search

llvm / llvm-project

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
http://llvm.org
Other
28.47k stars 11.77k forks source link

Malloc error "pointer being freed was not allocated". #18483

Open llvmbot opened 10 years ago

llvmbot commented 10 years ago
Bugzilla Link 18109
Version trunk
OS MacOS X
Attachments PluginChecker.cpp: Source code of plugin. .so: plugin build, example.c: C code on which test is to done error.txt: dump on the terminal run, failure folder built by clang.
Reporter LLVM Bugzilla Contributor
CC @jryans

Extended Description

I was trying to build a simple plugin for static analyzer of clang. The plugin will simply report all the printf function call in a given .c file. It may not do anything fruitful, but a simple start for me.

I was able to build a dynamic library with the following command. g++ -share -fPIC -I~/static_plugin/llvm/include -I~static_plugin/build/include -D_DEBUG -D_GNU_SOURCE -DSTDC_CONSTANT_MACROS -DSTDC_FORMAT_MACROS -D__STDC_LIMIT_MACROS -g -fvisibility-inlines-hidden -fno-exceptions -fno-rtti -fno-common -Woverloaded-virtual -Wcast-qual -I~/static_plugin/llvm/tools/clang/include -I~/static_plugin/build/tools/clang/include -L~/static_plugin/build/Debug+Asserts/lib -lz -lpthread -lcurses -lm -undefined dynamic_lookup -o PrintfChecker.so PrintfChecker.cpp

When I tested it on a sample C code containing a printf call, a runtime error is generated. I have attached the error message dumped on terminal as error.txt. I have also attached the failure folder as zip and the C code as example.c. I used the following cmd to test the C code. ./static_plugin/llvm/tools/clang/tools/scan-build/scan-build --use-analyzer=~/static_plugin/build/Debug+Asserts/bin/clang -load-plugin ./PrintfChecker.so -enable-checker security.PrintfChecker gcc -c example.c

llvmbot commented 10 years ago

In the mean while I tried to build and load PluginChecker.cpp on formal clang version 3.2, and it worked fine.

llvmbot commented 10 years ago

Sorry for the vague description before. Please find the following clearer one.

  1. Overview: Running a simple static analyzer custom plugin crashes the clang.

  2. Steps to Reproduce: i. Build the plugin named as PrintfChecker.cpp (attached with the bug report) with the following command.

g++ -share -fPIC -I~/static_plugin/llvm/include -I~static_plugin/build/include -D_DEBUG -D_GNU_SOURCE -DSTDC_CONSTANT_MACROS -DSTDC_FORMAT_MACROS -D__STDC_LIMIT_MACROS -g -fvisibility-inlines-hidden -fno-exceptions -fno-rtti -fno-common -Woverloaded-virtual -Wcast-qual -I~/static_plugin/llvm/tools/clang/include -I~/static_plugin/build/tools/clang/include -L~/static_plugin/build/Debug+Asserts/lib -lz -lpthread -lcurses -lm -undefined dynamic_lookup -o PrintfChecker.so PrintfChecker.cpp

ii. Test the checker on the example.c file (attached with the bug report) with the following command.

./static_plugin/llvm/tools/clang/tools/scan-build/scan-build --use-analyzer=~/static_plugin/build/Debug+Asserts/bin/clang -load-plugin ./PrintfChecker.so -enable-checker security.PrintfChecker gcc -c example.c

  1. Actual Results: The Clang crashed with the error message clang(12260) malloc: *** error for object 0x7fc259404630: pointer being freed was not allocated. Complete error message printed on the terminal is copied into file error.txt (attached with the bug report).

  2. Expected Results: The scan-build's report containing the location of all "printf" call in source code.

  3. Build Date & Platform: Build 2013-12-02 Mac OS 10.8.5

llvmbot commented 10 years ago

assigned to @tkremenek