Dmitry Babokin via llvm-dev
2016-Jan-22 14:06 UTC
[llvm-dev] Clang 3.8 fails with asan enabled
Kostya, all, I'm trying to build my project by clang 3.8rc1 with enabled asan (clang itself is address sanitized) and it fails on several files from my project (ISPC, github.com/ispc/ispc). I've reproduced this on MacOS and Linux. Please let me know if you need any other info. How to reproduce: 1) Build address sanitized clang 3.8rc1: cd /path-to-working-dir svn co llvm.org/svn/llvm-project/llvm/tags/RELEASE_380/rc1 llvm cd llvm/tools svn co llvm.org/svn/llvm-project/cfe/tags/RELEASE_380/rc1 clang cd clang/tools svn co llvm.org/svn/llvm-project/clang-tools-extra/tags/RELEASE_380/rc1 extra cd ../../../projects svn co llvm.org/svn/llvm-project/compiler-rt/tags/RELEASE_380/rc1 compiler-rt cd ../.. mkdir build bin cd build cmake -G Ninja -DCMAKE_EXPORT_COMPILE_COMMANDS=ON -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=../bin -DLLVM_TARGETS_TO_BUILD=X86 ../llvm/ -DLLVM_ENABLE_ASSERTIONS=ON ninja ninja install mkdir buildrt binrt cd buildrt # Build clang with sanitizer with clang we just built: cmake -G Ninja -DCMAKE_CXX_COMPILER=../bin/bin/clang++ -DCMAKE_C_COMPILER=../bin/bin/clang -DCMAKE_EXPORT_COMPILE_COMMANDS=ON -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=../binrt -DLLVM_TARGETS_TO_BUILD=X86 ../llvm/ -DLLVM_ENABLE_ASSERTIONS=ON -DLLVM_USE_SANITIZER=Address ninja ninja install export PATH=/path-to-working-dir/binrt/bin/:$PATH # add clang with sanitizer to PATH 2) Try building ISPC. Note, if it doesn't build out of the box and requires some dependancies, just run compile commands for expr.cpp and type.cpp (see below). git clone github.com/ispc/ispc cd ispc # Both compilation strings emit clang address sanitizer error: clang++ $(llvm-config --cxxflags) expr.cpp -c -DLLVM_3_8 -O2 clang++ $(llvm-config --cxxflags) type.cpp -c -DLLVM_3_8 -O2 Output (for type.cpp): ==================================================================32315==ERROR: AddressSanitizer: heap-use-after-free on address 0x6070000dcaf8 at pc 0x000001034f98 bp 0x7ffca5cbf850 sp 0x7ffca5cbf848 READ of size 8 at 0x6070000dcaf8 thread T0 #0 0x1034f97 in begin /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/ADT/ilist.h:410:21 #1 0x1034f97 in begin /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/IR/BasicBlock.h:219 #2 0x1034f97 in begin<llvm::BasicBlock> /usr/lib/gcc/x86_64-redhat-linux/5.1.1/../../../../include/c++/5.1.1/bits/range_access.h:49 #3 0x1034f97 in reverse<llvm::BasicBlock &> /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/ADT/STLExtras.h:231 #4 0x1034f97 in optimizeBlock /export/users/amitrokh/llvm-sanitizer/llvm/lib/CodeGen/CodeGenPrepare.cpp:5250 #5 0x1034f97 in (anonymous namespace)::CodeGenPrepare::runOnFunction(llvm::Function&) /export/users/amitrokh/llvm-sanitizer/llvm/lib/CodeGen/CodeGenPrepare.cpp:262 #6 0x19b7398 in llvm::FPPassManager::runOnFunction(llvm::Function&) /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1550:23 #7 0x19b78e5 in llvm::FPPassManager::runOnModule(llvm::Module&) /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1571:16 #8 0x19b85f1 in runOnModule /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1627:23 #9 0x19b85f1 in llvm::legacy::PassManagerImpl::run(llvm::Module&) /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1730 #10 0x2761652 in EmitAssembly /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/BackendUtil.cpp:708:5 #11 0x2761652 in clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef, llvm::Module*, clang::BackendAction, llvm::raw_pwrite_stream*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/BackendUtil.cpp:720 #12 0x3a22662 in clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenAction.cpp:189:7 #13 0x4552ee4 in clang::ParseAST(clang::Sema&, bool, bool) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Parse/ParseAST.cpp:168:3 #14 0x3a1ef46 in clang::CodeGenAction::ExecuteAction() /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenAction.cpp:791:3 #15 0x311b56b in clang::FrontendAction::Execute() /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Frontend/FrontendAction.cpp:439:8 #16 0x306eae4 in clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Frontend/CompilerInstance.cpp:840:7 #17 0x32caf7c in clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:222:18 #18 0x7a3474 in cc1_main(llvm::ArrayRef<char const*>, char const*, void*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/cc1_main.cpp:116:13 #19 0x79e69d in ExecuteCC1Tool /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/driver.cpp:301:12 #20 0x79e69d in main /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/driver.cpp:366 #21 0x7fed425246ff in __libc_start_main (/lib64/libc.so.6+0x206ff) #22 0x6c3178 in _start (/export/users/amitrokh/llvm-sanitizer/binrt/bin/clang-3.8+0x6c3178) 0x6070000dcaf8 is located 56 bytes inside of 72-byte region [0x6070000dcac0,0x6070000dcb08) freed by thread T0 here: #0 0x794e40 in operator delete(void*) /export/users/amitrokh/llvm-sanitizer/llvm/projects/compiler-rt/lib/asan/asan_new_delete.cc:94 #1 0x171d11b in deleteNode /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/ADT/ilist.h:160:39 #2 0x171d11b in llvm::iplist<llvm::BasicBlock, llvm::SymbolTableListTraits<llvm::BasicBlock>>::erase(llvm::ilist_iterator<llvm::BasicBlock>)/export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/ADT/ilist.h:518 #3 0x102f422 in dupRetToEnableTailCallOpts /export/users/amitrokh/llvm-sanitizer/llvm/lib/CodeGen/CodeGenPrepare.cpp:2013:5 #4 0x102f422 in optimizeBlock /export/users/amitrokh/llvm-sanitizer/llvm/lib/CodeGen/CodeGenPrepare.cpp:5245 #5 0x102f422 in (anonymous namespace)::CodeGenPrepare::runOnFunction(llvm::Function&) /export/users/amitrokh/llvm-sanitizer/llvm/lib/CodeGen/CodeGenPrepare.cpp:262 #6 0x19b7398 in llvm::FPPassManager::runOnFunction(llvm::Function&) /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1550:23 #7 0x19b78e5 in llvm::FPPassManager::runOnModule(llvm::Module&) /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1571:16 #8 0x19b85f1 in runOnModule /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1627:23 #9 0x19b85f1 in llvm::legacy::PassManagerImpl::run(llvm::Module&) /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1730 #10 0x2761652 in EmitAssembly /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/BackendUtil.cpp:708:5 #11 0x2761652 in clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef, llvm::Module*, clang::BackendAction, llvm::raw_pwrite_stream*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/BackendUtil.cpp:720 #12 0x3a22662 in clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenAction.cpp:189:7 #13 0x4552ee4 in clang::ParseAST(clang::Sema&, bool, bool) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Parse/ParseAST.cpp:168:3 #14 0x3a1ef46 in clang::CodeGenAction::ExecuteAction() /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenAction.cpp:791:3 #15 0x311b56b in clang::FrontendAction::Execute() /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Frontend/FrontendAction.cpp:439:8 #16 0x306eae4 in clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Frontend/CompilerInstance.cpp:840:7 #17 0x32caf7c in clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:222:18 #18 0x7a3474 in cc1_main(llvm::ArrayRef<char const*>, char const*, void*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/cc1_main.cpp:116:13 #19 0x79e69d in ExecuteCC1Tool /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/driver.cpp:301:12 #20 0x79e69d in main /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/driver.cpp:366 #21 0x7fed425246ff in __libc_start_main (/lib64/libc.so.6+0x206ff) previously allocated by thread T0 here: #0 0x794840 in operator new(unsigned long) /export/users/amitrokh/llvm-sanitizer/llvm/projects/compiler-rt/lib/asan/asan_new_delete.cc:62 #1 0x2876154 in Create /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/IR/BasicBlock.h:94:12 #2 0x2876154 in createBasicBlock /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenFunction.h:1491 #3 0x2876154 in getJumpDestInCurrentScope /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenFunction.h:685 #4 0x2876154 in clang::CodeGen::CodeGenFunction::StartFunction(clang::GlobalDecl, clang::QualType, llvm::Function*, clang::CodeGen::CGFunctionInfo const&, clang::CodeGen::FunctionArgList const&, clang::SourceLocation, clang::SourceLocation) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenFunction.cpp:752 #5 0x287bac4 in clang::CodeGen::CodeGenFunction::GenerateCode(clang::GlobalDecl, llvm::Function*, clang::CodeGen::CGFunctionInfo const&) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenFunction.cpp:972:3 #6 0x28b6480 in clang::CodeGen::CodeGenModule::EmitGlobalFunctionDefinition(clang::GlobalDecl, llvm::GlobalValue*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenModule.cpp:2739:3 #7 0x28aac97 in clang::CodeGen::CodeGenModule::EmitGlobalDefinition(clang::GlobalDecl, llvm::GlobalValue*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenModule.cpp:1721:9 #8 0x28b278b in clang::CodeGen::CodeGenModule::EmitGlobal(clang::GlobalDecl) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenModule.cpp:1547:5 #9 0x28bb5bb in clang::CodeGen::CodeGenModule::EmitTopLevelDecl(clang::Decl*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenModule.cpp:3508:5 #10 0x3a247bd in (anonymous namespace)::CodeGeneratorImpl::HandleTopLevelDecl(clang::DeclGroupRef) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/ModuleBuilder.cpp:125:9 #11 0x3a21c09 in clang::BackendConsumer::HandleTopLevelDecl(clang::DeclGroupRef) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenAction.cpp:118:7 #12 0x4552dc8 in clang::ParseAST(clang::Sema&, bool, bool) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Parse/ParseAST.cpp:159:21 #13 0x3a1ef46 in clang::CodeGenAction::ExecuteAction() /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenAction.cpp:791:3 #14 0x311b56b in clang::FrontendAction::Execute() /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Frontend/FrontendAction.cpp:439:8 #15 0x306eae4 in clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Frontend/CompilerInstance.cpp:840:7 #16 0x32caf7c in clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:222:18 #17 0x7a3474 in cc1_main(llvm::ArrayRef<char const*>, char const*, void*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/cc1_main.cpp:116:13 #18 0x79e69d in ExecuteCC1Tool /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/driver.cpp:301:12 #19 0x79e69d in main /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/driver.cpp:366 #20 0x7fed425246ff in __libc_start_main (/lib64/libc.so.6+0x206ff) SUMMARY: AddressSanitizer: heap-use-after-free /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/ADT/ilist.h:410:21 in begin Shadow bytes around the buggy address: 0x0c0e80013900: fa fa fa fa fd fd fd fd fd fd fd fd fd fa fa fa 0x0c0e80013910: fa fa fd fd fd fd fd fd fd fd fd fa fa fa fa fa 0x0c0e80013920: fd fd fd fd fd fd fd fd fd fa fa fa fa fa 00 00 0x0c0e80013930: 00 00 00 00 00 00 00 fa fa fa fa fa fd fd fd fd 0x0c0e80013940: fd fd fd fd fd fa fa fa fa fa 00 00 00 00 00 00 =>0x0c0e80013950: 00 00 00 fa fa fa fa fa fd fd fd fd fd fd fd[fd] 0x0c0e80013960: fd fa fa fa fa fa 00 00 00 00 00 00 00 00 00 fa 0x0c0e80013970: fa fa fa fa fd fd fd fd fd fd fd fd fd fa fa fa 0x0c0e80013980: fa fa fd fd fd fd fd fd fd fd fd fa fa fa fa fa 0x0c0e80013990: fd fd fd fd fd fd fd fd fd fa fa fa fa fa fd fd 0x0c0e800139a0: fd fd fd fd fd fd fd fa fa fa fa fa fd fd fd fd Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==32315==ABORTING -------------- next part -------------- An HTML attachment was scrubbed... URL: <lists.llvm.org/pipermail/llvm-dev/attachments/20160122/0cc8fcab/attachment.html>
Reid Kleckner via llvm-dev
2016-Jan-22 18:51 UTC
[llvm-dev] Clang 3.8 fails with asan enabled
Thanks for the report! Looks like CGP has an iterator invalidation issue. Usually when clang crashes, it pre-processes the source code and creates a .ii file in /tmp. The file name should be printed out after the ASan report. Can you make that available somewhere? That will save us the time of building ispc. (As a buganizer attachment, dropbox link, whatever.) On Fri, Jan 22, 2016 at 6:06 AM, Dmitry Babokin via llvm-dev < llvm-dev at lists.llvm.org> wrote:> Kostya, all, > > I'm trying to build my project by clang 3.8rc1 with enabled asan (clang > itself is address sanitized) and it fails on several files from my project > (ISPC, github.com/ispc/ispc). I've reproduced this on MacOS and > Linux. > > Please let me know if you need any other info. > > How to reproduce: > 1) Build address sanitized clang 3.8rc1: > > cd /path-to-working-dir > svn co llvm.org/svn/llvm-project/llvm/tags/RELEASE_380/rc1 llvm > cd llvm/tools > svn co llvm.org/svn/llvm-project/cfe/tags/RELEASE_380/rc1 clang > cd clang/tools > svn co > llvm.org/svn/llvm-project/clang-tools-extra/tags/RELEASE_380/rc1 > extra > cd ../../../projects > svn co llvm.org/svn/llvm-project/compiler-rt/tags/RELEASE_380/rc1 > compiler-rt > cd ../.. > mkdir build bin > cd build > cmake -G Ninja -DCMAKE_EXPORT_COMPILE_COMMANDS=ON > -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=../bin > -DLLVM_TARGETS_TO_BUILD=X86 ../llvm/ -DLLVM_ENABLE_ASSERTIONS=ON > ninja > ninja install > > mkdir buildrt binrt > cd buildrt > > # Build clang with sanitizer with clang we just built: > cmake -G Ninja -DCMAKE_CXX_COMPILER=../bin/bin/clang++ > -DCMAKE_C_COMPILER=../bin/bin/clang -DCMAKE_EXPORT_COMPILE_COMMANDS=ON > -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=../binrt > -DLLVM_TARGETS_TO_BUILD=X86 ../llvm/ -DLLVM_ENABLE_ASSERTIONS=ON > -DLLVM_USE_SANITIZER=Address > ninja > ninja install > > export PATH=/path-to-working-dir/binrt/bin/:$PATH # add clang with > sanitizer to PATH > > 2) Try building ISPC. Note, if it doesn't build out of the box and > requires some dependancies, just run compile commands for expr.cpp and > type.cpp (see below). > > git clone github.com/ispc/ispc > cd ispc > > # Both compilation strings emit clang address sanitizer error: > > clang++ $(llvm-config --cxxflags) expr.cpp -c -DLLVM_3_8 -O2 > clang++ $(llvm-config --cxxflags) type.cpp -c -DLLVM_3_8 -O2 > > Output (for type.cpp): > ================================================================> ==32315==ERROR: AddressSanitizer: heap-use-after-free on address > 0x6070000dcaf8 at pc 0x000001034f98 bp 0x7ffca5cbf850 sp 0x7ffca5cbf848 > READ of size 8 at 0x6070000dcaf8 thread T0 > #0 0x1034f97 in begin > /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/ADT/ilist.h:410:21 > #1 0x1034f97 in begin > /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/IR/BasicBlock.h:219 > #2 0x1034f97 in begin<llvm::BasicBlock> > /usr/lib/gcc/x86_64-redhat-linux/5.1.1/../../../../include/c++/5.1.1/bits/range_access.h:49 > #3 0x1034f97 in reverse<llvm::BasicBlock &> > /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/ADT/STLExtras.h:231 > #4 0x1034f97 in optimizeBlock > /export/users/amitrokh/llvm-sanitizer/llvm/lib/CodeGen/CodeGenPrepare.cpp:5250 > #5 0x1034f97 in (anonymous > namespace)::CodeGenPrepare::runOnFunction(llvm::Function&) > /export/users/amitrokh/llvm-sanitizer/llvm/lib/CodeGen/CodeGenPrepare.cpp:262 > #6 0x19b7398 in llvm::FPPassManager::runOnFunction(llvm::Function&) > /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1550:23 > #7 0x19b78e5 in llvm::FPPassManager::runOnModule(llvm::Module&) > /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1571:16 > #8 0x19b85f1 in runOnModule > /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1627:23 > #9 0x19b85f1 in llvm::legacy::PassManagerImpl::run(llvm::Module&) > /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1730 > #10 0x2761652 in EmitAssembly > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/BackendUtil.cpp:708:5 > #11 0x2761652 in clang::EmitBackendOutput(clang::DiagnosticsEngine&, > clang::CodeGenOptions const&, clang::TargetOptions const&, > clang::LangOptions const&, llvm::StringRef, llvm::Module*, > clang::BackendAction, llvm::raw_pwrite_stream*) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/BackendUtil.cpp:720 > #12 0x3a22662 in > clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenAction.cpp:189:7 > #13 0x4552ee4 in clang::ParseAST(clang::Sema&, bool, bool) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Parse/ParseAST.cpp:168:3 > #14 0x3a1ef46 in clang::CodeGenAction::ExecuteAction() > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenAction.cpp:791:3 > #15 0x311b56b in clang::FrontendAction::Execute() > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Frontend/FrontendAction.cpp:439:8 > #16 0x306eae4 in > clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Frontend/CompilerInstance.cpp:840:7 > #17 0x32caf7c in > clang::ExecuteCompilerInvocation(clang::CompilerInstance*) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:222:18 > #18 0x7a3474 in cc1_main(llvm::ArrayRef<char const*>, char const*, > void*) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/cc1_main.cpp:116:13 > #19 0x79e69d in ExecuteCC1Tool > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/driver.cpp:301:12 > #20 0x79e69d in main > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/driver.cpp:366 > #21 0x7fed425246ff in __libc_start_main (/lib64/libc.so.6+0x206ff) > #22 0x6c3178 in _start > (/export/users/amitrokh/llvm-sanitizer/binrt/bin/clang-3.8+0x6c3178) > > 0x6070000dcaf8 is located 56 bytes inside of 72-byte region > [0x6070000dcac0,0x6070000dcb08) > freed by thread T0 here: > #0 0x794e40 in operator delete(void*) > /export/users/amitrokh/llvm-sanitizer/llvm/projects/compiler-rt/lib/asan/asan_new_delete.cc:94 > #1 0x171d11b in deleteNode > /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/ADT/ilist.h:160:39 > #2 0x171d11b in llvm::iplist<llvm::BasicBlock, > llvm::SymbolTableListTraits<llvm::BasicBlock> > >::erase(llvm::ilist_iterator<llvm::BasicBlock>) > /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/ADT/ilist.h:518 > #3 0x102f422 in dupRetToEnableTailCallOpts > /export/users/amitrokh/llvm-sanitizer/llvm/lib/CodeGen/CodeGenPrepare.cpp:2013:5 > #4 0x102f422 in optimizeBlock > /export/users/amitrokh/llvm-sanitizer/llvm/lib/CodeGen/CodeGenPrepare.cpp:5245 > #5 0x102f422 in (anonymous > namespace)::CodeGenPrepare::runOnFunction(llvm::Function&) > /export/users/amitrokh/llvm-sanitizer/llvm/lib/CodeGen/CodeGenPrepare.cpp:262 > #6 0x19b7398 in llvm::FPPassManager::runOnFunction(llvm::Function&) > /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1550:23 > #7 0x19b78e5 in llvm::FPPassManager::runOnModule(llvm::Module&) > /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1571:16 > #8 0x19b85f1 in runOnModule > /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1627:23 > #9 0x19b85f1 in llvm::legacy::PassManagerImpl::run(llvm::Module&) > /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1730 > #10 0x2761652 in EmitAssembly > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/BackendUtil.cpp:708:5 > #11 0x2761652 in clang::EmitBackendOutput(clang::DiagnosticsEngine&, > clang::CodeGenOptions const&, clang::TargetOptions const&, > clang::LangOptions const&, llvm::StringRef, llvm::Module*, > clang::BackendAction, llvm::raw_pwrite_stream*) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/BackendUtil.cpp:720 > #12 0x3a22662 in > clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenAction.cpp:189:7 > #13 0x4552ee4 in clang::ParseAST(clang::Sema&, bool, bool) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Parse/ParseAST.cpp:168:3 > #14 0x3a1ef46 in clang::CodeGenAction::ExecuteAction() > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenAction.cpp:791:3 > #15 0x311b56b in clang::FrontendAction::Execute() > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Frontend/FrontendAction.cpp:439:8 > #16 0x306eae4 in > clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Frontend/CompilerInstance.cpp:840:7 > #17 0x32caf7c in > clang::ExecuteCompilerInvocation(clang::CompilerInstance*) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:222:18 > #18 0x7a3474 in cc1_main(llvm::ArrayRef<char const*>, char const*, > void*) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/cc1_main.cpp:116:13 > #19 0x79e69d in ExecuteCC1Tool > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/driver.cpp:301:12 > #20 0x79e69d in main > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/driver.cpp:366 > #21 0x7fed425246ff in __libc_start_main (/lib64/libc.so.6+0x206ff) > > previously allocated by thread T0 here: > #0 0x794840 in operator new(unsigned long) > /export/users/amitrokh/llvm-sanitizer/llvm/projects/compiler-rt/lib/asan/asan_new_delete.cc:62 > #1 0x2876154 in Create > /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/IR/BasicBlock.h:94:12 > #2 0x2876154 in createBasicBlock > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenFunction.h:1491 > #3 0x2876154 in getJumpDestInCurrentScope > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenFunction.h:685 > #4 0x2876154 in > clang::CodeGen::CodeGenFunction::StartFunction(clang::GlobalDecl, > clang::QualType, llvm::Function*, clang::CodeGen::CGFunctionInfo const&, > clang::CodeGen::FunctionArgList const&, clang::SourceLocation, > clang::SourceLocation) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenFunction.cpp:752 > #5 0x287bac4 in > clang::CodeGen::CodeGenFunction::GenerateCode(clang::GlobalDecl, > llvm::Function*, clang::CodeGen::CGFunctionInfo const&) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenFunction.cpp:972:3 > #6 0x28b6480 in > clang::CodeGen::CodeGenModule::EmitGlobalFunctionDefinition(clang::GlobalDecl, > llvm::GlobalValue*) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenModule.cpp:2739:3 > #7 0x28aac97 in > clang::CodeGen::CodeGenModule::EmitGlobalDefinition(clang::GlobalDecl, > llvm::GlobalValue*) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenModule.cpp:1721:9 > #8 0x28b278b in > clang::CodeGen::CodeGenModule::EmitGlobal(clang::GlobalDecl) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenModule.cpp:1547:5 > #9 0x28bb5bb in > clang::CodeGen::CodeGenModule::EmitTopLevelDecl(clang::Decl*) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenModule.cpp:3508:5 > #10 0x3a247bd in (anonymous > namespace)::CodeGeneratorImpl::HandleTopLevelDecl(clang::DeclGroupRef) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/ModuleBuilder.cpp:125:9 > #11 0x3a21c09 in > clang::BackendConsumer::HandleTopLevelDecl(clang::DeclGroupRef) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenAction.cpp:118:7 > #12 0x4552dc8 in clang::ParseAST(clang::Sema&, bool, bool) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Parse/ParseAST.cpp:159:21 > #13 0x3a1ef46 in clang::CodeGenAction::ExecuteAction() > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenAction.cpp:791:3 > #14 0x311b56b in clang::FrontendAction::Execute() > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Frontend/FrontendAction.cpp:439:8 > #15 0x306eae4 in > clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Frontend/CompilerInstance.cpp:840:7 > #16 0x32caf7c in > clang::ExecuteCompilerInvocation(clang::CompilerInstance*) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:222:18 > #17 0x7a3474 in cc1_main(llvm::ArrayRef<char const*>, char const*, > void*) > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/cc1_main.cpp:116:13 > #18 0x79e69d in ExecuteCC1Tool > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/driver.cpp:301:12 > #19 0x79e69d in main > /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/driver.cpp:366 > #20 0x7fed425246ff in __libc_start_main (/lib64/libc.so.6+0x206ff) > > SUMMARY: AddressSanitizer: heap-use-after-free > /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/ADT/ilist.h:410:21 > in begin > Shadow bytes around the buggy address: > 0x0c0e80013900: fa fa fa fa fd fd fd fd fd fd fd fd fd fa fa fa > 0x0c0e80013910: fa fa fd fd fd fd fd fd fd fd fd fa fa fa fa fa > 0x0c0e80013920: fd fd fd fd fd fd fd fd fd fa fa fa fa fa 00 00 > 0x0c0e80013930: 00 00 00 00 00 00 00 fa fa fa fa fa fd fd fd fd > 0x0c0e80013940: fd fd fd fd fd fa fa fa fa fa 00 00 00 00 00 00 > =>0x0c0e80013950: 00 00 00 fa fa fa fa fa fd fd fd fd fd fd fd[fd] > 0x0c0e80013960: fd fa fa fa fa fa 00 00 00 00 00 00 00 00 00 fa > 0x0c0e80013970: fa fa fa fa fd fd fd fd fd fd fd fd fd fa fa fa > 0x0c0e80013980: fa fa fd fd fd fd fd fd fd fd fd fa fa fa fa fa > 0x0c0e80013990: fd fd fd fd fd fd fd fd fd fa fa fa fa fa fd fd > 0x0c0e800139a0: fd fd fd fd fd fd fd fa fa fa fa fa fd fd fd fd > Shadow byte legend (one shadow byte represents 8 application bytes): > Addressable: 00 > Partially addressable: 01 02 03 04 05 06 07 > Heap left redzone: fa > Heap right redzone: fb > Freed heap region: fd > Stack left redzone: f1 > Stack mid redzone: f2 > Stack right redzone: f3 > Stack partial redzone: f4 > Stack after return: f5 > Stack use after scope: f8 > Global redzone: f9 > Global init order: f6 > Poisoned by user: f7 > Container overflow: fc > Array cookie: ac > Intra object redzone: bb > ASan internal: fe > Left alloca redzone: ca > Right alloca redzone: cb > ==32315==ABORTING > > _______________________________________________ > LLVM Developers mailing list > llvm-dev at lists.llvm.org > lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev > >-------------- next part -------------- An HTML attachment was scrubbed... URL: <lists.llvm.org/pipermail/llvm-dev/attachments/20160122/61c85bfc/attachment.html>
