Page MenuHomePhabricator

[DebugInfo] Only create concrete DIEs of concrete functions
ClosedPublic

Authored by ellis on Oct 22 2021, 12:05 PM.

Details

Summary

At the begining of the module we can iterate through the functions to
see which SPs should have concrete DIEs. Then when we need to reference
a DIE for a SP we can decide if it's ok to create a concrete DIE or not.

Fixes

Diff Detail

Event Timeline

ellis created this revision.Oct 22 2021, 12:05 PM
ellis requested review of this revision.Oct 22 2021, 12:05 PM
Herald added a project: Restricted Project. · View Herald TranscriptOct 22 2021, 12:05 PM
ellis added inline comments.Oct 22 2021, 12:14 PM
llvm/lib/CodeGen/AsmPrinter/DwarfDebug.h
324–329

I just realized that maintaining both ProcessedSPNodes and ConcreteSPs is not necessary. If this gets accepted I'll remove ProcessedSPNodes.

dblaikie accepted this revision.Nov 1 2021, 4:45 PM

Oh, this sounds good - with the followup cleanup as you mentioned. Thanks for working through all this!

This revision is now accepted and ready to land.Nov 1 2021, 4:45 PM
ellis updated this revision to Diff 384160.Nov 2 2021, 10:39 AM

@dblaikie Turns out that since outlined machine functions are created during codegen, we can't see that those SPs are concrete during beginModule(). I've left ProcessedSPNodes how it was (which does include outlined SPs) and added comments to ConcreteSPs.

ellis requested review of this revision.Nov 2 2021, 10:40 AM

Could I get another quick review from these changes?

@dblaikie Turns out that since outlined machine functions are created during codegen, we can't see that those SPs are concrete during beginModule(). I've left ProcessedSPNodes how it was (which does include outlined SPs) and added comments to ConcreteSPs.

Does that not cause problems for the strategy in general? Wouldn't this mean new concrete subprograms would show up and break the assumptions made that only ConcreteSPs are the ones that need to be separated from the abstract definition?

ellis added a comment.Nov 2 2021, 11:42 AM

@dblaikie Turns out that since outlined machine functions are created during codegen, we can't see that those SPs are concrete during beginModule(). I've left ProcessedSPNodes how it was (which does include outlined SPs) and added comments to ConcreteSPs.

Does that not cause problems for the strategy in general? Wouldn't this mean new concrete subprograms would show up and break the assumptions made that only ConcreteSPs are the ones that need to be separated from the abstract definition?

Machine outlined subprograms won't be inlined so they won't ever have an abstract origin. For SPs that aren't found in getAbstractSPDies() (constructAbstractSubprogramScopeDIE() is never called for them), this diff is a no-op.

Maybe ConcreteSPs is a bad name now. I guess now it only holds SPs that are concrete and could possibly be inlined (have an abstract origin)

ellis added a comment.EditedNov 9 2021, 8:02 AM

@dblaikie Let me know if you have any concerns. The machine outliner only creates an SP that won't be the scope of any other DI element because the machine outliner does not copy any debug info.

dblaikie accepted this revision.Nov 9 2021, 8:38 AM

Sure - let's go with it. (the "IsConcrete" function still might be nice to have a more precise name - but I don't have any good suggestions off-hand)

This revision is now accepted and ready to land.Nov 9 2021, 8:38 AM
This revision was landed with ongoing or failed builds.Nov 9 2021, 10:53 AM
This revision was automatically updated to reflect the committed changes.
thakis added a subscriber: thakis.Nov 9 2021, 11:50 AM

Looks like this breaks check-llvm on mac and windows:
http://45.33.8.238/mac/38516/step_11.txt
http://45.33.8.238/win/48589/step_11.txt

Please take a look and revert for now if it takes a while to fix.

ellis added a comment.Nov 9 2021, 12:12 PM

Looks like this breaks check-llvm on mac and windows:
http://45.33.8.238/mac/38516/step_11.txt
http://45.33.8.238/win/48589/step_11.txt

Please take a look and revert for now if it takes a while to fix.

Apologies, I believe https://reviews.llvm.org/D113506 should fix the inlined-static-var.ll test, but I'm not sure about the others.

