[ https://issues.apache.org/jira/browse/IMPALA-7882?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pooja Nilangekar resolved IMPALA-7882. -------------------------------------- Resolution: Fixed Fix Version/s: Impala 3.2.0 > ASAN failure in llvm-codegen-test > --------------------------------- > > Key: IMPALA-7882 > URL: https://issues.apache.org/jira/browse/IMPALA-7882 > Project: IMPALA > Issue Type: Bug > Components: Backend > Affects Versions: Impala 3.2.0 > Reporter: Joe McDonnell > Assignee: Pooja Nilangekar > Priority: Blocker > Labels: broken-build > Fix For: Impala 3.2.0 > > > The llvm-codegen-test backend test is failing under ASAN with the following > output: > {noformat} > 18:12:34 [ RUN ] LlvmCodeGenTest.StringValue > 18:12:34 ================================================================= > 18:12:34 ==124917==ERROR: AddressSanitizer: stack-buffer-overflow on address > 0x7ffc0f39e86c at pc 0x0000017ea479 bp 0x7ffc0f39e550 sp 0x7ffc0f39e548 > 18:12:34 READ of size 4 at 0x7ffc0f39e86c thread T0 > 18:12:34 #0 0x17ea478 in testing::AssertionResult > testing::internal::CmpHelperEQ<int, int>(char const*, char const*, int > const&, int const&) > /data/jenkins/workspace/impala-asf-master-core-asan/Impala-Toolchain/gtest-1.6.0/include/gtest/gtest.h:1316:19 > 18:12:34 #1 0x17d3a8d in > _ZN7testing8internal8EqHelperILb1EE7CompareIiiEENS_15AssertionResultEPKcS6_RKT_RKT0_PNS0_8EnableIfIXntsr10is_pointerISA_EE5valueEE4typeE > > /data/jenkins/workspace/impala-asf-master-core-asan/Impala-Toolchain/gtest-1.6.0/include/gtest/gtest.h:1392:12 > 18:12:34 #2 0x17c656b in > impala::LlvmCodeGenTest_StringValue_Test::TestBody() > /data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/codegen/llvm-codegen-test.cc:379:3 > 18:12:34 #3 0x4d55af2 in void > testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, > void>(testing::Test*, void (testing::Test::*)(), char const*) > (/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/codegen/llvm-codegen-test+0x4d55af2) > 18:12:34 #4 0x4d4c669 in testing::Test::Run() > (/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/codegen/llvm-codegen-test+0x4d4c669) > 18:12:34 #5 0x4d4c7b7 in testing::TestInfo::Run() > (/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/codegen/llvm-codegen-test+0x4d4c7b7) > 18:12:34 #6 0x4d4c894 in testing::TestCase::Run() > (/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/codegen/llvm-codegen-test+0x4d4c894) > 18:12:34 #7 0x4d4db17 in testing::internal::UnitTestImpl::RunAllTests() > (/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/codegen/llvm-codegen-test+0x4d4db17) > 18:12:34 #8 0x4d4ddf2 in testing::UnitTest::Run() > (/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/codegen/llvm-codegen-test+0x4d4ddf2) > 18:12:34 #9 0x17ce16e in main > /data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/codegen/llvm-codegen-test.cc:569:10 > 18:12:34 #10 0x7fc221bd5c04 in __libc_start_main > (/lib64/libc.so.6+0x21c04) > 18:12:34 #11 0x16b63c6 in _start > (/data0/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/build/debug/codegen/llvm-codegen-test+0x16b63c6) > 18:12:34 > 18:12:34 Address 0x7ffc0f39e86c is located in stack of thread T0 at offset > 492 in frame > 18:12:34 #0 0x17c567f in > impala::LlvmCodeGenTest_StringValue_Test::TestBody() > /data/jenkins/workspace/impala-asf-master-core-asan/repos/Impala/be/src/codegen/llvm-codegen-test.cc:343 > 18:12:34 > 18:12:34 This frame has 57 object(s): > 18:12:34 [32, 40) 'codegen' (line 344) > 18:12:34 [64, 72) 'ref.tmp' (line 345) > 18:12:34 [96, 104) 'ref.tmp2' (line 345) > 18:12:34 [128, 129) 'ref.tmp3' (line 345) > 18:12:34 [144, 160) 'gtest_ar_' (line 345) > 18:12:34 [176, 184) 'temp.lvalue' > 18:12:34 [208, 216) 'ref.tmp6' (line 345) > 18:12:34 [240, 248) 'temp.lvalue8' > 18:12:34 [272, 288) 'ref.tmp9' (line 345) > 18:12:34 [304, 320) 'gtest_ar_12' (line 346) > 18:12:34 [336, 344) 'ref.tmp15' (line 346) > 18:12:34 [368, 376) 'temp.lvalue16' > 18:12:34 [400, 416) 'ref.tmp17' (line 346) > 18:12:34 [432, 440) 'str' (line 348) > 18:12:34 [464, 465) 'ref.tmp19' (line 348) > 18:12:34 [480, 