public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug sanitizer/100439] New: stack overflow running ubsan
@ 2021-05-05 19:17 florin.iucha at amd dot com
2021-05-06 6:32 ` [Bug sanitizer/100439] " rguenth at gcc dot gnu.org
` (13 more replies)
0 siblings, 14 replies; 15+ messages in thread
From: florin.iucha at amd dot com @ 2021-05-05 19:17 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439
Bug ID: 100439
Summary: stack overflow running ubsan
Product: gcc
Version: 11.1.1
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: florin.iucha at amd dot com
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org
Target Milestone: ---
Running 204213fdf23d8228084ded03e1ca9f8acd91d39a (GCC 11-20210501)
Building a test app with -fsanitize=undefined, then putting a breakpoint on
__dynamic_cast:
Breakpoint 1, 0x00007ffff7ea12fd in __dynamic_cast () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
(gdb) bt
#0 0x00007ffff7ea12fd in __dynamic_cast () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#1 0x00007ffff7363e36 in ?? () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
#2 0x00007ffff7362e7a in ?? () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
#3 0x00007ffff73633b2 in __ubsan_handle_dynamic_type_cache_miss () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
#4 0x000000000041882c in std::type_info::operator== (this=0x6009b8 <typeinfo
for std::ctype<char>@GLIBCXX_3.4>, __arg=...)
at
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/include/c++/11.1.1/typeinfo:122
#5 0x00007ffff7ea3882 in __cxxabiv1::__vmi_class_type_info::__do_dyncast(long,
__cxxabiv1::__class_type_info::__sub_kind, __cxxabiv1::__class_type_info
const*, void const*, __cxxabiv1::__class_type_info const*, void const*,
__cxxabiv1::__class_type_info::__dyncast_result&) const ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#6 0x00007ffff7ea1379 in __dynamic_cast () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#7 0x00007ffff7ee76ff in bool std::has_facet<std::ctype<char> >(std::locale
const&) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#8 0x00007ffff7ede977 in std::basic_ios<char, std::char_traits<char>
>::_M_cache_locale(std::locale const&) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#9 0x00007ffff7edec01 in std::basic_ios<char, std::char_traits<char>
>::init(std::basic_streambuf<char, std::char_traits<char> >*) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#10 0x00007ffff7eeec6d in std::basic_ostream<char, std::char_traits<char>
>::basic_ostream(std::basic_streambuf<char, std::char_traits<char> >*) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#11 0x00007ffff7eab35b in std::ios_base::Init::Init() () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#12 0x0000000000416e8f in __static_initialization_and_destruction_0
(__initialize_p=1, __priority=65535)
at
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/include/c++/11.1.1/iostream:74
Continuing...
#0 0x00007ffff7ea12fd in __dynamic_cast () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#1 0x00007ffff7363e36 in ?? () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
#2 0x00007ffff7362e7a in ?? () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
#3 0x00007ffff73633b2 in __ubsan_handle_dynamic_type_cache_miss () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
#4 0x000000000041882c in std::type_info::operator== (this=0x7ffff7f8f068
<typeinfo for __cxxabiv1::__si_class_type_info>, __arg=...)
at
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/include/c++/11.1.1/typeinfo:122
#5 0x00007ffff7ea3007 in __cxxabiv1::__si_class_type_info::__do_dyncast(long,
__cxxabiv1::__class_type_info::__sub_kind, __cxxabiv1::__class_type_info
const*, void const*, __cxxabiv1::__class_type_info const*, void const*,
__cxxabiv1::__class_type_info::__dyncast_result&) const ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#6 0x00007ffff7ea1379 in __dynamic_cast () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#7 0x00007ffff7363e36 in ?? () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
#8 0x00007ffff7362e7a in ?? () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
#9 0x00007ffff73633b2 in __ubsan_handle_dynamic_type_cache_miss () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
#10 0x000000000041882c in std::type_info::operator== (this=0x6009b8 <typeinfo
for std::ctype<char>@GLIBCXX_3.4>, __arg=...)
at
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/include/c++/11.1.1/typeinfo:122
#11 0x00007ffff7ea3882 in __cxxabiv1::__vmi_class_type_info::__do_dyncast(long,
__cxxabiv1::__class_type_info::__sub_kind, __cxxabiv1::__class_type_info
const*, void const*, __cxxabiv1::__class_type_info const*, void const*,
__cxxabiv1::__class_type_info::__dyncast_result&) const ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#12 0x00007ffff7ea1379 in __dynamic_cast () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#13 0x00007ffff7ee76ff in bool std::has_facet<std::ctype<char> >(std::locale
const&) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#14 0x00007ffff7ede977 in std::basic_ios<char, std::char_traits<char>
>::_M_cache_locale(std::locale const&) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#15 0x00007ffff7edec01 in std::basic_ios<char, std::char_traits<char>
>::init(std::basic_streambuf<char, std::char_traits<char> >*) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#16 0x00007ffff7eeec6d in std::basic_ostream<char, std::char_traits<char>
>::basic_ostream(std::basic_streambuf<char, std::char_traits<char> >*) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#17 0x00007ffff7eab35b in std::ios_base::Init::Init() () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#18 0x0000000000416e8f in __static_initialization_and_destruction_0
(__initialize_p=1, __priority=65535)
If I let it running, the program runs out of stack.
GCC/Binutils/Glibc are built using Crosstool-NG.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug sanitizer/100439] stack overflow running ubsan
2021-05-05 19:17 [Bug sanitizer/100439] New: stack overflow running ubsan florin.iucha at amd dot com
@ 2021-05-06 6:32 ` rguenth at gcc dot gnu.org
2021-05-06 11:59 ` florin.iucha at amd dot com
` (12 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: rguenth at gcc dot gnu.org @ 2021-05-06 6:32 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439
Richard Biener <rguenth at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Ever confirmed|0 |1
Status|UNCONFIRMED |WAITING
Last reconfirmed| |2021-05-06
--- Comment #1 from Richard Biener <rguenth at gcc dot gnu.org> ---
What target is this for? Can you share the test program?
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug sanitizer/100439] stack overflow running ubsan
2021-05-05 19:17 [Bug sanitizer/100439] New: stack overflow running ubsan florin.iucha at amd dot com
2021-05-06 6:32 ` [Bug sanitizer/100439] " rguenth at gcc dot gnu.org
@ 2021-05-06 11:59 ` florin.iucha at amd dot com
2021-05-06 14:30 ` florin.iucha at amd dot com
` (11 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: florin.iucha at amd dot com @ 2021-05-06 11:59 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439
--- Comment #2 from Florin Iucha <florin.iucha at amd dot com> ---
This is for regular x86-64; we're using a cross-compiler sysroot to avoid
dependency on system libraries and be able to run the binary on different Linux
distributions.
I can't reproduce the problem on a "hello, world" C++ program, but I was able
to reproduce it on a minimal Google test:
--8< --8< --8< --8< --8< --8< --8< --8< --8< --8< --8< --8<
#include <gtest/gtest.h>
#include <string>
TEST(Hello, World)
{
ASSERT_EQ(43, std::stoi("42"));
}
--8< --8< --8< --8< --8< --8< --8< --8< --8< --8< --8< --8<
Built using:
/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20
-fsanitize=undefined -fno-omit-frame-pointer -o hello.o -c hello.cpp
/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -o hello -Wl,-rpath
-Wl,/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib
-Wl,-dynamic-linker
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/ld-linux-x86-64.so.2
-fsanitize=undefined hello.o
/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20
-fsanitize=undefined -fno-omit-frame-pointer -o test_hello.o
-I/home/fiucha/.conan/data/gtest/20201109/amd/tng/package/150f650d359c1c443c3bb8ac2ffee0bdec61d239/include
-c test_hello.cpp
/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -o test_hello
-Wl,-rpath -Wl,/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib
-Wl,-dynamic-linker
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/ld-linux-x86-64.so.2
-fsanitize=undefined test_hello.o
/home/fiucha/.conan/data/gtest/20201109/amd/tng/package/150f650d359c1c443c3bb8ac2ffee0bdec61d239/lib/libgmock_maind.a
/home/fiucha/.conan/data/gtest/20201109/amd/tng/package/150f650d359c1c443c3bb8ac2ffee0bdec61d239/lib/libgmockd.a
/home/fiucha/.conan/data/gtest/20201109/amd/tng/package/150f650d359c1c443c3bb8ac2ffee0bdec61d239/lib/libgtestd.a
-lpthread
./test_hello
zsh: segmentation fault (core dumped) ./test_hello
Running under gdb:
(gdb) b __dynamic_cast
Breakpoint 1 at 0x40a620
(gdb) run
Breakpoint 1, 0x00007ffff7ea92fd in __dynamic_cast () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
(gdb) bt
#0 0x00007ffff7ea92fd in __dynamic_cast () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#1 0x00007ffff7eef6ff in bool std::has_facet<std::ctype<char> >(std::locale
const&) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#2 0x00007ffff7ee6977 in std::basic_ios<char, std::char_traits<char>
>::_M_cache_locale(std::locale const&) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#3 0x00007ffff7ee6c01 in std::basic_ios<char, std::char_traits<char>
>::init(std::basic_streambuf<char, std::char_traits<char> >*) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#4 0x00007ffff7ef6c6d in std::basic_ostream<char, std::char_traits<char>
>::basic_ostream(std::basic_streambuf<char, std::char_traits<char> >*) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#5 0x00007ffff7eb335b in std::ios_base::Init::Init() () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#6 0x000000000040af7b in __static_initialization_and_destruction_0
(__initialize_p=1, __priority=65535)
at
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/include/c++/11.1.1/iostream:74
#7 0x000000000040b1d3 in _GLOBAL__sub_I__ZN16Hello_World_Test10test_info_E ()
at test_hello.cpp:8
#8 0x000000000053c5f5 in __libc_csu_init (argc=argc@entry=1,
argv=argv@entry=0x7fffffffe8b8, envp=0x7fffffffe8c8) at elf-init.c:89
#9 0x00007ffff71aa76d in __libc_start_main (main=0x40f8b9 <main(int, char**)>,
argc=1, argv=0x7fffffffe8b8, init=0x53c5b0 <__libc_csu_init>,
fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe8a8)
at ../csu/libc-start.c:279
#10 0x000000000040ac4a in _start () at ../sysdeps/x86_64/start.S:120
(gdb) ignore 1 9999999
Will ignore next 9999999 crossings of breakpoint 1.
(gdb) c
Continuing.
