You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues-all@impala.apache.org by "Pooja Nilangekar (JIRA)" <ji...@apache.org> on 2018/11/27 17:22:00 UTC
[jira] [Resolved] (IMPALA-7882) ASAN failure in llvm-codegen-test
[ https://issues.apache.org/jira/browse/IMPALA-7882?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pooja Nilangekar resolved IMPALA-7882.
--------------------------------------
Resolution: Fixed
Fix Version/s: Impala 3.2.0
> ASAN failure in llvm-codegen-test
> ---------------------------------
>
> Key: IMPALA-7882
> URL: https://issues.apache.org/jira/browse/IMPALA-7882
> Project: IMPALA
> Issue Type: Bug
> Components: Backend
> Affects Versions: Impala 3.2.0
> Reporter: Joe McDonnell
> Assignee: Pooja Nilangekar
> Priority: Blocker
> Labels: broken-build
> Fix For: Impala 3.2.0
>
>
> The llvm-codegen-test backend test is failing under ASAN with the following output:
> {noformat}
> 18:12:34 [ RUN ] LlvmCodeGenTest.StringValue
> 18:12:34 =================================================================
> 18:12:34 ==124917==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffc0f39e86c at pc 0x0000017ea479 bp 0x7ffc0f39e550 sp 0x7ffc0f39e548
> 18:12:34 READ of size 4 at 0x7ffc0f39e86c thread T0
> 18:12:34 #0 0x17ea478 in testing::AssertionResult testing::internal::CmpHelperEQ<int, int>(char const*, char const*, int const&, int const&) /data/jenkins/workspace/impala-asf-master-core-asan/Impala-Toolchain/gtest-1.6.0/include/gtest/gtest.h:1316:19
> 18:12:34 #1 0x17d3a8d in _ZN7testing8internal8EqHelperILb1EE7CompareIiiEENS_15AssertionResultEPKcS6_RKT_RKT0_PNS0_8EnableIfIXntsr10is_pointerISA_EE5valueEE4typeE /data/jenkins/workspace/impala-asf-master-core-asan/Impala-Toolchain/gtest-1.6.0/include/gtest/gtest.h:1392:12
> 18:12:34 #2 0x17c656b in impala::LlvmCodeGenTest_StringValue_Test::TestBody() /data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/codegen/llvm-codegen-test.cc:379:3
> 18:12:34 #3 0x4d55af2 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) (/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/codegen/llvm-codegen-test+0x4d55af2)
> 18:12:34 #4 0x4d4c669 in testing::Test::Run() (/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/codegen/llvm-codegen-test+0x4d4c669)
> 18:12:34 #5 0x4d4c7b7 in testing::TestInfo::Run() (/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/codegen/llvm-codegen-test+0x4d4c7b7)
> 18:12:34 #6 0x4d4c894 in testing::TestCase::Run() (/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/codegen/llvm-codegen-test+0x4d4c894)
> 18:12:34 #7 0x4d4db17 in testing::internal::UnitTestImpl::RunAllTests() (/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/codegen/llvm-codegen-test+0x4d4db17)
> 18:12:34 #8 0x4d4ddf2 in testing::UnitTest::Run() (/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/codegen/llvm-codegen-test+0x4d4ddf2)
> 18:12:34 #9 0x17ce16e in main /data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/codegen/llvm-codegen-test.cc:569:10
> 18:12:34 #10 0x7fc221bd5c04 in __libc_start_main (/lib64/libc.so.6+0x21c04)
> 18:12:34 #11 0x16b63c6 in _start (/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/codegen/llvm-codegen-test+0x16b63c6)
> 18:12:34
> 18:12:34 Address 0x7ffc0f39e86c is located in stack of thread T0 at offset 492 in frame
> 18:12:34 #0 0x17c567f in impala::LlvmCodeGenTest_StringValue_Test::TestBody() /data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/codegen/llvm-codegen-test.cc:343
> 18:12:34
> 18:12:34 This frame has 57 object(s):
> 18:12:34 [32, 40) 'codegen' (line 344)
> 18:12:34 [64, 72) 'ref.tmp' (line 345)
> 18:12:34 [96, 104) 'ref.tmp2' (line 345)
> 18:12:34 [128, 129) 'ref.tmp3' (line 345)
> 18:12:34 [144, 160) 'gtest_ar_' (line 345)
> 18:12:34 [176, 184) 'temp.lvalue'
> 18:12:34 [208, 216) 'ref.tmp6' (line 345)
> 18:12:34 [240, 248) 'temp.lvalue8'
> 18:12:34 [272, 288) 'ref.tmp9' (line 345)
> 18:12:34 [304, 320) 'gtest_ar_12' (line 346)
> 18:12:34 [336, 344) 'ref.tmp15' (line 346)
> 18:12:34 [368, 376) 'temp.lvalue16'
> 18:12:34 [400, 416) 'ref.tmp17' (line 346)
> 18:12:34 [432, 440) 'str' (line 348)
> 18:12:34 [464, 465) 'ref.tmp19' (line 348)
> 18:12:34 [480, 492) 'str_val' (line 350) <== Memory access at offset 492 overflows this variable
> 18:12:34 [512, 528) 'gtest_ar_24' (line 357)
> 18:12:34 [544, 552) 'ref.tmp27' (line 357)
> 18:12:34 [576, 584) 'temp.lvalue28'
> 18:12:34 [608, 624) 'ref.tmp29' (line 357)
> 18:12:34 [640, 648) 'jitted_fn' (line 360)
> 18:12:34 [672, 680) 'ref.tmp33' (line 362)
> 18:12:34 [704, 720) 'gtest_ar_35' (line 362)
> 18:12:34 [736, 744) 'temp.lvalue38'
> 18:12:34 [768, 776) 'ref.tmp40' (line 362)
> 18:12:34 [800, 808) 'temp.lvalue42'
> 18:12:34 [832, 848) 'ref.tmp43' (line 362)
> 18:12:34 [864, 880) 'gtest_ar_47' (line 363)
> 18:12:34 [896, 904) 'ref.tmp50' (line 363)
> 18:12:34 [928, 936) 'temp.lvalue51'
> 18:12:34 [960, 976) 'ref.tmp52' (line 363)
> 18:12:34 [992, 996) 'result' (line 368)
> 18:12:34 [1008, 1024) 'gtest_ar' (line 371)
> 18:12:34 [1040, 1048) 'ref.tmp56' (line 371)
> 18:12:34 [1072, 1080) 'ref.tmp59' (line 371)
> 18:12:34 [1104, 1112) 'temp.lvalue60'
> 18:12:34 [1136, 1152) 'gtest_ar62' (line 372)
> 18:12:34 [1168, 1169) 'ref.tmp63' (line 372)
> 18:12:34 [1184, 1192) 'ref.tmp66' (line 372)
> 18:12:34 [1216, 1224) 'temp.lvalue67'
> 18:12:34 [1248, 1264) 'gtest_ar69' (line 373)
> 18:12:34 [1280, 1284) 'ref.tmp70' (line 373)
> 18:12:34 [1296, 1304) 'ref.tmp73' (line 373)
> 18:12:34 [1328, 1336) 'temp.lvalue74'
> 18:12:34 [1360, 1376) 'gtest_ar76' (line 374)
> 18:12:34 [1392, 1400) 'ref.tmp77' (line 374)
> 18:12:34 [1424, 1432) 'ref.tmp79' (line 374)
> 18:12:34 [1456, 1464) 'ref.tmp82' (line 374)
> 18:12:34 [1488, 1496) 'temp.lvalue83'
> 18:12:34 [1520, 1536) 'gtest_ar85' (line 378)
> 18:12:34 [1552, 1556) 'ref.tmp86' (line 378)
> 18:12:34 [1568, 1576) 'ref.tmp89' (line 378)
> 18:12:34 [1600, 1608) 'temp.lvalue90'
> 18:12:34 [1632, 1648) 'gtest_ar92' (line 379)
> 18:12:34 [1664, 1668) 'ref.tmp93' (line 379)
> 18:12:34 [1680, 1688) 'ref.tmp96' (line 379)
> 18:12:34 [1712, 1720) 'temp.lvalue97'
> 18:12:34 HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext
> 18:12:34 (longjmp and C++ exceptions *are* supported)
> 18:12:34 SUMMARY: AddressSanitizer: stack-buffer-overflow /data/jenkins/workspace/impala-asf-master-core-asan/Impala-Toolchain/gtest-1.6.0/include/gtest/gtest.h:1316:19 in testing::AssertionResult testing::internal::CmpHelperEQ<int, int>(char const*, char const*, int const&, int const&)
> 18:12:34 Shadow bytes around the buggy address:
> 18:12:34 0x100001e6bcb0: f8 f8 f2 f2 f8 f8 f3 f3 00 00 00 00 00 00 00 00
> 18:12:34 0x100001e6bcc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 18:12:34 0x100001e6bcd0: f1 f1 f1 f1 00 f2 f2 f2 f8 f2 f2 f2 f8 f2 f2 f2
> 18:12:34 0x100001e6bce0: f8 f2 f8 f8 f2 f2 00 f2 f2 f2 f8 f2 f2 f2 00 f2
> 18:12:34 0x100001e6bcf0: f2 f2 f8 f8 f2 f2 f8 f8 f2 f2 f8 f2 f2 f2 00 f2
> 18:12:34 =>0x100001e6bd00: f2 f2 f8 f8 f2 f2 00 f2 f2 f2 f8 f2 00[04]f2 f2
> 18:12:34 0x100001e6bd10: f8 f8 f2 f2 f8 f2 f2 f2 00 f2 f2 f2 f8 f8 f2 f2
> 18:12:34 0x100001e6bd20: 00 f2 f2 f2 f8 f2 f2 f2 f8 f8 f2 f2 00 f2 f2 f2
> 18:12:34 0x100001e6bd30: f8 f2 f2 f2 00 f2 f2 f2 f8 f8 f2 f2 f8 f8 f2 f2
> 18:12:34 0x100001e6bd40: f8 f2 f2 f2 00 f2 f2 f2 f8 f8 f2 f2 04 f2 f8 f8
> 18:12:34 0x100001e6bd50: f2 f2 f8 f2 f2 f2 f8 f2 f2 f2 00 f2 f2 f2 f8 f8
> 18:12:34 Shadow byte legend (one shadow byte represents 8 application bytes):
> 18:12:34 Addressable: 00
> 18:12:34 Partially addressable: 01 02 03 04 05 06 07
> 18:12:34 Heap left redzone: fa
> 18:12:34 Freed heap region: fd
> 18:12:34 Stack left redzone: f1
> 18:12:34 Stack mid redzone: f2
> 18:12:34 Stack right redzone: f3
> 18:12:34 Stack after return: f5
> 18:12:34 Stack use after scope: f8
> 18:12:34 Global redzone: f9
> 18:12:34 Global init order: f6
> 18:12:34 Poisoned by user: f7
> 18:12:34 Container overflow: fc
> 18:12:34 Array cookie: ac
> 18:12:34 Intra object redzone: bb
> 18:12:34 ASan internal: fe
> 18:12:34 Left alloca redzone: ca
> 18:12:34 Right alloca redzone: cb
> 18:12:34 ==124917==ABORTING{noformat}
> I confirmed this on my development system.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-all-unsubscribe@impala.apache.org
For additional commands, e-mail: issues-all-help@impala.apache.org