We have isolated this patch to cause a crash when compiling certain source files. My colleague has created a minimized reproducer, which I will share below, however I must note that personally I could not reproduce the crash with that reproducer. However I verified that with this patch reverted, we don't run into the crash anymore when compiling the original source file.

class A {
public:

unsigned n;                                                     
void Append() {                                                     
  auto raw_append = [] {};                                                     
  while (Avail())                                                     
    ;
}                                                     
long Avail();

} a;
bool c;
void f(A) { a.Append(); }

Crashes with

~/code/llvm-build-release/bin/clang "-cc1" "-triple" "x86_64-grtev4-linux-gnu" -ferror-limit 9999 "-emit-obj" "-debug-info-kind=constructor" "-dwarf-version=5" "-mllvm" "-generate-type-units" "-O3" "-std=gnu++17" "-fgnuc-version=4.2.1" "-fsized-deallocation" "-mllvm" "-disable-binop-extract-shuffle" "-x" "c++" "repro.ii"

So unfortunately I was not able to create a standalone reproducer, but the crash happened when compiling the cord_internal target from Abseil with a clang build which includes your patch:

https://github.com/abseil/abseil-cpp/blob/master/absl/strings/BUILD.bazel#L268

The stack trace looks like this:

#0 0x000055c3d0823d78 llvm::sys::RunSignalHandlers()
#1 0x000055c3d08263ac SignalHandler(int)
#2 0x00007f738ab60750 restore_rt
#3 0x000055c3cf433a35 llvm::DIE::computeOffsetsAndAbbrevs(llvm::AsmPrinter const*, llvm::DIEAbbrevSet&, unsigned int)
#4 0x000055c3cf433a56 llvm::DIE::computeOffsetsAndAbbrevs(llvm::AsmPrinter const*, llvm::DIEAbbrevSet&, unsigned int)
#5 0x000055c3cf433a56 llvm::DIE::computeOffsetsAndAbbrevs(llvm::AsmPrinter const*, llvm::DIEAbbrevSet&, unsigned int)
#6 0x000055c3cf47086f llvm::DwarfFile::computeSizeAndOffsets()
#7 0x000055c3cf4421e8 llvm::DwarfDebug::finalizeModuleInfo()
#8 0x000055c3cf4422c0 llvm::DwarfDebug::endModule()
#9 0x000055c3cf40d81c llvm::AsmPrinter::doFinalization(llvm::Module&)
#10 0x000055c3d06ffda1 llvm::FPPassManager::doFinalization(llvm::Module&)
#11 0x000055c3d06f9dc2 llvm::legacy::PassManagerImpl::run(llvm::Module&)
#12 0x000055c3ccbdb248 clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::HeaderSearchOptions const&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef, llvm::Module*, clang::BackendAction, std::
u::unique_ptr<llvm::raw_pwrite_stream, std::__u::default_delete<llvm::raw_pwrite_stream> >)
#13 0x000055c3ccbd6eb3 clang::CodeGenAction::ExecuteAction()
#14 0x000055c3cd4c0e7a clang::FrontendAction::Execute()
#15 0x000055c3cd439676 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&)
#16 0x000055c3cc8da5a6 clang::ExecuteCompilerInvocation(clang::CompilerInstance*)
#17 0x000055c3cc8cf131 cc1_main(llvm::ArrayRef<char const*>, char const*, void*)
#18 0x000055c3cc8cd4c2 ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&)
#19 0x000055c3cc8cd2bf main

jgorbe added a subscriber: jgorbe.Nov 10 2021, 12:12 PM

Hi, I created the reproducer that akuegel posted above. I have reproduced the crash starting with a clean repo with the steps below. The stack trace is a bit different, but a release build following the same steps will get you a stack trace very similar to what he posted. What I've noticed is that the crash does not always reproduce consistently. I was trying a new release build to double check the steps below, I ran the build command multiple times in a row, and it crashed only sometimes. The crash is a segfault, so it's possible that sometimes an invalid memory access doesn't immediatly crash the program.