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff736ae75 in ?? () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
(gdb) info breakpoints
Num Type Disp Enb Address What
1 breakpoint keep y 0x00007ffff7ea92fd <__dynamic_cast>
breakpoint already hit 7488 times
ignore next 9992512 hits
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug sanitizer/100439] stack overflow running ubsan
2021-05-05 19:17 [Bug sanitizer/100439] New: stack overflow running ubsan florin.iucha at amd dot com
2021-05-06 6:32 ` [Bug sanitizer/100439] " rguenth at gcc dot gnu.org
2021-05-06 11:59 ` florin.iucha at amd dot com
@ 2021-05-06 14:30 ` florin.iucha at amd dot com
2021-05-12 10:10 ` marxin at gcc dot gnu.org
` (10 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: florin.iucha at amd dot com @ 2021-05-06 14:30 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439
--- Comment #3 from Florin Iucha <florin.iucha at amd dot com> ---
Tried it with current HEAD of https://github.com/google/googletest
(f5e592d8ee5ffb1d9af5be7f715ce3576b8bf9c4), with the cmake patched to add
"-fsanitize=undefined -fno-omit-frame-pointer -std=c++2a" and the behavior is
reproducible there.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug sanitizer/100439] stack overflow running ubsan
2021-05-05 19:17 [Bug sanitizer/100439] New: stack overflow running ubsan florin.iucha at amd dot com
` (2 preceding siblings ...)
2021-05-06 14:30 ` florin.iucha at amd dot com
@ 2021-05-12 10:10 ` marxin at gcc dot gnu.org
2021-05-13 12:34 ` florin.iucha at amd dot com
` (9 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: marxin at gcc dot gnu.org @ 2021-05-12 10:10 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439
--- Comment #4 from Martin Liška <marxin at gcc dot gnu.org> ---
The test-case links to some static libraries:
lib/libgmock_maind.a
please provide full steps how to reproduce that?
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug sanitizer/100439] stack overflow running ubsan
2021-05-05 19:17 [Bug sanitizer/100439] New: stack overflow running ubsan florin.iucha at amd dot com
` (3 preceding siblings ...)
2021-05-12 10:10 ` marxin at gcc dot gnu.org
@ 2021-05-13 12:34 ` florin.iucha at amd dot com
2021-05-13 15:29 ` florin.iucha at amd dot com
` (8 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: florin.iucha at amd dot com @ 2021-05-13 12:34 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439
--- Comment #5 from Florin Iucha <florin.iucha at amd dot com> ---
It is a "CMake object library" - not a static library.
I will prepare a more self-contained test case shortly.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug sanitizer/100439] stack overflow running ubsan
2021-05-05 19:17 [Bug sanitizer/100439] New: stack overflow running ubsan florin.iucha at amd dot com
` (4 preceding siblings ...)
2021-05-13 12:34 ` florin.iucha at amd dot com
@ 2021-05-13 15:29 ` florin.iucha at amd dot com
2021-05-13 15:31 ` florin.iucha at amd dot com
` (7 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: florin.iucha at amd dot com @ 2021-05-13 15:29 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439
--- Comment #6 from Florin Iucha <florin.iucha at amd dot com> ---
With the test file above, and this Makefile:
--8< --8< --8< --8< --8< --8< --8< --8< --8< --8< --8< --8<
ALL: bin/test_hello
.PHONY: clean
CXX=/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++
CXXFLAGS=-m64 -g -std=c++20 -fsanitize=undefined -fno-omit-frame-pointer
LDFLAGS=-Wl,-rpath
-Wl,/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib
-Wl,-dynamic-linker
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/ld-linux-x86-64.so.2
-fsanitize=undefined
GOOGLE_TEST_PATH=googletest/googletest
GOOGLE_TEST_OBJECTS=obj/gtest.o obj/gtest_main.o obj/gtest-port.o
obj/gtest-filepath.o obj/gtest-death-test.o obj/gtest-test-part.o
obj/gtest-printers.o
obj/test_hello.o: test_hello.cpp
$(CXX) $(CXXFLAGS) -o $@ -I$(GOOGLE_TEST_PATH)/include -c $<
obj/gtest.o: $(GOOGLE_TEST_PATH)/src/gtest.cc
$(CXX) $(CXXFLAGS) -o $@ -I$(GOOGLE_TEST_PATH)/include
-I$(GOOGLE_TEST_PATH) -c $<
obj/gtest%.o: $(GOOGLE_TEST_PATH)/src/gtest%.cc
$(CXX) $(CXXFLAGS) -o $@ -I$(GOOGLE_TEST_PATH)/include
-I$(GOOGLE_TEST_PATH) -c $<
bin/test_hello: obj/test_hello.o $(GOOGLE_TEST_OBJECTS)
$(CXX) -o $@ $(LDFLAGS) $^ -lpthread
clean:
$(RM) bin/test_hello obj/*.o
--8< --8< --8< --8< --8< --8< --8< --8< --8< --8< --8< --8<
Cloning google test:
$ git clone https://github.com/google/googletest
(The HEAD now is at f5e592d8ee5ffb1d9af5be7f715ce3576b8bf9c4)
Building:
$ make
/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20
-fsanitize=undefined -fno-omit-frame-pointer -o obj/test_hello.o
-Igoogletest/googletest/include -c test_hello.cpp
/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20
-fsanitize=undefined -fno-omit-frame-pointer -o obj/gtest.o
-Igoogletest/googletest/include -Igoogletest/googletest -c
googletest/googletest/src/gtest.cc
/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20
-fsanitize=undefined -fno-omit-frame-pointer -o obj/gtest_main.o
-Igoogletest/googletest/include -Igoogletest/googletest -c
googletest/googletest/src/gtest_main.cc
/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20
-fsanitize=undefined -fno-omit-frame-pointer -o obj/gtest-port.o
-Igoogletest/googletest/include -Igoogletest/googletest -c
googletest/googletest/src/gtest-port.cc
/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20
-fsanitize=undefined -fno-omit-frame-pointer -o obj/gtest-filepath.o
-Igoogletest/googletest/include -Igoogletest/googletest -c
googletest/googletest/src/gtest-filepath.cc
/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20
-fsanitize=undefined -fno-omit-frame-pointer -o obj/gtest-death-test.o
-Igoogletest/googletest/include -Igoogletest/googletest -c
googletest/googletest/src/gtest-death-test.cc
/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20
-fsanitize=undefined -fno-omit-frame-pointer -o obj/gtest-test-part.o
-Igoogletest/googletest/include -Igoogletest/googletest -c
googletest/googletest/src/gtest-test-part.cc
/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -m64 -g -std=c++20
-fsanitize=undefined -fno-omit-frame-pointer -o obj/gtest-printers.o
-Igoogletest/googletest/include -Igoogletest/googletest -c
googletest/googletest/src/gtest-printers.cc
/opt/tng-gcc11-glibc-linux5.4/bin/x86_64-tng-linux-gnu-g++ -o bin/test_hello
-Wl,-rpath -Wl,/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib
-Wl,-dynamic-linker
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/ld-linux-x86-64.so.2
-fsanitize=undefined obj/test_hello.o obj/gtest.o obj/gtest_main.o
obj/gtest-port.o obj/gtest-filepath.o obj/gtest-death-test.o
obj/gtest-test-part.o obj/gtest-printers.o -lpthread
Running:
$ ./bin/test_hello
zsh: segmentation fault (core dumped) ./bin/test_hello
Debugging:
(gdb) b __dynamic_cast
Breakpoint 1 at 0x4095c0
(gdb) ignore 1 3
Will ignore next 3 crossings of breakpoint 1.
(gdb) run
...
Breakpoint 1, 0x00007ffff7ea92fd in __dynamic_cast () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
(gdb) bt
#0 0x00007ffff7ea92fd in __dynamic_cast () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#1 0x00007ffff736be36 in ?? () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
#2 0x00007ffff736ae7a in ?? () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
#3 0x00007ffff736b3b2 in __ubsan_handle_dynamic_type_cache_miss () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
#4 0x000000000045fdaa in std::type_info::operator== (this=0x7ffff7f97068
<typeinfo for __cxxabiv1::__si_class_type_info>, __arg=...)
at
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/include/c++/11.1.1/typeinfo:122
#5 0x00007ffff7eab007 in __cxxabiv1::__si_class_type_info::__do_dyncast(long,
__cxxabiv1::__class_type_info::__sub_kind, __cxxabiv1::__class_type_info
const*, void const*, __cxxabiv1::__class_type_info const*, void const*,
__cxxabiv1::__class_type_info::__dyncast_result&) const ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#6 0x00007ffff7ea9379 in __dynamic_cast () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#7 0x00007ffff736be36 in ?? () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
#8 0x00007ffff736ae7a in ?? () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
#9 0x00007ffff736b3b2 in __ubsan_handle_dynamic_type_cache_miss () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
#10 0x000000000045fdaa in std::type_info::operator== (this=0x7ffff7f97068
<typeinfo for __cxxabiv1::__si_class_type_info>, __arg=...)
at
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/include/c++/11.1.1/typeinfo:122
#11 0x00007ffff7eab007 in __cxxabiv1::__si_class_type_info::__do_dyncast(long,
__cxxabiv1::__class_type_info::__sub_kind, __cxxabiv1::__class_type_info
const*, void const*, __cxxabiv1::__class_type_info const*, void const*,
__cxxabiv1::__class_type_info::__dyncast_result&) const ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#12 0x00007ffff7ea9379 in __dynamic_cast () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#13 0x00007ffff736be36 in ?? () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
#14 0x00007ffff736ae7a in ?? () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
#15 0x00007ffff736b3b2 in __ubsan_handle_dynamic_type_cache_miss () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libubsan.so.1
#16 0x000000000045fdaa in std::type_info::operator== (this=0x7ffff7f985a8
<typeinfo for std::ctype<char>>, __arg=...)
at
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/include/c++/11.1.1/typeinfo:122
#17 0x00007ffff7eab882 in __cxxabiv1::__vmi_class_type_info::__do_dyncast(long,
__cxxabiv1::__class_type_info::__sub_kind, __cxxabiv1::__class_type_info
const*, void const*, __cxxabiv1::__class_type_info const*, void const*,
__cxxabiv1::__class_type_info::__dyncast_result&) const ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#18 0x00007ffff7ea9379 in __dynamic_cast () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#19 0x00007ffff7eef6ff in bool std::has_facet<std::ctype<char> >(std::locale
const&) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#20 0x00007ffff7ee6977 in std::basic_ios<char, std::char_traits<char>
>::_M_cache_locale(std::locale const&) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#21 0x00007ffff7ee6c01 in std::basic_ios<char, std::char_traits<char>
>::init(std::basic_streambuf<char, std::char_traits<char> >*) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#22 0x00007ffff7ef6c6d in std::basic_ostream<char, std::char_traits<char>
>::basic_ostream(std::basic_streambuf<char, std::char_traits<char> >*) ()
from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#23 0x00007ffff7eb335b in std::ios_base::Init::Init() () from
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/sysroot/lib/libstdc++.so.6
#24 0x0000000000409ebb in __static_initialization_and_destruction_0
(__initialize_p=1, __priority=65535)
at
/opt/tng-gcc11-glibc-linux5.4/x86_64-tng-linux-gnu/include/c++/11.1.1/iostream:74
#25 0x000000000040a113 in _GLOBAL__sub_I__ZN16Hello_World_Test10test_info_E ()
at test_hello.cpp:8
#26 0x00000000004e0e95 in __libc_csu_init (argc=argc@entry=1,
argv=argv@entry=0x7fffffffe858, envp=0x7fffffffe868) at elf-init.c:89
#27 0x00007ffff71aa76d in __libc_start_main (main=0x4be23b <main(int, char**)>,
argc=1, argv=0x7fffffffe858, init=0x4e0e50 <__libc_csu_init>,
fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe848)
at ../csu/libc-start.c:279
#28 0x0000000000409b8a in _start () at ../sysdeps/x86_64/start.S:120
Note this happens when GCC and GLIBC are built with crosstool-ng
(https://crosstool-ng.github.io/); I will attach the configuration file used to
generate the toolchain.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug sanitizer/100439] stack overflow running ubsan
2021-05-05 19:17 [Bug sanitizer/100439] New: stack overflow running ubsan florin.iucha at amd dot com
` (5 preceding siblings ...)
