[LLVMbugs] [Bug 15194] New: Three Clang :: Tooling/* tests crashing clang-check
bugzilla-daemon at llvm.org
bugzilla-daemon at llvm.org
Thu Feb 7 06:06:11 PST 2013
http://llvm.org/bugs/show_bug.cgi?id=15194
Bug ID: 15194
Summary: Three Clang :: Tooling/* tests crashing clang-check
Product: new-bugs
Version: trunk
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: new bugs
Assignee: unassignedbugs at nondot.org
Reporter: thomas at schwinge.name
CC: llvmbugs at cs.uiuc.edu
Classification: Unclassified
I'm seeing the following three tests FAIL for all of GNU/Hurd x86 (the
port I'm currently working on), GNU/Linux x86 and x86_64 (these are all I
tested):
* `Clang :: Tooling/auto-detect-from-source-parent-of-cwd.cpp`
* `Clang :: Tooling/auto-detect-from-source-parent.cpp`
* `Clang :: Tooling/clang-check-autodetect-dir.cpp`
Configure with:
--enable-optimized --enable-expensive-checks --disable-threads
--enable-debug-symbols --enable-debug-runtime
At least --enable-optimized together with --enable-expensive-checks is
required to trigger the crash.
I'm seeing this with both GCC 4.6 and 4.7. It might be a GCC issue, but
we're not sure yet.
For all three tests, the clang-check invocation fails:
*** glibc detected *** [...]/Release+Debug+Asserts+Checks/bin/clang-check:
free(): invalid pointer: 0x00000000014f8720 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x7eb96)[0x7ffff707fb96]
/usr/lib/x86_64-linux-gnu/libstdc++.so.6(_ZNSt15basic_stringbufIcSt11char_traitsIcESaIcEE8overflowEi+0x149)[0x7ffff796d4c9]
/usr/lib/x86_64-linux-gnu/libstdc++.so.6(_ZNSt15basic_streambufIcSt11char_traitsIcEE6xsputnEPKcl+0x36)[0x7ffff7971b76]
/usr/lib/x86_64-linux-gnu/libstdc++.so.6(_ZSt16__ostream_insertIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_PKS3_l+0x194)[0x7ffff7968ba4]
[...]/Release+Debug+Asserts+Checks/bin/clang-check[0x64d8f6]
[...]/Release+Debug+Asserts+Checks/bin/clang-check[0x64de9b]
[...]/Release+Debug+Asserts+Checks/bin/clang-check[0x64eae2]
[...]/Release+Debug+Asserts+Checks/bin/clang-check[0x64cc94]
[...]/Release+Debug+Asserts+Checks/bin/clang-check[0x46c4ae]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed)[0x7ffff702276d]
[...]/Release+Debug+Asserts+Checks/bin/clang-check[0x46da1d]
======= Memory map: ========
00400000-01288000 r-xp 00000000 fc:02 6294823
[...]/Release+Debug+Asserts+Checks/bin/clang-check
01488000-014f7000 r--p 00e88000 fc:02 6294823
[...]/Release+Debug+Asserts+Checks/bin/clang-check
014f7000-014f9000 rw-p 00ef7000 fc:02 6294823
[...]/Release+Debug+Asserts+Checks/bin/clang-check
014f9000-0151d000 rw-p 00000000 00:00 0
[heap]
7ffff6ffd000-7ffff7001000 rw-p 00000000 00:00 0
7ffff7001000-7ffff71b6000 r-xp 00000000 fc:00 260989
/lib/x86_64-linux-gnu/libc-2.15.so
7ffff71b6000-7ffff73b5000 ---p 001b5000 fc:00 260989
/lib/x86_64-linux-gnu/libc-2.15.so
7ffff73b5000-7ffff73b9000 r--p 001b4000 fc:00 260989
/lib/x86_64-linux-gnu/libc-2.15.so
7ffff73b9000-7ffff73bb000 rw-p 001b8000 fc:00 260989
/lib/x86_64-linux-gnu/libc-2.15.so
7ffff73bb000-7ffff73c1000 rw-p 00000000 00:00 0
7ffff73c1000-7ffff73d6000 r-xp 00000000 fc:00 268928
/lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff73d6000-7ffff75d5000 ---p 00015000 fc:00 268928
/lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff75d5000-7ffff75d6000 r--p 00014000 fc:00 268928
/lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff75d6000-7ffff75d7000 rw-p 00015000 fc:00 268928
/lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff75d7000-7ffff76d2000 r-xp 00000000 fc:00 263620
/lib/x86_64-linux-gnu/libm-2.15.so
7ffff76d2000-7ffff78d1000 ---p 000fb000 fc:00 263620
/lib/x86_64-linux-gnu/libm-2.15.so
7ffff78d1000-7ffff78d2000 r--p 000fa000 fc:00 263620
/lib/x86_64-linux-gnu/libm-2.15.so
7ffff78d2000-7ffff78d3000 rw-p 000fb000 fc:00 263620
/lib/x86_64-linux-gnu/libm-2.15.so
7ffff78d3000-7ffff79b8000 r-xp 00000000 fc:00 7656
/usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.17
7ffff79b8000-7ffff7bb7000 ---p 000e5000 fc:00 7656
/usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.17
7ffff7bb7000-7ffff7bbf000 r--p 000e4000 fc:00 7656
/usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.17
7ffff7bbf000-7ffff7bc1000 rw-p 000ec000 fc:00 7656
/usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.17
7ffff7bc1000-7ffff7bd6000 rw-p 00000000 00:00 0
7ffff7bd6000-7ffff7bd8000 r-xp 00000000 fc:00 260985
/lib/x86_64-linux-gnu/libdl-2.15.so
7ffff7bd8000-7ffff7dd8000 ---p 00002000 fc:00 260985
/lib/x86_64-linux-gnu/libdl-2.15.so
7ffff7dd8000-7ffff7dd9000 r--p 00002000 fc:00 260985
/lib/x86_64-linux-gnu/libdl-2.15.so
7ffff7dd9000-7ffff7dda000 rw-p 00003000 fc:00 260985
/lib/x86_64-linux-gnu/libdl-2.15.so
7ffff7dda000-7ffff7dfc000 r-xp 00000000 fc:00 263671
/lib/x86_64-linux-gnu/ld-2.15.so
7ffff7fd9000-7ffff7fda000 rw-p 00000000 00:00 0
7ffff7ff8000-7ffff7ffb000 rw-p 00000000 00:00 0
7ffff7ffb000-7ffff7ffc000 r-xp 00000000 00:00 0
[vdso]
7ffff7ffc000-7ffff7ffd000 r--p 00022000 fc:00 263671
/lib/x86_64-linux-gnu/ld-2.15.so
7ffff7ffd000-7ffff7fff000 rw-p 00023000 fc:00 263671
/lib/x86_64-linux-gnu/ld-2.15.so
7ffffffdd000-7ffffffff000 rw-p 00000000 00:00 0
[stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0
[vsyscall]
strace tells this happens after:
stat("[...]/tools/clang/test/Tooling/Output/auto-detect-from-source-parent.cpp.tmp/abc/def/ijk/qwe/compile_commands.json",
0x7fff104d65f0) = -1 ENOENT (No such file or directory)
valgrind is not really helpful either:
$ valgrind ../../../Release+Debug+Asserts+Checks/bin/clang-check
"[...]/tools/clang/test/Tooling/Output/auto-detect-from-source-parent.cpp.tmp/abc/def/ijk/qwe/test.cpp"
==9372== Memcheck, a memory error detector
==9372== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==9372== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==9372== Command: ../../../Release+Debug+Asserts+Checks/bin/clang-check
[...]/tools/clang/test/Tooling/Output/auto-detect-from-source-parent.cpp.tmp/abc/def/ijk/qwe/test.cpp
==9372==
==9372== Invalid free() / delete / delete[] / realloc()
==9372== at 0x4C2A44B: operator delete(void*) (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==9372== by 0x50D04C8: std::basic_stringbuf<char,
std::char_traits<char>, std::allocator<char> >::overflow(int)
(basic_string.h:246)
==9372== by 0x50D4B75: std::basic_streambuf<char, std::char_traits<char>
>::xsputn(char const*, long) (streambuf.tcc:99)
==9372== by 0x50CBBA3: std::basic_ostream<char, std::char_traits<char>
>& std::__ostream_insert<char, std::char_traits<char>
>(std::basic_ostream<char, std::char_traits<char> >&, char const*, long)
(streambuf:449)
==9372== by 0x64D8F5:
clang::tooling::CompilationDatabase::loadFromDirectory(llvm::StringRef,
std::string&) (ostream:533)
==9372== by 0x64DE9A:
clang::tooling::findCompilationDatabaseFromDirectory(llvm::StringRef,
std::string&) (CompilationDatabase.cpp:57)
==9372== by 0x64EAE1:
clang::tooling::CompilationDatabase::autoDetectFromSource(llvm::StringRef,
std::string&) (CompilationDatabase.cpp:79)
==9372== by 0x64CC93:
clang::tooling::CommonOptionsParser::CommonOptionsParser(int&, char const**)
(CommonOptionsParser.cpp:74)
==9372== by 0x46C4AD: main (ClangCheck.cpp:147)
==9372== Address 0x14f8720 is 0 bytes inside data symbol
"_ZNSs4_Rep20_S_empty_rep_storageE"
(gdb) info symbol 0x14f8720
std::string::_Rep::_S_empty_rep_storage in section .bss of
[...]/Release+Debug+Asserts+Checks/bin/clang-check
This, from my very limited understanding of C++ internals, is the storage
used for an empty std::string.