$ git checkout f19471a24985a0cbc32b6548c8fce1d2514e8243
$ mkdir ../llvm-new-build
$ cd ../llvm-new-build
$ cmake -GNinja -DCMAKE_BUILD_TYPE=Debug -DLLVM_ENABLE_PROJECTS="clang;lld" -DCMAKE_C_COMPILER=clang-11 -DCMAKE_CXX_COMPILER=clang++-11 -DCMAKE_ASM_COMPILER=clang-11 -DLLVM_ENABLE_LLD=ON ../llvm/llvm
$ ninja
$ cat > repro.ii                                                                                                                
class A {
public:
  unsigned n;
  void Append() {
    auto raw_append = [] {};
    while (Avail())
      ;
  }
  long Avail();
} a;
bool c;
void f(A) { a.Append(); }
$ bin/clang "-cc1" "-triple" "x86_64-grtev4-linux-gnu" -ferror-limit 9999 "-emit-obj" "-debug-info-kind=constructor" "-dwarf-version=5" "-mllvm" "-generate-type-units" "-O3" "-std=gnu++17" "-fgnuc-version=4.2.1" "-fsized-deallocation" "-mllvm" "-disable-binop-extract-shuffle" "-x" "c++" "repro.ii"
PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.	Program arguments: bin/clang -cc1 -triple x86_64-grtev4-linux-gnu -ferror-limit 9999 -emit-obj -debug-info-kind=constructor -dwarf-version=5 -mllvm -generate-type-units -O3 -std=gnu++17 -fgnuc-version=4.2.1 -fsized-deallocation -mllvm -disable-binop-extract-shuffle -x c++ repro.ii
1.	<eof> parser at end of file
2.	Code generation
 #0 0x000000000a1f60ea llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/Support/Unix/Signals.inc:565:11
 #1 0x000000000a1f62bb PrintStackTraceSignalHandler(void*) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/Support/Unix/Signals.inc:632:1
 #2 0x000000000a1f489b llvm::sys::RunSignalHandlers() /usr/local/google/home/jgorbe/code/llvm/llvm/lib/Support/Signals.cpp:96:5
 #3 0x000000000a1f6a31 SignalHandler(int) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/Support/Unix/Signals.inc:407:1
 #4 0x00007fb0702ab8e0 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x138e0)
 #5 0x000000000b9354b0 llvm::PointerIntPair<llvm::IntrusiveBackListNode*, 1u, unsigned int, llvm::PointerLikeTypeTraits<llvm::IntrusiveBackListNode*>, llvm::PointerIntPairInfo<llvm::IntrusiveBackListNode*, 1u, llvm::PointerLikeTypeTraits<llvm::IntrusiveBackListNode*> > >::getPointer() const /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/ADT/PointerIntPair.h:59:58
 #6 0x000000000b93544a llvm::IntrusiveBackList<llvm::DIEValueList::Node>::begin() /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/CodeGen/DIE.h:635:19
 #7 0x000000000b935335 llvm::IntrusiveBackList<llvm::DIEValueList::Node>::begin() const /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/CodeGen/DIE.h:638:51
 #8 0x000000000b934f2c llvm::DIEValueList::values() const /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/CodeGen/DIE.h:731:49
 #9 0x000000000b934aca llvm::AsmPrinter::emitDwarfDIE(llvm::DIE const&) const /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/AsmPrinterDwarf.cpp:293:28
#10 0x000000000b934d8f llvm::AsmPrinter::emitDwarfDIE(llvm::DIE const&) const /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/AsmPrinterDwarf.cpp:310:22
#11 0x000000000b934d8f llvm::AsmPrinter::emitDwarfDIE(llvm::DIE const&) const /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/AsmPrinterDwarf.cpp:310:22
#12 0x000000000b9f0b92 llvm::DwarfFile::emitUnit(llvm::DwarfUnit*, bool) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfFile.cpp:54:28
#13 0x000000000b9f0a6e llvm::DwarfFile::emitUnits(bool) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfFile.cpp:32:25
#14 0x000000000b95c5ad llvm::DwarfDebug::emitDebugInfo() /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfDebug.cpp:2291:1
