Issue 806603 link

Starred by 1 user

Issue metadata

Status:	Fixed
Owner:	ahass...@chromium.org
Closed:	Feb 2018
Cc:	█ rahulchaudhry@chromium.org ahass...@chromium.org manojgupta@chromium.org
EstimatedDays:	----
NextAction:	----
OS:	Chrome
Pri:	2
Type:	Bug
libcxx_asan

Puffin failing in asan

Project Member Reported by manojgupta@chromium.org, Jan 28 2018

Issue description

https://build.chromium.org/p/chromiumos/builders/amd64-generic-asan/builds/23095

puffin-0.0.1-r355:  * ASAN error detected:
puffin-0.0.1-r355:  * =================================================================
puffin-0.0.1-r355:  * ==17==ERROR: AddressSanitizer: container-overflow on address 0x619000021896 at pc 0x7f0180bca125 bp 0x7ffc9a468d70 sp 0x7ffc9a468d68
puffin-0.0.1-r355:  * READ of size 2 at 0x619000021896 thread T0
puffin-0.0.1-r355:  *     #0 0x7f0180bca124 in puffin::HuffmanTable::BuildHuffmanReverseCodes(std::__1::vector<unsigned char, std::__1::allocator<unsigned char> > const&, std::__1::vector<unsigned short, std::__1::allocator<unsigned short> >*, unsigned long*) /build/amd64-generic/var/cache/portage/dev-util/puffin/out/Default/../../../../../../../tmp/portage/dev-util/puffin-0.0.1-r355/work/puffin-0.0.1/platform2/puffin/src/huffman_table.cc:153:39
puffin-0.0.1-r355:  *     #1 0x7f0180bd0bea in puffin::HuffmanTable::BuildDynamicHuffmanTable(unsigned char const*, unsigned long, puffin::BitWriterInterface*, puffin::Error*) /build/amd64-generic/var/cache/portage/dev-util/puffin/out/Default/../../../../../../../tmp/portage/dev-util/puffin-0.0.1-r355/work/puffin-0.0.1/platform2/puffin/src/huffman_table.cc:472:3
puffin-0.0.1-r355:  *     #2 0x7f0180bc1127 in puffin::Huffer::HuffDeflate(puffin::PuffReaderInterface*, puffin::BitWriterInterface*, puffin::Error*) const /build/amd64-generic/var/cache/portage/dev-util/puffin/out/Default/../../../../../../../tmp/portage/dev-util/puffin-0.0.1-r355/work/puffin-0.0.1/platform2/puffin/src/huffer.cc:90:9
puffin-0.0.1-r355:  *     #3 0x7f0180b997e0 in puffin::PuffinTest::HuffDeflate(unsigned char const*, unsigned long, unsigned char*, unsigned long, puffin::Error*) const /build/amd64-generic/var/cache/portage/dev-util/puffin/out/Default/../../../../../../../tmp/portage/dev-util/puffin-0.0.1-r355/work/puffin-0.0.1/platform2/puffin/src/puffin_unittest.cc:104:5
puffin-0.0.1-r355:  *     #4 0x7f0180b944d6 in puffin::PuffinTest::TestHuffDeflate(std::__1::vector<unsigned char, std::__1::allocator<unsigned char> > const&, std::__1::vector<unsigned char, std::__1::allocator<unsigned char> > const&, std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >*) /build/amd64-generic/var/cache/portage/dev-util/puffin/out/Default/../../../../../../../tmp/portage/dev-util/puffin-0.0.1-r355/work/puffin-0.0.1/platform2/puffin/src/puffin_unittest.cc:151:5
puffin-0.0.1-r355:  *     #5 0x7f0180b8f162 in puffin::PuffinTest::CheckSample(std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >, std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >) /build/amd64-generic/var/cache/portage/dev-util/puffin/out/Default/../../../../../../../tmp/portage/dev-util/puffin-0.0.1-r355/work/puffin-0.0.1/platform2/puffin/src/puffin_unittest.cc:190:5
puffin-0.0.1-r355:  *     #6 0x7f0180b8e346 in puffin::PuffinTest_DynamicHuffmanTest_Test::TestBody() /build/amd64-generic/var/cache/portage/dev-util/puffin/out/Default/../../../../../../../tmp/portage/dev-util/puffin-0.0.1-r355/work/puffin-0.0.1/platform2/puffin/src/puffin_unittest.cc:262:3
puffin-0.0.1-r355:  *     #7 0x7f0180957678 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2402:10
puffin-0.0.1-r355:  *     #8 0x7f0180957678 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2438:0
puffin-0.0.1-r355:  *     #9 0x7f018093bcf8 in testing::Test::Run() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2474:5
puffin-0.0.1-r355:  *     #10 0x7f018093cffc in testing::TestInfo::Run() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2656:11
puffin-0.0.1-r355:  *     #11 0x7f018093d896 in testing::TestCase::Run() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2774:28
puffin-0.0.1-r355:  *     #12 0x7f0180946aa6 in testing::internal::UnitTestImpl::RunAllTests() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:4649:43
