Crash on code with exception

[ladisgin]

Hi, I was running the clangir on several files from another project.

There is a segmentation fault on one of them. In function mlir::Block::isEntryBlock(), it looks like the pointer returned by getParent() is invalid.

code:

int p() throw() { throw 'a'; }
int main() {
  try {
    return p();
  } catch (...) {
    return 1;
  }
}

command:
clang -I/home/ladisgin/git_proj/klee/include -c -S -Xclang -emit-cir LandingPad.cpp

Stack dump:
0.	Program arguments: /home/ladisgin/git_proj/clangir/build/bin/clang -I/home/ladisgin/git_proj/klee/include -c -S -Xclang -emit-cir /home/ladisgin/git_proj/clangir_tests/test/CXX/LandingPad.cpp
1.	<eof> parser at end of file
2.	/home/ladisgin/git_proj/clangir_tests/test/CXX/LandingPad.cpp:11:5: LLVM IR generation of declaration 'main'
 #0 0x000000000b236a1e llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) /home/ladisgin/git_proj/clangir/llvm/lib/Support/Unix/Signals.inc:723:22
 #1 0x000000000b236e5c PrintStackTraceSignalHandler(void*) /home/ladisgin/git_proj/clangir/llvm/lib/Support/Unix/Signals.inc:798:1
 #2 0x000000000b23465e llvm::sys::RunSignalHandlers() /home/ladisgin/git_proj/clangir/llvm/lib/Support/Signals.cpp:105:20
 #3 0x000000000b2362fe llvm::sys::CleanupOnSignal(unsigned long) /home/ladisgin/git_proj/clangir/llvm/lib/Support/Unix/Signals.inc:367:31
 #4 0x000000000b167656 (anonymous namespace)::CrashRecoveryContextImpl::HandleCrash(int, unsigned long) /home/ladisgin/git_proj/clangir/llvm/lib/Support/CrashRecoveryContext.cpp:73:5
 #5 0x000000000b167ae5 CrashRecoverySignalHandler(int) /home/ladisgin/git_proj/clangir/llvm/lib/Support/CrashRecoveryContext.cpp:391:1
 #6 0x00007fed89d3dd00 __restore_rt (/lib64/libc.so.6+0x40d00)
 #7 0x0000000009481fcc llvm::ilist_detail::node_base_prevnext<llvm::ilist_node_base<true, void>, true>::getNext() const /home/ladisgin/git_proj/clangir/llvm/include/llvm/ADT/ilist_node_base.h:42:38
 #8 0x000000000d373346 llvm::ilist_node_impl<llvm::ilist_detail::node_options<mlir::Block, true, false, void, false, void>>::getNext() /home/ladisgin/git_proj/clangir/llvm/include/llvm/ADT/ilist_node.h:118:3
 #9 0x000000000d372295 llvm::ilist_iterator<llvm::ilist_detail::node_options<mlir::Block, true, false, void, false, void>, false, false>::operator++() /home/ladisgin/git_proj/clangir/llvm/include/llvm/ADT/ilist_iterator.h:187:13
#10 0x000000000d3710b5 llvm::simple_ilist<mlir::Block>::begin() /home/ladisgin/git_proj/clangir/llvm/include/llvm/ADT/simple_ilist.h:125:48
#11 0x000000000d3710f8 llvm::simple_ilist<mlir::Block>::front() /home/ladisgin/git_proj/clangir/llvm/include/llvm/ADT/simple_ilist.h:144:36
#12 0x000000000d36f7ee mlir::Region::front() /home/ladisgin/git_proj/clangir/llvm/../mlir/include/mlir/IR/Region.h:65:43
#13 0x000000000fa589ea mlir::Block::isEntryBlock() /home/ladisgin/git_proj/clangir/mlir/lib/IR/Block.cpp:35:65
#14 0x000000000d63aabf cir::CIRGenFunction::LexicalScope::cleanup() /home/ladisgin/git_proj/clangir/clang/lib/CIR/CodeGen/CIRGenFunction.cpp:404:62
#15 0x000000000d64535e cir::CIRGenFunction::LexicalScope::~LexicalScope() /home/ladisgin/git_proj/clangir/clang/lib/CIR/CodeGen/CIRGenFunction.h:2096:14
#16 0x000000000d6549d8 cir::CIRGenFunction::buildCXXTryStmtUnderScope(clang::CXXTryStmt const&)::'lambda0'()::operator()() const /home/ladisgin/git_proj/clangir/clang/lib/CIR/CodeGen/CIRGenException.cpp:398:3
#17 0x000000000d654b96 cir::CIRGenFunction::buildCXXTryStmtUnderScope(clang::CXXTryStmt const&) /home/ladisgin/git_proj/clangir/clang/lib/CIR/CodeGen/CIRGenException.cpp:401:1
#18 0x000000000d6545a8 cir::CIRGenFunction::buildCXXTryStmt(clang::CXXTryStmt const&) /home/ladisgin/git_proj/clangir/clang/lib/CIR/CodeGen/CIRGenException.cpp:316:34
#19 0x000000000d6c2f3f cir::CIRGenFunction::buildStmt(clang::Stmt const*, bool, llvm::ArrayRef<clang::Attr const*>) /home/ladisgin/git_proj/clangir/clang/lib/CIR/CodeGen/CIRGenStmt.cpp:170:48
#20 0x000000000d6c28ea cir::CIRGenFunction::buildCompoundStmtWithoutScope(clang::CompoundStmt const&, bool, cir::AggValueSlot) /home/ladisgin/git_proj/clangir/clang/lib/CIR/CodeGen/CIRGenStmt.cpp:60:20
#21 0x000000000d64173b cir::CIRGenFunction::buildFunctionBody(clang::Stmt const*) /home/ladisgin/git_proj/clangir/clang/lib/CIR/CodeGen/CIRGenFunction.cpp:1356:34
#22 0x000000000d63bcf9 cir::CIRGenFunction::generateCode(clang::GlobalDecl, mlir::cir::FuncOp, cir::CIRGenFunctionInfo const&) /home/ladisgin/git_proj/clangir/clang/lib/CIR/CodeGen/CIRGenFunction.cpp:709:23
#23 0x000000000d60c78c cir::CIRGenModule::buildGlobalFunctionDefinition(clang::GlobalDecl, mlir::Operation*) /home/ladisgin/git_proj/clangir/clang/lib/CIR/CodeGen/CIRGenModule.cpp:596:3
#24 0x000000000d60fb5b cir::CIRGenModule::buildGlobalDefinition(clang::GlobalDecl, mlir::Operation*) /home/ladisgin/git_proj/clangir/clang/lib/CIR/CodeGen/CIRGenModule.cpp:1374:5
#25 0x000000000d60c37a cir::CIRGenModule::buildGlobal(clang::GlobalDecl) /home/ladisgin/git_proj/clangir/clang/lib/CIR/CodeGen/CIRGenModule.cpp:538:5
#26 0x000000000d611551 cir::CIRGenModule::buildTopLevelDecl(clang::Decl*) /home/ladisgin/git_proj/clangir/clang/lib/CIR/CodeGen/CIRGenModule.cpp:1728:5
#27 0x000000000d608334 cir::CIRGenerator::HandleTopLevelDecl(clang::DeclGroupRef) /home/ladisgin/git_proj/clangir/clang/lib/CIR/CodeGen/CIRGenerator.cpp:84:3
#28 0x000000000d36fe5d cir::CIRGenConsumer::HandleTopLevelDecl(clang::DeclGroupRef) /home/ladisgin/git_proj/clangir/clang/lib/CIR/FrontendAction/CIRGenAction.cpp:156:12
#29 0x00000000113b620a clang::ParseAST(clang::Sema&, bool, bool) /home/ladisgin/git_proj/clangir/clang/lib/Parse/ParseAST.cpp:167:20
#30 0x000000000c6a1ba4 clang::ASTFrontendAction::ExecuteAction() /home/ladisgin/git_proj/clangir/clang/lib/Frontend/FrontendAction.cpp:1212:11
#31 0x000000000d36e2a7 cir::CIRGenAction::ExecuteAction() /home/ladisgin/git_proj/clangir/clang/lib/CIR/FrontendAction/CIRGenAction.cpp:405:5
#32 0x000000000c6a1501 clang::FrontendAction::Execute() /home/ladisgin/git_proj/clangir/clang/lib/Frontend/FrontendAction.cpp:1102:38
#33 0x000000000c5c4048 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) /home/ladisgin/git_proj/clangir/clang/lib/Frontend/CompilerInstance.cpp:1061:42
#34 0x000000000c849e1d clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /home/ladisgin/git_proj/clangir/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:369:38
#35 0x00000000094772cf cc1_main(llvm::ArrayRef<char const*>, char const*, void*) /home/ladisgin/git_proj/clangir/clang/tools/driver/cc1_main.cpp:232:40
#36 0x0000000009469746 ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&, llvm::ToolContext const&) /home/ladisgin/git_proj/clangir/clang/tools/driver/driver.cpp:215:20
#37 0x0000000009469929 clang_main(int, char**, llvm::ToolContext const&)::'lambda'(llvm::SmallVectorImpl<char const*>&)::operator()(llvm::SmallVectorImpl<char const*>&) const /home/ladisgin/git_proj/clangir/clang/tools/driver/driver.cpp:356:5