#15 0x000000000b95c06c llvm::DwarfDebug::endModule() /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfDebug.cpp:1443:3
#16 0x000000000b917c5c llvm::AsmPrinter::doFinalization(llvm::Module&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/AsmPrinter.cpp:1839:3
#17 0x000000000949cc8a llvm::FPPassManager::doFinalization(llvm::Module&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/IR/LegacyPassManager.cpp:1503:16
#18 0x0000000009498494 (anonymous namespace)::MPPassManager::runOnModule(llvm::Module&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/IR/LegacyPassManager.cpp:1590:16
#19 0x0000000009497cd8 llvm::legacy::PassManagerImpl::run(llvm::Module&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/IR/LegacyPassManager.cpp:542:16
#20 0x000000000949ce61 llvm::legacy::PassManager::run(llvm::Module&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/IR/LegacyPassManager.cpp:1681:3
#21 0x000000000a6ba76f (anonymous namespace)::EmitAssemblyHelper::RunCodegenPipeline(clang::BackendAction, std::unique_ptr<llvm::raw_pwrite_stream, std::default_delete<llvm::raw_pwrite_stream> >&, std::unique_ptr<llvm::ToolOutputFile, std::default_delete<llvm::ToolOutputFile> >&) /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/BackendUtil.cpp:1502:1
#22 0x000000000a6b2962 (anonymous namespace)::EmitAssemblyHelper::EmitAssembly(clang::BackendAction, std::unique_ptr<llvm::raw_pwrite_stream, std::default_delete<llvm::raw_pwrite_stream> >) /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/BackendUtil.cpp:1533:7
#23 0x000000000a6b1124 clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::HeaderSearchOptions const&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef, llvm::Module*, clang::BackendAction, std::unique_ptr<llvm::raw_pwrite_stream, std::default_delete<llvm::raw_pwrite_stream> >) /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/BackendUtil.cpp:1693:5
#24 0x000000000b4a146b clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&) /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/CodeGenAction.cpp:370:7
#25 0x000000000dceeeee clang::ParseAST(clang::Sema&, bool, bool) /usr/local/google/home/jgorbe/code/llvm/clang/lib/Parse/ParseAST.cpp:178:12
#26 0x000000000b2bac72 clang::ASTFrontendAction::ExecuteAction() /usr/local/google/home/jgorbe/code/llvm/clang/lib/Frontend/FrontendAction.cpp:1076:1
#27 0x000000000b49cb0b clang::CodeGenAction::ExecuteAction() /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/CodeGenAction.cpp:1108:5
#28 0x000000000b2ba638 clang::FrontendAction::Execute() /usr/local/google/home/jgorbe/code/llvm/clang/lib/Frontend/FrontendAction.cpp:971:7
#29 0x000000000b1ee852 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) /usr/local/google/home/jgorbe/code/llvm/clang/lib/Frontend/CompilerInstance.cpp:1030:23
#30 0x000000000b4897c9 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /usr/local/google/home/jgorbe/code/llvm/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:261:8
#31 0x000000000681bd7d cc1_main(llvm::ArrayRef<char const*>, char const*, void*) /usr/local/google/home/jgorbe/code/llvm/clang/tools/driver/cc1_main.cpp:246:13
#32 0x000000000680e678 ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&) /usr/local/google/home/jgorbe/code/llvm/clang/tools/driver/driver.cpp:317:5
#33 0x000000000680d692 main /usr/local/google/home/jgorbe/code/llvm/clang/tools/driver/driver.cpp:388:5
#34 0x00007fb06fd30e4a __libc_start_main ./csu/../csu/libc-start.c:314:16
#35 0x000000000680ceba _start (bin/clang+0x680ceba)

