Skip to content
GitLab
Projects Groups Topics Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • SWIFTsim SWIFTsim
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributor statistics
    • Graph
    • Compare revisions
  • Issues 52
    • Issues 52
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 17
    • Merge requests 17
  • Deployments
    • Deployments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
Collapse sidebar
  • SWIFT
  • SWIFTsimSWIFTsim
  • Issues
  • #559
Closed
Open
Issue created Mar 25, 2019 by John Helly@jchDeveloper

Address sanitizer 'use after free' error in FOF branch

I've been testing changes to the FOF branch on the EAGLE_6 low redshift ICs by using the standalone FOF main program in examples/main_fof.c. If I revert to the current head of the FOF branch and run using gcc and '--enable-sanitizer' then the program aborts after the FOF calculation with a 'use after free' error.

This happens even running on one MPI rank with just one thread. E.g.

mpirun -np 1 ../../fof_mpi -G -t 1 ./eagle_6.yml

The error is triggered in function runner_main() at runner.c:2976, which does

t = scheduler_gettask(sched, r->qid, prev);

This seems to be happening after engine_clean() is called - address sanitizer is saying that the offending free() is

free(e->runners);

at engine.c:5329. So I guess a thread is somehow still trying to run tasks while the task related data structures are being deallocated. Here's the full error from the address sanitizer:

==10929==ERROR: AddressSanitizer: heap-use-after-free on address 0x61b00000b694 at pc 0x00000083a681 bp 0x2b47bbdd3c30 sp 0x2b47bbdd3c28
READ of size 4 at 0x61b00000b694 thread T3
    #0 0x83a680 in runner_main /cosma5/data/jch/SWIFT/FOF/swift-orig/src/runner.c:2976
    #1 0x2b4793fd5dd4 in start_thread (/lib64/libpthread.so.0+0x7dd4)
    #2 0x2b47942e7eac in __clone (/lib64/libc.so.6+0xfdeac)

0x61b00000b694 is located 20 bytes inside of 1472-byte region [0x61b00000b680,0x61b00000bc40)
freed by thread T0 here:
    #0 0x2b47901ae598 in __interceptor_free ../../../../libsanitizer/asan/asan_malloc_linux.cc:45
    #1 0x51f1fa in engine_clean /cosma5/data/jch/SWIFT/FOF/swift-orig/src/engine.c:5329
    #2 0x40f03e in main /cosma5/data/jch/SWIFT/FOF/swift-orig/examples/main_fof.c:1089
    #3 0x2b479420c3d4 in __libc_start_main (/lib64/libc.so.6+0x223d4)

previously allocated by thread T0 here:
    #0 0x2b47901af428 in __interceptor_posix_memalign ../../../../libsanitizer/asan/asan_malloc_linux.cc:134
    #1 0x518b7a in engine_config /cosma5/data/jch/SWIFT/FOF/swift-orig/src/engine.c:4822
    #2 0x40e5bf in main /cosma5/data/jch/SWIFT/FOF/swift-orig/examples/main_fof.c:948
    #3 0x2b479420c3d4 in __libc_start_main (/lib64/libc.so.6+0x223d4)

Thread T3 created by T0 here:
    #0 0x2b479010c060 in __interceptor_pthread_create ../../../../libsanitizer/asan/asan_interceptors.cc:243
    #1 0x518e6a in engine_config /cosma5/data/jch/SWIFT/FOF/swift-orig/src/engine.c:4828
    #2 0x40e5bf in main /cosma5/data/jch/SWIFT/FOF/swift-orig/examples/main_fof.c:948
    #3 0x2b479420c3d4 in __libc_start_main (/lib64/libc.so.6+0x223d4)
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking