[Bug sanitizer/55502] New: gcc.c-torture/execute/builtins/memcpy-chk.c execution failures with -fsanitize=address
howarth at nitro dot med.uc.edu
gcc-bugzilla@gcc.gnu.org
Wed Nov 28 00:33:00 GMT 2012
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55502
Bug #: 55502
Summary: gcc.c-torture/execute/builtins/memcpy-chk.c execution
failures with -fsanitize=address
Classification: Unclassified
Product: gcc
Version: 4.8.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
AssignedTo: unassigned@gcc.gnu.org
ReportedBy: howarth@nitro.med.uc.edu
CC: dodji@gcc.gnu.org, dvyukov@gcc.gnu.org,
jakub@gcc.gnu.org, kcc@gcc.gnu.org
Using...
make -k check-gcc RUNTESTFLAGS="--target_board=unix'{-fsanitize=address}'"
on x86_64-apple-darwin12 produces execution failures in...
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -O1
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -O2
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -O3
-fomit-frame-pointer
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -O3
-fomit-frame-pointer -funroll-loops
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -O3
-fomit-frame-pointer -funroll-all-loops -finline-functions
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -O3 -g
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -Os
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -Og -g
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -O2 -flto
-flto-partition=none
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -O2 -flto
which are of the form...
Executing on host: /sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/xgcc
-B/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/memcpy-chk.c
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/memcpy-chk-lib.c
/sw/src/fink.build/gcc48-4.8.0-1000/gcc-4.8-20121127/gcc/testsuite/gcc.c-torture/execute/builtins/lib/main.c
-fno-diagnostics-show-caret -w -O1 -fno-tree-loop-distribute-patterns -lm
-fsanitize=address -o
/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/testsuite/gcc/memcpy-chk.x1
(timeout = 300)
PASS: gcc.c-torture/execute/builtins/memcpy-chk.c compilation, -O1
Setting LD_LIBRARY_PATH to
:/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc::/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc
=================================================================
==66781== ERROR: AddressSanitizer: stack-buffer-overflow on address
0x7fff53c70a44 at pc 0x10bf90e84 bp 0x7fff53c709f0 sp 0x7fff53c709e8
WRITE of size 1 at 0x7fff53c70a44 thread T0
#0 0x10bf90e83
(/sw/src/fink.build/gcc48-4.8.0-1000/darwin_objdir/gcc/testsuite/gcc/memcpy-chk.x1+0x100004e83)
#1 0x0
Address 0x7fff53c70a44 is located at offset 52 in frame <test4> of T0's stack:
This frame has 1 object(s):
[32, 52) 'buf3'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism or swapcontext
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x1fffea78e148: 4
0x1fffea78e148: 04 f4 f3 f3 f3 f3 00 00
More shadow bytes:
0x1fffea78e128: 00 00 00 00 00 00 00 00
0x1fffea78e130: 00 00 00 00 00 00 00 00
0x1fffea78e138: 00 00 00 00 00 00 00 00
0x1fffea78e140: 00 00 f1 f1 f1 f1 00 00
=>0x1fffea78e148: 04 f4 f3 f3 f3 f3 00 00
0x1fffea78e150: 00 00 00 00 00 00 00 00
0x1fffea78e158: 00 00 00 00 00 00 00 00
0x1fffea78e160: 00 00 00 00 00 00 00 00
0x1fffea78e168: 00 00 00 00 00 00 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==66781== ABORTING
FAIL: gcc.c-torture/execute/builtins/memcpy-chk.c execution, -O1
More information about the Gcc-bugs
mailing list