public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug sanitizer/55502] New: gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address
@ 2012-11-28 0:33 howarth at nitro dot med.uc.edu
2012-11-28 0:36 ` [Bug sanitizer/55502] " howarth at nitro dot med.uc.edu
` (9 more replies)
0 siblings, 10 replies; 11+ messages in thread
From: howarth at nitro dot med.uc.edu @ 2012-11-28 0:33 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55502
Bug #: 55502
Summary: gcc.c-torture/execute/builtins/memcpy-chk.c execution
failures with -fsanitize=address
Classification: Unclassified
Product: gcc
Version: 4.8.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
AssignedTo: unassigned@gcc.gnu.org
ReportedBy: howarth@nitro.med.uc.edu
CC: dodji@gcc.gnu.org, dvyukov@gcc.gnu.org,
jakub@gcc.gnu.org, kcc@gcc.gnu.org
Using...
make -k check-gcc RUNTESTFLAGS="--target_board=unix'{-fsanitize=address}'"
on x86_64-apple-darwin12 produces execution failures in...
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -O1
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -O2
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -O3
-fomit-frame-pointer
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -O3
-fomit-frame-pointer -funroll-loops
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -O3
-fomit-frame-pointer -funroll-all-loops -finline-functions
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -O3 -g
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -Os
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -Og -g
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -O2 -flto
-flto-partition=none
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -O2 -flto
which are of the form...
Executing on host: /sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/xgcc
-B/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/memcpy-chk.c
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/memcpy-chk-lib.c
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/lib/main.c
-fno-diagnostics-show-caret -w -O1 -fno-tree-loop-distribute-patterns -lm
-fsanitize=address -o
/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/testsuite/gcc/memcpy-chk.x1
(timeout = 300)
PASS: gcc.c-torture/execute/builtins/memcpy-chk.c compilation, -O1
Setting LD_LIBRARY_PATH to
:/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc::/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc
=================================================================
==66781== ERROR: AddressSanitizer: stack-buffer-overflow on address
0x7fff53c70a44 at pc 0x10bf90e84 bp 0x7fff53c709f0 sp 0x7fff53c709e8
WRITE of size 1 at 0x7fff53c70a44 thread T0
#0 0x10bf90e83
(/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/testsuite/gcc/memcpy-chk.x1+0x100004e83)
#1 0x0
Address 0x7fff53c70a44 is located at offset 52 in frame <test4> of T0's stack:
This frame has 1 object(s):
[32, 52) 'buf3'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism or swapcontext
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x1fffea78e148: 4
0x1fffea78e148: 04 f4 f3 f3 f3 f3 00 00
More shadow bytes:
0x1fffea78e128: 00 00 00 00 00 00 00 00
0x1fffea78e130: 00 00 00 00 00 00 00 00
0x1fffea78e138: 00 00 00 00 00 00 00 00
0x1fffea78e140: 00 00 f1 f1 f1 f1 00 00
=>0x1fffea78e148: 04 f4 f3 f3 f3 f3 00 00
0x1fffea78e150: 00 00 00 00 00 00 00 00
0x1fffea78e158: 00 00 00 00 00 00 00 00
0x1fffea78e160: 00 00 00 00 00 00 00 00
0x1fffea78e168: 00 00 00 00 00 00 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==66781== ABORTING
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -O1
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug sanitizer/55502] gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address
2012-11-28 0:33 [Bug sanitizer/55502] New: gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address howarth at nitro dot med.uc.edu
@ 2012-11-28 0:36 ` howarth at nitro dot med.uc.edu
2012-11-28 0:51 ` howarth at nitro dot med.uc.edu
` (8 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: howarth at nitro dot med.uc.edu @ 2012-11-28 0:36 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55502
--- Comment #1 from Jack Howarth <howarth at nitro dot med.uc.edu> 2012-11-28 00:35:52 UTC ---
Created attachment 28803
--> http://gcc.gnu.org/bugzilla/attachment.cgi?id=28803
assembly file for gcc.c-torture/execute/builtins/memcpy-chk.c -O1
-fsanitize=address
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug sanitizer/55502] gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address
2012-11-28 0:33 [Bug sanitizer/55502] New: gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address howarth at nitro dot med.uc.edu
2012-11-28 0:36 ` [Bug sanitizer/55502] " howarth at nitro dot med.uc.edu
@ 2012-11-28 0:51 ` howarth at nitro dot med.uc.edu
2012-11-28 0:54 ` howarth at nitro dot med.uc.edu
` (7 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: howarth at nitro dot med.uc.edu @ 2012-11-28 0:51 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55502
--- Comment #2 from Jack Howarth <howarth at nitro dot med.uc.edu> 2012-11-28 00:51:22 UTC ---
Similar failures are seen for....
FAIL: gcc.c-torture/execute/builtins/memmove-chk.c execution, -O1
FAIL: gcc.c-torture/execute/builtins/memmove-chk.c execution, -O2
FAIL: gcc.c-torture/execute/builtins/memmove-chk.c execution, -O3
-fomit-frame-pointer
FAIL: gcc.c-torture/execute/builtins/memmove-chk.c execution, -O3
-fomit-frame-pointer -funroll-loops
FAIL: gcc.c-torture/execute/builtins/memmove-chk.c execution, -O3
-fomit-frame-pointer -funroll-all-loops -finline-functions
FAIL: gcc.c-torture/execute/builtins/memmove-chk.c execution, -O3 -g
FAIL: gcc.c-torture/execute/builtins/memmove-chk.c execution, -Os
FAIL: gcc.c-torture/execute/builtins/memmove-chk.c execution, -Og -g
FAIL: gcc.c-torture/execute/builtins/memmove-chk.c execution, -O2 -flto
-flto-partition=none
FAIL: gcc.c-torture/execute/builtins/memmove-chk.c execution, -O2 -flto
which appears of the form...
Executing on host: /sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/xgcc
-B/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/memmove-chk.c
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/memmove-chk-lib.c
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/lib/main.c
-fno-diagnostics-show-caret -w -O1 -fno-tree-loop-distribute-patterns -lm
-fsanitize=address -o
/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/testsuite/gcc/memmove-chk.x1
(timeout = 300)
PASS: gcc.c-torture/execute/builtins/memmove-chk.c compilation, -O1
Setting LD_LIBRARY_PATH to
:/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc::/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc
=================================================================
==67260== ERROR: AddressSanitizer: stack-buffer-overflow on address
0x7fff5268aa34 at pc 0x10d577acb bp 0x7fff5268a9e0 sp 0x7fff5268a9d8
WRITE of size 1 at 0x7fff5268aa34 thread T0
#0 0x10d577aca
(/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/testsuite/gcc/memmove-chk.x1+0x100005aca)
#1 0x0
Address 0x7fff5268aa34 is located at offset 52 in frame <test5> of T0's stack:
This frame has 1 object(s):
[32, 52) 'buf3'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism or swapcontext
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x1fffea4d1546: 4
0x1fffea4d1540: f1 f1 f1 f1 00 00 04 f4
More shadow bytes:
0x1fffea4d1520: 00 00 00 00 00 00 00 00
0x1fffea4d1528: 00 00 00 00 00 00 00 00
0x1fffea4d1530: 00 00 00 00 00 00 00 00
0x1fffea4d1538: 00 00 00 00 00 00 00 00
=>0x1fffea4d1540: f1 f1 f1 f1 00 00 04 f4
0x1fffea4d1548: f3 f3 f3 f3 00 00 00 00
0x1fffea4d1550: 00 00 00 00 00 00 00 00
0x1fffea4d1558: 00 00 00 00 00 00 00 00
0x1fffea4d1560: 00 00 00 00 00 00 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==67260== ABORTING
FAIL: gcc.c-torture/execute/builtins/memmove-chk.c execution, -O1
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug sanitizer/55502] gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address
2012-11-28 0:33 [Bug sanitizer/55502] New: gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address howarth at nitro dot med.uc.edu
2012-11-28 0:36 ` [Bug sanitizer/55502] " howarth at nitro dot med.uc.edu
2012-11-28 0:51 ` howarth at nitro dot med.uc.edu
@ 2012-11-28 0:54 ` howarth at nitro dot med.uc.edu
2012-11-28 0:58 ` howarth at nitro dot med.uc.edu
` (6 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: howarth at nitro dot med.uc.edu @ 2012-11-28 0:54 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55502
--- Comment #3 from Jack Howarth <howarth at nitro dot med.uc.edu> 2012-11-28 00:54:19 UTC ---
Created attachment 28804
--> http://gcc.gnu.org/bugzilla/attachment.cgi?id=28804
assembly file for gcc.c-torture/execute/builtins/memmove-chk.c -O1
-fsanitize=address
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug sanitizer/55502] gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address
2012-11-28 0:33 [Bug sanitizer/55502] New: gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address howarth at nitro dot med.uc.edu
` (2 preceding siblings ...)
