Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ASAN throwing heap-buffer-overflow errors during precompilation #53898

Closed
Zentrik opened this issue Mar 30, 2024 · 4 comments
Closed

ASAN throwing heap-buffer-overflow errors during precompilation #53898

Zentrik opened this issue Mar 30, 2024 · 4 comments

Comments

@Zentrik
Copy link
Member

Zentrik commented Mar 30, 2024 

julia> versioninfo()
Julia Version 1.12.0-DEV.265
Commit b18d2cc704* (2024-03-28 20:41 UTC)
Build Info:
  DEBUG build
Platform Info:
  OS: Linux (x86_64-unknown-linux-gnu)
  CPU: 16 × AMD Ryzen 7 1700 Eight-Core Processor
  WORD_SIZE: 64
  LLVM: libLLVM-16.0.6 (ORCJIT, znver1)
Threads: 1 default, 0 interactive, 1 GC (on 16 virtual cores)

After building I ran ./build.sh ./tmp/test-asan binary-dist and got this error three times

==209050==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x610018bb7dc0 at pc 0x7ffff74952f1 bp 0x7ffffffea770 sp 0x7ffffffe9f30
READ of size 52 at 0x610018bb7dc0 thread T0
    #0 0x7ffff74952f0 in __interceptor_strlen.part.0 /workspace/srcdir/llvm-project/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:437:5
    #1 0x7fffd76491e3 in parse_string /workspace/srcdir/mpfr-4.2.1/src/strtofr.c:329
    #2 0x7fffd76491e3 in mpfr_strtofr /workspace/srcdir/mpfr-4.2.1/src/strtofr.c:958
    #3 0x7fffd6a0bd4b  (<unknown module>)
    #4 0x7fffd6a0fd7f  (<unknown module>)
    #5 0x7fffd6a180c6  (<unknown module>)
    #6 0x7fffd6a1824e  (<unknown module>)
    #7 0x7ffff34f94b7 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2994:23
    #8 0x7ffff34f964b in ijl_apply_generic /home/rag/Documents/Code/julia-lto-2/src/gf.c:3171:12
    #9 0x7fffd67d63ab  (<unknown module>)
    #10 0x7ffff34d0d69 in jl_fptr_args /home/rag/Documents/Code/julia-lto-2/src/gf.c:2636:12
    #11 0x7ffff34f94b7 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2994:23
    #12 0x7ffff34f8e74 in ijl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:3001:12
    #13 0x7ffff35f17a0 in jl_toplevel_eval_flex /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:944:18
    #14 0x7ffff35f04a7 in jl_toplevel_eval_flex /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:893:19
    #15 0x7ffff35f6b3b in ijl_toplevel_eval /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:964:12
    #16 0x7ffff35f721b in ijl_toplevel_eval_in /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:1006:13
    #17 0x7fffdaa537aa in eval boot.jl:432
    #18 0x7fffdaa537aa in japi1_include_string_57616 loading.jl:2535
    #19 0x7ffff34d0d69 in jl_fptr_args /home/rag/Documents/Code/julia-lto-2/src/gf.c:2636:12
    #20 0x7ffff34f91c6 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2975:35
    #21 0x7ffff34f964b in ijl_apply_generic /home/rag/Documents/Code/julia-lto-2/src/gf.c:3171:12
    #22 0x7fffd902d226 in japi1__include_57625 loading.jl:2595
    #23 0x7fffd9f7dce1 in julia_include_38465 Base.jl:559
    #24 0x7fffd9f7dea4 in jfptr_include_38466 (/home/rag/Documents/Code/julia-lto-2/contrib/asan/tmp/test-asan/asan/usr/lib/julia/sys-debug.so+0x137dea4)
    #25 0x7ffff34f91c6 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2975:35
    #26 0x7ffff34f964b in ijl_apply_generic /home/rag/Documents/Code/julia-lto-2/src/gf.c:3171:12
    #27 0x7ffff353c6ca in jl_apply /home/rag/Documents/Code/julia-lto-2/src/julia.h:2184:12
    #28 0x7ffff353c634 in jl_f__call_latest /home/rag/Documents/Code/julia-lto-2/src/builtins.c:875:23
    #29 0x7fffd666b2b3  (<unknown module>)
    #30 0x7fffd666b3be  (<unknown module>)
    #31 0x7ffff34f91c6 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2975:35
    #32 0x7ffff34f964b in ijl_apply_generic /home/rag/Documents/Code/julia-lto-2/src/gf.c:3171:12
    #33 0x7ffff357bc6a in jl_apply /home/rag/Documents/Code/julia-lto-2/src/julia.h:2184:12
    #34 0x7ffff357b630 in do_call /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:126:26
    #35 0x7ffff35767de in eval_value /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:223:16
