[llvm-bugs] [Bug 50567] New: Use-after-poison in ClangTool::run on ubuntu 14.04
via llvm-bugs
llvm-bugs at lists.llvm.org
Thu Jun 3 01:28:33 PDT 2021
https://bugs.llvm.org/show_bug.cgi?id=50567
Bug ID: 50567
Summary: Use-after-poison in ClangTool::run on ubuntu 14.04
Product: clang
Version: 10.0
Hardware: PC
OS: Linux
Status: NEW
Severity: enhancement
Priority: P
Component: Tooling
Assignee: unassignedclangbugs at nondot.org
Reporter: vad.e.volodin at gmail.com
CC: llvm-bugs at lists.llvm.org
Error while using address sanitizer on ubuntu 14.04:
Use-after-poison on address 0x621000006550 at pc 0x0000004c9fa7 bp
0x7ffda1facc90 sp 0x7ffda1fac440
WRITE of size 8 at 0x621000006550 thread T0
__interceptor_memcpy.part.0
RegisterBuiltinMacro(clang::Preprocessor&, char const*)
clang::Preprocessor::RegisterBuiltinMacros()
clang::Preprocessor::Preprocessor(std::shared_ptr<clang::PreprocessorOptions>,
clang::DiagnosticsEngine&, clang::LangOptions&, clang::SourceManager&,
clang::HeaderSearch&, clang::ModuleLoader&, clang::IdentifierInfoLookup*, bool,
clang::TranslationUnitKind)
clang::CompilerInstance::createPreprocessor(clang::TranslationUnitKind)
clang::FrontendAction::BeginSourceFile(clang::CompilerInstance&,
clang::FrontendInputFile const&)
clang::CompilerInstance::ExecuteAction(clang::FrontendAction&)
clang::tooling::FrontendActionFactory::runInvocation(std::shared_ptr<clang::CompilerInvocation>,
clang::FileManager*, std::shared_ptr<clang::PCHContainerOperations>,
clang::DiagnosticConsumer*)
clang::tooling::ToolInvocation::runInvocation(char const*,
clang::driver::Compilation*, std::shared_ptr<clang::CompilerInvocation>,
std::shared_ptr<clang::PCHContainerOperations>)
clang::tooling::ToolInvocation::run()
clang::tooling::ClangTool::run(clang::tooling::ToolAction*)
MyFetcher::fetchWithProgress()
main
__libc_start_main
_start
Allocated by thread T0 here:
malloc
llvm::safe_malloc(unsigned long)
llvm::MallocAllocator::Allocate(unsigned long, unsigned long)
llvm::BumpPtrAllocatorImpl<llvm::MallocAllocator, 4096ul,
4096ul>::StartNewSlab()
llvm::BumpPtrAllocatorImpl<llvm::MallocAllocator, 4096ul,
4096ul>::Allocate(unsigned long, llvm::Align)
llvm::BumpPtrAllocatorImpl<llvm::MallocAllocator, 4096ul,
4096ul>::Allocate(unsigned long, unsigned long)
llvm::StringMapEntry<clang::IdentifierInfo*>*
llvm::StringMapEntry<clang::IdentifierInfo*>::Create<llvm::BumpPtrAllocatorImpl,
clang::IdentifierInfo*>(llvm::StringRef,
llvm::BumpPtrAllocatorImpl<llvm::MallocAllocator, 4096ul, 4096ul>&,
clang::IdentifierInfo*&&)
std::pair<llvm::StringMapIterator, bool>
llvm::StringMap<clang::IdentifierInfo*,
llvm::BumpPtrAllocatorImpl>::try_emplace<clang::IdentifierInfo*>(llvm::StringRef,
clang::IdentifierInfo*&&)
llvm::StringMap<clang::IdentifierInfo*,
llvm::BumpPtrAllocatorImpl>::insert(std::pair<llvm::StringRef,
clang::IdentifierInfo*>)
clang::IdentifierTable::get(llvm::StringRef)
clang::Preprocessor::Preprocessor(std::shared_ptr<clang::PreprocessorOptions>,
clang::DiagnosticsEngine&, clang::LangOptions&, clang::SourceManager&,
clang::HeaderSearch&, clang::ModuleLoader&, clang::IdentifierInfoLookup*, bool,
clang::TranslationUnitKind)
Code:
#include <clang/ASTMatchers/ASTMatchFinder.h>
#include <clang/Frontend/FrontendActions.h>
#include <clang/Tooling/CommonOptionsParser.h>
#include <clang/Tooling/Tooling.h>
#include <filesystem>
class MyTypeDeclsMatchCallback : public
clang::ast_matchers::MatchFinder::MatchCallback {
using MatchFinder = clang::ast_matchers::MatchFinder;
public:
explicit MyTypeDeclsMatchCallback() {
}
void run(const MatchFinder::MatchResult &Result) override {
}
};
class MyFetcher {
using MatchFinder = clang::ast_matchers::MatchFinder;
using MatchCallback = clang::ast_matchers::MatchFinder::MatchCallback;
public:
friend class MyTypeDeclsMatchCallback;
explicit MyFetcher() {
std::filesystem::path jsonPath =
"/home/utbot/UnitTestBot/UTBotCpp/server/test/suites/syntax";
std::string errorMessage;
compilationDatabase =
clang::tooling::CompilationDatabase::autoDetectFromDirectory(jsonPath.string(),
errorMessage);
const clang::ast_matchers::DeclarationMatcher structJustDeclMatcher =
clang::ast_matchers::recordDecl(clang::ast_matchers::isStruct())
.bind("struct_just_decl");
finder.addMatcher(structJustDeclMatcher, callback.get());
}
void fetchWithProgress() {
auto factory = newFrontendActionFactory(&finder, &sourceFileCallbacks);
std::filesystem::path file =
"/home/utbot/UnitTestBot/UTBotCpp/server/test/suites/syntax/main.c";
auto clangTool =
std::make_unique<clang::tooling::ClangTool>(*compilationDatabase,
file.string());
int status = 0;
status = clangTool->run(factory.get());
}
private:
std::unique_ptr<MatchCallback> callback =
std::make_unique<MyTypeDeclsMatchCallback>();
std::shared_ptr<clang::tooling::CompilationDatabase> compilationDatabase;
clang::tooling::SourceFileCallbacks sourceFileCallbacks;
MatchFinder finder;
};
int main() {
MyFetcher fetcher;
fetcher.fetchWithProgress();
}
class SourceToHeaderMatchCallback : public
clang::ast_matchers::MatchFinder::MatchCallback {
using MatchFinder = clang::ast_matchers::MatchFinder;
private:
void renameDecl(const clang::NamedDecl *decl, const std::string &name)
const;
};
void SourceToHeaderMatchCallback::renameDecl(const clang::NamedDecl *decl,
const std::string &name) const {
auto &info = decl->getASTContext().Idents.get(name);
clang::DeclarationName wrapperDeclarationName{ &info };
const_cast<clang::NamedDecl *>(decl)->setDeclName(wrapperDeclarationName);
}
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20210603/ca37b16f/attachment.html>
More information about the llvm-bugs
mailing list