Dimitry Andric via llvm-dev
2016-Jan-22 20:28 UTC
[llvm-dev] Clang 3.8 fails with asan enabled
Hi Reid and Dmitry, I also reported the same issue on the llvm-commits mailing list [1], because I ran into it while testing the most recent release_38 branch. James Molloy fixed this in a followup commit [2], which has now been merged into the release_38 branch [3]. -Dimitry [1] lists.llvm.org/pipermail/llvm-commits/Week-of-Mon-20160118/326938.html <lists.llvm.org/pipermail/llvm-commits/Week-of-Mon-20160118/326938.html> [2] llvm.org/viewvc/llvm-project?view=revision&revision=257886 <llvm.org/viewvc/llvm-project?view=revision&revision=257886> [3] llvm.org/viewvc/llvm-project?view=revision&revision=258510 <llvm.org/viewvc/llvm-project?view=revision&revision=258510>> On 22 Jan 2016, at 19:51, Reid Kleckner via llvm-dev <llvm-dev at lists.llvm.org> wrote: > > Thanks for the report! Looks like CGP has an iterator invalidation issue. > > Usually when clang crashes, it pre-processes the source code and creates a .ii file in /tmp. The file name should be printed out after the ASan report. Can you make that available somewhere? That will save us the time of building ispc. (As a buganizer attachment, dropbox link, whatever.) > > On Fri, Jan 22, 2016 at 6:06 AM, Dmitry Babokin via llvm-dev <llvm-dev at lists.llvm.org <mailto:llvm-dev at lists.llvm.org>> wrote: > Kostya, all, > > I'm trying to build my project by clang 3.8rc1 with enabled asan (clang itself is address sanitized) and it fails on several files from my project (ISPC, github.com/ispc/ispc <github.com/ispc/ispc>). I've reproduced this on MacOS and Linux. > > Please let me know if you need any other info. > > How to reproduce: > 1) Build address sanitized clang 3.8rc1: > > cd /path-to-working-dir > svn co llvm.org/svn/llvm-project/llvm/tags/RELEASE_380/rc1 <llvm.org/svn/llvm-project/llvm/tags/RELEASE_380/rc1> llvm > cd llvm/tools > svn co llvm.org/svn/llvm-project/cfe/tags/RELEASE_380/rc1 <llvm.org/svn/llvm-project/cfe/tags/RELEASE_380/rc1> clang > cd clang/tools > svn co llvm.org/svn/llvm-project/clang-tools-extra/tags/RELEASE_380/rc1 <llvm.org/svn/llvm-project/clang-tools-extra/tags/RELEASE_380/rc1> extra > cd ../../../projects > svn co llvm.org/svn/llvm-project/compiler-rt/tags/RELEASE_380/rc1 <llvm.org/svn/llvm-project/compiler-rt/tags/RELEASE_380/rc1> compiler-rt > cd ../.. > mkdir build bin > cd build > cmake -G Ninja -DCMAKE_EXPORT_COMPILE_COMMANDS=ON -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=../bin -DLLVM_TARGETS_TO_BUILD=X86 ../llvm/ -DLLVM_ENABLE_ASSERTIONS=ON > ninja > ninja install > > mkdir buildrt binrt > cd buildrt > > # Build clang with sanitizer with clang we just built: > cmake -G Ninja -DCMAKE_CXX_COMPILER=../bin/bin/clang++ -DCMAKE_C_COMPILER=../bin/bin/clang -DCMAKE_EXPORT_COMPILE_COMMANDS=ON -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=../binrt -DLLVM_TARGETS_TO_BUILD=X86 ../llvm/ -DLLVM_ENABLE_ASSERTIONS=ON -DLLVM_USE_SANITIZER=Address > ninja > ninja install > > export PATH=/path-to-working-dir/binrt/bin/:$PATH # add clang with sanitizer to PATH > > 2) Try building ISPC. Note, if it doesn't build out of the box and requires some dependancies, just run compile commands for expr.cpp and type.cpp (see below). > > git clone github.com/ispc/ispc <github.com/ispc/ispc> > cd ispc > > # Both compilation strings emit clang address sanitizer error: > > clang++ $(llvm-config --cxxflags) expr.cpp -c -DLLVM_3_8 -O2 > clang++ $(llvm-config --cxxflags) type.cpp -c -DLLVM_3_8 -O2 > > Output (for type.cpp): > ================================================================> ==32315==ERROR: AddressSanitizer: heap-use-after-free on address 0x6070000dcaf8 at pc 0x000001034f98 bp 0x7ffca5cbf850 sp 0x7ffca5cbf848 > READ of size 8 at 0x6070000dcaf8 thread T0 > #0 0x1034f97 in begin /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/ADT/ilist.h:410:21 > #1 0x1034f97 in begin /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/IR/BasicBlock.h:219 > #2 0x1034f97 in begin<llvm::BasicBlock> /usr/lib/gcc/x86_64-redhat-linux/5.1.1/../../../../include/c++/5.1.1/bits/range_access.h:49 > #3 0x1034f97 in reverse<llvm::BasicBlock &> /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/ADT/STLExtras.h:231 > #4 0x1034f97 in optimizeBlock /export/users/amitrokh/llvm-sanitizer/llvm/lib/CodeGen/CodeGenPrepare.cpp:5250 > #5 0x1034f97 in (anonymous namespace)::CodeGenPrepare::runOnFunction(llvm::Function&) /export/users/amitrokh/llvm-sanitizer/llvm/lib/CodeGen/CodeGenPrepare.cpp:262 > #6 0x19b7398 in llvm::FPPassManager::runOnFunction(llvm::Function&) /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1550:23 > #7 0x19b78e5 in llvm::FPPassManager::runOnModule(llvm::Module&) /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1571:16 > #8 0x19b85f1 in runOnModule /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1627:23 > #9 0x19b85f1 in llvm::legacy::PassManagerImpl::run(llvm::Module&) /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1730 > #10 0x2761652 in EmitAssembly /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/BackendUtil.cpp:708:5 > #11 0x2761652 in clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef, llvm::Module*, clang::BackendAction, llvm::raw_pwrite_stream*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/BackendUtil.cpp:720 > #12 0x3a22662 in clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenAction.cpp:189:7 > #13 0x4552ee4 in clang::ParseAST(clang::Sema&, bool, bool) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Parse/ParseAST.cpp:168:3 > #14 0x3a1ef46 in clang::CodeGenAction::ExecuteAction() /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenAction.cpp:791:3 > #15 0x311b56b in clang::FrontendAction::Execute() /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Frontend/FrontendAction.cpp:439:8 > #16 0x306eae4 in clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Frontend/CompilerInstance.cpp:840:7 > #17 0x32caf7c in clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:222:18 > #18 0x7a3474 in cc1_main(llvm::ArrayRef<char const*>, char const*, void*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/cc1_main.cpp:116:13 > #19 0x79e69d in ExecuteCC1Tool /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/driver.cpp:301:12 > #20 0x79e69d in main /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/driver.cpp:366 > #21 0x7fed425246ff in __libc_start_main (/lib64/libc.so.6+0x206ff) > #22 0x6c3178 in _start (/export/users/amitrokh/llvm-sanitizer/binrt/bin/clang-3.8+0x6c3178) > > 0x6070000dcaf8 is located 56 bytes inside of 72-byte region [0x6070000dcac0,0x6070000dcb08) > freed by thread T0 here: > #0 0x794e40 in operator delete(void*) /export/users/amitrokh/llvm-sanitizer/llvm/projects/compiler-rt/lib/asan/asan_new_delete.cc:94 > #1 0x171d11b in deleteNode /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/ADT/ilist.h:160:39 > #2 0x171d11b in llvm::iplist<llvm::BasicBlock, llvm::SymbolTableListTraits<llvm::BasicBlock> >::erase(llvm::ilist_iterator<llvm::BasicBlock>) /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/ADT/ilist.h:518 > #3 0x102f422 in dupRetToEnableTailCallOpts /export/users/amitrokh/llvm-sanitizer/llvm/lib/CodeGen/CodeGenPrepare.cpp:2013:5 > #4 0x102f422 in optimizeBlock /export/users/amitrokh/llvm-sanitizer/llvm/lib/CodeGen/CodeGenPrepare.cpp:5245 > #5 0x102f422 in (anonymous namespace)::CodeGenPrepare::runOnFunction(llvm::Function&) /export/users/amitrokh/llvm-sanitizer/llvm/lib/CodeGen/CodeGenPrepare.cpp:262 > #6 0x19b7398 in llvm::FPPassManager::runOnFunction(llvm::Function&) /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1550:23 > #7 0x19b78e5 in llvm::FPPassManager::runOnModule(llvm::Module&) /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1571:16 > #8 0x19b85f1 in runOnModule /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1627:23 > #9 0x19b85f1 in llvm::legacy::PassManagerImpl::run(llvm::Module&) /export/users/amitrokh/llvm-sanitizer/llvm/lib/IR/LegacyPassManager.cpp:1730 > #10 0x2761652 in EmitAssembly /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/BackendUtil.cpp:708:5 > #11 0x2761652 in clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef, llvm::Module*, clang::BackendAction, llvm::raw_pwrite_stream*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/BackendUtil.cpp:720 > #12 0x3a22662 in clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenAction.cpp:189:7 > #13 0x4552ee4 in clang::ParseAST(clang::Sema&, bool, bool) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Parse/ParseAST.cpp:168:3 > #14 0x3a1ef46 in clang::CodeGenAction::ExecuteAction() /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenAction.cpp:791:3 > #15 0x311b56b in clang::FrontendAction::Execute() /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Frontend/FrontendAction.cpp:439:8 > #16 0x306eae4 in clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Frontend/CompilerInstance.cpp:840:7 > #17 0x32caf7c in clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:222:18 > #18 0x7a3474 in cc1_main(llvm::ArrayRef<char const*>, char const*, void*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/cc1_main.cpp:116:13 > #19 0x79e69d in ExecuteCC1Tool /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/driver.cpp:301:12 > #20 0x79e69d in main /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/driver.cpp:366 > #21 0x7fed425246ff in __libc_start_main (/lib64/libc.so.6+0x206ff) > > previously allocated by thread T0 here: > #0 0x794840 in operator new(unsigned long) /export/users/amitrokh/llvm-sanitizer/llvm/projects/compiler-rt/lib/asan/asan_new_delete.cc:62 > #1 0x2876154 in Create /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/IR/BasicBlock.h:94:12 > #2 0x2876154 in createBasicBlock /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenFunction.h:1491 > #3 0x2876154 in getJumpDestInCurrentScope /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenFunction.h:685 > #4 0x2876154 in clang::CodeGen::CodeGenFunction::StartFunction(clang::GlobalDecl, clang::QualType, llvm::Function*, clang::CodeGen::CGFunctionInfo