Comments (15)
Can you please provide the output of the failing program with ASAN_OPTIONS="verbosity=2"?
Also, is your source code or any reduced test available publicly?
Reported by ramosian.glider
on 2012-01-15 19:24:11
from sanitizers.
The source code is not available publicly, but I will post tomorrow the verbose version
output.
I'll also try to reduce the code and see if I get the same behavior, if that's the
case I'll also post it somewhere.
Reported by mkvtoolnix.build.jonthn
on 2012-01-15 20:47:48
from sanitizers.
Below the output with verbose output. Also I updated to the latest source (rev 148230)
ASAN_OPTIONS="verbosity=2" tool 2>&1 | asan_symbolize.py
AddressSanitizer: libc interceptors initialized
|| `[0x40000000, 0xffffffff]` || HighMem ||
|| `[0x28000000, 0x3fffffff]` || HighShadow ||
|| `[0x24000000, 0x27ffffff]` || ShadowGap ||
|| `[0x20000000, 0x23ffffff]` || LowShadow ||
|| `[0x00000000, 0x1fffffff]` || LowMem ||
MemToShadow(shadow): 0x24000000 0x247fffff 0x25000000 0x27ffffff
red_zone=128
malloc_context_size=30
fast_unwind=1
SHADOW_SCALE: 3
SHADOW_GRANULARITY: 8
SHADOW_OFFSET: 20000000
==12047== SetCurrent: 0x09df5d08 for thread 0xf254d950
==12047== CHECK failed: (uintptr_t)&rl >= start && (uintptr_t)&rl < end at asan_linux.cc:276
#0 0x8942f63 in _ZN6__asan11CheckFailedEPKcS1_i _asan_rtl_
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
Reported by mkvtoolnix.build.jonthn
on 2012-01-16 08:42:37
from sanitizers.
I wasn't able to produce a reduced version. But in the same time I noticed that even
when my main program was doing nothing I still get the CHECK failed and when I stopped
linking it to shared libraries it worked.
I then made a test library with a test program but I couldn't replicate the same behavior.
Currently my program is linked to 65 libraries and only a few ( less than 10 ) are
from my own sources.
Reported by mkvtoolnix.build.jonthn
on 2012-01-16 11:27:56
from sanitizers.
If you're ok with editing the sources, try to open llvm/projects/compiler-rt/lib/asan/asan_linux.cc
and dump every interesting bit of information from AsanThread::SetThreadStackTopAndBottom,
e.g.:
261 void AsanThread::SetThreadStackTopAndBottom() {
262 if (tid() == 0) {
263 // This is the main thread. Libpthread may not be initialized yet.
264 struct rlimit rl;
265 CHECK(getrlimit(RLIMIT_STACK, &rl) == 0);
266 Report("RLIMIT_STACK: &rl=%p, rlim_cur=%d, rlim_max=%d\n", &rl, rl.rlim_cur,
rl.rlim_max);
267
268 // Find the mapping that contains a stack variable.
269 AsanProcMaps proc_maps;
270 uintptr_t start, end, offset;
271 uintptr_t prev_end = 0;
272 while (proc_maps.Next(&start, &end, &offset, NULL, 0)) {
273 Report("/proc/self/maps: start=%p, end=%p, offset=%p\n", start, end, offset);
274 if ((uintptr_t)&rl < end)
275 break;
276 prev_end = end;
277 }
278 Report("CHECK: &rl=%p, start=%p, end=%p\n", &rl, start, end);
279 CHECK((uintptr_t)&rl >= start && (uintptr_t)&rl < end);
280
Reported by [email protected]
on 2012-01-16 11:42:51
from sanitizers.
Then rebuild the runtime library (see http://code.google.com/p/address-sanitizer/wiki/HowToBuild)
and relink your program (it's ok to just delete the executables, no need to recompile
everything from scratch)
Reported by [email protected]
on 2012-01-16 11:44:09
from sanitizers.
Or you could grab the value of &rl in a debugger, and dump /proc/self/maps at the same
time - that would also help.
Reported by [email protected]
on 2012-01-16 11:51:06
from sanitizers.
Ok here is the output using the patch above applied to the source r148236 :
==3517== RLIMIT_STACK: &rl=0xffffccd4, rlim_cur=8388608, rlim_max=-1
==3517== /proc/self/maps: start=0x08048000, end=0x08445000, offset=0x00000000
==3517== /proc/self/maps: start=0x08445000, end=0x0844e000, offset=0x003fc000
==3517== /proc/self/maps: start=0x0844e000, end=0x09474000, offset=0x00000000
==3517== /proc/self/maps: start=0x1ffff000, end=0x24000000, offset=0x00000000
==3517== /proc/self/maps: start=0x24000000, end=0x28000000, offset=0x00000000
==3517== /proc/self/maps: start=0x28000000, end=0x40000000, offset=0x00000000
==3517== /proc/self/maps: start=0xf4195000, end=0xf4199000, offset=0x00000000
==3517== /proc/self/maps: start=0xf4199000, end=0xf419c000, offset=0x00000000
==3517== /proc/self/maps: start=0xf419c000, end=0xf419d000, offset=0x00002000
==3517== /proc/self/maps: start=0xf419d000, end=0xf420e000, offset=0x00000000
==3517== /proc/self/maps: start=0xf420e000, end=0xf4211000, offset=0x00070000
==3517== /proc/self/maps: start=0xf4211000, end=0xf4220000, offset=0x00000000
==3517== /proc/self/maps: start=0xf4220000, end=0xf4221000, offset=0x0000e000
==3517== /proc/self/maps: start=0xf4221000, end=0xf4222000, offset=0x00000000
==3517== /proc/self/maps: start=0xf4222000, end=0xf4224000, offset=0x00000000
==3517== /proc/self/maps: start=0xf4224000, end=0xf4225000, offset=0x00001000
==3517== /proc/self/maps: start=0xf4225000, end=0xf422b000, offset=0x00000000
==3517== /proc/self/maps: start=0xf422b000, end=0xf422c000, offset=0x00005000
==3517== /proc/self/maps: start=0xf422c000, end=0xf42c0000, offset=0x00000000
==3517== /proc/self/maps: start=0xf42c0000, end=0xf42c4000, offset=0x00094000
==3517== /proc/self/maps: start=0xf42c4000, end=0xf42da000, offset=0x00000000
==3517== /proc/self/maps: start=0xf42da000, end=0xf42db000, offset=0x00015000
==3517== /proc/self/maps: start=0xf42db000, end=0xf42eb000, offset=0x00000000
==3517== /proc/self/maps: start=0xf42eb000, end=0xf42ec000, offset=0x00010000
==3517== /proc/self/maps: start=0xf42ec000, end=0xf42ed000, offset=0x00011000
==3517== /proc/self/maps: start=0xf42ed000, end=0xf42f0000, offset=0x00000000
==3517== /proc/self/maps: start=0xf42f0000, end=0xf42fb000, offset=0x00000000
==3517== /proc/self/maps: start=0xf42fb000, end=0xf42fc000, offset=0x0000a000
==3517== /proc/self/maps: start=0xf42fc000, end=0xf4300000, offset=0x00000000
==3517== /proc/self/maps: start=0xf4300000, end=0xf4301000, offset=0x00003000
==3517== /proc/self/maps: start=0xf4301000, end=0xf4303000, offset=0x00000000
==3517== /proc/self/maps: start=0xf4303000, end=0xf4304000, offset=0x00001000
==3517== /proc/self/maps: start=0xf4304000, end=0xf4375000, offset=0x00000000
==3517== /proc/self/maps: start=0xf4375000, end=0xf437a000, offset=0x00071000
==3517== /proc/self/maps: start=0xf437a000, end=0xf438d000, offset=0x00000000
==3517== /proc/self/maps: start=0xf438d000, end=0xf438e000, offset=0x00013000
==3517== /proc/self/maps: start=0xf438e000, end=0xf438f000, offset=0x00000000
==3517== /proc/self/maps: start=0xf438f000, end=0xf4391000, offset=0x00000000
==3517== /proc/self/maps: start=0xf4391000, end=0xf4392000, offset=0x00001000
==3517== /proc/self/maps: start=0xf4392000, end=0xf43b4000, offset=0x00000000
==3517== /proc/self/maps: start=0xf43b4000, end=0xf43b5000, offset=0x00022000
