Segmentation fault when parsing JUCE

[mingodad]

While testing cxx with this project https://github.com/juce-framework/JUCE I'm getting a segfault with the command shown bellow:

gdb --args ../build/src/frontend/cxx JUCE/modules/juce_core/juce_core.cpp -fsyntax-only -toolchain linux -DJUCE_GLOBAL_MODULE_SETTINGS_INCLUDED=1 -IJUCE/modules/juce_core/..
GNU gdb (Ubuntu 10.2-0ubuntu1~18.04~2) 10.2
Copyright (C) 2021 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ../build/src/frontend/cxx...
(gdb) r
Starting program: cplusplus-parser-dad/build/src/frontend/cxx JUCE/modules/juce_core/juce_core.cpp -fsyntax-only -toolchain linux -DJUCE_GLOBAL_MODULE_SETTINGS_INCLUDED=1 -IJUCE/modules/juce_core/..

Program received signal SIGSEGV, Segmentation fault.
std::_Rb_tree<cxx::Name const*, std::pair<cxx::Name const* const, cxx::Symbol*>, std::_Select1st<std::pair<cxx::Name const* const, cxx::Symbol*> >, std::less<cxx::Name const*>, std::allocator<std::pair<cxx::Name const* const, cxx::Symbol*> > >::_M_begin (this=0x10) at /usr/lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/bits/stl_tree.h:745
745		  (this->_M_impl._M_header._M_parent);
(gdb) bt
#0  std::_Rb_tree<cxx::Name const*, std::pair<cxx::Name const* const, cxx::Symbol*>, std::_Select1st<std::pair<cxx::Name const* const, cxx::Symbol*> >, std::less<cxx::Name const*>, std::allocator<std::pair<cxx::Name const* const, cxx::Symbol*> > >::_M_begin (this=0x10) at /usr/lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/bits/stl_tree.h:745
#1  0x000055555581540d in std::_Rb_tree<cxx::Name const*, std::pair<cxx::Name const* const, cxx::Symbol*>, std::_Select1st<std::pair<cxx::Name const* const, cxx::Symbol*> >, std::less<cxx::Name const*>, std::allocator<std::pair<cxx::Name const* const, cxx::Symbol*> > >::equal_range (this=0x10, __k=@0x7fffffffa950: 0x555558b8c0a0)
    at /usr/lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/bits/stl_tree.h:2001
#2  0x000055555581532d in std::multimap<cxx::Name const*, cxx::Symbol*, std::less<cxx::Name const*>, std::allocator<std::pair<cxx::Name const* const, cxx::Symbol*> > >::equal_range (this=0x10, __x=@0x7fffffffa950: 0x555558b8c0a0)
    at /usr/lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/bits/stl_multimap.h:1048
#3  0x0000555555809db9 in cxx::Scope::get (this=0x0, name=0x555558b8c0a0)
    at cplusplus-parser-dad/src/parser/cxx/scope.h:52
#4  0x00005555557fe7d8 in cxx::Parser::parse_class_head (this=0x7fffffffc0b8, classHead=...)
    at cplusplus-parser-dad/src/parser/cxx/parser.cc:9090
#5  0x00005555557fe034 in cxx::Parser::parse_class_specifier(cxx::ClassSpecifierAST*&, cxx::Parser::DeclSpecs&, std::vector<cxx::TemplateDeclarationAST*, std::allocator<cxx::TemplateDeclarationAST*> > const&)::$_0::operator()() const (
    this=0x7fffffffac78)
    at cplusplus-parser-dad/src/parser/cxx/parser.cc:8958
#6  0x00005555557ebca6 in cxx::Parser::parse_class_specifier (this=0x7fffffffc0b8, yyast=@0x7fffffffade8: 0x0, 
    specs=..., templateDeclarations=std::vector of length 0, capacity 0)
    at cplusplus-parser-dad/src/parser/cxx/parser.cc:8971
#7  0x00005555557f32be in cxx::Parser::parse_class_specifier (this=0x7fffffffc0b8, yyast=@0x7fffffffade8: 0x0, 
    specs=...) at cplusplus-parser-dad/src/parser/cxx/parser.cc:8931
#8  0x00005555557f1de0 in cxx::Parser::parse_defining_type_specifier (this=0x7fffffffc0b8, 
    yyast=@0x7fffffffb0b0: 0x0, specs=...)
    at cplusplus-parser-dad/src/parser/cxx/parser.cc:5388
--Type <RET> for more, q to quit, c to continue without paging--
#9  0x00005555557f1632 in cxx::Parser::parse_decl_specifier (this=0x7fffffffc0b8, yyast=@0x7fffffffb0b0: 0x0, 
    specs=...) at cplusplus-parser-dad/src/parser/cxx/parser.cc:5159
#10 0x00005555557e59ea in cxx::Parser::parse_decl_specifier_seq (this=0x7fffffffc0b8, 
    yyast=@0x7fffffffb1d8: 0x5555577cd9f0, specs=...)
    at cplusplus-parser-dad/src/parser/cxx/parser.cc:5183
#11 0x00005555557ede42 in cxx::Parser::parse_simple_declaration(cxx::DeclarationAST*&, std::vector<cxx::TemplateDeclarationAST*, std::allocator<cxx::TemplateDeclarationAST*> > const&, cxx::Parser::BindingContext)::$_0::operator()() const (this=0x7fffffffb1c0)
    at cplusplus-parser-dad/src/parser/cxx/parser.cc:4673
#12 0x00005555557e73d2 in cxx::Parser::parse_simple_declaration (this=0x7fffffffc0b8, yyast=@0x5555577cd8f0: 0x0, 
    templateDeclarations=std::vector of length 1, capacity 1 = {...}, ctx=cxx::Parser::BindingContext::kTemplate)
    at cplusplus-parser-dad/src/parser/cxx/parser.cc:4679
#13 0x00005555557e62be in cxx::Parser::parse_template_declaration_body (this=0x7fffffffc0b8, 
    yyast=@0x5555577cd8f0: 0x0, templateDeclarations=std::vector of length 1, capacity 1 = {...})
    at cplusplus-parser-dad/src/parser/cxx/parser.cc:4269
#14 0x0000555555802615 in cxx::Parser::parse_template_declaration (this=0x7fffffffc0b8, 
    yyast=@0x7fffffffb468: 0x5555577cd8c0, templateDeclarations=std::vector of length 1, capacity 1 = {...})
    at cplusplus-parser-dad/src/parser/cxx/parser.cc:9974
#15 0x00005555557e77d6 in cxx::Parser::parse_template_declaration (this=0x7fffffffc0b8, 
    yyast=@0x7fffffffb468: 0x5555577cd8c0)
    at cplusplus-parser-dad/src/parser/cxx/parser.cc:9930
#16 0x00005555557fee8f in cxx::Parser::parse_member_declaration (this=0x7fffffffc0b8, yyast=@0x7fffffffb578: 0x0)
    at cplusplus-parser-dad/src/parser/cxx/parser.cc:9183
#17 0x00005555557fe44d in cxx::Parser::parse_member_specification (this=0x7fffffffc0b8, yyast=@0x7fffffffb578: 0x0)
    at cplusplus-parser-dad/src/parser/cxx/parser.cc:9152
#18 0x00005555557fe26e in cxx::Parser::parse_class_body (this=0x7fffffffc0b8, yyast=@0x5555577cc5c0: 0x5555577cc870)

clang16 parse it fine:

clang-16-env clang++ /home/mingo/dev/c/A_programming-languages/JUCE/modules/juce_core/juce_core.cpp -fsyntax-only -DJUCE_GLOBAL_MODULE_SETTINGS_INCLUDED=1 -I/home/mingo/dev/c/A_programming-languages/JUCE/modules/juce_core/..
## no error

[mingodad]

