<html>
<head>
<base href="https://bugs.llvm.org/">
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - After r305058, AddressSanitizer CHECK failed: lib/asan/asan_errors.h:99 "((second_free_stack->size)) > ((0))" (0x0, 0x0)"
href="https://bugs.llvm.org/show_bug.cgi?id=34324">34324</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>After r305058, AddressSanitizer CHECK failed: lib/asan/asan_errors.h:99 "((second_free_stack->size)) > ((0))" (0x0, 0x0)
</td>
</tr>
<tr>
<th>Product</th>
<td>compiler-rt
</td>
</tr>
<tr>
<th>Version</th>
<td>unspecified
</td>
</tr>
<tr>
<th>Hardware</th>
<td>PC
</td>
</tr>
<tr>
<th>OS</th>
<td>All
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>enhancement
</td>
</tr>
<tr>
<th>Priority</th>
<td>P
</td>
</tr>
<tr>
<th>Component</th>
<td>compiler-rt
</td>
</tr>
<tr>
<th>Assignee</th>
<td>unassignedbugs@nondot.org
</td>
</tr>
<tr>
<th>Reporter</th>
<td>dimitry@andric.com
</td>
</tr>
<tr>
<th>CC</th>
<td>llvm-bugs@lists.llvm.org
</td>
</tr></table>
<p>
<div>
<pre>After <a href="https://reviews.llvm.org/rL305058">https://reviews.llvm.org/rL305058</a>, which was meant to fix <a class="bz_bug_link
bz_status_RESOLVED bz_closed"
title="RESOLVED FIXED - Sanitizer CHECK failed: ((allocated_for_dlsym)) < ((kDlsymAllocPoolSize)) (1036, 1024)) with preload"
href="show_bug.cgi?id=33206">bug 33206</a>, the
number of failing compiler-rt tests goes up from 5 to 58. Before:
Failing Tests (5):
AddressSanitizer-i386-freebsd :: TestCases/Posix/asan-sigbus.cpp
AddressSanitizer-i386-freebsd :: TestCases/Posix/fread_fwrite.cc
LLVM :: Bindings/Go/go.test
LLVM :: DebugInfo/PDB/pdbdump-debug-subsections.test
LLVM :: tools/llvm-objdump/X86/macho-literals.test
After:
Failing Tests (58):
AddressSanitizer-Unit ::
Asan-i386-inline-Test/AddressSanitizer.DoubleFreeTest
AddressSanitizer-Unit ::
Asan-i386-inline-Test/AddressSanitizer.ReallocFreedPointerTest
AddressSanitizer-Unit ::
Asan-i386-inline-Test/AddressSanitizer.UseThenFreeThenUseTest
AddressSanitizer-Unit ::
Asan-i386-inline-Test/AddressSanitizer.WrongFreeTest
AddressSanitizer-Unit ::
Asan-i386-with-calls-Test/AddressSanitizer.DoubleFreeTest
AddressSanitizer-Unit ::
Asan-i386-with-calls-Test/AddressSanitizer.ReallocFreedPointerTest
AddressSanitizer-Unit ::
Asan-i386-with-calls-Test/AddressSanitizer.UseThenFreeThenUseTest
AddressSanitizer-Unit ::
Asan-i386-with-calls-Test/AddressSanitizer.WrongFreeTest
AddressSanitizer-i386-freebsd :: TestCases/Posix/asan-sigbus.cpp
AddressSanitizer-i386-freebsd ::
TestCases/Posix/asan-symbolize-sanity-test.cc
AddressSanitizer-i386-freebsd :: TestCases/Posix/closed-fds.cc
AddressSanitizer-i386-freebsd :: TestCases/Posix/deep_thread_stack.cc
AddressSanitizer-i386-freebsd :: TestCases/Posix/fread_fwrite.cc
AddressSanitizer-i386-freebsd ::
TestCases/Posix/interception-in-shared-lib-test.cc
AddressSanitizer-i386-freebsd :: TestCases/Posix/shared-lib-test.cc
AddressSanitizer-i386-freebsd ::
