octave-bug-tracker
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Octave-bug-tracker] [bug #51948] GUI fails to start when Address Saniti


From: Rik
Subject: [Octave-bug-tracker] [bug #51948] GUI fails to start when Address Sanitizer is compiled in
Date: Tue, 5 Sep 2017 18:53:15 -0400 (EDT)
User-agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:55.0) Gecko/20100101 Firefox/55.0

URL:
  <http://savannah.gnu.org/bugs/?51948>

                 Summary: GUI fails to start when Address Sanitizer is
compiled in
                 Project: GNU Octave
            Submitted by: rik5
            Submitted on: Tue 05 Sep 2017 03:53:14 PM PDT
                Category: Interpreter
                Severity: 3 - Normal
                Priority: 5 - Normal
              Item Group: Other
                  Status: None
             Assigned to: None
         Originator Name: 
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
                 Release: dev
        Operating System: Any

    _______________________________________________________

Details:

When Octave is compiled with --enable-address-sanitizer-flags the GUI refuses
to start.  It was unclear why this was, but now I have a strong indication
that it is due to a heap-buffer-overflow.

I configured the build environment like so


setenv CFLAGS "-ggdb3 -O0 -pipe"
setenv CXXFLAGS "${CFLAGS}"
setenv FFLAGS "${CFLAGS}"
./configure --prefix=/home/rik/local --enable-address-sanitizer-flags
--disable-docs --disable-java --disable-hg-id -C |& tee myconfig.log


Using run-octave fails, so I cd'ed to the src directory and used


strace octave-gui.exe


results were


write(2, "    #0 0x7f5a2e3ec934 in __asan_"..., 88) = 88
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f59eda51000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f59ee2b0000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f59edb09000
mmap(NULL, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f59eda4e000
mmap(NULL, 28672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f59eda47000
mmap(NULL, 61440, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f59eda38000
mmap(NULL, 126976, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f59eda19000
write(2, "    #1 0x7f5a2dd3bbc0 in Termina"..., 109) = 109
write(2, "    #2 0x7f5a2dd24d16 in QUnixTe"..., 132) = 132
write(2, "    #3 0x7f5a28e9d2ed in QWidget"..., 105) = 105
write(2, "    #4 0x7f5a28e57afb in QApplic"..., 135) = 135
write(2, "    #5 0x7f5a28e5d035 in QApplic"..., 121) = 121
write(2, "    #6 0x7f5a285222a7 in QCoreAp"..., 131) = 131
write(2, "    #7 0x7f5a28e95ca1 in QWidget"..., 140) = 140
write(2, "    #8 0x7f5a28e99a42 in QWidget"..., 111) = 111
write(2, "    #9 0x7f5a28e999c6 in QWidget"..., 116) = 116
write(2, "    #10 0x7f5a28e99a5e in QWidge"..., 112) = 112
write(2, "    #11 0x7f5a28e999c6 in QWidge"..., 117) = 117
write(2, "    #12 0x7f5a28e99a5e in QWidge"..., 112) = 112
write(2, "    #13 0x7f5a28e9c87c in QWidge"..., 108) = 108
mmap(NULL, 28672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f59ed9e2000
mmap(NULL, 61440, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f59ed9d3000
mmap(NULL, 126976, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f59ed9b4000
mmap(NULL, 258048, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f59ed975000
munmap(0x7f59ed9b4000, 126976)          = 0
write(2, "    #14 0x7f5a2ddc15ac in main_w"..., 100) = 100
write(2, "    #15 0x7f5a2ddc0b2e in main_w"..., 86) = 86
write(2, "    #16 0x7f5a2dde2179 in octave"..., 90) = 90
mmap(NULL, 2097152, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f59ed6f5000
munmap(0x7f59ed6f5000, 45056)           = 0
munmap(0x7f59ed800000, 1003520)         = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f59edaec000
mmap(NULL, 2097152, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f59ed500000
munmap(0x7f59ed600000, 1048576)         = 0
write(2, "    #17 0x401e8d in main src/mai"..., 45) = 45
write(2, "    #18 0x7f5a29b9682f in __libc"..., 86) = 86
write(2, "    #19 0x401828 in _start (/hom"..., 101) = 101
write(2, "\n", 1)                       = 1
munmap(0x7f5a021c4000, 8192)            = 0
munmap(0x7f5a068af000, 3584)            = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f5a068af000
write(2, "\33[1m\33[32m0x61900018b940 is locat"..., 115) = 115
munmap(0x7f5a068af000, 4096)            = 0
write(2, "\33[1m\33[35mallocated by thread T0 "..., 46) = 46
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f5a068af000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f5a021c4000
write(2, "    #0 0x7f5a2e3f96b2 in operato"..., 104) = 104
write(2, "    #1 0x7f5a2dd2ce37 in ScreenW"..., 105) = 105
write(2, "    #2 0x7f5a2dd3b1d6 in Termina"..., 109) = 109
write(2, "    #3 0x7f5a2dd24d16 in QUnixTe"..., 132) = 132
write(2, "    #4 0x7f5a28e9d2ed in QWidget"..., 105) = 105
write(2, "\n", 1)                       = 1
munmap(0x7f5a021c4000, 8192)            = 0
munmap(0x7f5a068af000, 3584)            = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f5a068af000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f5a021c5000
write(2, "SUMMARY: AddressSanitizer: heap-"..., 67) = 67
munmap(0x7f5a021c5000, 1024)            = 0
munmap(0x7f5a068af000, 1024)            = 0
mmap(NULL, 32768, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f59ed9bb000
mmap(NULL, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x7f59ed9b7000
write(2, "Shadow bytes around the buggy ad"..., 4693) = 4693
munmap(0x7f59ed9b7000, 16384)           = 0
munmap(0x7f59ed9bb000, 32768)           = 0
getpid()                                = 4165
write(2, "==4165==ABORTING\n", 17)      = 17
exit_group(1)                           = ?
+++ exited with 1 +++


You can see that ASAN starts to write out on file descriptor 2 (stderr). 
Later there is 


write(2, "SUMMARY: AddressSanitizer: heap-"..., 67) = 67


which sure looks like it was writing "heap-buffer-overflow".  Obviously stderr
must have been redirected somewhere because I don't get these on the screen.

@jwe: Is there a way to temporarily halt the redirection of stderr while
debugging this?






    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?51948>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/




reply via email to

[Prev in Thread] Current Thread [Next in Thread]