#38 0x000000000946aec7 int llvm::function_ref<int (llvm::SmallVectorImpl<char const*>&)>::callback_fn<clang_main(int, char**, llvm::ToolContext const&)::'lambda'(llvm::SmallVectorImpl<char const*>&)>(long, llvm::SmallVectorImpl<char const*>&) /home/ladisgin/git_proj/clangir/llvm/include/llvm/ADT/STLFunctionalExtras.h:47:3
#39 0x000000000c41c299 llvm::function_ref<int (llvm::SmallVectorImpl<char const*>&)>::operator()(llvm::SmallVectorImpl<char const*>&) const /home/ladisgin/git_proj/clangir/llvm/include/llvm/ADT/STLFunctionalExtras.h:69:3
#40 0x000000000c41b008 clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const::'lambda'()::operator()() const /home/ladisgin/git_proj/clangir/clang/lib/Driver/Job.cpp:440:32
#41 0x000000000c41b42d void llvm::function_ref<void ()>::callback_fn<clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const::'lambda'()>(long) /home/ladisgin/git_proj/clangir/llvm/include/llvm/ADT/STLFunctionalExtras.h:46:40
#42 0x0000000009e7d46c llvm::function_ref<void ()>::operator()() const /home/ladisgin/git_proj/clangir/llvm/include/llvm/ADT/STLFunctionalExtras.h:68:62
#43 0x000000000b167cb2 llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>) /home/ladisgin/git_proj/clangir/llvm/lib/Support/CrashRecoveryContext.cpp:427:10
#44 0x000000000c41b1fc clang::driver::CC1Command::Execute(llvm::ArrayRef<std::optional<llvm::StringRef>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>*, bool*) const /home/ladisgin/git_proj/clangir/clang/lib/Driver/Job.cpp:440:7
#45 0x000000000c3b9f61 clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&, clang::driver::Command const*&, bool) const /home/ladisgin/git_proj/clangir/clang/lib/Driver/Compilation.cpp:199:22
#46 0x000000000c3ba28d clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&, bool) const /home/ladisgin/git_proj/clangir/clang/lib/Driver/Compilation.cpp:253:62
#47 0x000000000c3ccb10 clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command const*>>&) /home/ladisgin/git_proj/clangir/clang/lib/Driver/Driver.cpp:1951:28
#48 0x000000000946aa83 clang_main(int, char**, llvm::ToolContext const&) /home/ladisgin/git_proj/clangir/clang/tools/driver/driver.cpp:391:39
#49 0x000000000949fe7f main /home/ladisgin/git_proj/clangir/build/tools/clang/tools/driver/clang-driver.cpp:17:20
#50 0x00007fed89d27088 __libc_start_call_main (/lib64/libc.so.6+0x2a088)
#51 0x00007fed89d2714b __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x2a14b)
#52 0x0000000009468ba5 _start (/home/ladisgin/git_proj/clangir/build/bin/clang+0x9468ba5)
clang: error: clang frontend command failed with exit code 139 (use -v to see invocation)
clang version 19.0.0git ([email protected]:llvm/clangir.git 52323c17c6a3708b3eb72651465f7d4b82f057e7)
Target: x86_64-unknown-linux-gnu
Thread model: posix
InstalledDir: /home/ladisgin/git_proj/clangir/build/bin
Build config: +unoptimized, +assertions
clang: error: unable to execute command: Segmentation fault (core dumped)
clang: note: diagnostic msg: Error generating preprocessed source(s).

[smeenai]

The crash is definitely a bug, but the definition of p is also a bit strange – it's marked throw() (which is equivalent to noexcept) but it's still throwing an exception. Removing that gives a verifier error (https://godbolt.org/z/d6cb161Gv), so there's at least two separate bugs here :)

[bcardosolopes]

I'm working on exceptions at the moment, will take a look at this soon, thanks for reporting!