Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ASan test flakiness in SmartCardConnectorApplicationTest.ShutdownWithActiveClient #1071

Open
emaxx-google opened this issue Sep 22, 2023 · 1 comment
Labels

Comments

@emaxx-google
Copy link
Collaborator

=================================================================
==14417==ERROR: AddressSanitizer: heap-use-after-free on address 0xef6627d4 at pc 0x56c7528b bp 0xec5bcf78 sp 0xec5bcf70
READ of size 4 at 0xef6627d4 thread T51
[DEBUG] [emulated IPC] The in-memory file 6 was destroyed
[DEBUG] [emulated IPC] The in-memory file 4 was destroyed
[DEBUG] [emulated IPC] The in-memory file 3 was destroyed
    #0 0x56c7528a in list_locate /home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/third_party/ccid/webport/build/../../src/src/simclist.c:718:37
    #1 0x56c7507d in list_delete /home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/third_party/ccid/webport/build/../../src/src/simclist.c:559:8
    #2 0x56c13be6 in EHTryToUnregisterClientForEvent /home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/third_party/pcsc-lite/naclport/server/build/../../../../../third_party/pcsc-lite/src/src/eventhandler.c:90:8
    #3 0x56c1a23e in ContextThread /home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/third_party/pcsc-lite/naclport/server/build/../../../../../third_party/pcsc-lite/src/src/winscard_svc.c:356:4
    #4 0x5693e8f9 in __asan::AsanThread::ThreadStart(unsigned long long) (/home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/smart_card_connector_app/build/executable_module/cpp_unittests/out/cpp_unit_test_runner/cpp_unit_test_runner+0x3208f9) (BuildId: 2cf89c5926842e8256fc6bba6913b972b4cea374)
    #5 0x5691b3de in asan_thread_start(void*) asan_interceptors.cpp.o
    #6 0xf7885ff0  (/lib32/libc.so.6+0x85ff0) (BuildId: ba59bacfb4bb7ab7484e3cffee96afb24eb989ad)
    #7 0xf7920fab  (/lib32/libc.so.6+0x120fab) (BuildId: ba59bacfb4bb7ab7484e3cffee96afb24eb989ad)

0xef6627d4 is located 4 bytes inside of 12-byte region [0xef6627d0,0xef6627dc)
freed by thread T49 here:
    #0 0x56932826 in free (/home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/smart_card_connector_app/build/executable_module/cpp_unittests/out/cpp_unit_test_runner/cpp_unit_test_runner+0x314826) (BuildId: 2cf89c5926842e8256fc6bba6913b972b4cea374)
    #1 0x56c717d0 in list_destroy /home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/third_party/ccid/webport/build/../../src/src/simclist.c:318:5
    #2 0x56c13ea3 in EHDeinitializeEventStructures /home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/third_party/pcsc-lite/naclport/server/build/../../../../../third_party/pcsc-lite/src/src/eventhandler.c:152:2
    #3 0x56beb29d in google_smart_card::(anonymous namespace)::PcscLiteServerDaemonThreadMain() /home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/third_party/pcsc-lite/naclport/server/build/../src/public/pcsc_lite_server_web_port_service.cc:152:3
    #4 0x56bf7145 in void std::__invoke_impl<void, void (*)()>(std::__invoke_other, void (*&&)()) /usr/bin/../lib/gcc-cross/i686-linux-gnu/12/../../../../i686-linux-gnu/include/c++/12/bits/invoke.h:61:14
    #5 0x56bf707e in std::__invoke_result<void (*)()>::type std::__invoke<void (*)()>(void (*&&)()) /usr/bin/../lib/gcc-cross/i686-linux-gnu/12/../../../../i686-linux-gnu/include/c++/12/bits/invoke.h:96:14
    #6 0x56bf7049 in void std::thread::_Invoker<std::tuple<void (*)()> >::_M_invoke<0u>(std::_Index_tuple<0u>) /usr/bin/../lib/gcc-cross/i686-linux-gnu/12/../../../../i686-linux-gnu/include/c++/12/bits/std_thread.h:279:13
    #7 0x56bf7000 in std::thread::_Invoker<std::tuple<void (*)()> >::operator()() /usr/bin/../lib/gcc-cross/i686-linux-gnu/12/../../../../i686-linux-gnu/include/c++/12/bits/std_thread.h:286:11
    #8 0x56bf6e81 in std::thread::_State_impl<std::thread::_Invoker<std::tuple<void (*)()> > >::_M_run() /usr/bin/../lib/gcc-cross/i686-linux-gnu/12/../../../../i686-linux-gnu/include/c++/12/bits/std_thread.h:231:13
    #9 0xf7cbf070  (/lib32/libstdc++.so.6+0xbf070) (BuildId: db9d23a4bd83319084b4dd57fffb36cacd2e8dfb)
    #10 0x5693e8f9 in __asan::AsanThread::ThreadStart(unsigned long long) (/home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/smart_card_connector_app/build/executable_module/cpp_unittests/out/cpp_unit_test_runner/cpp_unit_test_runner+0x3208f9) (BuildId: 2cf89c5926842e8256fc6bba6913b972b4cea374)