    #36 0x7ffff357a1fc in eval_stmt_value /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:174:23
    #37 0x7ffff3573121 in eval_body /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:659:21
    #38 0x7ffff3575013 in jl_interpret_toplevel_thunk /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:829:21
    #39 0x7ffff35f1942 in jl_toplevel_eval_flex /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:953:18
    #40 0x7ffff35f3f78 in jl_eval_module_expr /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:215:15
    #41 0x7ffff35edc96 in jl_toplevel_eval_flex /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:746:27
    #42 0x7ffff35f04a7 in jl_toplevel_eval_flex /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:893:19
    #43 0x7ffff35f6b3b in ijl_toplevel_eval /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:964:12
    #44 0x7ffff35f721b in ijl_toplevel_eval_in /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:1006:13
    #45 0x7fffdaa537aa in eval boot.jl:432
    #46 0x7fffdaa537aa in japi1_include_string_57616 loading.jl:2535
    #47 0x7ffff34d0d69 in jl_fptr_args /home/rag/Documents/Code/julia-lto-2/src/gf.c:2636:12
    #48 0x7ffff34f91c6 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2975:35
    #49 0x7ffff34f964b in ijl_apply_generic /home/rag/Documents/Code/julia-lto-2/src/gf.c:3171:12
    #50 0x7fffd902d226 in japi1__include_57625 loading.jl:2595
    #51 0x7fffd95f3dd4 in include Base.jl:559
    #52 0x7fffd95f3dd4 in julia_include_package_for_output_57695 loading.jl:2713
    #53 0x7fffd95f72fa in jfptr_include_package_for_output_57696 (/home/rag/Documents/Code/julia-lto-2/contrib/asan/tmp/test-asan/asan/usr/lib/julia/sys-debug.so+0x9f72fa)
    #54 0x7ffff34f91c6 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2975:35
    #55 0x7ffff34f964b in ijl_apply_generic /home/rag/Documents/Code/julia-lto-2/src/gf.c:3171:12
    #56 0x7ffff357bc6a in jl_apply /home/rag/Documents/Code/julia-lto-2/src/julia.h:2184:12
    #57 0x7ffff357b630 in do_call /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:126:26
    #58 0x7ffff35767de in eval_value /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:223:16
    #59 0x7ffff357a1fc in eval_stmt_value /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:174:23
    #60 0x7ffff3573121 in eval_body /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:659:21
    #61 0x7ffff3575013 in jl_interpret_toplevel_thunk /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:829:21
    #62 0x7ffff35f1942 in jl_toplevel_eval_flex /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:953:18
    #63 0x7ffff35f04a7 in jl_toplevel_eval_flex /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:893:19
    #64 0x7ffff35f6b3b in ijl_toplevel_eval /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:964:12
    #65 0x7ffff35f721b in ijl_toplevel_eval_in /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:1006:13
    #66 0x7fffdaa537aa in eval boot.jl:432
    #67 0x7fffdaa537aa in japi1_include_string_57616 loading.jl:2535
    #68 0x7fffd9e247e7 in include_string loading.jl:2545
    #69 0x7fffd9e247e7 in julia_exec_options_58891 client.jl:255
    #70 0x7fffdaabba54 in julia__start_59044 client.jl:533
    #71 0x7fffd9e1dd97 in jfptr__start_59045 (/home/rag/Documents/Code/julia-lto-2/contrib/asan/tmp/test-asan/asan/usr/lib/julia/sys-debug.so+0x121dd97)
    #72 0x7ffff34f91c6 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2975:35
    #73 0x7ffff34f964b in ijl_apply_generic /home/rag/Documents/Code/julia-lto-2/src/gf.c:3171:12
    #74 0x7ffff36b41da in jl_apply /home/rag/Documents/Code/julia-lto-2/src/julia.h:2184:12
    #75 0x7ffff36b7efc in true_main /home/rag/Documents/Code/julia-lto-2/src/jlapi.c:900:29
    #76 0x7ffff36b793e in jl_repl_entrypoint /home/rag/Documents/Code/julia-lto-2/src/jlapi.c:1059:15
    #77 0x7ffff73c7702 in jl_load_repl /home/rag/Documents/Code/julia-lto-2/cli/loader_lib.c:569:12

