mrdocs
mrdocs copied to clipboard
cppalliance
Investigate LLVM Asan failure
In the test matrix, Asan (building GCC with -fsanitize=address -static-libasan) had to be removed as a factor because of an error in clang/AST/Decl.h. We have no direct control over that.
Maybe there's a chance the error is being triggered
- because of the way LLVM interacts with the library or
- because LLVM needs to be built with Asan instrumentation.
We need to better investigate this.
(To run tests with "Asan", just include "Asan" after gcc in the latest-factors or factors inputs. Everything else is set up. The distinction between latest-factors and factors doesn't make much of a difference in this case because we just have one version of GCC being tested.)
I'm pretty sure the AST is being created with FrontendOptions::DisableFree set to true; I haven't looked into what this does exactly, but it sounds like just the thing that would set LeakSanitizer off
That's valuable information. You guys have much more context to infer what could be going wrong here.
Here's the complete error
=================================================================
==9035==ERROR: AddressSanitizer: use-after-poison on address 0x6210003d43a0 at pc 0x0000005d962b bp 0x7ffc79caf520 sp 0x7ffc79caf518
READ of size 8 at 0x6210003d43a0 thread T0
#0 0x5d962a in clang::ValueDecl::getType() const /usr/local/include/clang/AST/Decl.h:712
#1 0x5da065 in clang::FunctionDecl::getReturnType() const /usr/local/include/clang/AST/Decl.h:2637
#2 0x1684c0a in clang::Sema::ActOnFunctionDeclarator(clang::Scope*, clang::Declarator&, clang::DeclContext*, clang::TypeSourceInfo*, clang::LookupResult&, llvm::MutableArrayRef<clang::TemplateParameterList*>, bool&) (/__w/mrdox/mrdox/build/mrdox+0x1684c0a)
#3 0x1689007 in clang::Sema::HandleDeclarator(clang::Scope*, clang::Declarator&, llvm::MutableArrayRef<clang::TemplateParameterList*>) [clone .localalias] (/__w/mrdox/mrdox/build/mrdox+0x1689007)
#4 0x173c98e in clang::Sema::ActOnCXXMemberDeclarator(clang::Scope*, clang::AccessSpecifier, clang::Declarator&, llvm::MutableArrayRef<clang::TemplateParameterList*>, clang::Expr*, clang::VirtSpecifiers const&, clang::InClassInitStyle) (/__w/mrdox/mrdox/build/mrdox+0x173c98e)
#5 0x10742c8 in clang::Parser::ParseCXXClassMemberDeclaration(clang::AccessSpecifier, clang::ParsedAttributes&, clang::Parser::ParsedTemplateInfo const&, clang::ParsingDeclRAIIObject*) [clone .localalias] (/__w/mrdox/mrdox/build/mrdox+0x10742c8)
#6 0x1076b81 in clang::Parser::ParseCXXClassMemberDeclarationWithPragmas(clang::AccessSpecifier&, clang::ParsedAttributes&, clang::TypeSpecifierType, clang::Decl*) (/__w/mrdox/mrdox/build/mrdox+0x1076b81)
#7 0x107718e in clang::Parser::ParseCXXMemberSpecification(clang::SourceLocation, clang::SourceLocation, clang::ParsedAttributes&, unsigned int, clang::Decl*) (/__w/mrdox/mrdox/build/mrdox+0x107718e)
#8 0x10793ab in clang::Parser::ParseClassSpecifier(clang::tok::TokenKind, clang::SourceLocation, clang::DeclSpec&, clang::Parser::ParsedTemplateInfo const&, clang::AccessSpecifier, bool, clang::Parser::DeclSpecContext, clang::ParsedAttributes&) (/__w/mrdox/mrdox/build/mrdox+0x10793ab)
#9 0x10484f9 in clang::Parser::ParseDeclarationSpecifiers(clang::DeclSpec&, clang::Parser::ParsedTemplateInfo const&, clang::AccessSpecifier, clang::Parser::DeclSpecContext, clang::Parser::LateParsedAttrList*, clang::ImplicitTypenameContext) (/__w/mrdox/mrdox/build/mrdox+0x10484f9)
#10 0x1021ba5 in clang::Parser::ParseDeclOrFunctionDefInternal(clang::ParsedAttributes&, clang::ParsedAttributes&, clang::ParsingDeclSpec&, clang::AccessSpecifier) (/__w/mrdox/mrdox/build/mrdox+0x1021ba5)
