[llvm-bugs] [Bug 24646] New: SEGV on unknown address in :InlineAsm::ConstraintInfo::Parse
via llvm-bugs
llvm-bugs at lists.llvm.org
Mon Aug 31 15:49:22 PDT 2015
https://llvm.org/bugs/show_bug.cgi?id=24646
Bug ID: 24646
Summary: SEGV on unknown address in
:InlineAsm::ConstraintInfo::Parse
Product: new-bugs
Version: trunk
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: new bugs
Assignee: unassignedbugs at nondot.org
Reporter: kschimpf at google.com
CC: llvm-bugs at lists.llvm.org
Classification: Unclassified
Created attachment 14801
--> https://llvm.org/bugs/attachment.cgi?id=14801&action=edit
Test file bug6.ll
The test file bug6.ll is attached.
This bug was found using afl-fuzz on llvm-as (with address sanitizer included).
When you run:
llvm-as bug6.ll -o /dev/null
You get the following crash:
ASAN:DEADLYSIGNAL
=================================================================
==18076==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000020 (pc
0x000000982713 bp 0x7fffc88b2210 sp 0x7fffc88b1f40 T0)
#0 0x982712 in llvm::InlineAsm::ConstraintInfo::Parse(llvm::StringRef,
std::vector<llvm::InlineAsm::ConstraintInfo,
std::allocator<llvm::InlineAsm::ConstraintInfo> >&)
/workspace/llvm-dev/llvm/lib/IR/InlineAsm.cpp:164:20
#1 0x9851d8 in llvm::InlineAsm::ParseConstraints(llvm::StringRef)
/workspace/llvm-dev/llvm/lib/IR/InlineAsm.cpp:220:9
#2 0x98677b in llvm::InlineAsm::Verify(llvm::FunctionType*,
llvm::StringRef) /workspace/llvm-dev/llvm/lib/IR/InlineAsm.cpp:247:38
#3 0x57ab06 in llvm::LLParser::ConvertValIDToValue(llvm::Type*,
llvm::ValID&, llvm::Value*&, llvm::LLParser::PerFunctionState*,
llvm::LLParser::OperatorConstraint)
/workspace/llvm-dev/llvm/lib/AsmParser/LLParser.cpp:4132:10
#4 0x5c2290 in llvm::LLParser::ParseCall(llvm::Instruction*&,
llvm::LLParser::PerFunctionState&, llvm::CallInst::TailCallKind)
/workspace/llvm-dev/llvm/lib/AsmParser/LLParser.cpp:5592:7
#5 0x5a583d in llvm::LLParser::ParseInstruction(llvm::Instruction*&,
llvm::BasicBlock*, llvm::LLParser::PerFunctionState&)
/workspace/llvm-dev/llvm/lib/AsmParser/LLParser.cpp:4768:35
#6 0x5a27d9 in
llvm::LLParser::ParseBasicBlock(llvm::LLParser::PerFunctionState&)
/workspace/llvm-dev/llvm/lib/AsmParser/LLParser.cpp:4629:13
#7 0x535804 in llvm::LLParser::ParseFunctionBody(llvm::Function&)
/workspace/llvm-dev/llvm/lib/AsmParser/LLParser.cpp:4577:9
#8 0x5111d9 in ParseDefine
/workspace/llvm-dev/llvm/lib/AsmParser/LLParser.cpp:411:10
#9 0x5111d9 in llvm::LLParser::ParseTopLevelEntities()
/workspace/llvm-dev/llvm/lib/AsmParser/LLParser.cpp:217
#10 0x510ba1 in llvm::LLParser::Run()
/workspace/llvm-dev/llvm/lib/AsmParser/LLParser.cpp:48:10
#11 0x4f1151 in llvm::parseAssemblyInto(llvm::MemoryBufferRef,
llvm::Module&, llvm::SMDiagnostic&, llvm::SlotMapping*)
/workspace/llvm-dev/llvm/lib/AsmParser/Parser.cpp:31:10
#12 0x4f241b in parseAssembly
/workspace/llvm-dev/llvm/lib/AsmParser/Parser.cpp:41:7
#13 0x4f241b in llvm::parseAssemblyFile(llvm::StringRef,
llvm::SMDiagnostic&, llvm::LLVMContext&, llvm::SlotMapping*)
/workspace/llvm-dev/llvm/lib/AsmParser/Parser.cpp:59
#14 0x4ed9a1 in main
/workspace/llvm-dev/llvm/tools/llvm-as/llvm-as.cpp:96:31
#15 0x7fbf3027eec4 in __libc_start_main
/build/buildd/eglibc-2.19/csu/libc-start.c:287
#16 0x424f2b in _start
(/workspace/llvm-dev/build-as-test/bin/llvm-as+0x424f2b)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV
/workspace/llvm-dev/llvm/lib/IR/InlineAsm.cpp:164:20 in
llvm::InlineAsm::ConstraintInfo::Parse(llvm::StringRef,
std::vector<llvm::InlineAsm::ConstraintInfo,
std::allocator<llvm::InlineAsm::ConstraintInfo> >&)
==18076==ABORTING
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20150831/fceb31a9/attachment-0001.html>
More information about the llvm-bugs
mailing list