2021-05-13 15:29 ` florin.iucha at amd dot com
@ 2021-05-13 15:31 ` florin.iucha at amd dot com
2021-05-14 10:55 ` marxin at gcc dot gnu.org
` (6 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: florin.iucha at amd dot com @ 2021-05-13 15:31 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439
--- Comment #7 from Florin Iucha <florin.iucha at amd dot com> ---
Created attachment 50809
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=50809&action=edit
crosstool-ng configuration file
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug sanitizer/100439] stack overflow running ubsan
2021-05-05 19:17 [Bug sanitizer/100439] New: stack overflow running ubsan florin.iucha at amd dot com
` (6 preceding siblings ...)
2021-05-13 15:31 ` florin.iucha at amd dot com
@ 2021-05-14 10:55 ` marxin at gcc dot gnu.org
2021-05-14 10:59 ` florin.iucha at amd dot com
` (5 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: marxin at gcc dot gnu.org @ 2021-05-14 10:55 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439
--- Comment #8 from Martin Liška <marxin at gcc dot gnu.org> ---
> Note this happens when GCC and GLIBC are built with crosstool-ng
> (https://crosstool-ng.github.io/); I will attach the configuration file used
> to generate the toolchain.
Well, that's something I'm not going to build :/ So am I correct that it does
not happen
with native compiler and system glibc library?
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug sanitizer/100439] stack overflow running ubsan
2021-05-05 19:17 [Bug sanitizer/100439] New: stack overflow running ubsan florin.iucha at amd dot com
` (7 preceding siblings ...)
2021-05-14 10:55 ` marxin at gcc dot gnu.org
@ 2021-05-14 10:59 ` florin.iucha at amd dot com
2021-07-02 16:18 ` florin.iucha at amd dot com
` (4 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: florin.iucha at amd dot com @ 2021-05-14 10:59 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439
--- Comment #9 from Florin Iucha <florin.iucha at amd dot com> ---
I was not able to reproduce the observation using the native compiler and
system glibc.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug sanitizer/100439] stack overflow running ubsan
2021-05-05 19:17 [Bug sanitizer/100439] New: stack overflow running ubsan florin.iucha at amd dot com
` (8 preceding siblings ...)
2021-05-14 10:59 ` florin.iucha at amd dot com
@ 2021-07-02 16:18 ` florin.iucha at amd dot com
2021-07-02 16:26 ` florin.iucha at amd dot com
` (3 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: florin.iucha at amd dot com @ 2021-07-02 16:18 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439
--- Comment #10 from Florin Iucha <florin.iucha at amd dot com> ---
I am able to reproduce something similar by building GCC11 from snapshot
11-20210626 (96358cbbdddde6e6447519a155301b6acb1624c0) and then using Clang12
(12.0.1-rc4) ubsan:
#234 0x7f9769d39670 in __cxxabiv1::__si_class_type_info::__do_dyncast(long,
__cxxabiv1::__class_type_info::__sub_kind, __cxxabiv1::__[0/48169]
e_info const*, void const*, __cxxabiv1::__class_type_info const*, void const*,
__cxxabiv1::__class_type_info::__dyncast_result&) const /home/fiuch
a/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/libsupc++/../../../../gcc/libstdc++-v3/libsupc++/si_class_type_info.cc:52:13
#235 0x7f9769d379e8 in __dynamic_cast
/home/fiucha/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/libsupc++/../../../../gcc/libstdc++-v3/libsu
pc++/dyncast.cc:74:28
#236 0x5dd0b6 in __ubsan::checkDynamicType(void*, void*, unsigned long)
/home/fiucha/tools/llvm12/compiler-rt/lib/ubsan/ubsan_type_hash_itaniu
m.cpp:233:5
#237 0x5dbf11 in
HandleDynamicTypeCacheMiss(__ubsan::DynamicTypeCacheMissData*, unsigned long,
unsigned long, __ubsan::ReportOptions)
/home/fiucha/tools/llvm12/compiler-rt/lib/ubsan/ubsan_handlers_cxx.cpp:36:7
#238 0x5dbee9 in __ubsan_handle_dynamic_type_cache_miss
/home/fiucha/tools/llvm12/compiler-rt/lib/ubsan/ubsan_handlers_cxx.cpp:87:3
#239 0x60b931 in std::type_info::operator==(std::type_info const&) const
/opt/gcc11-for-tng/lib/gcc/x86_64-linux-gnu/11.1.1/../../../../include/c++/11.1.1/typeinfo:122:16
#240 0x7f9769d39670 in
__cxxabiv1::__si_class_type_info::__do_dyncast(long,
__cxxabiv1::__class_type_info::__sub_kind, __cxxabiv1::__class_type_info
const*, void const*, __cxxabiv1::__class_type_info const*, void const*,
