang::GlobalDecl, llvm::GlobalValue*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x40e6ffa)
#24 0x00000000040e2285 clang::CodeGen::CodeGenModule::EmitGlobalDefinition(clang::GlobalDecl, llvm::GlobalValue*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x40e2285)
#25 0x00000000040e266b clang::CodeGen::CodeGenModule::EmitGlobal(clang::GlobalDecl) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x40e266b)
#26 0x00000000040ec993 clang::CodeGen::CodeGenModule::EmitTopLevelDecl(clang::Decl*) (.part.0) CodeGenModule.cpp:0:0
#27 0x0000000004621756 (anonymous namespace)::CodeGeneratorImpl::HandleTopLevelDecl(clang::DeclGroupRef) ModuleBuilder.cpp:0:0
#28 0x00000000046122c8 clang::BackendConsumer::HandleTopLevelDecl(clang::DeclGroupRef) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x46122c8)
#29 0x000000000662e4b4 clang::ParseAST(clang::Sema&, bool, bool) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x662e4b4)
#30 0x000000000461f2b8 clang::CodeGenAction::ExecuteAction() (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x461f2b8)
#31 0x00000000048dbab9 clang::FrontendAction::Execute() (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x48dbab9)
#32 0x000000000485e18e clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x485e18e)
#33 0x00000000049c906e clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x49c906e)
#34 0x0000000000ceda5f cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0xceda5f)
#35 0x0000000000ce54fa ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&, llvm::ToolContext const&) driver.cpp:0:0
#36 0x0000000004664e49 void llvm::function_ref<void ()>::callback_fn<clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const::'lambda'()>(long) Job.cpp:0:0
#37 0x0000000003bd8e54 llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x3bd8e54)
#38 0x000000000466543f clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const (.part.0) Job.cpp:0:0
#39 0x000000000462902d clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&, clang::driver::Command const*&, bool) const (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x462902d)
#40 0x000000000462a0ae clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&, bool) const (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x462a0ae)
#41 0x0000000004631bd5 clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x4631bd5)
#42 0x0000000000cea8a3 clang_main(int, char**, llvm::ToolContext const&) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0xcea8a3)
#43 0x0000000000bb6b84 main (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0xbb6b84)
#44 0x0000713555029d90 (/lib/x86_64-linux-gnu/libc.so.6+0x29d90)
#45 0x0000713555029e40 __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e40)
#46 0x0000000000ce4fa5 _start (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0xce4fa5)
clang: error: clang frontend command failed with exit code 134 (use -v to see invocation)
Compiler returned: 134

@llvmbot llvmbot added the clang Clang issues not falling into any other category label Jan 8, 2025
@EugeneZelenko EugeneZelenko added clang:codegen crash Prefer [crash-on-valid] or [crash-on-invalid] generated by fuzzer and removed clang Clang issues not falling into any other category labels Jan 8, 2025
@llvmbot
Copy link
Member

llvmbot commented Jan 8, 2025

@llvm/issue-subscribers-clang-codegen

Author: None (wxie7)

code: ```c struct S { short a; char b[~(__SIZE_TYPE__)0 / __CHAR_BIT__ - 1]; }; void foo(void) { struct S s = {0}; } ``` just crash on assertions trunk https://godbolt.org/z/f4fMjK7W5 I didn't find any similar open issues. generated via fuzzing

