public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug other/55333] New: [x32] 8 asan test failures
@ 2012-11-15 1:54 hjl.tools at gmail dot com
2012-11-15 3:38 ` [Bug other/55333] [x32] StackTrace::FastUnwindStack wrong x32 hjl.tools at gmail dot com
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: hjl.tools at gmail dot com @ 2012-11-15 1:54 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55333
Bug #: 55333
Summary: [x32] 8 asan test failures
Classification: Unclassified
Product: gcc
Version: 4.8.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: other
AssignedTo: unassigned@gcc.gnu.org
ReportedBy: hjl.tools@gmail.com
Schedule of variations:
unix/-mx32
Running target unix/-mx32
Using /usr/share/dejagnu/baseboards/unix.exp as board description file for
target.
Using /usr/share/dejagnu/config/unix.exp as generic interface file for target.
Using /export/gnu/import/git/gcc/gcc/testsuite/config/default.exp as
tool-and-target-specific interface file.
Running /export/gnu/import/git/gcc/gcc/testsuite/gcc.dg/asan/asan.exp ...
FAIL: c-c++-common/asan/memcmp-1.c -O0 output pattern test, is
=================================================================
==3035== ERROR: AddressSanitizer stack-buffer-overflow on address 0xffe91e45 at
pc 0xf5b1e798 bp 0xffe91df0 sp 0xffe91d90
READ of size 1 at 0xffe91e45 thread T0
#0 0xf5b1e797 in __interceptor_memcmp
/export/gnu/import/git/gcc/libsanitizer/asan/asan_interceptors.cc:218
(discriminator 1)
Address 0xffe91e45 is located at offset 37 in frame <main> of T0's stack:
This frame has 2 object(s):
[32, 36) 'a1'
[96, 100) 'a2'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x3ffd23c8: 4
0x3ffd23c8: 04 f4 f4 f4
More shadow bytes:
0x3ffd23b8: 00 00 00 00
0x3ffd23bc: 00 00 00 00
0x3ffd23c0: 00 00 00 00
0x3ffd23c4: f1 f1 f1 f1
=>0x3ffd23c8: 04 f4 f4 f4
0x3ffd23cc: f2 f2 f2 f2
0x3ffd23d0: 04 f4 f4 f4
0x3ffd23d4: f3 f3 f3 f3
0x3ffd23d8: 00 00 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==3035== ABORTING
, should match ERROR: AddressSanitizer stack-buffer-overflow.*(
|
) #0 0x[0-9a-f]+ (in _*(interceptor_|)memcmp |[(])[^
]*(
|
) #1 0x[0-9a-f]+ (in _*main|[(])[^
]*(
|
)
FAIL: c-c++-common/asan/memcmp-1.c -O1 output pattern test, is
=================================================================
==3135== ERROR: AddressSanitizer stack-buffer-overflow on address 0xffe3c135 at
pc 0xf5b81798 bp 0xffe3c100 sp 0xffe3c0a0
READ of size 1 at 0xffe3c135 thread T0
#0 0xf5b81797 in __interceptor_memcmp
/export/gnu/import/git/gcc/libsanitizer/asan/asan_interceptors.cc:218
(discriminator 1)
Address 0xffe3c135 is located at offset 37 in frame <main> of T0's stack:
This frame has 2 object(s):
[32, 36) 'a1'
[96, 100) 'a2'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x3ffc7826: 4
0x3ffc7824: f1 f1 04 f4
More shadow bytes:
0x3ffc7814: 00 00 00 00
0x3ffc7818: 00 00 00 00
0x3ffc781c: 00 00 00 00
0x3ffc7820: 00 00 f1 f1
=>0x3ffc7824: f1 f1 04 f4
0x3ffc7828: f4 f4 f2 f2
0x3ffc782c: f2 f2 04 f4
0x3ffc7830: f4 f4 f3 f3
0x3ffc7834: f3 f3 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==3135== ABORTING
, should match ERROR: AddressSanitizer stack-buffer-overflow.*(
|
) #0 0x[0-9a-f]+ (in _*(interceptor_|)memcmp |[(])[^
]*(
|
) #1 0x[0-9a-f]+ (in _*main|[(])[^
]*(
|
)
FAIL: c-c++-common/asan/memcmp-1.c -O2 output pattern test, is
=================================================================
==3220== ERROR: AddressSanitizer stack-buffer-overflow on address 0xffa93f15 at
pc 0xf5b6d798 bp 0xffa93ee0 sp 0xffa93e80
READ of size 1 at 0xffa93f15 thread T0
#0 0xf5b6d797 in __interceptor_memcmp
/export/gnu/import/git/gcc/libsanitizer/asan/asan_interceptors.cc:218
(discriminator 1)
Address 0xffa93f15 is located at offset 37 in frame <main> of T0's stack:
This frame has 2 object(s):
[32, 36) 'a1'
[96, 100) 'a2'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x3ff527e2: 4
0x3ff527e0: f1 f1 04 f4
More shadow bytes:
0x3ff527d0: 00 00 00 00
0x3ff527d4: 00 00 00 00
0x3ff527d8: 00 00 00 00
0x3ff527dc: 00 00 f1 f1
=>0x3ff527e0: f1 f1 04 f4
0x3ff527e4: f4 f4 f2 f2
0x3ff527e8: f2 f2 04 f4
0x3ff527ec: f4 f4 f3 f3
0x3ff527f0: f3 f3 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==3220== ABORTING
, should match ERROR: AddressSanitizer stack-buffer-overflow.*(
|
) #0 0x[0-9a-f]+ (in _*(interceptor_|)memcmp |[(])[^
]*(
|
) #1 0x[0-9a-f]+ (in _*main|[(])[^
]*(
|
)
FAIL: c-c++-common/asan/memcmp-1.c -O3 -fomit-frame-pointer output pattern
test, is =================================================================
==3372== ERROR: AddressSanitizer stack-buffer-overflow on address 0xff9dd5d5 at
pc 0xf5b18798 bp 0xff9dd5a0 sp 0xff9dd540
READ of size 1 at 0xff9dd5d5 thread T0
#0 0xf5b18797 in __interceptor_memcmp
/export/gnu/import/git/gcc/libsanitizer/asan/asan_interceptors.cc:218
(discriminator 1)
Address 0xff9dd5d5 is located at offset 37 in frame <main> of T0's stack:
This frame has 2 object(s):
[32, 36) 'a1'
[96, 100) 'a2'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x3ff3baba: 4
0x3ff3bab8: f1 f1 04 f4
More shadow bytes:
0x3ff3baa8: 00 00 00 00
0x3ff3baac: 00 00 00 00
0x3ff3bab0: 00 00 00 00
0x3ff3bab4: 00 00 f1 f1
=>0x3ff3bab8: f1 f1 04 f4
0x3ff3babc: f4 f4 f2 f2
0x3ff3bac0: f2 f2 04 f4
0x3ff3bac4: f4 f4 f3 f3
0x3ff3bac8: f3 f3 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==3372== ABORTING
, should match ERROR: AddressSanitizer stack-buffer-overflow.*(
|
) #0 0x[0-9a-f]+ (in _*(interceptor_|)memcmp |[(])[^
]*(
|
) #1 0x[0-9a-f]+ (in _*main|[(])[^
]*(
|
)
FAIL: c-c++-common/asan/memcmp-1.c -O3 -g output pattern test, is
=================================================================
==3475== ERROR: AddressSanitizer stack-buffer-overflow on address 0xfffb9475 at
pc 0xf5ad4798 bp 0xfffb9440 sp 0xfffb93e0
READ of size 1 at 0xfffb9475 thread T0
#0 0xf5ad4797 in __interceptor_memcmp
/export/gnu/import/git/gcc/libsanitizer/asan/asan_interceptors.cc:218
(discriminator 1)
Address 0xfffb9475 is located at offset 37 in frame <main> of T0's stack:
This frame has 2 object(s):
[32, 36) 'a1'
[96, 100) 'a2'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x3fff728e: 4
0x3fff728c: f1 f1 04 f4
More shadow bytes:
0x3fff727c: 00 00 00 00
0x3fff7280: 00 00 00 00
0x3fff7284: 00 00 00 00
0x3fff7288: 00 00 f1 f1
=>0x3fff728c: f1 f1 04 f4
0x3fff7290: f4 f4 f2 f2
0x3fff7294: f2 f2 04 f4
0x3fff7298: f4 f4 f3 f3
0x3fff729c: f3 f3 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==3475== ABORTING
, should match ERROR: AddressSanitizer stack-buffer-overflow.*(
|
) #0 0x[0-9a-f]+ (in _*(interceptor_|)memcmp |[(])[^
]*(
|
) #1 0x[0-9a-f]+ (in _*main|[(])[^
]*(
|
)
FAIL: c-c++-common/asan/memcmp-1.c -Os output pattern test, is
=================================================================
==3572== ERROR: AddressSanitizer stack-buffer-overflow on address 0xff9adc55 at
pc 0xf5b26798 bp 0xff9adc20 sp 0xff9adbc0
READ of size 1 at 0xff9adc55 thread T0
#0 0xf5b26797 in __interceptor_memcmp
/export/gnu/import/git/gcc/libsanitizer/asan/asan_interceptors.cc:218
(discriminator 1)
Address 0xff9adc55 is located at offset 37 in frame <main> of T0's stack:
This frame has 2 object(s):
[32, 36) 'a1'
[96, 100) 'a2'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x3ff35b8a: 4
