search

tarantool / tarantool-qa

QA related issues of Tarantool
3 stars 0 forks source link

Running unit/guard.test against ASAN build (Clang-16) fails #323

Closed ylobankov closed 1 year ago

ylobankov commented 1 year ago

Tarantool

Tarantool 3.0.0-alpha1-110-g3774e85d2
Target: Linux-x86_64-RelWithDebInfo
Build options: cmake . -DCMAKE_INSTALL_PREFIX=/usr/local -DENABLE_BACKTRACE=TRUE
Compiler: Clang-16.0.6
C_FLAGS: -fexceptions -funwind-tables -fasynchronous-unwind-tables -fno-common -msse2 -fsanitize=fuzzer-no-link -fsanitize=address -fsanitize-blacklist=/tarantool/asan/asan.supp  -fmacro-prefix-map=/tarantool=. -std=c11 -Wall -Wextra -fsanitize=alignment,bool,bounds,builtin,enum,float-cast-overflow,float-divide-by-zero,function,integer-divide-by-zero,return,shift,unreachable,vla-bound -fno-sanitize-recover=alignment,bool,bounds,builtin,enum,float-cast-overflow,float-divide-by-zero,function,integer-divide-by-zero,return,shift,unreachable,vla-bound -Wno-gnu-alignof-expression -Wno-cast-function-type -Werror
CXX_FLAGS: -fexceptions -funwind-tables -fasynchronous-unwind-tables -fno-common -msse2 -fsanitize=fuzzer-no-link -fsanitize=address -fsanitize-blacklist=/tarantool/asan/asan.supp  -fmacro-prefix-map=/tarantool=. -std=c++11 -Wall -Wextra -fsanitize=alignment,bool,bounds,builtin,enum,float-cast-overflow,float-divide-by-zero,function,integer-divide-by-zero,return,shift,unreachable,vla-bound -fno-sanitize-recover=alignment,bool,bounds,builtin,enum,float-cast-overflow,float-divide-by-zero,function,integer-divide-by-zero,return,shift,unreachable,vla-bound -Wno-invalid-offsetof -Wno-gnu-alignof-expression -Wno-cast-function-type -Werror

Steps to reproduce

docker run -it --rm tarantool/testing:ubuntu-jammy-clang16
git clone https://github.com/tarantool/tarantool.git
cd tarantool && git submodule update --recursive --init --jobs $(nproc)
CC=clang-16 CXX=clang++-16 TEST_RUN_EXTRA_PARAMS=unit/guard.test make -f .test.mk test-release-asan

Expected result: Test passed.

Actual result:

======================================================================================
WORKR TEST                                            PARAMS          RESULT
---------------------------------------------------------------------------------
[001] unit/guard.test                                                 [ fail ]
[001]
[001] Test failed! Result content mismatch:
[001] --- unit/guard.result Fri Aug 18 11:09:33 2023
[001] +++ /tmp/t/rejects/unit/guard.reject  Fri Aug 18 11:12:41 2023
[001] @@ -1 +1,60 @@
[001] -# signal handler called
[001] +=================================================================
[001] +==23981==ERROR: AddressSanitizer: heap-use-after-free on address 0x62d000007e30 at pc 0x5579918c86e3 bp 0x62d000007e10 sp 0x62d0000075e0
[001] +WRITE of size 24 at 0x62d000007e30 thread T0
[001] +    #0 0x5579918c86e2 in sigaltstack (/tarantool/test/unit/guard.test+0xf86e2) (BuildId: 60405a35ef8d251be54dfe71fa6c1bd1498153ba)
[001] +    #1 0x5579918f307f in __asan::PlatformUnpoisonStacks() (/tarantool/test/unit/guard.test+0x12307f) (BuildId: 60405a35ef8d251be54dfe71fa6c1bd1498153ba)
[001] +    #2 0x5579918f9180 in __asan_handle_no_return (/tarantool/test/unit/guard.test+0x129180) (BuildId: 60405a35ef8d251be54dfe71fa6c1bd1498153ba)
[001] +    #3 0x55799192c18d in sigsegf_handler(int) /tarantool/test/unit/guard.cc:11:2
[001] +    #4 0x7f4dff45b51f  (/lib/x86_64-linux-gnu/libc.so.6+0x4251f) (BuildId: 69389d485a9793dbe873f0ea2c93e02efaa9aa3d)
[001] +    #5 0x55799194434e in error_log /tarantool/src/lib/core/diag.h:251:5
[001] +    #6 0x55799194434e in fiber_loop /tarantool/src/lib/core/fiber.c:1041:6
[001] +    #7 0x5579919c9602 in coro_init /tarantool/third_party/coro/coro.c:108:3
[001] +
[001] +0x62d000007e30 is located 31280 bytes inside of 32768-byte region [0x62d000000400,0x62d000008400)
[001] +freed by thread T0 here:
[001] +    #0 0x5579918eeea6 in free (/tarantool/test/unit/guard.test+0x11eea6) (BuildId: 60405a35ef8d251be54dfe71fa6c1bd1498153ba)
[001] +    #1 0x55799192c7d0 in main_f(__va_list_tag*) /tarantool/test/unit/guard.cc:59:2
[001] +    #2 0x55799192c467 in fiber_cxx_invoke(int (*)(__va_list_tag*), __va_list_tag*) /tarantool/src/lib/core/fiber.h:1238:10
[001] +    #3 0x5579919441de in fiber_loop /tarantool/src/lib/core/fiber.c:1029:18
[001] +    #4 0x5579919c9602 in coro_init /tarantool/third_party/coro/coro.c:108:3
[001] +
[001] +previously allocated by thread T0 here:
[001] +    #0 0x5579918ef14e in malloc (/tarantool/test/unit/guard.test+0x11f14e) (BuildId: 60405a35ef8d251be54dfe71fa6c1bd1498153ba)
[001] +    #1 0x55799192c62d in main_f(__va_list_tag*) /tarantool/test/unit/guard.cc:43:16
[001] +    #2 0x55799192c467 in fiber_cxx_invoke(int (*)(__va_list_tag*), __va_list_tag*) /tarantool/src/lib/core/fiber.h:1238:10
[001] +    #3 0x5579919441de in fiber_loop /tarantool/src/lib/core/fiber.c:1029:18
[001] +    #4 0x5579919c9602 in coro_init /tarantool/third_party/coro/coro.c:108:3
[001] +
[001] +SUMMARY: AddressSanitizer: heap-use-after-free (/tarantool/test/unit/guard.test+0xf86e2) (BuildId: 60405a35ef8d251be54dfe71fa6c1bd1498153ba) in sigaltstack
[001] +Shadow bytes around the buggy address:
[001] +  0x62d000007b80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
[001] +  0x62d000007c00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
[001] +  0x62d000007c80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
[001] +  0x62d000007d00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
[001] +  0x62d000007d80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
[001] +=>0x62d000007e00: fd fd fd fd fd fd[fd]fd fd fd fd fd fd fd fd fd
[001] +  0x62d000007e80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
[001] +  0x62d000007f00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
[001] +  0x62d000007f80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
[001] +  0x62d000008000: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
[001] +  0x62d000008080: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
[001] +Shadow byte legend (one shadow byte represents 8 application bytes):
[001] +  Addressable:           00
[001] +  Partially addressable: 01 02 03 04 05 06 07
[001] +  Heap left redzone:       fa
[001] +  Freed heap region:       fd
[001] +  Stack left redzone:      f1
[001] +  Stack mid redzone:       f2
[001] +  Stack right redzone:     f3
[001] +  Stack after return:      f5
[001] +  Stack use after scope:   f8
[001] +  Global redzone:          f9
[001] +  Global init order:       f6
[001] +  Poisoned by user:        f7
[001] +  Container overflow:      fc
[001] +  Array cookie:            ac
[001] +  Intra object redzone:    bb
[001] +  ASan internal:           fe
[001] +  Left alloca redzone:     ca
[001] +  Right alloca redzone:    cb
[001] +==23981==ABORTING
Gumix commented 1 year ago

In debug build it fails with:

guard.test: src/lib/core/fiber.c:1034: void fiber_loop(void *): Assertion `e != NULL || fiber->flags & FIBER_IS_CANCELLED' failed.
(lldb) p e
(error *) $0 = NULL