search

emscripten-core / emscripten

Emscripten: An LLVM-to-WebAssembly Compiler
Other
25.87k stars 3.32k forks source link

Ubsan stack overflow (infinite recursion) #12132

Closed avaer closed 3 years ago

avaer commented 4 years ago

Looks like UBSan is getting infinite recursion in the dynamic cast check:

Uncaught RangeError: Maximum call stack size exceeded
    at imports.<computed> (geometry.js:7726)
    at __ubsan_handle_dynamic_type_cache_miss (bin/geometry.wasm:wasm-function[10632]:0xb042d6)
    at std::type_info::operator==(std::type_info const&) const (bin/geometry.wasm:wasm-function[1149]:0xd9932)
    at is_equal(std::type_info const*, std::type_info const*, bool) (bin/geometry.wasm:wasm-function[10493]:0xaf1ade)
    at __dynamic_cast (bin/geometry.wasm:wasm-function[10496]:0xaf1e5a)
    at __ubsan::checkDynamicType(void*, void*, unsigned long) (bin/geometry.wasm:wasm-function[10642]:0xb0548e)
    at HandleDynamicTypeCacheMiss(__ubsan::DynamicTypeCacheMissData*, unsigned long, unsigned long, __ubsan::ReportOptions) (bin/geometry.wasm:wasm-function[10633]:0xb0444a)
    at __ubsan_handle_dynamic_type_cache_miss (bin/geometry.wasm:wasm-function[10632]:0xb04309)
    at std::type_info::operator==(std::type_info const&) const (bin/geometry.wasm:wasm-function[1149]:0xd9932)
    at is_equal(std::type_info const*, std::type_info const*, bool) (bin/geometry.wasm:wasm-function[10493]:0xaf1ade)
    at __dynamic_cast (bin/geometry.wasm:wasm-function[10496]:0xaf1e5a)
    at __ubsan::checkDynamicType(void*, void*, unsigned long) (bin/geometry.wasm:wasm-function[10642]:0xb0548e)
    at HandleDynamicTypeCacheMiss(__ubsan::DynamicTypeCacheMissData*, unsigned long, unsigned long, __ubsan::ReportOptions) (bin/geometry.wasm:wasm-function[10633]:0xb0444a)
    at __ubsan_handle_dynamic_type_cache_miss (bin/geometry.wasm:wasm-function[10632]:0xb04309)
    at std::type_info::operator==(std::type_info const&) const (bin/geometry.wasm:wasm-function[1149]:0xd9932)
    at is_equal(std::type_info const*, std::type_info const*, bool) (bin/geometry.wasm:wasm-function[10493]:0xaf1ade)
    at __dynamic_cast (bin/geometry.wasm:wasm-function[10496]:0xaf1e5a)
    at __ubsan::checkDynamicType(void*, void*, unsigned long) (bin/geometry.wasm:wasm-function[10642]:0xb0548e)
    at HandleDynamicTypeCacheMiss(__ubsan::DynamicTypeCacheMissData*, unsigned long, unsigned long, __ubsan::ReportOptions) (bin/geometry.wasm:wasm-function[10633]:0xb0444a)
    at __ubsan_handle_dynamic_type_cache_miss (bin/geometry.wasm:wasm-function[10632]:0xb04309)
    at std::type_info::operator==(std::type_info const&) const (bin/geometry.wasm:wasm-function[1149]:0xd9932)
    at is_equal(std::type_info const*, std::type_info const*, bool) (bin/geometry.wasm:wasm-function[10493]:0xaf1ade)
    at __dynamic_cast (bin/geometry.wasm:wasm-function[10496]:0xaf1e5a)
    at __ubsan::checkDynamicType(void*, void*, unsigned long) (bin/geometry.wasm:wasm-function[10642]:0xb0548e)
    at HandleDynamicTypeCacheMiss(__ubsan::DynamicTypeCacheMissData*, unsigned long, unsigned long, __ubsan::ReportOptions) (bin/geometry.wasm:wasm-function[10633]:0xb0444a)
    at __ubsan_handle_dynamic_type_cache_miss (bin/geometry.wasm:wasm-function[10632]:0xb04309)

Build command:

