This is the mail archive of the gcc-bugs@gcc.gnu.org mailing list for the GCC project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug lto/79061] [7 Regression][LTO][ASAN] LTO plus ASAN fails with "AddressSanitizer: initialization-order-fiasco"

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79061

--- Comment #24 from Maxim Ostapenko <m.ostapenko at samsung dot com> ---
(In reply to Tobias Burnus from comment #23)
> (In reply to Tobias Burnus from comment #22)
> > As I recently did some incremental builds, I will retry it after a full
> > bootstrap.
> 
> Didn't make a difference - I still see the ASAN run-time fail. I wonder
> what's different between our systems.

Perhaps you use strict_init_order=true option (e.g.
ASAN_OPTIONS=check_initialization_order=true:report_globals=3:strict_init_order=true)? 
max@max:~/test-lto/test-2/test$
ASAN_OPTIONS=check_initialization_order=true:report_globals=3:strict_init_order=true
./a.out 
    #0 0x41d885 in __asan_register_globals
/home/max/workspace/downloads/gcc/libsanitizer/asan/asan_globals.cc:326
    #1 0x58a3b6 in _GLOBAL__sub_I_00099_1_main.4497
(/home/max/test-lto/test-2/test/a.out+0x58a3b6)
    #2 0x58a40c in __libc_csu_init
(/home/max/test-lto/test-2/test/a.out+0x58a40c)
    #3 0x7fb4c6568ed4 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21ed4)
    #4 0x405f38  (/home/max/test-lto/test-2/test/a.out+0x405f38)

=== ID 1015021569; 0x0000007c7f60 0x0000007c8120
==26120==Added Global[0x0000007c7f60]: beg=0x0000005a5960 size=1/64
name=piecewise_construct module=/tmp/ccS8KlYh.ltrans0.o dyn_init=0
==26120==  location (0x0000007c7f20):
name=/home/max/install/master/include/c++/7.0.1/bits/stl_pair.h[0x0000005a5aa0],
79 35
==26120==Added Global[0x0000007c7fa0]: beg=0x00000142cf20 size=1/64
name=__ioinit module=/tmp/ccS8KlYh.ltrans0.o dyn_init=1
==26120==  location (0x0000007c7f30):
name=/home/max/install/master/include/c++/7.0.1/iostream[0x0000005a5ae0], 74 25
==26120==Added Global[0x0000007c7fe0]: beg=0x00000142cfa0 size=16/64
name=xptimer_clean module=xptimer.cc dyn_init=1
==26120==  location (0x0000007c7f40): name=xptiming.cc[0x0000005a59e0], 7 9
==26120==Added Global[0x0000007c8020]: beg=0x00000142cf60 size=16/64
name=xptimer_sweep module=xptimer.cc dyn_init=1
==26120==  location (0x0000007c7f50): name=xptiming.cc[0x0000005a59e0], 6 9
==26120==Added Global[0x0000007c8060]: beg=0x0000005a5a60 size=14/64 name=*.LC3
module=/tmp/ccS8KlYh.ltrans0.o dyn_init=0
==26120==Added Global[0x0000007c80a0]: beg=0x0000005a59e0 size=12/64 name=*.LC1
module=/tmp/ccS8KlYh.ltrans0.o dyn_init=0
==26120==Added Global[0x0000007c80e0]: beg=0x0000005a59a0 size=11/64 name=*.LC0
module=/tmp/ccS8KlYh.ltrans0.o dyn_init=0
==26120==Added Global[0x0000007c8120]: beg=0x0000005a5a20 size=14/64 name=*.LC2
module=/tmp/ccS8KlYh.ltrans0.o dyn_init=0
DynInitPoison module: xptimer.cc
DynInitPoison module: xptiming.cc
=================================================================
==26120==Search Global[0x0000007c8120]: beg=0x0000005a5a20 size=14/64
name=*.LC2 module=/tmp/ccS8KlYh.ltrans0.o dyn_init=0
==26120==Search Global[0x0000007c80e0]: beg=0x0000005a59a0 size=11/64
name=*.LC0 module=/tmp/ccS8KlYh.ltrans0.o dyn_init=0
==26120==Search Global[0x0000007c80a0]: beg=0x0000005a59e0 size=12/64
name=*.LC1 module=/tmp/ccS8KlYh.ltrans0.o dyn_init=0
==26120==Search Global[0x0000007c8060]: beg=0x0000005a5a60 size=14/64
name=*.LC3 module=/tmp/ccS8KlYh.ltrans0.o dyn_init=0
==26120==Search Global[0x0000007c8020]: beg=0x00000142cf60 size=16/64
name=xptimer_sweep module=xptimer.cc dyn_init=1
==26120==  location (0x0000007c7f50): name=xptiming.cc[0x0000005a59e0], 6 9
==26120==Search Global[0x0000007c7fe0]: beg=0x00000142cfa0 size=16/64
name=xptimer_clean module=xptimer.cc dyn_init=1
==26120==  location (0x0000007c7f40): name=xptiming.cc[0x0000005a59e0], 7 9
==26120==Search Global[0x0000007c7fa0]: beg=0x00000142cf20 size=1/64
name=__ioinit module=/tmp/ccS8KlYh.ltrans0.o dyn_init=1
==26120==  location (0x0000007c7f30):
name=/home/max/install/master/include/c++/7.0.1/iostream[0x0000005a5ae0], 74 25
==26120==Search Global[0x0000007c7f60]: beg=0x0000005a5960 size=1/64
name=piecewise_construct module=/tmp/ccS8KlYh.ltrans0.o dyn_init=0
==26120==  location (0x0000007c7f20):
name=/home/max/install/master/include/c++/7.0.1/bits/stl_pair.h[0x0000005a5aa0],
79 35
==26120==ERROR: AddressSanitizer: initialization-order-fiasco on address
0x00000142cf68 at pc 0x00000058a25c bp 0x7ffc44459250 sp 0x7ffc44459230
WRITE of size 1 at 0x00000142cf68 thread T0
    #0 0x58a25b in __base_ctor  /home/max/test-lto/test-2/test/xptimer.cc:12
    #1 0x58a349 in __static_initialization_and_destruction_0
/home/max/test-lto/test-2/test/xptiming.cc:6
    #2 0x58a377 in _GLOBAL__sub_I__ZN6xp_aux13xptimer_sweepE
/home/max/test-lto/test-2/test/xptiming.cc:9
    #3 0x58a40c in __libc_csu_init
(/home/max/test-lto/test-2/test/a.out+0x58a40c)
    #4 0x7fb4c6568ed4 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x21ed4)
    #5 0x405f38  (/home/max/test-lto/test-2/test/a.out+0x405f38)

0x00000142cf68 is located 8 bytes inside of global variable 'xptimer_sweep'
defined in 'xptiming.cc:6:9' (0x142cf60) of size 16
  registered at:
    #0 0x41d62c in __asan_register_globals
/home/max/workspace/downloads/gcc/libsanitizer/asan/asan_globals.cc:317
    #1 0x58a3b6 in _GLOBAL__sub_I_00099_1_main.4497
(/home/max/test-lto/test-2/test/a.out+0x58a3b6)
    #2 0x58a40c in __libc_csu_init
(/home/max/test-lto/test-2/test/a.out+0x58a40c)

0x00000142cf68 is located 56 bytes to the left of global variable
'xptimer_clean' defined in 'xptiming.cc:7:9' (0x142cfa0) of size 16
  registered at:
    #0 0x41d62c in __asan_register_globals
/home/max/workspace/downloads/gcc/libsanitizer/asan/asan_globals.cc:317
    #1 0x58a3b6 in _GLOBAL__sub_I_00099_1_main.4497
(/home/max/test-lto/test-2/test/a.out+0x58a3b6)
    #2 0x58a40c in __libc_csu_init
(/home/max/test-lto/test-2/test/a.out+0x58a40c)

SUMMARY: AddressSanitizer: initialization-order-fiasco
/home/max/test-lto/test-2/test/xptimer.cc:12 in __base_ctor 
Shadow bytes around the buggy address:
  0x00008027d990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x00008027d9a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x00008027d9b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x00008027d9c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x00008027d9d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x00008027d9e0: 00 00 00 00 f6 f6 f6 f6 f6 f6 f6 f6 f6[f6]f6 f6
  0x00008027d9f0: f6 f6 f6 f6 f6 f6 f6 f6 f6 f6 f6 f6 00 00 00 00
  0x00008027da00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x00008027da10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x00008027da20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x00008027da30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==26120==ABORTING
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]