New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 621087 link

Starred by 2 users
Status: Fixed
Owner:
r...@chromium.org
Closed: Aug 2016
Cc:
kcc@chromium.org
siggi@chromium.org
sebmarchand@chromium.org
vitalyb...@chromium.org
wwchrome@google.com
mbarbe...@chromium.org
chrisha@chromium.org
thakis@chromium.org
och...@chromium.org
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 1
Type: Bug

Blocking:
issue 82385
issue 634965



Sign in to add a comment

Content shell job always fails on shadow memory interleaving issue

Project Member Reported by infe...@chromium.org, Jun 17 2016 
windows_asan_content_shell (r400408)
c:\clusterfuzz\slave-bot\builds\chromium-browser-asan_win32-release_a15986b6468dcac5c0ae9a2e0729fd95d8ce33c8\revisions\asan-win32-release-400408\content_shell.exe --user-data-dir=c:\tmp\user_profile_0 --log-net-log=c:\tmp\net_log_0 --enable-logging --allow-file-access-from-files --disable-gesture-requirement-for-media-playback --use-gl=any --disable-gl-drawing-for-tests --run-layout-test --dump-render-tree 

==2616==Shadow memory range interleaves with an existing memory mapping. ASan cannot proceed correctly. ABORTING.
==2616==ASan shadow was supposed to be located in the [0x2fff0000-0x4fffffff] range.
==2616==Dumping process modules:
0x00e80000-0x3909c000 c:\clusterfuzz\slave-bot\builds\chromium-browser-asan_win32-release_a15986b6468dcac5c0ae9a2e0729fd95d8ce33c8\revisions\asan-win32-release-400408\content_shell.exe
0x09590000-0x75163000 C:\windows\SYSTEM32\USER32.dll
0x0a9a0000-0x6fab6000 C:\windows\SYSTEM32\USP10.dll
0x0b960000-0x772a0000 C:\windows\SYSTEM32\KERNEL32.DLL
0x0c340000-0x7772f000 C:\windows\SYSTEM32\ntdll.dll
0x0c420000-0x75449000 C:\windows\SYSTEM32\ole32.dll
0x0c480000-0x76f3c000 C:\windows\SYSTEM32\SHELL32.dll
0x0d0d0000-0x702dd000 C:\windows\SYSTEM32\WININET.dll
0x0e430000-0x6fd00000 C:\windows\SYSTEM32\OLEACC.dll
0x11e30000-0x74ff5000 C:\windows\SYSTEM32\SHLWAPI.dll
0x121f0000-0x700c4000 C:\windows\SYSTEM32\iertutil.dll
0x18660000-0x756e8000 C:\windows\SYSTEM32\CRYPT32.dll
0x1e650000-0x70eeb000 C:\windows\SYSTEM32\USERENV.dll
0x1ef90000-0x70b1a000 C:\windows\SYSTEM32\Secur32.dll
0x20c00000-0x6fca3000 C:\windows\SYSTEM32\WINMM.dll
0x22ac0000-0x74c48000 C:\windows\SYSTEM32\VERSION.dll
0x22e40000-0x6fb25000 C:\windows\SYSTEM32\WINSPOOL.DRV
0x25030000-0x7714b000 C:\windows\SYSTEM32\COMDLG32.dll
0x25d90000-0x7555f000 C:\windows\SYSTEM32\WS2_32.dll
0x264d0000-0x7550a000 C:\windows\SYSTEM32\RPCRT4.dll
0x275d0000-0x77156000 C:\windows\SYSTEM32\PSAPI.DLL
0x27980000-0x74f8f000 C:\windows\SYSTEM32\GDI32.dll
0x27f50000-0x76f77000 C:\windows\SYSTEM32\IMM32.dll
0x29570000-0x758ec000 C:\windows\SYSTEM32\ADVAPI32.dll
0x40eb0000-0x70ebf000 C:\windows\SYSTEM32\WTSAPI32.dll
0x55730000-0x6fc7a000 C:\windows\SYSTEM32\urlmon.dll
0x5fa70000-0x6fa93000 C:\windows\SYSTEM32\WINMMBASE.dll
0x60ec0000-0x70ecf000 C:\windows\SYSTEM32\profapi.dll
0x611c0000-0x7124b000 C:\windows\SYSTEM32\SHCORE.DLL
0x61290000-0x71298000 C:\windows\SYSTEM32\WINNSI.DLL
0x612a0000-0x712c0000 C:\windows\SYSTEM32\IPHLPAPI.DLL
0x62710000-0x72731000 C:\windows\SYSTEM32\DEVOBJ.dll
0x64cb0000-0x74e73000 C:\windows\SYSTEM32\msvcrt.dll
0x64d40000-0x74d94000 C:\windows\SYSTEM32\bcryptPrimitives.dll
0x64da0000-0x74daa000 C:\windows\SYSTEM32\CRYPTBASE.dll
0x64f90000-0x74fae000 C:\windows\SYSTEM32\SspiCli.dll
0x65000000-0x75007000 C:\windows\SYSTEM32\NSI.dll
0x65190000-0x7530d000 C:\windows\SYSTEM32\combase.dll
0x657e0000-0x75821000 C:\windows\SYSTEM32\sechost.dll
0x65900000-0x7593c000 C:\windows\SYSTEM32\cfgmgr32.dll
0x659a0000-0x75ab2000 C:\windows\SYSTEM32\MSCTF.dll
0x66f40000-0x76f4e000 C:\windows\SYSTEM32\MSASN1.dll
0x67010000-0x770a5000 C:\windows\SYSTEM32\OLEAUT32.dll
0x672a0000-0x77377000 C:\windows\SYSTEM32\KERNELBASE.dll
0xfb240000-0x7135f000 C:\windows\SYSTEM32\WINHTTP.dll
0xfed60000-0x70966000 C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0\COMCTL32.dll