2012-11-28 0:54 ` howarth at nitro dot med.uc.edu
@ 2012-11-28 0:58 ` howarth at nitro dot med.uc.edu
2012-11-28 1:00 ` howarth at nitro dot med.uc.edu
` (5 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: howarth at nitro dot med.uc.edu @ 2012-11-28 0:58 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55502
--- Comment #4 from Jack Howarth <howarth at nitro dot med.uc.edu> 2012-11-28 00:58:03 UTC ---
Similar failures are seen for....
FAIL: gcc.c-torture/execute/builtins/mempcpy-chk.c execution, -O1
FAIL: gcc.c-torture/execute/builtins/mempcpy-chk.c execution, -O2
FAIL: gcc.c-torture/execute/builtins/mempcpy-chk.c execution, -O3
-fomit-frame-pointer
FAIL: gcc.c-torture/execute/builtins/mempcpy-chk.c execution, -O3
-fomit-frame-pointer -funroll-loops
FAIL: gcc.c-torture/execute/builtins/mempcpy-chk.c execution, -O3
-fomit-frame-pointer -funroll-all-loops -finline-functions
FAIL: gcc.c-torture/execute/builtins/mempcpy-chk.c execution, -O3 -g
FAIL: gcc.c-torture/execute/builtins/mempcpy-chk.c execution, -Os
FAIL: gcc.c-torture/execute/builtins/mempcpy-chk.c execution, -Og -g
FAIL: gcc.c-torture/execute/builtins/mempcpy-chk.c execution, -O2 -flto
-flto-partition=none
FAIL: gcc.c-torture/execute/builtins/mempcpy-chk.c execution, -O2 -flto
which appears of the form...
Executing on host: /sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/xgcc
-B/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/mempcpy-chk.c
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/mempcpy-chk-lib.c
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/lib/main.c
-fno-diagnostics-show-caret -w -O0 -fno-tree-loop-distribute-patterns -lm
-fsanitize=address -o
/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/testsuite/gcc/mempcpy-chk.x0
(timeout = 300)
PASS: gcc.c-torture/execute/builtins/mempcpy-chk.c compilation, -O0
Setting LD_LIBRARY_PATH to
:/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc::/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc
PASS: gcc.c-torture/execute/builtins/mempcpy-chk.c execution, -O0
Executing on host: /sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/xgcc
-B/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/mempcpy-chk.c
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/mempcpy-chk-lib.c
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/lib/main.c
-fno-diagnostics-show-caret -w -O1 -fno-tree-loop-distribute-patterns -lm
-fsanitize=address -o
/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/testsuite/gcc/mempcpy-chk.x1
(timeout = 300)
PASS: gcc.c-torture/execute/builtins/mempcpy-chk.c compilation, -O1
Setting LD_LIBRARY_PATH to
:/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc::/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc
=================================================================
==68188== ERROR: AddressSanitizer: stack-buffer-overflow on address
0x7fff5f518a34 at pc 0x1006e9a09 bp 0x7fff5f5189e0 sp 0x7fff5f5189d8
WRITE of size 1 at 0x7fff5f518a34 thread T0
#0 0x1006e9a08
(/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/testsuite/gcc/mempcpy-chk.x1+0x100005a08)
#1 0x0
Address 0x7fff5f518a34 is located at offset 52 in frame <test4> of T0's stack:
This frame has 1 object(s):
[32, 52) 'buf3'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism or swapcontext
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x1fffebea3146: 4
0x1fffebea3140: f1 f1 f1 f1 00 00 04 f4
More shadow bytes:
0x1fffebea3120: 00 00 00 00 00 00 00 00
0x1fffebea3128: 00 00 00 00 00 00 00 00
0x1fffebea3130: 00 00 00 00 00 00 00 00
0x1fffebea3138: 00 00 00 00 00 00 00 00
=>0x1fffebea3140: f1 f1 f1 f1 00 00 04 f4
0x1fffebea3148: f3 f3 f3 f3 00 00 00 00
0x1fffebea3150: 00 00 00 00 00 00 00 00
0x1fffebea3158: 00 00 00 00 00 00 00 00
0x1fffebea3160: 00 00 00 00 00 00 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==68188== ABORTING
FAIL: gcc.c-torture/execute/builtins/mempcpy-chk.c execution, -O1
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug sanitizer/55502] gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address
2012-11-28 0:33 [Bug sanitizer/55502] New: gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address howarth at nitro dot med.uc.edu
` (3 preceding siblings ...)