#11 0x1022a0e in clang::Parser::ParseDeclarationOrFunctionDefinition(clang::ParsedAttributes&, clang::ParsedAttributes&, clang::ParsingDeclSpec*, clang::AccessSpecifier) [clone .part.0] (/__w/mrdox/mrdox/build/mrdox+0x1022a0e)
#12 0x1029c75 in clang::Parser::ParseExternalDeclaration(clang::ParsedAttributes&, clang::ParsedAttributes&, clang::ParsingDeclSpec*) [clone .localalias] (/__w/mrdox/mrdox/build/mrdox+0x1029c75)
#13 0x102afe5 in clang::Parser::ParseTopLevelDecl(clang::OpaquePtr<clang::DeclGroupRef>&, clang::Sema::ModuleImportState&) (/__w/mrdox/mrdox/build/mrdox+0x102afe5)
#14 0x101bad9 in clang::ParseAST(clang::Sema&, bool, bool) (/__w/mrdox/mrdox/build/mrdox+0x101bad9)
#15 0xd65168 in clang::FrontendAction::Execute() (/__w/mrdox/mrdox/build/mrdox+0xd65168)
#16 0xd9e100 in clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) [clone .localalias] (/__w/mrdox/mrdox/build/mrdox+0xd9e100)
#17 0xec7353 in clang::tooling::FrontendActionFactory::runInvocation(std::shared_ptr<clang::CompilerInvocation>, clang::FileManager*, std::shared_ptr<clang::PCHContainerOperations>, clang::DiagnosticConsumer*) [clone .localalias] (/__w/mrdox/mrdox/build/mrdox+0xec7353)
#18 0xec0344 in clang::tooling::ToolInvocation::runInvocation(char const*, clang::driver::Compilation*, std::shared_ptr<clang::CompilerInvocation>, std::shared_ptr<clang::PCHContainerOperations>) (/__w/mrdox/mrdox/build/mrdox+0xec0344)
#19 0xec35a7 in clang::tooling::ToolInvocation::run() (/__w/mrdox/mrdox/build/mrdox+0xec35a7)
#20 0xec57bf in clang::tooling::ClangTool::run(clang::tooling::ToolAction*) [clone .localalias] (/__w/mrdox/mrdox/build/mrdox+0xec57bf)
#21 0xebda02 in clang::tooling::StandaloneToolExecutor::execute(llvm::ArrayRef<std::pair<std::unique_ptr<clang::tooling::FrontendActionFactory, std::default_delete<clang::tooling::FrontendActionFactory> >, std::function<std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > (std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, llvm::StringRef)> > >) (/__w/mrdox/mrdox/build/mrdox+0xebda02)
#22 0xeb8c81 in clang::tooling::ToolExecutor::execute(std::unique_ptr<clang::tooling::FrontendActionFactory, std::default_delete<clang::tooling::FrontendActionFactory> >, std::function<std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > (std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&, llvm::StringRef)>) (/__w/mrdox/mrdox/build/mrdox+0xeb8c81)
#23 0x6e925a in clang::mrdox::CorpusImpl::build(clang::tooling::ToolExecutor&, std::shared_ptr<clang::mrdox::Config const>) /__w/mrdox/mrdox/source/CorpusImpl.cpp:129
#24 0x7b6c88 in clang::mrdox::TestRunner::handleFile(llvm::StringRef, std::shared_ptr<clang::mrdox::Config const> const&) /__w/mrdox/mrdox/source/TestAction.cpp:211
#25 0x7b8d92 in operator() /__w/mrdox/mrdox/source/TestAction.cpp:348
#26 0x7bb65f in __invoke_impl<void, clang::mrdox::TestRunner::handleDir(llvm::StringRef)::<lambda()>&> /opt/hostedtoolcache/gcc/13.1.0/include/c++/13.1.0/bits/invoke.h:61
#27 0x7bb4ff in __invoke_r<void, clang::mrdox::TestRunner::handleDir(llvm::StringRef)::<lambda()>&> /opt/hostedtoolcache/gcc/13.1.0/include/c++/13.1.0/bits/invoke.h:111
#28 0x7bb284 in _M_invoke /opt/hostedtoolcache/gcc/13.1.0/include/c++/13.1.0/bits/std_function.h:290
#29 0x6b4383 in std::function<void ()>::operator()() const /opt/hostedtoolcache/gcc/13.1.0/include/c++/13.1.0/bits/std_function.h:591
#30 0x6d7162 in clang::mrdox::Config::WorkGroup::post(std::function<void ()>) /__w/mrdox/mrdox/source/Config.cpp:139
