This is an archive of the discontinued LLVM Phabricator instance.

Produce warning for performing pointer arithmetic on a null pointer.
ClosedPublic

Authored by jamieschmeiser on Mar 17 2021, 11:06 AM.

Details

Summary

Test and produce warnings that subtracting a pointer from null or subtracting
null from a pointer is undefined behaviour and may be undefined behaviour in
C and C++, respectively. Add a new option -Wnull-pointer-subtraction
controlling this warning and add it to -Wextra. Also add unit tests for
the warnings in both C and C++.

Diff Detail

Event Timeline

jamieschmeiser requested review of this revision.Mar 17 2021, 11:06 AM
Herald added a project: Restricted Project. · View Herald TranscriptMar 17 2021, 11:06 AM

I used formatting similar to the existing code, which is not what clang-format is expecting.

jamieschmeiser retitled this revision from Produce waring for performing pointer arithmetic on a null pointer. to Produce warning for performing pointer arithmetic on a null pointer..Mar 29 2021, 6:29 AM

Reformat to satisfy clang-format

Please add a test for (char*)0-(char*)0.

Respond to review comments: add requested test.

efriedma added inline comments.Apr 9 2021, 10:58 AM
clang/lib/Sema/SemaExpr.cpp
10883

IgnoreParenCasts() seems a little weird here; e.g. this code thinks (char*)(char)256 isn't null? Not sure how much it practically matters, though, given this is just a warning.

clang/test/Sema/pointer-addition.c
34 ↗(On Diff #336500)

This is what I was afraid would happen.

C++ has a specific carveout in the standard that "null-null" isn't undefined. C doesn't, but I'm not sure warning is practically useful there.

In any case, printing the same warning twice isn't useful.

jamieschmeiser added inline comments.Apr 9 2021, 11:35 AM
clang/test/Sema/pointer-addition.c
34 ↗(On Diff #336500)

Yes, I see that [expr.add] p 7 says nullptr-nullptr is defined to be 0. I will suppress the warning for this.

jamieschmeiser added inline comments.Apr 9 2021, 2:08 PM
clang/test/Sema/pointer-addition.c
34 ↗(On Diff #336500)

I disagree with the comment that the two warnings are not useful. While it is the same warning, the section of code indicated by each warning is different and both need to be corrected to clear the code of warnings. A single warning would likely be more confusing in that a user would see the same warning and not notice that a different section of code is indicated after fixing the indicated problem. I would expect the typical response to be the user assuming that they had made a mistake and removing the initial fix and fixing the second, only to again receive a same warning again with a different section of code. The different code sections indicated would likely be overlooked, leading to frustration whereas two warnings clearly indicates there are 2 problems.

Respond to review comments: Do not issue warning for nullptr - nullptr in C++.

Fix indenting.

xbolva00 added a subscriber: xbolva00.

Maybe Nick could try this patch with linux kernel?

Maybe Nick could try this patch with linux kernel?

Yes! Thank you of thinking of me for this; we're currently sorting issues identified by this warning (as implemented today, for addition only IIUC) in:
https://lore.kernel.org/lkml/20210430111641.1911207-1-schnelle@linux.ibm.com/

I ran out of time today, but I'll give this a shot tomorrow and see if this catches anything that looks like a false positive.

I didn't see any instances in quick testing on the Linux kernel: x86_64 defconfig, aarch64 defconfig, arm defconfig, x86_64 allmodconfig. So I guess that's a good thing (for Linux)!

clang/lib/Sema/SemaExpr.cpp
10882–10892

Might it be better to move the C++ check to the top; have all of this within a if (!getLangOpts().CPlusPlus) { block? Perhaps I'm misunderstanding what the || is doing?

efriedma added inline comments.May 3 2021, 5:45 PM
clang/lib/Sema/SemaExpr.cpp
10882–10892

The getLangOpts().CPlusPlus check is specifically so we don't warn on null-null, which the C++ standard allows.

clang/test/Sema/pointer-addition.c
34 ↗(On Diff #336500)

I see what you mean about the two warnings; printing twice is probably okay.

In terms of whether we actually want the null-null warning in C, I could go either way. I usually like to avoid differences between C and C++ where possible. But the standards are actually written differently here. And it's unlikely that explicitly written null-null shows up in practice, so probably nobody will notice either way.

Needs a testcase for the C++ behavior.

Respond to review comments: add C++ test.

efriedma accepted this revision.May 6 2021, 1:06 PM

LGTM

This revision is now accepted and ready to land.May 6 2021, 1:06 PM
thakis added a subscriber: thakis.May 12 2021, 8:13 AM

Two pieces of feedback:

  1. This fires in system headers on windows, e.g. like so:
../../third_party/wtl/include\./atlapp.h(336,12): error: performing pointer arithmetic on a null pointer has undefined behavior if the offset is nonzero [-Werror,-Wnull-pointer-arithmetic]
                        uSize = LVGROUP_V5_SIZE;
                                ^~~~~~~~~~~~~~~
..\..\third_party\depot_tools\win_toolchain\vs_files\20d5f2553f\Windows Kits\10\Include\10.0.19041.0\um\commctrl.h(4074,25): note: expanded from macro 'LVGROUP_V5_SIZE'
#define LVGROUP_V5_SIZE CCSIZEOF_STRUCT(LVGROUP, uAlign)
                        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
..\..\third_party\depot_tools\win_toolchain\vs_files\20d5f2553f\Windows Kits\10\Include\10.0.19041.0\um\commctrl.h(262,90): note: expanded from macro 'CCSIZEOF_STRUCT'
#define CCSIZEOF_STRUCT(structname, member)  (((int)((LPBYTE)(&((structname*)0)->member) - ((LPBYTE)((structname*)0)))) + sizeof(((structname*)0)->member))
                                                                                         ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~

Can we make this not fire for macros for system headers? And if this takes a while to implement, can we revert this until then?

  1. This reusing the existing group means we now either have to disable the old, existing warning and regress, or we can't build. Can we please put this in a new group (Wnull-pointer-arithmetic-sub or what) that's a subgroup of Wnull-pointer-arithmetic but that can be turned off separately, to allow incremental roll-out of this?

Thanks!

@thakis, I have some questions about your comments.
Are you sure this is coming from a system header? The path that you gave has third_party as a directory in the path. If the warning were being triggered by code in a system header, I would have expected it to fire on something in the windows build bots but they appear to be clean.
I don't know if it is possible to suppress a warning based on whether the source is in a system header, or from a macro expansion that is defined in a system header; are you aware about whether or not this is possible? If it is, I suspect it would already be in force as a general setting, again making me question whether this is a system header...and if it isn't a system header, that wouldn't help you in any case.
If I understand your second point correctly, you have a system that previously compiled cleanly with warnings being treated as errors and you are concerned that if you use the existing options to suppress this particular warning, you are concerned that something could creep in. Therefore you are proposing a different warning group that would be a subgroup of the existing one so that if you set it, you would set both but you would still be able to set the specific one. I don't know if this is possible or not. Either way, I suspect that it would require using a different warning for the subtraction case, which would also require significantly changing these changes. Am I understanding correctly? If so, this implies that you have access to a workaround for your problem, although it may not be the best solution.
I do not have access to a windows setup to test any of these proposed changes; in particular, given that I suspect that the affected files are specific to some third party vendor from which you have purchased code, I do not have means of investigating the actual problems/solutions. If it would be helpful, I would be happy to review any changes that you might like to make to remedy the situation.
I will be on vacation for the next few days so please excuse my delayed responses.

thakis added a comment.EditedMay 12 2021, 10:40 AM

@thakis, I have some questions about your comments.
Are you sure this is coming from a system header? The path that you gave has third_party as a directory in the path.

Yes. third_party\depot_tools\win_toolchain\vs_files\20d5f2553f\Windows Kits\10\Include\10.0.19041.0\um\commctrl.h is a hermetic system directory used via /winsysrootthird_party\depot_tools\win_toolchain\vs_files\20d5f2553f.

If the warning were being triggered by code in a system header, I would have expected it to fire on something in the windows build bots but they appear to be clean.

I don't think LLVM uses a lot of code from the windows system headers. The compiler doesn't contain any UI :) (commctrl.h is a UI header).

I don't know if it is possible to suppress a warning based on whether the source is in a system header, or from a macro expansion that is defined in a system header; are you aware about whether or not this is possible?

Yes, that's possible, there are a bunch of examples, e.g. D38954

If I understand your second point correctly, you have a system that previously compiled cleanly with warnings being treated as errors and you are concerned that if you use the existing options to suppress this particular warning, you are concerned that something could creep in. Therefore you are proposing a different warning group that would be a subgroup of the existing one so that if you set it, you would set both but you would still be able to set the specific one.

Yes.

I don't know if this is possible or not.

It is.

Either way, I suspect that it would require using a different warning for the subtraction case, which would also require significantly changing these changes.

You'd have to add a new diag that's in a new group. It's a 4-line (ish) change I'd estimate.

Am I understanding correctly? If so, this implies that you have access to a workaround for your problem, although it may not be the best solution.

No, currently the only workaround is to turn off the existing warning, which means violations of the old things it warned about will creep in.

I will be on vacation for the next few days so please excuse my delayed responses.

Ok, then I'll revert this for now if that's ok with you?

(sorry, accidentally hit cmd-enter, not actually done writing)

xbolva00 added a comment.EditedMay 12 2021, 10:42 AM

You dont have to use -Wno-…

You can use pragma to disable this warning for certain location in the code, eg include of commctrl.h.

-1 for revert just because of this reason.

(Now completed the reply, see phab.)

You dont have to use -Wno-…

You can use pragma to disable this warning for certain location in the code, eg include of commctrl.h.

commctrl.h is included by other system headers too though.

I don't think requiring users to add pragmas in all files that transitively include a random subset of windows headers is great :) I'm fine with not reverting if a fix for this will happen soon, but it sounds like the author is away for a few days. Reverts are cheap.

@thakis if this is an issue for you, please revert; like you said, we can figure out the issues later.

Looking at the warning you showed, we might want to consider suppressing that specific pattern, in addition to (or instead of?) suppressing it in system headers. The null pointer subtraction is the least of the problems in (char*)&((struct S*)0)->member - (char*)0.

If this is a problem for you, please revert it and I will take a look when I return. Thanks.

thakis added a comment.EditedMay 12 2021, 11:54 AM

Thanks! Reverted for now in d8c227ba05d06

rsmith added inline comments.May 12 2021, 12:06 PM
clang/test/Sema/pointer-addition.cpp
5–6 ↗(On Diff #344413)

These two warnings are wrong -- their claim about these expressions having undefined behavior is incorrect. We can't prove that f is not null (and in fact it is null here), so we should not be producing a warning that says the code has undefined behavior. If you want to warn in the cases where you can prove the other pointer is non-null, and say that that case has undefined behavior, that seems fine, but please fix the diagnostic message to be technically correct (eg, "computing difference of a null pointer and a non-null pointer has undefined behavior").

Perhaps a better approach would be to use the same logic to decide whether to warn in C and C++, but produce different warning text. For example, you could say "[...] has undefined behavior" in C, but in C++ just say "warning: performing pointer arithmetic on a null pointer" without making potentially-inaccurate claims about UB? The code is still *suspicious* in C++ even if it's not UB.

jamieschmeiser reopened this revision.May 19 2021, 5:42 AM

Re-opening because it was reverted.

This revision is now accepted and ready to land.May 19 2021, 5:42 AM
jamieschmeiser edited the summary of this revision. (Show Details)

As requested, I have added a new warning option -Wnull-pointer-subtraction (and added it to -Wextra) that does not trigger on system headers. In addition, I changed the message used such that it states that it is undefined behaviour for C but may be undefined behaviour in C++ to address the concerns that performing the subtraction with a pointer that dynamically becomes null is not undefined behaviour. Expanded the testing to also test that the warning does not fire on system headers. Also, updated the release notes to indicate the new option.

jamieschmeiser requested review of this revision.May 19 2021, 11:16 AM

Significant changes made since previously accepted.

Fix formatting.

@thakis, can you please verify that the changes no longer affect the MS headers? Thanks.

hans added a subscriber: hans.May 27 2021, 1:42 PM

We tried it, and the warning is still firing in a similar (but not exactly the same) way:

In file included from ../../content/browser/accessibility/browser_accessibility_manager_win.cc:19:
In file included from ../..\content/browser/renderer_host/legacy_render_widget_host_win.h:11:
../../third_party/wtl/include\atlapp.h(366,12): error: performing pointer subtraction with a null pointer may have undefined behavior [-Werror,-Wnull-pointer-subtraction]
                        uSize = NONCLIENTMETRICS_V1_SIZE;
                                ^~~~~~~~~~~~~~~~~~~~~~~~
../../third_party/wtl/include\atlapp.h(248,38): note: expanded from macro 'NONCLIENTMETRICS_V1_SIZE'
  #define NONCLIENTMETRICS_V1_SIZE   _SIZEOF_STRUCT(NONCLIENTMETRICS, lfMessageFont)
                                     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../third_party/wtl/include\atlapp.h(228,91): note: expanded from macro '_SIZEOF_STRUCT'
  #define _SIZEOF_STRUCT(structname, member)  (((int)((LPBYTE)(&((structname*)0)->member) - ((LPBYTE)((structname*)0)))) + sizeof(((structname*)0)->member))
                                                                                          ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~

Note that this time the warning is coming from a macro defined in a wtl/ header itself , which is not a system header. So I think the "don't warn in system headers" part is working correctly.

And it's good that it's got a separate flag, because for Chromium we would need to turn it off.

But as a developer I'm confused by the warning saying this _may_ have undefined behavior. Does it or doesn't it? If it does, I suppose the warning makes sense and keeping it behind a separate flag that's part of -Wextra seems reasonable.

The reason I worded it with 'may' is because, in C++, nullptr - nullptr is defined. If the code is "nullptr - p" or "p - nullptr", it is only undefined behaviour when p is not nullptr, hence the 'may' part of the warning because this is not known at compile time. The warning is still useful as it is suspect code but one cannot state that it is undefined behaviour because it is valid if it is null at runtime.

@rsmith I separated the C and C++ messages in response to your comments and changed the C++ message to state that "performing pointer subtraction with a null pointer may have undefined behavior" to address your concerns. Are you satisfied? @thakis, the warning no longer fires in the MS headers according to @hans and there is separate option control over this warning. Is this sufficient? @efriedma, thank you for reviewing/approving the original but these changes were sufficiently different that I thought a new review would be beneficial. Are you still satisfied with the resulting changes?

@rsmith @thakis @efriedma If there are no more changes required, please approve.

kkwli0 added a subscriber: kkwli0.Jul 12 2021, 5:24 PM
This comment was removed by kkwli0.

This was originally approved and landed on May 11th. I agreed to let it be reverted when it was discovered that some headers were triggering the warning. I reworked the code to not generate the warning when coming from system header files and also added option control for the warnings. I was informed that the changes fixed the problems with the system headers but have received no other feedback since late May, despite numerous pings and requests tagging the various people involved. Since I have received no objections, further comments nor further review in approximately 2 months, I am assuming that there are no further concerns. Unless I hear otherwise, I will commit these changes tomorrow.

This revision was not accepted when it landed; it landed in state Needs Review.Jul 20 2021, 7:13 AM
This revision was automatically updated to reflect the committed changes.

This commit also makes the phoronix/pgbench run fail.
clang --gcc-toolchain=/usr/bin/.. -target aarch64-unknown-linux-gnu -Wall -Wmissing-prototypes -Wpointer-arith -Wdeclaration-after-statement -Wendif-labels -Wmissing-format-attribute -Wformat-security -fno-strict-aliasing -fwrapv -Wno-unused-command-line-argument -Ofast -funroll-loops -flto -mcpu=cortex-a57 -fno-fast-math -L../../src/port -L../../src/common -Ofast -funroll-loops -flto -mcpu=cortex-a57 -fno-fast-math -Wl,--as-needed -Wl,-E access/brin/brin.o access/brin/brin_pageops.o access/brin/brin_revmap.o access/brin/brin_tuple.o access/brin/brin_xlog.o access/brin/brin_minmax.o access/brin/brin_inclusion.o access/brin/brin_validate.o access/common/bufmask.o access/common/heaptuple.o access/common/indextuple.o access/common/printsimple.o access/common/printtup.o access/common/reloptions.o access/common/scankey.o access/common/tupconvert.o access/common/tupdesc.o access/gin/ginutil.o access/gin/gininsert.o access/gin/ginxlog.o access/gin/ginentrypage.o access/gin/gindatapage.o access/gin/ginbtree.o access/gin/ginscan.o access/gin/ginget.o access/gin/ginvacuum.o access/gin/ginarrayproc.o access/gin/ginbulk.o access/gin/ginfast.o access/gin/ginpostinglist.o access/gin/ginlogic.o access/gin/ginvalidate.o access/gist/gist.o access/gist/gistutil.o access/gist/gistxlog.o access/gist/gistvacuum.o access/gist/gistget.o access/gist/gistscan.o access/gist/gistproc.o access/gist/gistsplit.o access/gist/gistbuild.o access/gist/gistbuildbuffers.o access/gist/gistvalidate.o access/hash/hash.o access/hash/hashfunc.o access/hash/hashinsert.o access/hash/hashovfl.o access/hash/hashpage.o access/hash/hashsearch.o access/hash/hashsort.o access/hash/hashutil.o access/hash/hashvalidate.o access/hash/hash_xlog.o access/heap/heapam.o access/heap/hio.o access/heap/pruneheap.o access/heap/rewriteheap.o access/heap/syncscan.o access/heap/tuptoaster.o access/heap/visibilitymap.o access/index/amapi.o access/index/amvalidate.o access/index/genam.o access/index/indexam.o access/nbtree/nbtcompare.o access/nbtree/nbtinsert.o access/nbtree/nbtpage.o access/nbtree/nbtree.o access/nbtree/nbtsearch.o access/nbtree/nbtutils.o access/nbtree/nbtsort.o access/nbtree/nbtvalidate.o access/nbtree/nbtxlog.o access/rmgrdesc/brindesc.o access/rmgrdesc/clogdesc.o access/rmgrdesc/committsdesc.o access/rmgrdesc/dbasedesc.o access/rmgrdesc/genericdesc.o access/rmgrdesc/gindesc.o access/rmgrdesc/gistdesc.o access/rmgrdesc/hashdesc.o access/rmgrdesc/heapdesc.o access/rmgrdesc/logicalmsgdesc.o access/rmgrdesc/mxactdesc.o access/rmgrdesc/nbtdesc.o access/rmgrdesc/relmapdesc.o access/rmgrdesc/replorigindesc.o access/rmgrdesc/seqdesc.o access/rmgrdesc/smgrdesc.o access/rmgrdesc/spgdesc.o access/rmgrdesc/standbydesc.o access/rmgrdesc/tblspcdesc.o access/rmgrdesc/xactdesc.o access/rmgrdesc/xlogdesc.o access/spgist/spgutils.o access/spgist/spginsert.o access/spgist/spgscan.o access/spgist/spgvacuum.o access/spgist/spgvalidate.o access/spgist/spgdoinsert.o access/spgist/spgxlog.o access/spgist/spgtextproc.o access/spgist/spgquadtreeproc.o access/spgist/spgkdtreeproc.o access/tablesample/bernoulli.o access/tablesample/system.o access/tablesample/tablesample.o access/transam/clog.o access/transam/commit_ts.o access/transam/generic_xlog.o access/transam/multixact.o access/transam/parallel.o access/transam/rmgr.o access/transam/slru.o access/transam/subtrans.o access/transam/timeline.o access/transam/transam.o access/transam/twophase.o access/transam/twophase_rmgr.o access/transam/varsup.o access/transam/xact.o access/transam/xlog.o access/transam/xlogarchive.o access/transam/xlogfuncs.o access/transam/xloginsert.o access/transam/xlogreader.o access/transam/xlogutils.o bootstrap/bootparse.o bootstrap/bootstrap.o catalog/catalog.o catalog/dependency.o catalog/heap.o catalog/index.o catalog/indexing.o catalog/namespace.o catalog/aclchk.o catalog/objectaccess.o catalog/objectaddress.o catalog/partition.o catalog/pg_aggregate.o catalog/pg_collation.o catalog/pg_constraint.o catalog/pg_conversion.o catalog/pg_depend.o catalog/pg_enum.o catalog/pg_inherits.o catalog/pg_largeobject.o catalog/pg_namespace.o catalog/pg_operator.o catalog/pg_proc.o catalog/pg_publication.o catalog/pg_range.o catalog/pg_db_role_setting.o catalog/pg_shdepend.o catalog/pg_subscription.o catalog/pg_type.o catalog/storage.o catalog/toasting.o parser/analyze.o parser/gram.o parser/scan.o parser/parser.o parser/parse_agg.o parser/parse_clause.o parser/parse_coerce.o parser/parse_collate.o parser/parse_cte.o parser/parse_enr.o parser/parse_expr.o parser/parse_func.o parser/parse_node.o parser/parse_oper.o parser/parse_param.o parser/parse_relation.o parser/parse_target.o parser/parse_type.o parser/parse_utilcmd.o parser/scansup.o commands/amcmds.o commands/aggregatecmds.o commands/alter.o commands/analyze.o commands/async.o commands/cluster.o commands/comment.o commands/collationcmds.o commands/constraint.o commands/conversioncmds.o commands/copy.o commands/createas.o commands/dbcommands.o commands/define.o commands/discard.o commands/dropcmds.o commands/event_trigger.o commands/explain.o commands/extension.o commands/foreigncmds.o commands/functioncmds.o commands/indexcmds.o commands/lockcmds.o commands/matview.o commands/operatorcmds.o commands/opclasscmds.o commands/policy.o commands/portalcmds.o commands/prepare.o commands/proclang.o commands/publicationcmds.o commands/schemacmds.o commands/seclabel.o commands/sequence.o commands/statscmds.o commands/subscriptioncmds.o commands/tablecmds.o commands/tablespace.o commands/trigger.o commands/tsearchcmds.o commands/typecmds.o commands/user.o commands/vacuum.o commands/vacuumlazy.o commands/variable.o commands/view.o executor/execAmi.o executor/execCurrent.o executor/execExpr.o executor/execExprInterp.o executor/execGrouping.o executor/execIndexing.o executor/execJunk.o executor/execMain.o executor/execParallel.o executor/execProcnode.o executor/execReplication.o executor/execScan.o executor/execSRF.o executor/execTuples.o executor/execUtils.o executor/functions.o executor/instrument.o executor/nodeAppend.o executor/nodeAgg.o executor/nodeBitmapAnd.o executor/nodeBitmapOr.o executor/nodeBitmapHeapscan.o executor/nodeBitmapIndexscan.o executor/nodeCustom.o executor/nodeFunctionscan.o executor/nodeGather.o executor/nodeHash.o executor/nodeHashjoin.o executor/nodeIndexscan.o executor/nodeIndexonlyscan.o executor/nodeLimit.o executor/nodeLockRows.o executor/nodeGatherMerge.o executor/nodeMaterial.o executor/nodeMergeAppend.o executor/nodeMergejoin.o executor/nodeModifyTable.o executor/nodeNestloop.o executor/nodeProjectSet.o executor/nodeRecursiveunion.o executor/nodeResult.o executor/nodeSamplescan.o executor/nodeSeqscan.o executor/nodeSetOp.o executor/nodeSort.o executor/nodeUnique.o executor/nodeValuesscan.o executor/nodeCtescan.o executor/nodeNamedtuplestorescan.o executor/nodeWorktablescan.o executor/nodeGroup.o executor/nodeSubplan.o executor/nodeSubqueryscan.o executor/nodeTidscan.o executor/nodeForeignscan.o executor/nodeWindowAgg.o executor/tstoreReceiver.o executor/tqueue.o executor/spi.o executor/nodeTableFuncscan.o foreign/foreign.o lib/binaryheap.o lib/bipartite_match.o lib/hyperloglog.o lib/ilist.o lib/knapsack.o lib/pairingheap.o lib/rbtree.o lib/stringinfo.o libpq/be-fsstubs.o libpq/be-secure.o libpq/auth.o libpq/crypt.o libpq/hba.o libpq/ifaddr.o libpq/pqcomm.o libpq/pqformat.o libpq/pqmq.o libpq/pqsignal.o libpq/auth-scram.o main/main.o nodes/nodeFuncs.o nodes/nodes.o nodes/list.o nodes/bitmapset.o nodes/tidbitmap.o nodes/copyfuncs.o nodes/equalfuncs.o nodes/extensible.o nodes/makefuncs.o nodes/outfuncs.o nodes/readfuncs.o nodes/print.o nodes/read.o nodes/params.o nodes/value.o optimizer/geqo/geqo_copy.o optimizer/geqo/geqo_eval.o optimizer/geqo/geqo_main.o optimizer/geqo/geqo_misc.o optimizer/geqo/geqo_mutation.o optimizer/geqo/geqo_pool.o optimizer/geqo/geqo_random.o optimizer/geqo/geqo_recombination.o optimizer/geqo/geqo_selection.o optimizer/geqo/geqo_erx.o optimizer/geqo/geqo_pmx.o optimizer/geqo/geqo_cx.o optimizer/geqo/geqo_px.o optimizer/geqo/geqo_ox1.o optimizer/geqo/geqo_ox2.o optimizer/path/allpaths.o optimizer/path/clausesel.o optimizer/path/costsize.o optimizer/path/equivclass.o optimizer/path/indxpath.o optimizer/path/joinpath.o optimizer/path/joinrels.o optimizer/path/pathkeys.o optimizer/path/tidpath.o optimizer/plan/analyzejoins.o optimizer/plan/createplan.o optimizer/plan/initsplan.o optimizer/plan/planagg.o optimizer/plan/planmain.o optimizer/plan/planner.o optimizer/plan/setrefs.o optimizer/plan/subselect.o optimizer/prep/prepjointree.o optimizer/prep/prepqual.o optimizer/prep/preptlist.o optimizer/prep/prepunion.o optimizer/util/clauses.o optimizer/util/joininfo.o optimizer/util/orclauses.o optimizer/util/pathnode.o optimizer/util/placeholder.o optimizer/util/plancat.o optimizer/util/predtest.o optimizer/util/relnode.o optimizer/util/restrictinfo.o optimizer/util/tlist.o optimizer/util/var.o port/atomics.o port/dynloader.o port/pg_sema.o port/pg_shmem.o postmaster/autovacuum.o postmaster/bgworker.o postmaster/bgwriter.o postmaster/checkpointer.o postmaster/fork_process.o postmaster/pgarch.o postmaster/pgstat.o postmaster/postmaster.o postmaster/startup.o postmaster/syslogger.o postmaster/walwriter.o regex/regcomp.o regex/regerror.o regex/regexec.o regex/regfree.o regex/regprefix.o regex/regexport.o replication/logical/decode.o replication/logical/launcher.o replication/logical/logical.o replication/logical/logicalfuncs.o replication/logical/message.o replication/logical/origin.o replication/logical/proto.o replication/logical/relation.o replication/logical/reorderbuffer.o replication/logical/snapbuild.o replication/logical/tablesync.o replication/logical/worker.o replication/walsender.o replication/walreceiverfuncs.o replication/walreceiver.o replication/basebackup.o replication/repl_gram.o replication/slot.o replication/slotfuncs.o replication/syncrep.o replication/syncrep_gram.o rewrite/rewriteRemove.o rewrite/rewriteDefine.o rewrite/rewriteHandler.o rewrite/rewriteManip.o rewrite/rewriteSupport.o rewrite/rowsecurity.o statistics/extended_stats.o statistics/dependencies.o statistics/mvdistinct.o storage/buffer/buf_table.o storage/buffer/buf_init.o storage/buffer/bufmgr.o storage/buffer/freelist.o storage/buffer/localbuf.o storage/file/fd.o storage/file/buffile.o storage/file/copydir.o storage/file/reinit.o storage/freespace/freespace.o storage/freespace/fsmpage.o storage/freespace/indexfsm.o storage/ipc/dsm_impl.o storage/ipc/dsm.o storage/ipc/ipc.o storage/ipc/ipci.o storage/ipc/latch.o storage/ipc/pmsignal.o storage/ipc/procarray.o storage/ipc/procsignal.o storage/ipc/shmem.o storage/ipc/shmqueue.o storage/ipc/shm_mq.o storage/ipc/shm_toc.o storage/ipc/sinval.o storage/ipc/sinvaladt.o storage/ipc/standby.o storage/large_object/inv_api.o storage/lmgr/lmgr.o storage/lmgr/lock.o storage/lmgr/proc.o storage/lmgr/deadlock.o storage/lmgr/lwlock.o storage/lmgr/lwlocknames.o storage/lmgr/spin.o storage/lmgr/s_lock.o storage/lmgr/predicate.o storage/lmgr/condition_variable.o storage/page/bufpage.o storage/page/checksum.o storage/page/itemptr.o storage/smgr/md.o storage/smgr/smgr.o storage/smgr/smgrtype.o tcop/dest.o tcop/fastpath.o tcop/postgres.o tcop/pquery.o tcop/utility.o tsearch/ts_locale.o tsearch/ts_parse.o tsearch/wparser.o tsearch/wparser_def.o tsearch/dict.o tsearch/dict_simple.o tsearch/dict_synonym.o tsearch/dict_thesaurus.o tsearch/dict_ispell.o tsearch/regis.o tsearch/spell.o tsearch/to_tsany.o tsearch/ts_selfuncs.o tsearch/ts_typanalyze.o tsearch/ts_utils.o utils/adt/acl.o utils/adt/amutils.o utils/adt/arrayfuncs.o utils/adt/array_expanded.o utils/adt/array_selfuncs.o utils/adt/array_typanalyze.o utils/adt/array_userfuncs.o utils/adt/arrayutils.o utils/adt/ascii.o utils/adt/bool.o utils/adt/cash.o utils/adt/char.o utils/adt/date.o utils/adt/datetime.o utils/adt/datum.o utils/adt/dbsize.o utils/adt/domains.o utils/adt/encode.o