bug#19366: Guile

bug#19366: Guile

[Joshua Rogers]

[-- Attachment #1: Type: text/plain, Size: 4345 bytes --]

Hi,

When compiling guile from the source with AddressSanitizer, Asan picks
up a bug:

cat alist.doc arbiters.doc async.doc backtrace.doc boolean.doc chars.doc
continuations.doc debug.doc deprecation.doc deprecated.doc
discouraged.doc dynl.doc dynwind.doc environments.doc eq.doc error.doc
eval.doc evalext.doc extensions.doc feature.doc fluids.doc fports.doc
futures.doc gc.doc goops.doc gsubr.doc gc-mark.doc gc-segment.doc
gc-malloc.doc gc-card.doc guardians.doc hash.doc hashtab.doc hooks.doc
i18n.doc init.doc ioext.doc keywords.doc lang.doc list.doc load.doc
macros.doc mallocs.doc modules.doc numbers.doc objects.doc objprop.doc
options.doc pairs.doc ports.doc print.doc procprop.doc procs.doc
properties.doc random.doc rdelim.doc read.doc root.doc rw.doc
scmsigs.doc script.doc simpos.doc smob.doc sort.doc srcprop.doc
stackchk.doc stacks.doc stime.doc strings.doc srfi-4.doc srfi-13.doc
srfi-14.doc strorder.doc strports.doc struct.doc symbols.doc threads.doc
throw.doc values.doc variable.doc vectors.doc version.doc vports.doc
weaks.doc ramap.doc unif.doc dynl.doc filesys.doc posix.doc net_db.doc
socket.doc regex-posix.doc |
GUILE="/root/srcs/guile-1.8/guile-1.8-1.8.8+1/pre-inst-guile"
../scripts/snarf-check-and-output-texi          > guile-procedures.texi
|| { rm guile-procedures.texi; false; }
=================================================================
==51918== ERROR: AddressSanitizer: stack-buffer-underflow on address
0x7fff531555c0 at pc 0x2ac7bd9a92e8 bp 0x7fff53155330 sp 0x7fff53155328
READ of size 8 at 0x7fff531555c0 thread T0
    #0 0x2ac7bd9a92e7
(/root/srcs/guile-1.8/guile-1.8-1.8.8+1/libguile/.libs/libguile.so.17.4.0+0x1192e7)
    #1 0x2ac7bdb6541a
(/root/srcs/guile-1.8/guile-1.8-1.8.8+1/libguile/.libs/libguile.so.17.4.0+0x2d541a)
    #2 0x2ac7bd9a8467
(/root/srcs/guile-1.8/guile-1.8-1.8.8+1/libguile/.libs/libguile.so.17.4.0+0x118467)
    #3 0x2ac7bd9a4c60
(/root/srcs/guile-1.8/guile-1.8-1.8.8+1/libguile/.libs/libguile.so.17.4.0+0x114c60)
    #4 0x2ac7bd9a52d2
(/root/srcs/guile-1.8/guile-1.8-1.8.8+1/libguile/.libs/libguile.so.17.4.0+0x1152d2)
    #5 0x2ac7bdad020e
(/root/srcs/guile-1.8/guile-1.8-1.8.8+1/libguile/.libs/libguile.so.17.4.0+0x24020e)
    #6 0x2ac7bdb5de11
(/root/srcs/guile-1.8/guile-1.8-1.8.8+1/libguile/.libs/libguile.so.17.4.0+0x2cde11)
    #7 0x2ac7bda7b36b
(/root/srcs/guile-1.8/guile-1.8-1.8.8+1/libguile/.libs/libguile.so.17.4.0+0x1eb36b)
    #8 0x2ac7bda7b691
(/root/srcs/guile-1.8/guile-1.8-1.8.8+1/libguile/.libs/libguile.so.17.4.0+0x1eb691)
    #9 0x2ac7bda4eafd
(/root/srcs/guile-1.8/guile-1.8-1.8.8+1/libguile/.libs/libguile.so.17.4.0+0x1beafd)
    #10 0x2ac7bd9fc9c9
(/root/srcs/guile-1.8/guile-1.8-1.8.8+1/libguile/.libs/libguile.so.17.4.0+0x16c9c9)
    #11 0x2ac7bdb648bf
(/root/srcs/guile-1.8/guile-1.8-1.8.8+1/libguile/.libs/libguile.so.17.4.0+0x2d48bf)
    #12 0x2ac7bd9fc7b2
(/root/srcs/guile-1.8/guile-1.8-1.8.8+1/libguile/.libs/libguile.so.17.4.0+0x16c7b2)
    #13 0x400a47
(/root/srcs/guile-1.8/guile-1.8-1.8.8+1/libguile/.libs/lt-guile+0x400a47)
    #14 0x2ac7be0d1ec4 (/lib/x86_64-linux-gnu/libc-2.19.so+0x21ec4)
    #15 0x400bad
(/root/srcs/guile-1.8/guile-1.8-1.8.8+1/libguile/.libs/lt-guile+0x400bad)
Address 0x7fff531555c0 is located at offset 0 in frame
<scm_i_init_guile> of T0's stack:
  This frame has 1 object(s):
    [32, 56) 'body_data'
HINT: this may be a false positive if your program uses some custom
stack unwind mechanism or swapcontext
      (longjmp and C++ exceptions *are* supported)
Shadow bytes around the buggy address:
  0x10006a622a60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
  0x10006a622a70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
  0x10006a622a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
  0x10006a622a90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
  0x10006a622aa0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
=>0x10006a622ab0: 00 00 00 00 00 00 00 00[f1]f1 f1 f1 00 00 00 f4
  0x10006a622ac0: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
  0x10006a622ad0: 00 f4 f4 f4 00 00 00 00 00 00 00 00 00 00 00 00 
  0x10006a622ae0: f1 f1 f1 f1 00 00 00 00 f3 f3 f3 f3 00 00 00 00 
  0x10006a622af0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 




