AddressSanitizer: allocation-size-too-big ../../../../src/libsanitizer/asan/asan_new_delete.cpp:99 in operator new(unsigned long) #2669
Description
Current State
Run the following command:
wasm-interp --enable-all --run-export=main test.wasm -a i64:707 -a i32:1Observed output:
=================================================================
�[1m�[31m==332069==ERROR: AddressSanitizer: requested allocation size 0x1000000000000 (0x1000000001000 after adjustments for alignment, red zones etc.) exceeds maximum supported size of 0x10000000000 (thread T0)
�[1m�[0m #0 0x7ffff767f1e7 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cpp:99
#1 0x5555555bbc8b in __gnu_cxx::new_allocator<unsigned char>::allocate(unsigned long, void const*) /usr/include/c++/11/ext/new_allocator.h:127
#2 0x5555555bbc8b in std::allocator_traits<std::allocator<unsigned char> >::allocate(std::allocator<unsigned char>&, unsigned long) /usr/include/c++/11/bits/alloc_traits.h:464
#3 0x5555555bbc8b in std::_Vector_base<unsigned char, std::allocator<unsigned char> >::_M_allocate(unsigned long) /usr/include/c++/11/bits/stl_vector.h:346
#4 0x5555555bbc8b in std::vector<unsigned char, std::allocator<unsigned char> >::_M_default_append(unsigned long) /usr/include/c++/11/bits/vector.tcc:635
#5 0x555555653fa7 in std::vector<unsigned char, std::allocator<unsigned char> >::resize(unsigned long) /usr/include/c++/11/bits/stl_vector.h:940
#6 0x555555653fa7 in wabt::interp::Memory::Memory(wabt::interp::Store&, wabt::interp::MemoryType) /work/harnesses/sources/wabt/src/interp/interp.cc:660
#7 0x5555556cae7c in wabt::interp::RefPtr<wabt::interp::Memory> wabt::interp::Store::Alloc<wabt::interp::Memory, wabt::interp::Store&, wabt::interp::MemoryType&>(wabt::interp::Store&, wabt::interp::MemoryType&) /work/harnesses/sources/wabt/include/wabt/interp/interp-inl.h:507
#8 0x55555566d6fc in wabt::interp::Memory::New(wabt::interp::Store&, wabt::interp::MemoryType) /work/harnesses/sources/wabt/include/wabt/interp/interp-inl.h:713
#9 0x55555566d6fc in wabt::interp::Instance::Instantiate(wabt::interp::Store&, wabt::interp::Ref, std::vector<wabt::interp::Ref, std::allocator<wabt::interp::Ref> > const&, wabt::interp::RefPtr<wabt::interp::Trap>*) /work/harnesses/sources/wabt/src/interp/interp.cc:922
#10 0x5555555a77fd in InstantiateModule /work/harnesses/sources/wabt/src/tools/wasm-interp.cc:340
#11 0x5555555a77fd in ReadAndRunModule /work/harnesses/sources/wabt/src/tools/wasm-interp.cc:423
#12 0x5555555a77fd in ProgramMain(int, char**) /work/harnesses/sources/wabt/src/tools/wasm-interp.cc:450
#13 0x5555555a81c3 in main /work/harnesses/sources/wabt/src/tools/wasm-interp.cc:456
#14 0x7ffff6c0dd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
==332069==HINT: if you don't care about these errors you may set allocator_may_return_null=1
SUMMARY: AddressSanitizer: allocation-size-too-big ../../../../src/libsanitizer/asan/asan_new_delete.cpp:99 in operator new(unsigned long)
==332069==ABORTING
GDB Backtrace
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Program received signal SIGABRT, Aborted.