And this is the output of valgrind:

valgrind ../build/src/frontend/cxx JUCE/modules/juce_core/juce_core.cpp -fsyntax-only -toolchain linux -DJUCE_GLOBAL_MODULE_SETTINGS_INCLUDED=1 -IJUCE/modules/juce_core/..
==21781== Memcheck, a memory error detector
==21781== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==21781== Using Valgrind-3.21.0 and LibVEX; rerun with -h for copyright info
==21781== Command: ../build/src/frontend/cxx JUCE/modules/juce_core/juce_core.cpp -fsyntax-only -toolchain linux -DJUCE_GLOBAL_MODULE_SETTINGS_INCLUDED=1 -IJUCE/modules/juce_core/..
==21781== 
==21781== Invalid read of size 8
==21781==    at 0x3C957C: std::_Rb_tree<cxx::Name const*, std::pair<cxx::Name const* const, cxx::Symbol*>, std::_Select1st<std::pair<cxx::Name const* const, cxx::Symbol*> >, std::less<cxx::Name const*>, std::allocator<std::pair<cxx::Name const* const, cxx::Symbol*> > >::_M_begin() const (stl_tree.h:745)
==21781==    by 0x3C940C: std::_Rb_tree<cxx::Name const*, std::pair<cxx::Name const* const, cxx::Symbol*>, std::_Select1st<std::pair<cxx::Name const* const, cxx::Symbol*> >, std::less<cxx::Name const*>, std::allocator<std::pair<cxx::Name const* const, cxx::Symbol*> > >::equal_range(cxx::Name const* const&) const (stl_tree.h:2001)
==21781==    by 0x3C932C: std::multimap<cxx::Name const*, cxx::Symbol*, std::less<cxx::Name const*>, std::allocator<std::pair<cxx::Name const* const, cxx::Symbol*> > >::equal_range(cxx::Name const* const&) const (stl_multimap.h:1048)
==21781==    by 0x3BDDB8: cxx::Scope::get(cxx::Name const*) const (src/parser/cxx/scope.h:52)
==21781==    by 0x3B27D7: cxx::Parser::parse_class_head(cxx::Parser::ClassHead&) (src/parser/cxx/parser.cc:9090)
==21781==    by 0x3B2033: cxx::Parser::parse_class_specifier(cxx::ClassSpecifierAST*&, cxx::Parser::DeclSpecs&, std::vector<cxx::TemplateDeclarationAST*, std::allocator<cxx::TemplateDeclarationAST*> > const&)::$_0::operator()() const (src/parser/cxx/parser.cc:8958)
==21781==    by 0x39FCA5: cxx::Parser::parse_class_specifier(cxx::ClassSpecifierAST*&, cxx::Parser::DeclSpecs&, std::vector<cxx::TemplateDeclarationAST*, std::allocator<cxx::TemplateDeclarationAST*> > const&) (src/parser/cxx/parser.cc:8971)
==21781==    by 0x3A72BD: cxx::Parser::parse_class_specifier(cxx::ClassSpecifierAST*&, cxx::Parser::DeclSpecs&) (src/parser/cxx/parser.cc:8931)
==21781==    by 0x3A5DDF: cxx::Parser::parse_defining_type_specifier(cxx::SpecifierAST*&, cxx::Parser::DeclSpecs&) (src/parser/cxx/parser.cc:5388)
==21781==    by 0x3A5631: cxx::Parser::parse_decl_specifier(cxx::SpecifierAST*&, cxx::Parser::DeclSpecs&) (src/parser/cxx/parser.cc:5159)
==21781==    by 0x3999E9: cxx::Parser::parse_decl_specifier_seq(cxx::List<cxx::SpecifierAST*>*&, cxx::Parser::DeclSpecs&) (src/parser/cxx/parser.cc:5183)
==21781==    by 0x3A1E41: cxx::Parser::parse_simple_declaration(cxx::DeclarationAST*&, std::vector<cxx::TemplateDeclarationAST*, std::allocator<cxx::TemplateDeclarationAST*> > const&, cxx::Parser::BindingContext)::$_0::operator()() const (src/parser/cxx/parser.cc:4673)
==21781==  Address 0x20 is not stack'd, malloc'd or (recently) free'd
==21781== 
==21781== 
==21781== Process terminating with default action of signal 11 (SIGSEGV)
==21781==  Access not within mapped region at address 0x20
