Bug 280936 - cannot build world with ASAN enabled
Summary: cannot build world with ASAN enabled
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: 15.0-CURRENT
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-toolchain (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2024-08-19 22:28 UTC by Mark Johnston
Modified: 2024-11-04 13:32 UTC (History)
1 user (show)

See Also:

Attachments
reproducer script (7.92 KB, application/x-shellscript)
2024-08-19 22:28 UTC, Mark Johnston 		no flags Details
reproducer script from llvm 19 (7.99 KB, application/x-shellscript)
2024-10-25 13:10 UTC, Mark Johnston 		no flags Details
reproducer source from llvm 19 (318.98 KB, text/plain)
2024-10-25 13:11 UTC, Mark Johnston 		no flags Details
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mark Johnston freebsd_committer freebsd_triage 2024-08-19 22:28:07 UTC 
A clean buildworld with `WITH_ASAN=` on amd64 yields the following, clang version is 18.1.6:

Assertion failed: (isa<Function>(Callee) || isa<GlobalAlias>(Callee)), function analyzeAllUses, file /root/freebsd/contrib/llvm-project/llvm/lib/Analysis/StackSafetyAnalysis.cpp, line 514.
PLEASE submit a bug report to https://bugs.freebsd.org/submit/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0.      Program arguments: /usr/bin/cc -cc1 -triple x86_64-unknown-freebsd15.0 -emit-obj -disable-free -clear-ast-before-backend -main-file-name getcontextx.c -mrelocation-model pic -pic-level 2 -fhalf-no-semantic-interposition -mframe-pointer=all -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debug-info-kind=standalone -dwarf-version=4 -debugger-tuning=gdb --compress-debug-sections=zlib -fdebug-compilation-dir=/home/markj/sb/main/bricoler/freebsd-src-build/obj.amd64.amd64/home/markj/sb/main/src/amd64.amd64/lib/libc -fcoverage-compilation-dir=/home/markj/sb/main/bricoler/freebsd-src-build/obj.amd64.amd64/home/markj/sb/main/src/amd64.amd64/lib/libc -sys-header-deps -D PIC -D _SYSCALL_BODY(name)= -D _FORTIFY_SOURCE_read=_read -D NO__SCCSID -D NO__RCSID -D NLS -D CRT_IRELOC_RELA -D INIT_IRELOCS=init_cpu_features() -D __DBINTERFACE_PRIVATE -D INET6 -D _ACL_PRIVATE -D POSIX_MISTAKE -D WANT_HYPERV -D BROKEN_DES -D PORTMAP -D DES_BUILTIN -D YP -D NS_CACHING -O2 -Wno-format-zero-length -Wsystem-headers -Werror -Wall -Wno-format-y2k -Wno-uninitialized -Wno-pointer-sign -Wdate-time -Wno-empty-body -Wno-string-plus-int -Wno-unused-const-variable -Wno-error=unused-but-set-parameter -Wno-tautological-compare -Wno-unused-value -Wno-parentheses-equality -Wno-unused-function -Wno-enum-conversion -Wno-unused-local-typedef -Wno-address-of-packed-member -Wno-switch -Wno-switch-enum -Wno-knr-promoted-parameter -std=gnu99 -ferror-limit 19 -ftls-model=initial-exec -fsanitize=address -fsanitize-recover=address -fsanitize-system-ignorelist=/usr/lib/clang/18/share/asan_ignorelist.txt -fno-sanitize-memory-param-retval -fsanitize-address-use-after-scope -fsanitize-address-globals-dead-stripping -fno-assume-sane-operator-new -stack-protector 2 -fgnuc-version=4.2.1 -fskip-odr-check-in-gmf -vectorize-loops -vectorize-slp -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -x c getcontextx-cc225c.c
1.      <eof> parser at end of file
2.      Optimizer
 #0 0x0000000005aa60f1 PrintStackTrace /root/freebsd/contrib/llvm-project/llvm/lib/Support/Unix/Signals.inc:723:13
 #1 0x0000000005aa4105 RunSignalHandlers /root/freebsd/contrib/llvm-project/llvm/lib/Support/Signals.cpp:106:18
 #2 0x0000000005aa66f2 SignalHandler /root/freebsd/contrib/llvm-project/llvm/lib/Support/Unix/Signals.inc:0:3
 #3 0x00000008075d74ec handle_signal /root/freebsd/lib/libthr/thread/thr_sig.c:0:3
 #4 0x00000008075d6aab thr_sighandler /root/freebsd/lib/libthr/thread/thr_sig.c:244:1
 #5 0x00007ffffffff2d3 ([vdso]+0x2d3)
 #6 0x0000000807ba235a _thr_kill /usr/obj/root/freebsd/amd64.amd64/lib/libsys/thr_kill.S:4:0
 #7 0x00000008077f8704 _raise /root/freebsd/lib/libc/gen/raise.c:0:10
 #8 0x00000008078ac319 abort /root/freebsd/lib/libc/stdlib/abort.c:67:17
 #9 0x00000008077dc081 (/lib/libc.so.7+0x97081)
#10 0x000000000501afbc analyzeAllUses /root/freebsd/contrib/llvm-project/llvm/lib/Analysis/StackSafetyAnalysis.cpp:0:9
#11 0x000000000501555f run /root/freebsd/contrib/llvm-project/llvm/lib/Analysis/StackSafetyAnalysis.cpp:550:20
#12 0x000000000501555f getInfo /root/freebsd/contrib/llvm-project/llvm/lib/Analysis/StackSafetyAnalysis.cpp:876:32
