Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Buffer overrun in HcalTDC::timing #29073

Closed
Dr15Jones opened this issue Mar 2, 2020 · 14 comments
Closed

Buffer overrun in HcalTDC::timing #29073

Dr15Jones opened this issue Mar 2, 2020 · 14 comments
Labels
fully-signed simulation-approved

Comments

@Dr15Jones
Copy link
Contributor

The address sanitizer is now showing

==21726==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61d00539b050 at pc 0x2afb09710ff2 bp 0x7ffe128e9da0 sp 0x7ffe128e9d98
READ of size 4 at 0x61d00539b050 thread T0
    #0 0x2afb09710ff1 in HcalTDC::timing(CaloSamples const&amp, QIE11DataFrame&amp) const (/cvmfs/cms-ib.cern.ch/nweek-02617/slc7_amd64_gcc820/cms/cmssw/CMSSW_11_1_ASAN_X_2020-02-28-2300/lib/slc7_amd64_gcc820/libSimCalorimetryHcalSimAlgos.so+0x22ff1)
    #1 0x2afb09748765 in HcalElectronicsSim::analogToDigital(CLHEP::HepRandomEngine*, CaloSamples&amp, QIE11DataFrame&amp, double, unsigned int) (/cvmfs/cms-ib.cern.ch/nweek-02617/slc7_amd64_gcc820/cms/cmssw/CMSSW_11_1_ASAN_X_2020-02-28-2300/lib/slc7_amd64_gcc820/libSimCalorimetryHcalSimAlgos.so+0x5a765)
    #2 0x2afb0969e0c3 in CaloTDigitizer<HcalQIE11DigitizerTraits, CaloTDigitizerQIE1011Run>::run(HcalDataFrameContainer<QIE11DataFrame>&amp, CLHEP::HepRandomEngine*) (/cvmfs/cms-ib.cern.ch/nweek-02617/slc7_amd64_gcc820/cms/cmssw/CMSSW_11_1_ASAN_X_2020-02-28-2300/lib/slc7_amd64_gcc820/libSimCalorimetryHcalSimProducers.so+0xcf0c3)
    #3 0x2afb09658f83 in HcalDigitizer::finalizeEvent(edm::Event&amp, edm::EventSetup const&amp, CLHEP::HepRandomEngine*) (/cvmfs/cms-ib.cern.ch/nweek-02617/slc7_amd64_gcc820/cms/cmssw/CMSSW_11_1_ASAN_X_2020-02-28-2300/lib/slc7_amd64_gcc820/libSimCalorimetryHcalSimProducers.so+0x89f83)
    #4 0x2afb09602958 in HcalDigiProducer::finalizeEvent(edm::Event&amp, edm::EventSetup const&amp) (/cvmfs/cms-ib.cern.ch/nweek-02617/slc7_amd64_gcc820/cms/cmssw/CMSSW_11_1_ASAN_X_2020-02-28-2300/lib/slc7_amd64_gcc820/libSimCalorimetryHcalSimProducers.so+0x33958)
    #5 0x2afb09438ebe in edm::MixingModule::finalizeEvent(edm::Event&amp, edm::EventSetup const&amp) (/cvmfs/cms-ib.cern.ch/nweek-02617/slc7_amd64_gcc820/cms/cmssw/CMSSW_11_1_ASAN_X_2020-02-28-2300/lib/slc7_amd64_gcc820/pluginSimGeneralMixingModulePlugins.so+0xacebe)
    #6 0x2afb097ba6a2 in edm::BMixingModule::produce(edm::Event&amp, edm::EventSetup const&amp) (/cvmfs/cms-ib.cern.ch/nweek-02617/slc7_amd64_gcc820/cms/cmssw/CMSSW_11_1_ASAN_X_2020-02-28-2300/lib/slc7_amd64_gcc820/libMixingBase.so+0x5d6a2)