0x610018bb7dc0 is located 0 bytes after 128-byte region [0x610018bb7d40,0x610018bb7dc0)
allocated by thread T0 here:
    #0 0x7ffff754a94c in __interceptor_posix_memalign /workspace/srcdir/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
    #1 0x7ffff367b810 in jl_malloc_aligned /home/rag/Documents/Code/julia-lto-2/src/gc.c:253:9
    #2 0x7ffff36666ca in jl_gc_big_alloc_inner /home/rag/Documents/Code/julia-lto-2/src/gc.c:1017:30
    #3 0x7ffff36665cc in ijl_gc_big_alloc /home/rag/Documents/Code/julia-lto-2/src/gc.c:1038:23
    #4 0x7ffff3667ed9 in jl_gc_pool_alloc_inner /home/rag/Documents/Code/julia-lto-2/src/gc.c:1317:12
    #5 0x7ffff3667f50 in jl_gc_pool_alloc_noinline /home/rag/Documents/Code/julia-lto-2/src/gc.c:1386:12
    #6 0x7ffff3666518 in jl_gc_alloc_ /home/rag/Documents/Code/julia-lto-2/src/julia_internal.h:505:13
    #7 0x7ffff3679574 in jl_gc_alloc /home/rag/Documents/Code/julia-lto-2/src/gc.c:3976:12
    #8 0x7ffff3598803 in _new_genericmemory_ /home/rag/Documents/Code/julia-lto-2/src/genericmemory.c:56:30
    #9 0x7ffff3599123 in jl_alloc_genericmemory /home/rag/Documents/Code/julia-lto-2/src/genericmemory.c:99:12
    #10 0x7fffd67e5468  (<unknown module>)
    #11 0x7fffd67e59d6  (<unknown module>)
    #12 0x7ffff34f91c6 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2975:35
    #13 0x7ffff34f964b in ijl_apply_generic /home/rag/Documents/Code/julia-lto-2/src/gf.c:3171:12
    #14 0x7fffd67d532d  (<unknown module>)
    #15 0x7ffff34d0d69 in jl_fptr_args /home/rag/Documents/Code/julia-lto-2/src/gf.c:2636:12
    #16 0x7ffff34f94b7 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2994:23
    #17 0x7ffff34f8e74 in ijl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:3001:12
    #18 0x7ffff35f17a0 in jl_toplevel_eval_flex /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:944:18
    #19 0x7ffff35f04a7 in jl_toplevel_eval_flex /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:893:19
    #20 0x7ffff35f6b3b in ijl_toplevel_eval /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:964:12
    #21 0x7ffff35f721b in ijl_toplevel_eval_in /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:1006:13
    #22 0x7fffdaa537aa in eval boot.jl:432
    #23 0x7fffdaa537aa in japi1_include_string_57616 loading.jl:2535
    #24 0x7ffff34d0d69 in jl_fptr_args /home/rag/Documents/Code/julia-lto-2/src/gf.c:2636:12
    #25 0x7ffff34f91c6 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2975:35
    #26 0x7ffff34f964b in ijl_apply_generic /home/rag/Documents/Code/julia-lto-2/src/gf.c:3171:12
    #27 0x7fffd902d226 in japi1__include_57625 loading.jl:2595
    #28 0x7fffd9f7dce1 in julia_include_38465 Base.jl:559
    #29 0x7fffd9f7dea4 in jfptr_include_38466 (/home/rag/Documents/Code/julia-lto-2/contrib/asan/tmp/test-asan/asan/usr/lib/julia/sys-debug.so+0x137dea4)
    #30 0x7ffff34f91c6 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2975:35

