You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
==259759==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6310000147c8 at pc 0x556206458633 bp 0x7ff11497f210 sp 0x7ff11497f208
WRITE of size 8 at 0x6310000147c8 thread T0
#0 0x556206458632 in stack_put_watermark /home/shiny/dev/tarantool/src/lib/core/fiber.c:1126:8
#1 0x55620645dfff in fiber_stack_watermark_create /home/shiny/dev/tarantool/src/lib/core/fiber.c:1213:2
#2 0x55620643e82a in fiber_stack_create /home/shiny/dev/tarantool/src/lib/core/fiber.c:1319:2
#3 0x55620643b0dc in fiber_new_ex /home/shiny/dev/tarantool/src/lib/core/fiber.c:1373:7
#4 0x556206405965 in main_f /home/shiny/dev/tarantool/test/unit/fiber_stack.c:102:10
#5 0x556206403c96 in fiber_c_invoke /home/shiny/dev/tarantool/src/lib/core/fiber.h:1151:9
#6 0x55620643ee0e in fiber_loop /home/shiny/dev/tarantool/src/lib/core/fiber.c:1013:18
#7 0x5562065481f8 in coro_init /home/shiny/dev/tarantool/third_party/coro/coro.c:108:3
0x6310000147c8 is located 56 bytes to the left of 65536-byte region [0x631000014800,0x631000024800)
allocated by thread T0 here:
#0 0x5562063bb239 in malloc (/home/shiny/dev/tarantool/build-asan-debug/test/unit/fiber_stack.test+0x1a1239) (BuildId: 3726deb8a4e6c608e3705b7bf6332d76685089b6)
#1 0x55620645aaf0 in slab_get /home/shiny/dev/tarantool/src/lib/small/include/small/slab_cache_malloc.h:108:37
#2 0x55620643d927 in fiber_stack_create /home/shiny/dev/tarantool/src/lib/core/fiber.c:1273:22
#3 0x55620643b0dc in fiber_new_ex /home/shiny/dev/tarantool/src/lib/core/fiber.c:1373:7
#4 0x556206405965 in main_f /home/shiny/dev/tarantool/test/unit/fiber_stack.c:102:10
#5 0x556206403c96 in fiber_c_invoke /home/shiny/dev/tarantool/src/lib/core/fiber.h:1151:9
#6 0x55620643ee0e in fiber_loop /home/shiny/dev/tarantool/src/lib/core/fiber.c:1013:18
#7 0x5562065481f8 in coro_init /home/shiny/dev/tarantool/third_party/coro/coro.c:108:3
SUMMARY: AddressSanitizer: heap-buffer-overflow /home/shiny/dev/tarantool/src/lib/core/fiber.c:1126:8 in stack_put_watermark
Shadow bytes around the buggy address:
0x0c627fffa8a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c627fffa8b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c627fffa8c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c627fffa8d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c627fffa8e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c627fffa8f0: fa fa fa fa fa fa fa fa fa[fa]fa fa fa fa fa fa
0x0c627fffa900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c627fffa910: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c627fffa920: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c627fffa930: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c627fffa940: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==259759==ABORTING
The text was updated successfully, but these errors were encountered:
Fiber flags are initialized after fiber stack creation. As result
currently check for custom stack in fiber_stack_watermark_create does
not work. This leads to heap-buffer-overflow on putting watermark
if custom stack size is less than FIBER_STACK_SIZE_WATERMARK.
Closetarantool#9026
NO_DOC=bugfix
Fiber flags are initialized after fiber stack creation. As result
currently check for custom stack in fiber_stack_watermark_create does
not work. This leads to heap-buffer-overflow on putting watermark
if custom stack size is less than FIBER_STACK_SIZE_WATERMARK.
Close#9026
NO_DOC=bugfix
Fiber flags are initialized after fiber stack creation. As result
currently check for custom stack in fiber_stack_watermark_create does
not work. This leads to heap-buffer-overflow on putting watermark
if custom stack size is less than FIBER_STACK_SIZE_WATERMARK.
Close#9026
NO_DOC=bugfix
(cherry picked from commit 750e489)
Fiber flags are initialized after fiber stack creation. As result
currently check for custom stack in fiber_stack_watermark_create does
not work. This leads to heap-buffer-overflow on putting watermark
if custom stack size is less than FIBER_STACK_SIZE_WATERMARK.
Close#9026
NO_DOC=bugfix
(cherry picked from commit 750e489)
Found in 3.0.0-alpha1-16-g0e5a3cc21.
Exposed by fiber_stack.c unit test with the patch below and ASAN friendly allocators (WIP PR #8901).
The text was updated successfully, but these errors were encountered: