Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[clang++] Frontend SEGV in "clang/AST/Type.h" getType #111594

Open
yype opened this issue Oct 8, 2024 · 1 comment
Open

[clang++] Frontend SEGV in "clang/AST/Type.h" getType #111594

yype opened this issue Oct 8, 2024 · 1 comment
Labels
clang:frontend:fuzzer clang:frontend Language frontend issues, e.g. anything involving "Sema" confirmed Verified by a second party crash-on-invalid

Comments

@yype
Copy link

yype commented Oct 8, 2024

Hi there, clang++ crashes from a SEGV on the following invalid test case:

a() {struct b c (sizeof(b * [({ {tree->d* next)} 0

Tested version(s): 14.0.0 ~ 19.1.0, trunk.

Example: https://godbolt.org/z/o47W5zqzh

Stack dump:

Click me 
0.	Program arguments: /repo/llvm-project/clean_build/bin/clang-19 -cc1 -triple x86_64-unknown-linux-gnu -emit-obj -dumpdir /tmp/test.out- -disable-free -clear-ast-before-backend -main-file-name 2.cpp -mrelocation-model pic -pic-level 2 -pic-is-pie -mframe-pointer=all -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fdebug-compilation-dir=/new_repo_root/errfuzz -fcoverage-compilation-dir=/new_repo_root/errfuzz -resource-dir /repo/llvm-project/clean_build/lib/clang/19 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/11/../../../../include/x86_64-linux-gnu/c++/11 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/backward -internal-isystem /repo/llvm-project/clean_build/lib/clang/19/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/11/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -fdeprecated-macro -ferror-limit 19 -fgnuc-version=4.2.1 -fskip-odr-check-in-gmf -fcxx-exceptions -fexceptions -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/2-67ccc9.o -x c++ /tmp/2.cpp
1.	<eof> parser at end of file
2.	/tmp/2.cpp:1:5: parsing function body 'a'
3.	/tmp/2.cpp:1:5: in compound statement ('{}')
 #0 0x000055c5e13ca6eb backtrace (/repo/llvm-project/clean_build/bin/clang-19+0x52e06eb)
 #1 0x000055c5e973769d llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) /repo/llvm-project/llvm/lib/Support/Unix/Signals.inc:727:8
 #2 0x000055c5e972fbe7 llvm::sys::RunSignalHandlers() /repo/llvm-project/llvm/lib/Support/Signals.cpp:0:5
 #3 0x000055c5e9738994 SignalHandler(int) /repo/llvm-project/llvm/lib/Support/Unix/Signals.inc:0:3
 #4 0x00007fc66479b520 (/lib/x86_64-linux-gnu/libc.so.6+0x42520)
 #5 0x000055c5f3c76bee getType /repo/llvm-project/clang/include/clang/AST/Type.h:7728:37
 #6 0x000055c5f3c76bee getArgumentType /repo/llvm-project/clang/include/clang/AST/Expr.h:2622:35
 #7 0x000055c5f3c76bee clang::computeDependence(clang::UnaryExprOrTypeTraitExpr*) /repo/llvm-project/clang/lib/AST/ComputeDependence.cpp:82:38
 #8 0x000055c5f15f9c35 setDependence /repo/llvm-project/clang/include/clang/AST/Expr.h:136:24
 #9 0x000055c5f15f9c35 UnaryExprOrTypeTraitExpr /repo/llvm-project/clang/include/clang/AST/Expr.h:2599:5
#10 0x000055c5f15f9c35 clang::Sema::CreateUnaryExprOrTypeTraitExpr(clang::TypeSourceInfo*, clang::SourceLocation, clang::UnaryExprOrTypeTrait, clang::SourceRange) /repo/llvm-project/clang/lib/Sema/SemaExpr.cpp:4609:24
#11 0x000055c5f15fb569 clang::Sema::ActOnUnaryExprOrTypeTraitExpr(clang::SourceLocation, clang::UnaryExprOrTypeTrait, bool, void*, clang::SourceRange) /repo/llvm-project/clang/lib/Sema/SemaExpr.cpp:4667:3
#12 0x000055c5f08cd302 clang::Parser::ParseUnaryExprOrTypeTraitExpression() /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp:0:0
#13 0x000055c5f08b57e2 clang::Parser::ParseCastExpression(clang::Parser::CastParseKind, bool, bool&, clang::Parser::TypeCastState, bool, bool*) /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp:1535:9
#14 0x000055c5f08a1f7e ParseCastExpression /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp:712:20
#15 0x000055c5f08a1f7e clang::Parser::ParseAssignmentExpression(clang::Parser::TypeCastState) /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp:182:20
#16 0x000055c5f08d150b clang::Parser::ParseExpressionList(llvm::SmallVectorImpl<clang::Expr*>&, llvm::function_ref<void ()>, bool, bool) /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp:3665:14
