search

Jeff-Lewis / address-sanitizer

Automatically exported from code.google.com/p/address-sanitizer
0 stars 0 forks source link

sigsegv in basic block tracer #389

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Build and run the re2 example:

https://code.google.com/p/address-sanitizer/wiki/BasicBlockTracing

Result:

==26256==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000010 (pc 
0x0000004b9148 bp 0x0000005bd54d sp 0x7ffe239c3fa0 T0)
    #0 0x4b9147 in AppendString /usr/local/google/home/earthdok/san/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_printf.cc:101:7
    #1 0x4b9147 in __sanitizer::VSNPrintf(char*, int, char const*, __va_list_tag*) /usr/local/google/home/earthdok/san/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_printf.cc:183
    #2 0x4b99e4 in __sanitizer::InternalScopedString::append(char const*, ...) /usr/local/google/home/earthdok/san/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_printf.cc:319:3
    #3 0x4bf7b3 in __sanitizer::CoverageData::DumpTrace() /usr/local/google/home/earthdok/san/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_coverage_libcdep.cc:611:5
    #4 0x4c0ac9 in DumpAll /usr/local/google/home/earthdok/san/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_coverage_libcdep.cc:803:3
    #5 0x4c0ac9 in __sanitizer_cov_dump /usr/local/google/home/earthdok/san/llvm/projects/compiler-rt/lib/sanitizer_common/sanitizer_coverage_libcdep.cc:883
    #6 0x7f999bd3c258 in __run_exit_handlers /build/buildd/eglibc-2.19/stdlib/exit.c:82
    #7 0x7f999bd3c2a4 in exit /build/buildd/eglibc-2.19/stdlib/exit.c:104
    #8 0x7f999bd21ecb in __libc_start_main /build/buildd/eglibc-2.19/csu/libc-start.c:321
    #9 0x4190b5 in _start (/usr/local/google/home/earthdok/tracing_example/a.out+0x4190b5)

Printing the values of |comp_unit_name| in CoverageData::InitializeGuards(), I 
get this:

==26256==>> 0x7f999d118950
==26256==>> 0x000000000000
==26256==>> 0x000000000010
==26256==>> 0x000000000020
==26256==>> 0x000000000030
==26256==>> 0x000000000040
==26256==>> 0x000000000050
==26256==>> 0x000000000060
==26256==>> 0x000000000070
==26256==>> 0x000000000080
==26256==>> 0x000000000090
==26256==>> 0x0000000000a0
==26256==>> 0x0000000000b0
==26256==>> 0x0000000000c0
==26256==>> 0x0000000000d0
==26256==>> 0x0000000000e0
==26256==>> 0x0000000000f0
==26256==>> 0x000000000100
==26256==>> 0x000000000110
==26256==>> 0x000000000120

Then in CoverageData::DumpTrace(), printing 
|comp_unit_name_vec[i].copied_module_name|:

==26256==0x7f999d118950
==26256==0x000000000000
==26256==0x000000000010
ASAN:SIGSEGV

So there are two problems: a) the pointers don't make sense in the first place, 
and b) "copied_module_name" isn't actually a copy.

Original issue reported on code.google.com by earth...@google.com on 5 May 2015 at 5:52

GoogleCodeExporter commented 9 years ago 
very strange. I can't reproduce this. 
(I've just edited the wiki so that one can copy-paste the entire command 
sequence)
Here is what I've done: 

mkdir tracing_example
cd tracing_example

cat << EOF > re2_hello_world.cc
#include "re2/re2.h"
#include <cassert>
int main(int argc, char **argv) {
  assert(argc == 3);
  return RE2::PartialMatch(/*text*/argv[1], /*re=*/argv[2]);
}
EOF

hg clone https://re2.googlecode.com/hg re2
ASAN="-fsanitize=address" 
TRACE="-fsanitize-coverage=3 -mllvm -sanitizer-coverage-experimental-tracing"
(cd re2 && CXX="clang++ $ASAN $TRACE" make -j)
clang++ -fsanitize=address  re2_hello_world.cc -Ire2 re2/obj/libre2.a
ASAN_OPTIONS=coverage=1:verbosity=1 ./a.out hello 'h.*o'

And here is what I get: 

==17097== CovDump: Trace: 13573 PCs written
==17097== CovDump: Trace: 16443 Events written
==17097== CovDump: ./a.out.17097.sancov: 1409 PCs written

Original comment by konstant...@gmail.com on 5 May 2015 at 7:14

GoogleCodeExporter commented 9 years ago 
I clobbered everything and ran your code and couldn't reproduce the issue 
either.

I think I had re2 built with an older version of clang. (I mean, I did build it 
with an old version initially, and was 99% sure I clobbered it afterwards, but 
apparently I didn't.)

Let's chalk it up as unreproducible.

Original comment by earth...@google.com on 5 May 2015 at 7:21

GoogleCodeExporter commented 9 years ago 
Adding Project:AddressSanitizer as part of GitHub migration.

Original comment by ramosian.glider@gmail.com on 30 Jul 2015 at 9:14