search

mavlink / MAVSDK

API and library for MAVLink compatible systems written in C++17
https://mavsdk.mavlink.io
BSD 3-Clause "New" or "Revised" License
618 stars 505 forks source link

CI SITL address sanitizer failure case #1737

Closed julianoes closed 1 year ago

julianoes commented 2 years ago

This came up in CI: https://github.com/mavlink/MAVSDK/runs/6015323023?check_suite_focus=true

[ RUN      ] SitlTest.PX4ActionTakeoffAndKill
SITL model: iris
/__w/MAVSDK/MAVSDK /__w/MAVSDK/MAVSDK
/__w/MAVSDK/MAVSDK
waiting for SITL to be running
SITL ARGS
sitl_bin: /home/user/Firmware/build/px4_sitl_default/bin/px4
debugger: none
program: gazebo
model: iris
world: empty
src_path: /home/user/Firmware
build_path: /home/user/Firmware/build/px4_sitl_default
GAZEBO_PLUGIN_PATH :/home/user/Firmware/build/px4_sitl_default/build_gazebo
GAZEBO_MODEL_PATH :/home/user/Firmware/Tools/sitl_gazebo/models
LD_LIBRARY_PATH :/home/user/Firmware/build/px4_sitl_default/build_gazebo
Home directory not accessible: Permission denied
ALSA lib confmisc.c:767:(parse_card) cannot find card '0'
ALSA lib conf.c:4732:(_snd_config_evaluate) function snd_func_card_driver returned error: No such file or directory
ALSA lib confmisc.c:392:(snd_func_concat) error evaluating strings
ALSA lib conf.c:4732:(_snd_config_evaluate) function snd_func_concat returned error: No such file or directory
ALSA lib confmisc.c:1246:(snd_func_refer) error evaluating name
ALSA lib conf.c:4732:(_snd_config_evaluate) function snd_func_refer returned error: No such file or directory
ALSA lib conf.c:5220:(snd_config_expand) Evaluate error: No such file or directory
ALSA lib pcm.c:2642:(snd_pcm_open_noupdate) Unknown PCM default
AL lib: (EE) ALCplaybackAlsa_open: Could not open playback device 'default': No such file or directory
not running gazebo gui
SITL COMMAND: "/home/user/Firmware/build/px4_sitl_default/bin/px4" -d "/home/user/Firmware"/ROMFS/px4fmu_common -s etc/init.d-posix/rcS -t "/home/user/Firmware"/test_data
INFO  [px4] Creating symlink /home/user/Firmware/ROMFS/px4fmu_common -> /home/user/Firmware/build/px4_sitl_default/tmp/rootfs/etc

______  __   __    ___ 
| ___ \ \ \ / /   /   |
| |_/ /  \ V /   / /| |
|  __/   /   \  / /_| |
| |     / /^\ \ \___  |
\_|     \/   \/     |_/

px4 starting.

