Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dvf double free error #11

Open
XiaZhouZero opened this issue Apr 25, 2020 · 2 comments
Open

dvf double free error #11

XiaZhouZero opened this issue Apr 25, 2020 · 2 comments

Comments

@XiaZhouZero
Copy link

XiaZhouZero commented Apr 25, 2020
edited
Loading

Hi Yulei,
I was using doing pointer analysis on example.c with dvf,

// example.c
int a_global = 1;
int b_global = 2;

struct tag {
	int tag_id;
	char tag_ch;
};

struct tag struct_var_1_global = {1, 'c'};


void addOne(int *n) {
	int temp = *n;
}

void addTwo(int *n) {
	*n += 2;
}

void addStructField(struct tag *ptr) {
	int id = ptr->tag_id;
	ptr->tag_ch = 'd';
}

void preprocess(int *p, int* q, struct tag *tag_ptr) {
	addOne(p);
	addTwo(q);
	addStructField(tag_ptr);
}

int main() {
	int *ptr_1_local = &a_global;
	int *ptr_2_local = &b_global;
	struct tag *tag_ptr = &struct_var_1_global;
	preprocess(ptr_1_local, ptr_2_local, tag_ptr);
	
	struct tag struct_var_1_local = {2, 'd'};
	preprocess(ptr_1_local, ptr_2_local, &struct_var_1_local);
}

