This is the mail archive of the gcc-bugs@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug sanitizer/65285] New: __asan_describe_address crashes when used with global variable


https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65285

            Bug ID: 65285
           Summary: __asan_describe_address crashes when used with global
                    variable
           Product: gcc
           Version: 4.9.2
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: sanitizer
          Assignee: unassigned at gcc dot gnu.org
          Reporter: peter at lekensteyn dot nl
                CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
                    jakub at gcc dot gnu.org, kcc at gcc dot gnu.org

While trying to use __asan_describe_address() on a global variable, it results
in an ASAN check failure. (Originally noticed while using it in gdb.)

cat <<SOURCE | ${CC:-cc} -fsanitize=address -g -x c - && ./a.out
int foo[10];
int main(void) {
    return __asan_describe_address(foo);
}
SOURCE

Output with GCC 4.9.2 (gcc-multilib 4.9.2-3 on Arch Linux x86_64):
==6238==AddressSanitizer CHECK failed:
/build/gcc-multilib/src/gcc-4.9-20150204/libsanitizer/sanitizer_common/sanitizer_linux.cc:558
"((MtxUnlocked)) != ((atomic_load(m, memory_order_relaxed)))" (0x0, 0x0)
    #0 0x7f00a28d8030 in __asan::AsanCheckFailed(char const*, int, char const*,
unsigned long long, unsigned long long) (/usr/lib/libasan.so.1+0x5d030)
    #1 0x7f00a28dc293 in __sanitizer::CheckFailed(char const*, int, char
const*, unsigned long long, unsigned long long) (/usr/lib/libasan.so.1+0x61293)
    #2 0x7f00a28df795 in __sanitizer::BlockingMutex::CheckLocked()
(/usr/lib/libasan.so.1+0x64795)
    #3 0x7f00a28da601 in __asan::FindThreadByStackAddress(unsigned long)
(/usr/lib/libasan.so.1+0x5f601)
    #4 0x7f00a28d60d0 in __asan::DescribeAddressIfStack(unsigned long, unsigned
long) (/usr/lib/libasan.so.1+0x5b0d0)
    #5 0x7f00a28d6552 in __asan::DescribeAddress(unsigned long, unsigned long)
(/usr/lib/libasan.so.1+0x5b552)
    #6 0x4006e8 in main /tmp/<stdin>:3
    #7 0x7f00a24f87ff in __libc_start_main (/usr/lib/libc.so.6+0x207ff)
    #8 0x400608 in _start (/tmp/a.out+0x400608)

With Clang 3.5.1 (clang 3.5.1-1 on Arch Linux x86_64) the output is:
AddressSanitizer can not describe address in more detail (wild memory access
suspected).

On gcc 4.8.2-19ubuntu1 (Ubuntu 14.04) there is no output. I have not tested
with GCC 5 yet, it takes a while to build.

Expected result: a line reporting the location of the global variable.

Output of `gcc -v` on Arch Linux x86_64:
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-unknown-linux-gnu/4.9.2/lto-wrapper
Target: x86_64-unknown-linux-gnu
Configured with: /build/gcc-multilib/src/gcc-4.9-20150204/configure
--prefix=/usr --libdir=/usr/lib --libexecdir=/usr/lib --mandir=/usr/share/man
--infodir=/usr/share/info --with-bugurl=https://bugs.archlinux.org/
--enable-languages=c,c++,ada,fortran,go,lto,objc,obj-c++ --enable-shared
--enable-threads=posix --with-system-zlib --enable-__cxa_atexit
--disable-libunwind-exceptions --enable-clocale=gnu --disable-libstdcxx-pch
--disable-libssp --enable-gnu-unique-object --enable-linker-build-id
--enable-cloog-backend=isl --enable-lto --enable-plugin
--enable-install-libiberty --with-linker-hash-style=gnu --enable-multilib
--disable-werror --enable-checking=release
Thread model: posix
gcc version 4.9.2 20150204 (prerelease) (GCC)


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]