INFO  [px4] Calling startup script: /bin/sh etc/init.d-posix/rcS 0
INFO  [param] selected parameter default file eeprom/parameters_10016
[param] Loaded: eeprom/parameters_10016
COM_DL_LOSS_T set to 100
COM_RC_LOSS_T set to 5.0
COM_OF_LOSS_T set to 5.0
INFO  [dataman] Unknown restart, data manager file './dataman' size is 11798680 bytes
INFO  [simulator] Waiting for simulator to accept connection on TCP port 4560
INFO  [simulator] Simulator connected on TCP port 4560.
INFO  [commander] LED: open /dev/led0 failed (22)
INFO  [init] Mixer: etc/mixers/quad_w.main.mix on /dev/pwm_output0
INFO  [mavlink] mode: Normal, data rate: 4000000 B/s on udp port 18570 remote port 14550
INFO  [mavlink] mode: Onboard, data rate: 4000000 B/s on udp port 14580 remote port 14540
INFO  [mavlink] mode: Onboard, data rate: 4000 B/s on udp port 14280 remote port 14030
INFO  [logger] logger started (mode=all)
INFO  [logger] Start file log (type: full)
INFO  [logger] [logger] ./log/2022-04-13/22_01_12.ulg
INFO  [logger] Opened full log file: ./log/2022-04-13/22_01_12.ulg
INFO  [mavlink] MAVLink only on localhost (set param MAV_BROADCAST = 1 to enable network)
INFO  [px4] Startup script returned successfully
INFO  [ecl/EKF] 1104000: GPS checks passed
INFO  [ecl/EKF] 3016000: EKF aligned, (baro hgt, IMU buf: 18, OBS buf: 14)
INFO  [ecl/EKF] 3016000: reset position to last known position
INFO  [ecl/EKF] 3016000: reset velocity to zero
INFO  [ecl/EKF] 5604000: reset position to GPS
INFO  [ecl/EKF] 5604000: reset velocity to GPS
INFO  [ecl/EKF] 5604000: starting GPS fusion
done
INFO  [mavlink] partner IP: 127.0.0.1
=================================================================
==8610==ERROR: AddressSanitizer: stack-use-after-scope on address 0x7fff76e5e270 at pc 0x564e15f0f17f bp 0x7f718b3fd890 sp 0x7f718b3fd880
READ of size 8 at 0x7fff76e5e270 thread T18
INFO  [commander] Armed by external command
    #0 0x564e15f0f17e in std::__shared_ptr<std::__future_base::_State_baseV2, (__gnu_cxx::_Lock_policy)2>::get() const /usr/include/c++/9/bits/shared_ptr_base.h:1310
    #1 0x564e15f0cf93 in std::__shared_ptr_access<std::__future_base::_State_baseV2, (__gnu_cxx::_Lock_policy)2, false, false>::_M_get() const /usr/include/c++/9/bits/shared_ptr_base.h:1021
    #2 0x564e15f0a4e1 in std::__shared_ptr_access<std::__future_base::_State_baseV2, (__gnu_cxx::_Lock_policy)2, false, false>::operator->() const /usr/include/c++/9/bits/shared_ptr_base.h:1015
    #3 0x564e15f07443 in std::promise<void>::set_value() /usr/include/c++/9/future:1313
    #4 0x564e15f22adf in operator() /__w/MAVSDK/MAVSDK/src/integration_tests/action_takeoff_and_kill.cpp:42
    #5 0x564e15f27c11 in _M_invoke /usr/include/c++/9/bits/std_function.h:300
    #6 0x7f7190744995 in std::function<void (bool)>::operator()(bool) const /usr/include/c++/9/bits/std_function.h:688
    #7 0x7f7190b25803 in operator() /__w/MAVSDK/MAVSDK/src/mavsdk/plugins/telemetry/telemetry_impl.cpp:1147
    #8 0x7f7190b56738 in _M_invoke /usr/include/c++/9/bits/std_function.h:300
    #9 0x7f7190712fcd in std::function<void ()>::operator()() const /usr/include/c++/9/bits/std_function.h:688
    #10 0x7f719076cacb in mavsdk::MavsdkImpl::process_user_callbacks_thread() /__w/MAVSDK/MAVSDK/src/mavsdk/core/mavsdk_impl.cpp:599
    #11 0x7f7190784f6a in void std::__invoke_impl<void, void (mavsdk::MavsdkImpl::*)(), mavsdk::MavsdkImpl*>(std::__invoke_memfun_deref, void (mavsdk::MavsdkImpl::*&&)(), mavsdk::MavsdkImpl*&&) /usr/include/c++/9/bits/invoke.h:73
    #12 0x7f7190784da5 in std::__invoke_result<void (mavsdk::MavsdkImpl::*)(), mavsdk::MavsdkImpl*>::type std::__invoke<void (mavsdk::MavsdkImpl::*)(), mavsdk::MavsdkImpl*>(void (mavsdk::MavsdkImpl::*&&)(), mavsdk::MavsdkImpl*&&) /usr/include/c++/9/bits/invoke.h:95
    #13 0x7f7190784d04 in void std::thread::_Invoker<std::tuple<void (mavsdk::MavsdkImpl::*)(), mavsdk::MavsdkImpl*> >::_M_invoke<0ul, 1ul>(std::_Index_tuple<0ul, 1ul>) /usr/include/c++/9/thread:244
    #14 0x7f7190784b0b in std::thread::_Invoker<std::tuple<void (mavsdk::MavsdkImpl::*)(), mavsdk::MavsdkImpl*> >::operator()() /usr/include/c++/9/thread:251
    #15 0x7f71907849cb in std::thread::_State_impl<std::thread::_Invoker<std::tuple<void (mavsdk::MavsdkImpl::*)(), mavsdk::MavsdkImpl*> > >::_M_run() /usr/include/c++/9/thread:195
    #16 0x7f718ffb6d83  (/lib/x86_64-linux-gnu/libstdc++.so.6+0xd6d83)
    #17 0x7f71900cc608 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x9608)
    #18 0x7f718fcc1292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)

Address 0x7fff76e5e270 is located in stack of thread T0 at offset 2064 in frame
    #0 0x564e15f23715 in SitlTest_PX4ActionTakeoffAndKill_Test::TestBody() /__w/MAVSDK/MAVSDK/src/integration_tests/action_takeoff_and_kill.cpp:10

  This frame has 94 object(s):
    [48, 49) '<unknown>'
    [64, 65) '<unknown>'
    [80, 81) '<unknown>'
    [96, 97) '<unknown>'
    [112, 116) '<unknown>'
    [128, 132) '<unknown>'
    [144, 148) '<unknown>'
    [160, 164) '<unknown>'
    [176, 180) '<unknown>'
    [192, 196) '<unknown>'
    [208, 212) '<unknown>'
    [224, 228) '<unknown>'
    [240, 244) '<unknown>'
    [256, 260) '<unknown>'
    [272, 276) '<unknown>'
    [288, 292) '<unknown>'
    [304, 308) '<unknown>'
    [320, 324) '<unknown>'
    [336, 340) '<unknown>'
    [352, 356) '<unknown>'
    [368, 372) '<unknown>'
    [384, 388) '<unknown>'
    [400, 404) '<unknown>'
    [416, 420) '<unknown>'
    [432, 440) '<unknown>'
    [464, 472) '<unknown>'
    [496, 504) '<unknown>'
    [528, 536) '<unknown>'
    [560, 568) '<unknown>'
    [592, 600) '<unknown>'
    [624, 632) '<unknown>'
    [656, 664) '<unknown>'
    [688, 696) '<unknown>'
    [720, 728) '<unknown>'
    [752, 760) '<unknown>'
    [784, 792) '<unknown>'
    [816, 824) '<unknown>'
    [848, 856) '<unknown>'
    [880, 888) '<unknown>'
    [912, 920) '<unknown>'
    [944, 952) '<unknown>'
    [976, 984) '<unknown>'
    [1008, 1016) '<unknown>'
    [1040, 1048) '<unknown>'
    [1072, 1080) '<unknown>'
    [1104, 1112) '<unknown>'
    [1136, 1144) '<unknown>'
    [1168, 1176) '<unknown>'
    [1200, 1208) '<unknown>'
    [1232, 1240) '<unknown>'
    [1264, 1272) '<unknown>'
    [1296, 1304) '<unknown>'
    [1328, 1344) 'mavsdk' (line 11)
    [1360, 1376) 'gtest_ar' (line 12)
    [1392, 1408) 'fut' (line 17)
    [1424, 1440) 'gtest_ar' (line 26)
    [1456, 1472) 'system' (line 29)
    [1488, 1504) 'gtest_ar_' (line 30)
    [1520, 1536) 'telemetry' (line 31)
    [1552, 1568) 'action' (line 32)
    [1584, 1600) 'fut' (line 37)
    [1616, 1632) 'gtest_ar' (line 45)
    [1648, 1664) 'fut' (line 56)
    [1680, 1696) 'gtest_ar' (line 61)
    [1712, 1728) 'fut' (line 67)
    [1744, 1760) 'gtest_ar' (line 72)
    [1776, 1792) 'gtest_ar_' (line 75)
    [1808, 1824) 'fut' (line 83)
    [1840, 1856) 'gtest_ar' (line 88)
    [1872, 1888) 'gtest_ar_' (line 91)
    [1904, 1920) 'gtest_ar_' (line 95)
    [1936, 1960) 'prom' (line 16)
    [2000, 2024) '<unknown>'
    [2064, 2088) 'prom' (line 36) <== Memory access at offset 2064 is inside this variable
    [2128, 2152) 'prom' (line 55)
    [2192, 2216) 'prom' (line 66)
    [2256, 2280) 'prom' (line 82)
    [2320, 2352) '<unknown>'
    [2384, 2416) '<unknown>'
    [2448, 2480) '<unknown>'
    [2512, 2544) '<unknown>'
    [2576, 2608) '<unknown>'
    [2640, 2672) '<unknown>'
