Status: New
Owner: ----
New issue 2762 by [email protected]: SEGV when running V8 tests under
AddressSanitizer on x64 Linux
http://code.google.com/p/v8/issues/detail?id=2762
Build r15466 with clang/ASan and run
tools/run-tests.py --no-presubmit --arch=x64 -m release
I see several identical segfaults (I run with ASAN_OPTIONS="verbosity=1"
here). It seems that we're accessing an address in the ShadowGap.
=== mjsunit/regress/regress-1132 ===
==15540==Parsed ASAN_OPTIONS: verbosity=1
==15540==AddressSanitizer: libc interceptors initialized
|| `[0x10007fff8000, 0x7fffffffffff]` || HighMem ||
|| `[0x02008fff7000, 0x10007fff7fff]` || HighShadow ||
|| `[0x00008fff7000, 0x02008fff6fff]` || ShadowGap ||
|| `[0x00007fff8000, 0x00008fff6fff]` || LowShadow ||
|| `[0x000000000000, 0x00007fff7fff]` || LowMem ||
MemToShadow(shadow): 0x00008fff7000 0x000091ff6dff 0x004091ff6e00
0x02008fff6fff
red_zone=16
malloc_context_size=30
SHADOW_SCALE: 3
SHADOW_GRANULARITY: 8
SHADOW_OFFSET: 7fff8000
==15540==Installed the sigaction for signal 11
==15540==T0: stack [0x7fffff7ff000,0x7ffffffff000) size 0x800000;
local=0x7fffffffd010
==15540==AddressSanitizer Init done
==15540==T2: stack [0x7ffff42b3000,0x7ffff42c2fc0) size 0xffc0;
local=0x7ffff42c2e60
==15540==T5: stack [0x7ffff0ce8000,0x7ffff0cf7fc0) size 0xffc0;
local=0x7ffff0cf7e60
==15540==T4: stack [0x7ffff21e1000,0x7ffff21f0fc0) size 0xffc0;
local=0x7ffff21f0e60
==15540==T1: stack [0x7ffff27ff000,0x7ffff2ffefc0) size 0x7fffc0;
local=0x7ffff2ffee60
ASAN:SIGSEGV
=================================================================
==15540==ERROR: AddressSanitizer: SEGV on unknown address 0x00011fff7fff
(pc 0x555555792400 sp 0x7fffffffaae0 bp 0x7fffffffac30 T0)
AddressSanitizer can not provide additional info.
==15540==T3: stack [0x7ffff7f9c000,0x7ffff7fabfc0) size 0xffc0;
local=0x7ffff7fabe60
#0 0x5555557923ff in map_word v8/out/../src/objects-inl.h:1214
#1 0x5555557923ff in map v8/out/../src/objects-inl.h:1193
#2 0x5555557923ff in void
v8::internal::String::Visit<v8::internal::StringCharacterStream,
v8::internal::ConsStringIteratorOp>(v8::internal::String*, unsigned int,
v8::internal::StringCharacterStream&, v8::internal::ConsStringIteratorOp&,
int, unsigned int) v8/out/../src/objects-inl.h:2755
#3 0x555555cf504c in Reset v8/out/../src/objects-inl.h:3072
#4 0x555555cf504c in StringCharacterStream
v8/out/../src/objects-inl.h:3062
#5 0x555555cf504c in StringCharacterStream
v8/out/../src/objects-inl.h:3063
#6 0x555555cf504c in
v8::internal::String::ToCString(v8::internal::AllowNullsFlag,
v8::internal::RobustnessFlag, int, int, int*) v8/out/../src/objects.cc:7920
#7 0x555555ca14f9 in
v8::internal::String::ToCString(v8::internal::AllowNullsFlag,
v8::internal::RobustnessFlag, int*) v8/out/../src/objects.cc:7958
#8 0x555555b69a7c in
v8::internal::Isolate::DoThrow(v8::internal::Object*,
v8::internal::MessageLocation*) v8/out/../src/isolate.cc:1407
