http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59148
Bug ID: 59148 Summary: FAIL: c-c++-common/asan/strncpy-overflow-1.c -O0 execution test on darwin13 Product: gcc Version: 4.9.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: sanitizer Assignee: unassigned at gcc dot gnu.org Reporter: howarth at nitro dot med.uc.edu CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org, jakub at gcc dot gnu.org, kcc at gcc dot gnu.org At r204847, on x86_64-apple-darwin13, the following regressions remain... === gcc tests === Running target unix/-m32 FAIL: c-c++-common/asan/strncpy-overflow-1.c -O0 execution test === gcc Summary for unix/-m32 === # of expected passes 324 # of unexpected failures 1 # of unsupported tests 101 Running target unix/-m64 FAIL: c-c++-common/asan/strncpy-overflow-1.c -O0 execution test === gcc Summary for unix/-m64 === # of expected passes 324 # of unexpected failures 1 # of unsupported tests 101 === gcc Summary === # of expected passes 648 # of unexpected failures 2 # of unsupported tests 202 /sw/src/fink.build/gcc49-4.9.0-1000/darwin_objdir/gcc/xgcc version 4.9.0 20131115 (experimental) (GCC) Compiler version: 4.9.0 20131115 (experimental) (GCC) Platform: x86_64-apple-darwin13.0.0 configure flags: --prefix=/sw --prefix=/sw/lib/gcc4.9 --mandir=/sw/share/man --infodir=/sw/lib/gcc4.9/info --enable-languages=c,c++,fortran,lto,objc,obj-c++,java --with-gmp=/sw --with-libiconv-prefix=/sw --with-isl=/sw --with-cloog=/sw --with-mpc=/sw --with-system-zlib --enable-checking=yes --x-includes=/usr/X11R6/include --x-libraries=/usr/X11R6/lib --program-suffix=-fsf-4.9 The failures appear as... Executing on host: /sw/src/fink.build/gcc49-4.9.0-1000/darwin_objdir/gcc/xgcc -B/sw/src/fink.build/gcc49-4.9.0-1000/darwin_objdir/gcc/ /sw/src/fink.build/gcc49-4.9.0-1000/gcc-4.9-20131115/gcc/testsuite/c-c++-common/asan/strncpy-overflow-1.c -B/sw/src/fink.build/gcc49-4.9.0-1000/darwin_objdir/x86_64-apple-darwin13.0.0/i386/libsanitizer/asan/ -L/sw/src/fink.build/gcc49-4.9.0-1000/darwin_objdir/x86_64-apple-darwin13.0.0/i386/libsanitizer/asan/.libs -fsanitize=address -g -fno-diagnostics-show-caret -fdiagnostics-color=never -O0 -fno-builtin-malloc -fno-builtin-strncpy -lm -m32 -o ./strncpy-overflow-1.exe (timeout = 300) spawn /sw/src/fink.build/gcc49-4.9.0-1000/darwin_objdir/gcc/xgcc -B/sw/src/fink.build/gcc49-4.9.0-1000/darwin_objdir/gcc/ /sw/src/fink.build/gcc49-4.9.0-1000/gcc-4.9-20131115/gcc/testsuite/c-c++-common/asan/strncpy-overflow-1.c -B/sw/src/fink.build/gcc49-4.9.0-1000/darwin_objdir/x86_64-apple-darwin13.0.0/i386/libsanitizer/asan/ -L/sw/src/fink.build/gcc49-4.9.0-1000/darwin_objdir/x86_64-apple-darwin13.0.0/i386/libsanitizer/asan/.libs -fsanitize=address -g -fno-diagnostics-show-caret -fdiagnostics-color=never -O0 -fno-builtin-malloc -fno-builtin-strncpy -lm -m32 -o ./strncpy-overflow-1.exe^M PASS: c-c++-common/asan/strncpy-overflow-1.c -O0 (test for excess errors) Setting LD_LIBRARY_PATH to :/sw/src/fink.build/gcc49-4.9.0-1000/darwin_objdir/gcc:/sw/src/fink.build/gcc49-4.9.0-1000/darwin_objdir/x86_64-apple-darwin13.0.0/i386/libsanitizer/asan/.libs::/sw/src/fink.build/gcc49-4.9.0-1000/darwin_objdir/gcc:/sw/src/fink.build/gcc49-4.9.0-1000/darwin_objdir/x86_64-apple-darwin13.0.0/i386/libsanitizer/asan/.libs:/usr/local/NMRPipe/nmrbin.mac/lib spawn [open ...]^M FAIL: c-c++-common/asan/strncpy-overflow-1.c -O0 execution test If I compile the failing test case with... /sw/src/fink.build/gcc49-4.9.0-1000/darwin_objdir/gcc/xgcc -B/sw/src/fink.build/gcc49-4.9.0-1000/darwin_objdir/gcc/ /sw/src/fink.build/gcc49-4.9.0-1000/gcc-4.9-20131115/gcc/testsuite/c-c++-common/asan/strncpy-overflow-1.c -B/sw/src/fink.build/gcc49-4.9.0-1000/darwin_objdir/x86_64-apple-darwin13.0.0/i386/libsanitizer/asan/ -L/sw/src/fink.build/gcc49-4.9.0-1000/darwin_objdir/x86_64-apple-darwin13.0.0/i386/libsanitizer/asan/.libs -fsanitize=address -g -fno-diagnostics-show-caret -fdiagnostics-color=never -O0 -fno-builtin-malloc -fno-builtin-strncpy -lm -m32 -mmacosx-version-min=10.8 -o ./strncpy-overflow-1.exe it still 'FAILS' by passing, but if I move that strncpy-overflow-1.exe binary to a x86_64-apple-darwin12 box with the same build of gcc trunk on the x86_64-apple-darwin12 target, it works as expected... % ./strncpy-overflow-1.exe ================================================================= ==16663==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x01c00759 at pc 0xd501d bp 0xbff428a8 sp 0xbff42488 WRITE of size 10 at 0x01c00759 thread T0 #0 0xd501c (/sw/lib/gcc4.9/lib/i386/libasan.1.dylib+0x1101c) #1 0xbed41 (/Users/howarth/./strncpy-overflow-1.exe+0x1d41) #2 0x99852724 (/usr/lib/system/libdyld.dylib+0x2724) #3 0x0 0x01c00759 is located 0 bytes to the right of 9-byte region [0x01c00750,0x01c00759) allocated by thread T0 here: #0 0xde0f2 (/sw/lib/gcc4.9/lib/i386/libasan.1.dylib+0x1a0f2) #1 0xbed28 (/Users/howarth/./strncpy-overflow-1.exe+0x1d28) #2 0x99852724 (/usr/lib/system/libdyld.dylib+0x2724) #3 0x0 Shadow bytes around the buggy address: 0x20380090: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x203800a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x203800b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x203800c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x203800d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa =>0x203800e0: fa fa fa fa fa fa fa fa fa fa 00[01]fa fa 06 fa 0x203800f0: fa fa 00 fa fa fa 00 04 fa fa 00 07 fa fa fd fa 0x20380100: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x20380110: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x20380120: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x20380130: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 ASan internal: fe ==16663==ABORTING