    [2704, 2736) '<unknown>'
    [2768, 2800) '<unknown>'
    [2832, 2864) '<unknown>'
    [2896, 2928) '<unknown>'
    [2960, 2992) '<unknown>'
    [3024, 3056) '<unknown>'
    [3088, 3512) '<unknown>'
    [3584, 4008) '<unknown>'
    [4080, 4504) '<unknown>'
    [4576, 5000) '<unknown>'
    [5072, 5496) '<unknown>'
HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork
      (longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-use-after-scope /usr/include/c++/9/bits/shared_ptr_base.h:1310 in std::__shared_ptr<std::__future_base::_State_baseV2, (__gnu_cxx::_Lock_policy)2>::get() const
Shadow bytes around the buggy address:
  0x10006edc3bf0: f2 f2 00 00 f2 f2 f8 f8 f2 f2 f8 f8 f2 f2 f8 f8
  0x10006edc3c00: f2 f2 00 00 f2 f2 f8 f8 f2 f2 00 00 f2 f2 00 00
  0x10006edc3c10: f2 f2 f8 f8 f2 f2 f8 f8 f2 f2 00 00 f2 f2 00 00
  0x10006edc3c20: f2 f2 00 00 f2 f2 00 00 f2 f2 00 00 f2 f2 00 00
  0x10006edc3c30: f2 f2 00 00 f2 f2 00 00 f2 f2 00 00 f2 f2 f8 f8
=>0x10006edc3c40: f8 f2 f2 f2 f2 f2 f8 f8 f8 f2 f2 f2 f2 f2[f8]f8
  0x10006edc3c50: f8 f2 f2 f2 f2 f2 00 00 00 f2 f2 f2 f2 f2 00 00
  0x10006edc3c60: 00 f2 f2 f2 f2 f2 00 00 00 f2 f2 f2 f2 f2 f8 f8
  0x10006edc3c70: f8 f8 f2 f2 f2 f2 00 00 00 00 f2 f2 f2 f2 f8 f8
  0x10006edc3c80: f8 f8 f2 f2 f2 f2 f8 f8 f8 f8 f2 f2 f2 f2 00 00
  0x10006edc3c90: 00 00 f2 f2 f2 f2 00 00 00 00 f2 f2 f2 f2 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
  Shadow gap:              cc
Thread T18 created by T0 here:
    #0 0x7f7190f14805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
    #1 0x7f718ffb7048 in std::thread::_M_start_thread(std::unique_ptr<std::thread::_State, std::default_delete<std::thread::_State> >, void (*)()) (/lib/x86_64-linux-gnu/libstdc++.so.6+0xd7048)
    #2 0x7f7190765db4 in mavsdk::MavsdkImpl::MavsdkImpl() /__w/MAVSDK/MAVSDK/src/mavsdk/core/mavsdk_impl.cpp:47
    #3 0x7f7190760f42 in void __gnu_cxx::new_allocator<mavsdk::MavsdkImpl>::construct<mavsdk::MavsdkImpl>(mavsdk::MavsdkImpl*) /usr/include/c++/9/ext/new_allocator.h:147
    #4 0x7f7190760e42 in void std::allocator_traits<std::allocator<mavsdk::MavsdkImpl> >::construct<mavsdk::MavsdkImpl>(std::allocator<mavsdk::MavsdkImpl>&, mavsdk::MavsdkImpl*) /usr/include/c++/9/bits/alloc_traits.h:484
    #5 0x7f7190760c05 in std::_Sp_counted_ptr_inplace<mavsdk::MavsdkImpl, std::allocator<mavsdk::MavsdkImpl>, (__gnu_cxx::_Lock_policy)2>::_Sp_counted_ptr_inplace<>(std::allocator<mavsdk::MavsdkImpl>) /usr/include/c++/9/bits/shared_ptr_base.h:548
    #6 0x7f71907607a2 in std::__shared_count<(__gnu_cxx::_Lock_policy)2>::__shared_count<mavsdk::MavsdkImpl, std::allocator<mavsdk::MavsdkImpl>>(mavsdk::MavsdkImpl*&, std::_Sp_alloc_shared_tag<std::allocator<mavsdk::MavsdkImpl> >) /usr/include/c++/9/bits/shared_ptr_base.h:679
