crash on startup when building with clang

Question

crash on startup when building with clang

Closed this issue 8 years ago · 1 comments

Crashes also in non asan mode when compiled with clang.

[video] => found 1 displays
[video] => searching for display `0'
[video] => found matching display `0' (1600 x 900)
[video] => using display `0'
[video] => Vendor: Intel Open Source Technology Center
[video] => Renderer: Mesa DRI Intel(R) Sandybridge Mobile 
[video] => Driver: 3.0 Mesa 13.0.2
[video] => Shading: 1.30 (using 3.0)
[video] => Extensions:
            GL_ARB_debug_output
            GL_ARB_half_float_vertex
            GL_EXT_texture_compression_rgtc
            GL_EXT_texture_filter_anisotropic
            GL_ARB_texture_rectangle
            GL_ARB_get_program_binary
            GL_EXT_texture_compression_s3tc
[system] => OS: Linux 4.8.15-300.fc25.x86_64 x86_64
[system] => CPU: Intel(R) Core(TM) i5-2540M CPU @ 2.60GHz (4 cores)
[system] => RAM: 11.61 GiB
[system] => Game: ./game/
[system] => User: /home/matthias/.local/share/Neothyne/
[audio] => discovered 5 drivers
[audio] => found driver `pulseaudio'
[audio] => 1 playback device present for driver `pulseaudio'
             usable: Built-in Audio Analog Stereo
[audio] => found driver `alsa'
[audio] => 1 playback device present for driver `alsa'
ALSA lib pcm_dmix.c:1029:(snd_pcm_dmix_open) unable to open slave
             unusable: HDA Intel PCH, CX20590 Analog
[audio] => no usable playback device(s) found for driver `alsa'
[audio] => found driver `dsp'
[audio] => no usable playback device(s) found for driver `dsp'
[audio] => found driver `dummy'
[audio] => 1 playback device present for driver `dummy'
             usable: System audio output device
[audio] => have 3 usable drivers
[audio] => searching for driver `pulseaudio'
[audio] => found matching driver `pulseaudio'
[audio] => using driver `pulseaudio'
[audio] => have 1 usable device
[audio] => searching for device `Built-in Audio Analog Stereo'
[audio] => discovered 1 playback device
[audio] => found matching device `Built-in Audio Analog Stereo'
[audio] => device `Built-in Audio Analog Stereo' configured for 2 channels @ 44100Hz (1024 float samples)
[audio] => initialized for 32 voices @ 44100Hz with 2.00 kiB buffer
[script] => inlined operations (assignments: 10, accesses: 31, constraints: 3)
[script] => redirected 14 predictable lookup misses
[script] => generated 3 fast slots (reads: 10, writes: 6)
[script] => inlined operations (assignments: 19, accesses: 53, constraints: 7)
[script] => redirected 67 predictable lookup misses
[script] => generated 6 fast slots (reads: 21, writes: 7)
[script] => inlined operations (assignments: 2, accesses: 18, constraints: 2)
[script] => redirected 0 predictable lookup misses
[script] => generated 0 fast slots (reads: 0, writes: 0)
[script] => inlined operations (assignments: 25, accesses: 58, constraints: 7)
[script] => redirected 55 predictable lookup misses
[script] => generated 8 fast slots (reads: 26, writes: 10)
=================================================================
==27336==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60c0000116f8 at pc 0x000000637571 bp 0x7ffe38cc94d0 sp 0x7ffe38cc94c8
READ of size 8 at 0x60c0000116f8 thread T0
    #0 0x637570 in neoCalloc(unsigned long, unsigned long) /home/matthias/vcs/github/neothyne/u_new.cpp:121:52
    #1 0x6b36e3 in s::Memory::allocate(unsigned long, unsigned long) /home/matthias/vcs/github/neothyne/s_memory.cpp:91:30
    #2 0x6790f5 in s::Object::allocate(s::State*, unsigned long) /home/matthias/vcs/github/neothyne/s_object.cpp:348:32
    #3 0x67990b in s::Object::newString(s::State*, char const*, unsigned long) /home/matthias/vcs/github/neothyne/s_object.cpp:398:44
    #4 0x6a4aa1 in s::instrNewStringObject(s::VMState*) /home/matthias/vcs/github/neothyne/s_vm.cpp:288:26
    #5 0x69e958 in s::VM::step(s::State*) /home/matthias/vcs/github/neothyne/s_vm.cpp:772:14
    #6 0x69f4b3 in s::VM::run(s::State*) /home/matthias/vcs/github/neothyne/s_vm.cpp:803:9
    #7 0x54e5dd in exec(u::string const&) /home/matthias/vcs/github/neothyne/engine.cpp:1072:9
    #8 0x54cf48 in entryPoint(int, char**) /home/matthias/vcs/github/neothyne/engine.cpp:1170:5
    #9 0x54c4f1 in main /home/matthias/vcs/github/neothyne/engine.cpp:1234:12
    #10 0x7fcf48e7f400 in __libc_start_main (/lib64/libc.so.6+0x20400)
    #11 0x4296d9 in _start (/home/matthias/vcs/github/neothyne/neothyne+0x4296d9)

0x60c0000116fe is located 0 bytes to the right of 126-byte region [0x60c000011680,0x60c0000116fe)
allocated by thread T0 here:
    #0 0x4c857c in malloc /home/matthias/LLVM/LLVM_3_9/stage_2/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:64:3
    #1 0x6376f4 in neoCoreMalloc(unsigned long) /home/matthias/vcs/github/neothyne/u_new.cpp:13:17
    #2 0x637834 in alignedAllocator<false>::neoMalloc(unsigned long) /home/matthias/vcs/github/neothyne/u_new.cpp:41:16
    #3 0x637520 in neoCalloc(unsigned long, unsigned long) /home/matthias/vcs/github/neothyne/u_new.cpp:118:15
    #4 0x6b36e3 in s::Memory::allocate(unsigned long, unsigned long) /home/matthias/vcs/github/neothyne/s_memory.cpp:91:30
    #5 0x6790f5 in s::Object::allocate(s::State*, unsigned long) /home/matthias/vcs/github/neothyne/s_object.cpp:348:32
    #6 0x67990b in s::Object::newString(s::State*, char const*, unsigned long) /home/matthias/vcs/github/neothyne/s_object.cpp:398:44
    #7 0x6a4aa1 in s::instrNewStringObject(s::VMState*) /home/matthias/vcs/github/neothyne/s_vm.cpp:288:26
    #8 0x69e958 in s::VM::step(s::State*) /home/matthias/vcs/github/neothyne/s_vm.cpp:772:14
    #9 0x69f4b3 in s::VM::run(s::State*) /home/matthias/vcs/github/neothyne/s_vm.cpp:803:9
    #10 0x54e5dd in exec(u::string const&) /home/matthias/vcs/github/neothyne/engine.cpp:1072:9
    #11 0x54cf48 in entryPoint(int, char**) /home/matthias/vcs/github/neothyne/engine.cpp:1170:5
    #12 0x54c4f1 in main /home/matthias/vcs/github/neothyne/engine.cpp:1234:12
    #13 0x7fcf48e7f400 in __libc_start_main (/lib64/libc.so.6+0x20400)

SUMMARY: AddressSanitizer: heap-buffer-overflow /home/matthias/vcs/github/neothyne/u_new.cpp:121:52 in neoCalloc(unsigned long, unsigned long)
Shadow bytes around the buggy address:
  0x0c187fffa280: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c187fffa290: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c187fffa2a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c187fffa2b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c187fffa2c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c187fffa2d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00[06]
  0x0c187fffa2e0: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
  0x0c187fffa2f0: 00 00 00 00 00 00 00 00 fa fa fa fa fa fa fa fa
  0x0c187fffa300: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
  0x0c187fffa310: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
  0x0c187fffa320: fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==27336==ABORTING

graphitemaster commented 8 years ago

fixed