(gdb) bt
#0 0x00007ffff7037425 in __GI_raise (sig=<optimized out>) at
../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1 0x00007ffff703ab8b in __GI_abort () at abort.c:91
#2 0x00007ffff707539e in __libc_message (do_abort=2, fmt=0x7ffff717f028
"*** glibc detected *** %s: %s: 0x%s ***\n") at
../sysdeps/unix/sysv/linux/libc_fatal.c:201
#3 0x00007ffff707fb96 in malloc_printerr (action=3, str=0x7ffff717b933
"free(): invalid pointer", ptr=<optimized out>) at malloc.c:5007
#4 0x00007ffff796d4c9 in _M_dispose (__a=..., this=0x14f8720
<std::string::_Rep::_S_empty_rep_storage>) at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/basic_string.h:246
#5 ~basic_string (this=0x7fffffffc780, __in_chrg=<optimized out>) at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/basic_string.h:536
#6 std::basic_stringbuf<char, std::char_traits<char>, std::allocator<char>
>::overflow (this=0x7fffffffc8c8, __c=106) at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/sstream.tcc:121
#7 0x00007ffff7971b76 in std::basic_streambuf<char, std::char_traits<char>
>::xsputn (this=0x7fffffffc8c8, __s=<optimized out>, __n=25) at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/streambuf.tcc:99
#8 0x00007ffff7968ba4 in sputn (__s=0xe62645 "json-compilation-database",
this=<optimized out>, __n=25) at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/streambuf:449
#9 __ostream_write<char, std::char_traits<char> > (__n=25, __s=0xe62645
"json-compilation-database", __out=...) at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/ostream_insert.h:50
#10 std::__ostream_insert<char, std::char_traits<char> > (__out=...,
__s=0xe62645 "json-compilation-database", __n=25) at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/ostream_insert.h:101
#11 0x000000000064d8f6 in operator<< <std::char_traits<char> >
(__s=0xe62645 "json-compilation-database", __out=...) at
/usr/include/c++/4.7/ostream:533
#12 clang::tooling::CompilationDatabase::loadFromDirectory
(BuildDirectory=..., ErrorMessage="") at
[...]/tools/clang/lib/Tooling/CompilationDatabase.cpp:42
#13 0x000000000064de9b in
clang::tooling::findCompilationDatabaseFromDirectory (Directory=...,
ErrorMessage="") at [...]/tools/clang/lib/Tooling/CompilationDatabase.cpp:57
#14 0x000000000064eae2 in
clang::tooling::CompilationDatabase::autoDetectFromSource (SourceFile=...,
ErrorMessage="") at [...]/tools/clang/lib/Tooling/CompilationDatabase.cpp:79
#15 0x000000000064cc94 in
clang::tooling::CommonOptionsParser::CommonOptionsParser (this=0x7fffffffd4b0,
argc=<optimized out>, argv=<optimized out>)
at [...]/tools/clang/lib/Tooling/CommonOptionsParser.cpp:74
#16 0x000000000046c4ae in main (argc=2, argv=0x7fffffffd828) at
[...]/tools/clang/tools/clang-check/ClangCheck.cpp:147
I tried stepping the code, but quickly got lost in the "C++ jumble", plus
this being optimized code (which is required to trigger the issue). The
last bits when starting at frame #12:
CompilationDatabase *
CompilationDatabase::loadFromDirectory(StringRef BuildDirectory,
std::string &ErrorMessage) {
[...]
ErrorStream << It->getName() << ": " << DatabaseErrorMessage << "\n";
And indeed it tries to delete/free this .bss symbol, which is not
supposed to happen of course:
[...]
std::basic_stringbuf<char, std::char_traits<char>, std::allocator<char>
>::_M_pbump (this=this at entry=0x7fffffffc8c8, __pbeg=0x14fce58 "j",
__pend=0x14fd058 "", __off=0)
at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/sstream.tcc:263
263 in
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/sstream.tcc
(gdb) s
262 in
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/sstream.tcc
(gdb)
setp (__pend=0x14fd058 "", __pbeg=0x14fce58 "j", this=0x7fffffffc8c8) at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/streambuf:555
555
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/streambuf:
No such file or directory.
(gdb)
556 in
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/streambuf
(gdb)
std::basic_stringbuf<char, std::char_traits<char>, std::allocator<char>
>::_M_pbump (this=this at entry=0x7fffffffc8c8, __pbeg=0x14fce58 "j",
__pend=0x14fd058 "", __off=0)
at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/sstream.tcc:263
263
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/sstream.tcc:
No such file or directory.
(gdb)
268 in
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/sstream.tcc
(gdb)
pbump (__n=0, this=<optimized out>) at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/streambuf:543
543
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/streambuf:
No such file or directory.
(gdb)
std::basic_stringbuf<char, std::char_traits<char>, std::allocator<char>
>::_M_sync (this=this at entry=0x7fffffffc8c8, __base=<optimized out>,
__i=<optimized out>, __o=<optimized out>)
at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/sstream.tcc:252
252
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/sstream.tcc:
No such file or directory.
(gdb)
255 in
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/sstream.tcc
(gdb)
std::basic_stringbuf<char, std::char_traits<char>, std::allocator<char>
>::overflow (this=0x7fffffffc8c8, __c=106) at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/sstream.tcc:121
121 in
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/sstream.tcc
(gdb)
~basic_string (this=0x7fffffffc780, __in_chrg=<optimized out>) at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/basic_string.h:536
536
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/basic_string.h:
No such file or directory.
(gdb)
_M_dispose (__a=..., this=0x14f8720
<std::string::_Rep::_S_empty_rep_storage>) at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/basic_string.h:237
237 in
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/basic_string.h
(gdb)
242 in
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/basic_string.h
(gdb)
__gnu_cxx::__exchange_and_add_dispatch (__mem=__mem at entry=0x14f8730
<std::string::_Rep::_S_empty_rep_storage+16>, __val=-1) at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/ext/atomicity.h:80
80
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/ext/atomicity.h:
No such file or directory.
(gdb)
83 in
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/ext/atomicity.h
(gdb)
__exchange_and_add_single (__val=-1, __mem=0x14f8730
<std::string::_Rep::_S_empty_rep_storage+16>) at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/ext/atomicity.h:66
66 in
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/ext/atomicity.h
(gdb)
67 in
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/ext/atomicity.h
(gdb)
__gnu_cxx::__exchange_and_add_dispatch (__mem=__mem at entry=0x14f8730
<std::string::_Rep::_S_empty_rep_storage+16>, __val=-1) at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/ext/atomicity.h:87
87 in
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/ext/atomicity.h
(gdb)
_M_dispose (__a=..., this=0x14f8720
<std::string::_Rep::_S_empty_rep_storage>) at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/basic_string.h:246
246
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/basic_string.h:
No such file or directory.
(gdb)
std::string::_Rep::_M_destroy (this=0x14f8720
<std::string::_Rep::_S_empty_rep_storage>, __a=...) at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/basic_string.tcc:451
451
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/bits/basic_string.tcc:
No such file or directory.
(gdb)
deallocate (__p=0x14f8720 <std::string::_Rep::_S_empty_rep_storage> "",
this=<optimized out>) at
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/ext/new_allocator.h:100
100
/build/buildd/gcc-4.7-4.7.2/build/x86_64-linux-gnu/libstdc++-v3/include/ext/new_allocator.h:
No such file or directory.
(gdb)
operator delete (ptr=0x14f8720 <std::string::_Rep::_S_empty_rep_storage>)
at ../../../../src/libstdc++-v3/libsupc++/del_op.cc:47
47 ../../../../src/libstdc++-v3/libsupc++/del_op.cc: No such file or
directory.
(gdb)
48 in ../../../../src/libstdc++-v3/libsupc++/del_op.cc
(gdb)
__GI___libc_free (mem=0x14f8720 <std::string::_Rep::_S_empty_rep_storage>)
at malloc.c:2957
2957 malloc.c: No such file or directory.
(gdb) finish
Run till exit from #0 __GI___libc_free (mem=0x14f8720
<std::string::_Rep::_S_empty_rep_storage>) at malloc.c:2957
*** glibc detected *** [...]/Release+Debug+Asserts+Checks/bin/clang-check:
free(): invalid pointer: 0x00000000014f8720 ***
======= Backtrace: =========
[see above]
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20130207/3dde6a62/attachment.html>
More information about the llvm-bugs
mailing list