[llvm-bugs] [Bug 64328] [clang-format] Segmentation fault trying to format very deeply nested brackets

Tue, 01 Aug 2023 20:54:46 -0700

Issue 64328
Summary [clang-format] Segmentation fault trying to format very deeply nested brackets
Labels new issue
Assignees
Reporter scgtrp 
    I wouldn't normally report this because it's kind of a "you're holding it wrong" bug, but the crash message explicitly asked me to :)

I have a script that generates C code in one mode, and a huge amount of of non-code debug output in another mode. I accidentally piped the latter to clang-format, and it crashed trying to parse this as C.

It appears that my script output a pair of `\e[...m` escape codes around every line, and `clang-format` sees the brackets in there, does its best to work with them, and spectacularly overflows its stack because it never sees a closing `]`.

Minimal example:
```
$ clang-format --version
clang-format version 15.0.7

$ perl -e 'print "[" x 50000;' |clang-format
PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace.
Stack dump:
(stack dump omitted, see below)
Segmentation fault (core dumped)
```

Backtrace with symbols (the one printed during the crash had only addresses):

```
(gdb) bt
#0 AlignTokens<clang::format::WhitespaceManager::alignChainedConditionals()::<lambda(const clang::format::WhitespaceManager::Change&)>&>(void) () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/WhitespaceManager.cpp:494
#1 0x00007f534ded7e81 in AlignTokens<clang::format::WhitespaceManager::alignChainedConditionals()::<lambda(const clang::format::WhitespaceManager::Change&)>&>(void) () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/WhitespaceManager.cpp:594
(37K duplicates of the previous line omitted)
#37321 0x00007f534ded7e81 in AlignTokens<clang::format::WhitespaceManager::alignChainedConditionals()::<lambda(const clang::format::WhitespaceManager::Change&)>&>(void) () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/WhitespaceManager.cpp:594
#37322 0x00007f534dee1c0f in clang::format::WhitespaceManager::alignChainedConditionals () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/WhitespaceManager.cpp:884
#37323 0x00007f534df12e25 in clang::format::WhitespaceManager::generateReplacements () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/WhitespaceManager.cpp:108
#37324 clang::format::WhitespaceManager::generateReplacements () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/WhitespaceManager.cpp:98
#37325 0x00007f534debd867 in analyze () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/Format.cpp:2052
#37326 0x00007f534deca4f1 in clang::format::TokenAnalyzer::process () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/TokenAnalyzer.cpp:128
#37327 0x00007f534e018488 in clang::format::internal::reformat(clang::format::FormatStyle const&, llvm::StringRef, llvm::ArrayRef<clang::tooling::Range>, unsigned int, unsigned int, unsigned int, llvm::StringRef, clang::format::FormattingAttemptStatus*)::{lambda(clang::format::Environment const&)#8}::operator()(clang::format::Environment const&) const [clone .isra.0] () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/Format.cpp:3307
#37328 0x00007f534de61b6b in __invoke_impl<std::pair<clang::tooling::Replacements, unsigned int>, clang::format::internal::reformat(const clang::format::FormatStyle&, llvm::StringRef, llvm::ArrayRef<clang::tooling::Range>, unsigned int, unsigned int, unsigned int, llvm::StringRef, clang::format::FormattingAttemptStatus*)::<lambda(const clang::format::Environment&)>&, const clang::format::Environment&> () at /usr/include/c++/13.1.1/bits/invoke.h:61
#37329 __invoke_r<std::pair<clang::tooling::Replacements, unsigned int>, clang::format::internal::reformat(const clang::format::FormatStyle&, llvm::StringRef, llvm::ArrayRef<clang::tooling::Range>, unsigned int, unsigned int, unsigned int, llvm::StringRef, clang::format::FormattingAttemptStatus*)::<lambda(const clang::format::Environment&)>&, const clang::format::Environment&> () at /usr/include/c++/13.1.1/bits/invoke.h:139
#37330 _M_invoke () at /usr/include/c++/13.1.1/bits/std_function.h:291
#37331 0x00007f534decb937 in std::function<std::pair<clang::tooling::Replacements, unsigned int> (clang::format::Environment const&)>::operator()(clang::format::Environment const&) const () at /usr/include/c++/13.1.1/bits/std_function.h:591
#37332 clang::format::internal::reformat () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/Format.cpp:3325
#37333 0x00007f534deced50 in clang::format::reformat () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/Format.cpp:3351
#37334 0x000055a569b24e88 in format () at /usr/src/debug/clang/clang-15.0.7.src/tools/clang-format/ClangFormat.cpp:497
#37335 0x000055a569b1d448 in main () at /usr/src/debug/clang/clang-15.0.7.src/tools/clang-format/ClangFormat.cpp:614
```

I can also reproduce this with `(`, with a different stack trace:

```
(gdb) bt
#0  0x00007f420aaf2e0c in consumeToken () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/TokenAnnotator.cpp:914
#1 0x00007f420aaf5fd2 in parseParens () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/TokenAnnotator.cpp:474
#2 0x00007f420aaf2f35 in consumeToken () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/TokenAnnotator.cpp:1079
#3 0x00007f420aaf5fd2 in parseParens () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/TokenAnnotator.cpp:474
...
#52244 0x00007f420aaf2f35 in consumeToken () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/TokenAnnotator.cpp:1079
#52245 0x00007f420aaf5fd2 in parseParens () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/TokenAnnotator.cpp:474
#52246 0x00007f420aaf2f35 in consumeToken () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/TokenAnnotator.cpp:1079
#52247 0x00007f420aaf6d88 in parseLine () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/TokenAnnotator.cpp:1461
#52248 0x00007f420aaf7887 in clang::format::TokenAnnotator::annotate () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/TokenAnnotator.cpp:2683
#52249 0x00007f420aaca4be in clang::format::TokenAnalyzer::process () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/TokenAnalyzer.cpp:124
#52250 0x00007f420aacff5c in clang::format::guessLanguage () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/Format.cpp:3500
#52251 0x00007f420aad0209 in clang::format::getStyle () at /usr/src/debug/clang/clang-15.0.7.src/lib/Format/Format.cpp:3531
#52252 0x000055a15070d640 in format () at /usr/src/debug/clang/clang-15.0.7.src/tools/clang-format/ClangFormat.cpp:442
#52253 0x000055a150706448 in main () at /usr/src/debug/clang/clang-15.0.7.src/tools/clang-format/ClangFormat.cpp:614
```

_______________________________________________
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs

Reply via email to