==3517== /proc/self/maps: start=0xf43b5000, end=0xf4461000, offset=0x00000000
==3517== /proc/self/maps: start=0xf4461000, end=0xf4467000, offset=0x000ac000
==3517== /proc/self/maps: start=0xf4467000, end=0xf4495000, offset=0x00000000
==3517== CHECK: &rl=0xffffccd4, start=0xf4467000, end=0xf4495000
and the dump of /proc/3517/maps :
08048000-08445000 r-xp 00000000 08:06 17598328 /data/myprog
08445000-0844e000 rw-p 003fc000 08:06 17598328 /data/myprog
0844e000-09474000 rw-p 00000000 00:00 0 [heap]
1ffff000-24000000 rw-p 00000000 00:00 0
24000000-28000000 ---p 00000000 00:00 0
28000000-40000000 rw-p 00000000 00:00 0
f4195000-f4199000 rw-p 00000000 00:00 0
f4199000-f419c000 r-xp 00000000 08:01 395707 /usr/lib32/libgpg-error.so.0.4.0
f419c000-f419d000 rw-p 00002000 08:01 395707 /usr/lib32/libgpg-error.so.0.4.0
f419d000-f420e000 r-xp 00000000 08:01 395683 /usr/lib32/libgcrypt.so.11.5.3
f420e000-f4211000 rw-p 00070000 08:01 395683 /usr/lib32/libgcrypt.so.11.5.3
f4211000-f4220000 r-xp 00000000 08:01 396025 /usr/lib32/libtasn1.so.3.1.9
f4220000-f4221000 rw-p 0000e000 08:01 396025 /usr/lib32/libtasn1.so.3.1.9
f4221000-f4222000 rw-p 00000000 00:00 0
f4222000-f4224000 r-xp 00000000 08:01 1175104 /lib32/libkeyutils.so.1.3
f4224000-f4225000 rw-p 00001000 08:01 1175104 /lib32/libkeyutils.so.1.3
f4225000-f422b000 r-xp 00000000 08:01 395794 /usr/lib32/libkrb5support.so.0.1
f422b000-f422c000 rw-p 00005000 08:01 395794 /usr/lib32/libkrb5support.so.0.1
f422c000-f42c0000 r-xp 00000000 08:01 395704 /usr/lib32/libgnutls.so.26.14.12
f42c0000-f42c4000 rw-p 00094000 08:01 395704 /usr/lib32/libgnutls.so.26.14.12
f42c4000-f42da000 r-xp 00000000 08:01 395991 /usr/lib32/libsasl2.so.2.0.23
f42da000-f42db000 rw-p 00015000 08:01 395991 /usr/lib32/libsasl2.so.2.0.23
f42db000-f42eb000 r-xp 00000000 08:01 1175049 /lib32/libresolv-2.11.2.so
f42eb000-f42ec000 r--p 00010000 08:01 1175049 /lib32/libresolv-2.11.2.so
f42ec000-f42ed000 rw-p 00011000 08:01 1175049 /lib32/libresolv-2.11.2.so
f42ed000-f42f0000 rw-p 00000000 00:00 0
f42f0000-f42fb000 r-xp 00000000 08:01 395796 /usr/lib32/liblber-2.4.so.2.5.6
f42fb000-f42fc000 rw-p 0000a000 08:01 395796 /usr/lib32/liblber-2.4.so.2.5.6
f42fc000-f4300000 r-xp 00000000 08:01 396054 /usr/lib32/libXdmcp.so.6.0.0
f4300000-f4301000 rw-p 00003000 08:01 396054 /usr/lib32/libXdmcp.so.6.0.0
f4301000-f4303000 r-xp 00000000 08:01 396046 /usr/lib32/libXau.so.6.0.0
f4303000-f4304000 rw-p 00001000 08:01 396046 /usr/lib32/libXau.so.6.0.0
f4304000-f4375000 r-xp 00000000 08:01 414621 /usr/lib32/libgnutls.so.13.9.1
f4375000-f437a000 rw-p 00071000 08:01 414621 /usr/lib32/libgnutls.so.13.9.1
f437a000-f438d000 r-xp 00000000 08:01 395595 /usr/lib32/libz.so.1.2.3.4
f438d000-f438e000 rw-p 00013000 08:01 395595 /usr/lib32/libz.so.1.2.3.4
f438e000-f438f000 rw-p 00000000 00:00 0
f438f000-f4391000 r-xp 00000000 08:01 1175100 /lib32/libcom_err.so.2.1
f4391000-f4392000 rw-p 00001000 08:01 1175100 /lib32/libcom_err.so.2.1
f4392000-f43b4000 r-xp 00000000 08:01 395787 /usr/lib32/libk5crypto.so.3.1
f43b4000-f43b5000 rw-p 00022000 08:01 395787 /usr/lib32/libk5crypto.so.3.1
f43b5000-f4461000 r-xp 00000000 08:01 395788 /usr/lib32/libkrb5.so.3.3
f4461000-f4467000 rw-p 000ac000 08:01 395788 /usr/lib32/libkrb5.so.3.3
f4467000-f4495000 r-xp 00000000 08:01 395778 /usr/lib32/libgssapi_krb5.so.2.2
f4495000-f4496000 rw-p 0002d000 08:01 395778 /usr/lib32/libgssapi_krb5.so.2.2
f4496000-f44d8000 r-xp 00000000 08:01 395797 /usr/lib32/libldap_r-2.4.so.2.5.6
f44d8000-f44da000 rw-p 00041000 08:01 395797 /usr/lib32/libldap_r-2.4.so.2.5.6
f44da000-f44dc000 rw-p 00000000 00:00 0
f44dc000-f450c000 r-xp 00000000 08:01 395781 /usr/lib32/libidn.so.11.5.44
f450c000-f450d000 rw-p 0002f000 08:01 395781 /usr/lib32/libidn.so.11.5.44
f450d000-f4525000 r-xp 00000000 08:01 396048 /usr/lib32/libxcb.so.1.1.0
f4525000-f4526000 rw-p 00017000 08:01 396048 /usr/lib32/libxcb.so.1.1.0
f4526000-f4663000 r-xp 00000000 08:01 396020 /usr/lib32/i686/cmov/libcrypto.so.0.9.8
f4663000-f467b000 rw-p 0013c000 08:01 396020 /usr/lib32/i686/cmov/libcrypto.so.0.9.8
f467b000-f467e000 rw-p 00000000 00:00 0
f467e000-f47a2000 r-xp 00000000 08:01 396060 /usr/lib32/libxml2.so.2.7.8
f47a2000-f47a7000 rw-p 00124000 08:01 396060 /usr/lib32/libxml2.so.2.7.8
f47a7000-f47a8000 rw-p 00000000 00:00 0
f47a8000-f47c3000 r-xp 00000000 08:01 414644 /usr/lib32/libicudata.so.36.0
f47c3000-f47c4000 rw-p 0001a000 08:01 414644 /usr/lib32/libicudata.so.36.0
f47c4000-f47c5000 rw-p 00000000 00:00 0
f47c5000-f4879000 r-xp 00000000 08:01 414645 /usr/lib32/libicucnv.so.36.0
f4879000-f487d000 rw-p 000b4000 08:01 414645 /usr/lib32/libicucnv.so.36.0
f487d000-f487e000 rw-p 00000000 00:00 0
f487e000-f48b2000 r-xp 00000000 08:01 414639 /usr/lib32/libBIBUtils.so
f48b2000-f48b4000 rw-p 00034000 08:01 414639 /usr/lib32/libBIBUtils.so
f48b4000-f48dc000 r-xp 00000000 08:01 414648 /usr/lib32/libAXE8SharedExpat.so
f48dc000-f48df000 rw-p 00027000 08:01 414648 /usr/lib32/libAXE8SharedExpat.so
f48df000-f493a000 r-xp 00000000 08:01 414641 /usr/lib32/libAdobeXMP.so
f493a000-f493d000 rw-p 0005a000 08:01 414641 /usr/lib32/libAdobeXMP.so
f493d000-f4a31000 r-xp 00000000 08:01 414650 /usr/lib32/libJP2K.so
f4a31000-f4a34000 rw-p 000f3000 08:01 414650 /usr/lib32/libJP2K.so
f4a34000-f4a36000 rw-p 00000000 00:00 0
f4a36000-f4ddd000 r-xp 00000000 08:01 414643 /usr/lib32/libCoolType.so
f4ddd000-f4dfe000 rw-p 003a7000 08:01 414643 /usr/lib32/libCoolType.so
f4dfe000-f4e0b000 rw-p 00000000 00:00 0
f4e0b000-f4ef6000 r-xp 00000000 08:01 414640 /usr/lib32/libACE.so
f4ef6000-f4efb000 rw-p 000eb000 08:01 414640 /usr/lib32/libACE.so
f4efb000-f56a6000 r-xp 00000000 08:01 414642 /usr/lib32/libAGM.so
f56a6000-f56d5000 rw-p 007ab000 08:01 414642 /usr/lib32/libAGM.so
f56d5000-f56ff000 rw-p 00000000 00:00 0
f56ff000-f5746000 r-xp 00000000 08:01 414647 /usr/lib32/libBIB.so
f5746000-f5748000 rw-p 00046000 08:01 414647 /usr/lib32/libBIB.so
f5748000-f575c000 r-xp 00000000 08:01 395780 /usr/lib32/libICE.so.6.3.0
f575c000-f575e000 rw-p 00013000 08:01 395780 /usr/lib32/libICE.so.6.3.0
f575e000-f5760000 rw-p 00000000 00:00 0
f5760000-f5767000 r-xp 00000000 08:01 395994 /usr/lib32/libSM.so.6.0.1
f5767000-f5768000 rw-p 00006000 08:01 395994 /usr/lib32/libSM.so.6.0.1
f5768000-f576b000 r-xp 00000000 08:01 1175116 /lib32/libuuid.so.1.3.0
f576b000-f576c000 rw-p 00002000 08:01 1175116 /lib32/libuuid.so.1.3.0
f576c000-f57fa000 r-xp 00000000 08:01 414615 /usr/lib32/libnetsnmp.so.15.1.0
f57fa000-f57fd000 rw-p 0008d000 08:01 414615 /usr/lib32/libnetsnmp.so.15.1.0
f57fd000-f581b000 rw-p 00000000 00:00 0
f581b000-f5852000 r-xp 00000000 08:01 414624 /usr/lib32/libcurl-gnutls.so.4.0.1
f5852000-f5853000 rw-p 00037000 08:01 414624 /usr/lib32/libcurl-gnutls.so.4.0.1
f5853000-f585c000 r-xp 00000000 08:01 1175067 /lib32/libcrypt-2.11.2.so
f585c000-f585d000 r--p 00008000 08:01 1175067 /lib32/libcrypt-2.11.2.so
f585d000-f585e000 rw-p 00009000 08:01 1175067 /lib32/libcrypt-2.11.2.so
f585e000-f5886000 rw-p 00000000 00:00 0
f5886000-f596f000 r-xp 00000000 08:01 395572 /usr/lib32/libstdc++.so.6.0.13
f596f000-f5973000 r--p 000e9000 08:01 395572 /usr/lib32/libstdc++.so.6.0.13
f5973000-f5974000 rw-p 000ed000 08:01 395572 /usr/lib32/libstdc++.so.6.0.13
f5974000-f597b000 rw-p 00000000 00:00 0
f597b000-f5a94000 r-xp 00000000 08:01 396045 /usr/lib32/libX11.so.6.3.0
f5a94000-f5a98000 rw-p 00118000 08:01 396045 /usr/lib32/libX11.so.6.3.0
f5a98000-f6f8c000 r-xp 00000000 08:01 425608 /usr/lib32/libMYLIB3.so
f6f8c000-f6ffd000 rw-p 014f3000 08:01 425608 /usr/lib32/libMYLIB3.so
f6ffd000-f702e000 rw-p 00000000 00:00 0
f702e000-f7052000 r-xp 00000000 08:01 1175065 /lib32/libm-2.11.2.so
f7052000-f7053000 r--p 00023000 08:01 1175065 /lib32/libm-2.11.2.so
f7053000-f7054000 rw-p 00024000 08:01 1175065 /lib32/libm-2.11.2.so
f7054000-f7194000 r-xp 00000000 08:01 1175056 /lib32/libc-2.11.2.so
f7194000-f7195000 ---p 00140000 08:01 1175056 /lib32/libc-2.11.2.so
f7195000-f7197000 r--p 00140000 08:01 1175056 /lib32/libc-2.11.2.so
f7197000-f7198000 rw-p 00142000 08:01 1175056 /lib32/libc-2.11.2.so
f7198000-f719c000 rw-p 00000000 00:00 0
f719c000-f71b9000 r-xp 00000000 08:01 395561 /usr/lib32/libgcc_s.so.1
f71b9000-f71ba000 rw-p 0001c000 08:01 395561 /usr/lib32/libgcc_s.so.1
f71ba000-f71bc000 r-xp 00000000 08:01 1175055 /lib32/libdl-2.11.2.so
f71bc000-f71bd000 r--p 00001000 08:01 1175055 /lib32/libdl-2.11.2.so
f71bd000-f71be000 rw-p 00002000 08:01 1175055 /lib32/libdl-2.11.2.so
f71be000-f71d3000 r-xp 00000000 08:01 1175057 /lib32/libpthread-2.11.2.so
f71d3000-f71d4000 r--p 00014000 08:01 1175057 /lib32/libpthread-2.11.2.so
f71d4000-f71d5000 rw-p 00015000 08:01 1175057 /lib32/libpthread-2.11.2.so
f71d5000-f71d7000 rw-p 00000000 00:00 0
f71d7000-f7bdf000 r-xp 00000000 08:01 414649 /usr/lib32/libpdfl.so
f7bdf000-f7c1e000 rw-p 00a08000 08:01 414649 /usr/lib32/libpdfl.so
f7c1e000-f7c22000 rw-p 00000000 00:00 0
f7c22000-f7c70000 r-xp 00000000 08:01 396070 /usr/lib32/libXt.so.6.0.0
f7c70000-f7c74000 rw-p 0004d000 08:01 396070 /usr/lib32/libXt.so.6.0.0
f7c74000-f7f42000 r-xp 00000000 08:01 425611 /usr/lib32/libMYLIB1.so
f7f42000-f7f4c000 rw-p 002ce000 08:01 425611 /usr/lib32/libMYLIB1.so
f7f4c000-f7f50000 rw-p 00000000 00:00 0
f7f50000-f7f55000 r-xp 00000000 08:01 414632 /usr/lib32/libraw1394.so.8.2.0
f7f55000-f7f56000 rw-p 00004000 08:01 414632 /usr/lib32/libraw1394.so.8.2.0
f7f56000-f7fbf000 r-xp 00000000 08:01 416014 /usr/lib32/libMYLIB2.so
f7fbf000-f7fc1000 rw-p 00069000 08:01 416014 /usr/lib32/libMYLIB2.so
f7fc1000-f7fc6000 rw-p 00000000 00:00 0
f7fdb000-f7fdf000 rw-p 00000000 00:00 0
f7fdf000-f7fe0000 r-xp 00000000 00:00 0 [vdso]
f7fe0000-f7ffc000 r-xp 00000000 08:01 1175068 /lib32/ld-2.11.2.so
f7ffc000-f7ffd000 r--p 0001b000 08:01 1175068 /lib32/ld-2.11.2.so
f7ffd000-f7ffe000 rw-p 0001c000 08:01 1175068 /lib32/ld-2.11.2.so
fffe9000-ffffe000 rwxp 00000000 00:00 0 [stack]
Reported by mkvtoolnix.build.jonthn
on 2012-01-16 14:20:15
from sanitizers.