utils/adt/enum.o utils/adt/expandeddatum.o utils/adt/float.o utils/adt/format_type.o utils/adt/formatting.o utils/adt/genfile.o utils/adt/geo_ops.o utils/adt/geo_selfuncs.o utils/adt/geo_spgist.o utils/adt/inet_cidr_ntop.o utils/adt/inet_net_pton.o utils/adt/int.o utils/adt/int8.o utils/adt/json.o utils/adt/jsonb.o utils/adt/jsonb_gin.o utils/adt/jsonb_op.o utils/adt/jsonb_util.o utils/adt/jsonfuncs.o utils/adt/like.o utils/adt/lockfuncs.o utils/adt/mac.o utils/adt/mac8.o utils/adt/misc.o utils/adt/nabstime.o utils/adt/name.o utils/adt/network.o utils/adt/network_gist.o utils/adt/network_selfuncs.o utils/adt/network_spgist.o utils/adt/numeric.o utils/adt/numutils.o utils/adt/oid.o utils/adt/oracle_compat.o utils/adt/orderedsetaggs.o utils/adt/pg_locale.o utils/adt/pg_lsn.o utils/adt/pg_upgrade_support.o utils/adt/pgstatfuncs.o utils/adt/pseudotypes.o utils/adt/quote.o utils/adt/rangetypes.o utils/adt/rangetypes_gist.o utils/adt/rangetypes_selfuncs.o utils/adt/rangetypes_spgist.o utils/adt/rangetypes_typanalyze.o utils/adt/regexp.o utils/adt/regproc.o utils/adt/ri_triggers.o utils/adt/rowtypes.o utils/adt/ruleutils.o utils/adt/selfuncs.o utils/adt/tid.o utils/adt/timestamp.o utils/adt/trigfuncs.o utils/adt/tsginidx.o utils/adt/tsgistidx.o utils/adt/tsquery.o utils/adt/tsquery_cleanup.o utils/adt/tsquery_gist.o utils/adt/tsquery_op.o utils/adt/tsquery_rewrite.o utils/adt/tsquery_util.o utils/adt/tsrank.o utils/adt/tsvector.o utils/adt/tsvector_op.o utils/adt/tsvector_parser.o utils/adt/txid.o utils/adt/uuid.o utils/adt/varbit.o utils/adt/varchar.o utils/adt/varlena.o utils/adt/version.o utils/adt/windowfuncs.o utils/adt/xid.o utils/adt/xml.o utils/cache/attoptcache.o utils/cache/catcache.o utils/cache/evtcache.o utils/cache/inval.o utils/cache/plancache.o utils/cache/relcache.o utils/cache/relmapper.o utils/cache/relfilenodemap.o utils/cache/spccache.o utils/cache/syscache.o utils/cache/lsyscache.o utils/cache/typcache.o utils/cache/ts_cache.o utils/error/assert.o utils/error/elog.o utils/fmgr/dfmgr.o utils/fmgr/fmgr.o utils/fmgr/funcapi.o utils/hash/dynahash.o utils/hash/hashfn.o utils/hash/pg_crc.o utils/init/globals.o utils/init/miscinit.o utils/init/postinit.o utils/mb/encnames.o utils/mb/conv.o utils/mb/mbutils.o utils/mb/wchar.o utils/mb/wstrcmp.o utils/mb/wstrncmp.o utils/misc/backend_random.o utils/misc/guc.o utils/misc/help_config.o utils/misc/pg_config.o utils/misc/pg_controldata.o utils/misc/pg_rusage.o utils/misc/ps_status.o utils/misc/queryenvironment.o utils/misc/rls.o utils/misc/sampling.o utils/misc/superuser.o utils/misc/timeout.o utils/misc/tzparser.o utils/mmgr/aset.o utils/mmgr/dsa.o utils/mmgr/freepage.o utils/mmgr/mcxt.o utils/mmgr/memdebug.o utils/mmgr/portalmem.o utils/mmgr/slab.o utils/resowner/resowner.o utils/sort/logtape.o utils/sort/sortsupport.o utils/sort/tuplesort.o utils/sort/tuplestore.o utils/time/combocid.o utils/time/tqual.o utils/time/snapmgr.o utils/fmgrtab.o ../../src/timezone/localtime.o ../../src/timezone/strftime.o ../../src/timezone/pgtz.o ../../src/port/libpgport_srv.a ../../src/common/libpgcommon_srv.a -lpthread -lrt -lcrypt -ldl -lm -o postgres
clang-13: error: unable to execute command: Segmentation fault (core dumped)
clang-13: error: linker command failed due to signal (use -v to see invocation)
Makefile:61: recipe for target 'postgres' failed
make[2]: * [postgres] Error 254
make[2]: Leaving directory '/phoronix/test/installed-tests/pts/pgbench-1.7.0/postgresql-10.0/src/backend'
Makefile:37: recipe for target 'install-backend-recurse' failed
make[1]:
* [install-backend-recurse] Error 2
make[1]: Leaving directory '/phoronix/test/installed-tests/pts/pgbench-1.7.0/postgresql-10.0/src'
GNUmakefile:11: recipe for target 'install-src-recurse' failed
make: * [install-src-recurse] Error 2
make:
* contrib/pgbench: No such file or directory. Stop.

@crownyanguan Why do you think this caused the linker to crash? It is a warning in the front end. Would it even be executed in your posted command?