emcc -s WASM=1 -s USE_PTHREADS=1 -s PTHREAD_POOL_SIZE=1 -s TOTAL_MEMORY=999948288 -s MODULARIZE=0 -O3 -g3 -s ASSERTIONS=1 -s STACK_OVERFLOW_CHECK=2 -fsanitize=undefined -s DETERMINISTIC=1 -s FORCE_FILESYSTEM=1 -s ASYNCIFY -s 'ASYNCIFY_IMPORTS=["do_fetch"]' -s ASAN_SHADOW_SIZE=134217728 \
  -IPhysX/physx/include -IPhysX/pxshared/include \
  -IPhysX/physx/source/foundation/include \
  -IPhysX/physx/source/pvd/include \
  -IPhysX/physx/source/simulationcontroller/include -IPhysX/physx/source/lowlevel/api/include \
  -IPhysX/physx/source/geomutils/include \
  -IPhysX/physx/source/scenequery/include \
  -IPhysX/physx/source/lowleveldynamics/include \
  -IPhysX/physx/source/lowlevel/software/include \
  -IPhysX/physx/source/lowlevelaabb/include \
  -IPhysX/physx/source/lowlevel/common/include/pipeline \
  -IPhysX/physx/source/lowlevel/common/include/utils \
  -IPhysX/physx/source/lowlevel/common/include/collision \
  -IPhysX/physx/source/geomutils/src -IPhysX/physx/source/geomutils/src/common -IPhysX/physx/source/geomutils/src/mesh -IPhysX/physx/source/geomutils/src/hf -IPhysX/physx/source/geomutils/src/convex -IPhysX/physx/source/geomutils/src/gjk \
  -IPhysX/physx/source/common/src \
  -IPhysX/physx/source/physx/src/buffering \
  -IPhysX/physx/source/physx/src \
  -IPhysX/physx/source/physxcooking/src/convex \
  -IPhysX/physx/source/physxcooking/src/mesh \
  -IPhysX/physx/source/physxextensions/src/serialization/File \
  -IPhysX/physx/source/physxcooking/src \
  -IPhysX/physx/source/simulationcontroller/src \
  -IPhysX/physx/source/geomutils/src/intersection \
  -IPhysX//physx/source/geomutils/src/ccd \
  -IPhysX/physx/source/geomutils/src/contact \
  -IPhysX/physx/source/geomutils/src/pcm \
  -IPhysX/physx/source/geomutils/src/distance \
  -IPhysX/physx/source/geomutils/src/sweep \
  -Iearcut \
  -IRectBinPack/include \
  -Iconcaveman \
  objectize.cc vector.cc subparcel.cc geometry.cc collide.cc \
  FastNoise.cpp noise.cc march.cc biomes.cc \
  draco.o physx.o concaveman.o \
  -DNDEBUG -DPX_SIMD_DISABLED -DPX_EMSCRIPTEN=1 -DPX_COOKING \
  -I. \
  -o bin/geometry.js
avaer commented 4 years ago

It seems it's during stdio initialization:

Error
    at _emscripten_return_address (geometry.js:5678)
    at __ubsan_handle_dynamic_type_cache_miss (bin/geometry.wasm:wasm-function[6368]:0x1780ba)
    at std::__2::__shared_count::__add_shared() (bin/geometry.wasm:wasm-function[1012]:0x3d56f)
    at std::__2::locale::__imp::install(std::__2::locale::facet*, long) (bin/geometry.wasm:wasm-function[5596]:0x167d3d)
    at void std::__2::locale::__imp::install<std::__2::collate<char> >(std::__2::collate<char>*) (bin/geometry.wasm:wasm-function[5532]:0x1677c9)
    at std::__2::locale::__imp::__imp(unsigned long) (bin/geometry.wasm:wasm-function[5527]:0x1675f3)
    at std::__2::locale::__imp& std::__2::(anonymous namespace)::make<std::__2::locale::__imp, unsigned int>(unsigned int) (bin/geometry.wasm:wasm-function[5646]:0x16843c)
    at std::__2::locale::__imp::make_classic() (bin/geometry.wasm:wasm-function[5626]:0x16814a)
    at std::__2::locale::classic() (bin/geometry.wasm:wasm-function[5624]:0x168117)
    at std::__2::locale::__imp::make_global() (bin/geometry.wasm:wasm-function[5647]:0x168448)
    at std::__2::locale::__global() (bin/geometry.wasm:wasm-function[5649]:0x168488)
    at std::__2::locale::locale() (bin/geometry.wasm:wasm-function[5650]:0x1684b1)
    at std::__2::basic_streambuf<char, std::__2::char_traits<char> >::basic_streambuf() (bin/geometry.wasm:wasm-function[4773]:0x1550de)
    at std::__2::__stdinbuf<char>::__stdinbuf(_IO_FILE*, __mbstate_t*) (bin/geometry.wasm:wasm-function[4931]:0x156b69)
    at std::__2::DoIOSInit::DoIOSInit() (bin/geometry.wasm:wasm-function[4930]:0x1569a8)
    at std::__2::ios_base::Init::Init() (bin/geometry.wasm:wasm-function[4929]:0x15697f)
    at __cxx_global_var_init (bin/geometry.wasm:wasm-function[4928]:0x156958)
    at _GLOBAL__I_000101 (bin/geometry.wasm:wasm-function[4991]:0x157c48)
    at __wasm_call_ctors (bin/geometry.wasm:wasm-function[54]:0x343d)
    at geometry.js:1991
    at func (geometry.js:2324)
    at callRuntimeCallbacks (geometry.js:1680)
    at initRuntime (geometry.js:1715)
    at doRun (geometry.js:7679)
    at run (geometry.js:7701)
    at runCaller (geometry.js:7648)
    at removeRunDependency (geometry.js:1907)
    at geometry.js:2222
    at Worker.worker.onmessage (geometry.js:2582)
sbc100 commented 4 years ago

Can you try to reproduce this with a smaller test case? It looks like any programs using iostreams should have the same behaviour.

Does it happen also when run on the main thread rather than a worker? How about if you remove USE_PTHREADS completely?

tlively commented 4 years ago

I've seen this issue a few times, but have never been able to get a reproducer. Any code you could share so I could take a look at this would be great.

stale[bot] commented 3 years ago

This issue has been automatically marked as stale because there has been no activity in the past year. It will be closed automatically if no further activity occurs in the next 30 days. Feel free to re-open at any time if this issue is still relevant.

tlively commented 3 years ago

This was fixed in #13367.