[all-commits] [llvm/llvm-project] 71d7c8: [clangd] Crash in __memcmp_avx2_movbe

Ivan Murashko via All-commits all-commits at lists.llvm.org
Thu Feb 10 09:41:30 PST 2022 

  Branch: refs/heads/main
  Home:   https://github.com/llvm/llvm-project
  Commit: 71d7c8d870db3b2da1fe1b3f54be77163c55dcd2
      https://github.com/llvm/llvm-project/commit/71d7c8d870db3b2da1fe1b3f54be77163c55dcd2
  Author: Ivan Murashko <ivanmurashko at fb.com>
  Date:   2022-02-10 (Thu, 10 Feb 2022)

  Changed paths:
    M clang/include/clang/Tooling/Inclusions/HeaderIncludes.h
    M clang/unittests/Tooling/HeaderIncludesTest.cpp

  Log Message:
  -----------
  [clangd] Crash in __memcmp_avx2_movbe

There is a clangd crash at `__memcmp_avx2_movbe`. Short problem description is below.

The method `HeaderIncludes::addExistingInclude` stores `Include` objects by reference at 2 places: `ExistingIncludes` (primary storage) and `IncludesByPriority` (pointer to the object's location at ExistingIncludes). `ExistingIncludes` is a map where value is a `SmallVector`. A new element is inserted by `push_back`. The operation might do resize. As result pointers stored at `IncludesByPriority` might become invalid.

Typical stack trace
```
    frame #0: 0x00007f11460dcd94 libc.so.6`__memcmp_avx2_movbe + 308
    frame #1: 0x00000000004782b8 clangd`llvm::StringRef::compareMemory(Lhs="
\"t2.h\"", Rhs="", Length=6) at StringRef.h:76:22
    frame #2: 0x0000000000701253 clangd`llvm::StringRef::compare(this=0x0000
7f10de7d8610, RHS=(Data = "", Length = 7166742329480737377)) const at String
Ref.h:206:34
  * frame #3: 0x00000000007603ab clangd`llvm::operator<(llvm::StringRef, llv
m::StringRef)(LHS=(Data = "\"t2.h\"", Length = 6), RHS=(Data = "", Length =
7166742329480737377)) at StringRef.h:907:23
    frame #4: 0x0000000002d0ad9f clangd`clang::tooling::HeaderIncludes::inse
rt(this=0x00007f10de7fb1a0, IncludeName=(Data = "t2.h\"", Length = 4), IsAng
led=false) const at HeaderIncludes.cpp:365:22
    frame #5: 0x00000000012ebfdd clangd`clang::clangd::IncludeInserter::inse
rt(this=0x00007f10de7fb148, VerbatimHeader=(Data = "\"t2.h\"", Length = 6))
const at Headers.cpp:262:70
```

A unit test test for the crash was created (`HeaderIncludesTest.RepeatedIncludes`). The proposed solution is to use std::list instead of llvm::SmallVector

Test Plan
```
./tools/clang/unittests/Tooling/ToolingTests --gtest_filter=HeaderIncludesTest.RepeatedIncludes
```

Reviewed By: sammccall

Differential Revision: https://reviews.llvm.org/D118755

More information about the All-commits mailing list