SUMMARY: AddressSanitizer: heap-buffer-overflow /workspace/srcdir/llvm-project/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:437:5 in __interceptor_strlen.part.0
Shadow bytes around the buggy address:
  0x610018bb7b00: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
  0x610018bb7b80: fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa
  0x610018bb7c00: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
  0x610018bb7c80: 00 00 00 00 00 00 00 00 fa fa fa fa fa fa fa fa
  0x610018bb7d00: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
=>0x610018bb7d80: 00 00 00 00 00 00 00 00[fa]fa fa fa fa fa fa fa
  0x610018bb7e00: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
  0x610018bb7e80: fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa
  0x610018bb7f00: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
  0x610018bb7f80: fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa
  0x610018bb8000: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==209050==ABORTING

Running binary-dist on CI segfaulted but ASAN didn't print any info, https://buildkite.com/julialang/julia-buildkite/builds/1482#018e7d5d-3b05-4e40-aa4a-dd931b9eceeb.
I'm running with ASLR disabled as otherwise I was having trouble building.
Both CI and locally the warning WARNING: using mismatched version for sanitizers: was printed, not sure if that affects anything.

Full log is here.
@giordano
Copy link
Contributor

Should that be reported to mpfr? Does it happen before 61caaa8?

@Zentrik
Copy link
Member Author

Zentrik commented Mar 30, 2024
edited
Loading

Yes I'm getting a similar error on 944f180.
I think the only thing that changed is now it's a read of size 49 and it was only repeated twice