<details><summary><strong>Backtrace</strong></summary>
<p>

clang: /root/llvm-project/clang/lib/CodeGen/CGRecordLayoutBuilder.cpp:1011: void {anonymous}::CGRecordLowering::insertPadding(): Assertion `Offset &gt;= Size' failed.
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.	Program arguments: /opt/compiler-explorer/clang-assertions-trunk/bin/clang -gdwarf-4 -g -o /app/output.s -mllvm --x86-asm-syntax=intel -fno-verbose-asm -S --gcc-toolchain=/opt/compiler-explorer/gcc-snapshot -fcolor-diagnostics -fno-crash-diagnostics -x c -std=c2x -c &lt;source&gt;
1.	&lt;eof&gt; parser at end of file
2.	&lt;source&gt;:5:6: LLVM IR generation of declaration 'foo'
3.	&lt;source&gt;:5:6: Generating code for declaration 'foo'
 #<!-- -->0 0x0000000003c8d758 llvm::sys::PrintStackTrace(llvm::raw_ostream&amp;, int) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x3c8d758)
 #<!-- -->1 0x0000000003c8b464 llvm::sys::CleanupOnSignal(unsigned long) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x3c8b464)
 #<!-- -->2 0x0000000003bd89a8 CrashRecoverySignalHandler(int) CrashRecoveryContext.cpp:0:0
 #<!-- -->3 0x0000713555042520 (/lib/x86_64-linux-gnu/libc.so.6+0x42520)
 #<!-- -->4 0x00007135550969fc pthread_kill (/lib/x86_64-linux-gnu/libc.so.6+0x969fc)
 #<!-- -->5 0x0000713555042476 gsignal (/lib/x86_64-linux-gnu/libc.so.6+0x42476)
 #<!-- -->6 0x00007135550287f3 abort (/lib/x86_64-linux-gnu/libc.so.6+0x287f3)
 #<!-- -->7 0x000071355502871b (/lib/x86_64-linux-gnu/libc.so.6+0x2871b)
 #<!-- -->8 0x0000713555039e96 (/lib/x86_64-linux-gnu/libc.so.6+0x39e96)
 #<!-- -->9 0x0000000003fe38d9 (anonymous namespace)::CGRecordLowering::lower(bool) CGRecordLayoutBuilder.cpp:0:0
#<!-- -->10 0x0000000003fe4de8 clang::CodeGen::CodeGenTypes::ComputeRecordLayout(clang::RecordDecl const*, llvm::StructType*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x3fe4de8)
#<!-- -->11 0x000000000413817d clang::CodeGen::CodeGenTypes::ConvertRecordDeclType(clang::RecordDecl const*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x413817d)
#<!-- -->12 0x0000000004139ffb clang::CodeGen::CodeGenTypes::ConvertType(clang::QualType) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x4139ffb)
#<!-- -->13 0x000000000413ba75 clang::CodeGen::CodeGenTypes::ConvertTypeForMem(clang::QualType) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x413ba75)
#<!-- -->14 0x000000000444eefd clang::CodeGen::CodeGenFunction::EmitAutoVarAlloca(clang::VarDecl const&amp;) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x444eefd)
#<!-- -->15 0x0000000004454b7b clang::CodeGen::CodeGenFunction::EmitVarDecl(clang::VarDecl const&amp;) (.part.0) CGDecl.cpp:0:0
#<!-- -->16 0x0000000004454dd6 clang::CodeGen::CodeGenFunction::EmitDecl(clang::Decl const&amp;) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x4454dd6)
#<!-- -->17 0x0000000003feae17 clang::CodeGen::CodeGenFunction::EmitDeclStmt(clang::DeclStmt const&amp;) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x3feae17)
#<!-- -->18 0x0000000004001b65 clang::CodeGen::CodeGenFunction::EmitSimpleStmt(clang::Stmt const*, llvm::ArrayRef&lt;clang::Attr const*&gt;) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x4001b65)
#<!-- -->19 0x0000000003ff9765 clang::CodeGen::CodeGenFunction::EmitStmt(clang::Stmt const*, llvm::ArrayRef&lt;clang::Attr const*&gt;) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x3ff9765)
#<!-- -->20 0x000000000400156c clang::CodeGen::CodeGenFunction::EmitCompoundStmtWithoutScope(clang::CompoundStmt const&amp;, bool, clang::CodeGen::AggValueSlot) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x400156c)
#<!-- -->21 0x000000000406ab5c clang::CodeGen::CodeGenFunction::EmitFunctionBody(clang::Stmt const*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x406ab5c)
#<!-- -->22 0x000000000407ddae clang::CodeGen::CodeGenFunction::GenerateCode(clang::GlobalDecl, llvm::Function*, clang::CodeGen::CGFunctionInfo const&amp;) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x407ddae)
#<!-- -->23 0x00000000040e6ffa clang::CodeGen::CodeGenModule::EmitGlobalFunctionDefinition(clang::GlobalDecl, llvm::GlobalValue*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x40e6ffa)
#<!-- -->24 0x00000000040e2285 clang::CodeGen::CodeGenModule::EmitGlobalDefinition(clang::GlobalDecl, llvm::GlobalValue*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x40e2285)
