New issue
Advanced search Search tips

Issue 648584 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Closed: Sep 2016
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Android
Pri: 3
Type: Bug

Blocking:
issue 645953



Sign in to add a comment

ClangToTAndroidASan fails to run base_unittests

Project Member Reported by thakis@chromium.org, Sep 20 2016

Issue description

Started here: https://build.chromium.org/p/chromium.fyi/builders/ClangToTAndroidASan/builds/4029

Likely due to an asan runtime change, filed https://llvm.org/bugs/show_bug.cgi?id=30462

This blocks clang rolls past r281909
 
Owner: etienneb@chromium.org
I introduced the bug when landing the patch to fix Asan on windows 64-bits.

https://reviews.llvm.org/D23363

The function is not supposed to be called on Android.
I'm gonna check if I can figure out why.
From asan_mapping.h:
=====================================
#if SANITIZER_WORDSIZE == 32
#  if SANITIZER_ANDROID
#    define SHADOW_OFFSET (0)   <<---- HERE
#  elif defined(__mips__)

Shadow address on android is 0.

From asan_rtl.c:
=====================================
  if (shadow_start == 0) {
    [...]
    shadow_start = FindAvailableMemoryRange(space_size, alignment, granularity);
  }

We assumed that 0 is dynamic address.

On windows, the address was determined with:
#  elif SANITIZER_WINDOWS64
#   define SHADOW_OFFSET __asan_shadow_memory_dynamic_address
#  else

and __asan_shadow_memory_dynamic_address is initially zero.


Comment 4 by thakis@chromium.org, Sep 21 2016

Blocking: 645953

Comment 5 by thakis@chromium.org, Sep 21 2016

This is now blocking the current clang roll. (I had to revert the roll I did yesterday.)

Comment 6 by thakis@chromium.org, Sep 21 2016

r282085 should fix

Comment 7 by thakis@chromium.org, Sep 21 2016

Owner: thakis@chromium.org
Status: Fixed (was: Untriaged)
Actually, turns out that 32-bit dynamic asan was broken by that change too. I reverted it all in 282097 / 282096. What's scary is that the 32-bit dynamic asan tests weren't hooked up to `ninja check-all`, so the upload bot thought that all was fine :-( (but the 32-bit chrome tot component bot was red, at least).

So this is fixed for now.

Sign in to add a comment