TestCases/Posix/stack-use-after-return.cc
AddressSanitizer-i386-freebsd :: TestCases/Posix/strndup_oob_test.cc
AddressSanitizer-i386-freebsd :: TestCases/Posix/wait.cc
AddressSanitizer-i386-freebsd :: TestCases/Posix/wait3.cc
AddressSanitizer-i386-freebsd :: TestCases/Posix/wait4.cc
AddressSanitizer-i386-freebsd :: TestCases/Posix/waitid.cc
AddressSanitizer-i386-freebsd :: TestCases/alloca_big_alignment.cc
AddressSanitizer-i386-freebsd :: TestCases/alloca_detect_custom_size_.cc
AddressSanitizer-i386-freebsd :: TestCases/alloca_overflow_partial.cc
AddressSanitizer-i386-freebsd :: TestCases/alloca_overflow_right.cc
AddressSanitizer-i386-freebsd :: TestCases/alloca_underflow_left.cc
AddressSanitizer-i386-freebsd :: TestCases/debug_double_free.cc
AddressSanitizer-i386-freebsd :: TestCases/debug_report.cc
AddressSanitizer-i386-freebsd :: TestCases/debug_stacks.cc
AddressSanitizer-i386-freebsd :: TestCases/deep_stack_uaf.cc
AddressSanitizer-i386-freebsd :: TestCases/describe_address.cc
AddressSanitizer-i386-freebsd :: TestCases/double-free.cc
AddressSanitizer-i386-freebsd :: TestCases/frexp_interceptor.cc
AddressSanitizer-i386-freebsd :: TestCases/global-overflow.cc
AddressSanitizer-i386-freebsd :: TestCases/heap-overflow.cc
AddressSanitizer-i386-freebsd :: TestCases/heavy_uar_test.cc
AddressSanitizer-i386-freebsd :: TestCases/initialization-bug.cc
AddressSanitizer-i386-freebsd :: TestCases/invalid-free.cc
AddressSanitizer-i386-freebsd :: TestCases/invalid-pointer-pairs.cc
AddressSanitizer-i386-freebsd :: TestCases/large_func_test.cc
AddressSanitizer-i386-freebsd :: TestCases/null_deref.cc
AddressSanitizer-i386-freebsd :: TestCases/partial_right.cc
AddressSanitizer-i386-freebsd :: TestCases/print_summary.cc
AddressSanitizer-i386-freebsd :: TestCases/sanity_check_pure_c.c
AddressSanitizer-i386-freebsd :: TestCases/stack-buffer-overflow.cc
AddressSanitizer-i386-freebsd :: TestCases/strdup_oob_test.cc
AddressSanitizer-i386-freebsd :: TestCases/strncpy-overflow.cc
AddressSanitizer-i386-freebsd :: TestCases/time_interceptor.cc
AddressSanitizer-i386-freebsd :: TestCases/use-after-delete.cc
AddressSanitizer-i386-freebsd :: TestCases/use-after-free-right.cc
AddressSanitizer-i386-freebsd :: TestCases/use-after-free.cc
AddressSanitizer-i386-freebsd :: TestCases/use-after-scope-inlined.cc
AddressSanitizer-i386-freebsd :: TestCases/vla_chrome_testcase.cc
AddressSanitizer-i386-freebsd :: TestCases/vla_condition_overflow.cc
AddressSanitizer-i386-freebsd :: TestCases/vla_loop_overfow.cc
LLVM :: Bindings/Go/go.test
LLVM :: DebugInfo/PDB/pdbdump-debug-subsections.test
LLVM :: tools/llvm-objdump/X86/macho-literals.test
The AddressSanitizer-Unit tests all fail because of a new CHECK failure:
[ RUN ] AddressSanitizer.DoubleFreeTest
/share/dim/src/llvm/trunk/projects/compiler-rt/lib/asan/tests/asan_test.cc:463:
Failure
Death test: DoubleFree()
Result: died but not with expected error.