Looks like you're breaking the loop because the /proc/self/maps iterator returns False.
Can you print the arguments and SScanf result here:
195 if (SScanf(current_,
196 "%lx-%lx %4s %lx %x:%x %ld %n",
197 start, end, flags, offset, &major, &minor,
198 &inode, &consumed) != 7)
199 return false;
(asan_linux.cc again)
Reported by ramosian.glider
on 2012-01-16 14:39:59
from sanitizers.
With the sources modified like this :
--- asan_linux.cc (revision 148237)
+++ asan_linux.cc (working copy)
@@ -192,11 +192,17 @@
char *next_line = (char*)internal_memchr(current_, '\n', last - current_);
if (next_line == NULL)
next_line = last;
- if (SScanf(current_,
+
+ int result = 0;
+ if ((result = SScanf(current_,
"%lx-%lx %4s %lx %x:%x %ld %n",
start, end, flags, offset, &major, &minor,
- &inode, &consumed) != 7)
+ &inode, &consumed)) != 7) {
+ Report("SScanf false ret:%d : start=%p, end=%p, flags=%p, offset=%p, major=%d,
minor=%d, inode=%p, consumed=%d\n", result, current_, start, end, flags, offset, major,
minor, &inode, consumed);
return false;
+ } else {
+ Report("SScanf true ret:%d : start=%p, end=%p, flags=%p, offset=%p, major=%d,
minor=%d, inode=%p, consumed=%d\n", result, current_, start, end, flags, offset, major,
minor, &inode, consumed);
+ }
current_ += consumed;
// Skip spaces.
while (current_ < next_line && *current_ == ' ')
@@ -286,16 +292,19 @@
// This is the main thread. Libpthread may not be initialized yet.
struct rlimit rl;
CHECK(getrlimit(RLIMIT_STACK, &rl) == 0);
+ Report("RLIMIT_STACK: &rl=%p, rlim_cur=%d, rlim_max=%d\n", &rl, rl.rlim_cur, rl.rlim_max);
// Find the mapping that contains a stack variable.
AsanProcMaps proc_maps;
uintptr_t start, end, offset;
uintptr_t prev_end = 0;
while (proc_maps.Next(&start, &end, &offset, NULL, 0)) {
+ Report("/proc/self/maps: start=%p, end=%p, offset=%p\n", start, end, offset);
if ((uintptr_t)&rl < end)
break;
prev_end = end;
}
+ Report("CHECK: &rl=%p, start=%p, end=%p\n", &rl, start, end);
CHECK((uintptr_t)&rl >= start && (uintptr_t)&rl < end);
// Get stacksize from rlimit, but clip it so that it does not overlap
I get :
==4205== RLIMIT_STACK: &rl=0xffeb3fa4, rlim_cur=8388608, rlim_max=-1
==4205== SScanf true ret:7 : start=0xf7700000, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000006, consumed=-1360108
==4205== /proc/self/maps: start=0x08048000, end=0x08445000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf7700076, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000006, consumed=-1360108
==4205== /proc/self/maps: start=0x08445000, end=0x0844f000, offset=0x003fc000
==4205== SScanf true ret:7 : start=0xf77000ec, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=0, inode=0x00000000, consumed=-1360108
==4205== /proc/self/maps: start=0x0844f000, end=0x09474000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf7700115, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=0, inode=0x00000000, consumed=-1360108
==4205== /proc/self/maps: start=0x1ffff000, end=0x24000000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf770013e, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=0, inode=0x00000000, consumed=-1360108
==4205== /proc/self/maps: start=0x24000000, end=0x28000000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf7700167, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=0, inode=0x00000000, consumed=-1360108
==4205== /proc/self/maps: start=0x28000000, end=0x40000000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf7700190, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=0, inode=0x00000000, consumed=-1360108
==4205== /proc/self/maps: start=0xf38ba000, end=0xf38be000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf77001b9, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf38be000, end=0xf38c1000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf7700223, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf38c1000, end=0xf38c2000, offset=0x00002000
==4205== SScanf true ret:7 : start=0xf770028d, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf38c2000, end=0xf3933000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf77002f5, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3933000, end=0xf3936000, offset=0x00070000
==4205== SScanf true ret:7 : start=0xf770035d, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3936000, end=0xf3945000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf77003c3, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3945000, end=0xf3946000, offset=0x0000e000
==4205== SScanf true ret:7 : start=0xf7700429, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=0, inode=0x00000000, consumed=-1360108
==4205== /proc/self/maps: start=0xf3946000, end=0xf3947000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf7700452, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3947000, end=0xf3949000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf77004b5, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3949000, end=0xf394a000, offset=0x00001000
