Seg fault error after calling llvm::DominatorTree::DominatorTree LLVM12

Mohannadcse · June 1, 2023, 2:20pm

I tried to debug the problem using GDB, but couldn’t figure out the cause.
Here is the error

Program received signal SIGSEGV, Segmentation fault.
0x00007ff6ac90e3fd in llvm::DomTreeBuilder::SemiNCAInfo<llvm::DominatorTreeBase<llvm::BasicBlock, false> >::CalculateFromScratch(llvm::DominatorTreeBase<llvm::BasicBlock, false>&, llvm::DomTreeBuilder::SemiNCAInfo<llvm::DominatorTreeBase<llvm::BasicBlock, false> >::BatchUpdateInfo*) () from /usr/local/lib/libLLVM-12.so

Here is backtrack output

(gdb) bt
#0  0x00007ff6ac90e3fd in llvm::DomTreeBuilder::SemiNCAInfo<llvm::DominatorTreeBase<llvm::BasicBlock, false> >::CalculateFromScratch(llvm::DominatorTreeBase<llvm::BasicBlock, false>&, llvm::DomTreeBuilder::SemiNCAInfo<llvm::DominatorTreeBase<llvm::BasicBlock, false> >::BatchUpdateInfo*) () from /usr/local/lib/libLLVM-12.so
#1  0x00007ff6b3f9dc2a in llvm::DominatorTree::DominatorTree (this=0x7ffe90496a90, F=...) at /usr/local/include/llvm/IR/Dominators.h:156
#2  0x00007ff6b3f987a0 in neckid::NeckAnalysis::getDominatorTree (this=0x7ffe90497d40, F=0x107000001010100) at /workspaces/neck/lib/NeckID/NeckAnalysis.cpp:77
#3  0x00007ff6b3f98925 in neckid::NeckAnalysis::getLoopInfo (this=0x7ffe90497d40, F=0x107000001010100) at /workspaces/neck/lib/NeckID/NeckAnalysis.cpp:86
#4  0x00007ff6b3f9ee9d in neckid::NeckAnalysis::getLoopInfo (this=0x7ffe90497d40, BB=0x1b15010) at /workspaces/neck/include/NeckID/NeckID/NeckAnalysis.h:78
#5  0x00007ff6b3f99efd in neckid::NeckAnalysis::isInLoopStructue (this=0x7ffe90497d40, BB=0x1b15010) at /workspaces/neck/lib/NeckID/NeckAnalysis.cpp:270
#6  0x00007ff6b3f9ace5 in neckid::NeckAnalysis::applyFilteringRules (this=0x7ffe90497d40, UseLateIntraProceduralMainReduction=false)
    at /workspaces/neck/lib/NeckID/NeckAnalysis.cpp:413
#7  0x00007ff6b3f9cc03 in neckid::NeckAnalysis::NeckAnalysis (this=0x7ffe90497d40, M=..., Python Exception <class 'gdb.error'> There is no member named _M_dataplus.: 
TaintConfigPath=, FunctionLocalPTAwoGlobals=true, UseSimplifiedDFA=true, Debug=false)
    at /workspaces/neck/lib/NeckID/NeckAnalysis.cpp:569
#8  0x000000000042c580 in main (Argc=8, Argv=0x7ffe90499a78) at /workspaces/neck/tools/neck/neck.cpp:115`

According to the backtrack log, the problem starts after calling DominatorTree inside my function getDominatorTree as shown below:

llvm::DominatorTree getDominatorTree(llvm::Function *F) {
  auto Search = DTs.find(F);
  if (Search != DTs.end()) {
    return Search->second;
  }
  DTs[F] = llvm::DominatorTree(*F);
  return DTs[F];
}

Also, when I try

(gdb) print *F
Cannot access memory at address 0x107000001010100

So seems there is something corrupted, while with other instances, when I do print *F I received some info.
Is there any condition/sanitization that I need to apply before calling the function llvm::DominatorTree(*F)?

fhahn · June 1, 2023, 3:25pm

Is it possible that the IR is in an invalid state? You could try using verifyFunction to check

Mohannadcse · June 1, 2023, 3:32pm

thank you, seems verifyFunction isn’t available in LLVM12

Mohannadcse · June 1, 2023, 5:06pm

I tried llvm:: verifyFunction, but didn’t give me any insight because it crashed.

79        if (!llvm::verifyFunction(*F, &llvm::errs()))
(gdb) n

Program received signal SIGSEGV, Segmentation fault.
0x00007f5bcc5f4011 in llvm::verifyFunction(llvm::Function const&, llvm::raw_ostream*) ()
   from /usr/local/lib/libLLVM-12.so