==270359==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61000f891cc0 at pc 0x7ffff74952f1 bp 0x7ffffffea320 sp 0x7ffffffe9ae0
READ of size 50 at 0x61000f891cc0 thread T0
    #0 0x7ffff74952f0 in __interceptor_strlen.part.0 /workspace/srcdir/llvm-project/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:437:5
    #1 0x7fffd7649117 in parse_string /workspace/srcdir/mpfr-4.2.0/src/strtofr.c:326
    #2 0x7fffd7649117 in mpfr_strtofr /workspace/srcdir/mpfr-4.2.0/src/strtofr.c:952
    #3 0x7fffd6a0bd4b  (<unknown module>)
    #4 0x7fffd6a0fd7f  (<unknown module>)
    #5 0x7fffd6a180c6  (<unknown module>)
    #6 0x7fffd6a1824e  (<unknown module>)
    #7 0x7ffff34f94b7 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2994:23
    #8 0x7ffff34f964b in ijl_apply_generic /home/rag/Documents/Code/julia-lto-2/src/gf.c:3171:12
    #9 0x7fffd67d63ab  (<unknown module>)
    #10 0x7ffff34d0d69 in jl_fptr_args /home/rag/Documents/Code/julia-lto-2/src/gf.c:2636:12
    #11 0x7ffff34f94b7 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2994:23
    #12 0x7ffff34f8e74 in ijl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:3001:12
    #13 0x7ffff35f12c0 in jl_toplevel_eval_flex /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:944:18
    #14 0x7ffff35effc7 in jl_toplevel_eval_flex /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:893:19
    #15 0x7ffff35f665b in ijl_toplevel_eval /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:964:12
    #16 0x7ffff35f6d3b in ijl_toplevel_eval_in /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:1006:13
    #17 0x7fffd93dd474 in eval boot.jl:432
    #18 0x7fffd93dd474 in japi1_include_string_57580 loading.jl:2535
    #19 0x7ffff34d0d69 in jl_fptr_args /home/rag/Documents/Code/julia-lto-2/src/gf.c:2636:12
    #20 0x7ffff34f91c6 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2975:35
    #21 0x7ffff34f964b in ijl_apply_generic /home/rag/Documents/Code/julia-lto-2/src/gf.c:3171:12
    #22 0x7fffd9c575d1 in japi1__include_57589 loading.jl:2595
    #23 0x7fffd96df3c1 in julia_include_38425 Base.jl:559
    #24 0x7fffda747614 in jfptr_include_38426 (/home/rag/Documents/Code/julia-lto-2/contrib/asan/tmp/test-asan/asan/usr/lib/julia/sys-debug.so+0x1b47614)
    #25 0x7ffff34f91c6 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2975:35
    #26 0x7ffff34f964b in ijl_apply_generic /home/rag/Documents/Code/julia-lto-2/src/gf.c:3171:12
    #27 0x7ffff353c60a in jl_apply /home/rag/Documents/Code/julia-lto-2/src/julia.h:2184:12
    #28 0x7ffff353c574 in jl_f__call_latest /home/rag/Documents/Code/julia-lto-2/src/builtins.c:875:23
    #29 0x7fffd666b2b3  (<unknown module>)
    #30 0x7fffd666b3be  (<unknown module>)
    #31 0x7ffff34f91c6 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2975:35
    #32 0x7ffff34f964b in ijl_apply_generic /home/rag/Documents/Code/julia-lto-2/src/gf.c:3171:12
    #33 0x7ffff357b78a in jl_apply /home/rag/Documents/Code/julia-lto-2/src/julia.h:2184:12
    #34 0x7ffff357b150 in do_call /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:126:26
    #35 0x7ffff35762fe in eval_value /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:223:16
    #36 0x7ffff3579d1c in eval_stmt_value /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:174:23
    #37 0x7ffff3573061 in eval_body /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:659:21
    #38 0x7ffff3574b33 in jl_interpret_toplevel_thunk /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:817:21
    #39 0x7ffff35f1462 in jl_toplevel_eval_flex /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:953:18
    #40 0x7ffff35f3a98 in jl_eval_module_expr /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:215:15
    #41 0x7ffff35ed7b6 in jl_toplevel_eval_flex /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:746:27
    #42 0x7ffff35effc7 in jl_toplevel_eval_flex /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:893:19
    #43 0x7ffff35f665b in ijl_toplevel_eval /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:964:12
    #44 0x7ffff35f6d3b in ijl_toplevel_eval_in /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:1006:13
    #45 0x7fffd93dd474 in eval boot.jl:432
    #46 0x7fffd93dd474 in japi1_include_string_57580 loading.jl:2535
    #47 0x7ffff34d0d69 in jl_fptr_args /home/rag/Documents/Code/julia-lto-2/src/gf.c:2636:12
    #48 0x7ffff34f91c6 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2975:35
    #49 0x7ffff34f964b in ijl_apply_generic /home/rag/Documents/Code/julia-lto-2/src/gf.c:3171:12
    #50 0x7fffd9c575d1 in japi1__include_57589 loading.jl:2595
    #51 0x7fffd9618ca9 in include Base.jl:559
    #52 0x7fffd9618ca9 in julia_include_package_for_output_57659 loading.jl:2713
    #53 0x7fffda698bea in jfptr_include_package_for_output_57660 (/home/rag/Documents/Code/julia-lto-2/contrib/asan/tmp/test-asan/asan/usr/lib/julia/sys-debug.so+0x1a98bea)
    #54 0x7ffff34f91c6 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2975:35
    #55 0x7ffff34f964b in ijl_apply_generic /home/rag/Documents/Code/julia-lto-2/src/gf.c:3171:12
    #56 0x7ffff357b78a in jl_apply /home/rag/Documents/Code/julia-lto-2/src/julia.h:2184:12
    #57 0x7ffff357b150 in do_call /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:126:26
    #58 0x7ffff35762fe in eval_value /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:223:16
    #59 0x7ffff3579d1c in eval_stmt_value /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:174:23
    #60 0x7ffff3573061 in eval_body /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:659:21
    #61 0x7ffff3574b33 in jl_interpret_toplevel_thunk /home/rag/Documents/Code/julia-lto-2/src/interpreter.c:817:21
    #62 0x7ffff35f1462 in jl_toplevel_eval_flex /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:953:18
    #63 0x7ffff35effc7 in jl_toplevel_eval_flex /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:893:19
    #64 0x7ffff35f665b in ijl_toplevel_eval /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:964:12
    #65 0x7ffff35f6d3b in ijl_toplevel_eval_in /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:1006:13
    #66 0x7fffd93dd474 in eval boot.jl:432
    #67 0x7fffd93dd474 in japi1_include_string_57580 loading.jl:2535
    #68 0x7fffda6a189e in include_string loading.jl:2545
    #69 0x7fffda6a189e in julia_exec_options_58855 client.jl:255
    #70 0x7fffd91cee4f in julia__start_59008 client.jl:533
    #71 0x7fffda264767 in jfptr__start_59009 (/home/rag/Documents/Code/julia-lto-2/contrib/asan/tmp/test-asan/asan/usr/lib/julia/sys-debug.so+0x1664767)
    #72 0x7ffff34f91c6 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2975:35
    #73 0x7ffff34f964b in ijl_apply_generic /home/rag/Documents/Code/julia-lto-2/src/gf.c:3171:12
    #74 0x7ffff36b3cfa in jl_apply /home/rag/Documents/Code/julia-lto-2/src/julia.h:2184:12
    #75 0x7ffff36b7a1c in true_main /home/rag/Documents/Code/julia-lto-2/src/jlapi.c:900:29
    #76 0x7ffff36b745e in jl_repl_entrypoint /home/rag/Documents/Code/julia-lto-2/src/jlapi.c:1059:15
    #77 0x7ffff73c7702 in jl_load_repl /home/rag/Documents/Code/julia-lto-2/cli/loader_lib.c:569:12