0x61d00539b050 is located 0 bytes to the right of 2000-byte region [0x61d00539a880,0x61d00539b050)
allocated by thread T0 here:
    #0 0x2afad2d7fd90 in operator new(unsigned long) ../../../../libsanitizer/asan/asan_new_delete.cc:90
    #1 0x2afaf563d851 in CaloHitResponse::add(CaloSamples const&amp) (/cvmfs/cms-ib.cern.ch/nweek-02617/slc7_amd64_gcc820/cms/cmssw/CMSSW_11_1_ASAN_X_2020-02-28-2300/lib/slc7_amd64_gcc820/libSimCalorimetryCaloSimAlgos.so+0xb851)
    #2 0x2afb097269df in HcalSiPMHitResponse::finalizeHits(CLHEP::HepRandomEngine*) (/cvmfs/cms-ib.cern.ch/nweek-02617/slc7_amd64_gcc820/cms/cmssw/CMSSW_11_1_ASAN_X_2020-02-28-2300/lib/slc7_amd64_gcc820/libSimCalorimetryHcalSimAlgos.so+0x389df)
    #3 0x2afb0969d90e in CaloTDigitizer<HcalQIE11DigitizerTraits, CaloTDigitizerQIE1011Run>::run(HcalDataFrameContainer<QIE11DataFrame>&amp, CLHEP::HepRandomEngine*) (/cvmfs/cms-ib.cern.ch/nweek-02617/slc7_amd64_gcc820/cms/cmssw/CMSSW_11_1_ASAN_X_2020-02-28-2300/lib/slc7_amd64_gcc820/libSimCalorimetryHcalSimProducers.so+0xce90e)
    #4 0x2afb09658f83 in HcalDigitizer::finalizeEvent(edm::Event&amp, edm::EventSetup const&amp, CLHEP::HepRandomEngine*) (/cvmfs/cms-ib.cern.ch/nweek-02617/slc7_amd64_gcc820/cms/cmssw/CMSSW_11_1_ASAN_X_2020-02-28-2300/lib/slc7_amd64_gcc820/libSimCalorimetryHcalSimProducers.so+0x89f83)
    #5 0x2afb09602958 in HcalDigiProducer::finalizeEvent(edm::Event&amp, edm::EventSetup const&amp) (/cvmfs/cms-ib.cern.ch/nweek-02617/slc7_amd64_gcc820/cms/cmssw/CMSSW_11_1_ASAN_X_2020-02-28-2300/lib/slc7_amd64_gcc820/libSimCalorimetryHcalSimProducers.so+0x33958)
    #6 0x2afb09438ebe in edm::MixingModule::finalizeEvent(edm::Event&amp, edm::EventSetup const&amp) (/cvmfs/cms-ib.cern.ch/nweek-02617/slc7_amd64_gcc820/cms/cmssw/CMSSW_11_1_ASAN_X_2020-02-28-2300/lib/slc7_amd64_gcc820/pluginSimGeneralMixingModulePlugins.so+0xacebe)
    #7 0x2afb097ba6a2 in edm::BMixingModule::produce(edm::Event&amp, edm::EventSetup const&amp) (/cvmfs/cms-ib.cern.ch/nweek-02617/slc7_amd64_gcc820/cms/cmssw/CMSSW_11_1_ASAN_X_2020-02-28-2300/lib/slc7_amd64_gcc820/libMixingBase.so+0x5d6a2)
@Dr15Jones
Copy link
Contributor Author

assign simulation

@cmsbuild
Copy link
Contributor

cmsbuild commented Mar 2, 2020

New categories assigned: simulation

@mdhildreth,@civanch you have been requested to review this Pull request/Issue and eventually sign? Thanks

@cmsbuild
Copy link
Contributor

cmsbuild commented Mar 2, 2020

A new Issue was created by @Dr15Jones Chris Jones.

@Dr15Jones, @smuzaffar, @silviodonato, @makortel, @davidlange6, @fabiocos can you please review it and eventually sign/assign? Thanks.

cms-bot commands are listed here

@Dr15Jones
Copy link
Contributor Author

An example output can be found here:
https://cmssdt.cern.ch/SDT/cgi-bin/buildlogs/raw/slc7_amd64_gcc820/CMSSW_11_1_ASAN_X_2020-02-28-2300/pyRelValMatrixLogs/run/7.23_Cosmics_UP21+Cosmics_UP21+DIGICOS_UP21+RECOCOS_UP21+ALCACOS_UP21+HARVESTCOS_UP21/step2_Cosmics_UP21+Cosmics_UP21+DIGICOS_UP21+RECOCOS_UP21+ALCACOS_UP21+HARVESTCOS_UP21.log

@civanch
Copy link
Contributor

civanch commented Apr 5, 2020

@abdoulline , can this problem be connected with the fix #29235 ?

@Dr15Jones
Copy link
Contributor Author

Dr15Jones commented Apr 5, 2020
edited

@civanch that was merged in but the problem is still seen in yesterday's ASAN IB.

Ooops, my bad. It is another buffer overrun that was seen yesterday. I think that you are correct about the fix.

@abdoulline
Copy link

abdoulline commented Apr 6, 2020
edited

@civanch , @Dr15Jones
thank you for the reminder, I suppose #29235 (@lwang046) did fix this issue.
NB: added on April 27: #29083 had to fix the Issue, #29235 should be irrelevant to all these.

@civanch
Copy link
Contributor

civanch commented Apr 27, 2020

@abdoulline , @lwang046 , can you, please, confirm, that the issue is fixed now? It was discovered after #29235 was merged and may not necessary connected with this PR.

@lwang046
Copy link
Contributor

Hi @civanch, if you check the modification in PR#29235 the only change was removing a multiplier variable from an equation, I couldn't think of any reason why it could cause or fix this issue.

@civanch
Copy link
Contributor

civanch commented Apr 27, 2020

@lwang046 , yes, this issue probably disconnected with the PR. AT the other hand, the overflow is in the same code. Should it be understood and a protection added?

@abdoulline
Copy link

My bad, it's not #29235, but #29083 which had to fix anomalies in HcalTDC::timing (subject of this Issue) since March 9.

@abdoulline
Copy link

abdoulline commented Apr 27, 2020
edited

Vladimir, do you mean there are still buffer overrun in HcalTDC::timing() ??

@civanch
Copy link
Contributor

civanch commented Apr 27, 2020

+1

it seems, that this issue was opened Mar,2 and the #29083 was merged Mar,9.

@cmsbuild
Copy link
Contributor

This issue is fully signed and ready to be closed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
fully-signed simulation-approved
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@Dr15Jones @cmsbuild @civanch @abdoulline @silviodonato @lwang046