Hi Konstantin,
The machine I was working is down now. I am waiting for someone in
linaro lab to turn it on.
Now I used another machine and with this one I am not getting segfault
for the simple "hello world" test case.
However ASAN tests continued to fail with same errors.
An example
<stdin>:3:1: note: possible intended match here
==4793==ERROR: AddressSanitizer: SEGV on unknown address
0x007ffd9552d8 (pc 0x0000004c41e8 bp 0x03ffecaa9760 sp 0x03ffecaa96c0
T0)
^
Below is the LLVM IR for the test case you gave.
(------Snip----)
; ModuleID = 'try.c'
target datalayout = "e-m:e-i64:64-i128:128-n32:64-S128"
target triple = "aarch64-unknown-linux-gnu"
@llvm.global_ctors = appending global [1 x { i32, void ()* }] [{ i32,
void ()* } { i32 1, void ()* @asan.module_ctor }]
; Function Attrs: nounwind sanitize_address uwtable
define void @_Z3fooPl(i64* %x) #0 {
entry:
%x.addr = alloca i64*, align 8
store i64* %x, i64** %x.addr, align 8
%0 = load i64*, i64** %x.addr, align 8
%1 = ptrtoint i64* %0 to i64
%2 = lshr i64 %1, 3
%3 = or i64 %2, 68719476736
%4 = inttoptr i64 %3 to i8*
%5 = load i8, i8* %4
%6 = icmp ne i8 %5, 0
br i1 %6, label %7, label %8
; <label>:7 ; preds = %entry
call void @__asan_report_store8(i64 %1)
call void asm sideeffect "", ""()
unreachable
; <label>:8 ; preds = %entry
store i64 0, i64* %0, align 8
ret void
}
define internal void @asan.module_ctor() {
call void @__asan_init_v5()
ret void
}
declare void @__asan_init_v5()
declare void @__asan_report_load_n(i64, i64)
declare void @__asan_loadN(i64, i64)
declare void @__asan_report_load1(i64)
declare void @__asan_load1(i64)
declare void @__asan_report_load2(i64)
declare void @__asan_load2(i64)
declare void @__asan_report_load4(i64)
declare void @__asan_load4(i64)
declare void @__asan_report_load8(i64)
declare void @__asan_load8(i64)
declare void @__asan_report_load16(i64)
declare void @__asan_load16(i64)
declare void @__asan_report_store_n(i64, i64)
declare void @__asan_storeN(i64, i64)
declare void @__asan_report_store1(i64)
declare void @__asan_store1(i64)
declare void @__asan_report_store2(i64)
declare void @__asan_store2(i64)
declare void @__asan_report_store4(i64)
declare void @__asan_store4(i64)
declare void @__asan_report_store8(i64)
declare void @__asan_store8(i64)
declare void @__asan_report_store16(i64)
declare void @__asan_store16(i64)
declare void @__asan_report_exp_load_n(i64, i64, i32)
declare void @__asan_exp_loadN(i64, i64, i32)
declare void @__asan_report_exp_load1(i64, i32)
declare void @__asan_exp_load1(i64, i32)
declare void @__asan_report_exp_load2(i64, i32)
declare void @__asan_exp_load2(i64, i32)
declare void @__asan_report_exp_load4(i64, i32)
declare void @__asan_exp_load4(i64, i32)
declare void @__asan_report_exp_load8(i64, i32)
declare void @__asan_exp_load8(i64, i32)
declare void @__asan_report_exp_load16(i64, i32)
declare void @__asan_exp_load16(i64, i32)
declare void @__asan_report_exp_store_n(i64, i64, i32)
declare void @__asan_exp_storeN(i64, i64, i32)
declare void @__asan_report_exp_store1(i64, i32)
declare void @__asan_exp_store1(i64, i32)
declare void @__asan_report_exp_store2(i64, i32)
declare void @__asan_exp_store2(i64, i32)
declare void @__asan_report_exp_store4(i64, i32)
declare void @__asan_exp_store4(i64, i32)
declare void @__asan_report_exp_store8(i64, i32)
declare void @__asan_exp_store8(i64, i32)
declare void @__asan_report_exp_store16(i64, i32)
declare void @__asan_exp_store16(i64, i32)
declare i8* @__asan_memmove(i8*, i8*, i64)
declare i8* @__asan_memcpy(i8*, i8*, i64)
declare i8* @__asan_memset(i8*, i32, i64)
declare void @__asan_handle_no_return()
declare void @__sanitizer_ptr_cmp(i64, i64)
declare void @__sanitizer_ptr_sub(i64, i64)
declare void @__asan_before_dynamic_init(i64)
declare void @__asan_after_dynamic_init()
declare void @__asan_register_globals(i64, i64)
declare void @__asan_unregister_globals(i64, i64)
attributes #0 = { nounwind sanitize_address uwtable
"less-precise-fpmad"="false" "no-frame-pointer-elim"="true"
"no-frame-pointer-elim-non-leaf" "no-infs-fp-math"="false"
"no-nans-fp-math"="false" "stack-protector-buffer-size"="8"
"target-cpu"="generic" "target-features"="+neon"
"unsafe-fp-math"="false" "use-soft-float"="false" }
!llvm.ident = !{!0}
!0 = !{!"clang version 3.7.0 (http://llvm.org/git/clang.git
f3f115679db522ca44f75e3dadf3cdef8679b928)
(http://llvm.org/git/llvm.git
048ca17f6ea4386f608eea62ca716466bf9f674c)"}
(-----Snip------)
%2 = lshr i64 %1, 3
%3 = or i64 %2, 68719476736
%4 = inttoptr i64 %3 to i8*
I am trying to understand why 68719476736 (0x1000000000) has been
ored with stack here.
On 20 March 2015 at 21:27, Konstantin Serebryany
<[email protected]> wrote:
>>
>> OK. Let me start with this test case.
>>
>> #include <stdio.h>
>>
>> int main()
>> {
>> printf("Hello World\n");
>> return 0;
>> }
>>
>> /home/venkataramanan.kumar/
>> LLVM/TSAN_port/Build/./bin/clang
>> --driver-mode=g++ -fsanitize=address test.c
>>
>> [venkataramanan.kumar@amd-01 ~]$ ./a.out
>> ASAN:SIGSEGV
>> =================================================================
>> ==25303==ERROR: AddressSanitizer: SEGV on unknown address
>> 0x007fff96387c (pc 0x0000004c1dfc bp 0x03fffcb1c460 sp 0x03fffcb1c3e0
>> T0)
>> #0 0x4c1dfb (/home/venkataramanan.kumar/a.out+0x4c1dfb)
>> #1 0x3ff9c790c93 (/lib64/libc.so.6+0x20c93)
>> #2 0x41b1f3 (/home/venkataramanan.kumar/a.out+0x41b1f3)
>>
>> AddressSanitizer can not provide additional info.
>> ==25303==ABORTING
>>
>>
>> Now I am running under gdb
>>
>> [venkataramanan.kumar@amd-01 ~]$ gdb ./a.out
>> GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-62.sa1.4
>> Copyright (C) 2013 Free Software Foundation, Inc.
>> License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
>> This is free software: you are free to change and redistribute it.
>> There is NO WARRANTY, to the extent permitted by law. Type "show copying"
>> and "show warranty" for details.
>> This GDB was configured as "aarch64-redhat-linux-gnu".
>> For bug reporting instructions, please see:
>> <http://www.gnu.org/software/gdb/bugs/>...
>> Reading symbols from /home/venkataramanan.kumar/a.out...done.
>> (gdb) r
>> Starting program: /home/venkataramanan.kumar/./a.out
>> [Thread debugging using libthread_db enabled]
>> Using host libthread_db library "/lib64/libthread_db.so.1".
>> Hello World
>> [Inferior 1 (process 25306) exited normally]
>> Missing separate debuginfos, use: debuginfo-install
>> glibc-2.17-68.sa1.4.aarch64 libgcc-4.8.3-8.sa1.4.aarch64
>> libstdc++-4.8.3-8.sa1.4.aarch64
>>
>> It ran to completion.
>
>
> Interesting. So, w/ gdb the test passes, w/o gdb it fails.
> Try few things:
>
> Run w/o gdb but with ASLR off (is there ASLR on AArch64?). Use setarch for
> that.
>
> Run w/ gdb but with ASLR on (disable-randomization off). If you get a
> crash with gdb, type 'dis' and send the result here.
>
> build the following code with -S and with '-S -o - -emit-llvm' and
> send the results:
> void foo(long *x) { *x = 0; }
>
> --kcc
>
>
>>
>>
>> ASAN:SIGSEGV
>> ==============================
>> ===================================
>> ==6221==ERROR: AddressSanitizer: SEGV on unknown address
>> 0x007ffd1329f4 (pc 0x0000004c1e64 bp 0x03ffe8995090 sp 0x03ffe8994fa0
>> T0)
>> #0 0x4c1e63 in main
>> /home/venkataramanan.kumar/LLVM/TSAN_port/compiler-rt/test/asan/TestCases/Linux/coverage-direct-large.cc:52
>> #1 0x3ffb2730c93 in __libc_start_main (/lib64/libc.so.6+0x20c93)
>>
>> What this error mean?
>> Stack address 0x03ffe8994fa0 when I do 0x03ffe8994fa0 >> 0x3, I get
>> this address 0x007ffd1329f4,
>>
>> "address 0x007ffd1329f4 is illegal. Why this address is accessed?
>>
>> Between my cat /proc/self/maps look like that.
>>
>> venataramanan.kumar@amd-01 ~]$ cat /proc/self/maps
>> 00400000-00410000 r-xp 00000000 08:04 16890529
>> /usr/bin/cat
>> 00410000-00420000 r--p 00000000 08:04 16890529
>> /usr/bin/cat
>> 00420000-00430000 rw-p 00010000 08:04 16890529
>> /usr/bin/cat
>> 07a30000-07a60000 rw-p 00000000 00:00 0
>> [heap]
>> 3ff85ca0000-3ff8c540000 r--p 00000000 08:04 34089040
>> /usr/lib/locale/locale-archive
>> 3ff8c540000-3ff8c6a0000 r-xp 00000000 08:04 33642757
>> /usr/lib64/libc-2.17.so
>> 3ff8c6a0000-3ff8c6b0000 r--p 00150000 08:04 33642757
>> /usr/lib64/libc-2.17.so
>> 3ff8c6b0000-3ff8c6c0000 rw-p 00160000 08:04 33642757
>> /usr/lib64/libc-2.17.so
>> 3ff8c6d0000-3ff8c6e0000 r--p 00000000 00:00 0
>> [vvar]
>> 3ff8c6e0000-3ff8c6f0000 r-xp 00000000 00:00 0
>> [vdso]
>> 3ff8c6f0000-3ff8c710000 r-xp 00000000 08:04 33642750
>> /usr/lib64/ld-2.17.so
>> 3ff8c710000-3ff8c720000 r--p 00010000 08:04 33642750
>> /usr/lib64/ld-2.17.so
>> 3ff8c720000-3ff8c730000 rw-p 00020000 08:04 33642750
>> /usr/lib64/ld-2.17.so
>> 3ffc0d80000-3ffc0db0000 rw-p 00000000 00:00 0
>> [stack]
>>
>>
>> regards,
>> Venkat.
>>
>>
>>
>>
>>>> regards,
>>>> Venkat,
>>>>
>>>>
>>>> On 26 January 2015 at 20:50, <[email protected]> wrote:
>>>>>
>>>>> Comment #16 on issue 246 by [email protected]: Porting to a new target
>>>>> (AArch64)
>>>>> https://code.google.com/p/address-sanitizer/issues/detail?id=246
>>>>>
>>>>> FYI, following patch makes ASAN work fine on 42-bit AS, but will break the
>>>>> 39-bit AS and won't fix 48-bit one. So we really need something more
>>>>> dynamic.
>>>>>
>>>>> --- libsanitizer/asan/asan_allocator.h (revision 219833)
>>>>> +++ libsanitizer/asan/asan_allocator.h (working copy)
>>>>> @@ -100,6 +100,10 @@
>>>>> # if defined(__powerpc64__)
>>>>> const uptr kAllocatorSpace = 0xa0000000000ULL;
>>>>> const uptr kAllocatorSize = 0x20000000000ULL; // 2T.
>>>>> +# elif defined(__aarch64__)
>>>>> +// Valid only for 42-bit VA
>>>>> +const uptr kAllocatorSpace = 0x10000000000ULL;
>>>>> +const uptr kAllocatorSize = 0x10000000000ULL; // 1T.
>>>>> # else
>>>>> const uptr kAllocatorSpace = 0x600000000000ULL;
>>>>> const uptr kAllocatorSize = 0x40000000000ULL; // 4T.
>>>>> --- libsanitizer/sanitizer_common/sanitizer_platform.h (revision 219833)
>>>>> +++ libsanitizer/sanitizer_common/sanitizer_platform.h (working copy)
>>>>> @@ -79,7 +79,7 @@
>>>>> // For such platforms build this code with
>>>>> -DSANITIZER_CAN_USE_ALLOCATOR64=0 or
>>>>> // change the definition of SANITIZER_CAN_USE_ALLOCATOR64 here.
>>>>> #ifndef SANITIZER_CAN_USE_ALLOCATOR64
>>>>> -# if defined(__aarch64__) || defined(__mips64)
>>>>> +# if defined(__mips64)
>>>>> # define SANITIZER_CAN_USE_ALLOCATOR64 0
>>>>> # else
>>>>> # define SANITIZER_CAN_USE_ALLOCATOR64 (SANITIZER_WORDSIZE == 64)
>>>>> @@ -88,10 +88,10 @@
>>>>>
>>>>> // The range of addresses which can be returned my mmap.
>>>>> // FIXME: this value should be different on different platforms,
>>>>> -// e.g. on AArch64 it is most likely (1ULL << 39). Larger values will
>>>>> still
>>>>> work
>>>>> +// e.g. on AArch64 it is most likely (1ULL << 42). Larger values will
>>>>> still
>>>>> work
>>>>> // but will consume more memory for TwoLevelByteMap.
>>>>> #if defined(__aarch64__)
>>>>> -# define SANITIZER_MMAP_RANGE_SIZE FIRST_32_SECOND_64(1ULL << 32, 1ULL <<
>>>>> 39)
>>>>> +# define SANITIZER_MMAP_RANGE_SIZE FIRST_32_SECOND_64(1ULL << 32, 1ULL <<
>>>>> 42)
>>>>> #else
>>>>> # define SANITIZER_MMAP_RANGE_SIZE FIRST_32_SECOND_64(1ULL << 32, 1ULL <<
>>>>> 47)
>>>>> #endif
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> You received this message because this project is configured to send all
>>>>> issue notifications to this address.
>>>>> You may adjust your notification preferences at:
>>>>> https://code.google.com/hosting/settings
>>>>>
>>>>> --
>>>>> You received this message because you are subscribed to the Google Groups
>>>>> "address-sanitizer" group.
>>>>> To unsubscribe from this group and stop receiving emails from it, send an
>>>>> email to [email protected].
>>>>> For more options, visit https://groups.google.com/d/optout.
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google Groups
>>>> "address-sanitizer" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send an
>>>> email to [email protected].
>>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>> --
>>> You received this message because you are subscribed to the Google Groups
>>> "address-sanitizer" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an
>>> email to [email protected].
>>> For more options, visit https://groups.google.com/d/optout.
regards,
Venkat.
--
You received this message because you are subscribed to the Google Groups
"address-sanitizer" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
