public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug sanitizer/111620] New: [RISC-V]fsanitize is not working with cpp
@ 2023-09-28 6:14 akhilesh.k at samsung dot com
2023-09-28 6:22 ` [Bug sanitizer/111620] [RISC-V]fsanitize is not working with c++ pinskia at gcc dot gnu.org
2023-10-03 13:01 ` akhilesh.k at samsung dot com
0 siblings, 2 replies; 3+ messages in thread
From: akhilesh.k at samsung dot com @ 2023-09-28 6:14 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111620
Bug ID: 111620
Summary: [RISC-V]fsanitize is not working with cpp
Product: gcc
Version: 12.2.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: akhilesh.k at samsung dot com
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org
Target Milestone: ---
Hello
During ASAN verification I observed most of the ASAN is not working for cpp
sharing logs and sample code.
user@starfive:~/akhilesh/asan$ g++ print.cpp -fsanitize=address
user@starfive:~/akhilesh/asan$ ./a.out
AddressSanitizer:DEADLYSIGNAL
=================================================================
==17785==ERROR: AddressSanitizer: SEGV on unknown address 0x00081f468e44 (pc
0x002ae2626c74 bp 0x003ffa3472e0 sp 0x003ffa347210 T0)
==17785==The signal is caused by a WRITE memory access.
#0 0x2ae2626c74 in main (/home/user/akhilesh/asan/a.out+0xc74)
#1 0x3fbdac4b02 in __libc_start_call_main
../sysdeps/nptl/libc_start_call_main.h:58
#2 0x3fbdac4baa in __libc_start_main_impl csu/libc-start.c:381
#3 0x2ae2626b6e in _start (/home/user/akhilesh/asan/a.out+0xb6e)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/home/user/akhilesh/asan/a.out+0xc74) in main
==17785==ABORTING
user@starfive:~/akhilesh/asan$ cat print.cpp
#include<iostream>
using namespace std;
int main()
{
int arr[10];
arr[5]=8;
cout<<arr[5];
return 0;
}
user@starfive:~/akhilesh/asan$
==========================Sample code=================================
user@starfive:~/akhilesh/asan$ vim use_after_free.cpp
user@starfive:~/akhilesh/asan$ cat use_after_free.cpp
#include<iostream>
using namespace std;
int main()
{
cout << "Hello";
return 0;
}
=========================run time logs===================================
ser@starfive:~/akhilesh/asan$ g++ -g use_after_free.cpp -fsanitize=address
user@starfive:~/akhilesh/asan$ ./a.out
AddressSanitizer: CHECK failed: asan_poisoning.cpp:36 "((AddrIsInMem(addr))) !=
(0)" (0x0, 0x0) (tid=17449)
#0 0x3fb771805c in CheckUnwind
../../../../src/libsanitizer/asan/asan_rtl.cpp:67
#1 0x3fb7730a3a in __sanitizer::CheckFailed(char const*, int, char const*,
unsigned long long, unsigned long long)
../../../../src/libsanitizer/sanitizer_common/sanitizer_termination.cpp:86
#2 0x3fb7711dca in __asan::PoisonShadow(unsigned long, unsigned long,
unsigned char) ../../../../src/libsanitizer/asan/asan_poisoning.cpp:36
#3 0x3fb76a2e36 in __asan::AsanMapUnmapCallback::OnMap(unsigned long,
unsigned long) const ../../../../src/libsanitizer/asan/asan_allocator.cpp:246
#4 0x3fb76a2e36 in
__sanitizer::SizeClassAllocator64<__asan::AP64<__sanitizer::LocalAddressSpaceView>
>::MapWithCallback(unsigned long, unsigned long, char const*)
../../../../src/libsanitizer/sanitizer_common/sanitizer_allocator_primary64.h:717
#5 0x3fb76a2e36 in
__sanitizer::SizeClassAllocator64<__asan::AP64<__sanitizer::LocalAddressSpaceView>
>::MapWithCallback(unsigned long, unsigned long, char const*)
../../../../src/libsanitizer/sanitizer_common/sanitizer_allocator_primary64.h:709
#6 0x3fb76a2e36 in
__sanitizer::SizeClassAllocator64<__asan::AP64<__sanitizer::LocalAddressSpaceView>
>::PopulateFreeArray(__sanitizer::AllocatorStats*, unsigned long,
__sanitizer::SizeClassAllocator64<__asan::AP64<__sanitizer::LocalAddressSpaceView>
>::RegionInfo*, unsigned long)
../../../../src/libsanitizer/sanitizer_common/sanitizer_allocator_primary64.h:798
#7 0x3fb76a3246 in
__sanitizer::SizeClassAllocator64<__asan::AP64<__sanitizer::LocalAddressSpaceView>
>::GetFromAllocator(__sanitizer::AllocatorStats*, unsigned long, unsigned int*,