==21781==    at 0x3C957C: std::_Rb_tree<cxx::Name const*, std::pair<cxx::Name const* const, cxx::Symbol*>, std::_Select1st<std::pair<cxx::Name const* const, cxx::Symbol*> >, std::less<cxx::Name const*>, std::allocator<std::pair<cxx::Name const* const, cxx::Symbol*> > >::_M_begin() const (stl_tree.h:745)
==21781==    by 0x3C940C: std::_Rb_tree<cxx::Name const*, std::pair<cxx::Name const* const, cxx::Symbol*>, std::_Select1st<std::pair<cxx::Name const* const, cxx::Symbol*> >, std::less<cxx::Name const*>, std::allocator<std::pair<cxx::Name const* const, cxx::Symbol*> > >::equal_range(cxx::Name const* const&) const (stl_tree.h:2001)
==21781==    by 0x3C932C: std::multimap<cxx::Name const*, cxx::Symbol*, std::less<cxx::Name const*>, std::allocator<std::pair<cxx::Name const* const, cxx::Symbol*> > >::equal_range(cxx::Name const* const&) const (stl_multimap.h:1048)
==21781==    by 0x3BDDB8: cxx::Scope::get(cxx::Name const*) const (src/parser/cxx/scope.h:52)
==21781==    by 0x3B27D7: cxx::Parser::parse_class_head(cxx::Parser::ClassHead&) (src/parser/cxx/parser.cc:9090)
==21781==    by 0x3B2033: cxx::Parser::parse_class_specifier(cxx::ClassSpecifierAST*&, cxx::Parser::DeclSpecs&, std::vector<cxx::TemplateDeclarationAST*, std::allocator<cxx::TemplateDeclarationAST*> > const&)::$_0::operator()() const (src/parser/cxx/parser.cc:8958)
==21781==    by 0x39FCA5: cxx::Parser::parse_class_specifier(cxx::ClassSpecifierAST*&, cxx::Parser::DeclSpecs&, std::vector<cxx::TemplateDeclarationAST*, std::allocator<cxx::TemplateDeclarationAST*> > const&) (src/parser/cxx/parser.cc:8971)
==21781==    by 0x3A72BD: cxx::Parser::parse_class_specifier(cxx::ClassSpecifierAST*&, cxx::Parser::DeclSpecs&) (src/parser/cxx/parser.cc:8931)
==21781==    by 0x3A5DDF: cxx::Parser::parse_defining_type_specifier(cxx::SpecifierAST*&, cxx::Parser::DeclSpecs&) (src/parser/cxx/parser.cc:5388)
==21781==    by 0x3A5631: cxx::Parser::parse_decl_specifier(cxx::SpecifierAST*&, cxx::Parser::DeclSpecs&) (src/parser/cxx/parser.cc:5159)
==21781==    by 0x3999E9: cxx::Parser::parse_decl_specifier_seq(cxx::List<cxx::SpecifierAST*>*&, cxx::Parser::DeclSpecs&) (src/parser/cxx/parser.cc:5183)
==21781==    by 0x3A1E41: cxx::Parser::parse_simple_declaration(cxx::DeclarationAST*&, std::vector<cxx::TemplateDeclarationAST*, std::allocator<cxx::TemplateDeclarationAST*> > const&, cxx::Parser::BindingContext)::$_0::operator()() const (src/parser/cxx/parser.cc:4673)
==21781==  If you believe this happened as a result of a stack
==21781==  overflow in your program's main thread (unlikely but
==21781==  possible), you can try to increase the size of the
==21781==  main thread stack using the --main-stacksize= flag.
==21781==  The main thread stack size used in this run was 8388608.
==21781== 
==21781== HEAP SUMMARY:
==21781==     in use at exit: 83,747,612 bytes in 277,001 blocks
==21781==   total heap usage: 1,423,168 allocs, 1,146,167 frees, 323,635,096 bytes allocated
==21781== 
==21781== LEAK SUMMARY:
==21781==    definitely lost: 0 bytes in 0 blocks
==21781==    indirectly lost: 0 bytes in 0 blocks
==21781==      possibly lost: 0 bytes in 0 blocks
==21781==    still reachable: 83,747,612 bytes in 277,001 blocks
==21781==         suppressed: 0 bytes in 0 blocks
==21781== Rerun with --leak-check=full to see details of leaked memory
==21781== 
==21781== For lists of detected and suppressed errors, rerun with: -s
==21781== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
Segmentation fault (core dumped)

