Skip to content

Address sanitizer 'use after free' error in FOF branch

I've been testing changes to the FOF branch on the EAGLE_6 low redshift ICs by using the standalone FOF main program in examples/main_fof.c. If I revert to the current head of the FOF branch and run using gcc and '--enable-sanitizer' then the program aborts after the FOF calculation with a 'use after free' error.

This happens even running on one MPI rank with just one thread. E.g.

mpirun -np 1 ../../fof_mpi -G -t 1 ./eagle_6.yml

The error is triggered in function runner_main() at runner.c:2976, which does

t = scheduler_gettask(sched, r->qid, prev);

This seems to be happening after engine_clean() is called - address sanitizer is saying that the offending free() is

free(e->runners);

at engine.c:5329. So I guess a thread is somehow still trying to run tasks while the task related data structures are being deallocated. Here's the full error from the address sanitizer:

==10929==ERROR: AddressSanitizer: heap-use-after-free on address 0x61b00000b694 at pc 0x00000083a681 bp 0x2b47bbdd3c30 sp 0x2b47bbdd3c28
READ of size 4 at 0x61b00000b694 thread T3
    #0 0x83a680 in runner_main /cosma5/data/jch/SWIFT/FOF/swift-orig/src/runner.c:2976
    #1 0x2b4793fd5dd4 in start_thread (/lib64/libpthread.so.0+0x7dd4)
    #2 0x2b47942e7eac in __clone (/lib64/libc.so.6+0xfdeac)

0x61b00000b694 is located 20 bytes inside of 1472-byte region [0x61b00000b680,0x61b00000bc40)
freed by thread T0 here:
    #0 0x2b47901ae598 in __interceptor_free ../../../../libsanitizer/asan/asan_malloc_linux.cc:45
    #1 0x51f1fa in engine_clean /cosma5/data/jch/SWIFT/FOF/swift-orig/src/engine.c:5329
    #2 0x40f03e in main /cosma5/data/jch/SWIFT/FOF/swift-orig/examples/main_fof.c:1089
    #3 0x2b479420c3d4 in __libc_start_main (/lib64/libc.so.6+0x223d4)

previously allocated by thread T0 here:
    #0 0x2b47901af428 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:134
    #1 0x518b7a in engine_config /cosma5/data/jch/SWIFT/FOF/swift-orig/src/engine.c:4822
    #2 0x40e5bf in main /cosma5/data/jch/SWIFT/FOF/swift-orig/examples/main_fof.c:948
    #3 0x2b479420c3d4 in __libc_start_main (/lib64/libc.so.6+0x223d4)

Thread T3 created by T0 here:
    #0 0x2b479010c060 in __interceptor_pthread_create ../../../../libsanitizer/asan/asan_interceptors.cc:243
    #1 0x518e6a in engine_config /cosma5/data/jch/SWIFT/FOF/swift-orig/src/engine.c:4828
    #2 0x40e5bf in main /cosma5/data/jch/SWIFT/FOF/swift-orig/examples/main_fof.c:948
    #3 0x2b479420c3d4 in __libc_start_main (/lib64/libc.so.6+0x223d4)
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information