0x61000f891cc0 is located 0 bytes after 128-byte region [0x61000f891c40,0x61000f891cc0)
allocated by thread T0 here:
    #0 0x7ffff754a94c in __interceptor_posix_memalign /workspace/srcdir/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
    #1 0x7ffff367b330 in jl_malloc_aligned /home/rag/Documents/Code/julia-lto-2/src/gc.c:253:9
    #2 0x7ffff36661ea in jl_gc_big_alloc_inner /home/rag/Documents/Code/julia-lto-2/src/gc.c:1017:30
    #3 0x7ffff36660ec in ijl_gc_big_alloc /home/rag/Documents/Code/julia-lto-2/src/gc.c:1038:23
    #4 0x7ffff36679f9 in jl_gc_pool_alloc_inner /home/rag/Documents/Code/julia-lto-2/src/gc.c:1317:12
    #5 0x7ffff3667a70 in jl_gc_pool_alloc_noinline /home/rag/Documents/Code/julia-lto-2/src/gc.c:1386:12
    #6 0x7ffff3666038 in jl_gc_alloc_ /home/rag/Documents/Code/julia-lto-2/src/julia_internal.h:505:13
    #7 0x7ffff3679094 in jl_gc_alloc /home/rag/Documents/Code/julia-lto-2/src/gc.c:3976:12
    #8 0x7ffff3598323 in _new_genericmemory_ /home/rag/Documents/Code/julia-lto-2/src/genericmemory.c:56:30
    #9 0x7ffff3598c43 in jl_alloc_genericmemory /home/rag/Documents/Code/julia-lto-2/src/genericmemory.c:99:12
    #10 0x7fffd67e5468  (<unknown module>)
    #11 0x7fffd67e59d6  (<unknown module>)
    #12 0x7ffff34f91c6 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2975:35
    #13 0x7ffff34f964b in ijl_apply_generic /home/rag/Documents/Code/julia-lto-2/src/gf.c:3171:12
    #14 0x7fffd67d532d  (<unknown module>)
    #15 0x7ffff34d0d69 in jl_fptr_args /home/rag/Documents/Code/julia-lto-2/src/gf.c:2636:12
    #16 0x7ffff34f94b7 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2994:23
    #17 0x7ffff34f8e74 in ijl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:3001:12
    #18 0x7ffff35f12c0 in jl_toplevel_eval_flex /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:944:18
    #19 0x7ffff35effc7 in jl_toplevel_eval_flex /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:893:19
    #20 0x7ffff35f665b in ijl_toplevel_eval /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:964:12
    #21 0x7ffff35f6d3b in ijl_toplevel_eval_in /home/rag/Documents/Code/julia-lto-2/src/toplevel.c:1006:13
    #22 0x7fffd93dd474 in eval boot.jl:432
    #23 0x7fffd93dd474 in japi1_include_string_57580 loading.jl:2535
    #24 0x7ffff34d0d69 in jl_fptr_args /home/rag/Documents/Code/julia-lto-2/src/gf.c:2636:12
    #25 0x7ffff34f91c6 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2975:35
    #26 0x7ffff34f964b in ijl_apply_generic /home/rag/Documents/Code/julia-lto-2/src/gf.c:3171:12
    #27 0x7fffd9c575d1 in japi1__include_57589 loading.jl:2595
    #28 0x7fffd96df3c1 in julia_include_38425 Base.jl:559
    #29 0x7fffda747614 in jfptr_include_38426 (/home/rag/Documents/Code/julia-lto-2/contrib/asan/tmp/test-asan/asan/usr/lib/julia/sys-debug.so+0x1b47614)
    #30 0x7ffff34f91c6 in _jl_invoke /home/rag/Documents/Code/julia-lto-2/src/gf.c:2975:35