    #7 0x7f7190760379 in std::__shared_ptr<mavsdk::MavsdkImpl, (__gnu_cxx::_Lock_policy)2>::__shared_ptr<std::allocator<mavsdk::MavsdkImpl>>(std::_Sp_alloc_shared_tag<std::allocator<mavsdk::MavsdkImpl> >) /usr/include/c++/9/bits/shared_ptr_base.h:1344
    #8 0x7f71907600e2 in std::shared_ptr<mavsdk::MavsdkImpl>::shared_ptr<std::allocator<mavsdk::MavsdkImpl>>(std::_Sp_alloc_shared_tag<std::allocator<mavsdk::MavsdkImpl> >) /usr/include/c++/9/bits/shared_ptr.h:359
    #9 0x7f719075fe99 in std::shared_ptr<mavsdk::MavsdkImpl> std::allocate_shared<mavsdk::MavsdkImpl, std::allocator<mavsdk::MavsdkImpl>>(std::allocator<mavsdk::MavsdkImpl> const&) (/__w/MAVSDK/MAVSDK/build/debug/src/mavsdk/libmavsdk.so.5e4ce149+0x45de99)
    #10 0x7f719075fba7 in std::shared_ptr<mavsdk::MavsdkImpl> std::make_shared<mavsdk::MavsdkImpl>() /usr/include/c++/9/bits/shared_ptr.h:718
    #11 0x7f719075ea2d in mavsdk::Mavsdk::Mavsdk() /__w/MAVSDK/MAVSDK/src/mavsdk/core/mavsdk.cpp:9
    #12 0x564e15f23e36 in SitlTest_PX4ActionTakeoffAndKill_Test::TestBody() /__w/MAVSDK/MAVSDK/src/integration_tests/action_takeoff_and_kill.cpp:11
    #13 0x7f719020dcac in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /__w/MAVSDK/MAVSDK/src/third_party/gtest/googletest/src/gtest.cc:2589
    #14 0x7f71901fb81b in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /__w/MAVSDK/MAVSDK/src/third_party/gtest/googletest/src/gtest.cc:2625
    #15 0x7f719019ae9d in testing::Test::Run() /__w/MAVSDK/MAVSDK/src/third_party/gtest/googletest/src/gtest.cc:2664
    #16 0x7f719019c380 in testing::TestInfo::Run() /__w/MAVSDK/MAVSDK/src/third_party/gtest/googletest/src/gtest.cc:2842
    #17 0x7f719019d447 in testing::TestSuite::Run() /__w/MAVSDK/MAVSDK/src/third_party/gtest/googletest/src/gtest.cc:2996
    #18 0x7f71901bbf76 in testing::internal::UnitTestImpl::RunAllTests() /__w/MAVSDK/MAVSDK/src/third_party/gtest/googletest/src/gtest.cc:5708
    #19 0x7f7190210bc0 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /__w/MAVSDK/MAVSDK/src/third_party/gtest/googletest/src/gtest.cc:2589
    #20 0x7f71901fe45a in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /__w/MAVSDK/MAVSDK/src/third_party/gtest/googletest/src/gtest.cc:2625
    #21 0x7f71901b890b in testing::UnitTest::Run() /__w/MAVSDK/MAVSDK/src/third_party/gtest/googletest/src/gtest.cc:5291
    #22 0x564e15efda51 in RUN_ALL_TESTS() /__w/MAVSDK/MAVSDK/src/third_party/gtest/googletest/include/gtest/gtest.h:2471
    #23 0x564e15efd92e in main /__w/MAVSDK/MAVSDK/src/mavsdk/core/unittests_main.cpp:10
    #24 0x7f718fbc60b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

==8610==ABORTING
INFO  [commander] Disarmed by auto preflight disarming
INFO  [logger] closed logfile, bytes written: 4970348
julianoes commented 1 year ago

I'm pretty sure this should be resolved with the changes that came with the new handles used in v2.