lld-12.0.0-6 LTO segfault on gcc prefixes

[jeremyd2019]

It seems lld-12.0.0-6 is also broken, see https://github.com/zufuliu/notepad2/actions/runs/951639414 for ucrt, x86_64 and i686 builds.
https://github.com/zufuliu/notepad2/runs/2863091346?check_suite_focus=true#step:7:203

#0 0x00007ff7b65bef8c (C:\msys64\ucrt64\bin\ld.lld.exe+0x5ef8c)
#1 0x00007ff7b658e915 (C:\msys64\ucrt64\bin\ld.lld.exe+0x2e915)
#2 0x00007ff7b658fe5d (C:\msys64\ucrt64\bin\ld.lld.exe+0x2fe5d)
#3 0x00007ff7b65921b6 (C:\msys64\ucrt64\bin\ld.lld.exe+0x321b6)
#4 0x00007ff7b65928d6 (C:\msys64\ucrt64\bin\ld.lld.exe+0x328d6)
#5 0x00007ff7b659d097 (C:\msys64\ucrt64\bin\ld.lld.exe+0x3d097)
#6 0x00007ff7b656e79d (C:\msys64\ucrt64\bin\ld.lld.exe+0xe79d)
#7 0x00007ff7b656eb04 (C:\msys64\ucrt64\bin\ld.lld.exe+0xeb04)
#8 0x00007ff7b6569dfe (C:\msys64\ucrt64\bin\ld.lld.exe+0x9dfe)
#9 0x00007ff7b657438f (C:\msys64\ucrt64\bin\ld.lld.exe+0x1438f)
#10 0x00007ff7b657a2b8 (C:\msys64\ucrt64\bin\ld.lld.exe+0x1a2b8)
#11 0x00007ff7b6729510 (C:\msys64\ucrt64\bin\ld.lld.exe+0x1c9510)
#12 0x00007ff7b656237d (C:\msys64\ucrt64\bin\ld.lld.exe+0x237d)
#13 0x00007ff7b691862e (C:\msys64\ucrt64\bin\ld.lld.exe+0x3b862e)
#14 0x00007ff7b65613c1 (C:\msys64\ucrt64\bin\ld.lld.exe+0x13c1)
#15 0x00007ff7b65614f6 (C:\msys64\ucrt64\bin\ld.lld.exe+0x14f6)
#16 0x00007ffceac17974 (C:\Windows\System32\KERNEL32.DLL+0x17974)
#17 0x00007ffcec04a2f1 (C:\Windows\SYSTEM32\ntdll.dll+0x5a2f1)
clang++: error: linker command failed due to signal (use -v to see invocation)

While the 5 days ago lld-12.0.0-5 is working, see https://github.com/zufuliu/notepad2/actions/runs/934479857

Originally posted by @zufuliu in #8868 (comment)

[jeremyd2019]

The only patch touching lld directly in 12.0.0-6 seems to be 41d7201. Getting a debug (or RelWithDebInfo) build can be problematic, though.

Originally posted by @jeremyd2019 in #8868 (comment)

[jeremyd2019]

Tested locally, with all other llvm/clang 12.0.0-6 packages but overwritten with manually downloaded (don't find a option pacman -S to specific the exactly version) lld-12.0.0-5-any.pkg.tar.zst , it indeed works, so a regression in lld-12.0.0-6.

Originally posted by @zufuliu in #8868 (comment)

[jeremyd2019]

Tested locally, with all other llvm/clang 12.0.0-6 packages but overwritten with manually downloaded (don't find a option pacman -S to specific the exactly version) lld-12.0.0-5-any.pkg.tar.zst , it indeed works, so a regression in lld-12.0.0-6.

How hard is it to get to this stage? Could you provide a zip of the object files/whatever inputs to lld? This sounds quite suspiciously like the LTO patch I referenced earlier. I could make a build of lld without that patch to test, but I think that would be pretty much the same as what you did with everything 12.0.0-6 except lld 12.0.0-5...

Originally posted by @jeremyd2019 in #8868 (comment)

[jeremyd2019]

git clone --depth=1 https://github.com/zufuliu/notepad2.git
cd notepad2\build\mingw

the build command CALL "build\mingw\build.bat" x86_64 Clang does something like:

https://github.com/zufuliu/notepad2/blob/master/build/mingw/build.bat#L60

SET "PATH=C:\msys64\mingw64\bin;C:\msys64\usr\bin;%PATH%"
mingw32-make CLANG=1 LTO=1

Originally posted by @zufuliu in #8868 (comment)

[jeremyd2019]

Cool, basically no dependencies then. Will do some testing

Originally posted by @jeremyd2019 in #8868 (comment)

[jeremyd2019]

(ad4.1ebc): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
ld_lld+0x5ef8c:
00007ff6`f675ef8c 488b8890000000  mov     rcx,qword ptr [rax+90h] ds:00000000`00000090=????????????????

does not occur on clang64 prefix. does occur on mingw32

(2934.1300): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
ld_lld+0x5660e:
0046660e 8b4850          mov     ecx,dword ptr [eax+50h] ds:002b:00000050=????????