SUMMARY: AddressSanitizer: heap-buffer-overflow /workspace/srcdir/llvm-project/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:437:5 in __interceptor_strlen.part.0
Shadow bytes around the buggy address:
  0x61000f891a00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x61000f891a80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x61000f891b00: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
  0x61000f891b80: fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa
  0x61000f891c00: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
=>0x61000f891c80: 00 00 00 00 00 00 00 00[fa]fa fa fa fa fa fa fa
  0x61000f891d00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x61000f891d80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x61000f891e00: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
  0x61000f891e80: fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa
  0x61000f891f00: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==270359==ABORTING

@Zentrik Zentrik mentioned this issue Mar 30, 2024
Closed
@Zentrik
Copy link
Member Author

Zentrik commented Mar 30, 2024
edited
Loading

Didn't have an issue on 5cb0e51 which should be MPFR 4.2.0.

@Zentrik
Copy link
Member Author

Zentrik commented Apr 4, 2024

Bisected to #47105 and specifically it's the bump to Parsers to v2.8.0 from 2.4.0.
Bisecting Parsers I narrowed it down to JuliaData/Parsers.jl@504dfdf, that code does add a call to mpfr_strtofr which is the function triggering ASAN so it might not be a Julia issue.

@Zentrik Zentrik mentioned this issue Apr 4, 2024
Open
@Zentrik Zentrik closed this as completed Apr 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@giordano @Zentrik