Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

alloc-dealloc-mismatch (operator new [] vs free) in libasan_preload.so #693

Closed
daliands opened this issue Jun 20, 2016 · 1 comment
Closed

alloc-dealloc-mismatch (operator new [] vs free) in libasan_preload.so #693

daliands opened this issue Jun 20, 2016 · 1 comment

Comments

@daliands
Copy link

I use Android5.0.1 to make a asan Rom,chang libasan.rz_arm_android.so to libasan_preload.so(because I didn't it in /system/lib,but i could find it in Android4.4,So I gusee it has been changed name in Android5.0.1,they are the same so.),Then i copy all the so in /system/lib to /system/lib/asan/.Then I run the command:asanwrapper /system/bin/app_process "/system/bin" "--application" "--nick-name=com.ryu.asandemo" "com.android.internal.os.WrapperInit" "11" "20" "android.app.Activity“ then I get a problem in libasan_preload,in new() it calls malloc(),then delete() has been called.the error output is below.

02-04 01:31:33.745: I/(5144): ==5144==Parsed ASAN_OPTIONS: debug=1,verbosity=1,alloc_delloc_mismatch=0
02-04 01:31:33.747: I/(5144): ==5144==AddressSanitizer: libc interceptors initialized
02-04 01:31:33.754: I/(5144): || [0x18000000, 0xbfffffff] || HighMem ||
02-04 01:31:33.754: I/(5144): || [0x03000000, 0x17ffffff] || HighShadow ||
02-04 01:31:33.754: I/(5144): || [0x00040000, 0x02ffffff] || ShadowGap ||
02-04 01:31:33.755: I/(5144): MemToShadow(shadow): 0x00000000 0x00000000 0x00600000 0x02ffffff
02-04 01:31:33.756: I/(5144): redzone=16
02-04 01:31:33.757: I/(5144): max_redzone=2048
02-04 01:31:33.757: I/(5144): quarantine_size=64M
02-04 01:31:33.757: I/(5144): malloc_context_size=30
02-04 01:31:33.757: I/(5144): SHADOW_SCALE: 3
02-04 01:31:33.758: I/(5144): SHADOW_GRANULARITY: 8
02-04 01:31:33.758: I/(5144): SHADOW_OFFSET: 0
02-04 01:31:33.758: I/(5144): ==5144==Installed the sigaction for signal 11
02-04 01:31:33.766: I/(5144): ==5144==T0: stack [0xbe7fd000,0xbeffd000) size 0x800000; local=0xbeffc16c
02-04 01:31:33.767: I/(5144): ==5144==Failed to open libcorkscrew.so. You may see broken stack traces in SEGV reports.
02-04 01:31:33.768: I/(5144): ==5144==AddressSanitizer Init done
02-04 01:31:33.792: D/AndroidRuntime(5144): >>>>>> AndroidRuntime START com.android.internal.os.RuntimeInit <<<<<<
02-04 01:31:33.795: D/AndroidRuntime(5144): CheckJNI is OFF
02-04 01:31:33.843: I/(5144): ==5144==T1: stack [0xaba00000,0xabb00000) size 0x100000; local=0xabaffd6c
02-04 01:31:33.843: I/(5144): ==5144==T3: stack [0xb3a00000,0xb3b00000) size 0x100000; local=0xb3affd6c
02-04 01:31:33.844: I/(5144): ==5144==T2: stack [0xb3c00000,0xb3d00000) size 0x100000; local=0xb3cffd6c
02-04 01:31:33.846: I/(5144): ==5144==T4: stack [0xb2402000,0xb2500000) size 0xfe000; local=0xb24ffd6c
02-04 01:31:33.847: I/(5144): ==5144==T5: stack [0xb2202000,0xb2300000) size 0xfe000; local=0xb22ffd6c
02-04 01:31:33.848: I/(5144): ==5144==T6: stack [0xab7fc000,0xab900000) size 0x104000; local=0xab8ffd6c
02-04 01:31:33.849: I/(5144): ==5144==T7: stack [0xab6e2000,0xab7e6000) size 0x104000; local=0xab7e5d6c
02-04 01:31:33.850: I/(5144): ==5144==T8: stack [0xab5d6000,0xab6da000) size 0x104000; local=0xab6d9d6c
02-04 01:31:33.851: I/(5144): ==5144==T9: stack [0xab4b2000,0xab5b6000) size 0x104000; local=0xab5b5d6c
02-04 01:31:33.852: I/(5144): ==5144==T10: stack [0xab398000,0xab49c000) size 0x104000; local=0xab49bd6c
02-04 01:31:33.957: I/(5144): =================================================================
02-04 01:31:33.957: I/(5144): �[1m�[31m
02-04 01:31:33.957: I/(5144): ==5144==ERROR: AddressSanitizer: attempting free on address which was not malloc()-ed: 0xb4627038 in thread T0 (ndroid.settings)
02-04 01:31:33.957: I/(5144): �[1m�[0m
02-04 01:31:33.964: I/(5144): #0 0xb6aa7d59 (/system/lib/libasan_preload.so+0x42d59)
02-04 01:31:33.964: I/(5144): #1 0xb4e2544d (/system/lib/asan/libselinux.so+0x444d)
02-04 01:31:33.964: I/(5144): #2 0xb4e24d65 (/system/lib/asan/libselinux.so+0x3d65)
02-04 01:31:33.964: I/(5144): #3 0xb696a9b9 (/system/lib/asan/libandroid_runtime.so+0x809b9)
02-04 01:31:33.964: I/(5144): #4 0xb6947eed (/system/lib/asan/libandroid_runtime.so+0x5deed)
02-04 01:31:33.964: I/(5144): #5 0xb6948f3f (/system/lib/asan/libandroid_runtime.so+0x5ef3f)
02-04 01:31:33.964: I/(5144): #6 0xb694907b (/system/lib/asan/libandroid_runtime.so+0x5f07b)
02-04 01:31:33.964: I/(5144): #7 0xb6f346a3 (/system/bin/asan/app_process+0x26a3)
02-04 01:31:33.964: I/(5144): #8 0xb6a018ed (/system/lib/asan/libc.so+0x128ed)
02-04 01:31:33.965: I/(5144): AddressSanitizer can not describe address in more detail (wild memory access suspected).
02-04 01:31:33.965: I/(5144): SUMMARY: AddressSanitizer: bad-free ??:0 ??
02-04 01:31:33.965: I/(5144): ==5144==ABORTING
@morehouse
Copy link
Contributor

Duplicate of #692.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@daliands @morehouse