search

cmu-sei / pharos

Automated static analysis tools for binary programs
Other
1.57k stars 192 forks source link

APIAnalyzer use-after-free #233

Closed sei-eschwartz closed 2 years ago

sei-eschwartz commented 2 years ago

Added -DCMAKE_BUILD_TYPE=Debug -DCMAKE_CXX_FLAGS='-g -fsanitize=address' -DCMAKE_C_FLAGS='-g -fsanitize=address' to the cmake call in scripts/build.bash, does that cover everything important?

Already getting a bunch of heap-use-after-free failures during ctest that way, are you able to reproduce that?

[ RUN      ] ApiAnalyzerTest.TestGraphViz
=================================================================
==4663==ERROR: AddressSanitizer: heap-use-after-free on address 0x61e00000fd80 at pc 0x7f49d614ddf1 bp 0x7ffd28cc0390 sp 0x7ffd28cc0380
READ of size 8 at 0x61e00000fd80 thread T0
    #0 0x7f49d614ddf0 in pharos::ApiCfgComponent::ConsolidateReturns(std::set<SgAsmBlock*, std::less<SgAsmBlock*>, std::allocator<SgAsmBlock*> >&) /root/pharos/libpharos/apigraph.cpp:2500
    #1 0x7f49d613fedd in pharos::ApiCfgComponent::Initialize(pharos::FunctionDescriptor const&, std::set<unsigned long, std::less<unsigned long>, std::allocator<unsigned long> >&, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<unsigned long const, unsigned long> > >&) /root/pharos/libpharos/apigraph.cpp:1785
    #2 0x7f49d6152031 in pharos::ApiGraph::Build() /root/pharos/libpharos/apigraph.cpp:2715
    #3 0x55a3230a4031 in ApiAnalyzerTest::SetUp() (/root/pharos/scripts/build/tools/apianalyzer/apitests1+0xba031)
    #4 0x55a32313f60a in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /root/pharos/gtest/src/gtest.cc:2402
    #5 0x55a323130a74 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /root/pharos/gtest/src/gtest.cc:2438
    #6 0x55a3230e9946 in testing::Test::Run() /root/pharos/gtest/src/gtest.cc:2470
    #7 0x55a3230eae39 in testing::TestInfo::Run() /root/pharos/gtest/src/gtest.cc:2656
    #8 0x55a3230eba47 in testing::TestCase::Run() /root/pharos/gtest/src/gtest.cc:2774
    #9 0x55a3230fcfd8 in testing::internal::UnitTestImpl::RunAllTests() /root/pharos/gtest/src/gtest.cc:4649
    #10 0x55a323142951 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /root/pharos/gtest/src/gtest.cc:2402
    #11 0x55a323132f41 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /root/pharos/gtest/src/gtest.cc:2438
    #12 0x55a3230fa0c5 in testing::UnitTest::Run() /root/pharos/gtest/src/gtest.cc:4257
    #13 0x55a3230a3499 in RUN_ALL_TESTS() (/root/pharos/scripts/build/tools/apianalyzer/apitests1+0xb9499)
    #14 0x55a32308dc0a in main /root/pharos/tools/apianalyzer/apitests1.cpp:952
    #15 0x7f49ca6a3d8f  (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f)
    #16 0x7f49ca6a3e3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e3f)
    #17 0x55a32306e514 in _start (/root/pharos/scripts/build/tools/apianalyzer/apitests1+0x84514)

0x61e00000fd80 is located 256 bytes inside of 2560-byte region [0x61e00000fc80,0x61e000010680)
freed by thread T0 here:
    #0 0x7f49d7cef22f in operator delete(void*, unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cpp:172
    #1 0x7f49d61d12bb in __gnu_cxx::new_allocator<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS
, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex>::deallocate(boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidi
rectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex
*, unsigned long) (/root/pharos/scripts/build/libpharos/libpharos.so+0x336c2bb)
    #2 0x7f49d61c6fbd in std::allocator_traits<std::allocator<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>,
 boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex> >::deallocate(std::allocator<boost::detail::adj_list_gen<boost::adjacency_list<boost::s
etS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::
listS>::config::stored_vertex>&, boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, bo
ost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex*, unsigned long) (/root/pharos/scripts/build/libpharos/libpharos.so+0x3361fbd)
    #3 0x7f49d61ba86d in std::_Vector_base<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost
::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex, std::allocator<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirect
ionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex> >:
:_M_deallocate(boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectional
S, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex*, unsigned long) (/root/pharos/scripts/build/libpharos/libpharos.so+0x335586d)
    #4 0x7f49d61a5942 in std::_Vector_base<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex, std::allocator<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex> >::~_Vector_base() (/root/pharos/scripts/build/libpharos/libpharos.so+0x3340942)
    #5 0x7f49d618edcd in std::vector<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex, std::allocator<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex> >::~vector() (/root/pharos/scripts/build/libpharos/libpharos.so+0x3329dcd)
    #6 0x7f49d6179707 in boost::vec_adj_list_impl<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config, boost::bidirectional_graph_helper_with_property<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config> >::~vec_adj_list_impl() /usr/include/boost/graph/detail/adjacency_list.hpp:2090
    #7 0x7f49d618dff7 in boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::~adjacency_list() (/root/pharos/scripts/build/libpharos/libpharos.so+0x3328ff7)
    #8 0x7f49d6222c6d in void __gnu_cxx::new_allocator<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS> >::destroy<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS> >(boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>*) /usr/include/c++/11/ext/new_allocator.h:168
    #9 0x7f49d62220a8 in void std::allocator_traits<std::allocator<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS> > >::destroy<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS> >(std::allocator<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS> >&, boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>*) /usr/include/c++/11/bits/alloc_traits.h:535
    #10 0x7f49d621ffde in std::_Sp_counted_ptr_inplace<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, std::allocator<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS> >, (__gnu_cxx::_Lock_policy)2>::_M_dispose() /usr/include/c++/11/bits/shared_ptr_base.h:528
    #11 0x55a3230aebb7 in std::_Sp_counted_base<(__gnu_cxx::_Lock_policy)2>::_M_release() (/root/pharos/scripts/build/tools/apianalyzer/apitests1+0xc4bb7)
    #12 0x55a3230a69a5 in std::__shared_count<(__gnu_cxx::_Lock_policy)2>::~__shared_count() (/root/pharos/scripts/build/tools/apianalyzer/apitests1+0xbc9a5)
    #13 0x55a3230a2685 in std::__shared_ptr<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, (__gnu_cxx::_Lock_policy)2>::~__shared_ptr() (/root/pharos/scripts/build/tools/apianalyzer/apitests1+0xb8685)
    #14 0x7f49d617984d in std::enable_if<std::__sp_is_constructible<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS> >::value, void>::type std::__shared_ptr<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, (__gnu_cxx::_Lock_policy)2>::reset<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS> >(boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>*) /usr/include/c++/11/bits/shared_ptr_base.h:1280
    #15 0x7f49d6143cb6 in pharos::ApiCfgComponent::RemoveVertices(std::set<unsigned long, std::less<unsigned long>, std::allocator<unsigned long> > const&) /root/pharos/libpharos/apigraph.cpp:1967
    #16 0x7f49d61443f9 in pharos::ApiCfgComponent::KillVertices(std::set<unsigned long, std::less<unsigned long>, std::allocator<unsigned long> >&) /root/pharos/libpharos/apigraph.cpp:2001
    #17 0x7f49d614ddcc in pharos::ApiCfgComponent::ConsolidateReturns(std::set<SgAsmBlock*, std::less<SgAsmBlock*>, std::allocator<SgAsmBlock*> >&) /root/pharos/libpharos/apigraph.cpp:2498
    #18 0x7f49d613fedd in pharos::ApiCfgComponent::Initialize(pharos::FunctionDescriptor const&, std::set<unsigned long, std::less<unsigned long>, std::allocator<unsigned long> >&, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<unsigned long const, unsigned long> > >&) /root/pharos/libpharos/apigraph.cpp:1785
    #19 0x7f49d6152031 in pharos::ApiGraph::Build() /root/pharos/libpharos/apigraph.cpp:2715
    #20 0x55a3230a4031 in ApiAnalyzerTest::SetUp() (/root/pharos/scripts/build/tools/apianalyzer/apitests1+0xba031)
    #21 0x55a32313f60a in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /root/pharos/gtest/src/gtest.cc:2402
    #22 0x55a323130a74 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /root/pharos/gtest/src/gtest.cc:2438
    #23 0x55a3230e9946 in testing::Test::Run() /root/pharos/gtest/src/gtest.cc:2470
    #24 0x55a3230eae39 in testing::TestInfo::Run() /root/pharos/gtest/src/gtest.cc:2656
    #25 0x55a3230eba47 in testing::TestCase::Run() /root/pharos/gtest/src/gtest.cc:2774
    #26 0x55a3230fcfd8 in testing::internal::UnitTestImpl::RunAllTests() /root/pharos/gtest/src/gtest.cc:4649
    #27 0x55a323142951 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /root/pharos/gtest/src/gtest.cc:2402
    #28 0x55a323132f41 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /root/pharos/gtest/src/gtest.cc:2438
    #29 0x55a3230fa0c5 in testing::UnitTest::Run() /root/pharos/gtest/src/gtest.cc:4257

