search for: derefencing

...eferencing 32-bit addresses in 64-bit mode. Specifically, addresses are defined as an iPTR type in X86InstrInfo.td which I assume is expanded to 4 or 8 bytes depending on if 32/64 bit mode is active: def addr : ComplexPattern<iPTR, 5, "selectAddr", [], [SDNPWantParent]>; The derefencing mov instruction looks like this: def MOV32rm : I<0x8B, MRMSrcMem, (outs GR32:$dst), (ins i32mem:$src), "mov{l}\t{$src, $dst|$dst, $src}", [(set GR32:$dst, (loadi32 addr:$src))], IIC_MOV_MEM>, OpSize32; So it expects a source address of type 'addr' which is...

...est -timeout=1 /path/to/hi.txt`` ASan is firing with same stack trace over and over again (piping the output to file a results in a file that is 259 MiB). I've attached the compressed log. Hopefully this will be a useful starting point in determining the issue. At a glance it looks like we are derefencing a nullptr somewhere in ``fuzzer::PrintHexArray()`` which ASan then catches but then the handler for the ASan detected nullptr derefence calls ``fuzzer::PrintHexArray()`` again and so we get stuck in a loop. Some how we are managing to break out of this loop but I'm guessing this probably racey...

...ses in 64-bit mode. Specifically, addresses are defined as an > iPTR type in X86InstrInfo.td which I assume is expanded to 4 or 8 > bytes depending on if 32/64 bit mode is active: > def addr : ComplexPattern<iPTR, 5, "selectAddr", [], > [SDNPWantParent]>; > The derefencing mov instruction looks like this: > def MOV32rm : I<0x8B, MRMSrcMem, (outs GR32:$dst), (ins i32mem:$src), > "mov{l}\t{$src, $dst|$dst, $src}", > [(set GR32:$dst, (loadi32 addr:$src))], IIC_MOV_MEM>, OpSize32; > So it expects a source address of type ...

...t`` ASan > is firing with same stack trace over and over again (piping the output > to file a results in a file that is 259 MiB). I've attached the > compressed log. > > Hopefully this will be a useful starting point in determining the > issue. At a glance it looks like we are derefencing a nullptr > somewhere in ``fuzzer::PrintHexArray()`` which ASan then catches but > then the handler for the ASan detected nullptr derefence calls > ``fuzzer::PrintHexArray()`` again and so we get stuck in a loop. Some > how we are managing to break out of this loop but I'm guessing...

On 12/01/2014 02:42 PM, Andrew Trick wrote: > >> On Dec 1, 2014, at 2:21 PM, Philip Reames <listmail at philipreames.com >> <mailto:listmail at philipreames.com>> wrote: >> >> >> On 12/01/2014 11:14 AM, Andrew Trick wrote: >>> >>>> On Oct 21, 2014, at 4:03 PM, Philip Reames >>>> <listmail at philipreames.com

...ing with same stack trace over and over again (piping the output >> to file a results in a file that is 259 MiB). I've attached the >> compressed log. >> >> Hopefully this will be a useful starting point in determining the >> issue. At a glance it looks like we are derefencing a nullptr >> somewhere in ``fuzzer::PrintHexArray()`` which ASan then catches but >> then the handler for the ASan detected nullptr derefence calls >> ``fuzzer::PrintHexArray()`` again and so we get stuck in a loop. Some >> how we are managing to break out of this loop but I...

The box has a fairly heavy UDP load. Its RELENG_7 as of today and took 3hrs for it to dump core. Fatal trap 12: page fault while in kernel mode cpuid = 1; apic id = 01 fault virtual address = 0x68 fault code = supervisor read, page not present instruction pointer = 0x20:0xc0637146 stack pointer = 0x28:0xe766eaac frame pointer = 0x28:0xe766eb54 code segment

On 12/01/2014 11:14 AM, Andrew Trick wrote: > >> On Oct 21, 2014, at 4:03 PM, Philip Reames <listmail at philipreames.com >> <mailto:listmail at philipreames.com>> wrote: >> >> Sanjoy made a good point. We don't actually need a new variant of >> "invariant.start". Simply using an invariant.start with no uses >> gives us a notion

...tnet: Remove an unnecessary variable (Coverity). msi: Removed unnecessary NULL check. dbghelp: Initialize ret (Coverity). user32: Initialize hICON to NULL (Coverity). krnl386.exe: Removed unused owner_exists variable (Coverity). kernel32: Check if buffer is NULL before derefencing it (Coverity). user32: Remove useless NULL check (Coverity). user32: EM_REPLACESEL - handle OOM error. winex11.drv: physDev cannot be NULL (Coverity). winex11: Remove more superflous NULL checks (Coverity). setupapi: Avoid NULL dereference in error path (Coverity). Ma...

Hello - make fails to build the latest git of samba4 - erroring on drsblobs.so. Below is a full log from autogen.sh to the make. Would you have any suggestions on proceeding? Thank you, Ryan ryan at test1:~/samba-master/source4$ sudo ./autogen.sh ./autogen.sh: running script/mkversion.sh ./script/mkversion.sh: 'version.h' created for Samba("4.0.0alpha12-GIT-d83850a")