==2616==Shadow memory range interleaves with an existing memory mapping. ASan cannot proceed correctly. ABORTING.
==2616==ASan shadow was supposed to be located in the [0x2fff0000-0x4fffffff] range.
==2616==Dumping process modules:
0x00e80000-0x3909c000 c:\clusterfuzz\slave-bot\builds\chromium-browser-asan_win32-release_a15986b6468dcac5c0ae9a2e0729fd95d8ce33c8\revisions\asan-win32-release-400408\content_shell.exe
0x09590000-0x75163000 C:\windows\SYSTEM32\USER32.dll
0x0a9a0000-0x6fab6000 C:\windows\SYSTEM32\USP10.dll
0x0b960000-0x772a0000 C:\windows\SYSTEM32\KERNEL32.DLL
0x0c340000-0x7772f000 C:\windows\SYSTEM32\ntdll.dll
0x0c420000-0x75449000 C:\windows\SYSTEM32\ole32.dll
0x0c480000-0x76f3c000 C:\windows\SYSTEM32\SHELL32.dll
0x0d0d0000-0x702dd000 C:\windows\SYSTEM32\WININET.dll
0x0e430000-0x6fd00000 C:\windows\SYSTEM32\OLEACC.dll
0x11e30000-0x74ff5000 C:\windows\SYSTEM32\SHLWAPI.dll
0x121f0000-0x700c4000 C:\windows\SYSTEM32\iertutil.dll
0x18660000-0x756e8000 C:\windows\SYSTEM32\CRYPT32.dll
0x1e650000-0x70eeb000 C:\windows\SYSTEM32\USERENV.dll
0x1ef90000-0x70b1a000 C:\windows\SYSTEM32\Secur32.dll
0x20c00000-0x6fca3000 C:\windows\SYSTEM32\WINMM.dll
0x22ac0000-0x74c48000 C:\windows\SYSTEM32\VERSION.dll
0x22e40000-0x6fb25000 C:\windows\SYSTEM32\WINSPOOL.DRV
0x25030000-0x7714b000 C:\windows\SYSTEM32\COMDLG32.dll
0x25d90000-0x7555f000 C:\windows\SYSTEM32\WS2_32.dll
0x264d0000-0x7550a000 C:\windows\SYSTEM32\RPCRT4.dll
0x275d0000-0x77156000 C:\windows\SYSTEM32\PSAPI.DLL
0x27980000-0x74f8f000 C:\windows\SYSTEM32\GDI32.dll
0x27f50000-0x76f77000 C:\windows\SYSTEM32\IMM32.dll
0x29570000-0x758ec000 C:\windows\SYSTEM32\ADVAPI32.dll
0x40eb0000-0x70ebf000 C:\windows\SYSTEM32\WTSAPI32.dll
0x55730000-0x6fc7a000 C:\windows\SYSTEM32\urlmon.dll
0x5fa70000-0x6fa93000 C:\windows\SYSTEM32\WINMMBASE.dll
0x60ec0000-0x70ecf000 C:\windows\SYSTEM32\profapi.dll
0x611c0000-0x7124b000 C:\windows\SYSTEM32\SHCORE.DLL
0x61290000-0x71298000 C:\windows\SYSTEM32\WINNSI.DLL
0x612a0000-0x712c0000 C:\windows\SYSTEM32\IPHLPAPI.DLL
0x62710000-0x72731000 C:\windows\SYSTEM32\DEVOBJ.dll
0x64cb0000-0x74e73000 C:\windows\SYSTEM32\msvcrt.dll
0x64d40000-0x74d94000 C:\windows\SYSTEM32\bcryptPrimitives.dll
0x64da0000-0x74daa000 C:\windows\SYSTEM32\CRYPTBASE.dll
0x64f90000-0x74fae000 C:\windows\SYSTEM32\SspiCli.dll
0x65000000-0x75007000 C:\windows\SYSTEM32\NSI.dll
0x65190000-0x7530d000 C:\windows\SYSTEM32\combase.dll
0x657e0000-0x75821000 C:\windows\SYSTEM32\sechost.dll
0x65900000-0x7593c000 C:\windows\SYSTEM32\cfgmgr32.dll
0x659a0000-0x75ab2000 C:\windows\SYSTEM32\MSCTF.dll
0x66f40000-0x76f4e000 C:\windows\SYSTEM32\MSASN1.dll
0x67010000-0x770a5000 C:\windows\SYSTEM32\OLEAUT32.dll
0x672a0000-0x77377000 C:\windows\SYSTEM32\KERNELBASE.dll
0xfb240000-0x7135f000 C:\windows\SYSTEM32\WINHTTP.dll
0xfed60000-0x70966000 C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0\COMCTL32.dll

This started recently and only with content shell job (not chrome.exe). Looks like https://bugs.chromium.org/p/chromium/issues/detail?id=452788 coming again.

Comment 1 by infe...@chromium.org, Jun 17 2016

Blocking: 82385

Comment 2 by r...@chromium.org, Jun 17 2016

Cc: siggi@chromium.org chrisha@chromium.org wwchrome@google.com kcc@chromium.org vitalyb...@chromium.org
Chris and Wei, we've talked about these kinds of problems for Win64 ASan. Any ideas on how we can improve the situation on 32-bit?

We could revive the flexible shadow base and use it for 32-bit.

---

Relatedly, the upper ends of each DLL can't be right. The range 0xfed60000-0x70966000 isn't a valid interval. I'll see if I can fix that.

Comment 3 by aarya@google.com, Jun 17 2016

Labels: -Pri-3 Pri-1

Comment 4 by wwchrome@google.com, Jun 17 2016 

What I did for Win64 asan is to change this:

-static const u64 kDefaultShort64bitShadowOffset = 0x7FFF8000;  // < 2G.                                             
+static const u64 kDefaultShort64bitShadowOffset = 0x200000000000;  // 32T    

and the interleaving range problem is gone.
Haven't seem this on 32-bit, but that list of dlls look lot longer than I used to see.

