GNU bug report logs - #18885
25.0.50; build fails with ASan enabled

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Package: emacs; Severity: important; Reported by: Mark Oteiza <mvoteiza@HIDDEN>; merged with #16427; dated Wed, 29 Oct 2014 15:32:01 UTC; Maintainer for emacs is bug-gnu-emacs@HIDDEN.

Message received at 18885 <at> debbugs.gnu.org:


Received: (at 18885) by debbugs.gnu.org; 29 Oct 2014 16:04:48 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Oct 29 12:04:48 2014
Received: from localhost ([127.0.0.1]:38951 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1XjVjs-0005Vv-Cn
	for submit <at> debbugs.gnu.org; Wed, 29 Oct 2014 12:04:48 -0400
Received: from cantor2.suse.de ([195.135.220.15]:47410 helo=mx2.suse.de)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <schwab@HIDDEN>) id 1XjVjq-0005Vm-1P
 for 18885 <at> debbugs.gnu.org; Wed, 29 Oct 2014 12:04:46 -0400
Received: from relay1.suse.de (charybdis-ext.suse.de [195.135.220.254])
 by mx2.suse.de (Postfix) with ESMTP id 170A0AAF1;
 Wed, 29 Oct 2014 16:04:45 +0000 (UTC)
From: Andreas Schwab <schwab@HIDDEN>
To: Mark Oteiza <mvoteiza@HIDDEN>
Subject: Re: bug#18885: 25.0.50; build fails with ASan enabled
References: <87r3xqevui.fsf@HIDDEN>
X-Yow: YOW!!  Everybody out of the GENETIC POOL!
Date: Wed, 29 Oct 2014 17:04:44 +0100
In-Reply-To: <87r3xqevui.fsf@HIDDEN> (Mark Oteiza's message of "Wed, 29 Oct
 2014 11:31:17 -0400")
Message-ID: <mvma94elv4z.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: -5.6 (-----)
X-Debbugs-Envelope-To: 18885
Cc: 18885 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -5.6 (-----)

Mark Oteiza <mvoteiza@HIDDEN> writes:

> Hi,
>
> For debugging another project, I resorted to using gcc's address
> sanitizer to help track down a bug, and it actually helped find others
> along the way.  I came across a crash in emacs and decided to build
> trunk with the address sanitizer enabled.
>
> The build failed with this output on Arch Linux.  The build config is
> the same as below except without optimization and with
> -fsanitize=address in CFLAGS and LDFLAGS.
>
> Loading /tmp/makepkg/emacs-git/src/emacs/lisp/tooltip.el (source)...
> Finding pointers to doc strings...
> Finding pointers to doc strings...done
> Dumping under the name emacs
> =================================================================
> ==6778==ERROR: AddressSanitizer: global-buffer-overflow on address 0x000000cf9d70 at pc 0x7ffff6f2fd1a bp 0x7fffffffc6a0 sp 0x7fffffffbe48
> READ of size 3601184 at 0x000000cf9d70 thread T0
>     #0 0x7ffff6f2fd19 in __interceptor_memcpy.part.38 (/usr/lib/libasan.so.1+0x2fd19)
>     #1 0x91421d in unexec /tmp/makepkg/emacs-git/src/emacs/src/unexelf.c:1060

This is expected.  unexec and asan are not compatible.

Andreas.

-- 
Andreas Schwab, SUSE Labs, schwab@HIDDEN
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE  1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."