0x3ff35b88: f1 f1 04 f4
More shadow bytes:
0x3ff35b78: 00 00 00 00
0x3ff35b7c: 00 00 00 00
0x3ff35b80: 00 00 00 00
0x3ff35b84: 00 00 f1 f1
=>0x3ff35b88: f1 f1 04 f4
0x3ff35b8c: f4 f4 f2 f2
0x3ff35b90: f2 f2 04 f4
0x3ff35b94: f4 f4 f3 f3
0x3ff35b98: f3 f3 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==3572== ABORTING
, should match ERROR: AddressSanitizer stack-buffer-overflow.*(
|
) #0 0x[0-9a-f]+ (in _*(interceptor_|)memcmp |[(])[^
]*(
|
) #1 0x[0-9a-f]+ (in _*main|[(])[^
]*(
|
)
FAIL: c-c++-common/asan/memcmp-1.c -O2 -flto -fno-use-linker-plugin
-flto-partition=none output pattern test, is
=================================================================
==3824== ERROR: AddressSanitizer stack-buffer-overflow on address 0xff802b65 at
pc 0xf5b8b798 bp 0xff802b30 sp 0xff802ad0
READ of size 1 at 0xff802b65 thread T0
#0 0xf5b8b797 in __interceptor_memcmp
/export/gnu/import/git/gcc/libsanitizer/asan/asan_interceptors.cc:218
(discriminator 1)
Address 0xff802b65 is located at offset 37 in frame <main> of T0's stack:
This frame has 2 object(s):
[32, 36) 'a1'
[96, 100) 'a2'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x3ff0056c: 4
0x3ff0056c: 04 f4 f4 f4
More shadow bytes:
0x3ff0055c: 00 00 00 00
0x3ff00560: 00 00 00 00
0x3ff00564: 00 00 00 00
0x3ff00568: f1 f1 f1 f1
=>0x3ff0056c: 04 f4 f4 f4
0x3ff00570: f2 f2 f2 f2
0x3ff00574: 04 f4 f4 f4
0x3ff00578: f3 f3 f3 f3
0x3ff0057c: 00 00 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==3824== ABORTING
, should match ERROR: AddressSanitizer stack-buffer-overflow.*(
|
) #0 0x[0-9a-f]+ (in _*(interceptor_|)memcmp |[(])[^
]*(
|
) #1 0x[0-9a-f]+ (in _*main|[(])[^
]*(
|
)
FAIL: c-c++-common/asan/memcmp-1.c -O2 -flto -fuse-linker-plugin
-fno-fat-lto-objects output pattern test, is
=================================================================
==3947== ERROR: AddressSanitizer stack-buffer-overflow on address 0xffdb2fb5 at
pc 0xf5b7e798 bp 0xffdb2f80 sp 0xffdb2f20
READ of size 1 at 0xffdb2fb5 thread T0
#0 0xf5b7e797 in __interceptor_memcmp
/export/gnu/import/git/gcc/libsanitizer/asan/asan_interceptors.cc:218
(discriminator 1)
Address 0xffdb2fb5 is located at offset 37 in frame <main> of T0's stack:
This frame has 2 object(s):
[32, 36) 'a1'
[96, 100) 'a2'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x3ffb65f6: 4
0x3ffb65f4: f1 f1 04 f4
More shadow bytes:
0x3ffb65e4: 00 00 00 00
0x3ffb65e8: 00 00 00 00
0x3ffb65ec: 00 00 00 00
0x3ffb65f0: 00 00 f1 f1
=>0x3ffb65f4: f1 f1 04 f4
0x3ffb65f8: f4 f4 f2 f2
0x3ffb65fc: f2 f2 04 f4
0x3ffb6600: f4 f4 f3 f3
0x3ffb6604: f3 f3 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==3947== ABORTING
, should match ERROR: AddressSanitizer stack-buffer-overflow.*(
|
) #0 0x[0-9a-f]+ (in _*(interceptor_|)memcmp |[(])[^
]*(
|
) #1 0x[0-9a-f]+ (in _*main|[(])[^
]*(
|
)
=== gcc Summary ===
# of expected passes 16
# of unexpected failures 8
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug other/55333] [x32] StackTrace::FastUnwindStack wrong x32
2012-11-15 1:54 [Bug other/55333] New: [x32] 8 asan test failures hjl.tools at gmail dot com
@ 2012-11-15 3:38 ` hjl.tools at gmail dot com
2012-11-16 12:02 ` [Bug other/55333] libsanitizer " hjl at gcc dot gnu.org
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: hjl.tools at gmail dot com @ 2012-11-15 3:38 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55333
H.J. Lu <hjl.tools at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|[x32] 8 asan test failures |[x32]
| |StackTrace::FastUnwindStack
| |wrong x32
--- Comment #1 from H.J. Lu <hjl.tools at gmail dot com> 2012-11-15 03:38:05 UTC ---
