[llvm-bugs] [Bug 50601] New: new-delete-type-mismatch on DwarfDebugInfo

via llvm-bugs llvm-bugs at lists.llvm.org
Mon Jun 7 05:48:37 PDT 2021 

https://bugs.llvm.org/show_bug.cgi?id=50601

            Bug ID: 50601
           Summary: new-delete-type-mismatch on DwarfDebugInfo
           Product: lld
           Version: 12.0
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: MachO
          Assignee: unassignedbugs at nondot.org
          Reporter: m.gehre at gmx.de
                CC: gkm at fb.com, jezreel at gmail.com,
                    llvm-bugs at lists.llvm.org, smeenai at fb.com

Running `check-lld` on current main (8b58092de49b) with 
`-DLLVM_USE_SANITIZER=Address` on gcc 7.5.0 (Ubuntu 18.04),
the test mach-o/debug-syms.yaml fails with

```
==22411==ERROR: AddressSanitizer: new-delete-type-mismatch on 0x60400000ff10 in
thread T0:
  object passed to delete has wrong type:
  size of the allocated type:   48 bytes;
  size of the deallocated type: 16 bytes.
    #0 0x7ffff6ef99c8 in operator delete(void*, unsigned long)
(/usr/lib/x86_64-linux-gnu/libasan.so.4+0xe19c8)
    #1 0x721dc68 in
std::default_delete<lld::mach_o::DebugInfo>::operator()(lld::mach_o::DebugInfo*)
const /usr/include/c++/7/bits/unique_ptr.h:78
    #2 0x7213e05 in std::unique_ptr<lld::mach_o::DebugInfo,
std::default_delete<lld::mach_o::DebugInfo> >::~unique_ptr()
/usr/include/c++/7/bits/unique_ptr.h:263
    #3 0x7229127 in lld::mach_o::MachOFile::~MachOFile()
../libraries/llvm-project/lld/lib/ReaderWriter/MachO/File.h:28
    #4 0x7229231 in lld::mach_o::MachOFile::~MachOFile()
../libraries/llvm-project/lld/lib/ReaderWriter/MachO/File.h:28
    #5 0x3a50f01 in lld::FileNode::~FileNode() (asanrel/bin/lld+0x3a50f01)
    #6 0x74eb8b2 in lld::LinkingContext::~LinkingContext()
(asanrel/bin/lld+0x74eb8b2)
    #7 0x71757b6 in lld::MachOLinkingContext::~MachOLinkingContext()
../libraries/llvm-project/lld/lib/ReaderWriter/MachO/MachOLinkingContext.cpp:171
    #8 0x3a89a43 in lld::mach_o::link(llvm::ArrayRef<char const*>, bool,
llvm::raw_ostream&) (asanrel/bin/lld+0x3a89a43)
    #9 0x3733fef in main ../libraries/llvm-project/lld/tools/lld/lld.cpp:167
    #10 0x7ffff47d6bf6 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21bf6)
    #11 0x3727029 in _start (asanrel/bin/lld+0x3727029)

0x60400000ff10 is located 0 bytes inside of 48-byte region
[0x60400000ff10,0x60400000ff40)
allocated by thread T0 here:
    #0 0x7ffff6ef8448 in operator new(unsigned long)
(/usr/lib/x86_64-linux-gnu/libasan.so.4+0xe0448)
    #1 0x7304594 in
std::enable_if<!std::is_array<lld::mach_o::DwarfDebugInfo>::value,
std::unique_ptr<lld::mach_o::DwarfDebugInfo,
std::default_delete<lld::mach_o::DwarfDebugInfo> > >::type
llvm::make_unique<lld::mach_o::DwarfDebugInfo,
lld::mach_o::TranslationUnitSource>(lld::mach_o::TranslationUnitSource&&)
../libraries/llvm-project/llvm/include/llvm/ADT/STLExtras.h:1070
    #2 0x72ea908 in parseDebugInfo
../libraries/llvm-project/lld/lib/ReaderWriter/MachO/MachONormalizedFileToAtoms.cpp:982
    #3 0x72f830d in
lld::mach_o::normalized::normalizedObjectToAtoms(lld::mach_o::MachOFile*,
lld::mach_o::normalized::NormalizedFile const&, bool)
../libraries/llvm-project/lld/lib/ReaderWriter/MachO/MachONormalizedFileToAtoms.cpp:1554
    #4 0x72f3083 in objectToAtoms
../libraries/llvm-project/lld/lib/ReaderWriter/MachO/MachONormalizedFileToAtoms.cpp:1406
    #5 0x72fa099 in
lld::mach_o::normalized::normalizedToAtoms(lld::mach_o::normalized::NormalizedFile
const&, llvm::StringRef, bool)
../libraries/llvm-project/lld/lib/ReaderWriter/MachO/MachONormalizedFileToAtoms.cpp:1627
    #6 0x734344c in
lld::mach_o::MachOYamlIOTaggedDocumentHandler::handledDocTag(llvm::yaml::IO&,
lld::File const*&) const
../libraries/llvm-project/lld/lib/ReaderWriter/MachO/MachONormalizedFileYAML.cpp:769
    #7 0x74f3a51 in lld::Registry::handleTaggedDoc(llvm::yaml::IO&, lld::File
const*&) const (asanrel/bin/lld+0x74f3a51)
    #8 0x74e4a5c in lld::(anonymous
namespace)::YAMLReader::loadFile(std::unique_ptr<llvm::MemoryBuffer,
std::default_delete<llvm::MemoryBuffer> >, lld::Registry const&) const
(asanrel/bin/lld+0x74e4a5c)
    #9 0x74f30ea in lld::Registry::loadFile(std::unique_ptr<llvm::MemoryBuffer,
std::default_delete<llvm::MemoryBuffer> >) const (asanrel/bin/lld+0x74f30ea)
    #10 0x3a652b7 in addFile(llvm::StringRef, lld::MachOLinkingContext&, bool,
bool) (asanrel/bin/lld+0x3a652b7)
    #11 0x3a8154a in lld::mach_o::parse(llvm::ArrayRef<char const*>,
lld::MachOLinkingContext&) (asanrel/bin/lld+0x3a8154a)
    #12 0x3a893b9 in lld::mach_o::link(llvm::ArrayRef<char const*>, bool,
llvm::raw_ostream&) (asanrel/bin/lld+0x3a893b9)
    #13 0x3733fef in main ../libraries/llvm-project/lld/tools/lld/lld.cpp:167
    #14 0x7ffff47d6bf6 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21bf6)

SUMMARY: AddressSanitizer: new-delete-type-mismatch
(/usr/lib/x86_64-linux-gnu/libasan.so.4+0xe19c8) in operator delete(void*,
unsigned long)
```

The member std::unique_ptr<DebugInfo> _debugInfo of MachOFile contains an
instance of DwarfDebugInfo. It's a derived class of DebugInfo, but DebugInfo
doesn't have a virtual destructor (see
libraries/llvm-project/lld/lib/ReaderWriter/MachO/DebugInfo.h).

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20210607/063d2eb8/attachment.html>

More information about the llvm-bugs mailing list