#13 0x0000000005016188 getInfo /root/freebsd/contrib/llvm-project/llvm/lib/Analysis/StackSafetyAnalysis.cpp:891:19
#14 0x0000000005018d1e __root /usr/obj/root/freebsd/amd64.amd64/tmp/usr/include/c++/v1/__tree:972:54
#15 0x0000000005018d1e find<const llvm::Instruction *> /usr/obj/root/freebsd/amd64.amd64/tmp/usr/include/c++/v1/__tree:2098:43
#16 0x0000000005018d1e find /usr/obj/root/freebsd/amd64.amd64/tmp/usr/include/c++/v1/set:826:89
#17 0x0000000005018d1e stackAccessIsSafe /root/freebsd/contrib/llvm-project/llvm/lib/Analysis/StackSafetyAnalysis.cpp:983:30
#18 0x0000000006e3302d ignoreAccess /root/freebsd/contrib/llvm-project/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp:1317:57
#19 0x0000000006e272f8 getInterestingMemoryOperands /root/freebsd/contrib/llvm-project/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp:1336:9
#20 0x0000000006e272f8 instrumentFunction /root/freebsd/contrib/llvm-project/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp:2905:7
#21 0x0000000006e246ae ~DenseMap /root/freebsd/contrib/llvm-project/llvm/include/llvm/ADT/DenseMap.h:782:23
#22 0x0000000006e246ae ~AddressSanitizer /root/freebsd/contrib/llvm-project/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp:647:8
#23 0x0000000006e246ae run /root/freebsd/contrib/llvm-project/llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp:1191:3
#24 0x0000000003151ec2 /root/freebsd/contrib/llvm-project/llvm/include/llvm/IR/PassManagerInternal.h:89:5
#25 0x00000000056bf091 run /root/freebsd/contrib/llvm-project/llvm/include/llvm/IR/PassManager.h:547:10
#26 0x00000000031486cb isSmall /root/freebsd/contrib/llvm-project/llvm/include/llvm/ADT/SmallPtrSet.h:195:33
#27 0x00000000031486cb ~SmallPtrSetImplBase /root/freebsd/contrib/llvm-project/llvm/include/llvm/ADT/SmallPtrSet.h:83:10
#28 0x00000000031486cb ~PreservedAnalyses /root/freebsd/contrib/llvm-project/llvm/include/llvm/IR/PassManager.h:172:7
#29 0x00000000031486cb RunOptimizationPipeline /root/freebsd/contrib/llvm-project/clang/lib/CodeGen/BackendUtil.cpp:1101:5
#30 0x0000000003141268 EmitAssembly /root/freebsd/contrib/llvm-project/clang/lib/CodeGen/BackendUtil.cpp:0:3
#31 0x0000000003141268 EmitBackendOutput /root/freebsd/contrib/llvm-project/clang/lib/CodeGen/BackendUtil.cpp:1328:13
#32 0x0000000003156994 reset /usr/obj/root/freebsd/amd64.amd64/tmp/usr/include/c++/v1/__memory/unique_ptr.h:263:29
#33 0x0000000003156994 ~unique_ptr /usr/obj/root/freebsd/amd64.amd64/tmp/usr/include/c++/v1/__memory/unique_ptr.h:236:71
#34 0x0000000003156994 HandleTranslationUnit /root/freebsd/contrib/llvm-project/clang/lib/CodeGen/CodeGenAction.cpp:379:3
#35 0x0000000003aeb646 begin /usr/obj/root/freebsd/amd64.amd64/tmp/usr/include/c++/v1/vector:1369:28
#36 0x0000000003aeb646 finalize<std::__1::vector<std::__1::unique_ptr<clang::TemplateInstantiationCallback, std::__1::default_delete<clang::TemplateInstantiationCallback> >, std::__1::allocator<std::__1::unique_ptr<clang::TemplateInstantiationCallback, std::__1::default_delete<clang::TemplateInstantiationCallback> > > > > /root/freebsd/contrib/llvm-project/clang/include/clang/Sema/TemplateInstCallback.h:54:16
#37 0x0000000003aeb646 ParseAST /root/freebsd/contrib/llvm-project/clang/lib/Parse/ParseAST.cpp:183:3
#38 0x000000000341e36f Execute /root/freebsd/contrib/llvm-project/clang/lib/Frontend/FrontendAction.cpp:1073:10
#39 0x000000000334f02d getPtr /root/freebsd/contrib/llvm-project/llvm/include/llvm/Support/Error.h:276:42
#40 0x000000000334f02d operator bool /root/freebsd/contrib/llvm-project/llvm/include/llvm/Support/Error.h:239:16
#41 0x000000000334f02d ExecuteAction /root/freebsd/contrib/llvm-project/clang/lib/Frontend/CompilerInstance.cpp:1057:23
#42 0x00000000034e929c ExecuteCompilerInvocation /root/freebsd/contrib/llvm-project/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:272:25
#43 0x000000000272bde1 cc1_main /root/freebsd/contrib/llvm-project/clang/tools/driver/cc1_main.cpp:294:15
#44 0x000000000273b0ab ExecuteCC1Tool /root/freebsd/contrib/llvm-project/clang/tools/driver/driver.cpp:365:12
#45 0x000000000273a194 clang_main /root/freebsd/contrib/llvm-project/clang/tools/driver/driver.cpp:405:12
#46 0x00000000027378cd main /root/freebsd/usr.bin/clang/clang/clang-driver.cpp:17:10
#47 0x00000008077cd5da __libc_start1 /root/freebsd/lib/libc/csu/libc_start1.c:157:2
Comment 1 Mark Johnston freebsd_committer freebsd_triage 2024-08-19 22:28:40 UTC 
Created attachment 252937 [details]
reproducer script

