Bug 61530 - [4.10 Regression] segfault with asan
Summary: [4.10 Regression] segfault with asan
Status: RESOLVED FIXED
Alias: None
Product: gcc
Classification: Unclassified
Component: sanitizer (show other bugs)
Version: 5.0
: P3 normal
Target Milestone: 5.0
Assignee: Not yet assigned to anyone
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-06-17 05:52 UTC by Joost VandeVondele
Modified: 2014-10-16 13:47 UTC (History)
5 users (show)

See Also:
Host:
Target:
Build:
Known to work:
Known to fail:
Last reconfirmed: 2014-06-17 00:00:00


Attachments
Proposed patch (691 bytes, patch)
2014-06-17 09:55 UTC, Yury Gribov
Details | Diff
Alternative patch (627 bytes, patch)
2014-06-18 10:13 UTC, Yury Gribov
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Joost VandeVondele 2014-06-17 05:52:24 UTC
Current trunk started failing in the day between good: r211692 bad: r211720


> gfortran -c -fsanitize=address bug.f90 
bug.f90: In function ‘mainlb’:
bug.f90:3:0: internal compiler error: Segmentation fault
   SUBROUTINE mainlb(n, m, x, l, u, nbd, f, g, factr, pgtol, ws, wy, &
 ^
0xa5ba8f crash_signal
	../../gcc/gcc/toplev.c:337
0xa6f206 contains_struct_check
	../../gcc/gcc/tree.h:2835
0xa6f206 build_check_stmt
	../../gcc/gcc/asan.c:1824
0xa74dbb instrument_mem_region_access
	../../gcc/gcc/asan.c:1984
0xa759a1 instrument_builtin_call
	../../gcc/gcc/asan.c:2105
0xa759a1 maybe_instrument_call
	../../gcc/gcc/asan.c:2178
0xa759a1 transform_statements
	../../gcc/gcc/asan.c:2245
0xa7663c asan_instrument
	../../gcc/gcc/asan.c:2625
0xa7663c execute
	../../gcc/gcc/asan.c:2700
Please submit a full bug report,

> cat bug.f90 
MODULE cp_lbfgs
CONTAINS
  SUBROUTINE mainlb(n, m, x, l, u, nbd, f, g, factr, pgtol, ws, wy, &
       csave, lsave, isave, dsave)
    CHARACTER(len=60)                        :: task
    IF (task == 'START') THEN
       IF (task(1:5) == 'NEW_X') GOTO 777
       IF (task(1:4) == 'STOP') THEN
          IF (task(7:9) == 'CPU') THEN
             CALL dcopy(n,t,1,x,1)
          ENDIF
       ENDIF
    ENDIF
222 CONTINUE
    IF (info /= 0 .OR. iback >= 20) THEN
       IF (col == 0) THEN
          IF (info == 0) THEN
          ENDIF
          task = 'ABNORMAL_TERMINATION_IN_LNSRCH'
          GOTO 222
       ENDIF
    ENDIF
777 CONTINUE
  END SUBROUTINE mainlb
END MODULE cp_lbfgs
Comment 1 Yury Gribov 2014-06-17 07:50:07 UTC
Mine.
Comment 2 Yury Gribov 2014-06-17 09:55:56 UTC
Created attachment 32951 [details]
Proposed patch

This seems to fix the ICE (I haven't yet done complete bootstrap, just Asan tests).
Comment 3 Yury Gribov 2014-06-17 12:53:41 UTC
Bootstrapped and regtested successfully on x64. Let's wait for Jakub's comments.
Comment 4 Jakub Jelinek 2014-06-17 12:56:38 UTC
LGTM, just please use some other function name than error, error is a glibc function and it is unnecessary to override it with something unrelated.
Also, patches should go to gcc-patches...
Comment 5 Yuri Gribov 2014-06-17 16:08:30 UTC
Actually the fix may not handle unaligned addresses properly. I think we should rather stick with start and end bytes for memory regions in builtins. What's your opinion?
Comment 6 Yury Gribov 2014-06-18 10:13:48 UTC
Created attachment 32965 [details]
Alternative patch

Draft patch to illustrate the last proposal. Bootstrap pending.
Comment 7 Maxim Ostapenko 2014-06-20 10:27:30 UTC
Author: chefmax
Date: Fri Jun 20 10:26:55 2014
New Revision: 211846

URL: https://gcc.gnu.org/viewcvs?rev=211846&root=gcc&view=rev
Log:
2014-06-18  Yury Gribov  <y.gribov@samsung.com>

gcc/
	PR sanitizer/61530
	* asan.c (build_check_stmt): Add condition.

gcc/testsuite/
	* c-c++-common/asan/pr61530.c: New test.
	