but I encountered this error

/home/zhouxia/clang+llvm-9.0.0-x86_64-linux-gnu-ubuntu-16.04/bin/clang -S -Xclang -disable-O0-optnone -emit-llvm example.c -o example.bc
/home/zhouxia/SVF/Release-build/bin/dvf -dfs -query=all -maxcxt=3 -flowbg=10000 -cxtbg=10000 -print-query-pts example.bc > example.pts
*** Error in `/home/zhouxia/SVF/Release-build/bin/dvf': double free or corruption (fasttop): 0x000000000252ce70 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x777e5)[0x7f322ae527e5]
/lib/x86_64-linux-gnu/libc.so.6(+0x8037a)[0x7f322ae5b37a]
/lib/x86_64-linux-gnu/libc.so.6(cfree+0x4c)[0x7f322ae5f53c]
/home/zhouxia/SVF/Release-build/bin/dvf[0x47f3e4]
======= Memory map: ========
00400000-00cd6000 r-xp 00000000 08:01 7602281                            /home/zhouxia/SVF/Release-build/bin/dvf
00cd7000-00cfb000 r--p 008d6000 08:01 7602281                            /home/zhouxia/SVF/Release-build/bin/dvf
00cfb000-00cfd000 rw-p 008fa000 08:01 7602281                            /home/zhouxia/SVF/Release-build/bin/dvf
00cfd000-00d0a000 rw-p 00000000 00:00 0 
023ed000-02548000 rw-p 00000000 00:00 0                                  [heap]
7f3224000000-7f3224021000 rw-p 00000000 00:00 0 
7f3224021000-7f3228000000 ---p 00000000 00:00 0 
7f322a5da000-7f322addb000 rw-p 00000000 00:00 0 
7f322addb000-7f322af9b000 r-xp 00000000 08:01 23204407                   /lib/x86_64-linux-gnu/libc-2.23.so
7f322af9b000-7f322b19b000 ---p 001c0000 08:01 23204407                   /lib/x86_64-linux-gnu/libc-2.23.so
7f322b19b000-7f322b19f000 r--p 001c0000 08:01 23204407                   /lib/x86_64-linux-gnu/libc-2.23.so
7f322b19f000-7f322b1a1000 rw-p 001c4000 08:01 23204407                   /lib/x86_64-linux-gnu/libc-2.23.so
7f322b1a1000-7f322b1a5000 rw-p 00000000 00:00 0 
7f322b1a5000-7f322b1bb000 r-xp 00000000 08:01 23204445                   /lib/x86_64-linux-gnu/libgcc_s.so.1
7f322b1bb000-7f322b3ba000 ---p 00016000 08:01 23204445                   /lib/x86_64-linux-gnu/libgcc_s.so.1
7f322b3ba000-7f322b3bb000 rw-p 00015000 08:01 23204445                   /lib/x86_64-linux-gnu/libgcc_s.so.1
7f322b3bb000-7f322b4c3000 r-xp 00000000 08:01 23204477                   /lib/x86_64-linux-gnu/libm-2.23.so
7f322b4c3000-7f322b6c2000 ---p 00108000 08:01 23204477                   /lib/x86_64-linux-gnu/libm-2.23.so
7f322b6c2000-7f322b6c3000 r--p 00107000 08:01 23204477                   /lib/x86_64-linux-gnu/libm-2.23.so
7f322b6c3000-7f322b6c4000 rw-p 00108000 08:01 23204477                   /lib/x86_64-linux-gnu/libm-2.23.so
7f322b6c4000-7f322b836000 r-xp 00000000 08:01 39192826                   /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21
7f322b836000-7f322ba36000 ---p 00172000 08:01 39192826                   /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21
7f322ba36000-7f322ba40000 r--p 00172000 08:01 39192826                   /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21
7f322ba40000-7f322ba42000 rw-p 0017c000 08:01 39192826                   /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21
7f322ba42000-7f322ba46000 rw-p 00000000 00:00 0 
7f322ba46000-7f322ba5e000 r-xp 00000000 08:01 23204553                   /lib/x86_64-linux-gnu/libpthread-2.23.so
7f322ba5e000-7f322bc5d000 ---p 00018000 08:01 23204553                   /lib/x86_64-linux-gnu/libpthread-2.23.so
7f322bc5d000-7f322bc5e000 r--p 00017000 08:01 23204553                   /lib/x86_64-linux-gnu/libpthread-2.23.so
7f322bc5e000-7f322bc5f000 rw-p 00018000 08:01 23204553                   /lib/x86_64-linux-gnu/libpthread-2.23.so
7f322bc5f000-7f322bc63000 rw-p 00000000 00:00 0 
7f322bc63000-7f322bc88000 r-xp 00000000 08:01 23204579                   /lib/x86_64-linux-gnu/libtinfo.so.5.9
7f322bc88000-7f322be87000 ---p 00025000 08:01 23204579                   /lib/x86_64-linux-gnu/libtinfo.so.5.9
7f322be87000-7f322be8b000 r--p 00024000 08:01 23204579                   /lib/x86_64-linux-gnu/libtinfo.so.5.9
7f322be8b000-7f322be8c000 rw-p 00028000 08:01 23204579                   /lib/x86_64-linux-gnu/libtinfo.so.5.9
7f322be8c000-7f322bea5000 r-xp 00000000 08:01 23204402                   /lib/x86_64-linux-gnu/libz.so.1.2.8
7f322bea5000-7f322c0a4000 ---p 00019000 08:01 23204402                   /lib/x86_64-linux-gnu/libz.so.1.2.8
7f322c0a4000-7f322c0a5000 r--p 00018000 08:01 23204402                   /lib/x86_64-linux-gnu/libz.so.1.2.8
7f322c0a5000-7f322c0a6000 rw-p 00019000 08:01 23204402                   /lib/x86_64-linux-gnu/libz.so.1.2.8
7f322c0a6000-7f322c0cc000 r-xp 00000000 08:01 23204379                   /lib/x86_64-linux-gnu/ld-2.23.so
7f322c11e000-7f322c2a8000 rw-p 00000000 00:00 0 
7f322c2ca000-7f322c2cb000 rw-p 00000000 00:00 0 
7f322c2cb000-7f322c2cc000 r--p 00025000 08:01 23204379                   /lib/x86_64-linux-gnu/ld-2.23.so
7f322c2cc000-7f322c2cd000 rw-p 00026000 08:01 23204379                   /lib/x86_64-linux-gnu/ld-2.23.so
7f322c2cd000-7f322c2ce000 rw-p 00000000 00:00 0 
7ffdab71d000-7ffdab73e000 rw-p 00000000 00:00 0                          [stack]
7ffdab762000-7ffdab765000 r--p 00000000 00:00 0                          [vvar]
7ffdab765000-7ffdab767000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]
Aborted (core dumped)
Makefile:17: recipe for target 'example.pts' failed
make: *** [example.pts] Error 134

It seems like that there is an double free error with dvf but I don't know fix it. Have you ever meet this error before? Can you give me any advice on this error? Thanks very much!
@yuleisui
Copy link
Collaborator

Your example works on my machine. There is no crash.

SUPA has been integrated into SVF. You may wish to build SVF and analyze your example following https://github.com/SVF-tools/SUPA#supa-value-flow-based-demand-driven-pointer-analysis

@XiaZhouZero
Copy link
Author

XiaZhouZero commented Apr 25, 2020
edited
Loading

Thanks for your reply!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@yuleisui @XiaZhouZero