[Toybox] ASan freaks out when using tsort in multicall binaries

Oliver Webb aquahobbyist at proton.me
Thu Oct 5 20:50:05 PDT 2023 


I ran "VERBOSE=allnopass make tests" to see exactly what was still broken.
(du has some symlink issues, tar has a long filename issue,
sed fails the performance test even though it can process a megabyte of data in less then 20s, 
and the test passes on "make test_sed", 
mkpasswd segfaults due to a null pointer sometimes, etc)

To my surprise, Every test from tsort failed, along with some messages from
a "AddressSanitizer". Compiling a multicall binary and running tsort (sometimes) 
shows this message on boot:

=================================================================
==125707==ERROR: AddressSanitizer: requested allocation size 0x7f88f8ee9af0 (0x7f88f8eeaaf0 after adjustments for alignment, red zones etc.) exceeds maximum supported size of 0x10000000000 (thread T0)
    #0 0x7f88f8562887 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
    #1 0x559ec3684daf in xmalloc lib/xwrap.c:71
    #2 0x559ec368458f in readfd lib/lib.c:585
    #3 0x559ec3686303 in do_tsort toys/posix/tsort.c:65
    #4 0x559ec36846a7 in loopfiles_rw lib/lib.c:735
    #5 0x559ec36847a8 in loopfiles lib/lib.c:753
    #6 0x559ec3686b14 in tsort_main toys/posix/tsort.c:136
    #7 0x559ec3685d36 in toy_exec_which /home/oliver/proj/toybox/ascii-dev-1/main.c:229
    #8 0x559ec3685f97 in toybox_main /home/oliver/proj/toybox/ascii-dev-1/main.c:255
    #9 0x559ec3685d36 in toy_exec_which /home/oliver/proj/toybox/ascii-dev-1/main.c:229
    #10 0x559ec3685f97 in toybox_main /home/oliver/proj/toybox/ascii-dev-1/main.c:255
    #11 0x559ec3680c5e in main /home/oliver/proj/toybox/ascii-dev-1/main.c:302
    #12 0x7f88f82afd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

==125707==HINT: if you don't care about these errors you may set allocator_may_return_null=1
SUMMARY: AddressSanitizer: allocation-size-too-big ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145 in __interceptor_malloc
==125707==ABORTING

(I tested this on a clean repo too making sure my changes didn't break anything, same message)

"make test_tsort" runs cleanly so I dunno what's going on here
or why ASAN is freaking out _only_ on multicall binaries.
In my quest to gather more info so either I can fix it or I can pass it off to somebody that can 
I discovered this is the worst type of bug, One which you can't trigger consistently...
Sometimes tsort boots let's me pass input to it, and will act as you would expect. 
And about half the time it gives that message.

- Oliver Webb <aquahobbyist at proton.me>

More information about the Toybox mailing list