==4205== SScanf true ret:7 : start=0xf7700518, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf394a000, end=0xf3950000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf7700582, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3950000, end=0xf3951000, offset=0x00005000
==4205== SScanf true ret:7 : start=0xf77005ec, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3951000, end=0xf39e5000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf7700656, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf39e5000, end=0xf39e9000, offset=0x00094000
==4205== SScanf true ret:7 : start=0xf77006c0, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf39e9000, end=0xf39ff000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf7700727, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf39ff000, end=0xf3a00000, offset=0x00015000
==4205== SScanf true ret:7 : start=0xf770078e, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3a00000, end=0xf3a10000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf77007f2, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3a10000, end=0xf3a11000, offset=0x00010000
==4205== SScanf true ret:7 : start=0xf7700856, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3a11000, end=0xf3a12000, offset=0x00011000
==4205== SScanf true ret:7 : start=0xf77008ba, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=0, inode=0x00000000, consumed=-1360108
==4205== /proc/self/maps: start=0xf3a12000, end=0xf3a15000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf77008e3, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3a15000, end=0xf3a20000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf770094c, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3a20000, end=0xf3a21000, offset=0x0000a000
==4205== SScanf true ret:7 : start=0xf77009b5, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3a21000, end=0xf3a25000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf7700a1b, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3a25000, end=0xf3a26000, offset=0x00003000
==4205== SScanf true ret:7 : start=0xf7700a81, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3a26000, end=0xf3a28000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf7700ae5, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3a28000, end=0xf3a29000, offset=0x00001000
==4205== SScanf true ret:7 : start=0xf7700b49, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3a29000, end=0xf3a9a000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf7700bb1, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3a9a000, end=0xf3a9f000, offset=0x00071000
==4205== SScanf true ret:7 : start=0xf7700c19, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3a9f000, end=0xf3ab2000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf7700c7d, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3ab2000, end=0xf3ab3000, offset=0x00013000
==4205== SScanf true ret:7 : start=0xf7700ce1, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=0, inode=0x00000000, consumed=-1360108
==4205== /proc/self/maps: start=0xf3ab3000, end=0xf3ab4000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf7700d0a, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3ab4000, end=0xf3ab6000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf7700d6c, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3ab6000, end=0xf3ab7000, offset=0x00001000
==4205== SScanf true ret:7 : start=0xf7700dce, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3ab7000, end=0xf3ad9000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf7700e35, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3ad9000, end=0xf3ada000, offset=0x00022000
==4205== SScanf true ret:7 : start=0xf7700e9c, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3ada000, end=0xf3b86000, offset=0x00000000
==4205== SScanf true ret:7 : start=0xf7700eff, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3b86000, end=0xf3b8c000, offset=0x000ac000
==4205== SScanf true ret:7 : start=0xf7700f62, end=0xffeb3f90, flags=0xffeb3f8c, offset=0xffeb3f22,
major=-1359992, minor=8, inode=0x00000001, consumed=-1360108
==4205== /proc/self/maps: start=0xf3b8c000, end=0xf3bba000, offset=0x00000000
==4205== CHECK: &rl=0xffeb3fa4, start=0xf3b8c000, end=0xf3bba000
==4205== CHECK failed: (uintptr_t)&rl >= start && (uintptr_t)&rl < end at asan_linux.cc:308
Reported by mkvtoolnix.build.jonthn
on 2012-01-16 15:51:28
from sanitizers.
AsanProcMaps::AsanProcMaps from asan_linux.cc reads /proc/self/maps into &proc_self_maps_buff_
and then AsanProcMaps::Next tries to parse it.
AsanProcMaps::Next should return false only after it successfully parsed
the last line of /proc/self/maps.
Apparently, one of these routines fails to do what it should on your system.
