http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55333
Bug #: 55333
Summary: [x32] 8 asan test failures
Classification: Unclassified
Product: gcc
Version: 4.8.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: other
AssignedTo: unassig...@gcc.gnu.org
ReportedBy: hjl.to...@gmail.com
Schedule of variations:
unix/-mx32
Running target unix/-mx32
Using /usr/share/dejagnu/baseboards/unix.exp as board description file for
target.
Using /usr/share/dejagnu/config/unix.exp as generic interface file for target.
Using /export/gnu/import/git/gcc/gcc/testsuite/config/default.exp as
tool-and-target-specific interface file.
Running /export/gnu/import/git/gcc/gcc/testsuite/gcc.dg/asan/asan.exp ...
FAIL: c-c++-common/asan/memcmp-1.c -O0 output pattern test, is
=================================================================
==3035== ERROR: AddressSanitizer stack-buffer-overflow on address 0xffe91e45 at
pc 0xf5b1e798 bp 0xffe91df0 sp 0xffe91d90
READ of size 1 at 0xffe91e45 thread T0
#0 0xf5b1e797 in __interceptor_memcmp
/export/gnu/import/git/gcc/libsanitizer/asan/asan_interceptors.cc:218
(discriminator 1)
Address 0xffe91e45 is located at offset 37 in frame <main> of T0's stack:
This frame has 2 object(s):
[32, 36) 'a1'
[96, 100) 'a2'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x3ffd23c8: 4
0x3ffd23c8: 04 f4 f4 f4
More shadow bytes:
0x3ffd23b8: 00 00 00 00
0x3ffd23bc: 00 00 00 00
0x3ffd23c0: 00 00 00 00
0x3ffd23c4: f1 f1 f1 f1
=>0x3ffd23c8: 04 f4 f4 f4
0x3ffd23cc: f2 f2 f2 f2
0x3ffd23d0: 04 f4 f4 f4
0x3ffd23d4: f3 f3 f3 f3
0x3ffd23d8: 00 00 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==3035== ABORTING
, should match ERROR: AddressSanitizer stack-buffer-overflow.*(
|
) #0 0x[0-9a-f]+ (in _*(interceptor_|)memcmp |[(])[^
]*(
|
) #1 0x[0-9a-f]+ (in _*main|[(])[^
]*(
|
)
FAIL: c-c++-common/asan/memcmp-1.c -O1 output pattern test, is
=================================================================
==3135== ERROR: AddressSanitizer stack-buffer-overflow on address 0xffe3c135 at
pc 0xf5b81798 bp 0xffe3c100 sp 0xffe3c0a0
READ of size 1 at 0xffe3c135 thread T0
#0 0xf5b81797 in __interceptor_memcmp
/export/gnu/import/git/gcc/libsanitizer/asan/asan_interceptors.cc:218
(discriminator 1)
Address 0xffe3c135 is located at offset 37 in frame <main> of T0's stack:
This frame has 2 object(s):
[32, 36) 'a1'
[96, 100) 'a2'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x3ffc7826: 4
0x3ffc7824: f1 f1 04 f4
More shadow bytes:
0x3ffc7814: 00 00 00 00
0x3ffc7818: 00 00 00 00
0x3ffc781c: 00 00 00 00
0x3ffc7820: 00 00 f1 f1
=>0x3ffc7824: f1 f1 04 f4
0x3ffc7828: f4 f4 f2 f2
0x3ffc782c: f2 f2 04 f4
0x3ffc7830: f4 f4 f3 f3
0x3ffc7834: f3 f3 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==3135== ABORTING
, should match ERROR: AddressSanitizer stack-buffer-overflow.*(
|
) #0 0x[0-9a-f]+ (in _*(interceptor_|)memcmp |[(])[^
]*(
|
) #1 0x[0-9a-f]+ (in _*main|[(])[^
]*(
|
)
FAIL: c-c++-common/asan/memcmp-1.c -O2 output pattern test, is
=================================================================
==3220== ERROR: AddressSanitizer stack-buffer-overflow on address 0xffa93f15 at
pc 0xf5b6d798 bp 0xffa93ee0 sp 0xffa93e80
READ of size 1 at 0xffa93f15 thread T0
#0 0xf5b6d797 in __interceptor_memcmp
/export/gnu/import/git/gcc/libsanitizer/asan/asan_interceptors.cc:218
(discriminator 1)
