https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61771
Bug ID: 61771 Summary: Regressions in ASan testsuite on ARM Linux Product: gcc Version: 4.10.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: chefmax at gcc dot gnu.org CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, y.gribov at samsung dot com Host: x86_64-pc-linux-gnu Target: arm-linux-gnueabi Created attachment 33101 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=33101&action=edit heap-overflow-1 output I see some regressions (e.g. heap-overflow-1) in Asan testsuite on ARM Linux. It seems that libsanitizer couldn't unwind stack from __interceptor_malloc() function by using StackTrace::FastUnwindStack. Same test works fine with Clang on ARM. After some investigation, I noticed, that StackTrace::FastUnwindStack reads fp and lr from wrong stack slot. I suppose this related with different code producing by GCC and Clang in __interceptor_malloc() prologue. This is a small reprocase: extern int func2(int i); int func(int i) { return func2(i); } Clang builds such code in func prologue: .save {r11, lr} push {r11, lr} .setfp r11, sp mov r11, sp GCC builds another one: .save {fp, lr} str fp, [sp, #-8]! str lr, [sp, #4] .setfp fp, sp, #4 add fp, sp, #4 As we can see, the LLVM code results in the frame pointer pointing to just after the pushed R11(fp) register on the stack, while the GCC code results in the frame pointer pointing to just after the pushed LR register on the stack (related discussion in LLVM is http://comments.gmane.org/gmane.comp.compilers.llvm.devel/69514). This is not a bug in libsanitizer but rather an ABI mismatch between GCC and LLVM. Any ideas how to proceed with this? -Maxim