2012-11-28 0:58 ` howarth at nitro dot med.uc.edu
@ 2012-11-28 1:00 ` howarth at nitro dot med.uc.edu
2012-11-28 1:04 ` howarth at nitro dot med.uc.edu
` (4 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: howarth at nitro dot med.uc.edu @ 2012-11-28 1:00 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55502
--- Comment #5 from Jack Howarth <howarth at nitro dot med.uc.edu> 2012-11-28 00:59:45 UTC ---
Created attachment 28805
--> http://gcc.gnu.org/bugzilla/attachment.cgi?id=28805
assembly file for gcc.c-torture/execute/builtins/mempcpy-chk.c -O1
-fsanitize=address
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug sanitizer/55502] gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address
2012-11-28 0:33 [Bug sanitizer/55502] New: gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address howarth at nitro dot med.uc.edu
` (4 preceding siblings ...)
2012-11-28 1:00 ` howarth at nitro dot med.uc.edu
@ 2012-11-28 1:04 ` howarth at nitro dot med.uc.edu
2012-11-28 1:05 ` howarth at nitro dot med.uc.edu
` (3 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: howarth at nitro dot med.uc.edu @ 2012-11-28 1:04 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55502
--- Comment #6 from Jack Howarth <howarth at nitro dot med.uc.edu> 2012-11-28 01:03:55 UTC ---
Similar failures are seen for....
FAIL: gcc.c-torture/execute/builtins/memset-chk.c execution, -O1
FAIL: gcc.c-torture/execute/builtins/memset-chk.c execution, -O2
FAIL: gcc.c-torture/execute/builtins/memset-chk.c execution, -O3
-fomit-frame-pointer
FAIL: gcc.c-torture/execute/builtins/memset-chk.c execution, -O3
-fomit-frame-pointer -funroll-loops
FAIL: gcc.c-torture/execute/builtins/memset-chk.c execution, -O3
-fomit-frame-pointer -funroll-all-loops -finline-functions
FAIL: gcc.c-torture/execute/builtins/memset-chk.c execution, -O3 -g
FAIL: gcc.c-torture/execute/builtins/memset-chk.c execution, -Os
FAIL: gcc.c-torture/execute/builtins/memset-chk.c execution, -Og -g
FAIL: gcc.c-torture/execute/builtins/memset-chk.c execution, -O2 -flto
-flto-partition=none
FAIL: gcc.c-torture/execute/builtins/memset-chk.c execution, -O2 -flto
which appears of the form...
Executing on host: /sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/xgcc
-B/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/memset-chk.c
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/memset-chk-lib.c
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/lib/main.c
-fno-diagnostics-show-caret -w -O1 -fno-tree-loop-distribute-patterns -lm
-fsanitize=address -o
/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/testsuite/gcc/memset-chk.x1
(timeout = 300)
PASS: gcc.c-torture/execute/builtins/memset-chk.c compilation, -O1
Setting LD_LIBRARY_PATH to
:/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc::/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc
=================================================================
==68667== ERROR: AddressSanitizer: stack-buffer-overflow on address
0x7fff575a2a44 at pc 0x10865c517 bp 0x7fff575a29f0 sp 0x7fff575a29e8
WRITE of size 1 at 0x7fff575a2a44 thread T0
#0 0x10865c516
(/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/testsuite/gcc/memset-chk.x1+0x100002516)
#1 0x0
Address 0x7fff575a2a44 is located at offset 52 in frame <test3> of T0's stack:
This frame has 1 object(s):
[32, 52) 'buf3'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism or swapcontext
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x1fffeaeb4548: 4
0x1fffeaeb4548: 04 f4 f3 f3 f3 f3 00 00
More shadow bytes:
0x1fffeaeb4528: 00 00 00 00 00 00 00 00
0x1fffeaeb4530: 00 00 00 00 00 00 00 00
0x1fffeaeb4538: 00 00 00 00 00 00 00 00
0x1fffeaeb4540: 00 00 f1 f1 f1 f1 00 00
=>0x1fffeaeb4548: 04 f4 f3 f3 f3 f3 00 00
0x1fffeaeb4550: 00 00 00 00 00 00 00 00
0x1fffeaeb4558: 00 00 00 00 00 00 00 00
0x1fffeaeb4560: 00 00 00 00 00 00 00 00
0x1fffeaeb4568: 00 00 00 00 00 00 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==68667== ABORTING
FAIL: gcc.c-torture/execute/builtins/memset-chk.c execution, -O1
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug sanitizer/55502] gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address
2012-11-28 0:33 [Bug sanitizer/55502] New: gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address howarth at nitro dot med.uc.edu
` (5 preceding siblings ...)