For x32, hardware frame pointer size is 64-bit, not 32-bit.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug other/55333] libsanitizer StackTrace::FastUnwindStack wrong x32
2012-11-15 1:54 [Bug other/55333] New: [x32] 8 asan test failures hjl.tools at gmail dot com
2012-11-15 3:38 ` [Bug other/55333] [x32] StackTrace::FastUnwindStack wrong x32 hjl.tools at gmail dot com
@ 2012-11-16 12:02 ` hjl at gcc dot gnu.org
2012-11-16 12:03 ` hjl.tools at gmail dot com
2012-11-19 14:00 ` konstantin.s.serebryany at gmail dot com
3 siblings, 0 replies; 5+ messages in thread
From: hjl at gcc dot gnu.org @ 2012-11-16 12:02 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55333
--- Comment #2 from hjl at gcc dot gnu.org <hjl at gcc dot gnu.org> 2012-11-16 12:02:33 UTC ---
Author: hjl
Date: Fri Nov 16 12:02:29 2012
New Revision: 193557
URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=193557
Log:
Define/use hardware pointer type for stack unwind
PR other/55333
* include/sanitizer/common_interface_defs.h (uhwptr): New type
for hardware pointer.
* sanitizer_common/sanitizer_stacktrace.cc (StackTrace::FastUnwindStack):
Replace uptr with uhwptr for stack unwind.
Modified:
trunk/libsanitizer/ChangeLog
trunk/libsanitizer/include/sanitizer/common_interface_defs.h
trunk/libsanitizer/sanitizer_common/sanitizer_stacktrace.cc
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug other/55333] libsanitizer StackTrace::FastUnwindStack wrong x32
2012-11-15 1:54 [Bug other/55333] New: [x32] 8 asan test failures hjl.tools at gmail dot com
2012-11-15 3:38 ` [Bug other/55333] [x32] StackTrace::FastUnwindStack wrong x32 hjl.tools at gmail dot com
2012-11-16 12:02 ` [Bug other/55333] libsanitizer " hjl at gcc dot gnu.org
@ 2012-11-16 12:03 ` hjl.tools at gmail dot com
2012-11-19 14:00 ` konstantin.s.serebryany at gmail dot com
3 siblings, 0 replies; 5+ messages in thread
From: hjl.tools at gmail dot com @ 2012-11-16 12:03 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55333
H.J. Lu <hjl.tools at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution| |FIXED
Target Milestone|--- |4.8.0
--- Comment #3 from H.J. Lu <hjl.tools at gmail dot com> 2012-11-16 12:03:16 UTC ---
Fixed.
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug other/55333] libsanitizer StackTrace::FastUnwindStack wrong x32
2012-11-15 1:54 [Bug other/55333] New: [x32] 8 asan test failures hjl.tools at gmail dot com
` (2 preceding siblings ...)
2012-11-16 12:03 ` hjl.tools at gmail dot com
@ 2012-11-19 14:00 ` konstantin.s.serebryany at gmail dot com
3 siblings, 0 replies; 5+ messages in thread
From: konstantin.s.serebryany at gmail dot com @ 2012-11-19 14:00 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55333
Konstantin Serebryany <konstantin.s.serebryany at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |konstantin.s.serebryany at
| |gmail dot com
--- Comment #4 from Konstantin Serebryany <konstantin.s.serebryany at gmail dot com> 2012-11-19 13:59:31 UTC ---
upstream: http://llvm.org/viewvc/llvm-project?rev=168306&view=rev
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2012-11-19 14:00 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-11-15 1:54 [Bug other/55333] New: [x32] 8 asan test failures hjl.tools at gmail dot com
2012-11-15 3:38 ` [Bug other/55333] [x32] StackTrace::FastUnwindStack wrong x32 hjl.tools at gmail dot com
2012-11-16 12:02 ` [Bug other/55333] libsanitizer " hjl at gcc dot gnu.org
2012-11-16 12:03 ` hjl.tools at gmail dot com
2012-11-19 14:00 ` konstantin.s.serebryany at gmail dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).