Comment 5 by infe...@chromium.org, Aug 5 2016

Blocking: 634965

Comment 6 by infe...@chromium.org, Aug 5 2016

Cc: sebmarchand@chromium.org
Currently 32-bit Windows ASAN content shell builds are always crashing on startup. So, looks like we have to wait for 64-bit builds then ?

Comment 7 by infe...@chromium.org, Aug 6 2016

Summary: Content shell job always fails on shadow memory interleaving issue (was: Content shell job sometimes fails on shadow memory interleaving issue)
Latest stack
windows_asan_content_shell (r410228)
c:\clusterfuzz\slave-bot\builds\chromium-browser-asan_win32-release_a15986b6468dcac5c0ae9a2e0729fd95d8ce33c8\revisions\asan-win32-release-410228\content_shell.exe --user-data-dir=c:\tmp\user_profile_0 --log-net-log=c:\tmp\net_log_0 --enable-logging --allow-file-access-from-files --disable-gesture-requirement-for-media-playback --use-gl=any --disable-gl-drawing-for-tests --run-layout-test --dump-render-tree 

==1508==Shadow memory range interleaves with an existing memory mapping. ASan cannot proceed correctly. ABORTING.
==1508==ASan shadow was supposed to be located in the [0x2fff0000-0x4fffffff] range.
==1508==Dumping process modules:
0x0ac70000-0x76843000 C:\windows\SYSTEM32\USER32.dll
0x0b760000-0x770a0000 C:\windows\SYSTEM32\KERNEL32.DLL
0x0b790000-0x7624c000 C:\windows\SYSTEM32\SHELL32.dll
0x0b7b0000-0x708c6000 C:\windows\SYSTEM32\USP10.dll
0x0c110000-0x774ff000 C:\windows\SYSTEM32\ntdll.dll
0x0c860000-0x6fab0000 C:\windows\SYSTEM32\WININET.dll
0x0dd20000-0x76d49000 C:\windows\SYSTEM32\ole32.dll
0x0ef20000-0x707f0000 C:\windows\SYSTEM32\OLEACC.dll
0x11b50000-0x74d15000 C:\windows\SYSTEM32\SHLWAPI.dll
0x12150000-0x70024000 C:\windows\SYSTEM32\iertutil.dll
0x19440000-0x764c8000 C:\windows\SYSTEM32\CRYPT32.dll
0x1e420000-0x70cbb000 C:\windows\SYSTEM32\USERENV.dll
0x1ef20000-0x70aaa000 C:\windows\SYSTEM32\Secur32.dll
0x21800000-0x708a3000 C:\windows\SYSTEM32\WINMM.dll
0x22890000-0x74a18000 C:\windows\SYSTEM32\VERSION.dll
0x23b90000-0x70875000 C:\windows\SYSTEM32\WINSPOOL.DRV
0x24220000-0x7633b000 C:\windows\SYSTEM32\COMDLG32.dll
0x25000000-0x74b86000 C:\windows\SYSTEM32\PSAPI.DLL
0x25da0000-0x74dda000 C:\windows\SYSTEM32\RPCRT4.dll
0x26ad0000-0x7629f000 C:\windows\SYSTEM32\WS2_32.dll
0x27970000-0x74f7f000 C:\windows\SYSTEM32\GDI32.dll
0x27ae0000-0x76b07000 C:\windows\SYSTEM32\IMM32.dll
0x2a760000-0x76adc000 C:\windows\SYSTEM32\ADVAPI32.dll
0x40c80000-0x70c8f000 C:\windows\SYSTEM32\WTSAPI32.dll
0x50370000-0x7028e000 C:\windows\SYSTEM32\dxva2.dll
0x56250000-0x7079c000 C:\windows\SYSTEM32\urlmon.dll
0x5fd80000-0x6fde9000 C:\windows\SYSTEM32\dxgi.dll
0x60030000-0x70053000 C:\windows\SYSTEM32\WINMMBASE.dll
0x60290000-0x70469000 C:\windows\SYSTEM32\d3d11.dll
0x60470000-0x70643000 C:\windows\SYSTEM32\d3d9.dll
0x607f0000-0x7080a000 C:\windows\SYSTEM32\dwmapi.dll
0x60c90000-0x70c9f000 C:\windows\SYSTEM32\profapi.dll
0x60f90000-0x7101b000 C:\windows\SYSTEM32\SHCORE.DLL
0x61060000-0x71068000 C:\windows\SYSTEM32\WINNSI.DLL
0x61070000-0x71090000 C:\windows\SYSTEM32\IPHLPAPI.DLL
0x624e0000-0x72501000 C:\windows\SYSTEM32\DEVOBJ.dll
0x64b10000-0x74b64000 C:\windows\SYSTEM32\bcryptPrimitives.dll
0x64b70000-0x74b7a000 C:\windows\SYSTEM32\CRYPTBASE.dll
0x64b90000-0x74c67000 C:\windows\SYSTEM32\KERNELBASE.dll
0x664d0000-0x764de000 C:\windows\SYSTEM32\MSASN1.dll
0x664e0000-0x764e7000 C:\windows\SYSTEM32\NSI.dll
0x66850000-0x769cd000 C:\windows\SYSTEM32\combase.dll
0x66a10000-0x76bd3000 C:\windows\SYSTEM32\msvcrt.dll
0x66be0000-0x76c1c000 C:\windows\SYSTEM32\cfgmgr32.dll
0x66d50000-0x76de5000 C:\windows\SYSTEM32\OLEAUT32.dll
0x670a0000-0x770be000 C:\windows\SYSTEM32\SspiCli.dll
0x67140000-0x77181000 C:\windows\SYSTEM32\sechost.dll
0x67190000-0x772a2000 C:\windows\SYSTEM32\MSCTF.dll
0x6cab0000-0x6fbf1000 C:\windows\SYSTEM32\dbghelp.dll
0xfb010000-0x7112f000 C:\windows\SYSTEM32\WINHTTP.dll
0xfe660000-0x70266000 C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee\COMCTL32.dll
0xffee0000-0x3411f000 c:\clusterfuzz\slave-bot\builds\chromium-browser-asan_win32-release_a15986b6468dcac5c0ae9a2e0729fd95d8ce33c8\revisions\asan-win32-release-410228\content_shell.exe

