[PATCH] [PowerPC]Adapt fast stack unwinding to work for Power.

Bill Seurer seurer at linux.vnet.ibm.com
Fri May 15 08:54:27 PDT 2015 

The stack popping makes the fast unwinding act closer to how slow unwinding works (though still not identical).  I don't know how this works on x86 so I can't comment on that.  I will move and rename the constants.

Here is an example.  With slow unwinding:




68283==ERROR: AddressSanitizer: heap-use-after-free on address 0x0a100000eff0 at pc 0x000010103af8 bp 0x3ffff7640400 sp 0x3ffff7640420
--------------------------------------------------------------------------------------------------------------------------------------

WRITE of size 4 at 0x0a100000eff0 thread T0

  #0 0x10103af4 in Func6(int, int*) /home/seurer/test/stack/crash.cpp:19:7
  #1 0x10103c9c in Func5(int, int*) /home/seurer/test/stack/crash.cpp:27:10
  #2 0x10103f3c in Func4(int, int*) /home/seurer/test/stack/crash.cpp:34:10
  #3 0x101041dc in Func3(int, int*) /home/seurer/test/stack/crash.cpp:41:10
  #4 0x1010447c in Func2(int, int*) /home/seurer/test/stack/crash.cpp:48:10
  #5 0x1010471c in Func1(int, int*) /home/seurer/test/stack/crash.cpp:55:10
  #6 0x101049dc in main /home/seurer/test/stack/crash.cpp:64:10
  #7 0x3fff9c134cfc in generic_start_main /build/buildd/eglibc-2.19/csu/../csu/libc-start.c:287

0x0a100000eff0 is located 0 bytes inside of 4-byte region [0x0a100000eff0,0x0a100000eff4)
freed by thread T0 here:

  #0 0x1010115c in operator delete(void*) /home/seurer/llvm/llvm-base/projects/compiler-rt/lib/asan/asan_new_delete.cc:94
  #1 0x10104990 in main /home/seurer/test/stack/crash.cpp:62:3
  #2 0x3fff9c134cfc in generic_start_main /build/buildd/eglibc-2.19/csu/../csu/libc-start.c:287

previously allocated by thread T0 here:

  #0 0x1010096c in operator new(unsigned long) /home/seurer/llvm/llvm-base/projects/compiler-rt/lib/asan/asan_new_delete.cc:62
  #1 0x10104954 in main /home/seurer/test/stack/crash.cpp:60:8
  #2 0x3fff9c134cfc in generic_start_main /build/buildd/eglibc-2.19/csu/../csu/libc-start.c:287

With fast unwinding and no stack popping:

117763==ERROR: AddressSanitizer: heap-use-after-free on address 0x0a100000eff0 at pc 0x0000100ee418 bp 0x3fffdcc66870 sp 0x3fffdcc668d8
---------------------------------------------------------------------------------------------------------------------------------------

WRITE of size 4 at 0x0a100000eff0 thread T0

  #0 0x100ee414 in Func6(int, int*) /home/seurer/test/stack/crash.cpp:19:7
  #1 0x100ee5bc in Func5(int, int*) /home/seurer/test/stack/crash.cpp:27:10
  #2 0x100ee85c in Func4(int, int*) /home/seurer/test/stack/crash.cpp:34:10
  #3 0x100eeafc in Func3(int, int*) /home/seurer/test/stack/crash.cpp:41:10
  #4 0x100eed9c in Func2(int, int*) /home/seurer/test/stack/crash.cpp:48:10
  #5 0x100ef03c in Func1(int, int*) /home/seurer/test/stack/crash.cpp:55:10
  #6 0x100ef2fc in main /home/seurer/test/stack/crash.cpp:64:10
  #7 0x3fffa9574cfc in generic_start_main /build/buildd/eglibc-2.19/csu/../csu/libc-start.c:287

0x0a100000eff0 is located 0 bytes inside of 4-byte region [0x0a100000eff0,0x0a100000eff4)
freed by thread T0 here:

  #0 0x100ecd14 in operator delete(void*) /home/seurer/llvm/llvm-test/projects/compiler-rt/lib/asan/asan_new_delete.cc:94:3
  #1 0x100ecda8 in GetStackTraceWithPcBpAndContext /home/seurer/llvm/llvm-test/projects/compiler-rt/lib/asan/asan_stack.h:50:7
  #2 0x100ecda8 in operator delete(void*) /home/seurer/llvm/llvm-test/projects/compiler-rt/lib/asan/asan_new_delete.cc:94
  #3 0x100ef2b0 in main /home/seurer/test/stack/crash.cpp:62:3
  #4 0x3fffa9574cfc in generic_start_main /build/buildd/eglibc-2.19/csu/../csu/libc-start.c:287
  #5 0x3fffa9574ef4 in __libc_start_main /build/buildd/eglibc-2.19/csu/../sysdeps/unix/sysv/linux/powerpc/libc-start.c:93

previously allocated by thread T0 here:

  #0 0x100ec5d4 in operator new(unsigned long) /home/seurer/llvm/llvm-test/projects/compiler-rt/lib/asan/asan_new_delete.cc:62:35
  #1 0x100ec668 in GetStackTraceWithPcBpAndContext /home/seurer/llvm/llvm-test/projects/compiler-rt/lib/asan/asan_stack.h:50:7
  #2 0x100ec668 in operator new(unsigned long) /home/seurer/llvm/llvm-test/projects/compiler-rt/lib/asan/asan_new_delete.cc:62
  #3 0x100ef274 in main /home/seurer/test/stack/crash.cpp:60:8
  #4 0x3fffa9574cfc in generic_start_main /build/buildd/eglibc-2.19/csu/../csu/libc-start.c:287
  #5 0x3fffa9574ef4 in __libc_start_main /build/buildd/eglibc-2.19/csu/../sysdeps/unix/sysv/linux/powerpc/libc-start.c:93

With fast unwinding and stack popping:




75053==ERROR: AddressSanitizer: heap-use-after-free on address 0x0a100000eff0 at pc 0x0000100ee518 bp 0x3fffed4849f0 sp 0x3fffed484a58
--------------------------------------------------------------------------------------------------------------------------------------

WRITE of size 4 at 0x0a100000eff0 thread T0

  #0 0x100ee514 in Func6(int, int*) /home/seurer/test/stack/crash.cpp:19:7
  #1 0x100ee6bc in Func5(int, int*) /home/seurer/test/stack/crash.cpp:27:10
  #2 0x100ee95c in Func4(int, int*) /home/seurer/test/stack/crash.cpp:34:10
  #3 0x100eebfc in Func3(int, int*) /home/seurer/test/stack/crash.cpp:41:10
  #4 0x100eee9c in Func2(int, int*) /home/seurer/test/stack/crash.cpp:48:10
  #5 0x100ef13c in Func1(int, int*) /home/seurer/test/stack/crash.cpp:55:10
  #6 0x100ef3fc in main /home/seurer/test/stack/crash.cpp:64:10
  #7 0x3fff9b9f4cfc in generic_start_main /build/buildd/eglibc-2.19/csu/../csu/libc-start.c:287

0x0a100000eff0 is located 0 bytes inside of 4-byte region [0x0a100000eff0,0x0a100000eff4)
freed by thread T0 here:

  #0 0x100ece14 in operator delete(void*) /home/seurer/llvm/llvm-test/projects/compiler-rt/lib/asan/asan_new_delete.cc:94:3
  #1 0x100ef3b0 in main /home/seurer/test/stack/crash.cpp:62:3
  #2 0x3fff9b9f4cfc in generic_start_main /build/buildd/eglibc-2.19/csu/../csu/libc-start.c:287
  #3 0x3fff9b9f4ef4 in __libc_start_main /build/buildd/eglibc-2.19/csu/../sysdeps/unix/sysv/linux/powerpc/libc-start.c:93

previously allocated by thread T0 here:

  #0 0x100ec6d4 in operator new(unsigned long) /home/seurer/llvm/llvm-test/projects/compiler-rt/lib/asan/asan_new_delete.cc:62:35
  #1 0x100ef374 in main /home/seurer/test/stack/crash.cpp:60:8
  #2 0x3fff9b9f4cfc in generic_start_main /build/buildd/eglibc-2.19/csu/../csu/libc-start.c:287
  #3 0x3fff9b9f4ef4 in __libc_start_main /build/buildd/eglibc-2.19/csu/../sysdeps/unix/sysv/linux/powerpc/libc-start.c:93


http://reviews.llvm.org/D9259

EMAIL PREFERENCES
  http://reviews.llvm.org/settings/panel/emailpreferences/

More information about the llvm-commits mailing list