__cxxabiv1::__class_type_info::__dyncast_result&) const
/home/fiucha/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/libsupc++/../../../../gcc/libstdc++-v3/libsupc++/si_class_type_info.cc:52:13
#241 0x7f9769d379e8 in __dynamic_cast
/home/fiucha/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/libsupc++/../../../../gcc/libstdc++-v3/libsu
pc++/dyncast.cc:74:28
#242 0x5dd0b6 in __ubsan::checkDynamicType(void*, void*, unsigned long)
/home/fiucha/tools/llvm12/compiler-rt/lib/ubsan/ubsan_type_hash_itaniu
m.cpp:233:5
#243 0x5dbf11 in
HandleDynamicTypeCacheMiss(__ubsan::DynamicTypeCacheMissData*, unsigned long,
unsigned long, __ubsan::ReportOptions) /home/fi
ucha/tools/llvm12/compiler-rt/lib/ubsan/ubsan_handlers_cxx.cpp:36:7
#244 0x5dbee9 in __ubsan_handle_dynamic_type_cache_miss
/home/fiucha/tools/llvm12/compiler-rt/lib/ubsan/ubsan_handlers_cxx.cpp:87:3
#245 0x60b931 in std::type_info::operator==(std::type_info const&) const
/opt/gcc11-for-tng/lib/gcc/x86_64-linux-gnu/11.1.1/../../../../includ
e/c++/11.1.1/typeinfo:122:16
#246 0x7f9769d39670 in __cxxabiv1::__si_class_type_info::__do_dyncast(long,
__cxxabiv1::__class_type_info::__sub_kind, __cxxabiv1::__class_typ
e_info const*, void const*, __cxxabiv1::__class_type_info const*, void const*,
__cxxabiv1::__class_type_info::__dyncast_result&) const /home/fiuch
a/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/libsupc++/../../../../gcc/libstdc++-v3/libsupc++/si_class_type_info.cc:52:13
#247 0x7f9769d379e8 in __dynamic_cast
/home/fiucha/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/libsupc++/../../../../gcc/libstdc++-v3/libsu
pc++/dyncast.cc:74:28
#248 0x5dd0b6 in __ubsan::checkDynamicType(void*, void*, unsigned long)
/home/fiucha/tools/llvm12/compiler-rt/lib/ubsan/ubsan_type_hash_itaniu
m.cpp:233:5
#249 0x5dbf11 in
HandleDynamicTypeCacheMiss(__ubsan::DynamicTypeCacheMissData*, unsigned long,
unsigned long, __ubsan::ReportOptions) /home/fi
ucha/tools/llvm12/compiler-rt/lib/ubsan/ubsan_handlers_cxx.cpp:36:7
SUMMARY: AddressSanitizer: stack-overflow
/home/fiucha/tools/llvm12/compiler-rt/lib/sanitizer_common/sanitizer_posix_libcdep.cpp:278
in __sanitize
r::IsAccessibleMemoryRange(unsigned long, unsigned long)
==2162813==ABORTING
This doesn't fail on a simple hello_ub.cpp example - but on a complex module
using Google test, again.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug sanitizer/100439] stack overflow running ubsan
2021-05-05 19:17 [Bug sanitizer/100439] New: stack overflow running ubsan florin.iucha at amd dot com
` (9 preceding siblings ...)
2021-07-02 16:18 ` florin.iucha at amd dot com
@ 2021-07-02 16:26 ` florin.iucha at amd dot com
2021-07-02 16:35 ` florin.iucha at amd dot com
` (2 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: florin.iucha at amd dot com @ 2021-07-02 16:26 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439
--- Comment #11 from Florin Iucha <florin.iucha at amd dot com> ---
Updated Makefile for clang12:
#-----------------------
ALL: bin/test_hello
.PHONY: clean
CXX=/opt/clang12-for-tng/bin/clang++
CXXFLAGS=-m64 -g -std=c++20 --gcc-toolchain=/opt/gcc11-for-tng
-fsanitize=undefined -fno-omit-frame-pointer
LDFLAGS=-L/opt/gcc11-for-tng/lib64 -Wl,-rpath,/opt/gcc11-for-tng/lib64
-fsanitize=undefined
GOOGLE_TEST_PATH=googletest/googletest
GOOGLE_TEST_OBJECTS=obj/gtest.o obj/gtest_main.o obj/gtest-port.o
obj/gtest-filepath.o obj/gtest-death-test.o obj/gtest-test-part.o
obj/gtest-printers.o
obj/test_hello.o: test_hello.cpp
$(CXX) $(CXXFLAGS) -o $@ -I$(GOOGLE_TEST_PATH)/include -c $<
obj/gtest.o: $(GOOGLE_TEST_PATH)/src/gtest.cc
$(CXX) $(CXXFLAGS) -o $@ -I$(GOOGLE_TEST_PATH)/include
-I$(GOOGLE_TEST_PATH) -c $<
obj/gtest%.o: $(GOOGLE_TEST_PATH)/src/gtest%.cc
$(CXX) $(CXXFLAGS) -o $@ -I$(GOOGLE_TEST_PATH)/include
-I$(GOOGLE_TEST_PATH) -c $<
bin/test_hello: obj/test_hello.o $(GOOGLE_TEST_OBJECTS)
$(CXX) -o $@ $(LDFLAGS) $^ -lpthread
clean:
$(RM) bin/test_hello obj/*.o
# -----
The content of the test file:
#include <gtest/gtest.h>
#include <string>
TEST(Hello, World)
{
ASSERT_EQ(43, std::stoi("42"));
}
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug sanitizer/100439] stack overflow running ubsan
2021-05-05 19:17 [Bug sanitizer/100439] New: stack overflow running ubsan florin.iucha at amd dot com
` (10 preceding siblings ...)