[mingodad]

Here

cplusplus/src/parser/cxx/parser.cc

Line 655 in 5f480dc

~ScopeGuard() { p->scope_ = savedScope; }

we shouldn't check if savedScope != nullptr before assignment ?

Because here

cplusplus/src/parser/cxx/parser.cc

Line 652 in 5f480dc

if (scope) p->scope_ = scope;

we are testing for nullptr before assign but assign to savedScope either way

cplusplus/src/parser/cxx/parser.cc

Line 651 in 5f480dc

: p(p), savedScope(p->scope_) {

.

[mingodad]

After setting a watch to see when Parser::scope_ is set to nullptr and stopping here

cplusplus/src/parser/cxx/parser.cc

Line 9073 in 5f480dc

scope_ = enclosingScope;

, I cahnged it to :

--------------------------- src/parser/cxx/parser.cc ---------------------------
index ebfbfdd..5eb71ec 100644
@@ -9070,7 +9070,7 @@ auto Parser::parse_class_head(ClassHead& classHead) -> bool {
                    symbol_cast<NamespaceSymbol>(enclosingSymbol))
         enclosingScope = enclosingNamespace->scope();
 
-      scope_ = enclosingScope;
+      if(enclosingScope) scope_ = enclosingScope;
     }
   }

And I'm not getting segfault anymore (although I'm getting other errors now) but I'm not sure if this is a good fix !

[mingodad]

Here what I'm getting now:

/usr/bin/time ../build/src/frontend/cxx JUCE/modules/juce_core/juce_core.cpp -fsyntax-only -toolchain linux -DJUCE_GLOBAL_MODULE_SETTINGS_INCLUDED=1 -IJUCE/modules/juce_core/..
/usr/include/x86_64-linux-gnu/bits/cpu-set.h:64:13: expected a statement
      : 0; }))
            ^
/usr/include/x86_64-linux-gnu/bits/select.h:36:13: expected '('
    __asm__ __volatile__ ("cld; rep; " __FD_ZERO_STOS			      \
            ^
/usr/include/x86_64-linux-gnu/bits/select.h:37:6: expected ')'
			  : "=c" (__d0), "=D" (__d1)			      \
			  ^
/usr/include/x86_64-linux-gnu/bits/select.h:36:13: expected '('
    __asm__ __volatile__ ("cld; rep; " __FD_ZERO_STOS			      \
            ^
/usr/include/x86_64-linux-gnu/bits/select.h:37:6: expected ')'
			  : "=c" (__d0), "=D" (__d1)			      \
			  ^
/usr/include/x86_64-linux-gnu/bits/select.h:36:13: expected '('
    __asm__ __volatile__ ("cld; rep; " __FD_ZERO_STOS			      \
            ^
/usr/include/x86_64-linux-gnu/bits/select.h:37:6: expected ')'
			  : "=c" (__d0), "=D" (__d1)			      \
			  ^
Command exited with non-zero status 1
4.95user 0.08system 0:05.04elapsed 99%CPU (0avgtext+0avgdata 137396maxresident)k
0inputs+0outputs (0major+37107minor)pagefaults 0swaps