__pthread_kill_implementation (no_tid=..., signo=..., threadid=...) at ./nptl/pthread_kill.c:44
#0 __pthread_kill_implementation (no_tid=..., signo=..., threadid=...) at ./nptl/pthread_kill.c:44
#1 __pthread_kill_internal (signo=..., threadid=...) at ./nptl/pthread_kill.c:78
#2 __GI___pthread_kill (threadid=..., signo=...) at ./nptl/pthread_kill.c:89
#3 0x00007ffff6c26476 in __GI_raise (sig=...) at ../sysdeps/posix/raise.c:26
#4 0x00007ffff6c0c7f3 in __GI_abort () at ./stdlib/abort.c:79
#5 0x00007ffff769b712 in __sanitizer::Abort () at ../../../../src/libsanitizer/sanitizer_common/sanitizer_posix_libcdep.cpp:151
#6 0x00007ffff76a72cc in __sanitizer::Die () at ../../../../src/libsanitizer/sanitizer_common/sanitizer_termination.cpp:58
#7 0x00007ffff768677c in __asan::ScopedInErrorReport::~ScopedInErrorReport (this=..., __in_chrg=...) at ../../../../src/libsanitizer/asan/asan_report.cpp:190
#8 0x00007ffff76854ea in __asan::ReportAllocationSizeTooBig (user_size=..., total_size=..., max_size=..., stack=...) at ../../../../src/libsanitizer/asan/asan_report.cpp:313
#9 0x00007ffff75f5713 in __asan::Allocator::Allocate (this=..., size=..., alignment=..., stack=..., alloc_type=..., can_fill=...) at ../../../../src/libsanitizer/asan/asan_allocator.cpp:530
#10 0x00007ffff75f143d in __asan::asan_memalign (alignment=..., size=..., stack=..., alloc_type=...) at ../../../../src/libsanitizer/asan/asan_allocator.cpp:1039
#11 0x00007ffff767f1a4 in operator new (size=...) at ../../../../src/libsanitizer/asan/asan_new_delete.cpp:99
#12 0x00005555555bbc8c in __gnu_cxx::new_allocator<unsigned char>::allocate (__n=..., this=...) at /usr/include/c++/11/ext/new_allocator.h:127
#13 std::allocator_traits<std::allocator<unsigned char> >::allocate (__n=..., __a=...) at /usr/include/c++/11/bits/alloc_traits.h:464
#14 std::_Vector_base<unsigned char, std::allocator<unsigned char> >::_M_allocate (__n=..., this=...) at /usr/include/c++/11/bits/stl_vector.h:346
#15 std::vector<unsigned char, std::allocator<unsigned char> >::_M_default_append (this=..., __n=...) at /usr/include/c++/11/bits/vector.tcc:635
#16 0x0000555555653fa8 in std::vector<unsigned char, std::allocator<unsigned char> >::resize (__new_size=..., this=...) at /usr/include/c++/11/bits/stl_vector.h:940
#17 wabt::interp::Memory::Memory (this=..., type=...) at /work/harnesses/sources/wabt/src/interp/interp.cc:660
#18 0x00005555556cae7d in wabt::interp::Store::Alloc<wabt::interp::Memory, wabt::interp::Store&, wabt::interp::MemoryType&> (this=...) at /work/harnesses/sources/wabt/include/wabt/interp/interp-inl.h:507
#19 0x000055555566d6fd in wabt::interp::Memory::New (type=..., store=...) at /work/harnesses/sources/wabt/include/wabt/interp/interp-inl.h:713
rax 0x0 0
rbx 0x7ffff6bdf7c0 140737333032896
rcx 0x7ffff6c7a9fc 140737333668348
rdx 0x6 6
rsi 0x51192 332178
rdi 0x51192 332178
rbp 0x51192 0x51192
rsp 0x7fffffffa680 0x7fffffffa680
r8 0x7fffffffa750 140737488332624
r9 0x0 0
r10 0x8 8
r11 0x246 582
r12 0x6 6
r13 0x16 22
r14 0x7ffff03f0000 140737224048640
r15 0x10000 65536
rip 0x7ffff6c7a9fc 0x7ffff6c7a9fc <__GI___pthread_kill+300>
eflags 0x246 [ PF ZF IF ]
cs 0x33 51
ss 0x2b 43
ds 0x0 0
es 0x0 0
fs 0x0 0
gs 0x0 0
A debugging session is active.
Inferior 1 [process 332178] will be killed.
Quit anyway? (y or n) [answered Y; input not from terminal]
warning: Error disabling address space randomization: Operation not permitted
=================================================================
==332178==ERROR: AddressSanitizer: requested allocation size 0x1000000000000 (0x1000000001000 after adjustments for alignment, red zones etc.) exceeds maximum supported size of 0x10000000000 (thread T0)
#0 0x7ffff767f1e7 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cpp:99
#1 0x5555555bbc8b in __gnu_cxx::new_allocator<unsigned char>::allocate(unsigned long, void const*) /usr/include/c++/11/ext/new_allocator.h:127
#2 0x5555555bbc8b in std::allocator_traits<std::allocator<unsigned char> >::allocate(std::allocator<unsigned char>&, unsigned long) /usr/include/c++/11/bits/alloc_traits.h:464
#3 0x5555555bbc8b in std::_Vector_base<unsigned char, std::allocator<unsigned char> >::_M_allocate(unsigned long) /usr/include/c++/11/bits/stl_vector.h:346
#4 0x5555555bbc8b in std::vector<unsigned char, std::allocator<unsigned char> >::_M_default_append(unsigned long) /usr/include/c++/11/bits/vector.tcc:635
#5 0x555555653fa7 in std::vector<unsigned char, std::allocator<unsigned char> >::resize(unsigned long) /usr/include/c++/11/bits/stl_vector.h:940
#6 0x555555653fa7 in wabt::interp::Memory::Memory(wabt::interp::Store&, wabt::interp::MemoryType) /work/harnesses/sources/wabt/src/interp/interp.cc:660
#7 0x5555556cae7c in wabt::interp::RefPtr<wabt::interp::Memory> wabt::interp::Store::Alloc<wabt::interp::Memory, wabt::interp::Store&, wabt::interp::MemoryType&>(wabt::interp::Store&, wabt::interp::MemoryType&) /work/harnesses/sources/wabt/include/wabt/interp/interp-inl.h:507
#8 0x55555566d6fc in wabt::interp::Memory::New(wabt::interp::Store&, wabt::interp::MemoryType) /work/harnesses/sources/wabt/include/wabt/interp/interp-inl.h:713
#9 0x55555566d6fc in wabt::interp::Instance::Instantiate(wabt::interp::Store&, wabt::interp::Ref, std::vector<wabt::interp::Ref, std::allocator<wabt::interp::Ref> > const&, wabt::interp::RefPtr<wabt::interp::Trap>*) /work/harnesses/sources/wabt/src/interp/interp.cc:922
#10 0x5555555a77fd in InstantiateModule /work/harnesses/sources/wabt/src/tools/wasm-interp.cc:340
#11 0x5555555a77fd in ReadAndRunModule /work/harnesses/sources/wabt/src/tools/wasm-interp.cc:423
#12 0x5555555a77fd in ProgramMain(int, char**) /work/harnesses/sources/wabt/src/tools/wasm-interp.cc:450
#13 0x5555555a81c3 in main /work/harnesses/sources/wabt/src/tools/wasm-interp.cc:456
#14 0x7ffff6c0dd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
==332178==HINT: if you don't care about these errors you may set allocator_may_return_null=1
SUMMARY: AddressSanitizer: allocation-size-too-big ../../../../src/libsanitizer/asan/asan_new_delete.cpp:99 in operator new(unsigned long)
==332178==ABORTING
44 ./nptl/pthread_kill.c: No such file or directory.
Reproduction steps
- Save the attached test file:
test.wasm - Run the command:
wasm-interp --enable-all --run-export=main test.wasm -a i64:707 -a i32:1- Observe the crash/error
WABT Version or Commit you used
Commit: ee87962
Version: 1.0.39 (git~1.0.39-3-gee879620)
Operating system information
Ubuntu 20.04
Hardware Architecture
amd64 (x86_64)