I rebuilt clang at this commit with -DLLVM_USE_SANITIZER=Address and it reports a problem nearby. I don't know if this patch is the actual root cause for the crash or if it's triggering an existing bug. Here's the full report in case it can help you debug the issue further:

=================================================================
==65688==ERROR: AddressSanitizer: heap-use-after-free on address 0x621000114780 at pc 0x00000d6d07eb bp 0x7ffe39a2fcd0 sp 0x7ffe39a2fcc8
READ of size 8 at 0x621000114780 thread T0
    #0 0xd6d07ea in push_back /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/CodeGen/DIE.h:537:14
    #1 0xd6d07ea in push_back /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/CodeGen/DIE.h:560:49
    #2 0xd6d07ea in addChild /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/CodeGen/DIE.h:849:14
    #3 0xd6d07ea in createAndAddScopeChildren /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfCompileUnit.cpp:1088:14
    #4 0xd6d07ea in llvm::DwarfCompileUnit::constructAbstractSubprogramScopeDIE(llvm::LexicalScope*) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfCompileUnit.cpp:1134:39
    #5 0xd66fd55 in llvm::DwarfDebug::endFunctionImpl(llvm::MachineFunction const*) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfDebug.cpp:2251:5
    #6 0xd622f12 in llvm::DebugHandlerBase::endFunction(llvm::MachineFunction const*) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DebugHandlerBase.cpp:410:5
    #7 0xd5e37bc in llvm::AsmPrinter::emitFunctionBody() /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/AsmPrinter.cpp:1505:17
    #8 0x71988ca in llvm::X86AsmPrinter::runOnMachineFunction(llvm::MachineFunction&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/Target/X86/X86AsmPrinter.cpp:82:3
    #9 0x871b761 in llvm::MachineFunctionPass::runOnFunction(llvm::Function&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/MachineFunctionPass.cpp:72:13
    #10 0x93e2a5f in llvm::FPPassManager::runOnFunction(llvm::Function&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/IR/LegacyPassManager.cpp:1439:27
    #11 0x93f6582 in llvm::FPPassManager::runOnModule(llvm::Module&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/IR/LegacyPassManager.cpp:1485:16
    #12 0x93e3adb in runOnModule /usr/local/google/home/jgorbe/code/llvm/llvm/lib/IR/LegacyPassManager.cpp:1554:27
    #13 0x93e3adb in llvm::legacy::PassManagerImpl::run(llvm::Module&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/IR/LegacyPassManager.cpp:542:44
    #14 0xb459526 in RunCodegenPipeline /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/BackendUtil.cpp:1501:17
    #15 0xb459526 in EmitAssembly /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/BackendUtil.cpp:1531:3
    #16 0xb459526 in clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::HeaderSearchOptions const&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef, llvm::Module*, clang::BackendAction, std::unique_ptr<llvm::raw_pwrite_stream, std::default_delete<llvm::raw_pwrite_stream> >) /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/BackendUtil.cpp:1693:15
    #17 0xccd1b86 in clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&) /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/CodeGenAction.cpp:370:7
    #18 0xfeeba7d in clang::ParseAST(clang::Sema&, bool, bool) /usr/local/google/home/jgorbe/code/llvm/clang/lib/Parse/ParseAST.cpp:171:13
    #19 0xcccc3a0 in clang::CodeGenAction::ExecuteAction() /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/CodeGenAction.cpp:1107:30
    #20 0xca60cf5 in clang::FrontendAction::Execute() /usr/local/google/home/jgorbe/code/llvm/clang/lib/Frontend/FrontendAction.cpp:967:8
    #21 0xc874011 in clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) /usr/local/google/home/jgorbe/code/llvm/clang/lib/Frontend/CompilerInstance.cpp:1030:33
    #22 0xccbc008 in clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /usr/local/google/home/jgorbe/code/llvm/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:261:25
    #23 0x41b8a70 in cc1_main(llvm::ArrayRef<char const*>, char const*, void*) /usr/local/google/home/jgorbe/code/llvm/clang/tools/driver/cc1_main.cpp:246:15
    #24 0x41b3db9 in ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&) /usr/local/google/home/jgorbe/code/llvm/clang/tools/driver/driver.cpp:317:12
    #25 0x41b22a7 in main /usr/local/google/home/jgorbe/code/llvm/clang/tools/driver/driver.cpp:388:12
    #26 0x7f9bd7d73e49 in __libc_start_main csu/../csu/libc-start.c:314:16
    #27 0x40ff079 in _start (/usr/local/google/home/jgorbe/code/llvm-new-build/bin/clang-14+0x40ff079)