unsigned long)
../../../../src/libsanitizer/sanitizer_common/sanitizer_allocator_primary64.h:220
#8 0x3fb76a32bc in
__sanitizer::SizeClassAllocator64LocalCache<__sanitizer::SizeClassAllocator64<__asan::AP64<__sanitizer::LocalAddressSpaceView>
>
>::Refill(__sanitizer::SizeClassAllocator64LocalCache<__sanitizer::SizeClassAllocator64<__asan::AP64<__sanitizer::LocalAddressSpaceView>
> >::PerClass*,
__sanitizer::SizeClassAllocator64<__asan::AP64<__sanitizer::LocalAddressSpaceView>
>*, unsigned long)
../../../../src/libsanitizer/sanitizer_common/sanitizer_allocator_local_cache.h:103
#9 0x3fb76a353c in
__sanitizer::SizeClassAllocator64LocalCache<__sanitizer::SizeClassAllocator64<__asan::AP64<__sanitizer::LocalAddressSpaceView>
>
>::Allocate(__sanitizer::SizeClassAllocator64<__asan::AP64<__sanitizer::LocalAddressSpaceView>
>*, unsigned long)
../../../../src/libsanitizer/sanitizer_common/sanitizer_allocator_local_cache.h:39
#10 0x3fb76a353c in
__sanitizer::CombinedAllocator<__sanitizer::SizeClassAllocator64<__asan::AP64<__sanitizer::LocalAddressSpaceView>
>,
__sanitizer::LargeMmapAllocatorPtrArrayDynamic>::Allocate(__sanitizer::SizeClassAllocator64LocalCache<__sanitizer::SizeClassAllocator64<__asan::AP64<__sanitizer::LocalAddressSpaceView>
> >*, unsigned long, unsigned long)
../../../../src/libsanitizer/sanitizer_common/sanitizer_allocator_combined.h:69
#11 0x3fb76a370a in __asan::Allocator::Allocate(unsigned long, unsigned
long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool)
../../../../src/libsanitizer/asan/asan_allocator.cpp:536
#12 0x3fb76a101a in __asan::asan_malloc(unsigned long,
__sanitizer::BufferedStackTrace*)
../../../../src/libsanitizer/asan/asan_allocator.cpp:964
#13 0x3fb771002c in __interceptor_malloc
../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:70
#14 0x3fb734a3a8 in __GI__IO_file_doallocate libio/filedoalloc.c:101
user@starfive:~/akhilesh/asan$
=============================gcc ============================================
user@starfive:~/akhilesh/asan$ gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/riscv64-linux-gnu/12/lto-wrapper
Target: riscv64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Debian 12.2.0-10'
--with-bugurl=file:///usr/share/doc/gcc-12/README.Bugs
--enable-languages=c,ada,c++,go,d,fortran,objc,obj-c++,m2 --prefix=/usr
--with-gcc-major-version-only --program-suffix=-12
--program-prefix=riscv64-linux-gnu- --enable-shared --enable-linker-build-id
--libexecdir=/usr/lib --without-included-gettext --enable-threads=posix
--libdir=/usr/lib --enable-nls --enable-clocale=gnu --enable-libstdcxx-debug
--enable-libstdcxx-time=yes --with-default-libstdcxx-abi=new
--enable-gnu-unique-object --disable-libitm --disable-libquadmath
--disable-libquadmath-support --enable-plugin --enable-default-pie
--with-system-zlib --enable-libphobos-checking=release
--with-target-system-zlib=auto --enable-objc-gc=auto --enable-multiarch
--disable-werror --disable-multilib --with-arch=rv64gc --with-abi=lp64d
--enable-checking=release --build=riscv64-linux-gnu --host=riscv64-linux-gnu
--target=riscv64-linux-gnu
Thread model: posix
Supported LTO compression algorithms: zlib zstd
gcc version 12.2.0 (Debian 12.2.0-10)
user@starfive:~/akhilesh/asan$
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug sanitizer/111620] [RISC-V]fsanitize is not working with c++
2023-09-28 6:14 [Bug sanitizer/111620] New: [RISC-V]fsanitize is not working with cpp akhilesh.k at samsung dot com
@ 2023-09-28 6:22 ` pinskia at gcc dot gnu.org
2023-10-03 13:01 ` akhilesh.k at samsung dot com
1 sibling, 0 replies; 3+ messages in thread
From: pinskia at gcc dot gnu.org @ 2023-09-28 6:22 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111620
Andrew Pinski <pinskia at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution|--- |DUPLICATE
--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
This is fixed for GCC 12.4.0 and GCC 13.2.0.