previously allocated by thread T0 here:
    #0 0x7f49d7cee1c7 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cpp:99
    #1 0x7f49d61d127d in __gnu_cxx::new_allocator<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex>::allocate(unsigned long, void const*) (/root/pharos/scripts/build/libpharos/libpharos.so+0x336c27d)
    #2 0x7f49d61c6f8c in std::allocator_traits<std::allocator<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex> >::allocate(std::allocator<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex>&, unsigned long) (/root/pharos/scripts/build/libpharos/libpharos.so+0x3361f8c)
    #3 0x7f49d61ba82d in std::_Vector_base<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex, std::allocator<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex> >::_M_allocate(unsigned long) (/root/pharos/scripts/build/libpharos/libpharos.so+0x335582d)
    #4 0x7f49d61a20ed in std::vector<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex, std::allocator<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex> >::_M_default_append(unsigned long) (/root/pharos/scripts/build/libpharos/libpharos.so+0x333d0ed)
    #5 0x7f49d618c24e in std::vector<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex, std::allocator<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::stored_vertex> >::resize(unsigned long) (/root/pharos/scripts/build/libpharos/libpharos.so+0x332724e)
    #6 0x7f49d617719a in boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config::vertex_descriptor boost::add_vertex<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config, boost::bidirectional_graph_helper_with_property<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config> >(boost::vec_adj_list_impl<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config, boost::bidirectional_graph_helper_with_property<boost::detail::adj_list_gen<boost::adjacency_list<boost::setS, boost::vecS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>, boost::vecS, boost::setS, boost::bidirectionalS, pharos::ApiVertexInfo, boost::no_property, boost::no_property, boost::listS>::config> >&) (/root/pharos/scripts/build/libpharos/libpharos.so+0x331219a)
    #7 0x7f49d613d66b in pharos::ApiCfgComponent::Initialize(pharos::FunctionDescriptor const&, std::set<unsigned long, std::less<unsigned long>, std::allocator<unsigned long> >&, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<unsigned long const, unsigned long> > >&) /root/pharos/libpharos/apigraph.cpp:1657
    #8 0x7f49d6152031 in pharos::ApiGraph::Build() /root/pharos/libpharos/apigraph.cpp:2715
    #9 0x55a3230a4031 in ApiAnalyzerTest::SetUp() (/root/pharos/scripts/build/tools/apianalyzer/apitests1+0xba031)
    #10 0x55a32313f60a in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /root/pharos/gtest/src/gtest.cc:2402
    #11 0x55a323130a74 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /root/pharos/gtest/src/gtest.cc:2438
    #12 0x55a3230e9946 in testing::Test::Run() /root/pharos/gtest/src/gtest.cc:2470
    #13 0x55a3230eae39 in testing::TestInfo::Run() /root/pharos/gtest/src/gtest.cc:2656
    #14 0x55a3230eba47 in testing::TestCase::Run() /root/pharos/gtest/src/gtest.cc:2774
    #15 0x55a3230fcfd8 in testing::internal::UnitTestImpl::RunAllTests() /root/pharos/gtest/src/gtest.cc:4649
    #16 0x55a323142951 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /root/pharos/gtest/src/gtest.cc:2402
    #17 0x55a323132f41 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /root/pharos/gtest/src/gtest.cc:2438
    #18 0x55a3230fa0c5 in testing::UnitTest::Run() /root/pharos/gtest/src/gtest.cc:4257
    #19 0x55a3230a3499 in RUN_ALL_TESTS() (/root/pharos/scripts/build/tools/apianalyzer/apitests1+0xb9499)
    #20 0x55a32308dc0a in main /root/pharos/tools/apianalyzer/apitests1.cpp:952
    #21 0x7f49ca6a3d8f  (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f)

(Tested on your branch f7af90de754, with patch from above still applied)

ooanalyzer run still going, might take a while. Never used rr before, but if this doesn't yield anything I can take a stab at it.

Originally posted by @srett in https://github.com/cmu-sei/pharos/issues/231#issuecomment-1181756610

sei-mwd commented 2 years ago

These appear to be fixed with commit 8f3e2294539c12c76052b69fc85e2e34bda9dd93, but memory problems can be insidious, so feel free to reopen.