[LLVMdev] linker warnings in Linking CXX executable Debug/AsanTest

Jack Howarth howarth at bromo.med.uc.edu
Fri Nov 2 10:01:59 PDT 2012 

On Fri, Nov 02, 2012 at 06:45:07PM +0400, Alexey Samsonov wrote:
> Hi, Jack!
> 
> 
> I'll take a look at this. However, tests below fail for a different reason
> (they don't use Debug/AsanTest at all).
> How do you configure a CMake build tree? Can you somehow get (or run
> manually) the script which is used
> for running log-path_test.cc and other failing test cases?
> 
> 

I have in build/projects/compiler-rt/lib/asan/lit_tests/Output/log-path_test.cc.tmp.log.393

=================================================================
==393== ERROR: AddressSanitizer: heap-buffer-overflow on address 0x00010a580fca at pc 0x10829ca5c bp 0x7fff57964910 sp 0x7fff57964908
READ of size 1 at 0x00010a580fca thread T0
    #0 0x10829ca5b (/sw/src/fink.build/llvm32-3.2-0/llvm-3.2/build/projects/compiler-rt/lib/asan/lit_tests/Output/log-path_test.cc.tmp+0x100001a5b)
    #1 0x7fff8bd827e0 (/usr/lib/system/libdyld.dylib+0x27e0)
    #2 0x0
0x00010a580fca is located 0 bytes to the right of 10-byte region [0x00010a580fc0,0x00010a580fca)
allocated by thread T0 here:
    #0 0x1082a5472 (/sw/src/fink.build/llvm32-3.2-0/llvm-3.2/build/projects/compiler-rt/lib/asan/lit_tests/Output/log-path_test.cc.tmp+0x10000a472)
    #1 0x7fff94c3b152 (/usr/lib/system/libsystem_c.dylib+0x2d152)
    #2 0x7fff94c3bba6 (/usr/lib/system/libsystem_c.dylib+0x2dba6)
    #3 0x10829c876 (/sw/src/fink.build/llvm32-3.2-0/llvm-3.2/build/projects/compiler-rt/lib/asan/lit_tests/Output/log-path_test.cc.tmp+0x100001876)
    #4 0x7fff8bd827e0 (/usr/lib/system/libdyld.dylib+0x27e0)
Shadow byte and word:
  0x1000214b01f9: 2
  0x1000214b01f8: 00 02 fb fb fb fb fb fb
More shadow bytes:
  0x1000214b01d8: fa fa fa fa fa fa fa fa
  0x1000214b01e0: fa fa fa fa fa fa fa fa
  0x1000214b01e8: fa fa fa fa fa fa fa fa
  0x1000214b01f0: fa fa fa fa fa fa fa fa
=>0x1000214b01f8: 00 02 fb fb fb fb fb fb
  0x1000214b0200: fa fa fa fa fa fa fa fa
  0x1000214b0208: fa fa fa fa fa fa fa fa
  0x1000214b0210: fa fa fa fa fa fa fa fa
  0x1000214b0218: fa fa fa fa fa fa fa fa
Stats: 0M malloced (0M for red zones) by 1 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (128 full pages) mmaped in 1 calls
  mmaps   by size class: 7:4095; 
  mallocs by size class: 7:1; 
  frees   by size class: 
  rfrees  by size class: 
Stats: malloc large: 0 small slow: 1
==393== ABORTING

in build/projects/compiler-rt/lib/asan/lit_tests/Output/trncpy-overflow.cc.tmp.out

=================================================================
==996== ERROR: AddressSanitizer: heap-buffer-overflow on address 0x00010920b049 at pc 0x106f2b7db bp 0x7fff58cdb970 sp 0x7fff58cdb118
WRITE of size 1 at 0x00010920b049 thread T0
    #0 0x106f2b7da in _wrap_strncpy _asan_rtl_:5
    #1 0x106f25a05 in _main /sw/src/fink.build/llvm32-3.2-0/llvm-3.2/projects/compiler-unsigned short restrict/lib/asan/lit_tests/strncpy-overflow.cc:24:0
    #2 0x7fff8bd827e0 in start (in libdyld.dylib) + 0
    #3 0x0
0x00010920b049 is located 0 bytes to the right of 9-byte region [0x00010920b040,0x00010920b049)
allocated by thread T0 here:
    #0 0x106f2e362 in (anonymous namespace)::mz_malloc(_malloc_zone_t*, unsigned long) _asan_rtl_:3
    #1 0x7fff94c3b152 in malloc_zone_malloc (in libsystem_c.dylib) + 70
    #2 0x7fff94c3bba6 in malloc (in libsystem_c.dylib) + 40
    #3 0x106f25974 in _main /sw/src/fink.build/llvm32-3.2-0/llvm-3.2/projects/compiler-unsigned short restrict/lib/asan/lit_tests/strncpy-overflow.cc:23:0
    #4 0x7fff8bd827e0 in start (in libdyld.dylib) + 0
Shadow byte and word:
  0x100021241609: 1
  0x100021241608: 00 01 fb fb fb fb fb fb
long double restrictunsigned __int128::* shadow bytes:
  0x1000212415e8: fa fa fa fa fa fa fa fa
  0x1000212415f0: fa fa fa fa fa fa fa fa
  0x1000212415f8: 06 fb fb fb fb fb fb fb
  0x100021241600: fa fa fa fa fa fa fa fa
=>0x100021241608: 00 01 fb fb fb fb fb fb
  0x100021241610: fa fa fa fa fa fa fa fa
  0x100021241618: fa fa fa fa fa fa fa fa
  0x100021241620: fa fa fa fa fa fa fa fa
  0x100021241628: fa fa fa fa fa fa fa fa
Stats: 0M malloced (0M for red zones) by 2 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 0 calls
Stats: 0M really freed by 0 calls
Stats: 0M (128 full pages) mmaped in 1 calls
  mmaps   by size class: 7:4095;
  mallocs by size class: 7:2;
  frees   by size class:
  rfrees  by size class:
Stats: malloc large: 0 small slow: 1
==996== ABORTING

and in build/projects/compiler-rt/lib/asan/lit_tests/Output/use-after-free.cc.tmp.out