0x621000114780 is located 640 bytes inside of 4096-byte region [0x621000114500,0x621000115500)
freed by thread T0 here:
    #0 0x41a926d in operator delete(void*) (/usr/local/google/home/jgorbe/code/llvm-new-build/bin/clang-14+0x41a926d)
    #1 0x41b5a9f in Deallocate /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/Support/AllocatorBase.h:92:5
    #2 0x41b5a9f in DeallocateSlabs /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/Support/Allocator.h:351:19
    #3 0x41b5a9f in llvm::BumpPtrAllocatorImpl<llvm::MallocAllocator, 4096ul, 4096ul, 128ul>::~BumpPtrAllocatorImpl() /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/Support/Allocator.h:100:5
    #4 0xd6817fc in operator() /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/unique_ptr.h:85:2
    #5 0xd6817fc in ~unique_ptr /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/unique_ptr.h:361:4
    #6 0xd6817fc in ~pair /usr/bin/../lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/bits/stl_pair.h:211:12
    #7 0xd6817fc in destroy_range /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/ADT/SmallVector.h:327:11
    #8 0xd6817fc in ~SmallVector /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/ADT/SmallVector.h:1175:5
    #9 0xd6817fc in llvm::DwarfDebug::addDwarfTypeUnitType(llvm::DwarfCompileUnit&, llvm::StringRef, llvm::DIE&, llvm::DICompositeType const*) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfDebug.cpp:3440:3
    #10 0xd72e9a8 in llvm::DwarfUnit::createTypeDIE(llvm::DIScope const*, llvm::DIE&, llvm::DIType const*) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfUnit.cpp:587:13
    #11 0xd72952a in llvm::DwarfUnit::addType(llvm::DIE&, llvm::DIType const*, llvm::dwarf::Attribute) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfUnit.cpp:650:44
    #12 0xd6cd5df in llvm::DwarfCompileUnit::applyVariableAttributes(llvm::DbgVariable const&, llvm::DIE&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfCompileUnit.cpp:1526:3
    #13 0xd6cad65 in llvm::DwarfCompileUnit::constructVariableDIEImpl(llvm::DbgVariable const&, bool) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfCompileUnit.cpp:735:5
    #14 0xd6c6ccb in constructVariableDIE /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfCompileUnit.cpp:711:12
    #15 0xd6c6ccb in constructVariableDIE /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfCompileUnit.cpp:907:14
    #16 0xd6c6ccb in llvm::DwarfCompileUnit::createScopeChildrenDIE(llvm::LexicalScope*, llvm::SmallVectorImpl<llvm::DIE*>&, bool*) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfCompileUnit.cpp:1030:24
    #17 0xd6d02d9 in createAndAddScopeChildren /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfCompileUnit.cpp:1084:24
    #18 0xd6d02d9 in llvm::DwarfCompileUnit::constructAbstractSubprogramScopeDIE(llvm::LexicalScope*) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfCompileUnit.cpp:1134:39
    #19 0xd66fd55 in llvm::DwarfDebug::endFunctionImpl(llvm::MachineFunction const*) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfDebug.cpp:2251:5
    #20 0xd622f12 in llvm::DebugHandlerBase::endFunction(llvm::MachineFunction const*) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DebugHandlerBase.cpp:410:5
    #21 0xd5e37bc in llvm::AsmPrinter::emitFunctionBody() /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/AsmPrinter.cpp:1505:17
    #22 0x71988ca in llvm::X86AsmPrinter::runOnMachineFunction(llvm::MachineFunction&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/Target/X86/X86AsmPrinter.cpp:82:3
    #23 0x871b761 in llvm::MachineFunctionPass::runOnFunction(llvm::Function&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/MachineFunctionPass.cpp:72:13
    #24 0x93e2a5f in llvm::FPPassManager::runOnFunction(llvm::Function&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/IR/LegacyPassManager.cpp:1439:27
    #25 0x93f6582 in llvm::FPPassManager::runOnModule(llvm::Module&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/IR/LegacyPassManager.cpp:1485:16
    #26 0x93e3adb in runOnModule /usr/local/google/home/jgorbe/code/llvm/llvm/lib/IR/LegacyPassManager.cpp:1554:27
    #27 0x93e3adb in llvm::legacy::PassManagerImpl::run(llvm::Module&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/IR/LegacyPassManager.cpp:542:44
    #28 0xb459526 in RunCodegenPipeline /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/BackendUtil.cpp:1501:17
    #29 0xb459526 in EmitAssembly /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/BackendUtil.cpp:1531:3
    #30 0xb459526 in clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::HeaderSearchOptions const&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef, llvm::Module*, clang::BackendAction, std::unique_ptr<llvm::raw_pwrite_stream, std::default_delete<llvm::raw_pwrite_stream> >) /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/BackendUtil.cpp:1693:15
    #31 0xccd1b86 in clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&) /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/CodeGenAction.cpp:370:7
    #32 0xfeeba7d in clang::ParseAST(clang::Sema&, bool, bool) /usr/local/google/home/jgorbe/code/llvm/clang/lib/Parse/ParseAST.cpp:171:13
    #33 0xcccc3a0 in clang::CodeGenAction::ExecuteAction() /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/CodeGenAction.cpp:1107:30
    #34 0xca60cf5 in clang::FrontendAction::Execute() /usr/local/google/home/jgorbe/code/llvm/clang/lib/Frontend/FrontendAction.cpp:967:8
    #35 0xc874011 in clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) /usr/local/google/home/jgorbe/code/llvm/clang/lib/Frontend/CompilerInstance.cpp:1030:33
    #36 0xccbc008 in clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /usr/local/google/home/jgorbe/code/llvm/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:261:25
    #37 0x41b8a70 in cc1_main(llvm::ArrayRef<char const*>, char const*, void*) /usr/local/google/home/jgorbe/code/llvm/clang/tools/driver/cc1_main.cpp:246:15
    #38 0x41b3db9 in ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&) /usr/local/google/home/jgorbe/code/llvm/clang/tools/driver/driver.cpp:317:12
    #39 0x41b22a7 in main /usr/local/google/home/jgorbe/code/llvm/clang/tools/driver/driver.cpp:388:12
    #40 0x7f9bd7d73e49 in __libc_start_main csu/../csu/libc-start.c:314:16

previously allocated by thread T0 here:
    #0 0x41a8a0d in operator new(unsigned long) (/usr/local/google/home/jgorbe/code/llvm-new-build/bin/clang-14+0x41a8a0d)
    #1 0x41f8aac in Allocate /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/Support/AllocatorBase.h:85:12
    #2 0x41f8aac in StartNewSlab /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/Support/Allocator.h:335:21
    #3 0x41f8aac in llvm::BumpPtrAllocatorImpl<llvm::MallocAllocator, 4096ul, 4096ul, 128ul>::Allocate(unsigned long, llvm::Align) /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/Support/Allocator.h:190:5
    #4 0xd6d9601 in Allocate /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/Support/Allocator.h:204:12
    #5 0xd6d9601 in operator new<llvm::MallocAllocator, 4096, 4096, 128> /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/Support/Allocator.h:437:20
    #6 0xd6d9601 in llvm::DIEValueList::addValue(llvm::BumpPtrAllocatorImpl<llvm::MallocAllocator, 4096ul, 4096ul, 128ul>&, llvm::DIEValue const&) /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/CodeGen/DIE.h:714:21
    #7 0xd722662 in addAttribute<llvm::DIEInteger> /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfUnit.h:92:9
    #8 0xd722662 in llvm::DwarfUnit::addUInt(llvm::DIEValueList&, llvm::dwarf::Attribute, llvm::Optional<llvm::dwarf::Form>, unsigned long) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfUnit.cpp:234:3
    #9 0xd68103c in llvm::DwarfDebug::addDwarfTypeUnitType(llvm::DwarfCompileUnit&, llvm::StringRef, llvm::DIE&, llvm::DICompositeType const*) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfDebug.cpp:3382:9
    #10 0xd72e9a8 in llvm::DwarfUnit::createTypeDIE(llvm::DIScope const*, llvm::DIE&, llvm::DIType const*) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfUnit.cpp:587:13
    #11 0xd72952a in llvm::DwarfUnit::addType(llvm::DIE&, llvm::DIType const*, llvm::dwarf::Attribute) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfUnit.cpp:650:44
    #12 0xd6cd5df in llvm::DwarfCompileUnit::applyVariableAttributes(llvm::DbgVariable const&, llvm::DIE&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfCompileUnit.cpp:1526:3
    #13 0xd6cad65 in llvm::DwarfCompileUnit::constructVariableDIEImpl(llvm::DbgVariable const&, bool) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfCompileUnit.cpp:735:5
    #14 0xd6c6ccb in constructVariableDIE /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfCompileUnit.cpp:711:12
    #15 0xd6c6ccb in constructVariableDIE /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfCompileUnit.cpp:907:14
    #16 0xd6c6ccb in llvm::DwarfCompileUnit::createScopeChildrenDIE(llvm::LexicalScope*, llvm::SmallVectorImpl<llvm::DIE*>&, bool*) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfCompileUnit.cpp:1030:24
    #17 0xd6d02d9 in createAndAddScopeChildren /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfCompileUnit.cpp:1084:24
    #18 0xd6d02d9 in llvm::DwarfCompileUnit::constructAbstractSubprogramScopeDIE(llvm::LexicalScope*) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfCompileUnit.cpp:1134:39
    #19 0xd66fd55 in llvm::DwarfDebug::endFunctionImpl(llvm::MachineFunction const*) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DwarfDebug.cpp:2251:5
    #20 0xd622f12 in llvm::DebugHandlerBase::endFunction(llvm::MachineFunction const*) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/DebugHandlerBase.cpp:410:5
    #21 0xd5e37bc in llvm::AsmPrinter::emitFunctionBody() /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/AsmPrinter/AsmPrinter.cpp:1505:17
    #22 0x71988ca in llvm::X86AsmPrinter::runOnMachineFunction(llvm::MachineFunction&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/Target/X86/X86AsmPrinter.cpp:82:3
    #23 0x871b761 in llvm::MachineFunctionPass::runOnFunction(llvm::Function&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/CodeGen/MachineFunctionPass.cpp:72:13
    #24 0x93e2a5f in llvm::FPPassManager::runOnFunction(llvm::Function&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/IR/LegacyPassManager.cpp:1439:27
    #25 0x93f6582 in llvm::FPPassManager::runOnModule(llvm::Module&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/IR/LegacyPassManager.cpp:1485:16
    #26 0x93e3adb in runOnModule /usr/local/google/home/jgorbe/code/llvm/llvm/lib/IR/LegacyPassManager.cpp:1554:27
    #27 0x93e3adb in llvm::legacy::PassManagerImpl::run(llvm::Module&) /usr/local/google/home/jgorbe/code/llvm/llvm/lib/IR/LegacyPassManager.cpp:542:44
    #28 0xb459526 in RunCodegenPipeline /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/BackendUtil.cpp:1501:17
    #29 0xb459526 in EmitAssembly /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/BackendUtil.cpp:1531:3
    #30 0xb459526 in clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::HeaderSearchOptions const&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef, llvm::Module*, clang::BackendAction, std::unique_ptr<llvm::raw_pwrite_stream, std::default_delete<llvm::raw_pwrite_stream> >) /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/BackendUtil.cpp:1693:15
    #31 0xccd1b86 in clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&) /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/CodeGenAction.cpp:370:7
    #32 0xfeeba7d in clang::ParseAST(clang::Sema&, bool, bool) /usr/local/google/home/jgorbe/code/llvm/clang/lib/Parse/ParseAST.cpp:171:13
    #33 0xcccc3a0 in clang::CodeGenAction::ExecuteAction() /usr/local/google/home/jgorbe/code/llvm/clang/lib/CodeGen/CodeGenAction.cpp:1107:30
    #34 0xca60cf5 in clang::FrontendAction::Execute() /usr/local/google/home/jgorbe/code/llvm/clang/lib/Frontend/FrontendAction.cpp:967:8
    #35 0xc874011 in clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) /usr/local/google/home/jgorbe/code/llvm/clang/lib/Frontend/CompilerInstance.cpp:1030:33
    #36 0xccbc008 in clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /usr/local/google/home/jgorbe/code/llvm/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:261:25
    #37 0x41b8a70 in cc1_main(llvm::ArrayRef<char const*>, char const*, void*) /usr/local/google/home/jgorbe/code/llvm/clang/tools/driver/cc1_main.cpp:246:15
    #38 0x41b3db9 in ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&) /usr/local/google/home/jgorbe/code/llvm/clang/tools/driver/driver.cpp:317:12
    #39 0x41b22a7 in main /usr/local/google/home/jgorbe/code/llvm/clang/tools/driver/driver.cpp:388:12
    #40 0x7f9bd7d73e49 in __libc_start_main csu/../csu/libc-start.c:314:16

