[cfe-users] Address Sanitizer SEGV

Alexey Samsonov samsonov at google.com
Wed Nov 27 05:26:22 PST 2013 

On Tue, Nov 26, 2013 at 11:43 AM, Alexey Samsonov <samsonov at google.com> wrote:
> Hi Pedro!
>
> Yes, this is most likely the problem in ASan (ASan stack unwinder uses
> pointers to stack top/bottom in a given thread, and these
> pointers are not yet initialized in your case). Can you make a
> standalone reproducer for this issue?

Correction: this shouldn't happen, as stack boundaries are initialized
with zeroes,
so FastUnwindStack should exit early.

> I'll take a look at the code to see if we can properly fix it, or at
> least add a workaround.
>
> (side note: once again we are hit by calling functions from libpthread
> in GetThreadStackTopAndBottom, sigh).
>
> On Tue, Nov 26, 2013 at 3:01 AM, pedro pinto <pedro.e.pinto at gmail.com> wrote:
>> Hi there,
>>
>> I just started running address sanitize AddressSanitizer and I received a
>> report that I am having trouble parsing:
>>
>> ASAN:SIGSEGV
>> =================================================================
>> ==23580==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc
>> 0x2b3f29713a90 sp 0x2b3f3b526450 bp 0x2b3f3b526ca0 T38)
>> AddressSanitizer can not provide additional info.
>>     #0 0x2b3f29713a8f in __sanitizer::StackTrace::FastUnwindStack(unsigned
>> long, unsigned long, unsigned long, unsigned long) ??:?
>>     #1 0x2b3f29704dac in free ??:?
>>     #2 0x2b3f3118f8ac in __pthread_attr_destroy
>> /build/buildd/eglibc-2.17/nptl/pthread_attr_destroy.c:41
>>     #3 0x2b3f29711917 in __sanitizer::GetThreadStackTopAndBottom(bool,
>> unsigned long*, unsigned long*) ??:?
>>     #4 0x2b3f29711d8d in __sanitizer::GetThreadStackAndTls(bool, unsigned
>> long*, unsigned long*, unsigned long*, unsigned long*) ??:?
>>     #5 0x2b3f2970b72d in __asan::AsanThread::Init() ??:?
>>     #6 0x2b3f2970b98f in __asan::AsanThread::ThreadStart(unsigned long) ??:?
>>     #7 0x2b3f3118df6d in start_thread
>> /build/buildd/eglibc-2.17/nptl/pthread_create.c:311
>>     #8 0x2b3f320c79cc in clone
>> /build/buildd/eglibc-2.17/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:113
>> Thread T38 created by T0 here:
>>     #0 0x2b3f296fa7eb in __interceptor_pthread_create ??:?
>>     #1 0x2b3f301edd67 in tbb::internal::tbb_thread_v3::internal_start(void*
>> (*)(void*), void*)
>> /home/ppinto/external/tbb/tbb41_20130314oss/build/linux_intel64_gcc_cc4.1.2_libc2.5_kernel3.2.0_debug/../../src/tbb/tbb_thread.cpp:130
>>
>> ....
>> ==23580==ABORTING
>>
>> Seems like the top of the stack was within Address Sanitizer itself, does
>> this indicate a bug in sanitizer or am I missing something here?
>>
>> Thanks in advance,
>> -pp
>>
>> $ clang --version
>> Ubuntu clang version 3.4-1ubuntu1 (trunk) (based on LLVM 3.4)
>> Target: x86_64-pc-linux-gnu
>> Thread model: posix
>>
>>
>>
>> _______________________________________________
>> cfe-users mailing list
>> cfe-users at cs.uiuc.edu
>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-users
>>
>
>
>
> --
> Alexey Samsonov, MSK



-- 
Alexey Samsonov, MSK

More information about the cfe-users mailing list