=================================================================
==1125== ERROR: AddressSanitizer: heap-use-after-free on address 0x00010c958fc5 at pc 0x10a675c5e bp 0x7fff5558aab0 sp 0x7fff5558aaa8
READ of size 1 at 0x00010c958fc5 thread T0
    #0 0x10a675c5d in _main /sw/src/fink.build/llvm32-3.2-0/llvm-3.2/projects/compiler-unsigned short restrict/lib/asan/lit_tests/use-after-free.cc:22:0
    #1 0x7fff8bd827e0 in start (in libdyld.dylib) + 0
    #2 0x0
0x00010c958fc5 is located 5 bytes inside of 10-byte region [0x00010c958fc0,0x00010c958fca)
freed by thread T0 here:
    #0 0x10a67e6a8 in free_common _asan_rtl_:5
    #1 0x10a67e6a8 in (anonymous namespace)::mz_free(_malloc_zone_t*, void*) _asan_rtl_:0
    #2 0x10a67dd22 in _wrap_free _asan_rtl_:7
    #3 0x10a675bd7 in _main /sw/src/fink.build/llvm32-3.2-0/llvm-3.2/projects/compiler-unsigned short restrict/lib/asan/lit_tests/use-after-free.cc:21:0
    #4 0x7fff8bd827e0 in start (in libdyld.dylib) + 0
    #4 0x0
previously allocated by thread T0 here:
    #0 0x10a67e4b2 in (anonymous namespace)::mz_malloc(_malloc_zone_t*, unsigned long) _asan_rtl_:3
    #1 0x7fff94c3b152 in malloc_zone_malloc (in libsystem_c.dylib) + 70
    #2 0x7fff94c3bba6 in malloc (in libsystem_c.dylib) + 40
    #3 0x10a675b94 in _main /sw/src/fink.build/llvm32-3.2-0/llvm-3.2/projects/compiler-unsigned short restrict/lib/asan/lit_tests/use-after-free.cc:20:0
    #4 0x7fff8bd827e0 in start (in libdyld.dylib) + 0
Shadow byte and word:
  0x10002192b1f8: fd
  0x10002192b1f8: fd fd fd fd fd fd fd fd
long double restrictunsigned __int128::* shadow bytes:
  0x10002192b1d8: fa fa fa fa fa fa fa fa
  0x10002192b1e0: fa fa fa fa fa fa fa fa
  0x10002192b1e8: fa fa fa fa fa fa fa fa
  0x10002192b1f0: fa fa fa fa fa fa fa fa
=>0x10002192b1f8: fd fd fd fd fd fd fd fd
  0x10002192b200: fa fa fa fa fa fa fa fa
  0x10002192b208: fa fa fa fa fa fa fa fa
  0x10002192b210: fa fa fa fa fa fa fa fa
  0x10002192b218: fa fa fa fa fa fa fa fa
Stats: 0M malloced (0M for red zones) by 1 calls
Stats: 0M realloced by 0 calls
Stats: 0M freed by 1 calls
Stats: 0M really freed by 0 calls
Stats: 0M (128 full pages) mmaped in 1 calls
  mmaps   by size class: 7:4095;
  mallocs by size class: 7:1;
  frees   by size class: 7:1;
  rfrees  by size class:
Stats: malloc large: 0 small slow: 1
==1125== ABORTING

Hopefully that helps.
         Jack

> >
> > I am seeing some AddressSanitizer failures like...
> >
> > FAIL: AddressSanitizer :: log-path_test.cc (13 of 12542)
> > ******************** TEST 'AddressSanitizer :: log-path_test.cc' FAILED
> > ********************
> >
> > FAIL: AddressSanitizer :: strncpy-overflow.cc (27 of 12542)
> > ******************** TEST 'AddressSanitizer :: strncpy-overflow.cc' FAILED
> > ********************
> >
> > FAIL: AddressSanitizer :: use-after-free.cc (34 of 12542)
> > ******************** TEST 'AddressSanitizer :: use-after-free.cc' FAILED
> > ********************
> >
> > etc, and wonder if they could be related to that those linkage warnings.
> > If so, I'll open a bug report.
> > Thanks in advance.
> >          Jack
> > ps This is using a debug build on x86_64-apple-darwin12 with Xcode 4.5.2's
> > linker.
> >
> >
> > _______________________________________________
> > LLVM Developers mailing list
> > LLVMdev at cs.uiuc.edu         http://llvm.cs.uiuc.edu
> > http://lists.cs.uiuc.edu/mailman/listinfo/llvmdev
> >
> 
> 
> 
> -- 
> Alexey Samsonov, MSK

More information about the llvm-dev mailing list