Information forwarded to bug-gnu-emacs@HIDDEN:
bug#18885; Package emacs. Full text available.
Forcibly Merged 16427 18885. Request was from Glenn Morris <rgm@HIDDEN> to control <at> debbugs.gnu.org. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 29 Oct 2014 15:31:55 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Oct 29 11:31:55 2014
Received: from localhost ([127.0.0.1]:38924 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.80)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1XjVE2-0003Js-76
	for submit <at> debbugs.gnu.org; Wed, 29 Oct 2014 11:31:55 -0400
Received: from eggs.gnu.org ([208.118.235.92]:35143)
 by debbugs.gnu.org with esmtp (Exim 4.80)
 (envelope-from <mvoteiza@HIDDEN>) id 1XjVDy-0003Jc-JL
 for submit <at> debbugs.gnu.org; Wed, 29 Oct 2014 11:31:52 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <mvoteiza@HIDDEN>) id 1XjVDj-00035k-Ak
 for submit <at> debbugs.gnu.org; Wed, 29 Oct 2014 11:31:45 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50 autolearn=disabled
 version=3.3.2
Received: from lists.gnu.org ([2001:4830:134:3::11]:39414)
 by eggs.gnu.org with esmtp (Exim 4.71)
 (envelope-from <mvoteiza@HIDDEN>) id 1XjVDj-00035g-7r
 for submit <at> debbugs.gnu.org; Wed, 29 Oct 2014 11:31:35 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:36785)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <mvoteiza@HIDDEN>) id 1XjVDb-0001a2-LY
 for bug-gnu-emacs@HIDDEN; Wed, 29 Oct 2014 11:31:35 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <mvoteiza@HIDDEN>) id 1XjVDU-00032P-3S
 for bug-gnu-emacs@HIDDEN; Wed, 29 Oct 2014 11:31:27 -0400
Received: from mail-qa0-f41.google.com ([209.85.216.41]:37918)
 by eggs.gnu.org with esmtp (Exim 4.71)
 (envelope-from <mvoteiza@HIDDEN>) id 1XjVDT-00032K-UW
 for bug-gnu-emacs@HIDDEN; Wed, 29 Oct 2014 11:31:20 -0400
Received: by mail-qa0-f41.google.com with SMTP id v10so747881qac.14
 for <bug-gnu-emacs@HIDDEN>; Wed, 29 Oct 2014 08:31:19 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:from:to:subject:date:message-id:mime-version
 :content-type;
 bh=YXpdEMMfQJhwh4pWnsq2l7JCQAC4pVzXkfNRecPCVog=;
 b=CkeRA71dSWJepn/sWF0Aq200OyY7hZwfQzj0MIX7fDg1i4ke04shako1JihZRFWW21
 tyXMJoVnLhihmrK9IUsArMk+ztxYeGd4dR863RwopzaX6EHVHPVJSCZqNluTFvc+1B76
 PeZWhnjRg/lE2Lw/6T1GCZzpJ3s5oFH+GmgIlFE6QIn+RUYzwQSy8Z3dti9Wjb4eJ4nO
 u3cseI4GLx6BlD4xaE2o2e7oy9WLdkoa0KGonPri/kkEC1JE0PAfxZPIoJuq7joC9Wsb
 pQm7+9lWYOh/ZnPsljOoEtLN/u4hs7jQ2SrAXAm9ZsrHwmTtIWYeaJwwPD7a4Ub2W/+J
 6vYQ==
X-Gm-Message-State: ALoCoQlEo+miVIHdoxLmaY0dRZsCkqW4fuyof4L/ynavWXSYgPd3C9kl79HAw0wSBzF82wh5dPyh
X-Received: by 10.140.104.200 with SMTP id a66mr16179609qgf.37.1414596679021; 
 Wed, 29 Oct 2014 08:31:19 -0700 (PDT)
Received: from holos (wifi-roaming-128-4-117-56.host.udel.edu. [128.4.117.56])
 by mx.google.com with ESMTPSA id
 a93sm4372200qga.26.2014.10.29.08.31.18 for <bug-gnu-emacs@HIDDEN>
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Wed, 29 Oct 2014 08:31:18 -0700 (PDT)
From: Mark Oteiza <mvoteiza@HIDDEN>
To: bug-gnu-emacs@HIDDEN
Subject: 25.0.50; build fails with ASan enabled
Date: Wed, 29 Oct 2014 11:31:17 -0400
Message-ID: <87r3xqevui.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
 [fuzzy]
X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address
 (bad octet value).
X-Received-From: 2001:4830:134:3::11
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <http://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <http://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <http://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)


Hi,

For debugging another project, I resorted to using gcc's address
sanitizer to help track down a bug, and it actually helped find others
along the way.  I came across a crash in emacs and decided to build
trunk with the address sanitizer enabled.

The build failed with this output on Arch Linux.  The build config is
the same as below except without optimization and with
-fsanitize=address in CFLAGS and LDFLAGS.