#17 0x000055c5f07c9f60 clang::Parser::ParseDeclarationAfterDeclaratorAndAttributes(clang::Declarator&, clang::Parser::ParsedTemplateInfo const&, clang::Parser::ForRangeInit*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp:2862:9
#18 0x000055c5f07bff58 clang::Parser::ParseDeclGroup(clang::ParsingDeclSpec&, clang::DeclaratorContext, clang::ParsedAttributes&, clang::Parser::ParsedTemplateInfo&, clang::SourceLocation*, clang::Parser::ForRangeInit*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp:2516:7
#19 0x000055c5f07bc851 clang::Parser::ParseSimpleDeclaration(clang::DeclaratorContext, clang::SourceLocation&, clang::ParsedAttributes&, clang::ParsedAttributes&, bool, clang::Parser::ForRangeInit*, clang::SourceLocation*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp:2135:10
#20 0x000055c5f07bb10b clang::Parser::ParseDeclaration(clang::DeclaratorContext, clang::SourceLocation&, clang::ParsedAttributes&, clang::ParsedAttributes&, clang::SourceLocation*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp:0:0
#21 0x000055c5f0a557cb getBegin /repo/llvm-project/clang/include/clang/Basic/SourceLocation.h:222:44
#22 0x000055c5f0a557cb clang::Parser::ParseStatementOrDeclarationAfterAttributes(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*, clang::ParsedAttributes&, clang::ParsedAttributes&) /repo/llvm-project/clang/lib/Parse/ParseStmt.cpp:265:28
#23 0x000055c5f0a53919 clang::Parser::ParseStatementOrDeclaration(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*) /repo/llvm-project/clang/lib/Parse/ParseStmt.cpp:0:20
#24 0x000055c5f0a7a6d9 clang::Parser::ParseCompoundStatementBody(bool) /repo/llvm-project/clang/lib/Parse/ParseStmt.cpp:1248:11
#25 0x000055c5f0a7f900 clang::Parser::ParseFunctionStatementBody(clang::Decl*, clang::Parser::ParseScope&) /repo/llvm-project/clang/lib/Parse/ParseStmt.cpp:2526:21
#26 0x000055c5f073d853 clang::Parser::ParseFunctionDefinition(clang::ParsingDeclarator&, clang::Parser::ParsedTemplateInfo const&, clang::Parser::LateParsedAttrList*) /repo/llvm-project/clang/lib/Parse/Parser.cpp:0:10
#27 0x000055c5f07c331e clang::Parser::ParseDeclGroup(clang::ParsingDeclSpec&, clang::DeclaratorContext, clang::ParsedAttributes&, clang::Parser::ParsedTemplateInfo&, clang::SourceLocation*, clang::Parser::ForRangeInit*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp:2427:17
#28 0x000055c5f07398cf clang::Parser::ParseDeclOrFunctionDefInternal(clang::ParsedAttributes&, clang::ParsedAttributes&, clang::ParsingDeclSpec&, clang::AccessSpecifier) /repo/llvm-project/clang/lib/Parse/Parser.cpp:1249:10
#29 0x000055c5f0738218 clang::Parser::ParseDeclarationOrFunctionDefinition(clang::ParsedAttributes&, clang::ParsedAttributes&, clang::ParsingDeclSpec*, clang::AccessSpecifier) /repo/llvm-project/clang/lib/Parse/Parser.cpp:1271:12
#30 0x000055c5f0734029 clang::Parser::ParseExternalDeclaration(clang::ParsedAttributes&, clang::ParsedAttributes&, clang::ParsingDeclSpec*) /repo/llvm-project/clang/lib/Parse/Parser.cpp:0:14
#31 0x000055c5f072c59d clang::Parser::ParseTopLevelDecl(clang::OpaquePtr<clang::DeclGroupRef>&, clang::Sema::ModuleImportState&) /repo/llvm-project/clang/lib/Parse/Parser.cpp:0:12
#32 0x000055c5f072a995 clang::Parser::ParseFirstTopLevelDecl(clang::OpaquePtr<clang::DeclGroupRef>&, clang::Sema::ModuleImportState&) /repo/llvm-project/clang/lib/Parse/Parser.cpp:608:26
#33 0x000055c5f07191b2 clang::ParseAST(clang::Sema&, bool, bool) /repo/llvm-project/clang/lib/Parse/ParseAST.cpp:170:5
#34 0x000055c5eaf54109 clang::CodeGenAction::ExecuteAction() /repo/llvm-project/clang/lib/CodeGen/CodeGenAction.cpp:1228:1
#35 0x000055c5eb8b8245 clang::FrontendAction::Execute() /repo/llvm-project/clang/lib/Frontend/FrontendAction.cpp:1082:10
#36 0x000055c5eb67c96e clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) /repo/llvm-project/clang/lib/Frontend/CompilerInstance.cpp:0:33
#37 0x000055c5ebba5067 get /usr/bin/../lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/bits/shared_ptr_base.h:1296:16
#38 0x000055c5ebba5067 _M_get /usr/bin/../lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/bits/shared_ptr_base.h:993:66
