https://llvm.org/bugs/show_bug.cgi?id=27627
Bug ID: 27627
Summary: [ASan] False positive stack-buffer-underflow with mmap
and boost::context
Product: libraries
Version: trunk
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: Miscellaneous Instrumentation passes
Assignee: unassignedb...@nondot.org
Reporter: m...@fb.com
CC: llvm-bugs@lists.llvm.org
Classification: Unclassified
Created attachment 16300
--> https://llvm.org/bugs/attachment.cgi?id=16300&action=edit
Repro for the described bug
For a couple of weeks we've been seeing errors in our ASan-enabled builds that
upon closer investigation appear to be false positives. I've spent some time
trying to reduce the code to the attached repro, which only depends on the
boost context library.
In a nutshell, the error triggers when:
1. A stack frame for boost::context is allocated via mmap
2. An actual context switch happens to a function that uses the stack
3. The region is munmap'd after switching back to the main context
4. We mmap a new region that happens to overlap with the previously freed one
(in the repro code, this overlap is forced, in the original code it happens
randomly)
5. Now, reading from memory inside that region that is close to the stack frame
used before for the context switch will trigger the stack-buffer-underflow
error
The attached repro contains some more details and includes a command line to
trigger the FP ASan error. The problem can be reproduced with any recent
version of clang (or gcc).
Happy to provide more details if needed!
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
