jys0710
commented
6 years ago Could you share your "TestCases/simple_bad_cast.cc" ?
Closed bingosxs closed 6 years ago
jys0710
commented
6 years ago Could you share your "TestCases/simple_bad_cast.cc" ?
bingosxs
commented
6 years ago The file is cloned from github without modification. Here it is;
// RUN: %clangxx -fsanitize=hextype %s -O3 -o %t
// RUN: %run %t 2>&1 | FileCheck %s --strict-whitespace
#include <stdio.h>
namespace foo {
class GrandParent {
public:
unsigned int age;
};
class Parent : public GrandParent {
public:
virtual void foo();
char name[10];
};
void Parent::foo() {
}
class Child_1 : public Parent {
public:
virtual void foo();
};
void Child_1::foo() {
}
class Child_2 : public Parent {
public:
Child_1 c1;
virtual void foo();
};
void Child_2::foo() {
}
}
using namespace foo;
int main() {
GrandParent *p = new GrandParent();
// CHECK:== HexType Type Confusion Report ==
Parent *g = static_cast<Parent*>(p);
return 0;
}
Hi, I tested your test code.
HexType detected type confusion as below.
Could you check your test script?
jeon41@joun:~/sata/current_projects/HexType_org/HexType/build/bin$ cat test.cpp
#include <stdio.h>
namespace foo {
class GrandParent {
public:
unsigned int age;
};
class Parent : public GrandParent {
public:
virtual void foo();
char name[10];
};
void Parent::foo() {
}
class Child_1 : public Parent {
public:
virtual void foo();
};
void Child_1::foo() {
}
class Child_2 : public Parent {
public:
Child_1 c1;
virtual void foo();
};
void Child_2::foo() {
}
}
using namespace foo;
int main() {
GrandParent *p = new GrandParent();
// CHECK:== HexType Type Confusion Report ==
Parent *g = static_cast<Parent*>(p);
return 0;
}
jeon41@joun:~/sata/current_projects/HexType_org/HexType/build/bin$ ./clang++ test.cpp -fsanitize=hextype -O3
jeon41@joun:~/sata/current_projects/HexType_org/HexType/build/bin$ ./a.out
== HexType Type Confusion Report ==
1 0 12312464776785476860
./a.out() [0x404b09]
./a.out(main+0x4f) [0x4053cf]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf0) [0x7ffff6b63830]
./a.out(_start+0x29) [0x401b29]
jeon41@joun:~/sata/current_projects/HexType_org/HexType/build/bin$ canicula@D065:~/newdisk/work/HexType$ ./build/bin/clang++ /home/newdisk/canicula/work/HexType/compiler-rt/test/hextype/TestCases/simple_bad_cast.cc -fsanitize=hextype
canicula@D065:~/newdisk/work/HexType$ ./a.out
terminate called after throwing an instance of 'std::bad_alloc'
what(): std::bad_alloc
Aborted (core dumped)system information:
clang -v
clang version 4.0.0-1ubuntu1~16.04.2 (tags/RELEASE_400/rc1)
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
Found candidate GCC installation: /usr/bin/../lib/gcc/i686-linux-gnu/5
Found candidate GCC installation: /usr/bin/../lib/gcc/i686-linux-gnu/5.4.0
Found candidate GCC installation: /usr/bin/../lib/gcc/i686-linux-gnu/6
Found candidate GCC installation: /usr/bin/../lib/gcc/i686-linux-gnu/6.0.0
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/4.4
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/4.4.7
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/4.9
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/4.9.3
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/5
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/5.4.0
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/6
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/6.0.0
Found candidate GCC installation: /usr/lib/gcc/i686-linux-gnu/5
Found candidate GCC installation: /usr/lib/gcc/i686-linux-gnu/5.4.0
Found candidate GCC installation: /usr/lib/gcc/i686-linux-gnu/6
Found candidate GCC installation: /usr/lib/gcc/i686-linux-gnu/6.0.0
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/4.4
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/4.4.7
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/4.9
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/4.9.3
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/5
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/5.4.0
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/6
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/6.0.0
Selected GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/5.4.0
Candidate multilib: .;@m64
Candidate multilib: 32;@m32
Candidate multilib: x32;@mx32
Selected multilib: .;@m64
$ gcc -v
Using built-in specs.
COLLECT_GCC=/usr/bin/gcc-5.real
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/5/lto-wrapper
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu 5.4.0-6ubuntu1~16.04.9' --with-bugurl=file:///usr/share/doc/gcc-5/README.Bugs --enable-languages=c,ada,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr --program-suffix=-5 --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls --with-sysroot=/ --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-vtable-verify --enable-libmpx --enable-plugin --with-system-zlib --disable-browser-plugin --enable-java-awt=gtk --enable-gtk-cairo --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-5-amd64/jre --enable-java-home --with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-5-amd64 --with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-5-amd64 --with-arch-directory=amd64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar --enable-objc-gc --enable-multiarch --disable-werror --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.9)
$ uname -a
Linux canicula-ThinkCentre-M8600t-D065 4.4.0-127-generic #153-Ubuntu SMP Sat May 19 10:58:46 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux cat /etc/issue
Ubuntu 16.04.4 LTS \n \l
Could you give me a more detail information when you run "a.out" as blow (e.g., error code location or callstack)? Did you also try to the same test using your other machines?
canicula@D065:~/newdisk/work/HexType$ ./a.out
terminate called after throwing an instance of 'std::bad_alloc'
what(): std::bad_alloc
Aborted (core dumped)I also try to compile hextype in a Virtualboxed ubuntu 16.04 with fresh install. The same problem occurs. I paste the call-stack for this crash.
canicula@VMM:~/HexType$ ./build/bin/clang++ ./compiler-rt/test/hextype/TestCases/simple_bad_cast.cc -fsanitize=hextype -g
canicula@VMM:~/HexType$ gdb ./a.out
GNU gdb (Ubuntu 7.11.1-0ubuntu1~16.5) 7.11.1
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from ./a.out...done.
(gdb) run
Starting program: /home/canicula/HexType/a.out
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
terminate called after throwing an instance of 'std::bad_alloc'
what(): std::bad_alloc
Program received signal SIGABRT, Aborted.
0x00007ffff6b78428 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
54 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
**(gdb) bt**
#0 0x00007ffff6b78428 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
#1 0x00007ffff6b7a02a in __GI_abort () at abort.c:89
#2 0x00007ffff7ae484d in __gnu_cxx::__verbose_terminate_handler() () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#3 0x00007ffff7ae26b6 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#4 0x00007ffff7ae2701 in std::terminate() () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#5 0x00007ffff7ae2919 in __cxa_throw () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#6 0x00007ffff7ae2ebc in operator new(unsigned long) () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#7 0x00007ffff7ae2f19 in operator new[](unsigned long) () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#8 0x0000000000403cd7 in __update_phantom_info (PhantomInfo=0x6081a0 <compiler-rttesthextypeTestCasessimple_bad_castccphantom.cinfo>)
at /home/canicula/HexType/llvm/projects/compiler-rt/lib/hextype/hextype.cc:563
#9 0x0000000000405b40 in __init ()
#10 0x0000000000405bad in __libc_csu_init ()
#11 0x00007ffff6b637bf in __libc_start_main (main=0x405a50 <main()>, argc=1, argv=0x7fffffffe468, init=0x405b60 <__libc_csu_init>,
fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe458) at ../csu/libc-start.c:247
#12 0x0000000000401e99 in _start ()
(gdb)
The system info:
canicula@VMM:~/HexType$ clang -v
clang version 3.9.1-4ubuntu3~16.04.2 (tags/RELEASE_391/rc2)
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/5
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/5.4.0
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/6
Found candidate GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/6.0.0
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/5
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/5.4.0
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/6
Found candidate GCC installation: /usr/lib/gcc/x86_64-linux-gnu/6.0.0
Selected GCC installation: /usr/bin/../lib/gcc/x86_64-linux-gnu/5.4.0
Candidate multilib: .;@m64
Selected multilib: .;@m64canicula@VMM:~/HexType$ gcc -v
Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/5/lto-wrapper
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu 5.4.0-6ubuntu1~16.04.9' --with-bugurl=file:///usr/share/doc/gcc-5/README.Bugs --enable-languages=c,ada,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr --program-suffix=-5 --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls --with-sysroot=/ --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-vtable-verify --enable-libmpx --enable-plugin --with-system-zlib --disable-browser-plugin --enable-java-awt=gtk --enable-gtk-cairo --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-5-amd64/jre --enable-java-home --with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-5-amd64 --with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-5-amd64 --with-arch-directory=amd64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar --enable-objc-gc --enable-multiarch --disable-werror --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.9) canicula@VMM:~/HexType$ uname -a Linux VMM 4.4.0-127-generic #153-Ubuntu SMP Sat May 19 10:58:46 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
canicula@VMM:~/HexType$ cat /etc/issue Ubuntu 16.04.4 LTS \n \l
Thanks for your information.
Could you let me know your test machine's memory info also?
bingosxs
commented
6 years ago canicula@VMM:~$ free
total used free shared buff/cache available
Mem: 8175124 173348 6037696 14256 1964080 7727484
Swap: 0 0 0
The metadata storage size of current release version does not suit your machine. Please change "hextype.h" file as below.
--- a/src/compiler-rt-files/hextype.h
+++ b/src/compiler-rt-files/hextype.h
@@ -1,7 +1,7 @@
#include "hextype_report.h"
#include <unordered_map>
-#define NUMMAP 268435460
+#define NUMMAP 16777220
#define NUMCACHE 16777220
#define BADCAST 0
@@ -18,7 +18,7 @@
#define REINTERPRET 6
inline uint32_t getHash(uptr a) {
- return (((a >> 3) & 0xfffffff));
+ return (((a >> 3) & 0xffffff));
}The patch solved this problem. Thanks for your help.
[100%] Running HEXTYPE tests FAIL: CastVerifier :: TestCases/simple_bad_cast.cc (1 of 1) **** TEST 'CastVerifier :: TestCases/simple_bad_cast.cc' FAILED **** Script:
/home/newdisk/canicula/work/HexType/build/./bin/clang --driver-mode=g++ -fsanitize=hextype /home/newdisk/canicula/work/HexType/compiler-rt/test/hextype/TestCases/simple_bad_cast.cc -O3 -o /home/newdisk/canicula/work/HexType/build/projects/compiler-rt/test/hextype/HEXTYPEConfig/TestCases/Output/simple_bad_cast.cc.tmp /home/newdisk/canicula/work/HexType/build/projects/compiler-rt/test/hextype/HEXTYPEConfig/TestCases/Output/simple_bad_cast.cc.tmp 2>&1 | FileCheck /home/newdisk/canicula/work/HexType/compiler-rt/test/hextype/TestCases/simple_bad_cast.cc --strict-whitespace
Exit Code: 1
Command Output (stderr):
/home/newdisk/canicula/work/HexType/compiler-rt/test/hextype/TestCases/simple_bad_cast.cc:40:14: error: expected string not found in input // CHECK:== HexType Type Confusion Report == ^