mold Address Sanitizer build/link program crashes on macOS

Build on macOS 12.6, with XCode's clang++ and latest stable release of mold. test.cpp is a C++ hello world.

>  clang++ -fuse-ld=mold -fsanitize=address -o test test.cpp                                                                                                                                                                          145ms  Fri 30 Sep 14:30:53 2022
>  ./test                                                                                                                                                                                                                                1063ms  Fri 30 Sep 14:30:59 2022
fish: Job 1, './test' terminated by signal SIGSEGV (Address boundary error)
>  lldb ./test                                                                                                                                                                                                                        130ms  Fri 30 Sep 14:31:01 2022
(lldb) target create "./test"
Current executable set to '/Users/tobi/Developer/mold_test/test' (x86_64).
(lldb) r
Process 64468 launched: '/Users/tobi/Developer/mold_test/test' (x86_64)
Process 64468 stopped
* thread #1, stop reason = EXC_BAD_ACCESS (code=1, address=0x1909099d4)
    frame #0: 0x0000000100550a30 libclang_rt.asan_osx_dynamic.dylib`__sanitizer::MemoryMappingLayout::Next(__sanitizer::MemoryMappedSegment*) + 176
libclang_rt.asan_osx_dynamic.dylib`__sanitizer::MemoryMappingLayout::Next:
->  0x100550a30 <+176>: movl   0x4(%r14), %ecx
    0x100550a34 <+180>: addq   %r14, %rcx
    0x100550a37 <+183>: cmpl   $0x19, (%r14)
    0x100550a3b <+187>: je     0x100550b86               ; <+518>
(lldb) bt
* thread #1, stop reason = EXC_BAD_ACCESS (code=1, address=0x1909099d4)
  * frame #0: 0x0000000100550a30 libclang_rt.asan_osx_dynamic.dylib`__sanitizer::MemoryMappingLayout::Next(__sanitizer::MemoryMappedSegment*) + 176
    frame #1: 0x000000010054eecb libclang_rt.asan_osx_dynamic.dylib`__sanitizer::MemoryRangeIsAvailable(unsigned long, unsigned long) + 155
    frame #2: 0x000000010053c497 libclang_rt.asan_osx_dynamic.dylib`__asan::InitializeShadowMemory() + 71
    frame #3: 0x000000010053bbb6 libclang_rt.asan_osx_dynamic.dylib`__asan::AsanInitInternal() + 278
    frame #4: 0x0000000100530eac libclang_rt.asan_osx_dynamic.dylib`wrap_malloc_default_zone + 76
    frame #5: 0x00007ff80c865e45 libsystem_malloc.dylib`__malloc_init + 1221
    frame #6: 0x00007ff817837857 libSystem.B.dylib`libSystem_initializer + 176
    frame #7: 0x0000000100024e4f dyld`invocation function for block in dyld4::Loader::findAndRunAllInitializers(dyld4::RuntimeState&) const + 182
    frame #8: 0x000000010004baad dyld`invocation function for block in dyld3::MachOAnalyzer::forEachInitializer(Diagnostics&, dyld3::MachOAnalyzer::VMAddrConverter const&, void (unsigned int) block_pointer, void const*) const + 242
    frame #9: 0x0000000100042e26 dyld`invocation function for block in dyld3::MachOFile::forEachSection(void (dyld3::MachOFile::SectionInfo const&, bool, bool&) block_pointer) const + 557
    frame #10: 0x0000000100011db3 dyld`dyld3::MachOFile::forEachLoadCommand(Diagnostics&, void (load_command const*, bool&) block_pointer) const + 129
    frame #11: 0x0000000100042bb7 dyld`dyld3::MachOFile::forEachSection(void (dyld3::MachOFile::SectionInfo const&, bool, bool&) block_pointer) const + 179
    frame #12: 0x000000010004b604 dyld`dyld3::MachOAnalyzer::forEachInitializer(Diagnostics&, dyld3::MachOAnalyzer::VMAddrConverter const&, void (unsigned int) block_pointer, void const*) const + 466
    frame #13: 0x0000000100024d82 dyld`dyld4::Loader::findAndRunAllInitializers(dyld4::RuntimeState&) const + 144
    frame #14: 0x000000010002b65a dyld`dyld4::PrebuiltLoader::runInitializers(dyld4::RuntimeState&) const + 30
    frame #15: 0x000000010003876e dyld`dyld4::APIs::runAllInitializersForMain() + 38
    frame #16: 0x000000010001638d dyld`dyld4::prepare(dyld4::APIs&, dyld3::MachOAnalyzer const*) + 3443
    frame #17: 0x00000001000154e4 dyld`start + 388
(lldb) exit
Quitting LLDB will kill one or more processes. Do you really want to proceed: [Y/n] y

Sep 30 '22 12:09 tfar

I think I'm encountering a similar error here. However, this is with valgrind on Ubuntu.

See here for the full log.

Nov 02 '22 00:11 marcluque

@marcluque I think your issue is better tracked separately. I've created #847, so please follow that one.

Nov 02 '22 02:11 ishitatsuyuki

I have the same issue as OP, with clang (not apple-clang) 14.0.4, macOS 12.6, x86_64, ASAN & UBSAN enabled:

Current executable set to '/.../test' (x86_64).
(lldb) run
Process 13948 launched: '/.../test' (x86_64)
Process 13948 stopped
* thread #1, stop reason = EXC_BAD_ACCESS (code=1, address=0x190909af4)
    frame #0: 0x00000001009b3b68 libclang_rt.asan_osx_dynamic.dylib`__sanitizer::MemoryMappingLayout::Next(__sanitizer::MemoryMappedSegment*) + 408
libclang_rt.asan_osx_dynamic.dylib`__sanitizer::MemoryMappingLayout::Next:
->  0x1009b3b68 <+408>: movl   0x4(%r14), %ecx
    0x1009b3b6c <+412>: addq   %r14, %rcx
    0x1009b3b6f <+415>: movq   %rcx, 0x40(%r13)
    0x1009b3b73 <+419>: cmpl   $0x19, (%r14)
Target 0: (test) stopped.
(lldb) bt
* thread #1, stop reason = EXC_BAD_ACCESS (code=1, address=0x190909af4)
  * frame #0: 0x00000001009b3b68 libclang_rt.asan_osx_dynamic.dylib`__sanitizer::MemoryMappingLayout::Next(__sanitizer::MemoryMappedSegment*) + 408
    frame #1: 0x00000001009b212b libclang_rt.asan_osx_dynamic.dylib`__sanitizer::MemoryRangeIsAvailable(unsigned long, unsigned long) + 139
    frame #2: 0x000000010099ec47 libclang_rt.asan_osx_dynamic.dylib`__asan::InitializeShadowMemory() + 71
    frame #3: 0x000000010099e33b libclang_rt.asan_osx_dynamic.dylib`__asan::AsanInitInternal() + 267
    frame #4: 0x000000010099401c libclang_rt.asan_osx_dynamic.dylib`wrap_malloc_default_zone + 76
    frame #5: 0x00007ff805c73e45 libsystem_malloc.dylib`__malloc_init + 1221
    frame #6: 0x00007ff810c45857 libSystem.B.dylib`libSystem_initializer + 176
    frame #7: 0x00000001005a0e4f dyld`invocation function for block in dyld4::Loader::findAndRunAllInitializers(dyld4::RuntimeState&) const + 182
    frame #8: 0x00000001005c7aad dyld`invocation function for block in dyld3::MachOAnalyzer::forEachInitializer(Diagnostics&, dyld3::MachOAnalyzer::VMAddrConverter const&, void (unsigned int) block_pointer, void const*) const + 242
    frame #9: 0x00000001005bee26 dyld`invocation function for block in dyld3::MachOFile::forEachSection(void (dyld3::MachOFile::SectionInfo const&, bool, bool&) block_pointer) const + 557
    frame #10: 0x000000010058ddb3 dyld`dyld3::MachOFile::forEachLoadCommand(Diagnostics&, void (load_command const*, bool&) block_pointer) const + 129
    frame #11: 0x00000001005bebb7 dyld`dyld3::MachOFile::forEachSection(void (dyld3::MachOFile::SectionInfo const&, bool, bool&) block_pointer) const + 179
    frame #12: 0x00000001005c7604 dyld`dyld3::MachOAnalyzer::forEachInitializer(Diagnostics&, dyld3::MachOAnalyzer::VMAddrConverter const&, void (unsigned int) block_pointer, void const*) const + 466
    frame #13: 0x00000001005a0d82 dyld`dyld4::Loader::findAndRunAllInitializers(dyld4::RuntimeState&) const + 144
    frame #14: 0x00000001005a765a dyld`dyld4::PrebuiltLoader::runInitializers(dyld4::RuntimeState&) const + 30
    frame #15: 0x00000001005b476e dyld`dyld4::APIs::runAllInitializersForMain() + 38
    frame #16: 0x000000010059238d dyld`dyld4::prepare(dyld4::APIs&, dyld3::MachOAnalyzer const*) + 3443
    frame #17: 0x00000001005914e4 dyld`start + 388

Nov 09 '22 10:11 torfinnberset

mold mold copied to clipboard

Address Sanitizer build/link program crashes on macOS

mold
mold copied to clipboard