Address 0xffa93f15 is located at offset 37 in frame <main> of T0's stack:
This frame has 2 object(s):
[32, 36) 'a1'
[96, 100) 'a2'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x3ff527e2: 4
0x3ff527e0: f1 f1 04 f4
More shadow bytes:
0x3ff527d0: 00 00 00 00
0x3ff527d4: 00 00 00 00
0x3ff527d8: 00 00 00 00
0x3ff527dc: 00 00 f1 f1
=>0x3ff527e0: f1 f1 04 f4
0x3ff527e4: f4 f4 f2 f2
0x3ff527e8: f2 f2 04 f4
0x3ff527ec: f4 f4 f3 f3
0x3ff527f0: f3 f3 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==3220== ABORTING
, should match ERROR: AddressSanitizer stack-buffer-overflow.*(
|
) #0 0x[0-9a-f]+ (in _*(interceptor_|)memcmp |[(])[^
]*(
|
) #1 0x[0-9a-f]+ (in _*main|[(])[^
]*(
|
)
FAIL: c-c++-common/asan/memcmp-1.c -O3 -fomit-frame-pointer output pattern
test, is =================================================================
==3372== ERROR: AddressSanitizer stack-buffer-overflow on address 0xff9dd5d5 at
pc 0xf5b18798 bp 0xff9dd5a0 sp 0xff9dd540
READ of size 1 at 0xff9dd5d5 thread T0
#0 0xf5b18797 in __interceptor_memcmp
/export/gnu/import/git/gcc/libsanitizer/asan/asan_interceptors.cc:218
(discriminator 1)
Address 0xff9dd5d5 is located at offset 37 in frame <main> of T0's stack:
This frame has 2 object(s):
[32, 36) 'a1'
[96, 100) 'a2'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x3ff3baba: 4
0x3ff3bab8: f1 f1 04 f4
More shadow bytes:
0x3ff3baa8: 00 00 00 00
0x3ff3baac: 00 00 00 00
0x3ff3bab0: 00 00 00 00
0x3ff3bab4: 00 00 f1 f1
=>0x3ff3bab8: f1 f1 04 f4
0x3ff3babc: f4 f4 f2 f2
0x3ff3bac0: f2 f2 04 f4
0x3ff3bac4: f4 f4 f3 f3
0x3ff3bac8: f3 f3 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==3372== ABORTING
, should match ERROR: AddressSanitizer stack-buffer-overflow.*(
|
) #0 0x[0-9a-f]+ (in _*(interceptor_|)memcmp |[(])[^
]*(
|
) #1 0x[0-9a-f]+ (in _*main|[(])[^
]*(
|
)
FAIL: c-c++-common/asan/memcmp-1.c -O3 -g output pattern test, is
=================================================================
==3475== ERROR: AddressSanitizer stack-buffer-overflow on address 0xfffb9475 at
pc 0xf5ad4798 bp 0xfffb9440 sp 0xfffb93e0
READ of size 1 at 0xfffb9475 thread T0
#0 0xf5ad4797 in __interceptor_memcmp
/export/gnu/import/git/gcc/libsanitizer/asan/asan_interceptors.cc:218
(discriminator 1)
Address 0xfffb9475 is located at offset 37 in frame <main> of T0's stack:
This frame has 2 object(s):
[32, 36) 'a1'
[96, 100) 'a2'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x3fff728e: 4
0x3fff728c: f1 f1 04 f4
More shadow bytes:
0x3fff727c: 00 00 00 00
0x3fff7280: 00 00 00 00
0x3fff7284: 00 00 00 00
0x3fff7288: 00 00 f1 f1
=>0x3fff728c: f1 f1 04 f4
0x3fff7290: f4 f4 f2 f2
0x3fff7294: f2 f2 04 f4
0x3fff7298: f4 f4 f3 f3
0x3fff729c: f3 f3 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==3475== ABORTING
, should match ERROR: AddressSanitizer stack-buffer-overflow.*(
|
) #0 0x[0-9a-f]+ (in _*(interceptor_|)memcmp |[(])[^
]*(
|
) #1 0x[0-9a-f]+ (in _*main|[(])[^
]*(
|
)
FAIL: c-c++-common/asan/memcmp-1.c -Os output pattern test, is
=================================================================
==3572== ERROR: AddressSanitizer stack-buffer-overflow on address 0xff9adc55 at
pc 0xf5b26798 bp 0xff9adc20 sp 0xff9adbc0
READ of size 1 at 0xff9adc55 thread T0
#0 0xf5b26797 in __interceptor_memcmp
/export/gnu/import/git/gcc/libsanitizer/asan/asan_interceptors.cc:218
(discriminator 1)
