[cfe-users] Address Sanitizer SEGV

Alexey Samsonov samsonov at google.com
Wed Nov 27 05:34:32 PST 2013 

On Wed, Nov 27, 2013 at 5:26 PM, Alexey Samsonov <samsonov at google.com> wrote:
> On Tue, Nov 26, 2013 at 11:43 AM, Alexey Samsonov <samsonov at google.com> wrote:
>> Hi Pedro!
>>
>> Yes, this is most likely the problem in ASan (ASan stack unwinder uses
>> pointers to stack top/bottom in a given thread, and these
>> pointers are not yet initialized in your case). Can you make a
>> standalone reproducer for this issue?
>
> Correction: this shouldn't happen, as stack boundaries are initialized
> with zeroes,
> so FastUnwindStack should exit early.

FTR: this check was added in r184190

>
>> I'll take a look at the code to see if we can properly fix it, or at
>> least add a workaround.
>>
>> (side note: once again we are hit by calling functions from libpthread
>> in GetThreadStackTopAndBottom, sigh).
>>
>> On Tue, Nov 26, 2013 at 3:01 AM, pedro pinto <pedro.e.pinto at gmail.com> wrote:
>>> Hi there,
>>>
>>> I just started running address sanitize AddressSanitizer and I received a
>>> report that I am having trouble parsing:
>>>
>>> ASAN:SIGSEGV
>>> =================================================================
>>> ==23580==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc
>>> 0x2b3f29713a90 sp 0x2b3f3b526450 bp 0x2b3f3b526ca0 T38)
>>> AddressSanitizer can not provide additional info.
>>>     #0 0x2b3f29713a8f in __sanitizer::StackTrace::FastUnwindStack(unsigned
>>> long, unsigned long, unsigned long, unsigned long) ??:?
>>>     #1 0x2b3f29704dac in free ??:?
>>>     #2 0x2b3f3118f8ac in __pthread_attr_destroy
>>> /build/buildd/eglibc-2.17/nptl/pthread_attr_destroy.c:41
>>>     #3 0x2b3f29711917 in __sanitizer::GetThreadStackTopAndBottom(bool,
>>> unsigned long*, unsigned long*) ??:?
>>>     #4 0x2b3f29711d8d in __sanitizer::GetThreadStackAndTls(bool, unsigned
>>> long*, unsigned long*, unsigned long*, unsigned long*) ??:?
>>>     #5 0x2b3f2970b72d in __asan::AsanThread::Init() ??:?
>>>     #6 0x2b3f2970b98f in __asan::AsanThread::ThreadStart(unsigned long) ??:?
>>>     #7 0x2b3f3118df6d in start_thread
>>> /build/buildd/eglibc-2.17/nptl/pthread_create.c:311
>>>     #8 0x2b3f320c79cc in clone
>>> /build/buildd/eglibc-2.17/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:113
>>> Thread T38 created by T0 here:
>>>     #0 0x2b3f296fa7eb in __interceptor_pthread_create ??:?
>>>     #1 0x2b3f301edd67 in tbb::internal::tbb_thread_v3::internal_start(void*
>>> (*)(void*), void*)
>>> /home/ppinto/external/tbb/tbb41_20130314oss/build/linux_intel64_gcc_cc4.1.2_libc2.5_kernel3.2.0_debug/../../src/tbb/tbb_thread.cpp:130
>>>
>>> ....
>>> ==23580==ABORTING
>>>
>>> Seems like the top of the stack was within Address Sanitizer itself, does
>>> this indicate a bug in sanitizer or am I missing something here?
>>>
>>> Thanks in advance,
>>> -pp
>>>
>>> $ clang --version
>>> Ubuntu clang version 3.4-1ubuntu1 (trunk) (based on LLVM 3.4)
>>> Target: x86_64-pc-linux-gnu
>>> Thread model: posix
>>>
>>>
>>>
>>> _______________________________________________
>>> cfe-users mailing list
>>> cfe-users at cs.uiuc.edu
>>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-users
>>>
>>
>>
>>
>> --
>> Alexey Samsonov, MSK
>
>
>
> --
> Alexey Samsonov, MSK



-- 
Alexey Samsonov, MSK

More information about the cfe-users mailing list