Added:
    trunk/gcc/testsuite/c-c++-common/asan/pr61530.c
Modified:
    trunk/gcc/ChangeLog
    trunk/gcc/asan.c
    trunk/gcc/testsuite/ChangeLog
Comment 8 Joost VandeVondele 2014-06-23 14:39:31 UTC
This is fixed AFAICT, please reopen if not.
Comment 9 Joost VandeVondele 2014-06-28 09:16:08 UTC
fixed, I meant.
Comment 10 Yury Gribov 2014-10-16 13:47:10 UTC
Author: ygribov
Date: Thu Oct 16 13:46:39 2014
New Revision: 216326

URL: https://gcc.gnu.org/viewcvs?rev=216326&root=gcc&view=rev
Log:
New asan-instrumentation-with-call-threshold
 parameter.

2014-10-16  Yury Gribov  <y.gribov@samsung.com>

	Backport from mainline
	2014-06-16  Yury Gribov  <y.gribov@samsung.com>

	* asan.c (check_func): New function.
	(maybe_create_ssa_name): Likewise.
	(build_check_stmt_with_calls): Likewise.
	(use_calls_p): Likewise.
	(report_error_func): Change interface.
	(build_check_stmt): Allow non-integer lengths; add support
	for new parameter.
	(asan_instrument): Likewise.
	(instrument_mem_region_access): Moved code to
	build_check_stmt.
	(instrument_derefs): Likewise.
	(instrument_strlen_call): Likewise.
	* cfgcleanup.c (old_insns_match_p): Add support for new
	functions.
	* doc/invoke.texi: Describe new parameter.
	* params.def: Define new parameter.
	* params.h: Likewise.
	* sanitizer.def: Describe new builtins.

	* c-c++-common/asan/instrument-with-calls-1.c: New test.
	* c-c++-common/asan/instrument-with-calls-2.c: Likewise.
	* c-c++-common/asan/no-redundant-instrumentation-1.c: Update
	test patterns.
	* c-c++-common/asan/no-redundant-instrumentation-2.c:
	Likewise.
	* c-c++-common/asan/no-redundant-instrumentation-4.c:
	Likewise.
	* c-c++-common/asan/no-redundant-instrumentation-5.c:
	Likewise.
	* c-c++-common/asan/no-redundant-instrumentation-6.c:
	Likewise.
	* c-c++-common/asan/no-redundant-instrumentation-7.c:
	Likewise.
	* c-c++-common/asan/no-redundant-instrumentation-8.c:
	Likewise.

	Backport from mainline
	2014-06-16  Yury Gribov  <y.gribov@samsung.com>

	* asan.c (build_check_stmt): Fix maybe-uninitialized warning.

	Backport from mainline
	2014-06-18  Yury Gribov  <y.gribov@samsung.com>

	PR sanitizer/61530

	* asan.c (build_check_stmt): Add condition.

	* c-c++-common/asan/pr61530.c: New test.

	Backport from mainline
	2014-06-18  Yury Gribov  <y.gribov@samsung.com>

	PR sanitizer/61547

	* asan.c (instrument_strlen_call): Fixed instrumentation of
	trailing byte.

	* c-c++-common/asan/strlen-overflow-1.c: New test.

Added:
    branches/gcc-4_9-branch/gcc/testsuite/c-c++-common/asan/instrument-with-calls-1.c
    branches/gcc-4_9-branch/gcc/testsuite/c-c++-common/asan/instrument-with-calls-2.c
    branches/gcc-4_9-branch/gcc/testsuite/c-c++-common/asan/pr61530.c
    branches/gcc-4_9-branch/gcc/testsuite/c-c++-common/asan/strlen-overflow-1.c
Modified:
    branches/gcc-4_9-branch/gcc/ChangeLog
    branches/gcc-4_9-branch/gcc/asan.c
    branches/gcc-4_9-branch/gcc/cfgcleanup.c
    branches/gcc-4_9-branch/gcc/doc/invoke.texi
    branches/gcc-4_9-branch/gcc/params.def
    branches/gcc-4_9-branch/gcc/params.h
    branches/gcc-4_9-branch/gcc/sanitizer.def
    branches/gcc-4_9-branch/gcc/testsuite/ChangeLog
    branches/gcc-4_9-branch/gcc/testsuite/c-c++-common/asan/no-redundant-instrumentation-1.c
    branches/gcc-4_9-branch/gcc/testsuite/c-c++-common/asan/no-redundant-instrumentation-2.c
    branches/gcc-4_9-branch/gcc/testsuite/c-c++-common/asan/no-redundant-instrumentation-4.c
    branches/gcc-4_9-branch/gcc/testsuite/c-c++-common/asan/no-redundant-instrumentation-5.c
    branches/gcc-4_9-branch/gcc/testsuite/c-c++-common/asan/no-redundant-instrumentation-6.c
    branches/gcc-4_9-branch/gcc/testsuite/c-c++-common/asan/no-redundant-instrumentation-7.c
    branches/gcc-4_9-branch/gcc/testsuite/c-c++-common/asan/no-redundant-instrumentation-8.c