==1508==Shadow memory range interleaves with an existing memory mapping. ASan cannot proceed correctly. ABORTING.
==1508==ASan shadow was supposed to be located in the [0x2fff0000-0x4fffffff] range.
==1508==Dumping process modules:
0x0ac70000-0x76843000 C:\windows\SYSTEM32\USER32.dll
0x0b760000-0x770a0000 C:\windows\SYSTEM32\KERNEL32.DLL
0x0b790000-0x7624c000 C:\windows\SYSTEM32\SHELL32.dll
0x0b7b0000-0x708c6000 C:\windows\SYSTEM32\USP10.dll
0x0c110000-0x774ff000 C:\windows\SYSTEM32\ntdll.dll
0x0c860000-0x6fab0000 C:\windows\SYSTEM32\WININET.dll
0x0dd20000-0x76d49000 C:\windows\SYSTEM32\ole32.dll
0x0ef20000-0x707f0000 C:\windows\SYSTEM32\OLEACC.dll
0x11b50000-0x74d15000 C:\windows\SYSTEM32\SHLWAPI.dll
0x12150000-0x70024000 C:\windows\SYSTEM32\iertutil.dll
0x19440000-0x764c8000 C:\windows\SYSTEM32\CRYPT32.dll
0x1e420000-0x70cbb000 C:\windows\SYSTEM32\USERENV.dll
0x1ef20000-0x70aaa000 C:\windows\SYSTEM32\Secur32.dll
0x21800000-0x708a3000 C:\windows\SYSTEM32\WINMM.dll
0x22890000-0x74a18000 C:\windows\SYSTEM32\VERSION.dll
0x23b90000-0x70875000 C:\windows\SYSTEM32\WINSPOOL.DRV
0x24220000-0x7633b000 C:\windows\SYSTEM32\COMDLG32.dll
0x25000000-0x74b86000 C:\windows\SYSTEM32\PSAPI.DLL
0x25da0000-0x74dda000 C:\windows\SYSTEM32\RPCRT4.dll
0x26ad0000-0x7629f000 C:\windows\SYSTEM32\WS2_32.dll
0x27970000-0x74f7f000 C:\windows\SYSTEM32\GDI32.dll
0x27ae0000-0x76b07000 C:\windows\SYSTEM32\IMM32.dll
0x2a760000-0x76adc000 C:\windows\SYSTEM32\ADVAPI32.dll
0x40c80000-0x70c8f000 C:\windows\SYSTEM32\WTSAPI32.dll
0x50370000-0x7028e000 C:\windows\SYSTEM32\dxva2.dll
0x56250000-0x7079c000 C:\windows\SYSTEM32\urlmon.dll
0x5fd80000-0x6fde9000 C:\windows\SYSTEM32\dxgi.dll
0x60030000-0x70053000 C:\windows\SYSTEM32\WINMMBASE.dll
0x60290000-0x70469000 C:\windows\SYSTEM32\d3d11.dll
0x60470000-0x70643000 C:\windows\SYSTEM32\d3d9.dll
0x607f0000-0x7080a000 C:\windows\SYSTEM32\dwmapi.dll
0x60c90000-0x70c9f000 C:\windows\SYSTEM32\profapi.dll
0x60f90000-0x7101b000 C:\windows\SYSTEM32\SHCORE.DLL
0x61060000-0x71068000 C:\windows\SYSTEM32\WINNSI.DLL
0x61070000-0x71090000 C:\windows\SYSTEM32\IPHLPAPI.DLL
0x624e0000-0x72501000 C:\windows\SYSTEM32\DEVOBJ.dll
0x64b10000-0x74b64000 C:\windows\SYSTEM32\bcryptPrimitives.dll
0x64b70000-0x74b7a000 C:\windows\SYSTEM32\CRYPTBASE.dll
0x64b90000-0x74c67000 C:\windows\SYSTEM32\KERNELBASE.dll
0x664d0000-0x764de000 C:\windows\SYSTEM32\MSASN1.dll
0x664e0000-0x764e7000 C:\windows\SYSTEM32\NSI.dll
0x66850000-0x769cd000 C:\windows\SYSTEM32\combase.dll
0x66a10000-0x76bd3000 C:\windows\SYSTEM32\msvcrt.dll
0x66be0000-0x76c1c000 C:\windows\SYSTEM32\cfgmgr32.dll
0x66d50000-0x76de5000 C:\windows\SYSTEM32\OLEAUT32.dll
0x670a0000-0x770be000 C:\windows\SYSTEM32\SspiCli.dll
0x67140000-0x77181000 C:\windows\SYSTEM32\sechost.dll
0x67190000-0x772a2000 C:\windows\SYSTEM32\MSCTF.dll
0x6cab0000-0x6fbf1000 C:\windows\SYSTEM32\dbghelp.dll
0xfb010000-0x7112f000 C:\windows\SYSTEM32\WINHTTP.dll
0xfe660000-0x70266000 C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee\COMCTL32.dll
0xffee0000-0x3411f000 c:\clusterfuzz\slave-bot\builds\chromium-browser-asan_win32-release_a15986b6468dcac5c0ae9a2e0729fd95d8ce33c8\revisions\asan-win32-release-410228\content_shell.exe

Comment 8 by r...@chromium.org, Aug 8 2016 

The module begin addresses in those dumps are wrong, and I fixed them in LLVM r277842, which should be in the next clang roll.

The DLL end addresses are correct, so it looks like content_shell.exe is getting loaded at 0x3411f000, and this conflicts with the ASan mapping. There may be some linker flag we can use to fix the issue.

Comment 9 by thakis@chromium.org, Aug 8 2016 

277842 should be in the roll that landed yesterday night, so that fix shouldbe deployed now.
Project Member

Comment 10 by ClusterFuzz, Aug 9 2016 

ClusterFuzz is analyzing your testcase. Developers can follow the progress at https://cluster-fuzz.appspot.com/testcase?key=5089074153259008

Comment 11 by aarya@google.com, Aug 9 2016 

CF bots should have picked up the latest build by now, but i still see the build being detected as bad. Lets see the new stack in c#10.

Comment 12 by aarya@google.com, Aug 9 2016 

Still unfixed, here is the new stack with r410464 (that includes the new clang roll)

[Crash Revision] r410464
[Environment] ASAN_OPTIONS = redzone=128:symbolize=1:detect_stack_use_after_return=0:coverage_dir="c:\tmp":alloc_dealloc_mismatch=0:print_scariness=1:check_malloc_usable_size=0:allocator_may_return_null=1:strict_memcmp=0:detect_container_overflow=0:quarantine_size_mb=100:coverage=1:detect_odr_violation=0:use_sigaltstack=1:handle_segv=1:fast_unwind_on_fatal=1

==1588==Shadow memory range interleaves with an existing memory mapping. ASan cannot proceed correctly. ABORTING.
==1588==ASan shadow was supposed to be located in the [0x2fff0000-0x4fffffff] range.
==1588==Dumping process modules:
	0x002b0000-0x33a56000 c:\clusterfuzz\slave-bot\builds\chromium-browser-asan_win32-release_a15986b6468dcac5c0ae9a2e0729fd95d8ce33c8\revisions\asan-win32-release-410464\content_shell.exe
	0x6e220000-0x6e361000 C:\windows\SYSTEM32\dbghelp.dll
	0x6e5f0000-0x6e5ff000 C:\windows\SYSTEM32\profapi.dll
	0x6f0f0000-0x6f10b000 C:\windows\SYSTEM32\USERENV.dll
	0x6fc40000-0x6fc4f000 C:\windows\SYSTEM32\WTSAPI32.dll
	0x6fc80000-0x6fc8a000 C:\windows\SYSTEM32\Secur32.dll
	0x704b0000-0x70519000 C:\windows\SYSTEM32\dxgi.dll
	0x70520000-0x706f9000 C:\windows\SYSTEM32\d3d11.dll
	0x707b0000-0x707d3000 C:\windows\SYSTEM32\WINMMBASE.dll
	0x707e0000-0x707fe000 C:\windows\SYSTEM32\dxva2.dll
	0x70800000-0x709d3000 C:\windows\SYSTEM32\d3d9.dll
	0x709e0000-0x70b2c000 C:\windows\SYSTEM32\urlmon.dll
	0x70b30000-0x70b80000 C:\windows\SYSTEM32\OLEACC.dll
	0x70b80000-0x70d01000 C:\windows\SYSTEM32\DWrite.dll
	0x70d10000-0x70d2a000 C:\windows\SYSTEM32\dwmapi.dll
	0x70d30000-0x70d95000 C:\windows\SYSTEM32\WINSPOOL.DRV
	0x70da0000-0x70dc3000 C:\windows\SYSTEM32\WINMM.dll
	0x70dd0000-0x70de6000 C:\windows\SYSTEM32\USP10.dll
	0x70e40000-0x71074000 C:\windows\SYSTEM32\iertutil.dll
	0x71080000-0x712d0000 C:\windows\SYSTEM32\WININET.dll
	0x71750000-0x71956000 C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee\COMCTL32.dll
	0x71bf0000-0x71c7b000 C:\windows\SYSTEM32\SHCORE.DLL
	0x71cc0000-0x71cc8000 C:\windows\SYSTEM32\WINNSI.DLL
	0x71cd0000-0x71cf0000 C:\windows\SYSTEM32\IPHLPAPI.DLL
	0x71cf0000-0x71d8f000 C:\windows\SYSTEM32\WINHTTP.dll
	0x72920000-0x72941000 C:\windows\SYSTEM32\DEVOBJ.dll
	0x74e50000-0x74e58000 C:\windows\SYSTEM32\VERSION.dll
	0x74f50000-0x74fa4000 C:\windows\SYSTEM32\bcryptPrimitives.dll
	0x74fb0000-0x74fba000 C:\windows\SYSTEM32\CRYPTBASE.dll
	0x75000000-0x7503c000 C:\windows\SYSTEM32\cfgmgr32.dll
	0x75040000-0x75117000 C:\windows\SYSTEM32\KERNELBASE.dll
	0x75120000-0x751b5000 C:\windows\SYSTEM32\OLEAUT32.dll
	0x751c0000-0x7527a000 C:\windows\SYSTEM32\RPCRT4.dll
	0x75280000-0x752c1000 C:\windows\SYSTEM32\sechost.dll
	0x75360000-0x75489000 C:\windows\SYSTEM32\ole32.dll
	0x75490000-0x7550c000 C:\windows\SYSTEM32\ADVAPI32.dll
	0x75510000-0x75537000 C:\windows\SYSTEM32\IMM32.dll
	0x75770000-0x7578e000 C:\windows\SYSTEM32\SspiCli.dll
	0x75790000-0x7582b000 C:\windows\SYSTEM32\COMDLG32.dll
	0x75890000-0x75896000 C:\windows\SYSTEM32\PSAPI.DLL
	0x758a0000-0x759f3000 C:\windows\SYSTEM32\USER32.dll
	0x75a00000-0x75b40000 C:\windows\SYSTEM32\KERNEL32.DLL
	0x75b40000-0x75b85000 C:\windows\SYSTEM32\SHLWAPI.dll
	0x75bc0000-0x75cd2000 C:\windows\SYSTEM32\MSCTF.dll
	0x75d70000-0x75e33000 C:\windows\SYSTEM32\msvcrt.dll
	0x75e40000-0x75f4f000 C:\windows\SYSTEM32\GDI32.dll
	0x75f50000-0x75f5e000 C:\windows\SYSTEM32\MSASN1.dll
	0x75f60000-0x760e8000 C:\windows\SYSTEM32\CRYPT32.dll
	0x760f0000-0x7626d000 C:\windows\SYSTEM32\combase.dll
	0x76270000-0x762bf000 C:\windows\SYSTEM32\WS2_32.dll
	0x76430000-0x776ec000 C:\windows\SYSTEM32\SHELL32.dll
	0x776f0000-0x776f7000 C:\windows\SYSTEM32\NSI.dll
	0x777d0000-0x7793f000 C:\windows\SYSTEM32\ntdll.dll