#39 0x000055c5ebba5067 operator-> /usr/bin/../lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/bits/shared_ptr_base.h:987:9
#40 0x000055c5ebba5067 getFrontendOpts /repo/llvm-project/clang/include/clang/Frontend/CompilerInstance.h:312:12
#41 0x000055c5ebba5067 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /repo/llvm-project/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:281:14
#42 0x000055c5e1460592 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) /repo/llvm-project/clang/tools/driver/cc1_main.cpp:0:15
#43 0x000055c5e14562c5 ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&, llvm::ToolContext const&) /repo/llvm-project/clang/tools/driver/driver.cpp:0:0
#44 0x000055c5e14522bd clang_main(int, char**, llvm::ToolContext const&) /repo/llvm-project/clang/tools/driver/driver.cpp:0:12
#45 0x000055c5e1489880 main /repo/llvm-project/clean_build/tools/clang/tools/driver/clang-driver.cpp:17:10
#46 0x00007fc664782d90 (/lib/x86_64-linux-gnu/libc.so.6+0x29d90)
#47 0x00007fc664782e40 __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e40)
#48 0x000055c5e138ebb5 _start (/repo/llvm-project/clean_build/bin/clang-19+0x52a4bb5)
AddressSanitizer:DEADLYSIGNAL
=================================================================
==462686==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x55c5f3c76bee bp 0x7ffc35bb0130 sp 0x7ffc35bb0100 T0)
==462686==The signal is caused by a READ memory access.
==462686==Hint: address points to the zero page.
    #0 0x55c5f3c76bee in getType /repo/llvm-project/clang/include/clang/AST/Type.h:7728:37
    #1 0x55c5f3c76bee in getArgumentType /repo/llvm-project/clang/include/clang/AST/Expr.h:2622:35
    #2 0x55c5f3c76bee in clang::computeDependence(clang::UnaryExprOrTypeTraitExpr*) /repo/llvm-project/clang/lib/AST/ComputeDependence.cpp:82:38
    #3 0x55c5f15f9c34 in UnaryExprOrTypeTraitExpr /repo/llvm-project/clang/include/clang/AST/Expr.h:2599:19
    #4 0x55c5f15f9c34 in clang::Sema::CreateUnaryExprOrTypeTraitExpr(clang::TypeSourceInfo*, clang::SourceLocation, clang::UnaryExprOrTypeTrait, clang::SourceRange) /repo/llvm-project/clang/lib/Sema/SemaExpr.cpp:4609:24
    #5 0x55c5f15fb568 in clang::Sema::ActOnUnaryExprOrTypeTraitExpr(clang::SourceLocation, clang::UnaryExprOrTypeTrait, bool, void*, clang::SourceRange) /repo/llvm-project/clang/lib/Sema/SemaExpr.cpp:4666:12
    #6 0x55c5f08cd301 in clang::Parser::ParseUnaryExprOrTypeTraitExpression() /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp
    #7 0x55c5f08b57e1 in clang::Parser::ParseCastExpression(clang::Parser::CastParseKind, bool, bool&, clang::Parser::TypeCastState, bool, bool*) /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp:1535:11
    #8 0x55c5f08a1f7d in ParseCastExpression /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp:712:20
    #9 0x55c5f08a1f7d in clang::Parser::ParseAssignmentExpression(clang::Parser::TypeCastState) /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp:182:20
    #10 0x55c5f08d150a in clang::Parser::ParseExpressionList(llvm::SmallVectorImpl<clang::Expr*>&, llvm::function_ref<void ()>, bool, bool) /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp:3665:14
    #11 0x55c5f07c9f5f in clang::Parser::ParseDeclarationAfterDeclaratorAndAttributes(clang::Declarator&, clang::Parser::ParsedTemplateInfo const&, clang::Parser::ForRangeInit*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp:2860:21
    #12 0x55c5f07bff57 in clang::Parser::ParseDeclGroup(clang::ParsingDeclSpec&, clang::DeclaratorContext, clang::ParsedAttributes&, clang::Parser::ParsedTemplateInfo&, clang::SourceLocation*, clang::Parser::ForRangeInit*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp:2516:7
    #13 0x55c5f07bc850 in clang::Parser::ParseSimpleDeclaration(clang::DeclaratorContext, clang::SourceLocation&, clang::ParsedAttributes&, clang::ParsedAttributes&, bool, clang::Parser::ForRangeInit*, clang::SourceLocation*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp:2135:10
    #14 0x55c5f07bb10a in clang::Parser::ParseDeclaration(clang::DeclaratorContext, clang::SourceLocation&, clang::ParsedAttributes&, clang::ParsedAttributes&, clang::SourceLocation*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp
    #15 0x55c5f0a557ca in clang::Parser::ParseStatementOrDeclarationAfterAttributes(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*, clang::ParsedAttributes&, clang::ParsedAttributes&) /repo/llvm-project/clang/lib/Parse/ParseStmt.cpp
    #16 0x55c5f0a53918 in clang::Parser::ParseStatementOrDeclaration(llvm::SmallVector<clang::Stmt*, 32u>&, clang::Parser::ParsedStmtContext, clang::SourceLocation*) /repo/llvm-project/clang/lib/Parse/ParseStmt.cpp:124:20
    #17 0x55c5f0a7a6d8 in clang::Parser::ParseCompoundStatementBody(bool) /repo/llvm-project/clang/lib/Parse/ParseStmt.cpp:1248:11
    #18 0x55c5f0a7f8ff in clang::Parser::ParseFunctionStatementBody(clang::Decl*, clang::Parser::ParseScope&) /repo/llvm-project/clang/lib/Parse/ParseStmt.cpp:2526:21
    #19 0x55c5f073d852 in clang::Parser::ParseFunctionDefinition(clang::ParsingDeclarator&, clang::Parser::ParsedTemplateInfo const&, clang::Parser::LateParsedAttrList*) /repo/llvm-project/clang/lib/Parse/Parser.cpp:1525:10
    #20 0x55c5f07c331d in clang::Parser::ParseDeclGroup(clang::ParsingDeclSpec&, clang::DeclaratorContext, clang::ParsedAttributes&, clang::Parser::ParsedTemplateInfo&, clang::SourceLocation*, clang::Parser::ForRangeInit*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp:2427:17
    #21 0x55c5f07398ce in clang::Parser::ParseDeclOrFunctionDefInternal(clang::ParsedAttributes&, clang::ParsedAttributes&, clang::ParsingDeclSpec&, clang::AccessSpecifier) /repo/llvm-project/clang/lib/Parse/Parser.cpp:1249:10
    #22 0x55c5f0738217 in clang::Parser::ParseDeclarationOrFunctionDefinition(clang::ParsedAttributes&, clang::ParsedAttributes&, clang::ParsingDeclSpec*, clang::AccessSpecifier) /repo/llvm-project/clang/lib/Parse/Parser.cpp:1271:12
    #23 0x55c5f0734028 in clang::Parser::ParseExternalDeclaration(clang::ParsedAttributes&, clang::ParsedAttributes&, clang::ParsingDeclSpec*) /repo/llvm-project/clang/lib/Parse/Parser.cpp:1074:14
    #24 0x55c5f072c59c in clang::Parser::ParseTopLevelDecl(clang::OpaquePtr<clang::DeclGroupRef>&, clang::Sema::ModuleImportState&) /repo/llvm-project/clang/lib/Parse/Parser.cpp:763:12
    #25 0x55c5f072a994 in clang::Parser::ParseFirstTopLevelDecl(clang::OpaquePtr<clang::DeclGroupRef>&, clang::Sema::ModuleImportState&) /repo/llvm-project/clang/lib/Parse/Parser.cpp:608:26
    #26 0x55c5f07191b1 in clang::ParseAST(clang::Sema&, bool, bool) /repo/llvm-project/clang/lib/Parse/ParseAST.cpp:170:25
    #27 0x55c5eaf54108 in clang::CodeGenAction::ExecuteAction() /repo/llvm-project/clang/lib/CodeGen/CodeGenAction.cpp:1144:30
    #28 0x55c5eb8b8244 in clang::FrontendAction::Execute() /repo/llvm-project/clang/lib/Frontend/FrontendAction.cpp:1078:8
    #29 0x55c5eb67c96d in clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) /repo/llvm-project/clang/lib/Frontend/CompilerInstance.cpp:1061:33
    #30 0x55c5ebba5066 in clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /repo/llvm-project/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:280:25
    #31 0x55c5e1460591 in cc1_main(llvm::ArrayRef<char const*>, char const*, void*) /repo/llvm-project/clang/tools/driver/cc1_main.cpp:284:15
    #32 0x55c5e14562c4 in ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&, llvm::ToolContext const&) /repo/llvm-project/clang/tools/driver/driver.cpp:215:12
    #33 0x55c5e14522bc in clang_main(int, char**, llvm::ToolContext const&) /repo/llvm-project/clang/tools/driver/driver.cpp:256:12
    #34 0x55c5e148987f in main /repo/llvm-project/clean_build/tools/clang/tools/driver/clang-driver.cpp:17:10
    #35 0x7fc664782d8f  (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f) (BuildId: 69389d485a9793dbe873f0ea2c93e02efaa9aa3d)
    #36 0x7fc664782e3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e3f) (BuildId: 69389d485a9793dbe873f0ea2c93e02efaa9aa3d)
    #37 0x55c5e138ebb4 in _start (/repo/llvm-project/clean_build/bin/clang-19+0x52a4bb4) (BuildId: 0601712a1ad3f8a64038ec897042384629df75ad)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /repo/llvm-project/clang/include/clang/AST/Type.h:7728:37 in getType
==462686==ABORTING

The test case was generated by a fuzzer.
@github-actions github-actions bot added the clang Clang issues not falling into any other category label Oct 8, 2024
@EugeneZelenko EugeneZelenko added clang:frontend Language frontend issues, e.g. anything involving "Sema" crash Prefer [crash-on-valid] or [crash-on-invalid] clang:frontend:fuzzer and removed clang Clang issues not falling into any other category labels Oct 8, 2024
@llvmbot
Copy link
Collaborator

llvmbot commented Oct 8, 2024

@llvm/issue-subscribers-clang-frontend

Author: yype (yype)

Hi there, clang++ crashes from a SEGV on the following invalid test case: 
a() {struct b c (sizeof(b * [({ {tree-&gt;d* next)} 0

Tested version(s): 14.0.0 ~ 19.1.0, trunk.

Example: https://godbolt.org/z/o47W5zqzh

Stack dump:

<details>
<summary>Click me</summary>

0.	Program arguments: /repo/llvm-project/clean_build/bin/clang-19 -cc1 -triple x86_64-unknown-linux-gnu -emit-obj -dumpdir /tmp/test.out- -disable-free -clear-ast-before-backend -main-file-name 2.cpp -mrelocation-model pic -pic-level 2 -pic-is-pie -mframe-pointer=all -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fdebug-compilation-dir=/new_repo_root/errfuzz -fcoverage-compilation-dir=/new_repo_root/errfuzz -resource-dir /repo/llvm-project/clean_build/lib/clang/19 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/11/../../../../include/x86_64-linux-gnu/c++/11 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/backward -internal-isystem /repo/llvm-project/clean_build/lib/clang/19/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/11/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -fdeprecated-macro -ferror-limit 19 -fgnuc-version=4.2.1 -fskip-odr-check-in-gmf -fcxx-exceptions -fexceptions -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/2-67ccc9.o -x c++ /tmp/2.cpp
1.	&lt;eof&gt; parser at end of file
2.	/tmp/2.cpp:1:5: parsing function body 'a'
3.	/tmp/2.cpp:1:5: in compound statement ('{}')
 #<!-- -->0 0x000055c5e13ca6eb backtrace (/repo/llvm-project/clean_build/bin/clang-19+0x52e06eb)
 #<!-- -->1 0x000055c5e973769d llvm::sys::PrintStackTrace(llvm::raw_ostream&amp;, int) /repo/llvm-project/llvm/lib/Support/Unix/Signals.inc:727:8
 #<!-- -->2 0x000055c5e972fbe7 llvm::sys::RunSignalHandlers() /repo/llvm-project/llvm/lib/Support/Signals.cpp:0:5
 #<!-- -->3 0x000055c5e9738994 SignalHandler(int) /repo/llvm-project/llvm/lib/Support/Unix/Signals.inc:0:3
 #<!-- -->4 0x00007fc66479b520 (/lib/x86_64-linux-gnu/libc.so.6+0x42520)
 #<!-- -->5 0x000055c5f3c76bee getType /repo/llvm-project/clang/include/clang/AST/Type.h:7728:37
 #<!-- -->6 0x000055c5f3c76bee getArgumentType /repo/llvm-project/clang/include/clang/AST/Expr.h:2622:35
 #<!-- -->7 0x000055c5f3c76bee clang::computeDependence(clang::UnaryExprOrTypeTraitExpr*) /repo/llvm-project/clang/lib/AST/ComputeDependence.cpp:82:38
 #<!-- -->8 0x000055c5f15f9c35 setDependence /repo/llvm-project/clang/include/clang/AST/Expr.h:136:24
 #<!-- -->9 0x000055c5f15f9c35 UnaryExprOrTypeTraitExpr /repo/llvm-project/clang/include/clang/AST/Expr.h:2599:5
#<!-- -->10 0x000055c5f15f9c35 clang::Sema::CreateUnaryExprOrTypeTraitExpr(clang::TypeSourceInfo*, clang::SourceLocation, clang::UnaryExprOrTypeTrait, clang::SourceRange) /repo/llvm-project/clang/lib/Sema/SemaExpr.cpp:4609:24
#<!-- -->11 0x000055c5f15fb569 clang::Sema::ActOnUnaryExprOrTypeTraitExpr(clang::SourceLocation, clang::UnaryExprOrTypeTrait, bool, void*, clang::SourceRange) /repo/llvm-project/clang/lib/Sema/SemaExpr.cpp:4667:3
#<!-- -->12 0x000055c5f08cd302 clang::Parser::ParseUnaryExprOrTypeTraitExpression() /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp:0:0
#<!-- -->13 0x000055c5f08b57e2 clang::Parser::ParseCastExpression(clang::Parser::CastParseKind, bool, bool&amp;, clang::Parser::TypeCastState, bool, bool*) /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp:1535:9
#<!-- -->14 0x000055c5f08a1f7e ParseCastExpression /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp:712:20
#<!-- -->15 0x000055c5f08a1f7e clang::Parser::ParseAssignmentExpression(clang::Parser::TypeCastState) /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp:182:20
#<!-- -->16 0x000055c5f08d150b clang::Parser::ParseExpressionList(llvm::SmallVectorImpl&lt;clang::Expr*&gt;&amp;, llvm::function_ref&lt;void ()&gt;, bool, bool) /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp:3665:14
#<!-- -->17 0x000055c5f07c9f60 clang::Parser::ParseDeclarationAfterDeclaratorAndAttributes(clang::Declarator&amp;, clang::Parser::ParsedTemplateInfo const&amp;, clang::Parser::ForRangeInit*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp:2862:9
#<!-- -->18 0x000055c5f07bff58 clang::Parser::ParseDeclGroup(clang::ParsingDeclSpec&amp;, clang::DeclaratorContext, clang::ParsedAttributes&amp;, clang::Parser::ParsedTemplateInfo&amp;, clang::SourceLocation*, clang::Parser::ForRangeInit*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp:2516:7
#<!-- -->19 0x000055c5f07bc851 clang::Parser::ParseSimpleDeclaration(clang::DeclaratorContext, clang::SourceLocation&amp;, clang::ParsedAttributes&amp;, clang::ParsedAttributes&amp;, bool, clang::Parser::ForRangeInit*, clang::SourceLocation*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp:2135:10
#<!-- -->20 0x000055c5f07bb10b clang::Parser::ParseDeclaration(clang::DeclaratorContext, clang::SourceLocation&amp;, clang::ParsedAttributes&amp;, clang::ParsedAttributes&amp;, clang::SourceLocation*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp:0:0
#<!-- -->21 0x000055c5f0a557cb getBegin /repo/llvm-project/clang/include/clang/Basic/SourceLocation.h:222:44
#<!-- -->22 0x000055c5f0a557cb clang::Parser::ParseStatementOrDeclarationAfterAttributes(llvm::SmallVector&lt;clang::Stmt*, 32u&gt;&amp;, clang::Parser::ParsedStmtContext, clang::SourceLocation*, clang::ParsedAttributes&amp;, clang::ParsedAttributes&amp;) /repo/llvm-project/clang/lib/Parse/ParseStmt.cpp:265:28
#<!-- -->23 0x000055c5f0a53919 clang::Parser::ParseStatementOrDeclaration(llvm::SmallVector&lt;clang::Stmt*, 32u&gt;&amp;, clang::Parser::ParsedStmtContext, clang::SourceLocation*) /repo/llvm-project/clang/lib/Parse/ParseStmt.cpp:0:20
#<!-- -->24 0x000055c5f0a7a6d9 clang::Parser::ParseCompoundStatementBody(bool) /repo/llvm-project/clang/lib/Parse/ParseStmt.cpp:1248:11
#<!-- -->25 0x000055c5f0a7f900 clang::Parser::ParseFunctionStatementBody(clang::Decl*, clang::Parser::ParseScope&amp;) /repo/llvm-project/clang/lib/Parse/ParseStmt.cpp:2526:21
#<!-- -->26 0x000055c5f073d853 clang::Parser::ParseFunctionDefinition(clang::ParsingDeclarator&amp;, clang::Parser::ParsedTemplateInfo const&amp;, clang::Parser::LateParsedAttrList*) /repo/llvm-project/clang/lib/Parse/Parser.cpp:0:10
#<!-- -->27 0x000055c5f07c331e clang::Parser::ParseDeclGroup(clang::ParsingDeclSpec&amp;, clang::DeclaratorContext, clang::ParsedAttributes&amp;, clang::Parser::ParsedTemplateInfo&amp;, clang::SourceLocation*, clang::Parser::ForRangeInit*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp:2427:17
#<!-- -->28 0x000055c5f07398cf clang::Parser::ParseDeclOrFunctionDefInternal(clang::ParsedAttributes&amp;, clang::ParsedAttributes&amp;, clang::ParsingDeclSpec&amp;, clang::AccessSpecifier) /repo/llvm-project/clang/lib/Parse/Parser.cpp:1249:10
#<!-- -->29 0x000055c5f0738218 clang::Parser::ParseDeclarationOrFunctionDefinition(clang::ParsedAttributes&amp;, clang::ParsedAttributes&amp;, clang::ParsingDeclSpec*, clang::AccessSpecifier) /repo/llvm-project/clang/lib/Parse/Parser.cpp:1271:12
#<!-- -->30 0x000055c5f0734029 clang::Parser::ParseExternalDeclaration(clang::ParsedAttributes&amp;, clang::ParsedAttributes&amp;, clang::ParsingDeclSpec*) /repo/llvm-project/clang/lib/Parse/Parser.cpp:0:14
#<!-- -->31 0x000055c5f072c59d clang::Parser::ParseTopLevelDecl(clang::OpaquePtr&lt;clang::DeclGroupRef&gt;&amp;, clang::Sema::ModuleImportState&amp;) /repo/llvm-project/clang/lib/Parse/Parser.cpp:0:12
#<!-- -->32 0x000055c5f072a995 clang::Parser::ParseFirstTopLevelDecl(clang::OpaquePtr&lt;clang::DeclGroupRef&gt;&amp;, clang::Sema::ModuleImportState&amp;) /repo/llvm-project/clang/lib/Parse/Parser.cpp:608:26
#<!-- -->33 0x000055c5f07191b2 clang::ParseAST(clang::Sema&amp;, bool, bool) /repo/llvm-project/clang/lib/Parse/ParseAST.cpp:170:5
#<!-- -->34 0x000055c5eaf54109 clang::CodeGenAction::ExecuteAction() /repo/llvm-project/clang/lib/CodeGen/CodeGenAction.cpp:1228:1
#<!-- -->35 0x000055c5eb8b8245 clang::FrontendAction::Execute() /repo/llvm-project/clang/lib/Frontend/FrontendAction.cpp:1082:10
#<!-- -->36 0x000055c5eb67c96e clang::CompilerInstance::ExecuteAction(clang::FrontendAction&amp;) /repo/llvm-project/clang/lib/Frontend/CompilerInstance.cpp:0:33
#<!-- -->37 0x000055c5ebba5067 get /usr/bin/../lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/bits/shared_ptr_base.h:1296:16
#<!-- -->38 0x000055c5ebba5067 _M_get /usr/bin/../lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/bits/shared_ptr_base.h:993:66
#<!-- -->39 0x000055c5ebba5067 operator-&gt; /usr/bin/../lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/bits/shared_ptr_base.h:987:9
#<!-- -->40 0x000055c5ebba5067 getFrontendOpts /repo/llvm-project/clang/include/clang/Frontend/CompilerInstance.h:312:12
#<!-- -->41 0x000055c5ebba5067 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /repo/llvm-project/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:281:14
#<!-- -->42 0x000055c5e1460592 cc1_main(llvm::ArrayRef&lt;char const*&gt;, char const*, void*) /repo/llvm-project/clang/tools/driver/cc1_main.cpp:0:15
#<!-- -->43 0x000055c5e14562c5 ExecuteCC1Tool(llvm::SmallVectorImpl&lt;char const*&gt;&amp;, llvm::ToolContext const&amp;) /repo/llvm-project/clang/tools/driver/driver.cpp:0:0
#<!-- -->44 0x000055c5e14522bd clang_main(int, char**, llvm::ToolContext const&amp;) /repo/llvm-project/clang/tools/driver/driver.cpp:0:12
#<!-- -->45 0x000055c5e1489880 main /repo/llvm-project/clean_build/tools/clang/tools/driver/clang-driver.cpp:17:10
#<!-- -->46 0x00007fc664782d90 (/lib/x86_64-linux-gnu/libc.so.6+0x29d90)
#<!-- -->47 0x00007fc664782e40 __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e40)
#<!-- -->48 0x000055c5e138ebb5 _start (/repo/llvm-project/clean_build/bin/clang-19+0x52a4bb5)
AddressSanitizer:DEADLYSIGNAL
=================================================================
==462686==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x55c5f3c76bee bp 0x7ffc35bb0130 sp 0x7ffc35bb0100 T0)
==462686==The signal is caused by a READ memory access.
==462686==Hint: address points to the zero page.
    #<!-- -->0 0x55c5f3c76bee in getType /repo/llvm-project/clang/include/clang/AST/Type.h:7728:37
    #<!-- -->1 0x55c5f3c76bee in getArgumentType /repo/llvm-project/clang/include/clang/AST/Expr.h:2622:35
    #<!-- -->2 0x55c5f3c76bee in clang::computeDependence(clang::UnaryExprOrTypeTraitExpr*) /repo/llvm-project/clang/lib/AST/ComputeDependence.cpp:82:38
    #<!-- -->3 0x55c5f15f9c34 in UnaryExprOrTypeTraitExpr /repo/llvm-project/clang/include/clang/AST/Expr.h:2599:19
    #<!-- -->4 0x55c5f15f9c34 in clang::Sema::CreateUnaryExprOrTypeTraitExpr(clang::TypeSourceInfo*, clang::SourceLocation, clang::UnaryExprOrTypeTrait, clang::SourceRange) /repo/llvm-project/clang/lib/Sema/SemaExpr.cpp:4609:24
    #<!-- -->5 0x55c5f15fb568 in clang::Sema::ActOnUnaryExprOrTypeTraitExpr(clang::SourceLocation, clang::UnaryExprOrTypeTrait, bool, void*, clang::SourceRange) /repo/llvm-project/clang/lib/Sema/SemaExpr.cpp:4666:12
    #<!-- -->6 0x55c5f08cd301 in clang::Parser::ParseUnaryExprOrTypeTraitExpression() /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp
    #<!-- -->7 0x55c5f08b57e1 in clang::Parser::ParseCastExpression(clang::Parser::CastParseKind, bool, bool&amp;, clang::Parser::TypeCastState, bool, bool*) /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp:1535:11
    #<!-- -->8 0x55c5f08a1f7d in ParseCastExpression /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp:712:20
    #<!-- -->9 0x55c5f08a1f7d in clang::Parser::ParseAssignmentExpression(clang::Parser::TypeCastState) /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp:182:20
    #<!-- -->10 0x55c5f08d150a in clang::Parser::ParseExpressionList(llvm::SmallVectorImpl&lt;clang::Expr*&gt;&amp;, llvm::function_ref&lt;void ()&gt;, bool, bool) /repo/llvm-project/clang/lib/Parse/ParseExpr.cpp:3665:14
    #<!-- -->11 0x55c5f07c9f5f in clang::Parser::ParseDeclarationAfterDeclaratorAndAttributes(clang::Declarator&amp;, clang::Parser::ParsedTemplateInfo const&amp;, clang::Parser::ForRangeInit*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp:2860:21
    #<!-- -->12 0x55c5f07bff57 in clang::Parser::ParseDeclGroup(clang::ParsingDeclSpec&amp;, clang::DeclaratorContext, clang::ParsedAttributes&amp;, clang::Parser::ParsedTemplateInfo&amp;, clang::SourceLocation*, clang::Parser::ForRangeInit*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp:2516:7
    #<!-- -->13 0x55c5f07bc850 in clang::Parser::ParseSimpleDeclaration(clang::DeclaratorContext, clang::SourceLocation&amp;, clang::ParsedAttributes&amp;, clang::ParsedAttributes&amp;, bool, clang::Parser::ForRangeInit*, clang::SourceLocation*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp:2135:10
    #<!-- -->14 0x55c5f07bb10a in clang::Parser::ParseDeclaration(clang::DeclaratorContext, clang::SourceLocation&amp;, clang::ParsedAttributes&amp;, clang::ParsedAttributes&amp;, clang::SourceLocation*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp
    #<!-- -->15 0x55c5f0a557ca in clang::Parser::ParseStatementOrDeclarationAfterAttributes(llvm::SmallVector&lt;clang::Stmt*, 32u&gt;&amp;, clang::Parser::ParsedStmtContext, clang::SourceLocation*, clang::ParsedAttributes&amp;, clang::ParsedAttributes&amp;) /repo/llvm-project/clang/lib/Parse/ParseStmt.cpp