previously allocated by thread T47 here:
    #0 0x56932b40 in malloc (/home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/smart_card_connector_app/build/executable_module/cpp_unittests/out/cpp_unit_test_runner/cpp_unit_test_runner+0x314b40) (BuildId: 2cf89c5926842e8256fc6bba6913b972b4cea374)
    #1 0x56c70b79 in list_init /home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/third_party/ccid/webport/build/../../src/src/simclist.c:276:47
    #2 0x56c13e13 in EHInitializeEventStructures /home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/third_party/pcsc-lite/naclport/server/build/../../../../../third_party/pcsc-lite/src/src/eventhandler.c:137:8
    #3 0x56c05991 in RFAllocateReaderSpace /home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/third_party/pcsc-lite/naclport/server/build/../../../../../third_party/pcsc-lite/src/src/readerfactory.c:154:9
    #4 0x56be7316 in google_smart_card::PcscLiteServerWebPortService::InitializeAndRunDaemonThread() /home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/third_party/pcsc-lite/naclport/server/build/../src/public/pcsc_lite_server_web_port_service.cc:238:17
    #5 0x56b3496a in google_smart_card::Application::InitializeServicesOnBackgroundThread() /home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/smart_card_connector_app/build/cpp_lib/../../../smart_card_connector_app/src/application.cc:69:39
    #6 0x56b376f7 in void std::__invoke_impl<void, void (google_smart_card::Application::*)(), google_smart_card::Application*>(std::__invoke_memfun_deref, void (google_smart_card::Application::*&&)(), google_smart_card::Application*&&) /usr/bin/../lib/gcc-cross/i686-linux-gnu/12/../../../../i686-linux-gnu/include/c++/12/bits/invoke.h:74:14
    #7 0x56b374e9 in std::__invoke_result<void (google_smart_card::Application::*)(), google_smart_card::Application*>::type std::__invoke<void (google_smart_card::Application::*)(), google_smart_card::Application*>(void (google_smart_card::Application::*&&)(), google_smart_card::Application*&&) /usr/bin/../lib/gcc-cross/i686-linux-gnu/12/../../../../i686-linux-gnu/include/c++/12/bits/invoke.h:96:14
    #8 0x56b37491 in void std::thread::_Invoker<std::tuple<void (google_smart_card::Application::*)(), google_smart_card::Application*> >::_M_invoke<0u, 1u>(std::_Index_tuple<0u, 1u>) /usr/bin/../lib/gcc-cross/i686-linux-gnu/12/../../../../i686-linux-gnu/include/c++/12/bits/std_thread.h:279:13
    #9 0x56b37420 in std::thread::_Invoker<std::tuple<void (google_smart_card::Application::*)(), google_smart_card::Application*> >::operator()() /usr/bin/../lib/gcc-cross/i686-linux-gnu/12/../../../../i686-linux-gnu/include/c++/12/bits/std_thread.h:286:11
    #10 0x56b37071 in std::thread::_State_impl<std::thread::_Invoker<std::tuple<void (google_smart_card::Application::*)(), google_smart_card::Application*> > >::_M_run() /usr/bin/../lib/gcc-cross/i686-linux-gnu/12/../../../../i686-linux-gnu/include/c++/12/bits/std_thread.h:231:13
    #11 0xf7cbf070  (/lib32/libstdc++.so.6+0xbf070) (BuildId: db9d23a4bd83319084b4dd57fffb36cacd2e8dfb)
    #12 0x5693e8f9 in __asan::AsanThread::ThreadStart(unsigned long long) (/home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/smart_card_connector_app/build/executable_module/cpp_unittests/out/cpp_unit_test_runner/cpp_unit_test_runner+0x3208f9) (BuildId: 2cf89c5926842e8256fc6bba6913b972b4cea374)

Thread T51 created by T49 here:
    #0 0x5691b30c in __interceptor_pthread_create (/home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/smart_card_connector_app/build/executable_module/cpp_unittests/out/cpp_unit_test_runner/cpp_unit_test_runner+0x2fd30c) (BuildId: 2cf89c5926842e8256fc6bba6913b972b4cea374)
    #1 0x56c23f18 in ThreadCreate /home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/third_party/pcsc-lite/naclport/server/build/../../../../../third_party/pcsc-lite/src/src/utils.c:184:8
    #2 0x56c19838 in CreateContextThread /home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/third_party/pcsc-lite/naclport/server/build/../../../../../third_party/pcsc-lite/src/src/winscard_svc.c:237:7
    #3 0x56beac3c in google_smart_card::(anonymous namespace)::PcscLiteServerDaemonThreadMain() /home/runner/work/chromeos_smart_card_connector/chromeos_smart_card_connector/third_party/pcsc-lite/naclport/server/build/../src/public/pcsc_lite_server_web_port_service.cc:141:5
  0x3decc500: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fd
  0x3decc510: fa fa fd fa fa fa fd fa fa fa fd fa fa fa fd fa
  0x3decc520: fa fa fd fa fa fa fd fd fa fa fd fa fa fa fd fd
  0x3decc530: fa fa fd fa fa fa fd fa fa fa fd fd fa fa fd fd
  0x3decc540: fa fa fd fd fa fa fd fd fa fa fd fd fa fa fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==14417==ABORTING
@emaxx-google
Copy link
Collaborator Author

I haven't seen this since a while, and it might've been fixed by our improvements in the PC/SC-Lite shutdown logic.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant