Re: Asan help request

On Wed, 24 Jul 2013, Father Chrysostomos wrote:

> Could somebody with asan installed help me figure out which
> commit on the smoke-me/padconst branch is causing asan to
> get upset? I don't understand the output in the log at
> <http://m-l.org/~perl/smoke/perl/linux/smoke-me_clang_sanitize=address/Father Chrysostomos/log9f8bc17bee719380806fbe448f675e416a5d9b57.log.gz>.

Mental note to self: remember to run Configure with -DDEBUGGING or the 
LLVM symbolizer won't work because it lacks debugging symbols.

The CGI uploadInfo and upload are because CGI rejects TMPDIR when it 
contains an = sign.  My smoke scripts set TMPDIR=$HOME/tmp/$SMOKEWHAT, 
which in the case of addresssanitizer means 
"smoke-me_clang_sanitize=address" or "blead_clang_sanitize=address". I did 
that because the perl tests are very sloppy about cleaning up the 
temporary directory and it grew very large over time.  This way each 
smoker has a private temporary directory that can be wiped after each run. 
Unfortunately CGI turns out not to like the equal sign.

The re/pat_rt_report.t failure symbolizes to:

==4709==ERROR: AddressSanitizer: heap-use-after-free on address 0x60400009ad24 at pc 0x7def00 bp 0x7fffd63a7b00 sp 0x7fffd63a7af8
WRITE of size 4 at 0x60400009ad24 thread T0
     #0 0x7deeff in S_cleanup_regmatch_info_aux regexec.c:7625
     #1 0x7181a2 in Perl_leave_scope scope.c:1097
     #2 0x7c757f in Perl_regexec_flags regexec.c:2804
     #3 0x65401c in Perl_pp_match pp_hot.c:1452
     #4 0x5dd710 in Perl_runops_debug dump.c:2240
     #5 0x498a4f in S_run_body perl.c:2496
     #6 0x49837c in perl_run perl.c:2412
     #7 0x443709 in main perlmain.c:114
     #8 0x7f6ad45a3ea4 in __libc_start_main /build/buildd/eglibc-2.17/csu/libc-start.c:260
     #9 0x44343c in _start ??:?
0x60400009ad24 is located 20 bytes inside of 40-byte region [0x60400009ad10,0x60400009ad38)
freed by thread T0 here:
     #0 0x435b32 in free ??:?
     #1 0x5f72de in Perl_mg_free mg.c:561
     #2 0x6a73ae in Perl_sv_free2 sv.c:6625
previously allocated by thread T0 here:
     #0 0x435c93 in calloc ??:?
     #1 0x5deded in Perl_safesyscalloc util.c:330

Looks like it is trying to write to magic that has already been reaped as 
unused by leaving the scope.

-- 
George Greer

• Asan help request by Father Chrysostomos
• Re: Asan help request by George Greer
• Re: Asan help request by Father Chrysostomos
• Re: Asan help request by Nicholas Clark
• Using braces on 'if'; Was: Re: Asan help request by Karl Williamson
• Re: Using braces on 'if'; Was: Re: Asan help request by Dave Mitchell
• Re: Using braces on 'if'; Was: Re: Asan help request by Steffen Mueller
• Re: Using braces on 'if'; Was: Re: Asan help request by Father Chrysostomos
• Re: Using braces on 'if'; Was: Re: Asan help request by Ricardo Signes
• Re: Using braces on 'if'; Was: Re: Asan help request by H.Merijn Brand
• Re: Using braces on 'if'; Was: Re: Asan help request by demerphq
• Re: Using braces on 'if'; Was: Re: Asan help request by H.Merijn Brand
• Re: Using braces on 'if'; Was: Re: Asan help request by Uri Guttman
• Re: Using braces on 'if'; Was: Re: Asan help request by H.Merijn Brand
• Re: Using braces on 'if'; Was: Re: Asan help request by demerphq
• Re: Asan help request by Father Chrysostomos
• Re: Asan help request by Nicholas Clark
• Re: Asan help request by Tony Cook