[llvm-dev] Buildling with/without AddressSanitizer causes divergent execution behaviour
Dan Liew via llvm-dev
llvm-dev at lists.llvm.org
Tue Feb 9 10:57:17 PST 2016
Hi,
# TL;DR
I've been building an application with and without the address
sanitizer (with gcc 5.3 and clang 3.7.1) and I've observed that the
application's behaviour changes (assertion hit/ not hit). I'm
wondering if this could be a bug in address sanitizer or if the
application I'm running is just buggy (e.g. doing bad things like
relying on memory layout, etc.). I'm also observing ASan reporting a
heap-use-after-free which Valgrind is not reporting, which makes me
wonder if it is a false positive.
Any hints on how I might determine this? Building with UBSan doesn't
turn up anything.
# Longer version (if you are interested in the specific details)
The application of interest is the Z3 constraint solver [1].
Much of what I'm going to say is covered in [2] which is a bug report
I opened (including a heap-use-after-free AddressSanitizer finds, I'm
not sure if this a false positive or not) but here are the basics of
what I found.
Build Z3 as follows
```
git clone https://github.com/Z3Prover/z3.git
cd z3
# Now apply the attached patch.
# Basically this makes it so that in ``examples/c/test_capi.c``
# the main() function only calls two functions.
# Note if you build without the patch when running ``c_example``
program AddressSanitizer
# reports a heap-use-after-free. I'm not sure if this a false positive
or not. Valgrind doesn't
# seem to think there's a problem.
# Build with ASan, Assertion will be hit when running the example
CXX=clang++ CC=clang CXXFLAGS="-fno-omit-frame-pointer
-fsanitize=address" LDFLAGS="-fsanitize=address" python
scripts/mk_make.py --debug --noomp --build build_asan
cd build_asan
make
make c_examples
LD_LIBRARY_PATH=`pwd` ./c_example
...
ASSERTION VIOLATION
File: ../src/sat/sat_clause.h
Line: 59
# Now build without ASan
cd ../
CXX=clang++ CC=clang python scripts/mk_make.py --debug --noomp --build
build_noasan
cd build_noasan
make
make c_example
LD_LIBRARY_PATH=`pwd` ./c_example
# No assertion is hit
```
Any insights/suggestions on how I could debug what I'm seeing further
would be appreciated.
[1] https://github.com/z3prover/z3
[2] https://github.com/Z3Prover/z3/issues/436
Thanks,
Dan.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: patch_c_examples.patch
Type: text/x-patch
Size: 1218 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20160209/d3ebf585/attachment.bin>
More information about the llvm-dev
mailing list