[cfe-dev] Use-after-free/-poison bug in AST building
Kim Gräsman via cfe-dev
cfe-dev at lists.llvm.org
Sun Oct 17 09:56:13 PDT 2021
Hi Volodymyr,
Thanks, all good suggestions!
I'll try these suggestions out when I get a chance.
Cheers,
Kim
On Thu, Oct 7, 2021, 04:52 Volodymyr Sapsai <vsapsai at apple.com> wrote:
> Personally I don’t have any advice on how to deal with ASAN errors. From
> experience it helps to work with clang and clang libraries built with
> assertions enabled, it helps to encounter inconsistencies like
> FunctionDecl/AccessSpecDecl pretty early. What else can be helpful is to
> have pure clang failing and to remove IWYU itself from the list of suspects.
>
> You can try to minimize the repro manually or with creduce-clang-crash.py
> <https://github.com/llvm/llvm-project/blob/main/clang/utils/creduce-clang-crash.py> or
> with C-Reduce itself <http://embed.cs.utah.edu/creduce/>.
>
> Hope this helps,
> Volodymyr
>
> On Sep 23, 2021, at 12:00, Kim Gräsman via cfe-dev <cfe-dev at lists.llvm.org>
> wrote:
>
> We've had a curious bug reported on IWYU, where
> CastExpr::getConversionFunction does not return a FunctionDecl.
>
> After some research, it turns out we get an AccessSpecDecl instead, which
> seems like a strange conversion function.
>
> I tried running with ASAN enabled for only IWYU, but didn't get any useful
> results, but eventually I managed to repro a non-IWYU contained example.
> That in turn led me to:
> https://bugs.llvm.org/show_bug.cgi?id=44972
>
> I'm not sure where to go from there, though... It seems the parser somehow
> triggers a use-after-free in BumpPtrAllocator. Can I narrow it down
> somehow? I have an 800K preprocessed repro, but from cursory experiments
> ASAN triggers use-after-poison there on basically anything.
>
> Thanks for any ideas for narrowing down the issue,
> - Kim
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at lists.llvm.org
> https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20211017/023ab0f2/attachment.html>
More information about the cfe-dev
mailing list