Dup of bug 110036.
*** This bug has been marked as a duplicate of bug 110036 ***
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug sanitizer/111620] [RISC-V]fsanitize is not working with c++
2023-09-28 6:14 [Bug sanitizer/111620] New: [RISC-V]fsanitize is not working with cpp akhilesh.k at samsung dot com
2023-09-28 6:22 ` [Bug sanitizer/111620] [RISC-V]fsanitize is not working with c++ pinskia at gcc dot gnu.org
@ 2023-10-03 13:01 ` akhilesh.k at samsung dot com
1 sibling, 0 replies; 3+ messages in thread
From: akhilesh.k at samsung dot com @ 2023-10-03 13:01 UTC (permalink / raw)
To: gcc-bugs
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=111620
--- Comment #2 from Akhilesh Kumar <akhilesh.k at samsung dot com> ---
with 110036 (CHECK failed) issue is fixed, but Even after patch ASAN unable to
detect corruption like "Use_after_free(heap)","Heap buffer overflow","Stack
buffer overflow" and "Use after scope"
some features like "Double Free" and "Memory leaks" are working after 110036
In all corruption scenarios I am getting "DEADLYSIGNAL"
Seems program jumped to some wild address, which is unknown to AddressSanitizer
#include<iostream>
using namespace std;
int main()
{
int *p=new int;
delete p;
cout<<*p<<endl;
return 0;
}
//on x86 Asan able to detect
user@starfive:/tmp$ ./use_afterfree
AddressSanitizer:DEADLYSIGNAL
=================================================================
==70151==ERROR: AddressSanitizer: SEGV on unknown address 0x0008173400f6 (pc
0x0000000e3ed8 bp 0x003ff061b2d0 sp 0x003ff061b2b0 T0)
==70151==The signal is caused by a READ memory access.
#0 0xe3eda in main (/tmp/use_afterfree+0xe3eda) (BuildId:
216039089892b63c94091aadca49752b51f4fa78)
#1 0x3fbd152b02 in __libc_start_call_main
../sysdeps/nptl/libc_start_call_main.h:58
#2 0x3fbd152baa in __libc_start_main_impl csu/libc-start.c:381
#3 0x25282 in _start (/tmp/use_afterfree+0x25282) (BuildId:
216039089892b63c94091aadca49752b51f4fa78)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/tmp/use_afterfree+0xe3eda) (BuildId:
216039089892b63c94091aadca49752b51f4fa78) in main
==70151==ABORTING
user@starfive:/tmp$
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-10-03 13:02 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-09-28 6:14 [Bug sanitizer/111620] New: [RISC-V]fsanitize is not working with cpp akhilesh.k at samsung dot com
2023-09-28 6:22 ` [Bug sanitizer/111620] [RISC-V]fsanitize is not working with c++ pinskia at gcc dot gnu.org
2023-10-03 13:01 ` akhilesh.k at samsung dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).