[Bug other/114757] New: [ASAN] ASAN miscalculates size of region when building the JDK

Wed, 17 Apr 2024 13:08:28 -0700 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=114757

            Bug ID: 114757
           Summary: [ASAN] ASAN miscalculates size of region when building
                    the JDK
           Product: gcc
           Version: 13.2.1
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: other
          Assignee: unassigned at gcc dot gnu.org
          Reporter: szaldana at redhat dot com
  Target Milestone: ---

Hi all, 

I've come across an ASAN bug while building mainline JDK.

System: Linux x86
Gcc version: 13.2.1

Please find the stack trace below:

```
/home/szaldana/jdk/src/hotspot/share/gc/z/zMarkStack.cpp: In constructor
‘ZMarkStripeSet::ZMarkStripeSet(uintptr_t)’:
/home/szaldana/jdk/src/hotspot/share/gc/z/zMarkStack.cpp:43:17: error: writing
80 bytes into a region of size 8 [-Werror=stringop-overflow=]
   43 | _stripes[i] = ZMarkStripe(base);
      | ~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~
In file included from
/home/szaldana/jdk/src/hotspot/share/gc/z/zMarkStack.inline.hpp:27,
                 from
/home/szaldana/jdk/src/hotspot/share/gc/z/zMarkStack.cpp:25:
/home/szaldana/jdk/src/hotspot/share/gc/z/zMarkStack.hpp:57:15: note:
destination object ‘ZStackList<ZStack<ZMarkStackEntry, 254> >::_base’ of size 8
   57 | uintptr_t _base;
      | ^~~~~
/home/szaldana/jdk/src/hotspot/share/gc/z/zMarkStack.cpp:43:17: error: writing
80 bytes into a region of size 8 [-Werror=stringop-overflow=]
   43 | _stripes[i] = ZMarkStripe(base);
      | ~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~
/home/szaldana/jdk/src/hotspot/share/gc/z/zMarkStack.hpp:57:15: note:
destination object ‘ZStackList<ZStack<ZMarkStackEntry, 254> >::_base’ of size 8
   57 | uintptr_t _base;
      | ^~~~~
```

The "region of size 8" seems like a bug in ASAN. It is presumably what ASAN
thinks is the size of ```_stripes[i]``` in
[zMarkStack.cpp](https://github.com/openjdk/jdk/blob/master/src/hotspot/share/gc/z/zMarkStack.cpp#L43),
but that's wrong.

[ZMarkStripe](https://github.com/openjdk/jdk/blob/master/src/hotspot/share/gc/z/zMarkStack.hpp#L82)
is made up of two
[ZStackList](https://github.com/openjdk/jdk/blob/master/src/hotspot/share/gc/z/zMarkStack.hpp#L55)
entries. Note how each one of those is 16 bytes. 

Additionally,  note how ```ZStackList``` is 64 byte aligned to make each one
have its own cache line. So the memory layout is something like this: 

```
0 ---
  ZStackList 
16 ----
  padding
64 ----
  ZStackList
80 ---
  padding 
128 ---
```

Thus, ```sizeof(ZMarkStripe)``` should be 128. 

On the other hand, the "writing 80 bytes" seems correct, as that is the size of
```ZMarkStripe``` excluding trailing padding. The assignment doesn't need to
copy that trailing padding. 

If you'd like to reproduce the bug, it suffices to [build the
jdk](https://openjdk.org/groups/build/doc/building.html) passing the
```--enable-asan``` flag to the ```bash configure``` arguments. 

Find the bug reported in the JDK
[here](https://bugs.openjdk.org/browse/JDK-8330047). 

I'm also attaching the log file with the commands that trigger the stack trace
above. 


Looking forward to your comments! 

Sonia

Reply via email to