#9 0x555555b68925 in v8::internal::Isolate::StackOverflow()
v8/out/../src/isolate.cc:1086:11
#10 0x555555d51508 in
v8::internal::Parser::DoParseProgram(v8::internal::CompilationInfo*,
v8::internal::Handle<v8::internal::String>) v8/out/../src/parser.cc:684
#11 0x555555d4fec6 in v8::internal::Parser::ParseProgram()
v8/out/../src/parser.cc:589
#12 0x555555da6363 in v8::internal::Parser::Parse()
v8/out/../src/parser.cc:5917
#13 0x555555803f55 in
v8::internal::MakeFunctionInfo(v8::internal::CompilationInfo*)
v8/out/../src/compiler.cc:588
#14 0x555555803123 in
v8::internal::Compiler::Compile(v8::internal::Handle<v8::internal::String>,
v8::internal::Handle<v8::internal::Object>, int, int,
v8::internal::Handle<v8::internal::Context>, v8::Extension*,
v8::internal::ScriptDataImpl*, v8::internal::Handle<v8::internal::Object>,
v8::internal::NativesFlag) v8/out/../src/compiler.cc:729
#15 0x5555557b8410 in
v8::internal::Genesis::CompileScriptCached(v8::internal::Isolate*,
v8::internal::Vector<char const>,
v8::internal::Handle<v8::internal::String>, v8::internal::SourceCodeCache*,
v8::Extension*, v8::internal::Handle<v8::internal::Context>, bool)
v8/out/../src/bootstrapper.cc:1529
#16 0x5555557b7f3a in
v8::internal::Genesis::CompileNative(v8::internal::Isolate*,
v8::internal::Vector<char const>,
v8::internal::Handle<v8::internal::String>)
v8/out/../src/bootstrapper.cc:1494
#17 0x5555557c6ca5 in isolate v8/out/../src/bootstrapper.cc:1472
#18 0x5555557c6ca5 in
v8::internal::Genesis::InstallExperimentalNatives()
v8/out/../src/bootstrapper.cc:2067
#19 0x5555557cc93a in
v8::internal::Genesis::Genesis(v8::internal::Isolate*,
v8::internal::Handle<v8::internal::Object>, v8::Handle<v8::ObjectTemplate>,
v8::ExtensionConfiguration*) v8/out/../src/bootstrapper.cc:2640
#20 0x55555579ae8c in
v8::internal::Bootstrapper::CreateEnvironment(v8::internal::Handle<v8::internal::Object>,
v8::Handle<v8::ObjectTemplate>, v8::ExtensionConfiguration*)
v8/out/../src/bootstrapper.cc:320
#21 0x55555576d923 in CreateEnvironment v8/out/../src/api.cc:5483:27
#22 0x55555576d923 in v8::Context::New(v8::Isolate*,
v8::ExtensionConfiguration*, v8::Handle<v8::ObjectTemplate>,
v8::Handle<v8::Value>) v8/out/../src/api.cc:5535
#23 0x5555557117d6 in v8::Shell::CreateEvaluationContext(v8::Isolate*)
v8/out/../src/d8.cc:947
#24 0x5555557154d5 in v8::Shell::RunMain(v8::Isolate*, int, char**)
v8/out/../src/d8.cc:1507
#25 0x55555571641b in v8::Shell::Main(int, char**)
v8/out/../src/d8.cc:1626
#26 0x7ffff6c0176c (/lib/x86_64-linux-gnu/libc.so.6+0x2176c)
#27 0x55555570a6ec in _start (v8/out/x64.release/d8+0x1b66ec)
SUMMARY: AddressSanitizer: SEGV v8/out/../src/objects-inl.h:1214 map_word
==15540==ABORTING
Command: v8/out/x64.release/d8 --test --nobreak-on-abort
--nodead-code-elimination --nofold-constants --stack_size=32
v8/test/mjsunit/mjsunit.js v8/test/mjsunit/regress/regress-1132.js
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