const&, clang::CodeGen::FunctionArgList const&, clang::SourceLocation, clang::SourceLocation) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenFunction.cpp:752 > #5 0x287bac4 in clang::CodeGen::CodeGenFunction::GenerateCode(clang::GlobalDecl, llvm::Function*, clang::CodeGen::CGFunctionInfo const&) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenFunction.cpp:972:3 > #6 0x28b6480 in clang::CodeGen::CodeGenModule::EmitGlobalFunctionDefinition(clang::GlobalDecl, llvm::GlobalValue*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenModule.cpp:2739:3 > #7 0x28aac97 in clang::CodeGen::CodeGenModule::EmitGlobalDefinition(clang::GlobalDecl, llvm::GlobalValue*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenModule.cpp:1721:9 > #8 0x28b278b in clang::CodeGen::CodeGenModule::EmitGlobal(clang::GlobalDecl) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenModule.cpp:1547:5 > #9 0x28bb5bb in clang::CodeGen::CodeGenModule::EmitTopLevelDecl(clang::Decl*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenModule.cpp:3508:5 > #10 0x3a247bd in (anonymous namespace)::CodeGeneratorImpl::HandleTopLevelDecl(clang::DeclGroupRef) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/ModuleBuilder.cpp:125:9 > #11 0x3a21c09 in clang::BackendConsumer::HandleTopLevelDecl(clang::DeclGroupRef) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenAction.cpp:118:7 > #12 0x4552dc8 in clang::ParseAST(clang::Sema&, bool, bool) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Parse/ParseAST.cpp:159:21 > #13 0x3a1ef46 in clang::CodeGenAction::ExecuteAction() /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/CodeGen/CodeGenAction.cpp:791:3 > #14 0x311b56b in clang::FrontendAction::Execute() /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Frontend/FrontendAction.cpp:439:8 > #15 0x306eae4 in clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/Frontend/CompilerInstance.cpp:840:7 > #16 0x32caf7c in clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:222:18 > #17 0x7a3474 in cc1_main(llvm::ArrayRef<char const*>, char const*, void*) /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/cc1_main.cpp:116:13 > #18 0x79e69d in ExecuteCC1Tool /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/driver.cpp:301:12 > #19 0x79e69d in main /export/users/amitrokh/llvm-sanitizer/llvm/tools/clang/tools/driver/driver.cpp:366 > #20 0x7fed425246ff in __libc_start_main (/lib64/libc.so.6+0x206ff) > > SUMMARY: AddressSanitizer: heap-use-after-free /export/users/amitrokh/llvm-sanitizer/llvm/include/llvm/ADT/ilist.h:410:21 in begin > Shadow bytes around the buggy address: > 0x0c0e80013900: fa fa fa fa fd fd fd fd fd fd fd fd fd fa fa fa > 0x0c0e80013910: fa fa fd fd fd fd fd fd fd fd fd fa fa fa fa fa > 0x0c0e80013920: fd fd fd fd fd fd fd fd fd fa fa fa fa fa 00 00 > 0x0c0e80013930: 00 00 00 00 00 00 00 fa fa fa fa fa fd fd fd fd > 0x0c0e80013940: fd fd fd fd fd fa fa fa fa fa 00 00 00 00 00 00 > =>0x0c0e80013950: 00 00 00 fa fa fa fa fa fd fd fd fd fd fd fd[fd] > 0x0c0e80013960: fd fa fa fa fa fa 00 00 00 00 00 00 00 00 00 fa > 0x0c0e80013970: fa fa fa fa fd fd fd fd fd fd fd fd fd fa fa fa > 0x0c0e80013980: fa fa fd fd fd fd fd fd fd fd fd fa fa fa fa fa > 0x0c0e80013990: fd fd fd fd fd fd fd fd fd fa fa fa fa fa fd fd > 0x0c0e800139a0: fd fd fd fd fd fd fd fa fa fa fa fa fd fd fd fd > Shadow byte legend (one shadow byte represents 8 application bytes): > Addressable: 00 > Partially addressable: 01 02 03 04 05 06 07 > Heap left redzone: fa > Heap right redzone: fb > Freed heap region: fd > Stack left redzone: f1 > Stack mid redzone: f2 > Stack right redzone: f3 > Stack partial redzone: f4 > Stack after return: f5 > Stack use after scope: f8 > Global redzone: f9 > Global init order: f6 > Poisoned by user: f7 > Container overflow: fc > Array cookie: ac > Intra object redzone: bb > ASan internal: fe > Left alloca redzone: ca > Right alloca redzone: cb > ==32315==ABORTING > > _______________________________________________ > LLVM Developers mailing list > llvm-dev at lists.llvm.org <mailto:llvm-dev at lists.llvm.org> > lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev <lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev> > > > _______________________________________________ > LLVM Developers mailing list > llvm-dev at lists.llvm.org > lists.llvm.org/cgi-bin/mailman/listinfo/llvm-dev-------------- next part -------------- An HTML attachment was scrubbed... URL: <lists.llvm.org/pipermail/llvm-dev/attachments/20160122/e215c730/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 194 bytes Desc: Message signed with OpenPGP using GPGMail URL: <lists.llvm.org/pipermail/llvm-dev/attachments/20160122/e215c730/attachment.sig>
Reasonably Related Threads
- [LLVMdev] Crash on invalid during LLVMContext destruction MDNode::dropAllReferences
- [LLVMdev] Crash on invalid during LLVMContext destruction MDNode::dropAllReferences
- Orc JIT v2 breaks OpenMP in 11.x branch?
- Orc JIT v2 breaks OpenMP in 11.x branch?
- [EXTERNAL] Re: Orc JIT v2 breaks OpenMP in 11.x branch?