Expected: ERROR: AddressSanitizer: attempting double-free.*is located 0
bytes inside of 400-byte region.*freed by thread T0 here.*previously allocated
by thread T0 here
Actual msg:
[ DEATH ] DoubleFree: x=0x2b003e40
[ DEATH ]
=================================================================
[ DEATH ] ==84873==AddressSanitizer CHECK failed:
/share/dim/src/llvm/trunk/projects/compiler-rt/lib/asan/asan_errors.h:99
"((second_free_stack->size)) > ((0))" (0x0, 0x0)
[ DEATH ] #0 0x80e5e56
(/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/lib/asan/tests/default/Asan-i386-inline-Test+0x80e5e56)
[ DEATH ] #1 0x80fb0e4
(/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/lib/asan/tests/default/Asan-i386-inline-Test+0x80fb0e4)
[ DEATH ] #2 0x80e11c0
(/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/lib/asan/tests/default/Asan-i386-inline-Test+0x80e11c0)
[ DEATH ] #3 0x8073a66
(/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/lib/asan/tests/default/Asan-i386-inline-Test+0x8073a66)
[ DEATH ] #4 0x80714bd
(/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/lib/asan/tests/default/Asan-i386-inline-Test+0x80714bd)
[ DEATH ] #5 0x80dc41e
(/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/lib/asan/tests/default/Asan-i386-inline-Test+0x80dc41e)
[ DEATH ] #6 0x81f69f6
(/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/lib/asan/tests/default/Asan-i386-inline-Test+0x81f69f6)
[ DEATH ] #7 0x81867fd
(/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/lib/asan/tests/default/Asan-i386-inline-Test+0x81867fd)
[ DEATH ] #8 0x81420e1
(/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/lib/asan/tests/default/Asan-i386-inline-Test+0x81420e1)
[ DEATH ] #9 0x814470a
(/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/lib/asan/tests/default/Asan-i386-inline-Test+0x814470a)
[ DEATH ] #10 0x8146252
(/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/lib/asan/tests/default/Asan-i386-inline-Test+0x8146252)
[ DEATH ] #11 0x815f02b
(/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/lib/asan/tests/default/Asan-i386-inline-Test+0x815f02b)
[ DEATH ] #12 0x8187e97
(/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/lib/asan/tests/default/Asan-i386-inline-Test+0x8187e97)
[ DEATH ] #13 0x815e185
(/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/lib/asan/tests/default/Asan-i386-inline-Test+0x815e185)
[ DEATH ] #14 0x830ed1f
(/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/lib/asan/tests/default/Asan-i386-inline-Test+0x830ed1f)
[ DEATH ] #15 0x8070a19
(/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/lib/asan/tests/default/Asan-i386-inline-Test+0x8070a19)
[ DEATH ]
[ DEATH ]
[ FAILED ] AddressSanitizer.DoubleFreeTest (15 ms)
[----------] 1 test from AddressSanitizer (15 ms total)
The rest of the tests are now failing because the printed thread ID is
different than before, e.g. it expects "T0" while the actual ID is "T16777215":
********************
FAIL: AddressSanitizer-i386-freebsd :: TestCases/Posix/closed-fds.cc (323 of
616)
******************** TEST 'AddressSanitizer-i386-freebsd ::
TestCases/Posix/closed-fds.cc' FAILED ********************
Script:
--
rm -f
/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/test/asan/I386FreeBSDConfig/TestCases/Posix/Output/closed-fds.cc.tmp.log.*
/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/./bin/clang
--driver-mode=g++ -fsanitize=address -mno-omit-leaf-frame-pointer
-fno-omit-frame-pointer -fno-optimize-sibling-calls -gline-tables-only -m32 -O0
/share/dim/src/llvm/trunk/projects/compiler-rt/test/asan/TestCases/Posix/closed-fds.cc
-o
/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/test/asan/I386FreeBSDConfig/TestCases/Posix/Output/closed-fds.cc.tmp
env
ASAN_OPTIONS=log_path='"/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/test/asan/I386FreeBSDConfig/TestCases/Posix/Output/closed-fds.cc.tmp.log"':verbosity=2
not
/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/test/asan/I386FreeBSDConfig/TestCases/Posix/Output/closed-fds.cc.tmp
FileCheck
/share/dim/src/llvm/trunk/projects/compiler-rt/test/asan/TestCases/Posix/closed-fds.cc
--check-prefix=CHECK-FILE <
/home/dim/obj/llvm-305058-trunk-freebsd10-i386-ninja-rel-1/projects/compiler-rt/test/asan/I386FreeBSDConfig/TestCases/Posix/Output/closed-fds.cc.tmp.log.*
--
Exit Code: 1
Command Output (stderr):
--
Closing streams.
/share/dim/src/llvm/trunk/projects/compiler-rt/test/asan/TestCases/Posix/closed-fds.cc:32:17:
error: expected string not found in input
// CHECK-FILE: {{WRITE of size 1 at 0x.* thread T0}}
^
<stdin>:30:1: note: scanning from here
WRITE of size 1 at 0x2a200791 thread T16777215
^</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are on the CC list for the bug.</li>
</ul>
</body>
</html>