Thanks,
-- 
-- Joshua Rogers <https://internot.info/>


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 884 bytes --]

bug#19366: Guile

[Ludovic Courtès]

retitle 19366 Building Guile 1.8 with AddressSanitizer
thanks

Joshua Rogers <megamansec@gmail.com> skribis:

> When compiling guile from the source with AddressSanitizer, Asan picks
> up a bug:
>
> cat alist.doc arbiters.doc async.doc backtrace.doc boolean.doc chars.doc
> continuations.doc debug.doc deprecation.doc deprecated.doc
> discouraged.doc dynl.doc dynwind.doc environments.doc eq.doc error.doc
> eval.doc evalext.doc extensions.doc feature.doc fluids.doc fports.doc
> futures.doc gc.doc goops.doc gsubr.doc gc-mark.doc gc-segment.doc
> gc-malloc.doc gc-card.doc guardians.doc hash.doc hashtab.doc hooks.doc
> i18n.doc init.doc ioext.doc keywords.doc lang.doc list.doc load.doc
> macros.doc mallocs.doc modules.doc numbers.doc objects.doc objprop.doc
> options.doc pairs.doc ports.doc print.doc procprop.doc procs.doc
> properties.doc random.doc rdelim.doc read.doc root.doc rw.doc
> scmsigs.doc script.doc simpos.doc smob.doc sort.doc srcprop.doc
> stackchk.doc stacks.doc stime.doc strings.doc srfi-4.doc srfi-13.doc
> srfi-14.doc strorder.doc strports.doc struct.doc symbols.doc threads.doc
> throw.doc values.doc variable.doc vectors.doc version.doc vports.doc
> weaks.doc ramap.doc unif.doc dynl.doc filesys.doc posix.doc net_db.doc
> socket.doc regex-posix.doc |
> GUILE="/root/srcs/guile-1.8/guile-1.8-1.8.8+1/pre-inst-guile"
> ../scripts/snarf-check-and-output-texi          > guile-procedures.texi
> || { rm guile-procedures.texi; false; }
> =================================================================
> ==51918== ERROR: AddressSanitizer: stack-buffer-underflow on address
> 0x7fff531555c0 at pc 0x2ac7bd9a92e8 bp 0x7fff53155330 sp 0x7fff53155328
> READ of size 8 at 0x7fff531555c0 thread T0

[...]

