mach_override directory and files

howarth at nitro dot med.uc.edu Tue, 13 Nov 2012 12:51:07 -0800


http://gcc.gnu.org/bugzilla/show_bug.cgi?id=55289




--- Comment #14 from Jack Howarth <howarth at nitro dot med.uc.edu> 2012-11-13 
20:50:37 UTC ---

Actually, this appears to be just noise on the output from a functional

libasan. If I use the testcase from

http://code.google.com/p/address-sanitizer/wiki/AddressSanitizer of...



% cat tests/use-after-free.c

#include <stdlib.h>

int main() {

  char *x = (char*)malloc(10 * sizeof(char*));

  free(x);

  return x[5];

}



I get...



howarth% gcc-fsf-4.8 -faddress-sanitizer -framework CoreFoundation -O1

-fno-omit-frame-pointer -g use-after-free.c -lasan

howarth% ./a.out

mach_override: some instructions unknown! Need to update mach_override.c

err = f8000001

../../../../gcc-4.8-20121113/libsanitizer/interception/mach_override/mach_override.c:308

err = f8000001

../../../../gcc-4.8-20121113/libsanitizer/interception/mach_override/mach_override.c:321

err = f8000001

../../../../gcc-4.8-20121113/libsanitizer/interception/mach_override/mach_override.c:327

err = f8000001

../../../../gcc-4.8-20121113/libsanitizer/interception/mach_override/mach_override.c:340

err = f8000001

../../../../gcc-4.8-20121113/libsanitizer/interception/mach_override/mach_override.c:345

=================================================================

==88551== ERROR: AddressSanitizer heap-use-after-free on address 0x000105cbaf45

at pc 0x103001f12 bp 0x7fff5cbfe8f0 sp 0x7fff5cbfe8e8

READ of size 1 at 0x000105cbaf45 thread T0

    #0 0x103001f11 (/Users/howarth/./a.out+0x100000f11)

    #1 0x7fff8bd827e0 (/usr/lib/system/libdyld.dylib+0x27e0)

    #2 0x0

0x000105cbaf45 is located 5 bytes inside of 80-byte region

[0x000105cbaf40,0x000105cbaf90)

freed by thread T0 here:

    #0 0x1030147a4 (/sw/lib/gcc4.8/lib/libasan.0.dylib+0xb7a4)

    #1 0x10301492a (/sw/lib/gcc4.8/lib/libasan.0.dylib+0xb92a)

    #2 0x103001ee5 (/Users/howarth/./a.out+0x100000ee5)

    #3 0x7fff8bd827e0 (/usr/lib/system/libdyld.dylib+0x27e0)

    #4 0x0

previously allocated by thread T0 here:

    #0 0x103014255 (/sw/lib/gcc4.8/lib/libasan.0.dylib+0xb255)

    #1 0x7fff94c3b152 (/usr/lib/system/libsystem_c.dylib+0x2d152)

    #2 0x7fff94c3bba6 (/usr/lib/system/libsystem_c.dylib+0x2dba6)

    #3 0x103001eda (/Users/howarth/./a.out+0x100000eda)

    #4 0x7fff8bd827e0 (/usr/lib/system/libdyld.dylib+0x27e0)

Shadow byte and word:

  0x100020b975e8: fd

  0x100020b975e8: fd fd fd fd fd fd fd fd

More shadow bytes:

  0x100020b975c8: fa fa fa fa fa fa fa fa

  0x100020b975d0: fa fa fa fa fa fa fa fa

  0x100020b975d8: fa fa fa fa fa fa fa fa

  0x100020b975e0: fa fa fa fa fa fa fa fa

=>0x100020b975e8: fd fd fd fd fd fd fd fd

  0x100020b975f0: fd fd fd fd fd fd fd fd

  0x100020b975f8: fa fa fa fa fa fa fa fa

  0x100020b97600: fa fa fa fa fa fa fa fa

  0x100020b97608: fa fa fa fa fa fa fa fa

Stats: 0M malloced (0M for red zones) by 1 calls

Stats: 0M realloced by 0 calls

Stats: 0M freed by 1 calls

Stats: 0M really freed by 0 calls

Stats: 0M (128 full pages) mmaped in 1 calls

  mmaps   by size class: 8:2047; 

  mallocs by size class: 8:1; 

  frees   by size class: 8:1; 

  rfrees  by size class: 

Stats: malloc large: 0 small slow: 1

==88551== ABORTING



compared to...



howarth% /sw/opt/llvm-3.2/bin/clang -fsanitize=address -O1

-fno-omit-frame-pointer -g use-after-free.c



howarth% ./a.out

=================================================================

==88537== ERROR: AddressSanitizer: heap-use-after-free on address

0x00010a0a2f45 at pc 0x107dcae54 bp 0x7fff57e358f0 sp 0x7fff57e358e8

READ of size 1 at 0x00010a0a2f45 thread T0

    #0 0x107dcae53 (/Users/howarth/./a.out+0x100000e53)

    #1 0x7fff8bd827e0 (/usr/lib/system/libdyld.dylib+0x27e0)

    #2 0x0

0x00010a0a2f45 is located 5 bytes inside of 80-byte region

[0x00010a0a2f40,0x00010a0a2f90)

freed by thread T0 here:

    #0 0x107dd3878 (/Users/howarth/./a.out+0x100009878)

    #1 0x107dd2ef2 (/Users/howarth/./a.out+0x100008ef2)

    #2 0x107dcae1a (/Users/howarth/./a.out+0x100000e1a)

    #3 0x7fff8bd827e0 (/usr/lib/system/libdyld.dylib+0x27e0)

    #4 0x0

previously allocated by thread T0 here:

    #0 0x107dd3682 (/Users/howarth/./a.out+0x100009682)

    #1 0x7fff94c3b152 (/usr/lib/system/libsystem_c.dylib+0x2d152)

    #2 0x7fff94c3bba6 (/usr/lib/system/libsystem_c.dylib+0x2dba6)

    #3 0x107dcae0f (/Users/howarth/./a.out+0x100000e0f)

    #4 0x7fff8bd827e0 (/usr/lib/system/libdyld.dylib+0x27e0)

Shadow byte and word:

  0x1000214145e8: fd

  0x1000214145e8: fd fd fd fd fd fd fd fd

More shadow bytes:

  0x1000214145c8: fa fa fa fa fa fa fa fa

  0x1000214145d0: fa fa fa fa fa fa fa fa

  0x1000214145d8: fa fa fa fa fa fa fa fa

  0x1000214145e0: fa fa fa fa fa fa fa fa

=>0x1000214145e8: fd fd fd fd fd fd fd fd

  0x1000214145f0: fd fd fd fd fd fd fd fd

  0x1000214145f8: fa fa fa fa fa fa fa fa

  0x100021414600: fa fa fa fa fa fa fa fa

  0x100021414608: fa fa fa fa fa fa fa fa

Stats: 0M malloced (0M for red zones) by 1 calls

Stats: 0M realloced by 0 calls

Stats: 0M freed by 1 calls

Stats: 0M really freed by 0 calls

Stats: 0M (128 full pages) mmaped in 1 calls

  mmaps   by size class: 8:2047; 

  mallocs by size class: 8:1; 

  frees   by size class: 8:1; 

  rfrees  by size class: 

Stats: malloc large: 0 small slow: 1

==88537== ABORTING

[Bug bootstrap/55289] darwin bootstrap fails due to missing libsanitizer/interception/mach_override directory and files

Reply via email to