Skip to content
GitLab
Open
Issue created by Derek Bruening@derekbrueningContributor

ASSERT !bitmap_test in -satisfy_w_xor_x on an app that forks

For #5495 (closed) I'm adding a fork test to drcachesim -offline and it fails under -satisfy_w_xor_x for two reasons: first, there's an assert on an unclosed file, which I'm fixing in my #5495 (closed) PR. The other I did not have time to figure out so I'm filing here and disabling the test for -satisfy_w_xor_x. There is something wrong in the across-fork remappings wrt the vmm metadata that only shows up with a tool using more heap than plain DR:

$ rm -rf drmemtrace.*.dir; bin64/drrun -loglevel 2 -satisfy_w_xor_x -t drcachesim -offline -- suite/tests/bin/linux.fork
<log dir=/home/bruening/dr/git/build_x64_dbg_tests/bin64/../logs/linux.fork.66462.00000000>
<Starting application /home/bruening/dr/git/build_x64_dbg_tests/suite/tests/bin/linux.fork (66462)>
<Initial options ...>
<Paste into GDB...>
<curiosity: rex.w on OPSZ_6_irex10_short4!>
<spurious rep/repne prefix @0x00007f7c242ed280 (f3 0f 1e fa): >
parent is running under DynamoRIO
<-- parent 66462 forked child 66465 -->
<log dir=/home/bruening/dr/git/build_x64_dbg_tests/bin64/../logs/linux.fork.66465.00000000>
parent waiting for child
child is running under DynamoRIO
<Stopping application /home/bruening/dr/git/build_x64_dbg_tests/suite/tests/bin/linux.fork (66465)>
<Application /home/bruening/dr/git/build_x64_dbg_tests/suite/tests/bin/linux.fork (66465).  Internal Error: DynamoRIO debug check failure: /home/bruening/dr/git/src/core/heap.c:1113 bitmap_are_reserved_blocks(vmh->blocks, vmh->num_blocks, vmm_addr_to_block(vmh, p), (uint)(size / DYNAMO_OPTION(vmm_block_size)))
(Error occurred @3693 frags in tid 66465)
#0  report_dynamorio_problem (dcontext=0x0, dumpcore_flag=8, exception_addr=0x0, report_ebp=0x0, 
    fmt=0x7ffff7ec3018 "DynamoRIO debug check failure: %s:%d %s\n(Error occurred @%d frags in tid %d)") at /home/bruening/dr/git/src/core/utils.c:2114
#1  0x00007ffff7c4a7c2 in d_r_internal_error (file=0x7ffff7ec2eb8 "/home/bruening/dr/git/src/core/utils.c", line=1566, 
    expr=0x7ffff7ec4076 "!bitmap_test(b, first_block)") at /home/bruening/dr/git/src/core/utils.c:179
#2  0x00007ffff7c4e844 in bitmap_free_blocks (b=0x7fff73b4e000, bitmap_size=262144, first_block=8, num_free=23)
    at /home/bruening/dr/git/src/core/utils.c:1566
#3  0x00007ffff7ce1327 in vmm_heap_free_blocks (vmh=0x7ffd73b8e108, p=0x7fffb3b56000 "", size_in=94208, which=(VMM_SPECIAL_MMAP | VMM_REACHABLE))
    at /home/bruening/dr/git/src/core/heap.c:1472
#4  0x00007ffff7ce5cbb in heap_unreserve_for_external_mapping (p=0x7fffb3b56000 "", size=94208, which=(VMM_SPECIAL_MMAP | VMM_REACHABLE))
    at /home/bruening/dr/git/src/core/heap.c:2691
#5  0x00007ffff7e41a17 in os_unmap_file (map=0x7fffb3b56000 "", size=94208) at /home/bruening/dr/git/src/core/unix/os.c:4417
#6  0x00007ffff7ce976a in d_r_unmap_file (map=0x7fffb3b56000 "", size=94208) at /home/bruening/dr/git/src/core/heap.c:3323
#7  0x00007ffff7e741cf in privload_unmap_file (privmod=0x7ffd73bbd5c8) at /home/bruening/dr/git/src/core/unix/loader.c:406
#8  0x00007ffff7d509ad in privload_unload (privmod=0x7ffd73bbd5c8) at /home/bruening/dr/git/src/core/loader_shared.c:734
#9  0x00007ffff7d4f548 in unload_private_library (modbase=0x7fffb3b56000 "") at /home/bruening/dr/git/src/core/loader_shared.c:373
#10 0x00007ffff7e40c13 in unload_shared_library (lib=0x7fffb3b56000) at /home/bruening/dr/git/src/core/unix/os.c:4060
#11 0x00007ffff7d5a747 in instrument_exit () at /home/bruening/dr/git/src/core/lib/instrument.c:882
#12 0x00007ffff7bbedf9 in dynamo_shared_exit (toexit=0x0) at /home/bruening/dr/git/src/core/dynamo.c:1099
#13 0x00007ffff7bbf2a3 in dynamo_process_exit_cleanup () at /home/bruening/dr/git/src/core/dynamo.c:1393
#14 0x00007ffff7bbf431 in dynamo_process_exit () at /home/bruening/dr/git/src/core/dynamo.c:1448