    #<!-- -->16 0x55c5f0a53918 in clang::Parser::ParseStatementOrDeclaration(llvm::SmallVector&lt;clang::Stmt*, 32u&gt;&amp;, clang::Parser::ParsedStmtContext, clang::SourceLocation*) /repo/llvm-project/clang/lib/Parse/ParseStmt.cpp:124:20
    #<!-- -->17 0x55c5f0a7a6d8 in clang::Parser::ParseCompoundStatementBody(bool) /repo/llvm-project/clang/lib/Parse/ParseStmt.cpp:1248:11
    #<!-- -->18 0x55c5f0a7f8ff in clang::Parser::ParseFunctionStatementBody(clang::Decl*, clang::Parser::ParseScope&amp;) /repo/llvm-project/clang/lib/Parse/ParseStmt.cpp:2526:21
    #<!-- -->19 0x55c5f073d852 in clang::Parser::ParseFunctionDefinition(clang::ParsingDeclarator&amp;, clang::Parser::ParsedTemplateInfo const&amp;, clang::Parser::LateParsedAttrList*) /repo/llvm-project/clang/lib/Parse/Parser.cpp:1525:10
    #<!-- -->20 0x55c5f07c331d in clang::Parser::ParseDeclGroup(clang::ParsingDeclSpec&amp;, clang::DeclaratorContext, clang::ParsedAttributes&amp;, clang::Parser::ParsedTemplateInfo&amp;, clang::SourceLocation*, clang::Parser::ForRangeInit*) /repo/llvm-project/clang/lib/Parse/ParseDecl.cpp:2427:17
    #<!-- -->21 0x55c5f07398ce in clang::Parser::ParseDeclOrFunctionDefInternal(clang::ParsedAttributes&amp;, clang::ParsedAttributes&amp;, clang::ParsingDeclSpec&amp;, clang::AccessSpecifier) /repo/llvm-project/clang/lib/Parse/Parser.cpp:1249:10
    #<!-- -->22 0x55c5f0738217 in clang::Parser::ParseDeclarationOrFunctionDefinition(clang::ParsedAttributes&amp;, clang::ParsedAttributes&amp;, clang::ParsingDeclSpec*, clang::AccessSpecifier) /repo/llvm-project/clang/lib/Parse/Parser.cpp:1271:12
    #<!-- -->23 0x55c5f0734028 in clang::Parser::ParseExternalDeclaration(clang::ParsedAttributes&amp;, clang::ParsedAttributes&amp;, clang::ParsingDeclSpec*) /repo/llvm-project/clang/lib/Parse/Parser.cpp:1074:14
    #<!-- -->24 0x55c5f072c59c in clang::Parser::ParseTopLevelDecl(clang::OpaquePtr&lt;clang::DeclGroupRef&gt;&amp;, clang::Sema::ModuleImportState&amp;) /repo/llvm-project/clang/lib/Parse/Parser.cpp:763:12
    #<!-- -->25 0x55c5f072a994 in clang::Parser::ParseFirstTopLevelDecl(clang::OpaquePtr&lt;clang::DeclGroupRef&gt;&amp;, clang::Sema::ModuleImportState&amp;) /repo/llvm-project/clang/lib/Parse/Parser.cpp:608:26
    #<!-- -->26 0x55c5f07191b1 in clang::ParseAST(clang::Sema&amp;, bool, bool) /repo/llvm-project/clang/lib/Parse/ParseAST.cpp:170:25
    #<!-- -->27 0x55c5eaf54108 in clang::CodeGenAction::ExecuteAction() /repo/llvm-project/clang/lib/CodeGen/CodeGenAction.cpp:1144:30
    #<!-- -->28 0x55c5eb8b8244 in clang::FrontendAction::Execute() /repo/llvm-project/clang/lib/Frontend/FrontendAction.cpp:1078:8
    #<!-- -->29 0x55c5eb67c96d in clang::CompilerInstance::ExecuteAction(clang::FrontendAction&amp;) /repo/llvm-project/clang/lib/Frontend/CompilerInstance.cpp:1061:33
    #<!-- -->30 0x55c5ebba5066 in clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /repo/llvm-project/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:280:25
    #<!-- -->31 0x55c5e1460591 in cc1_main(llvm::ArrayRef&lt;char const*&gt;, char const*, void*) /repo/llvm-project/clang/tools/driver/cc1_main.cpp:284:15
    #<!-- -->32 0x55c5e14562c4 in ExecuteCC1Tool(llvm::SmallVectorImpl&lt;char const*&gt;&amp;, llvm::ToolContext const&amp;) /repo/llvm-project/clang/tools/driver/driver.cpp:215:12
    #<!-- -->33 0x55c5e14522bc in clang_main(int, char**, llvm::ToolContext const&amp;) /repo/llvm-project/clang/tools/driver/driver.cpp:256:12
    #<!-- -->34 0x55c5e148987f in main /repo/llvm-project/clean_build/tools/clang/tools/driver/clang-driver.cpp:17:10
    #<!-- -->35 0x7fc664782d8f  (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f) (BuildId: 69389d485a9793dbe873f0ea2c93e02efaa9aa3d)
    #<!-- -->36 0x7fc664782e3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e3f) (BuildId: 69389d485a9793dbe873f0ea2c93e02efaa9aa3d)
    #<!-- -->37 0x55c5e138ebb4 in _start (/repo/llvm-project/clean_build/bin/clang-19+0x52a4bb4) (BuildId: 0601712a1ad3f8a64038ec897042384629df75ad)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /repo/llvm-project/clang/include/clang/AST/Type.h:7728:37 in getType
==462686==ABORTING

</details>

The test case was generated by a fuzzer.

@shafik shafik added confirmed Verified by a second party crash-on-invalid and removed crash Prefer [crash-on-valid] or [crash-on-invalid] labels Oct 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
clang:frontend:fuzzer clang:frontend Language frontend issues, e.g. anything involving "Sema" confirmed Verified by a second party crash-on-invalid
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@shafik @EugeneZelenko @yype @llvmbot