2012-11-28 1:04 ` howarth at nitro dot med.uc.edu
@ 2012-11-28 1:05 ` howarth at nitro dot med.uc.edu
2012-11-28 1:08 ` howarth at nitro dot med.uc.edu
` (2 subsequent siblings)
9 siblings, 0 replies; 11+ messages in thread
From: howarth at nitro dot med.uc.edu @ 2012-11-28 1:05 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55502
--- Comment #7 from Jack Howarth <howarth at nitro dot med.uc.edu> 2012-11-28 01:05:22 UTC ---
Created attachment 28806
--> http://gcc.gnu.org/bugzilla/attachment.cgi?id=28806
assembly file for gcc.c-torture/execute/builtins/memset-chk.c -O1
-fsanitize=address
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug sanitizer/55502] gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address
2012-11-28 0:33 [Bug sanitizer/55502] New: gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address howarth at nitro dot med.uc.edu
` (6 preceding siblings ...)
2012-11-28 1:05 ` howarth at nitro dot med.uc.edu
@ 2012-11-28 1:08 ` howarth at nitro dot med.uc.edu
2012-11-28 1:10 ` howarth at nitro dot med.uc.edu
2012-11-28 8:11 ` jakub at gcc dot gnu.org
9 siblings, 0 replies; 11+ messages in thread
From: howarth at nitro dot med.uc.edu @ 2012-11-28 1:08 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55502
--- Comment #8 from Jack Howarth <howarth at nitro dot med.uc.edu> 2012-11-28 01:08:34 UTC ---
Similar failures are seen for....
FAIL: gcc.c-torture/execute/builtins/strcpy-chk.c execution, -O2
FAIL: gcc.c-torture/execute/builtins/strcpy-chk.c execution, -O3
-fomit-frame-pointer
FAIL: gcc.c-torture/execute/builtins/strcpy-chk.c execution, -O3
-fomit-frame-pointer -funroll-loops
FAIL: gcc.c-torture/execute/builtins/strcpy-chk.c execution, -O3
-fomit-frame-pointer -funroll-all-loops -finline-functions
FAIL: gcc.c-torture/execute/builtins/strcpy-chk.c execution, -O3 -g
FAIL: gcc.c-torture/execute/builtins/strcpy-chk.c execution, -O2 -flto
-flto-partition=none
FAIL: gcc.c-torture/execute/builtins/strcpy-chk.c execution, -O2 -flto
which appears of the form...