Loading /tmp/makepkg/emacs-git/src/emacs/lisp/tooltip.el (source)...
Finding pointers to doc strings...
Finding pointers to doc strings...done
Dumping under the name emacs
=================================================================
==6778==ERROR: AddressSanitizer: global-buffer-overflow on address 0x000000cf9d70 at pc 0x7ffff6f2fd1a bp 0x7fffffffc6a0 sp 0x7fffffffbe48
READ of size 3601184 at 0x000000cf9d70 thread T0
    #0 0x7ffff6f2fd19 in __interceptor_memcpy.part.38 (/usr/lib/libasan.so.1+0x2fd19)
    #1 0x91421d in unexec /tmp/makepkg/emacs-git/src/emacs/src/unexelf.c:1060
    #2 0x7304f1 in Fdump_emacs /tmp/makepkg/emacs-git/src/emacs/src/emacs.c:2116
    #3 0x88066e in eval_sub /tmp/makepkg/emacs-git/src/emacs/src/eval.c:2181
    #4 0x8778e3 in Fprogn /tmp/makepkg/emacs-git/src/emacs/src/eval.c:455
    #5 0x880106 in eval_sub /tmp/makepkg/emacs-git/src/emacs/src/eval.c:2128
    #6 0x87751a in Fif /tmp/makepkg/emacs-git/src/emacs/src/eval.c:406
    #7 0x880106 in eval_sub /tmp/makepkg/emacs-git/src/emacs/src/eval.c:2128
    #8 0x8dbabf in readevalloop /tmp/makepkg/emacs-git/src/emacs/src/lread.c:1966
    #9 0x8d89d3 in Fload /tmp/makepkg/emacs-git/src/emacs/src/lread.c:1361
    #10 0x880767 in eval_sub /tmp/makepkg/emacs-git/src/emacs/src/eval.c:2192
    #11 0x87f587 in Feval /tmp/makepkg/emacs-git/src/emacs/src/eval.c:1993
    #12 0x734663 in top_level_2 /tmp/makepkg/emacs-git/src/emacs/src/keyboard.c:1206
    #13 0x87c2b4 in internal_condition_case /tmp/makepkg/emacs-git/src/emacs/src/eval.c:1344
    #14 0x734703 in top_level_1 /tmp/makepkg/emacs-git/src/emacs/src/keyboard.c:1214
    #15 0x87ab0c in internal_catch /tmp/makepkg/emacs-git/src/emacs/src/eval.c:1105
    #16 0x734448 in command_loop /tmp/makepkg/emacs-git/src/emacs/src/keyboard.c:1175
    #17 0x732d58 in recursive_edit_1 /tmp/makepkg/emacs-git/src/emacs/src/keyboard.c:786
    #18 0x7330f4 in Frecursive_edit /tmp/makepkg/emacs-git/src/emacs/src/keyboard.c:857
    #19 0x72e5d9 in main /tmp/makepkg/emacs-git/src/emacs/src/emacs.c:1623
    #20 0x7ffff0bc903f in __libc_start_main (/usr/lib/libc.so.6+0x2003f)
    #21 0x413818 (/tmp/makepkg/emacs-git/src/emacs/src/temacs+0x413818)

0x000000cf9d70 is located 0 bytes to the right of global variable 'Sredraw_frame' from 'dispnew.c' (0xcf9d40) of size 48
0x000000cf9d70 is located 48 bytes to the left of global variable 'Sredraw_display' from 'dispnew.c' (0xcf9da0) of size 48
SUMMARY: AddressSanitizer: global-buffer-overflow ??:0 __interceptor_memcpy.part.38
Shadow bytes around the buggy address:
  0x000080197350: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x000080197360: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x000080197370: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x000080197380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x000080197390: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0000801973a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00[f9]f9
  0x0000801973b0: f9 f9 f9 f9 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9
  0x0000801973c0: 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9 00 00 00 00
  0x0000801973d0: 00 00 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 f9 f9
  0x0000801973e0: f9 f9 f9 f9 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9
  0x0000801973f0: 00 00 00 00 00 00 f9 f9 f9 f9 f9 f9 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Contiguous container OOB:fc
  ASan internal:           fe
==6778==ABORTING
Makefile:833: recipe for target 'bootstrap-emacs' failed
make[1]: *** [bootstrap-emacs] Error 1
make[1]: Leaving directory '/tmp/makepkg/emacs-git/src/emacs/src'
Makefile:380: recipe for target 'src' failed
make: *** [src] Error 2




In GNU Emacs 25.0.50.1 (x86_64-unknown-linux-gnu, X toolkit, Xaw scroll bars)
 of 2014-10-28 on logos
Configured using:
 `configure --prefix=/usr --sysconfdir=/etc --libexecdir=/usr/lib
 --localstatedir=/var --with-x-toolkit=lucid 'CFLAGS=-march=x86-64
 -mtune=generic -O2 -pipe -fstack-protector-strong
 --param=ssp-buffer-size=4 -g -fvar-tracking-assignments'
 CPPFLAGS=-D_FORTIFY_SOURCE=2
 LDFLAGS=-Wl,-O2,--sort-common,--as-needed,-z,relro'

Configured features:
XPM JPEG TIFF GIF PNG RSVG IMAGEMAGICK SOUND GPM DBUS GSETTINGS NOTIFY
ACL GNUTLS LIBXML2 FREETYPE M17N_FLT LIBOTF XFT ZLIB

Important settings:
  value of $LC_COLLATE: C
  value of $LANG: en_US.UTF-8
  locale-coding-system: utf-8-unix

Major mode: Lisp Interaction

Minor modes in effect:
  flycheck-mode: t
  company-mode: t
  show-paren-mode: t
  savehist-mode: t
  winner-mode: t
  tooltip-mode: t
  global-eldoc-mode: t
  electric-indent-mode: t
  mouse-wheel-mode: t
  file-name-shadow-mode: t
  global-font-lock-mode: t
  font-lock-mode: t
  auto-composition-mode: t
  auto-encryption-mode: t
  auto-compression-mode: t
  size-indication-mode: t
  column-number-mode: t
  line-number-mode: t

Recent input:
ESC [ > 8 4 ; 0 ; 0 c ESC x r e p o TAB r TAB RET

Recent messages:
Loading /home/mvo/.cache/emacs/custom.el (source)...done
Loading /home/mvo/.emacs.d/site-lisp/loaddefs.el (source)...done
For information about GNU Emacs and the GNU system, type C-h C-a.
Making completion list...

Load-path shadows:
/usr/share/emacs/25.0.50/lisp/loaddefs hides /home/mvo/.emacs.d/site-lisp/loaddefs
/usr/share/emacs/25.0.50/lisp/env hides /home/mvo/.emacs.d/site-lisp/expand-region/features/support/env

Features:
(shadow sort gnus-util mail-extr emacsbug message idna dired format-spec
rfc822 mml mml-sec mm-decode mm-bodies mm-encode mail-parse rfc2231
mailabbrev gmm-utils mailheader sendmail rfc2047 rfc2045 ietf-drums
mm-util help-fns mail-prsvr mail-utils xterm flycheck find-func
help-mode rx easymenu subr-x pcase dash company-files company-oddmuse
company-keywords company-etags etags company-gtags company-dabbrev-code
company-dabbrev company-capf company-cmake company-ropemacs
company-xcode company-clang company-semantic company-eclim
company-template company-css company-nxml company-bbdb company package
epg-config windmove edmacro kmacro cl-loaddefs cl-lib saveplace paren
time-date savehist winner ring zenburn-theme tooltip eldoc electric
uniquify ediff-hook vc-hooks lisp-float-type mwheel x-win x-dnd tool-bar
dnd fontset image regexp-opt fringe tabulated-list newcomment elisp-mode
lisp-mode prog-mode register page menu-bar rfn-eshadow timer select
scroll-bar mouse jit-lock font-lock syntax facemenu font-core frame cham
georgian utf-8-lang misc-lang vietnamese tibetan thai tai-viet lao
korean japanese hebrew greek romanian slovak czech european ethiopic
indian cyrillic chinese case-table epa-hook jka-cmpr-hook help simple
abbrev minibuffer nadvice loaddefs button faces cus-face macroexp files
text-properties overlay sha1 md5 base64 format env code-pages mule
custom widget hashtable-print-readable backquote make-network-process
dbusbind gfilenotify dynamic-setting system-font-setting
font-render-setting x-toolkit x multi-tty emacs)

Memory information:
((conses 16 116916 5465)
 (symbols 48 21555 0)
 (miscs 40 59 98)
 (strings 32 25050 6012)
 (string-bytes 1 669887)
 (vectors 16 17375)
 (vector-slots 8 1131936 209498)
 (floats 8 93 614)
 (intervals 56 234 0)
 (buffers 976 12)
 (heap 1024 46990 1175))




Acknowledgement sent to Mark Oteiza <mvoteiza@HIDDEN>:
New bug report received and forwarded. Copy sent to bug-gnu-emacs@HIDDEN. Full text available.
Report forwarded to bug-gnu-emacs@HIDDEN:
bug#18885; Package emacs. Full text available.
Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Last modified: Fri, 31 Oct 2014 17:00:04 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.