r206644 - Don't read CompilerInstance fields that don't exist in ASTUnit

Ben Langmuir blangmuir at apple.com
Tue Apr 22 09:11:15 PDT 2014


On Apr 22, 2014, at 12:13 AM, Evgeniy Stepanov <eugeni.stepanov at gmail.com> wrote:

> Hi,
> 
> This is crashing on ASan bootstrap bot with what looks like NULL dereference.

Thanks for letting me know.  I’m bootstrapping an asanified clang to try to reproduce this, because this is not breaking for me even with more liberal asserts sprinkled into printDiagsToStderr().

Ben

> 
> http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux-bootstrap/builds/3112/steps/check-clang%20asan/logs/stdio
> 
> Crashing test: Clang :: Index/pch-with-errors.c
> 
> $ ASAN_SYMBOLIZER_PATH=../llvm_build0/bin/llvm-symbolizer
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm_build_asan/./bin/c-index-test
> -write-pch /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm_build_asan/tools/clang/test/Index/Output/pch-with-errors.c.tmp.pch
> foobar.c
> ASAN:SIGSEGV
> =================================================================
> ==12621==ERROR: AddressSanitizer: SEGV on unknown address
> 0x0000000006b0 (pc 0x7f7c8294870d sp 0x7f7c7e817980 bp 0x7f7c7e817ad0
> T2)
>    #0 0x7f7c8294870c in CXDiagnosticSetImpl
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/tools/clang/tools/libclang/CIndexDiagnostic.h:31
>    #1 0x7f7c8294870c in CXDiagnosticImpl
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/tools/clang/tools/libclang/CIndexDiagnostic.h:100
>    #2 0x7f7c8294870c in getASTContext
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/tools/clang/tools/libclang/CIndexDiagnostic.h:119
>    #3 0x7f7c8294870c in
> clang::cxindex::printDiagsToStderr(clang::ASTUnit*)
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/tools/clang/tools/libclang/CIndex.cpp:6719
>    #4 0x7f7c82925b4b in clang_parseTranslationUnit_Impl(void*)
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/tools/clang/tools/libclang/CIndex.cpp:2795
>    #5 0x7f7c841a170b in llvm::CrashRecoveryContext::RunSafely(void
> (*)(void*), void*)
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/lib/Support/CrashRecoveryContext.cpp:316
>    #6 0x7f7c841a1ac0 in RunSafelyOnThread_Dispatch(void*)
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/lib/Support/CrashRecoveryContext.cpp:347
>    #7 0x7f7c84239d4f in ExecuteOnThread_Dispatch(void*)
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/lib/Support/Threading.cpp:75
>    #8 0x7f7c81c27181 in start_thread
> (/lib/x86_64-linux-gnu/libpthread.so.0+0x8181)
>    #9 0x7f7c81131b5c in clone (/lib/x86_64-linux-gnu/libc.so.6+0xfab5c)
> 
> AddressSanitizer can not provide additional info.
> SUMMARY: AddressSanitizer: SEGV
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/tools/clang/tools/libclang/CIndexDiagnostic.h:31
> CXDiagnosticSetImpl
> Thread T2 created by T1 here:
>    #0 0x42a2fe in __interceptor_pthread_create
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/projects/compiler-rt/lib/asan/asan_interceptors.cc:176
>    #1 0x7f7c84239c6c in llvm::llvm_execute_on_thread(void (*)(void*),
> void*, unsigned int)
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/lib/Support/Threading.cpp:96
>    #2 0x7f7c841a1985 in
> llvm::CrashRecoveryContext::RunSafelyOnThread(void (*)(void*), void*,
> unsigned int) /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/lib/Support/CrashRecoveryContext.cpp:352
>    #3 0x7f7c82923d55 in RunSafely
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/tools/clang/tools/libclang/CIndex.cpp:6688
>    #4 0x7f7c82923d55 in clang_parseTranslationUnit2
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/tools/clang/tools/libclang/CIndex.cpp:2845
>    #5 0x4b45b3 in write_pch_file
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/tools/clang/tools/c-index-test/c-index-test.c:3685
>    #6 0x4b6fd4 in cindextest_main
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/tools/clang/tools/c-index-test/c-index-test.c:4052
>    #7 0x4b9f57 in thread_runner
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/tools/clang/tools/c-index-test/c-index-test.c:4075
>    #8 0x7f7c84239d4f in ExecuteOnThread_Dispatch(void*)
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/lib/Support/Threading.cpp:75
>    #9 0x7f7c81c27181 in start_thread
> (/lib/x86_64-linux-gnu/libpthread.so.0+0x8181)
> 
> Thread T1 created by T0 here:
>    #0 0x42a2fe in __interceptor_pthread_create
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/projects/compiler-rt/lib/asan/asan_interceptors.cc:176
>    #1 0x7f7c84239c6c in llvm::llvm_execute_on_thread(void (*)(void*),
> void*, unsigned int)
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/lib/Support/Threading.cpp:96
>    #2 0x4ba0a0 in main
> /home/dtoolsbot/build/sanitizer-x86_64-linux-bootstrap/build/llvm/tools/clang/tools/c-index-test/c-index-test.c:4093
>    #3 0x7f7c81058ed4 in __libc_start_main
> (/lib/x86_64-linux-gnu/libc.so.6+0x21ed4)
> 
> On Sat, Apr 19, 2014 at 12:39 AM, Ben Langmuir <blangmuir at apple.com> wrote:
>> Author: benlangmuir
>> Date: Fri Apr 18 15:39:48 2014
>> New Revision: 206644
>> 
>> URL: http://llvm.org/viewvc/llvm-project?rev=206644&view=rev
>> Log:
>> Don't read CompilerInstance fields that don't exist in ASTUnit
>> 
>> When transferring data from a CompilerInstance in an error path we need
>> to consider cases where the various fields are uninitialized.
>> 
>> Modified:
>>    cfe/trunk/lib/Frontend/ASTUnit.cpp
>> 
>> Modified: cfe/trunk/lib/Frontend/ASTUnit.cpp
>> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Frontend/ASTUnit.cpp?rev=206644&r1=206643&r2=206644&view=diff
>> ==============================================================================
>> --- cfe/trunk/lib/Frontend/ASTUnit.cpp (original)
>> +++ cfe/trunk/lib/Frontend/ASTUnit.cpp Fri Apr 18 15:39:48 2014
>> @@ -1717,11 +1717,14 @@ void ASTUnit::transferASTDataFromCompile
>>   // Steal the created target, context, and preprocessor.
>>   TheSema.reset(CI.takeSema());
>>   Consumer.reset(CI.takeASTConsumer());
>> -  Ctx = &CI.getASTContext();
>> -  PP = &CI.getPreprocessor();
>> +  if (CI.hasASTContext())
>> +    Ctx = &CI.getASTContext();
>> +  if (CI.hasPreprocessor())
>> +    PP = &CI.getPreprocessor();
>>   CI.setSourceManager(0);
>>   CI.setFileManager(0);
>> -  Target = &CI.getTarget();
>> +  if (CI.hasTarget())
>> +    Target = &CI.getTarget();
>>   Reader = CI.getModuleManager();
>>   HadModuleLoaderFatalFailure = CI.hadModuleLoaderFatalFailure();
>> }
>> 
>> 
>> _______________________________________________
>> cfe-commits mailing list
>> cfe-commits at cs.uiuc.edu
>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits





More information about the cfe-commits mailing list