Address 0xff9adc55 is located at offset 37 in frame <main> of T0's stack:
This frame has 2 object(s):
[32, 36) 'a1'
[96, 100) 'a2'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x3ff35b8a: 4
0x3ff35b88: f1 f1 04 f4
More shadow bytes:
0x3ff35b78: 00 00 00 00
0x3ff35b7c: 00 00 00 00
0x3ff35b80: 00 00 00 00
0x3ff35b84: 00 00 f1 f1
=>0x3ff35b88: f1 f1 04 f4
0x3ff35b8c: f4 f4 f2 f2
0x3ff35b90: f2 f2 04 f4
0x3ff35b94: f4 f4 f3 f3
0x3ff35b98: f3 f3 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==3572== ABORTING
, should match ERROR: AddressSanitizer stack-buffer-overflow.*(
|
) #0 0x[0-9a-f]+ (in _*(interceptor_|)memcmp |[(])[^
]*(
|
) #1 0x[0-9a-f]+ (in _*main|[(])[^
]*(
|
)
FAIL: c-c++-common/asan/memcmp-1.c -O2 -flto -fno-use-linker-plugin
-flto-partition=none output pattern test, is
=================================================================
==3824== ERROR: AddressSanitizer stack-buffer-overflow on address 0xff802b65 at
pc 0xf5b8b798 bp 0xff802b30 sp 0xff802ad0
READ of size 1 at 0xff802b65 thread T0
#0 0xf5b8b797 in __interceptor_memcmp
/export/gnu/import/git/gcc/libsanitizer/asan/asan_interceptors.cc:218
(discriminator 1)
Address 0xff802b65 is located at offset 37 in frame <main> of T0's stack:
This frame has 2 object(s):
[32, 36) 'a1'
[96, 100) 'a2'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x3ff0056c: 4
0x3ff0056c: 04 f4 f4 f4
More shadow bytes:
0x3ff0055c: 00 00 00 00
0x3ff00560: 00 00 00 00
0x3ff00564: 00 00 00 00
0x3ff00568: f1 f1 f1 f1
=>0x3ff0056c: 04 f4 f4 f4
0x3ff00570: f2 f2 f2 f2
0x3ff00574: 04 f4 f4 f4
0x3ff00578: f3 f3 f3 f3
0x3ff0057c: 00 00 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==3824== ABORTING
, should match ERROR: AddressSanitizer stack-buffer-overflow.*(
|
) #0 0x[0-9a-f]+ (in _*(interceptor_|)memcmp |[(])[^
]*(
|
) #1 0x[0-9a-f]+ (in _*main|[(])[^
]*(
|
)
FAIL: c-c++-common/asan/memcmp-1.c -O2 -flto -fuse-linker-plugin
-fno-fat-lto-objects output pattern test, is
=================================================================
==3947== ERROR: AddressSanitizer stack-buffer-overflow on address 0xffdb2fb5 at
pc 0xf5b7e798 bp 0xffdb2f80 sp 0xffdb2f20
READ of size 1 at 0xffdb2fb5 thread T0
#0 0xf5b7e797 in __interceptor_memcmp
/export/gnu/import/git/gcc/libsanitizer/asan/asan_interceptors.cc:218
(discriminator 1)
Address 0xffdb2fb5 is located at offset 37 in frame <main> of T0's stack:
This frame has 2 object(s):
[32, 36) 'a1'
[96, 100) 'a2'
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism
(longjmp and C++ exceptions *are* supported)
Shadow byte and word:
0x3ffb65f6: 4
0x3ffb65f4: f1 f1 04 f4
More shadow bytes:
0x3ffb65e4: 00 00 00 00
0x3ffb65e8: 00 00 00 00
0x3ffb65ec: 00 00 00 00
0x3ffb65f0: 00 00 f1 f1
=>0x3ffb65f4: f1 f1 04 f4
0x3ffb65f8: f4 f4 f2 f2
0x3ffb65fc: f2 f2 04 f4
0x3ffb6600: f4 f4 f3 f3
0x3ffb6604: f3 f3 00 00
Stats: 0M malloced (0M for red zones) by 0 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (0 full pages) mmaped in 0 calls
mmaps by size class:
mallocs by size class:
frees by size class:
rfrees by size class:
Stats: malloc large: 0 small slow: 0
==3947== ABORTING
, should match ERROR: AddressSanitizer stack-buffer-overflow.*(
|
) #0 0x[0-9a-f]+ (in _*(interceptor_|)memcmp |[(])[^
]*(
|
) #1 0x[0-9a-f]+ (in _*main|[(])[^
]*(
|
)
=== gcc Summary ===
# of expected passes 16
# of unexpected failures 8