It is quite hard to debug the problem w/o being able to reproduce it.
So, either please debug it and send us a patch that fixes the problem, or send us the
contents of /proc/self/maps as a file attachment (it is important to keep it verbatim).
Reported by konstantin.s.serebryany
on 2012-01-16 20:14:29
from sanitizers.
btw, I've tried the contents of your /proc/self/maps from comment #8 and it gets parsed
ok on my system. So, it might be something special about your system.
Reported by konstantin.s.serebryany
on 2012-01-16 20:32:45
from sanitizers.
Thanks for the information and pointer where to look and to do. I found where the problem
is but I don't know why it didn't worked.
(Also I forgot to tell you that rev146212 worked fined)
So the problem came from ReadFileToBuffer which didn't returned the complete /proc/self/maps,
I hacked a bit the source (see the patch attached) and now it works.
Before it only returned 4044 bytes of 12922 bytes :
==560== ReadFileToBuffer Calculated size 1898 for /proc/self/environ
==560== ReadFileToBuffer buffer size: 1898 MAX: 1048576
==560== AsanProcMaps /proc/self/maps size: 12922 bytes
==560== ReadFileToBuffer Calculated size 12922 for /proc/self/maps
==560== ReadFileToBuffer buffer size: 4044 MAX: 1048576
==560== AsanProcMaps Buffer from /proc/self/maps size: 4044 bytes
==560== CHECK failed: (uintptr_t)&rl >= start && (uintptr_t)&rl < end at asan_linux.cc:329
==560== AsanProcMaps /proc/self/maps size: 12922 bytes
==560== ReadFileToBuffer Calculated size 12922 for /proc/self/maps
==560== ReadFileToBuffer buffer size: 4044 MAX: 1048576
==560== AsanProcMaps Buffer from /proc/self/maps size: 4044 bytes
now I get :
==21303== ReadFileToBuffer Calculated size 1898 for /proc/self/environ
==21303== ReadFileToBuffer buffer size: 1898 MAX: 1048576
==21303== AsanProcMaps /proc/self/maps size: 12922 bytes
==21303== ReadFileToBuffer Calculated size 12922 for /proc/self/maps
==21303== ReadFileToBuffer buffer size: 12922 MAX: 1048576
==21303== AsanProcMaps Buffer from /proc/self/maps size: 12922 bytes
I don't know what the real fix should be but I hope you can make one based on these
informations.
Thanks again for your time and help.
Reported by mkvtoolnix.build.jonthn
on 2012-01-17 15:44:57
- _Attachment: [fix-asan-readtobuffer-linux.patch](https://storage.googleapis.com/google-code-attachments/address-sanitizer/issue-27/comment-13/fix-asan-readtobuffer-linux.patch)_
from sanitizers.
Thanks for the report and for the suggested patch.
I believe the problem is fixed by LLVM r148311.
This was a recent regression caused by my changes in the way we are reading and parsing
/proc/self/maps.
Reported by konstantin.s.serebryany
on 2012-01-17 18:06:16
- Status changed:
Fixed
from sanitizers.
Adding Project:AddressSanitizer as part of GitHub migration.
Reported by ramosian.glider
on 2015-07-30 09:12:58
- Labels added: ProjectAddressSanitizer
from sanitizers.
Related Issues (20)
- What is -[ClassName objCMethodToSuppress:]??? HOT 1
- TSAN_OPTIONS="log_path=/var/log/xxxx_tsan" doesn't work, the logs still print on stdout
- [tsan] False positive when reading from a pipe in io_uring
- MSan false negatives due to "[SCCP] Don't mark edges feasible when resolving undefs"
- Feature Request: Allow a white list, as the black list based supression don't work well. HOT 3
- [ppc][compiler-rt] Potential miscompile in compiler-rt HOT 1
- test/tsan/getline_nohang.cpp hangs with HOT 7
- msan reports stat() result as undefined on glibc 2.37 HOT 5
- UseAfterReturn Wiki : Enabled By Default in GCC 13 (+ Clang 15)?
- Support for Multiple suppression files in TSAN
- How to output memory snapshots
- Debugging C++ Segmentation Fault in Leak Sanitizer - Need Help with Backtrace Analysis
- Is Asan compatible with -fstack-protector-strong ?
- ASan did not work on string
- Asan can't detect memory use after free error in dynamic shared library with LD_PRELOAD method HOT 8
- Support x86-64 5-level paging for ASan (and possibly other sanitizers)
- I have been getting this issue and as a beginner I cant understand it
- Asan error spotted building JDK with gcc 13.2.0
- ubsan: False positive in function check on macOS HOT 2
- TSAN changes forked process exit code returned by waitpid
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sanitizers.