Attached the reproducer generated by clang.
Comment 2 Mark Johnston freebsd_committer freebsd_triage 2024-10-24 17:05:22 UTC 
This is still broken with LLVM 19.  Dmitry, do you have any pointers on how to reduce this to a useful test case that we could submit in an upstream bug report?  I don't have much experience with that.
Comment 3 Mark Johnston freebsd_committer freebsd_triage 2024-10-24 17:06:26 UTC 
(In reply to Mark Johnston from comment #2)
Sorry, Dimitry*
Comment 4 Dimitry Andric freebsd_committer freebsd_triage 2024-10-24 17:11:21 UTC 
(In reply to Mark Johnston from comment #3)
This fell completely through the cracks for me, sorry! I'll take a look at that reproducer.
Comment 5 Dimitry Andric freebsd_committer freebsd_triage 2024-10-24 22:15:41 UTC 
(In reply to Dimitry Andric from comment #4)
Eh Mark, do you also happen to have the preprocessed source file? It should have been dumped in /tmp, similar to the shell script.
Comment 6 Mark Johnston freebsd_committer freebsd_triage 2024-10-25 13:10:50 UTC 
Created attachment 254508 [details]
reproducer script from llvm 19
Comment 7 Mark Johnston freebsd_committer freebsd_triage 2024-10-25 13:11:24 UTC 
Created attachment 254509 [details]
reproducer source from llvm 19
Comment 8 Mark Johnston freebsd_committer freebsd_triage 2024-10-25 13:11:47 UTC 
(In reply to Dimitry Andric from comment #5)
Woops.  I reproduced the problem and attached both files this time.
Comment 9 Dimitry Andric freebsd_committer freebsd_triage 2024-10-25 14:59:05 UTC 
In the mean time I had run a build somewhere on a universe machine, and ran into the same assertion.