2021-07-02 16:26 ` florin.iucha at amd dot com
@ 2021-07-02 16:35 ` florin.iucha at amd dot com
2021-07-06 13:29 ` florin.iucha at amd dot com
2021-07-06 17:34 ` florin.iucha at amd dot com
13 siblings, 0 replies; 15+ messages in thread
From: florin.iucha at amd dot com @ 2021-07-02 16:35 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439
--- Comment #12 from Florin Iucha <florin.iucha at amd dot com> ---
Actually, it gets even better - no clang needed. Just build GCC 11-20210626
Snapshot and build the example using the Google test recipe:
#
# Makefile
#
ALL: bin/test_hello
.PHONY: clean
CXX=/opt/gcc11-for-tng/bin/g++-11
CXXFLAGS=-m64 -g -std=c++20 -fsanitize=undefined -fno-omit-frame-pointer
LDFLAGS=-L/opt/gcc11-for-tng/lib64 -Wl,-rpath,/opt/gcc11-for-tng/lib64
-fsanitize=undefined
GOOGLE_TEST_PATH=googletest/googletest
GOOGLE_TEST_OBJECTS=obj/gtest.o obj/gtest_main.o obj/gtest-port.o
obj/gtest-filepath.o obj/gtest-death-test.o obj/gtest-test-part.o
obj/gtest-printers.o
obj/test_hello.o: test_hello.cpp
$(CXX) $(CXXFLAGS) -o $@ -I$(GOOGLE_TEST_PATH)/include -c $<
obj/gtest.o: $(GOOGLE_TEST_PATH)/src/gtest.cc
$(CXX) $(CXXFLAGS) -o $@ -I$(GOOGLE_TEST_PATH)/include
-I$(GOOGLE_TEST_PATH) -c $<
obj/gtest%.o: $(GOOGLE_TEST_PATH)/src/gtest%.cc
$(CXX) $(CXXFLAGS) -o $@ -I$(GOOGLE_TEST_PATH)/include
-I$(GOOGLE_TEST_PATH) -c $<
bin/test_hello: obj/test_hello.o $(GOOGLE_TEST_OBJECTS)
$(CXX) -o $@ $(LDFLAGS) $^ -lpthread
clean:
$(RM) bin/test_hello obj/*.o
#
# test_hello.cpp
#
#include <gtest/gtest.h>
#include <string>
TEST(Hello, World)
{
ASSERT_EQ(43, std::stoi("42"));
}
------
After build:
$ ldd bin/test_hello
linux-vdso.so.1 (0x00007ffc551ee000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0
(0x00007f387908d000)
libstdc++.so.6 => /opt/gcc11-for-tng/lib64/libstdc++.so.6
(0x00007f3878ce4000)
libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f3878b95000)
libubsan.so.1 => /opt/gcc11-for-tng/lib64/libubsan.so.1
(0x00007f387803c000)
libgcc_s.so.1 => /opt/gcc11-for-tng/lib64/libgcc_s.so.1
(0x00007f3877e29000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f3877c37000)
/lib64/ld-linux-x86-64.so.2 (0x00007f387933a000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f3877c2f000)
librt.so.1 => /lib/x86_64-linux-gnu/librt.so.1 (0x00007f3877c24000)
$ gdb bin/test_hello
...
...
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff6f4f555 in HandleDynamicTypeCacheMiss (Data=0x5555557a49a0,
Pointer=140737353637960, Hash=3327454538508686025, Opts=...)
at ../../../../gcc/libsanitizer/ubsan/ubsan_handlers_cxx.cpp:36
36 ../../../../gcc/libsanitizer/ubsan/ubsan_handlers_cxx.cpp: No such file
or directory.
...
(gdb) bt
#44921 0x00007ffff6f50516 in __ubsan::checkDynamicType
(Object=Object@entry=0x7ffff7f87588 <typeinfo for std::ctype<char>>,
Type=0x7ffff7f860b8 <typeinfo for std::type_info>, Hash=8146310091054124745) at
../../../../gcc/libsanitizer/ubsan/ubsan_type_hash_itanium.cpp:233
#44922 0x00007ffff6f4f55a in HandleDynamicTypeCacheMiss (Data=0x5555557a49a0,
Pointer=140737353643400, Hash=<optimized out>, Opts=...) at
../../../../gcc/libsanitizer/ubsan/ubsan_handlers_cxx.cpp:36
#44923 0x00007ffff6f4fa92 in __ubsan::__ubsan_handle_dynamic_type_cache_miss
(Data=<optimized out>, Pointer=<optimized out>, Hash=<optimized out>) at
../../../../gcc/libsanitizer/ubsan/ubsan_handlers_cxx.cpp:87
#44924 0x000055555567addd in std::type_info::operator== (this=0x7ffff7f87588
<typeinfo for std::ctype<char>>, __arg=...) at
/opt/gcc11-for-tng/include/c++/11.1.1/typeinfo:122
#44925 0x00007ffff7c9beec in __cxxabiv1::__vmi_class_type_info::__do_dyncast
(this=0x7ffff7f87588 <typeinfo for std::ctype<char>>, src2dst=0,
access_path=__cxxabiv1::__class_type_info::__contained_public,
dst_type=0x7ffff7f87588 <typeinfo for std::ctype<char>>, obj_ptr=0x7ffff7f93e00
<(anonymous namespace)::ctype_c>, src_type=0x7ffff7f86298 <typeinfo for
std::locale::facet>, src_ptr=0x7ffff7f93e00 <(anonymous namespace)::ctype_c>,
result=...) at ../../../../gcc/libstdc++-v3/libsupc++/vmi_class_type_info.cc:91
#44926 0x00007ffff7c999e9 in __cxxabiv1::__dynamic_cast (src_ptr=0x7ffff7f93e00
<(anonymous namespace)::ctype_c>, src_type=0x7ffff7f86298 <typeinfo for
std::locale::facet>, dst_type=0x7ffff7f87588 <typeinfo for std::ctype<char>>,
src2dst=0) at ../../../../gcc/libstdc++-v3/libsupc++/dyncast.cc:74
#44927 0x00007ffff7cdfd6d in std::has_facet<std::ctype<char> > (__loc=...) at
/home/fiucha/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/include/bits/locale_classes.tcc:110