> (/root/srcs/guile-1.8/guile-1.8-1.8.8+1/libguile/.libs/lt-guile+0x400bad)
> Address 0x7fff531555c0 is located at offset 0 in frame
> <scm_i_init_guile> of T0's stack:
>   This frame has 1 object(s):
>     [32, 56) 'body_data'
> HINT: this may be a false positive if your program uses some custom
> stack unwind mechanism or swapcontext
>       (longjmp and C++ exceptions *are* supported)

Because Guile 1.8 uses a custom garbage collector which scans the C
stack for references to heap-allocated objects, chances are that Asan
will view such accesses as suspicious, even though they are in fact
harmless.

However, Guile 1.8 is no longer maintained.

You could try running Asan on Guile 2.0, which has been the stable
series for a number of years.  Guile 2.0 uses the BDW GC (aka. libgc).
It may similarly raise false positives, but since libgc is widely used,
you might be able find feedback from people who have tried using Asan
with it.

HTH,
Ludo’.

bug#19366: Guile

[Joshua Rogers]

[-- Attachment #1: Type: text/plain, Size: 565 bytes --]

On 14/12/14 02:38, Ludovic Courtès wrote:
> However, Guile 1.8 is no longer maintained.
>
> You could try running Asan on Guile 2.0, which has been the stable
> series for a number of years.  Guile 2.0 uses the BDW GC (aka. libgc).
> It may similarly raise false positives, but since libgc is widely used,
> you might be able find feedback from people who have tried using Asan
> with it.
Hm, okay. 1.8 is the current version in the Ubuntu repo's, just fyi.

I'll compile the latest version.

Thanks,
-- 
-- Joshua Rogers <https://internot.info/>


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 884 bytes --]

bug#19366: Guile

[Mark H Weaver]

Joshua Rogers <megamansec@gmail.com> writes:

> On 14/12/14 02:38, Ludovic Courtès wrote:
>> However, Guile 1.8 is no longer maintained.
>>
>> You could try running Asan on Guile 2.0, which has been the stable
>> series for a number of years.  Guile 2.0 uses the BDW GC (aka. libgc).
>> It may similarly raise false positives, but since libgc is widely used,
>> you might be able find feedback from people who have tried using Asan
>> with it.
> Hm, okay. 1.8 is the current version in the Ubuntu repo's, just fyi.

Ubuntu has had Guile 2.0 since Precise 12.04 LTS, but it has a different
package name: "guile-2.0".

     Regards,
       Mark

bug#19366: Guile

[Andy Wingo]

Closing bug.  Joshua any reports of running ASAN on Guile 2.0.11 or
2.1.3 are very welcome; note that we switched to the BDW garbage
collector in the meantime; I don't know if there are best practices for
ASAN and BDW-GC.  See e.g.:

  https://lists.opendylan.org/pipermail/bdwgc/2016-January/006136.html

Regards,

Andy

On Sun 14 Dec 2014 16:44, Mark H Weaver <mhw@netris.org> writes:

> Joshua Rogers <megamansec@gmail.com> writes:
>
>> On 14/12/14 02:38, Ludovic Courtès wrote:
>>> However, Guile 1.8 is no longer maintained.
>>>
>>> You could try running Asan on Guile 2.0, which has been the stable
>>> series for a number of years.  Guile 2.0 uses the BDW GC (aka. libgc).
>>> It may similarly raise false positives, but since libgc is widely used,
>>> you might be able find feedback from people who have tried using Asan
>>> with it.
>> Hm, okay. 1.8 is the current version in the Ubuntu repo's, just fyi.
>
> Ubuntu has had Guile 2.0 since Precise 12.04 LTS, but it has a different
> package name: "guile-2.0".
>
>      Regards,
>        Mark