492) 'str_val' (line 350) <== Memory access at offset 492 > overflows this variable > 18:12:34 [512, 528) 'gtest_ar_24' (line 357) > 18:12:34 [544, 552) 'ref.tmp27' (line 357) > 18:12:34 [576, 584) 'temp.lvalue28' > 18:12:34 [608, 624) 'ref.tmp29' (line 357) > 18:12:34 [640, 648) 'jitted_fn' (line 360) > 18:12:34 [672, 680) 'ref.tmp33' (line 362) > 18:12:34 [704, 720) 'gtest_ar_35' (line 362) > 18:12:34 [736, 744) 'temp.lvalue38' > 18:12:34 [768, 776) 'ref.tmp40' (line 362) > 18:12:34 [800, 808) 'temp.lvalue42' > 18:12:34 [832, 848) 'ref.tmp43' (line 362) > 18:12:34 [864, 880) 'gtest_ar_47' (line 363) > 18:12:34 [896, 904) 'ref.tmp50' (line 363) > 18:12:34 [928, 936) 'temp.lvalue51' > 18:12:34 [960, 976) 'ref.tmp52' (line 363) > 18:12:34 [992, 996) 'result' (line 368) > 18:12:34 [1008, 1024) 'gtest_ar' (line 371) > 18:12:34 [1040, 1048) 'ref.tmp56' (line 371) > 18:12:34 [1072, 1080) 'ref.tmp59' (line 371) > 18:12:34 [1104, 1112) 'temp.lvalue60' > 18:12:34 [1136, 1152) 'gtest_ar62' (line 372) > 18:12:34 [1168, 1169) 'ref.tmp63' (line 372) > 18:12:34 [1184, 1192) 'ref.tmp66' (line 372) > 18:12:34 [1216, 1224) 'temp.lvalue67' > 18:12:34 [1248, 1264) 'gtest_ar69' (line 373) > 18:12:34 [1280, 1284) 'ref.tmp70' (line 373) > 18:12:34 [1296, 1304) 'ref.tmp73' (line 373) > 18:12:34 [1328, 1336) 'temp.lvalue74' > 18:12:34 [1360, 1376) 'gtest_ar76' (line 374) > 18:12:34 [1392, 1400) 'ref.tmp77' (line 374) > 18:12:34 [1424, 1432) 'ref.tmp79' (line 374) > 18:12:34 [1456, 1464) 'ref.tmp82' (line 374) > 18:12:34 [1488, 1496) 'temp.lvalue83' > 18:12:34 [1520, 1536) 'gtest_ar85' (line 378) > 18:12:34 [1552, 1556) 'ref.tmp86' (line 378) > 18:12:34 [1568, 1576) 'ref.tmp89' (line 378) > 18:12:34 [1600, 1608) 'temp.lvalue90' > 18:12:34 [1632, 1648) 'gtest_ar92' (line 379) > 18:12:34 [1664, 1668) 'ref.tmp93' (line 379) > 18:12:34 [1680, 1688) 'ref.tmp96' (line 379) > 18:12:34 [1712, 1720) 'temp.lvalue97' > 18:12:34 HINT: this may be a false positive if your program uses some custom > stack unwind mechanism or swapcontext > 18:12:34 (longjmp and C++ exceptions *are* supported) > 18:12:34 SUMMARY: AddressSanitizer: stack-buffer-overflow > /data/jenkins/workspace/impala-asf-master-core-asan/Impala-Toolchain/gtest-1.6.0/include/gtest/gtest.h:1316:19 > in testing::AssertionResult testing::internal::CmpHelperEQ<int, int>(char > const*, char const*, int const&, int const&) > 18:12:34 Shadow bytes around the buggy address: > 18:12:34 0x100001e6bcb0: f8 f8 f2 f2 f8 f8 f3 f3 00 00 00 00 00 00 00 00 > 18:12:34 0x100001e6bcc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > 18:12:34 0x100001e6bcd0: f1 f1 f1 f1 00 f2 f2 f2 f8 f2 f2 f2 f8 f2 f2 f2 > 18:12:34 0x100001e6bce0: f8 f2 f8 f8 f2 f2 00 f2 f2 f2 f8 f2 f2 f2 00 f2 > 18:12:34 0x100001e6bcf0: f2 f2 f8 f8 f2 f2 f8 f8 f2 f2 f8 f2 f2 f2 00 f2 > 18:12:34 =>0x100001e6bd00: f2 f2 f8 f8 f2 f2 00 f2 f2 f2 f8 f2 00[04]f2 f2 > 18:12:34 0x100001e6bd10: f8 f8 f2 f2 f8 f2 f2 f2 00 f2 f2 f2 f8 f8 f2 f2 > 18:12:34 0x100001e6bd20: 00 f2 f2 f2 f8 f2 f2 f2 f8 f8 f2 f2 00 f2 f2 f2 > 18:12:34 0x100001e6bd30: f8 f2 f2 f2 00 f2 f2 f2 f8 f8 f2 f2 f8 f8 f2 f2 > 18:12:34 0x100001e6bd40: f8 f2 f2 f2 00 f2 f2 f2 f8 f8 f2 f2 04 f2 f8 f8 > 18:12:34 0x100001e6bd50: f2 f2 f8 f2 f2 f2 f8 f2 f2 f2 00 f2 f2 f2 f8 f8 > 18:12:34 Shadow byte legend (one shadow byte represents 8 application bytes): > 18:12:34 Addressable: 00 > 18:12:34 Partially addressable: 01 02 03 04 05 06 07 > 18:12:34 Heap left redzone: fa > 18:12:34 Freed heap region: fd > 18:12:34 Stack left redzone: f1 > 18:12:34 Stack mid redzone: f2 > 18:12:34 Stack right redzone: f3 > 18:12:34 Stack after return: f5 > 18:12:34 Stack use after scope: f8 > 18:12:34 Global redzone: f9 > 18:12:34 Global init order: f6 > 18:12:34 Poisoned by user: f7 > 18:12:34 Container overflow: fc > 18:12:34 Array cookie: ac > 18:12:34 Intra object redzone: bb > 18:12:34 ASan internal: fe > 18:12:34 Left alloca redzone: ca > 18:12:34 Right alloca redzone: cb > 18:12:34 ==124917==ABORTING{noformat} > I confirmed this on my development system. -- This message was sent by Atlassian JIRA (v7.6.3#76005)