SUPA
SUPA copied to clipboard
Published
20 hours ago •
SVF-tools
SVF-tools
dvf double free error
Hi Yulei, I was using doing pointer analysis on example.c with dvf,
// example.c
int a_global = 1;
int b_global = 2;
struct tag {
int tag_id;
char tag_ch;
};
struct tag struct_var_1_global = {1, 'c'};
void addOne(int *n) {
int temp = *n;
}
void addTwo(int *n) {
*n += 2;
}
void addStructField(struct tag *ptr) {
int id = ptr->tag_id;
ptr->tag_ch = 'd';
}
void preprocess(int *p, int* q, struct tag *tag_ptr) {
addOne(p);
addTwo(q);
addStructField(tag_ptr);
}
int main() {
int *ptr_1_local = &a_global;
int *ptr_2_local = &b_global;
struct tag *tag_ptr = &struct_var_1_global;
preprocess(ptr_1_local, ptr_2_local, tag_ptr);
struct tag struct_var_1_local = {2, 'd'};
preprocess(ptr_1_local, ptr_2_local, &struct_var_1_local);
}
but I encountered this error
/home/zhouxia/clang+llvm-9.0.0-x86_64-linux-gnu-ubuntu-16.04/bin/clang -S -Xclang -disable-O0-optnone -emit-llvm example.c -o example.bc
/home/zhouxia/SVF/Release-build/bin/dvf -dfs -query=all -maxcxt=3 -flowbg=10000 -cxtbg=10000 -print-query-pts example.bc > example.pts
*** Error in `/home/zhouxia/SVF/Release-build/bin/dvf': double free or corruption (fasttop): 0x000000000252ce70 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x777e5)[0x7f322ae527e5]
/lib/x86_64-linux-gnu/libc.so.6(+0x8037a)[0x7f322ae5b37a]
/lib/x86_64-linux-gnu/libc.so.6(cfree+0x4c)[0x7f322ae5f53c]
/home/zhouxia/SVF/Release-build/bin/dvf[0x47f3e4]
======= Memory map: ========
00400000-00cd6000 r-xp 00000000 08:01 7602281 /home/zhouxia/SVF/Release-build/bin/dvf
00cd7000-00cfb000 r--p 008d6000 08:01 7602281 /home/zhouxia/SVF/Release-build/bin/dvf
00cfb000-00cfd000 rw-p 008fa000 08:01 7602281 /home/zhouxia/SVF/Release-build/bin/dvf
00cfd000-00d0a000 rw-p 00000000 00:00 0
023ed000-02548000 rw-p 00000000 00:00 0 [heap]
7f3224000000-7f3224021000 rw-p 00000000 00:00 0
7f3224021000-7f3228000000 ---p 00000000 00:00 0
7f322a5da000-7f322addb000 rw-p 00000000 00:00 0
7f322addb000-7f322af9b000 r-xp 00000000 08:01 23204407 /lib/x86_64-linux-gnu/libc-2.23.so
7f322af9b000-7f322b19b000 ---p 001c0000 08:01 23204407 /lib/x86_64-linux-gnu/libc-2.23.so
7f322b19b000-7f322b19f000 r--p 001c0000 08:01 23204407 /lib/x86_64-linux-gnu/libc-2.23.so
7f322b19f000-7f322b1a1000 rw-p 001c4000 08:01 23204407 /lib/x86_64-linux-gnu/libc-2.23.so
7f322b1a1000-7f322b1a5000 rw-p 00000000 00:00 0
7f322b1a5000-7f322b1bb000 r-xp 00000000 08:01 23204445 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f322b1bb000-7f322b3ba000 ---p 00016000 08:01 23204445 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f322b3ba000-7f322b3bb000 rw-p 00015000 08:01 23204445 /lib/x86_64-linux-gnu/libgcc_s.so.1
7f322b3bb000-7f322b4c3000 r-xp 00000000 08:01 23204477 /lib/x86_64-linux-gnu/libm-2.23.so
7f322b4c3000-7f322b6c2000 ---p 00108000 08:01 23204477 /lib/x86_64-linux-gnu/libm-2.23.so
7f322b6c2000-7f322b6c3000 r--p 00107000 08:01 23204477 /lib/x86_64-linux-gnu/libm-2.23.so
7f322b6c3000-7f322b6c4000 rw-p 00108000 08:01 23204477 /lib/x86_64-linux-gnu/libm-2.23.so
7f322b6c4000-7f322b836000 r-xp 00000000 08:01 39192826 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21
7f322b836000-7f322ba36000 ---p 00172000 08:01 39192826 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21
7f322ba36000-7f322ba40000 r--p 00172000 08:01 39192826 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21
7f322ba40000-7f322ba42000 rw-p 0017c000 08:01 39192826 /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21
7f322ba42000-7f322ba46000 rw-p 00000000 00:00 0
7f322ba46000-7f322ba5e000 r-xp 00000000 08:01 23204553 /lib/x86_64-linux-gnu/libpthread-2.23.so
7f322ba5e000-7f322bc5d000 ---p 00018000 08:01 23204553 /lib/x86_64-linux-gnu/libpthread-2.23.so
7f322bc5d000-7f322bc5e000 r--p 00017000 08:01 23204553 /lib/x86_64-linux-gnu/libpthread-2.23.so
7f322bc5e000-7f322bc5f000 rw-p 00018000 08:01 23204553 /lib/x86_64-linux-gnu/libpthread-2.23.so
7f322bc5f000-7f322bc63000 rw-p 00000000 00:00 0
7f322bc63000-7f322bc88000 r-xp 00000000 08:01 23204579 /lib/x86_64-linux-gnu/libtinfo.so.5.9
7f322bc88000-7f322be87000 ---p 00025000 08:01 23204579 /lib/x86_64-linux-gnu/libtinfo.so.5.9
7f322be87000-7f322be8b000 r--p 00024000 08:01 23204579 /lib/x86_64-linux-gnu/libtinfo.so.5.9
7f322be8b000-7f322be8c000 rw-p 00028000 08:01 23204579 /lib/x86_64-linux-gnu/libtinfo.so.5.9
7f322be8c000-7f322bea5000 r-xp 00000000 08:01 23204402 /lib/x86_64-linux-gnu/libz.so.1.2.8
7f322bea5000-7f322c0a4000 ---p 00019000 08:01 23204402 /lib/x86_64-linux-gnu/libz.so.1.2.8
7f322c0a4000-7f322c0a5000 r--p 00018000 08:01 23204402 /lib/x86_64-linux-gnu/libz.so.1.2.8
7f322c0a5000-7f322c0a6000 rw-p 00019000 08:01 23204402 /lib/x86_64-linux-gnu/libz.so.1.2.8
7f322c0a6000-7f322c0cc000 r-xp 00000000 08:01 23204379 /lib/x86_64-linux-gnu/ld-2.23.so
7f322c11e000-7f322c2a8000 rw-p 00000000 00:00 0
7f322c2ca000-7f322c2cb000 rw-p 00000000 00:00 0
7f322c2cb000-7f322c2cc000 r--p 00025000 08:01 23204379 /lib/x86_64-linux-gnu/ld-2.23.so
7f322c2cc000-7f322c2cd000 rw-p 00026000 08:01 23204379 /lib/x86_64-linux-gnu/ld-2.23.so
7f322c2cd000-7f322c2ce000 rw-p 00000000 00:00 0
7ffdab71d000-7ffdab73e000 rw-p 00000000 00:00 0 [stack]
7ffdab762000-7ffdab765000 r--p 00000000 00:00 0 [vvar]
7ffdab765000-7ffdab767000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted (core dumped)
Makefile:17: recipe for target 'example.pts' failed
make: *** [example.pts] Error 134
It seems like that there is an double free error with dvf but I don't know fix it. Have you ever meet this error before? Can you give me any advice on this error? Thanks very much!
Your example works on my machine. There is no crash.
SUPA has been integrated into SVF. You may wish to build SVF and analyze your example following https://github.com/SVF-tools/SUPA#supa-value-flow-based-demand-driven-pointer-analysis