So it looks like this regressed with https://github.com/llvm/llvm-project/commit/llvmorg-18-init-16766-g51fbab134560 ("[asan] Enable StackSafetyAnalysis by default"), and it still crashes with very recent main, i.e. llvmorg-20-init-09245-g0850e721ab1.

One workaround would be to use -asan-use-stack-safety=0 for this one particular troublesome source file, but I'm unsure if that will allow the rest of world to build.

Simultaneously, I think it is good to report a bug upstream, but I'll have to reduce the test case.
Comment 10 Dimitry Andric freebsd_committer freebsd_triage 2024-10-25 15:55:20 UTC 
Right, I knew I had seen this before:
https://github.com/llvm/llvm-project/issues/87923 [After 7740565f56ce, "Assertion failed: (isa<Function>(Callee) || isa<GlobalAlias>(Callee)), function analyzeAllUses" with -asan-use-stack-safety]

This looks like the same sort of thing. The minimized test case I arrived at now was slightly different:

typedef int uint32_t;
void sysarch(int, void *);
#define DEFINE_UIFUNC(qual, ret_type, name, args)                              \
  ret_type name args __attribute__((ifunc(#name "_resolver")));                \
  ret_type(*name##_resolver(uint32_t cpu_feature2)) args
int __fillcontextx2_xfpu() {
  int xfpu;
  sysarch(2, &xfpu);
  return 0;
}
int __fillcontextx2_noxfpu();
DEFINE_UIFUNC(, int, __fillcontextx2, (char *)) {
  return cpu_feature2 ? __fillcontextx2_xfpu : __fillcontextx2_noxfpu;
}
void __fillcontextx(char *ctx) { __fillcontextx2(ctx); }

I'll need do ping the assignee of the upstream bug again.
Comment 11 commit-hook freebsd_committer freebsd_triage 2024-10-28 17:35:39 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=f3457ed94241be9d4c2c3ab337c9086d5c45c43f

commit f3457ed94241be9d4c2c3ab337c9086d5c45c43f
Author:     Dimitry Andric <dim@FreeBSD.org>
AuthorDate: 2024-10-28 17:33:49 +0000
Commit:     Dimitry Andric <dim@FreeBSD.org>
CommitDate: 2024-10-28 17:34:58 +0000

    Tentatively merge llvm fix for buildworld WITH_ASAN

    Building world using WITH_ASAN results in an assertion when compiling
    certain source files referencing ifuncs:

      Assertion failed: (isa<Function>(Callee) || isa<GlobalAlias>(Callee)), function analyzeAllUses, file /root/freebsd/contrib/llvm-project/llvm/lib/Analysis/StackSafetyAnalysis.cpp, line 514.

    This was already reported upstream a while ago, in
    <https://github.com/llvm/llvm-project/issues/87923>, but now there is
    finally a candidate fix, which seems trivial so I am importing it right
    away.