Comment 13 by thakis@chromium.org, Aug 9 2016 

(I think rnk didn't say this should work now, he just said that the addressee in the error output are not printed correctly :-) )

Comment 14 by r...@chromium.org, Aug 9 2016 

> (I think rnk didn't say this should work now, he just said that the addressee in the error output are not printed correctly :-) )

Exactly, it's now super clear that content_shell.exe is in a bad place for ASan:
	0x002b0000-0x33a56000 c:\clusterfuzz\slave-bot\builds\chromium-browser-asan_win32-release_a15986b6468dcac5c0ae9a2e0729fd95d8ce33c8\revisions\asan-win32-release-410464\content_shell.exe

Uh... Why is content_shell.exe taking 823MB of virtual memory? That is bad...

Comment 15 by thakis@chromium.org, Aug 9 2016 

Re comment 14: Might be because it's built with dwarf debug info as we discovered in  issue 635715 . If so, https://codereview.chromium.org/2224073003/ might fix this too. (Why does the loader map in the debug info though?)

Comment 16 by infe...@chromium.org, Aug 10 2016

Status: Fixed (was: Assigned)
Correct guess, CL in C#15 fixed this. See also confirmed by last graph on vi/clusterfuzz, all win asan builds at 1.0 (good).

Sign in to add a comment