#44928 0x00007ffff7cd6fcf in std::basic_ios<char, std::char_traits<char>
>::_M_cache_locale (this=this@entry=0x5555557cc988 <std::cout@@GLIBCXX_3.4+8>,
__loc=...) at
/home/fiucha/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/include/bits/basic_ios.tcc:159
#44929 0x00007ffff7cd7263 in std::basic_ios<char, std::char_traits<char>
>::init (this=this@entry=0x5555557cc988 <std::cout@@GLIBCXX_3.4+8>,
__sb=__sb@entry=0x7ffff7f92460 <__gnu_internal::buf_cout_sync>) at
/home/fiucha/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/include/bits/basic_ios.tcc:132
#44930 0x00007ffff7ce72db in std::basic_ostream<char, std::char_traits<char>
>::basic_ostream (__sb=<optimized out>, __vtt_parm=0x0, __in_chrg=1,
this=0x5555557cc980 <std::cout@@GLIBCXX_3.4>) at
/home/fiucha/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/include/ostream:85
#44931 std::basic_ostream<char, std::char_traits<char> >::basic_ostream
(this=0x5555557cc980 <std::cout@@GLIBCXX_3.4>, __sb=0x7ffff7f92460
<__gnu_internal::buf_cout_sync>) at
/home/fiucha/tools/gcc.objdir/x86_64-linux-gnu/libstdc++-v3/include/ostream:85
#44932 0x00007ffff7ca39c3 in std::ios_base::Init::Init (this=<optimized out>)
at /home/fiucha/tools/gcc/libstdc++-v3/libsupc++/new:175
#44933 std::ios_base::Init::Init (this=<optimized out>) at
../../../../../gcc/libstdc++-v3/src/c++98/ios_init.cc:78
#44934 0x000055555561be74 in __static_initialization_and_destruction_0
(__initialize_p=1, __priority=65535) at
/opt/gcc11-for-tng/include/c++/11.1.1/iostream:74
#44935 0x000055555561c121 in _GLOBAL__sub_I__ZN16Hello_World_Test10test_info_E
() at test_hello.cpp:8
#44936 0x0000555555708b6d in __libc_csu_init ()
#44937 0x00007ffff6b66040 in __libc_start_main (main=0x5555556e26a3 <main(int,
char**)>, argc=1, argv=0x7fffffffe858, init=0x555555708b20 <__libc_csu_init>,
fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe848) at
../csu/libc-start.c:264
#44938 0x000055555561bb3e in _start ()
Note the depth of the stack trace.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug sanitizer/100439] stack overflow running ubsan
2021-05-05 19:17 [Bug sanitizer/100439] New: stack overflow running ubsan florin.iucha at amd dot com
` (11 preceding siblings ...)
2021-07-02 16:35 ` florin.iucha at amd dot com
@ 2021-07-06 13:29 ` florin.iucha at amd dot com
2021-07-06 17:34 ` florin.iucha at amd dot com
13 siblings, 0 replies; 15+ messages in thread
From: florin.iucha at amd dot com @ 2021-07-06 13:29 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439
--- Comment #13 from Florin Iucha <florin.iucha at amd dot com> ---
With GCC 11-20210703 snapshot I can reproduce the observation on Ubuntu 20.04
but can not reproduce the observation on Debian testing.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug sanitizer/100439] stack overflow running ubsan
2021-05-05 19:17 [Bug sanitizer/100439] New: stack overflow running ubsan florin.iucha at amd dot com
` (12 preceding siblings ...)
2021-07-06 13:29 ` florin.iucha at amd dot com
@ 2021-07-06 17:34 ` florin.iucha at amd dot com
13 siblings, 0 replies; 15+ messages in thread
From: florin.iucha at amd dot com @ 2021-07-06 17:34 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100439
--- Comment #14 from Florin Iucha <florin.iucha at amd dot com> ---
Bisecting the configure flags, I think I narrowed it down to: it fails when
"--enable-gnu-indirect-function" is present.
^ permalink raw reply [flat|nested] 15+ messages in thread
end of thread, other threads:[~2021-07-06 17:34 UTC | newest]
Thread overview: 15+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-05 19:17 [Bug sanitizer/100439] New: stack overflow running ubsan florin.iucha at amd dot com
2021-05-06 6:32 ` [Bug sanitizer/100439] " rguenth at gcc dot gnu.org
2021-05-06 11:59 ` florin.iucha at amd dot com
2021-05-06 14:30 ` florin.iucha at amd dot com
2021-05-12 10:10 ` marxin at gcc dot gnu.org
2021-05-13 12:34 ` florin.iucha at amd dot com
2021-05-13 15:29 ` florin.iucha at amd dot com
2021-05-13 15:31 ` florin.iucha at amd dot com
2021-05-14 10:55 ` marxin at gcc dot gnu.org
2021-05-14 10:59 ` florin.iucha at amd dot com
2021-07-02 16:18 ` florin.iucha at amd dot com
2021-07-02 16:26 ` florin.iucha at amd dot com
2021-07-02 16:35 ` florin.iucha at amd dot com
2021-07-06 13:29 ` florin.iucha at amd dot com
2021-07-06 17:34 ` florin.iucha at amd dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).