SUMMARY: AddressSanitizer: heap-use-after-free /usr/local/google/home/jgorbe/code/llvm/llvm/include/llvm/CodeGen/DIE.h:537:14 in push_back
Shadow bytes around the buggy address:
  0x0c428001a8a0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c428001a8b0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c428001a8c0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c428001a8d0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c428001a8e0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x0c428001a8f0:[fd]fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c428001a900: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c428001a910: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c428001a920: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c428001a930: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c428001a940: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
  Shadow gap:              cc
==65688==ABORTING
ellis added a comment.Nov 10 2021, 8:57 PM

Hi @jgorbe and @akuegel

Thanks for the info and taking care of the reverts! I've been investigating the memory bug and it looks like it existed before, but my patch triggered the failure. I'm still trying to figure it out, but hopefully I can come up with a fix.

ellis added inline comments.Nov 11 2021, 4:44 PM
llvm/lib/CodeGen/AsmPrinter/DwarfUnit.cpp
1149–1153

I believe the bug is here. When using the -generate-type-units flag we cannot share DIEs accross CUs, but SPDie could come from a different CU.

The crash happened at DwarfDebug.cpp:addDwarfTypeUnitType() because a DIE was created, added to the child of a DIE in another unit, then destroyed in addDwarfTypeUnitType() while the parent DIE still existed.

I have a patch that I think works fine on the abseil-cpp project, so I'll upload that soon.

dblaikie added inline comments.Nov 11 2021, 5:04 PM
llvm/lib/CodeGen/AsmPrinter/DwarfUnit.cpp
1149–1153

We shouldn't (& yes, can't in the current architecture that creates type units and then emits them immediately and cleans up the data structure, to reduce peak memory usage) use cross-unit references to refer to contents of type units - but when type units are enabled we should still use cross-unit references between compilation units.