From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id B75063858D33; Tue, 6 Feb 2024 13:01:24 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org B75063858D33 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1707224484; bh=/mAQYwga+gvThL6PNNfRaxI4MEmQ6DtzQeYAHxgD3qc=; h=From:To:Subject:Date:From; b=Cwz+9raX4KPA0EHqqg8Ihb+nDBrGIzk5PMvZ1xw2ZHr/YbCEIA/erYTE8BfF5zWXY 9rQHcgdUqNTYJdxFMUEBu8dO8wweKWzRbyCXrnqVf2Z4Hurif/NKOVjcRbJsFnPpd5 kZGdWCYxNrgAs4yw1lb3pIZ4zv4+MdNTXl4w0+3c= From: "ro at gcc dot gnu.org" To: gcc-bugs@gcc.gnu.org Subject: [Bug sanitizer/113785] New: c-c++-common/asan/swapcontext-test-1.c FAILs Date: Tue, 06 Feb 2024 13:01:23 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: gcc X-Bugzilla-Component: sanitizer X-Bugzilla-Version: 14.0 X-Bugzilla-Keywords: X-Bugzilla-Severity: normal X-Bugzilla-Who: ro at gcc dot gnu.org X-Bugzilla-Status: UNCONFIRMED X-Bugzilla-Resolution: X-Bugzilla-Priority: P3 X-Bugzilla-Assigned-To: unassigned at gcc dot gnu.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter cc target_milestone cf_gcctarget Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://gcc.gnu.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 List-Id: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=3D113785 Bug ID: 113785 Summary: c-c++-common/asan/swapcontext-test-1.c FAILs Product: gcc Version: 14.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: ro at gcc dot gnu.org CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org Target Milestone: --- Target: sparc*-sun-solaris2.11, powerpc64-suse-linux-gnu, x86_64-unknown-freebsd12.4 The c-c++-common/asan/swapcontext-test-1.c test FAILs on 32-bit Solaris/SPA= RC (asan doesn't yet support 64-bit SPARC): FAIL: c-c++-common/asan/swapcontext-test-1.c -O0 execution test FAIL: c-c++-common/asan/swapcontext-test-1.c -O1 execution test FAIL: c-c++-common/asan/swapcontext-test-1.c -O2 execution test FAIL: c-c++-common/asan/swapcontext-test-1.c -O2 -flto execution test FAIL: c-c++-common/asan/swapcontext-test-1.c -O2 -flto -flto-partition=3D= none=20 execution test FAIL: c-c++-common/asan/swapcontext-test-1.c -O3 -fomit-frame-pointer -funroll-loops -fpeel-loops -ftracer -finline-functions execution test FAIL: c-c++-common/asan/swapcontext-test-1.c -O3 -g execution test FAIL: c-c++-common/asan/swapcontext-test-1.c -Os execution test both as C and C++. =3D=3D2100=3D=3DWARNING: ASan doesn't fully support makecontext/swapcontext= functions and may produce false positives in some cases! Test1 passed =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D2100=3D=3DERROR: AddressSanitizer: stack-buffer-underflow on address = 0xffb74480 at pc 0x00011c3c bp 0xffaf44b0 sp 0xffaf44ac WRITE of size 1 at 0xffb74480 thread T0 #0 0x11c34 in Run /vol/gcc/src/hg/master/local/gcc/testsuite/c-c++-common/asan/swapcontext-te= st-1.c:45 #1 0x11da8 in main /vol/gcc/src/hg/master/local/gcc/testsuite/c-c++-common/asan/swapcontext-te= st-1.c:56 #2 0x11604 in _start (swapcontext-test-1.exe+0x11604) Address 0xffb74480 is located in stack of thread T0 at offset 0 in frame #0 0x11808 in Child /vol/gcc/src/hg/master/local/gcc/testsuite/c-c++-common/asan/swapcontext-te= st-1.c:12 This frame has 1 object(s): [32, 64) 'x' (line 13) HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork (longjmp and C++ exceptions *are* supported) SUMMARY: AddressSanitizer: stack-buffer-underflow /vol/gcc/src/hg/master/local/gcc/testsuite/c-c++-common/asan/swapcontext-te= st-1.c:45 in Run Shadow bytes around the buggy address: 0xffb74200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0xffb74280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0xffb74300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0xffb74380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0xffb74400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =3D>0xffb74480:[f1]f1 f1 f1 00 00 00 00 f3 f3 f3 f3 00 00 00 00 0xffb74500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0xffb74580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0xffb74600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0xffb74680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0xffb74700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb =3D=3D2100=3D=3DABORTING There are also gcc-testresults reports for Linux/powerpc64 and FreeBSD/x86_= 64. Looking at the test, I notice that ss_flags isn't initialized. I also wond= er why ss_size is set to kStackSize / 2 while child_stack[] is kStackSize + 1. Also the upstream version of this test (compiler-rt/test/asan/TestCases/Linux/swapcontext_test.cpp) is restricted like this: // This test is too sublte to try on non-x86 arch for now. // Android and musl do not support swapcontext. // REQUIRES: x86-target-arch && glibc-2.27=