Executing on host: /sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/xgcc
-B/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/strcpy-chk.c
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/strcpy-chk-lib.c
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/lib/main.c
-fno-diagnostics-show-caret -w -O2 -fno-tree-loop-distribute-patterns -lm
-fsanitize=address -o
/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/testsuite/gcc/strcpy-chk.x2
(timeout = 300)
PASS: gcc.c-torture/execute/builtins/strcpy-chk.c compilation, -O2
Setting LD_LIBRARY_PATH to
:/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc::/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc
=================================================================
==72385== ERROR: AddressSanitizer: stack-buffer-overflow on address
0x7fff54bbea54 at pc 0x10b040cd0 bp 0x7fff54bbe9f0 sp 0x7fff54bbe9e8
WRITE of size 1 at 0x7fff54bbea54 thread T0
#0 0x10b040ccf
(/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/testsuite/gcc/strcpy-chk.x2+0x100002ccf)
#1 0x10b045bc7
(/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/testsuite/gcc/strcpy-chk.x2+0x100007bc7)
Address 0x7fff54bbea54 is located at offset 52 in frame <test4> of T0's stack:
This frame has 1 object(s):
[32, 52) 'buf3'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism or swapcontext
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x1fffea977d4a: 4
0x1fffea977d48: 00 00 04 f4 f3 f3 f3 f3
More shadow bytes:
0x1fffea977d28: 00 00 00 00 00 00 00 00
0x1fffea977d30: 00 00 00 00 00 00 00 00
0x1fffea977d38: 00 00 00 00 00 00 00 00
0x1fffea977d40: 00 00 00 00 f1 f1 f1 f1
=>0x1fffea977d48: 00 00 04 f4 f3 f3 f3 f3
0x1fffea977d50: 00 00 00 00 00 00 00 00
0x1fffea977d58: 00 00 00 00 00 00 00 00
0x1fffea977d60: 00 00 00 00 00 00 00 00
0x1fffea977d68: 00 00 00 00 00 00 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==72385== ABORTING
FAIL: gcc.c-torture/execute/builtins/strcpy-chk.c execution, -O2
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug sanitizer/55502] gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address
2012-11-28 0:33 [Bug sanitizer/55502] New: gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address howarth at nitro dot med.uc.edu
` (7 preceding siblings ...)
2012-11-28 1:08 ` howarth at nitro dot med.uc.edu
@ 2012-11-28 1:10 ` howarth at nitro dot med.uc.edu
2012-11-28 8:11 ` jakub at gcc dot gnu.org
9 siblings, 0 replies; 11+ messages in thread
From: howarth at nitro dot med.uc.edu @ 2012-11-28 1:10 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55502
--- Comment #9 from Jack Howarth <howarth at nitro dot med.uc.edu> 2012-11-28 01:10:42 UTC ---
Created attachment 28807
--> http://gcc.gnu.org/bugzilla/attachment.cgi?id=28807
assembly file for gcc.c-torture/execute/builtins/strcpy-chk.c -O2
-fsanitize=address
^ permalink raw reply [flat|nested] 11+ messages in thread
* [Bug sanitizer/55502] gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address
2012-11-28 0:33 [Bug sanitizer/55502] New: gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address howarth at nitro dot med.uc.edu
` (8 preceding siblings ...)
2012-11-28 1:10 ` howarth at nitro dot med.uc.edu
@ 2012-11-28 8:11 ` jakub at gcc dot gnu.org
9 siblings, 0 replies; 11+ messages in thread
From: jakub at gcc dot gnu.org @ 2012-11-28 8:11 UTC (permalink / raw)
To: gcc-bugs
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55502
Jakub Jelinek <jakub at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
Resolution| |DUPLICATE
Target Milestone|--- |4.8.0
--- Comment #10 from Jakub Jelinek <jakub at gcc dot gnu.org> 2012-11-28 08:11:16 UTC ---
No need to attach hundreds of outputs. All this is because asan doesn't
support __builtin_longjmp right now, which these tests use (see
testsuite/gcc.c-torture/execute/builtins/lib/chk.c).
*** This bug has been marked as a duplicate of bug 55485 ***
^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2012-11-28 8:11 UTC | newest]
Thread overview: 11+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-11-28 0:33 [Bug sanitizer/55502] New: gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address howarth at nitro dot med.uc.edu
2012-11-28 0:36 ` [Bug sanitizer/55502] " howarth at nitro dot med.uc.edu
2012-11-28 0:51 ` howarth at nitro dot med.uc.edu
2012-11-28 0:54 ` howarth at nitro dot med.uc.edu
2012-11-28 0:58 ` howarth at nitro dot med.uc.edu
2012-11-28 1:00 ` howarth at nitro dot med.uc.edu
2012-11-28 1:04 ` howarth at nitro dot med.uc.edu
2012-11-28 1:05 ` howarth at nitro dot med.uc.edu
2012-11-28 1:08 ` howarth at nitro dot med.uc.edu
2012-11-28 1:10 ` howarth at nitro dot med.uc.edu
2012-11-28 8:11 ` jakub at gcc dot gnu.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).