Open 11bbe755-aa08-4e00-b402-e7d2e126f291 opened 3 years ago
I have added a minimized test case for this bug. The testcase calls malloc, attempts to print the value of the resulting pointer, then calls free.
compile with clang -mcmodel=medium -fsanitize=hwaddress malloc_target.c
When I execute a.out I see:
$ ./a.out HWAddressSanitizer:DEADLYSIGNAL ==3910==ERROR: HWAddressSanitizer: SEGV on unknown address (pc 0x7f98868886cc bp 0x7f98868e9520 sp 0x7ffc5821c9d8 T3910) ==3910==The signal is caused by a READ memory access. ==3910==Hint: this fault was caused by a dereference of a high value address (see register values below). Disassemble the provided pc to learn which register was used.
#​1 0x7f9886791cb9 in __vfprintf_internal (/usr/lib/libc.so.6+0x6bcb9)
#​2 0x7f988677ebbe in printf (/usr/lib/libc.so.6+0x58bbe)
#​3 0x562afa7d7883 in main (/home/andrew/Workspaces/asan-workspace/llvm-sanitizer-tutorial/target_programs/a.out+0x33883)
#​4 0x7f988674e151 in __libc_start_main (/usr/lib/libc.so.6+0x28151)
#​5 0x562afa7ab3ad in _start (/home/andrew/Workspaces/asan-workspace/llvm-sanitizer-tutorial/target_programs/a.out+0x73ad)
HWAddressSanitizer can not provide additional info. SUMMARY: HWAddressSanitizer: SEGV (/usr/lib/libc.so.6+0x1626cc) in __strchrnul_avx2 ==3910==ABORTING
I got rid of those truncations with -fpic -mcmodel=large, but the assert is still triggered.
Extended Description
When compiling the SPEC CPU2017 benchmarks on Linux x86_64, I tried using hwasan with -fsanitize=hwaddress -Wl,--no-relax.
I see an assert triggered in ld -- details are below. I am not entirely sure if hwasan on x86 is supposed to be working at the moment, but I can volunteer to test any changes. The assert being triggered is this one: http://sourceware.org/git/?p=binutils-gdb.git;a=blob;f=bfd/elflink.c;h=998b72f2281c5b9b5482795b9b55dfffe284ee23;hb=2cb5c79dad39dd438fb0f7372ac04cf5aa2a7db7#l14788
To be honest, I'm not sure if I should file this as a bug against gdb, but if someone familiar with the workings of hwasan can test it with binutils 2.35.1 on x86, perhaps that testing will generate a bug report naturally with much more context than I could provide.