[llvm-bugs] [Bug 53116] Crash during processing of malformed source file

LLVM Bugs via llvm-bugs Mon, 10 Jan 2022 14:29:51 -0800

Issue	53116
Summary	Crash during processing of malformed source file
Labels	new issue
Assignees
Reporter	retpoline

    Hi folks,

A crash was found while fuzz testing of the castxml binary which can be triggered via a very short, malformed source file.


**system info**

```
Ubuntu 20.04 x64

$ clang -v
clang version 10.0.0-4ubuntu1 
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/11
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/9
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/11
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/9
Selected GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/11
Candidate multilib: .;@m64
Selected multilib: .;@m64
```

**crash.cxx**

```
;
```

**debug log**

```
(gdb) set environment LD_PRELOAD=/usr/lib/libefence.so
(gdb) r crash.cxx
Starting program: /usr/bin/clang crash.cxx

  Electric Fence 2.2 Copyright (C) 1987-1999 Bruce Perens <[email protected]>
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

  Electric Fence 2.2 Copyright (C) 1987-1999 Bruce Perens <[email protected]>
[Detaching after vfork from child process 917813]

  Electric Fence 2.2 Copyright (C) 1987-1999 Bruce Perens <[email protected]>
Stack dump:
0.	Program arguments: /usr/lib/llvm-10/bin/clang -cc1 -triple x86_64-pc-linux-gnu -emit-obj -mrelax-all -disable-free -disable-llvm-verifier -discard-value-names -main-file-name crash.cxx -mrelocation-model static -mthread-model posix -mframe-pointer=all -fmath-errno -fno-rounding-math -masm-verbose -mconstructor-aliases -munwind-tables -target-cpu x86-64 -dwarf-column-info -fno-split-dwarf-inlining -debugger-tuning=gdb -resource-dir /usr/lib/llvm-10/lib/clang/10.0.0 -internal-isystem /usr/bin/../lib/gcc/x86_64-linux-gnu/11/../../../../include/c++ -internal-isystem /usr/bin/../lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/x86_64-linux-gnu -internal-isystem /usr/bin/../lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/backward -internal-isystem /usr/local/include -internal-isystem /usr/lib/llvm-10/lib/clang/10.0.0/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -fdeprecated-macro -fdebug-compilation-dir /home/test -ferror-limit 19 -fmessage-length 197 -fgnuc-version=4.2.1 -fobjc-runtime=gcc -fcxx-exceptions -fexceptions -fdiagnostics-show-option -fcolor-diagnostics -faddrsig -o /tmp/crash-6e73a6.o -x c++ crash.cxx 
 #0 0x00007ffff15bc4ff llvm::sys::PrintStackTrace(llvm::raw_ostream&) (/lib/x86_64-linux-gnu/libLLVM-10.so.1+0x9814ff)
 #1 0x00007ffff15ba7b0 llvm::sys::RunSignalHandlers() (/lib/x86_64-linux-gnu/libLLVM-10.so.1+0x97f7b0)
 #2 0x00007ffff15bcac5 (/lib/x86_64-linux-gnu/libLLVM-10.so.1+0x981ac5)
 #3 0x00007ffff7d8c3c0 __restore_rt (/lib/x86_64-linux-gnu/libpthread.so.0+0x153c0)
 #4 0x00007ffff5b9e95f clang::Parser::initializePragmaHandlers() (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x8cf95f)
 #5 0x00007ffff5bc67c8 clang::Parser::Parser(clang::Preprocessor&, clang::Sema&, bool) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x8f77c8)
 #6 0x00007ffff5b249ff clang::ParseAST(clang::Sema&, bool, bool) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x8559ff)
 #7 0x00007ffff6f9ae58 clang::FrontendAction::Execute() (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x1ccbe58)
 #8 0x00007ffff6f538a1 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x1c848a1)
 #9 0x00007ffff6ffedaf clang::ExecuteCompilerInvocation(clang::CompilerInstance*) (/lib/x86_64-linux-gnu/libclang-cpp.so.10+0x1d2fdaf)
#10 0x000000000041229d cc1_main(llvm::ArrayRef<char const*>, char const*, void*) (/usr/lib/llvm-10/bin/clang+0x41229d)
#11 0x00000000004105b1 (/usr/lib/llvm-10/bin/clang+0x4105b1)
#12 0x000000000041036d main (/usr/lib/llvm-10/bin/clang+0x41036d)
#13 0x00007ffff07220b3 __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:342:3
#14 0x000000000040d7ce _start (/usr/lib/llvm-10/bin/clang+0x40d7ce)
clang: error: unable to execute command: Segmentation fault (core dumped)
clang: error: clang frontend command failed due to signal (use -v to see invocation)
clang version 10.0.0-4ubuntu1 
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
clang: note: diagnostic msg: PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash backtrace, preprocessed source, and associated run script.
[Detaching after vfork from child process 919294]
clang: error: unable to execute command: Segmentation fault (core dumped)
clang: note: diagnostic msg: Error generating preprocessed source(s).
[Inferior 1 (process 917701) exited with code 0376]
(gdb) 
```

Thanks!

_______________________________________________
llvm-bugs mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs

[llvm-bugs] [Bug 53116] Crash during processing of malformed source file

Reply via email to