<html>
<head>
<base href="https://bugs.llvm.org/">
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - Segmentation fault when running check-clang-python with UBSan"
href="https://bugs.llvm.org/show_bug.cgi?id=39559">39559</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>Segmentation fault when running check-clang-python with UBSan
</td>
</tr>
<tr>
<th>Product</th>
<td>new-bugs
</td>
</tr>
<tr>
<th>Version</th>
<td>trunk
</td>
</tr>
<tr>
<th>Hardware</th>
<td>PC
</td>
</tr>
<tr>
<th>OS</th>
<td>Linux
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>enhancement
</td>
</tr>
<tr>
<th>Priority</th>
<td>P
</td>
</tr>
<tr>
<th>Component</th>
<td>new bugs
</td>
</tr>
<tr>
<th>Assignee</th>
<td>unassignedbugs@nondot.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>david.stenberg@ericsson.com
</td>
</tr>
<tr>
<th>CC</th>
<td>llvm-bugs@lists.llvm.org
</td>
</tr></table>
<p>
<div>
<pre>When running check-clang-python on trunk (r346128) with a
LLVM_USE_SANITIZER=Undefined build, I see a segmentation fault.
$ env CLANG_LIBRARY_PATH=../../../../build-sanu/lib /usr/bin/python2.7 -m
unittest discover -v
testConstantArray (tests.cindex.test_type.TestType) ... ERROR
test_a_struct (tests.cindex.test_type.TestType) ... Segmentation fault (core
dumped)
LLVM was built, and the test was run, using:
export LLVM_ROOT=/path/to/llvm-7.0/build/
mkdir build-sanu
pushd build-sanu
cmake -G Ninja \
-DCMAKE_BUILD_TYPE=Release \
-DLLVM_ENABLE_ASSERTIONS=ON \
-DCMAKE_C_COMPILER=$LLVM_ROOT/bin/clang \
-DCMAKE_CXX_COMPILER=$LLVM_ROOT/bin/clang++ \
-DLLVM_USE_SANITIZER=Undefined \
../.
popd
ninja -C build-sanu check-clang-python
The crash seems to occur in the following call to getenv() in
clang_createIndex():
3247 // We use crash recovery to make some of our APIs more reliable,
implicitly
3248 // enable it.
<span class="quote">> 3249 if (!getenv("LIBCLANG_DISABLE_CRASH_RECOVERY"))</span >
3250 llvm::CrashRecoveryContext::Enable();
Backtrace (before stepi that results in segmentation fault):
(gdb) bt
#0 0x00007fffee590d80 in getenv@plt () from /llvm/build-sanu/lib/libclang.so
#1 0x00007fffee5f9491 in clang_createIndex () at
../tools/clang/tools/libclang/CIndex.cpp:3249
#2 0x00007ffff65dfc7c in ffi_call_unix64 () from
/usr/lib/x86_64-linux-gnu/libffi.so.6
#3 0x00007ffff65df5ac in ffi_call () from
/usr/lib/x86_64-linux-gnu/libffi.so.6
#4 0x00007ffff67f65fe in _ctypes_callproc () from
/usr/lib/python2.7/lib-dynload/_ctypes.x86_64-linux-gnu.so
#5 0x00007ffff67f7f9e in ?? () from
/usr/lib/python2.7/lib-dynload/_ctypes.x86_64-linux-gnu.so
#6 0x00000000004c84a5 in PyEval_EvalFrameEx ()
The segmentation fault seems to be due to the PLT entry for getenv() being
broken (?):
(gdb) disas $pc
Dump of assembler code for function getenv@plt:
=> 0x00007fffee590d80 <+0>: jmpq *0x62e2292(%rip) #
0x7ffff4873018 <_GLOBAL_OFFSET_TABLE_+48>
0x00007fffee590d86 <+6>: pushq $0x3
0x00007fffee590d8b <+11>: jmpq 0x7fffee590d40
End of assembler dump.
(gdb) x (void *) 0x7ffff4873018
0x7ffff4873018 <_GLOBAL_OFFSET_TABLE_+48>: 0x026a7d86
(gdb) x 0x026a7d86
0x26a7d86: Cannot access memory at address 0x26a7d86
This was seen when running on a Ubuntu 14.04.5 LTS installation. I have
unfortunately not been able to reproduce this on another machine yet.
I have tried building LLVM with a Clang 5.0 and a Clang 7.0 installation, with
the same results.</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are on the CC list for the bug.</li>
</ul>
</body>
</html>