#31 0x7b973c in clang::mrdox::TestRunner::handleDir(llvm::StringRef) /__w/mrdox/mrdox/source/TestAction.cpp:345
#32 0x7ba339 in clang::mrdox::TestRunner::checkPath(llvm::StringRef) /__w/mrdox/mrdox/source/TestAction.cpp:400
#33 0x7ba986 in clang::mrdox::DoTestAction() /__w/mrdox/mrdox/source/TestAction.cpp:420
#34 0x7c96d7 in main /__w/mrdox/mrdox/source/ToolMain.cpp:95
#35 0x7f8f56ebbd8f (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f) (BuildId: 89c3cb85f9e550467[764](https://github.com/alandefreitas/mrdox/actions/runs/5197896903/jobs/9373335842#step:7:781)71fed05ec441581d1969)
#36 0x7f8f56ebbe3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e3f) (BuildId: 89c3cb85f9e55046[776](https://github.com/alandefreitas/mrdox/actions/runs/5197896903/jobs/9373335842#step:7:793)471fed05ec441581d1969)
#37 0x443eb4 in _start (/__w/mrdox/mrdox/build/mrdox+0x443eb4)
0x6210003d43a0 is located 672 bytes inside of 4096-byte region [0x6210003d4100,0x6210003d5100)
allocated by thread T0 here:
#0 0x4f7938 in operator new(unsigned long, std::align_val_t) ../../.././../libsanitizer/asan/asan_new_delete.cpp:107
#1 0x5d6d30 in llvm::MallocAllocator::Allocate(unsigned long, unsigned long) /usr/local/include/llvm/Support/AllocatorBase.h:86
#2 0x5fec0f in llvm::BumpPtrAllocatorImpl<llvm::MallocAllocator, 4096ul, 4096ul, 128ul>::StartNewSlab() /usr/local/include/llvm/Support/Allocator.h:339
#3 0x5ef2a6 in llvm::BumpPtrAllocatorImpl<llvm::MallocAllocator, 4096ul, 4096ul, 128ul>::Allocate(unsigned long, llvm::Align) /usr/local/include/llvm/Support/Allocator.h:195
#4 0x5e4864 in llvm::BumpPtrAllocatorImpl<llvm::MallocAllocator, 4096ul, 4096ul, 128ul>::Allocate(unsigned long, unsigned long) /usr/local/include/llvm/Support/Allocator.h:209
#5 0x5db35b in clang::ASTContext::Allocate(unsigned long, unsigned int) const /usr/local/include/clang/AST/ASTContext.h:706
#6 0x5db446 in operator new(unsigned long, clang::ASTContext const&, unsigned long) /usr/local/include/clang/AST/ASTContext.h:3402
#7 0x60719b in clang::LazyGenerationalUpdatePtr<clang::Decl const*, clang::Decl*, &clang::ExternalASTSource::CompleteRedeclChain>::makeValue(clang::ASTContext const&, clang::Decl*) /usr/local/include/clang/AST/ASTContext.h:3463
#8 0x8b7c6a in clang::FunctionDecl::getNextRedeclarationImpl() (/__w/mrdox/mrdox/build/mrdox+0x8b7c6a)
SUMMARY: AddressSanitizer: use-after-poison /usr/local/include/clang/AST/Decl.h:712 in clang::ValueDecl::getType() const
Shadow bytes around the buggy address:
0x6210003d4100: 00 00 00 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7
0x6210003d4180: f7 f7 f7 f7 f7 f7 f7 00 00 00 f7 f7 f7 f7 f7 f7
0x6210003d4200: f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7
0x6210003d4280: f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7
0x6210003d4300: 00 00 00 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7
=>0x6210003d4380: f7 f7 f7 f7[f7]f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7
0x6210003d4400: f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7
0x6210003d4480: f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7
0x6210003d4500: f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7
0x6210003d4580: f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7
0x6210003d4600: f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==9035==ABORTING
Also here: https://github.com/alandefreitas/mrdox/actions/runs/5197896903/jobs/9373335842#step:7:761
It only involves LLVM header files, so my hypothesis that LLVM needs be built with instrumentation is fortunately wrong.