Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ASan crashes in _CFRuntimeSetInstanceTypeID on Mac OS 10.8 #122

Closed
ramosian-glider opened this issue Aug 31, 2015 · 5 comments
Closed

ASan crashes in _CFRuntimeSetInstanceTypeID on Mac OS 10.8 #122

ramosian-glider opened this issue Aug 31, 2015 · 5 comments
Labels
OpSys-OSX Priority-Medium ProjectAddressSanitizer Status-Fixed Type-Defect

Comments

@ramosian-glider
Copy link
Member

Originally reported on Google Code with ID 122

To reproduce, build Chromium v8_shell with the latest Clang.

$ GYP_DEFINES="asan=1 dcheck_always_on=1 fastbuild=1 clang=1 component=static_library"
GYP_GENERATORS=ninja gclient runhooks
$ ninja -C out/Release v8_shell
$ $ out/Release/v8_shell
ASAN:SIGSEGV
=================================================================
==89012== ERROR: AddressSanitizer crashed on unknown address 0x00000000 (pc 0x996ea80f
sp 0xbff89f30 bp 0xbff89f58 T0)
AddressSanitizer can not provide additional info.
    #0 0x996ea80e (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0xd80e)
    #1 0x99749066 (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x6c066)
    #2 0x831af (/Users/glider/src/chrome-commit/src/out/Release/v8_shell+0xe1af)
    #3 0x8fe88cd9
    #4 0x8fe88fdd
    #5 0x8fe85267
    #6 0x8fe851cb
    #7 0x8fe850b9
    #8 0x8fe76e04
    #9 0x8fe7aada
    #10 0x8fe76375
    #11 0x8fe76076
    #12 0x0
Stats: 0M malloced (0M for red zones) by 1 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (128 full pages) mmaped in 1 calls
  mmaps   by size class: 8:2047; 
  mallocs by size class: 8:1; 
  frees   by size class: 
  rfrees  by size class: 
Stats: malloc large: 0 small slow: 1
==89012== ABORTING

$ gdb out/Release/v8_shell
(gdb) r
Starting program: /Users/glider/src/chrome-commit/src/out/Release/v8_shell 
Reading symbols for shared libraries .+++................................ done

Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_PROTECTION_FAILURE at address: 0x00000000
0x996ea80f in _CFRuntimeSetInstanceTypeID ()
(gdb) bt
#0  0x996ea80f in _CFRuntimeSetInstanceTypeID ()
#1  0x99749067 in CFAllocatorCreate ()
#2  0x0000e1b0 in __asan::ReplaceCFAllocator ()
#3  0x8fe13cda in __dyld__ZN16ImageLoaderMachO18doModInitFunctionsERKN11ImageLoader11LinkContextE
()
#4  0x8fe13fde in __dyld__ZN16ImageLoaderMachO16doInitializationERKN11ImageLoader11LinkContextE
()
#5  0x8fe10268 in __dyld__ZN11ImageLoader23recursiveInitializationERKNS_11LinkContextEjRNS_21InitializerTimingListE
()
#6  0x8fe101cc in __dyld__ZN11ImageLoader23recursiveInitializationERKNS_11LinkContextEjRNS_21InitializerTimingListE
()
#7  0x8fe100ba in __dyld__ZN11ImageLoader15runInitializersERKNS_11LinkContextERNS_21InitializerTimingListE
()
#8  0x8fe01e05 in __dyld__ZN4dyld24initializeMainExecutableEv ()
#9  0x8fe05adb in __dyld__ZN4dyld5_mainEPK12macho_headermiPPKcS5_S5_Pm ()
#10 0x8fe01376 in __dyld__ZN13dyldbootstrap5startEPK12macho_headeriPPKclS2_Pm ()
#11 0x8fe01077 in __dyld__dyld_start ()

Reported by ramosian.glider on 2012-10-16 15:39:06
@ramosian-glider
Copy link
Member Author

Reported by glider@chromium.org on 2012-10-16 15:46:49

  • Blocking: #156005

@ramosian-glider
Copy link
Member Author 

Looks like issue 87 striking back.
Setting breakpoints in _CFInitialize and _CFAllocatorInitialize shows they aren't being
called before ReplaceCFAllocator.
In fact ReplaceCFAllocator is being called from AsanThread::Init() before any initialization
happens.

Reported by ramosian.glider on 2012-10-16 16:59:59

@ramosian-glider
Copy link
Member Author 

Committed a fix in r166029.

Reported by ramosian.glider on 2012-10-16 17:03:13

@ramosian-glider
Copy link
Member Author

Reported by ramosian.glider on 2012-10-17 09:36:14

  • Status changed: Fixed

@ramosian-glider
Copy link
Member Author 

Adding Project:AddressSanitizer as part of GitHub migration.

Reported by ramosian.glider on 2015-07-30 09:13:40

  • Labels added: ProjectAddressSanitizer

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
OpSys-OSX Priority-Medium ProjectAddressSanitizer Status-Fixed Type-Defect
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ramosian-glider