    Reported by:    markj
    PR:             280936
    Pull Request:   https://github.com/llvm/llvm-project/pull/113841
    MFC after:      3 days

 contrib/llvm-project/llvm/lib/Analysis/StackSafetyAnalysis.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 12 Mark Johnston freebsd_committer freebsd_triage 2024-10-28 18:54:54 UTC 
(In reply to commit-hook from comment #11)
Thanks, but I think something is still missing.  A "make buildworld WITH_CLEAN= WITH_ASAN=" still crashes the same way as before.
Comment 13 Dimitry Andric freebsd_committer freebsd_triage 2024-10-28 19:02:28 UTC 
Yeah, you need to rebuild the compiler first, using MK_SYSTEM_COMPILER=no. I think I might need to bump FreeBSD_cc_version, but I really don't want to force everybody to rebuild all of llvm-project _again_. :)
Comment 14 Mark Johnston freebsd_committer freebsd_triage 2024-10-28 20:14:26 UTC 
(In reply to Dimitry Andric from comment #13)
Woops, you're right, thanks.  I even thought of that before commenting, but then failed to actually try it.
Comment 15 commit-hook freebsd_committer freebsd_triage 2024-11-02 19:41:43 UTC 
A commit in branch stable/14 references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=17d39df524a5003131398bc9fbdf8c9fef043d05

commit 17d39df524a5003131398bc9fbdf8c9fef043d05
Author:     Dimitry Andric <dim@FreeBSD.org>
AuthorDate: 2024-10-28 17:33:49 +0000
Commit:     Dimitry Andric <dim@FreeBSD.org>
CommitDate: 2024-11-02 19:37:27 +0000

    Tentatively merge llvm fix for buildworld WITH_ASAN

    Building world using WITH_ASAN results in an assertion when compiling
    certain source files referencing ifuncs:

      Assertion failed: (isa<Function>(Callee) || isa<GlobalAlias>(Callee)), function analyzeAllUses, file /root/freebsd/contrib/llvm-project/llvm/lib/Analysis/StackSafetyAnalysis.cpp, line 514.

    This was already reported upstream a while ago, in
    <https://github.com/llvm/llvm-project/issues/87923>, but now there is
    finally a candidate fix, which seems trivial so I am importing it right
    away.

    Reported by:    markj
    PR:             280936
    Pull Request:   https://github.com/llvm/llvm-project/pull/113841
    MFC after:      3 days

    (cherry picked from commit f3457ed94241be9d4c2c3ab337c9086d5c45c43f)

 contrib/llvm-project/llvm/lib/Analysis/StackSafetyAnalysis.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 16 commit-hook freebsd_committer freebsd_triage 2024-11-02 19:41:44 UTC 
A commit in branch stable/13 references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=814ddb3c8cda06686c5fe10f67b63bc2457e97b5

commit 814ddb3c8cda06686c5fe10f67b63bc2457e97b5
Author:     Dimitry Andric <dim@FreeBSD.org>
AuthorDate: 2024-10-28 17:33:49 +0000
Commit:     Dimitry Andric <dim@FreeBSD.org>
CommitDate: 2024-11-02 19:37:33 +0000

    Tentatively merge llvm fix for buildworld WITH_ASAN

    Building world using WITH_ASAN results in an assertion when compiling
    certain source files referencing ifuncs:

      Assertion failed: (isa<Function>(Callee) || isa<GlobalAlias>(Callee)), function analyzeAllUses, file /root/freebsd/contrib/llvm-project/llvm/lib/Analysis/StackSafetyAnalysis.cpp, line 514.

    This was already reported upstream a while ago, in
    <https://github.com/llvm/llvm-project/issues/87923>, but now there is
    finally a candidate fix, which seems trivial so I am importing it right
    away.

    Reported by:    markj
    PR:             280936
    Pull Request:   https://github.com/llvm/llvm-project/pull/113841
    MFC after:      3 days

    (cherry picked from commit f3457ed94241be9d4c2c3ab337c9086d5c45c43f)

 contrib/llvm-project/llvm/lib/Analysis/StackSafetyAnalysis.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Comment 17 Dimitry Andric freebsd_committer freebsd_triage 2024-11-02 19:51:21 UTC 
Mark, have you been able to check this, so we can close this bug? For me it all built successfully. However, some runtime testing might also be nice :)
Comment 18 Mark Johnston freebsd_committer freebsd_triage 2024-11-04 13:32:47 UTC 
(In reply to Dimitry Andric from comment #17)
Some basic testing indicates it works, thanks!

I tried booting a VM image entirely built with ASAN enabled, and /bin/sh crashes pretty early due to what looks like a false positive, but I think it's a separate problem.