Originally posted by @jeremyd2019 in #8868 (comment)

[jeremyd2019]

I was able to build lld standalone, and thus with debug symbols!

gdb analysis

Thread 1 received signal SIGSEGV, Segmentation fault.
lld::coff::SectionChunk::getSectionNumber (
    this=this@entry=0x7ff6803cc580 <(anonymous namespace)::ltoDataSectionChunk>) at T:/mingw-w64-clang/src/lld/COFF/Chunks.cpp:685
685       SectionRef s(r, file->getCOFFObj());
(gdb) bt
#0  lld::coff::SectionChunk::getSectionNumber (
    this=this@entry=0x7ff6803cc580 <(anonymous namespace)::ltoDataSectionChunk>) at T:/mingw-w64-clang/src/lld/COFF/Chunks.cpp:685
#1  0x00007ff67ffae915 in lld::coff::ObjFile::handleComdatSelection (
    this=this@entry=0x218807525b0, sym=...,
    selection=@0xd301bfe5a0: llvm::COFF::IMAGE_COMDAT_SELECT_SAME_SIZE,
    prevailing=@0xd301bfe740: false, leader=leader@entry=0x218feb28b70,
    def=def@entry=0x218ff92db78)
    at T:/mingw-w64-clang/src/lld/COFF/InputFiles.cpp:559
#2  0x00007ff67ffafe5d in lld::coff::ObjFile::createDefined (
    this=this@entry=0x218807525b0, sym=...,
    comdatDefs=std::vector of length 40, capacity 40 = {...},
    prevailing=@0xd301bfe740: false)
    at T:/mingw-w64-clang/src/lld/COFF/InputFiles.cpp:680
#3  0x00007ff67ffb21b6 in lld::coff::ObjFile::initializeSymbols (
    this=this@entry=0x218807525b0)
    at T:/mingw-w64-clang/src/lld/COFF/InputFiles.cpp:427
#4  0x00007ff67ffb28d6 in lld::coff::ObjFile::parse (this=0x218807525b0)
    at T:/mingw-w64-clang/src/lld/COFF/InputFiles.cpp:196
#5  0x00007ff67ffbd097 in lld::coff::SymbolTable::addFile (
    this=<optimized out>, file=file@entry=0x218807525b0)
    at T:/mingw-w64-clang/src/lld/COFF/SymbolTable.cpp:37
#6  0x00007ff67ff8e79d in lld::coff::LinkerDriver::addArchiveBuffer (
    this=this@entry=0x218fd22d4d0, mb=..., symName=..., parentName=...,
    offsetInArchive=offsetInArchive@entry=573676)
    at T:/mingw-w64-clang/src/lld/COFF/Driver.cpp:296
#7  0x00007ff67ff8eb04 in operator() (__closure=0x218feac8410)
    at C:/msys64/mingw64/include/c++/10.3.0/bits/basic_string.h:907
#8  std::__invoke_impl<void, lld::coff::LinkerDriver::enqueueArchiveMember(const
 llvm::object::Archive::Child&, const llvm::object::Archive::Symbol&, llvm::StringRef)::<lambda()>&> (__f=...)
    at C:/msys64/mingw64/include/c++/10.3.0/bits/invoke.h:60
#9  std::__invoke_r<void, lld::coff::LinkerDriver::enqueueArchiveMember(const llvm::object::Archive::Child&, const llvm::object::Archive::Symbol&, llvm::StringRef)::<lambda()>&> (__fn=...)
    at C:/msys64/mingw64/include/c++/10.3.0/bits/invoke.h:153
#10 std::_Function_handler<void(), lld::coff::LinkerDriver::enqueueArchiveMember(const llvm::object::Archive::Child&, const llvm::object::Archive::Symbol&, llvm::StringRef)::<lambda()> >::_M_invoke(const std::_Any_data &) (
    __functor=...)
    at C:/msys64/mingw64/include/c++/10.3.0/bits/std_function.h:291
#11 0x00007ff67ff89dfe in std::function<void ()>::operator()() const (
    this=<optimized out>)
    at C:/msys64/mingw64/include/c++/10.3.0/bits/std_function.h:622
#12 lld::coff::LinkerDriver::run (this=this@entry=0x218fd22d4d0)
    at T:/mingw-w64-clang/src/lld/COFF/Driver.cpp:896
#13 0x00007ff67ff9438f in lld::coff::LinkerDriver::linkerMain (
    this=0x218fd22d4d0, argsArr=...)
    at T:/mingw-w64-clang/src/lld/COFF/Driver.cpp:1810
#14 0x00007ff67ff9a2b8 in lld::coff::link (args=...,
    canExitEarly=<optimized out>, stdoutOS=..., stderrOS=...)
    at T:/mingw-w64-clang/src/lld/COFF/Driver.cpp:94
#15 0x00007ff6801494f0 in lld::mingw::link (argsArr=...,
    canExitEarly=<optimized out>, stdoutOS=..., stderrOS=...)
    at C:/msys64/mingw64/include/c++/10.3.0/bits/stl_vector.h:918
#16 0x00007ff67ff8237d in lldMain (argc=<optimized out>,
    argv=<optimized out>, stdoutOS=..., stderrOS=...,
    exitEarly=exitEarly@entry=true)
    at T:/mingw-w64-clang/src/lld/tools/lld/lld.cpp:152
#17 0x00007ff6803388be in main (argc=<optimized out>, argv=<optimized out>)
    at T:/mingw-w64-clang/src/lld/tools/lld/lld.cpp:211
(gdb)
(gdb) frame 1
#1  0x00007ff67ffae915 in lld::coff::ObjFile::handleComdatSelection (
    this=this@entry=0x218807525b0, sym=...,
    selection=@0xd301bfe5a0: llvm::COFF::IMAGE_COMDAT_SELECT_SAME_SIZE,
    prevailing=@0xd301bfe740: false, leader=leader@entry=0x218feb28b70,
    def=def@entry=0x218ff92db78)
    at T:/mingw-w64-clang/src/lld/COFF/InputFiles.cpp:559
559             const coff_aux_section_definition *leaderDef = findSectionDef(
   0x00007ff67ffae910 <_ZN3lld4coff7ObjFile21handleComdatSelectionEN4llvm6object13COFFSymbolRefERNS2_4COFF10COMDATTypeERbPNS0_14DefinedRegularEPKNS3_27coff_aux_section_definitionE+1744>:      e8 6b 06 03 00  call   0x7ff67ffdef80 <_ZNK3lld4coff12SectionChunk16getSectionNumberEv>
(gdb) list
554       case IMAGE_COMDAT_SELECT_SAME_SIZE:
555         if (leaderChunk->getSize() != getSection(sym)->SizeOfRawData) {
556           if (!config->mingw) {
557             symtab->reportDuplicate(leader, this);
558           } else {
559             const coff_aux_section_definition *leaderDef = findSectionDef(
560                 leaderChunk->file->getCOFFObj(), leaderChunk->getSectionNumber());
561             if (!leaderDef || leaderDef->Length != def->Length)
562               symtab->reportDuplicate(leader, this);
563           }
(gdb) p leaderChunk
$1 = (lld::coff::SectionChunk *) 0x7ff6803cc580 <(anonymous namespace)::ltoDataSectionChunk>
(gdb) p *leaderChunk
$2 = {<lld::coff::Chunk> = {chunkKind = lld::coff::Chunk::SectionKind,
    hasData = 1 '\001', p2Align = 4 '\004', osidx = 0, rva = 0}, file = 0x0,
  header = 0x7ff6803cc640 <(anonymous namespace)::ltoDataSection>, sym = 0x0,
  checksum = 0, live = true, keepUnique = false,
  selection = llvm::COFF::IMAGE_COMDAT_SELECT_ANY,
  repl = 0x7ff6803cc580 <(anonymous namespace)::ltoDataSectionChunk>,
  assocChildren = 0x0, eqClass = {0, 0}, relocsData = 0x0,
  sectionNameData = 0x0, relocsSize = 0, sectionNameSize = 0}

Specifically, it seems to be calling leaderChunk->file->getCOFFObj() where leaderChunk->file is NULL
/cc @mstorsjo this seems to be related to https://reviews.llvm.org/D103012 Let me know if there's anything more I can provide you with (the object files/libraries that reproduce for instance)

[jeremyd2019]

Confirmed reverting (not applying) the patch from 41d7201 (https://reviews.llvm.org/D103012) allows the same inputs to link successfully.

[mstorsjo]

I was able to build lld standalone, and thus with debug symbols!

gdb analysis
Specifically, it seems to be calling leaderChunk->file->getCOFFObj() where leaderChunk->file is NULL
/cc @mstorsjo this seems to be related to https://reviews.llvm.org/D103012 Let me know if there's anything more I can provide you with (the object files/libraries that reproduce for instance)

Thanks for narrowing it down that far! Lld has got a great option for packaging inputs for reproducing issues, add -Wl,-Xlink=-linkrepro:. (it’s a lld-link level option only, so far), which produces a repro.tar with all referenced input files and the exact command - that’d be even more helpful for me to continue debugging exactly what you’re experiencing.

[jeremyd2019]

I was hoping for an option like that!

I compressed it. Apprently github attachments only like gzip.
Here you go: repro.tar.gz

I did that with a 'working' lld, not the 'broken' one with the patch applied, hopefully that doesn't matter.

[mstorsjo]

I was hoping for an option like that!

I compressed it. Apprently github attachments only like gzip.
Here you go: repro.tar.gz

I did that with a 'working' lld, not the 'broken' one with the patch applied, hopefully that doesn't matter.

Thanks, that worked great for reproducing and debugging the issue. I posted a patch for the issue at https://reviews.llvm.org/D104605.

[jeremyd2019]

That patch solved the crash here

[mstorsjo]

FWIW that fix is now committed.

[mstorsjo]

FWIW that fix is now committed.

(Sorry, I replied to a stale copy of this thread, I see that it's all picked up and taken care of since a couple days.)

[jeremyd2019]

The fix has been merged and the updated packages are in the repo.