#<!-- -->25 0x00000000040e266b clang::CodeGen::CodeGenModule::EmitGlobal(clang::GlobalDecl) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x40e266b)
#<!-- -->26 0x00000000040ec993 clang::CodeGen::CodeGenModule::EmitTopLevelDecl(clang::Decl*) (.part.0) CodeGenModule.cpp:0:0
#<!-- -->27 0x0000000004621756 (anonymous namespace)::CodeGeneratorImpl::HandleTopLevelDecl(clang::DeclGroupRef) ModuleBuilder.cpp:0:0
#<!-- -->28 0x00000000046122c8 clang::BackendConsumer::HandleTopLevelDecl(clang::DeclGroupRef) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x46122c8)
#<!-- -->29 0x000000000662e4b4 clang::ParseAST(clang::Sema&amp;, bool, bool) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x662e4b4)
#<!-- -->30 0x000000000461f2b8 clang::CodeGenAction::ExecuteAction() (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x461f2b8)
#<!-- -->31 0x00000000048dbab9 clang::FrontendAction::Execute() (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x48dbab9)
#<!-- -->32 0x000000000485e18e clang::CompilerInstance::ExecuteAction(clang::FrontendAction&amp;) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x485e18e)
#<!-- -->33 0x00000000049c906e clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x49c906e)
#<!-- -->34 0x0000000000ceda5f cc1_main(llvm::ArrayRef&lt;char const*&gt;, char const*, void*) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0xceda5f)
#<!-- -->35 0x0000000000ce54fa ExecuteCC1Tool(llvm::SmallVectorImpl&lt;char const*&gt;&amp;, llvm::ToolContext const&amp;) driver.cpp:0:0
#<!-- -->36 0x0000000004664e49 void llvm::function_ref&lt;void ()&gt;::callback_fn&lt;clang::driver::CC1Command::Execute(llvm::ArrayRef&lt;std::optional&lt;llvm::StringRef&gt;&gt;, std::__cxx11::basic_string&lt;char, std::char_traits&lt;char&gt;, std::allocator&lt;char&gt;&gt;*, bool*) const::'lambda'()&gt;(long) Job.cpp:0:0
#<!-- -->37 0x0000000003bd8e54 llvm::CrashRecoveryContext::RunSafely(llvm::function_ref&lt;void ()&gt;) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x3bd8e54)
#<!-- -->38 0x000000000466543f clang::driver::CC1Command::Execute(llvm::ArrayRef&lt;std::optional&lt;llvm::StringRef&gt;&gt;, std::__cxx11::basic_string&lt;char, std::char_traits&lt;char&gt;, std::allocator&lt;char&gt;&gt;*, bool*) const (.part.0) Job.cpp:0:0
#<!-- -->39 0x000000000462902d clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&amp;, clang::driver::Command const*&amp;, bool) const (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x462902d)
#<!-- -->40 0x000000000462a0ae clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&amp;, llvm::SmallVectorImpl&lt;std::pair&lt;int, clang::driver::Command const*&gt;&gt;&amp;, bool) const (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x462a0ae)
#<!-- -->41 0x0000000004631bd5 clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&amp;, llvm::SmallVectorImpl&lt;std::pair&lt;int, clang::driver::Command const*&gt;&gt;&amp;) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0x4631bd5)
#<!-- -->42 0x0000000000cea8a3 clang_main(int, char**, llvm::ToolContext const&amp;) (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0xcea8a3)
#<!-- -->43 0x0000000000bb6b84 main (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0xbb6b84)
#<!-- -->44 0x0000713555029d90 (/lib/x86_64-linux-gnu/libc.so.6+0x29d90)
#<!-- -->45 0x0000713555029e40 __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e40)
#<!-- -->46 0x0000000000ce4fa5 _start (/opt/compiler-explorer/clang-assertions-trunk/bin/clang+0xce4fa5)
clang: error: clang frontend command failed with exit code 134 (use -v to see invocation)
Compiler returned: 134

</p>
</details>

@shafik
Copy link
Collaborator

shafik commented Jan 8, 2025

Looks related to: #88208

goes back to clang-3.5: https://godbolt.org/z/vsxTrxf4Y

If we modify it a bit: https://godbolt.org/z/TjMbYs7zd

we obtain:

<source>:5:6: warning: stack frame size (2305843009213693960) exceeds limit (4294967295) in 'foo()' [-Wframe-larger-than]
    5 | void foo(void) {
      |      ^

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
clang:codegen crash Prefer [crash-on-valid] or [crash-on-invalid] generated by fuzzer
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@shafik @EugeneZelenko @wxie7 @llvmbot