puffin-0.0.1-r355:  *     #13 0x7f01809583e8 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2402:10
puffin-0.0.1-r355:  *     #14 0x7f01809583e8 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2438:0
puffin-0.0.1-r355:  *     #15 0x7f018094673e in testing::UnitTest::Run() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:4257:10
puffin-0.0.1-r355:  *     #16 0x7f0180c153a7 in RUN_ALL_TESTS() /build/amd64-generic/var/cache/portage/dev-util/puffin/out/Default/../../../../../../../usr/include/gtest/gtest.h:2233:46
puffin-0.0.1-r355:  *     #17 0x7f0180c153a7 in main /build/amd64-generic/var/cache/portage/dev-util/puffin/out/Default/../../../../../../../tmp/portage/dev-util/puffin-0.0.1-r355/work/puffin-0.0.1/platform2/common-mk/testrunner.cc:16:0
puffin-0.0.1-r355:  *     #18 0x7f017f7b8735 in __libc_start_main /var/tmp/portage/cross-x86_64-cros-linux-gnu/glibc-2.23-r15/work/glibc-2.23/csu/../csu/libc-start.c:289:0
puffin-0.0.1-r355:  *     #19 0x7f0180a6c138 in _start ??:0:0
puffin-0.0.1-r355:  * 
puffin-0.0.1-r355:  * 0x619000021896 is located 278 bytes inside of 1144-byte region [0x619000021780,0x619000021bf8)
puffin-0.0.1-r355:  * allocated by thread T0 here:
puffin-0.0.1-r355:  *     #0 0x7f0180b39382 in operator new(unsigned long) ??:0:0
puffin-0.0.1-r355:  *     #1 0x7f0180bdf452 in std::__1::__allocate(unsigned long) /usr/bin/../include/c++/v1/new:227:10
puffin-0.0.1-r355:  *     #2 0x7f0180bdf452 in std::__1::allocator<puffin::HuffmanTable::CodeIndexPair>::allocate(unsigned long, void const*) /usr/bin/../include/c++/v1/memory:1771:0
puffin-0.0.1-r355:  *     #3 0x7f0180bdf452 in std::__1::allocator_traits<std::__1::allocator<puffin::HuffmanTable::CodeIndexPair> >::allocate(std::__1::allocator<puffin::HuffmanTable::CodeIndexPair>&, unsigned long) /usr/bin/../include/c++/v1/memory:1526:0
puffin-0.0.1-r355:  *     #4 0x7f0180bdf452 in std::__1::vector<puffin::HuffmanTable::CodeIndexPair, std::__1::allocator<puffin::HuffmanTable::CodeIndexPair> >::allocate(unsigned long) /usr/bin/../include/c++/v1/vector:925:0
puffin-0.0.1-r355:  *     #5 0x7f0180bddc48 in std::__1::vector<puffin::HuffmanTable::CodeIndexPair, std::__1::allocator<puffin::HuffmanTable::CodeIndexPair> >::vector(unsigned long) /usr/bin/../include/c++/v1/vector:1068:9
puffin-0.0.1-r355:  *     #6 0x7f0180bc5f7e in puffin::HuffmanTable::HuffmanTable() /build/amd64-generic/var/cache/portage/dev-util/puffin/out/Default/../../../../../../../tmp/portage/dev-util/puffin-0.0.1-r355/work/puffin-0.0.1/platform2/puffin/src/huffman_table.cc:46:32
puffin-0.0.1-r355:  *     #7 0x7f0180bbf9f1 in puffin::Huffer::Huffer() /build/amd64-generic/var/cache/portage/dev-util/puffin/out/Default/../../../../../../../tmp/portage/dev-util/puffin-0.0.1-r355/work/puffin-0.0.1/platform2/puffin/src/huffer.cc:24:32
puffin-0.0.1-r355:  *     #8 0x7f0180b9b0f0 in puffin::PuffinTest::PuffinTest() /build/amd64-generic/var/cache/portage/dev-util/puffin/out/Default/../../../../../../../tmp/portage/dev-util/puffin-0.0.1-r355/work/puffin-0.0.1/platform2/puffin/src/puffin_unittest.cc:30:7
puffin-0.0.1-r355:  *     #9 0x7f0180b9b0f0 in puffin::PuffinTest_DynamicHuffmanTest_Test::PuffinTest_DynamicHuffmanTest_Test() /build/amd64-generic/var/cache/portage/dev-util/puffin/out/Default/../../../../../../../tmp/portage/dev-util/puffin-0.0.1-r355/work/puffin-0.0.1/platform2/puffin/src/puffin_unittest.cc:261:0
puffin-0.0.1-r355:  *     #10 0x7f0180b9b0f0 in testing::internal::TestFactoryImpl<puffin::PuffinTest_DynamicHuffmanTest_Test>::CreateTest() /build/amd64-generic/var/cache/portage/dev-util/puffin/out/Default/../../../../../../../usr/include/gtest/internal/gtest-internal.h:484:0
puffin-0.0.1-r355:  *     #11 0x7f0180957a18 in testing::Test* testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::TestFactoryBase, testing::Test*>(testing::internal::TestFactoryBase*, testing::Test* (testing::internal::TestFactoryBase::*)(), char const*) /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2402:10
puffin-0.0.1-r355:  *     #12 0x7f0180957a18 in testing::Test* testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::TestFactoryBase, testing::Test*>(testing::internal::TestFactoryBase*, testing::Test* (testing::internal::TestFactoryBase::*)(), char const*) /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2438:0
puffin-0.0.1-r355:  *     #13 0x7f018093cfe3 in testing::TestInfo::Run() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2647:22
puffin-0.0.1-r355:  *     #14 0x7f018093d896 in testing::TestCase::Run() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2774:28
puffin-0.0.1-r355:  *     #15 0x7f0180946aa6 in testing::internal::UnitTestImpl::RunAllTests() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:4649:43
puffin-0.0.1-r355:  *     #16 0x7f01809583e8 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2402:10
puffin-0.0.1-r355:  *     #17 0x7f01809583e8 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2438:0
puffin-0.0.1-r355:  *     #18 0x7f018094673e in testing::UnitTest::Run() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:4257:10
puffin-0.0.1-r355:  *     #19 0x7f0180c153a7 in RUN_ALL_TESTS() /build/amd64-generic/var/cache/portage/dev-util/puffin/out/Default/../../../../../../../usr/include/gtest/gtest.h:2233:46
puffin-0.0.1-r355:  *     #20 0x7f0180c153a7 in main /build/amd64-generic/var/cache/portage/dev-util/puffin/out/Default/../../../../../../../tmp/portage/dev-util/puffin-0.0.1-r355/work/puffin-0.0.1/platform2/common-mk/testrunner.cc:16:0
puffin-0.0.1-r355:  *     #21 0x7f017f7b8735 in __libc_start_main /var/tmp/portage/cross-x86_64-cros-linux-gnu/glibc-2.23-r15/work/glibc-2.23/csu/../csu/libc-start.c:289:0
puffin-0.0.1-r355:  *     #22 0x7f0180a6c138 in _start ??:0:0
puffin-0.0.1-r355:  * 
puffin-0.0.1-r355:  * HINT: if you don't care about these errors you may set ASAN_OPTIONS=detect_container_overflow=0.
puffin-0.0.1-r355:  * If you suspect a false positive see also: https://github.com/google/sanitizers/wiki/AddressSanitizerContainerOverflow.
puffin-0.0.1-r355:  * SUMMARY: AddressSanitizer: container-overflow (/var/cache/portage/dev-util/puffin/out/Default/puffin_unittest+0x245124)
puffin-0.0.1-r355:  * Shadow bytes around the buggy address:
puffin-0.0.1-r355:  *   0x0c327fffc2c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
puffin-0.0.1-r355:  *   0x0c327fffc2d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fa
puffin-0.0.1-r355:  *   0x0c327fffc2e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
puffin-0.0.1-r355:  *   0x0c327fffc2f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
puffin-0.0.1-r355:  *   0x0c327fffc300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
puffin-0.0.1-r355:  * =>0x0c327fffc310: 00 00[04]fc fc fc fc fc fc fc fc fc fc fc fc fc
puffin-0.0.1-r355:  *   0x0c327fffc320: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
puffin-0.0.1-r355:  *   0x0c327fffc330: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
puffin-0.0.1-r355:  *   0x0c327fffc340: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
puffin-0.0.1-r355:  *   0x0c327fffc350: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
puffin-0.0.1-r355:  *   0x0c327fffc360: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
puffin-0.0.1-r355:  * Shadow byte legend (one shadow byte represents 8 application bytes):
puffin-0.0.1-r355:  *   Addressable:           00
puffin-0.0.1-r355:  *   Partially addressable: 01 02 03 04 05 06 07
puffin-0.0.1-r355:  *   Heap left redzone:       fa
puffin-0.0.1-r355:  *   Freed heap region:       fd
puffin-0.0.1-r355:  *   Stack left redzone:      f1
puffin-0.0.1-r355:  *   Stack mid redzone:       f2
puffin-0.0.1-r355:  *   Stack right redzone:     f3
puffin-0.0.1-r355:  *   Stack after return:      f5
puffin-0.0.1-r355:  *   Stack use after scope:   f8
puffin-0.0.1-r355:  *   Global redzone:          f9
puffin-0.0.1-r355:  *   Global init order:       f6
puffin-0.0.1-r355:  *   Poisoned by user:        f7
puffin-0.0.1-r355:  *   Container overflow:      fc
puffin-0.0.1-r355:  *   Array cookie:            ac
puffin-0.0.1-r355:  *   Intra object redzone:    bb
puffin-0.0.1-r355:  *   ASan internal:           fe
puffin-0.0.1-r355:  *   Left alloca redzone:     ca
puffin-0.0.1-r355:  *   Right alloca redzone:    cb
puffin-0.0.1-r355:  * ==17==ABORTING

Comment 1 by ahass...@chromium.org, Jan 29 2018

Status: Started (was: Untriaged)

Comment 2 by ahass...@chromium.org, Jan 30 2018

tracking this in b/72708841 since puffin is in android now.

Comment 3 by ahass...@chromium.org, Feb 1 2018

Status: Fixed (was: Started)

Marking this as fixed as relevant CLs are landed in AOSP.

Comment 4 by ahass...@chromium.org, Feb 1 2018

Also the latest asan builders show puffin with no failure in unittests.

https://build.chromium.org/p/chromiumos/builders/amd64-generic-asan/builds/23173

Comment 5 by manojgupta@chromium.org, Mar 15 2018

Labels: libcxx_asan

►

Issue 806603 link

Issue metadata

Puffin failing in asan

Issue description

Comment 1 by ahass...@chromium.org, Jan 29 2018

Comment 1 Deleted

Comment 2 by ahass...@chromium.org, Jan 30 2018

Comment 2 Deleted

Comment 3 by ahass...@chromium.org, Feb 1 2018

Comment 3 Deleted

Comment 4 by ahass...@chromium.org, Feb 1 2018

Comment 4 Deleted

Comment 5 by manojgupta@chromium.org, Mar 15 2018

Comment 5 Deleted

Sign in to add a comment