[MDEV-18633] ASAN heap-buffer-overflow in test_concurrently / unittests - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Duplicate
Affects Version/s: 10.3(EOL), 10.4(EOL)
Fix Version/s: N/A
Component/s: Tests
Labels:
None

Description

perl ./mtr unit.lf

perl ./mtr unit.my_atomic

10.4 ASAN a4cd91c5
==4351==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x611000009ff0 at pc 0x55f58b75c604 bp 0x7ffdae33e240 sp 0x7ffdae33e238
READ of size 8 at 0x611000009ff0 thread T0
#0 0x55f58b75c603 in test_concurrently /data/src/10.3-bug/unittest/mysys/thr_template.c:47
#1 0x55f58b75d22a in do_tests /data/src/10.3-bug/unittest/mysys/lf-t.c:187
#2 0x55f58b75c80f in main /data/src/10.3-bug/unittest/mysys/thr_template.c:68
#3 0x7efe4c9412b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)
#4 0x55f58b75c3d9 in _start (/data/src/10.3-bug/unittest/mysys/lf-t+0x523d9)

0x611000009ff0 is located 0 bytes to the right of 240-byte region [0x611000009f00,0x611000009ff0)
allocated by thread T0 here:
#0 0x7efe4e24873f in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x5473f)
#1 0x55f58b75c506 in test_concurrently /data/src/10.3-bug/unittest/mysys/thr_template.c:29
#2 0x55f58b75d22a in do_tests /data/src/10.3-bug/unittest/mysys/lf-t.c:187
#3 0x55f58b75c80f in main /data/src/10.3-bug/unittest/mysys/thr_template.c:68
#4 0x7efe4c9412b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)

SUMMARY: AddressSanitizer: heap-buffer-overflow /data/src/10.3-bug/unittest/mysys/thr_template.c:47 test_concurrently
Shadow bytes around the buggy address:
0x0c227fff93a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c227fff93b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c227fff93c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c227fff93d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c227fff93e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c227fff93f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00[fa]fa
0x0c227fff9400: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c227fff9410: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c227fff9420: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c227fff9430: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c227fff9440: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Contiguous container OOB:fc
ASan internal: fe
==4351==ABORTING

Attachments

Issue Links

duplicates

MDEV-18269 Off-by-one bug in

Closed

Activity

People

Assignee:: Robert Bindar

Reporter:: Elena Stepanova

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2019-02-18 18:01

Updated:: 2019-03-20 11:29

Resolved:: 2019-03-20 11:29

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.