Hi, I've been building gcc 5.1.0 for a number of targets and one of them (an e500 powerpc linux target) is having difficulty running the address sanitizer. With the default shadow configuration a trivial test program is unable start because ASAN cannot map the shadow memory. It quits, saying: "Shadow memory range interleaves with an existing memory mapping.". When I modify the location of the shadow offset to 0x40000000 (from 0x20000000) the trivial program works but a real application starts successfully but then fails when it attempts to allocate (new or malloc) a large (~2meg) chunk of memory. On another powerpc linux target (e500mc) I have the sanitizer works fine, so I suspect there is a something in the failing target's system libraries that is causing problems. The e500mc target has a newer kernel and OS. What I think is the culprit is the mapping of several system libraries (libm, libc, and libdl) to addresses around 0x30000000, and that this causes the initial failure with shadow offset 0x20000000 and causes a fragmentation problem for the ASAN's allocator when the shadow offset is 0x40000000. When ASAN fails (with the default shadow offset 0x20000000), I see: # ASAN_OPTIONS=verbosity=2 ./try 1 2 3 ==1165==Parsed ASAN_OPTIONS: verbosity=2 ==1165==AddressSanitizer: failed to intercept 'preadv' ==1165==AddressSanitizer: failed to intercept 'preadv64' ==1165==AddressSanitizer: failed to intercept 'pwritev' ==1165==AddressSanitizer: failed to intercept 'pwritev64' ==1165==AddressSanitizer: failed to intercept '__isoc99_scanf' ==1165==AddressSanitizer: failed to intercept '__isoc99_sscanf' ==1165==AddressSanitizer: failed to intercept '__isoc99_fscanf' ==1165==AddressSanitizer: failed to intercept '__isoc99_vscanf' ==1165==AddressSanitizer: failed to intercept '__isoc99_vsscanf' ==1165==AddressSanitizer: failed to intercept '__isoc99_vfscanf' ==1165==AddressSanitizer: failed to intercept '__isoc99_printf' ==1165==AddressSanitizer: failed to intercept '__isoc99_sprintf' ==1165==AddressSanitizer: failed to intercept '__isoc99_snprintf' ==1165==AddressSanitizer: failed to intercept '__isoc99_fprintf' ==1165==AddressSanitizer: failed to intercept '__isoc99_vprintf' ==1165==AddressSanitizer: failed to intercept '__isoc99_vsprintf' ==1165==AddressSanitizer: failed to intercept '__isoc99_vsnprintf' ==1165==AddressSanitizer: failed to intercept '__isoc99_vfprintf' ==1165==AddressSanitizer: failed to intercept 'accept4' ==1165==AddressSanitizer: failed to intercept 'pthread_mutexattr_getrobust' ==1165==AddressSanitizer: failed to intercept 'pthread_setname_np' ==1165==AddressSanitizer: failed to intercept 'timerfd_settime' ==1165==AddressSanitizer: failed to intercept 'timerfd_gettime' ==1165==AddressSanitizer: libc interceptors initialized || `[0x38000000, 0xbfffffff]` || HighMem || || `[0x27000000, 0x37ffffff]` || HighShadow || || `[0x24000000, 0x26ffffff]` || ShadowGap || || `[0x20000000, 0x23ffffff]` || LowShadow || || `[0x00000000, 0x1fffffff]` || LowMem || MemToShadow(shadow): 0x24000000 0x247fffff 0x24e00000 0x26ffffff redzone=16 max_redzone=2048 quarantine_size=64M malloc_context_size=30 SHADOW_SCALE: 3 SHADOW_GRANULARITY: 8 SHADOW_OFFSET: 20000000 ==1165==Shadow memory range interleaves with an existing memory mapping. ASan cannot proceed correctly. ABORTING. ==1165==Process memory map follows: 0x00100000-0x00102000 [vdso] 0x0f7f0000-0x0f807000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libgcc_s.so.1 0x0f807000-0x0f816000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libgcc_s.so.1 0x0f816000-0x0f817000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libgcc_s.so.1 0x0f827000-0x0f9b6000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libstdc++.so.6.0.21 0x0f9b6000-0x0f9c5000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libstdc++.so.6.0.21 0x0f9c5000-0x0f9cc000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libstdc++.so.6.0.21 0x0f9cc000-0x0f9ce000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libstdc++.so.6.0.21 0x0f9ce000-0x0f9d0000 0x0f9e0000-0x0f9e7000 /lib/librt-2.5.so 0x0f9e7000-0x0f9f7000 /lib/librt-2.5.so 0x0f9f7000-0x0f9f8000 /lib/librt-2.5.so 0x0f9f8000-0x0f9f9000 /lib/librt-2.5.so 0x0fa09000-0x0fb11000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libasan.so.2.0.0 0x0fb11000-0x0fb21000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libasan.so.2.0.0 0x0fb21000-0x0fb27000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libasan.so.2.0.0 0x0fb27000-0x0ff80000 0x0ff90000-0x0ffaf000 /lib/ld-2.5.so 0x0ffbf000-0x0ffc1000 /lib/ld-2.5.so 0x0ffd0000-0x0ffe5000 /lib/libpthread-2.5.so 0x0ffe5000-0x0fff4000 /lib/libpthread-2.5.so 0x0fff4000-0x0fff5000 /lib/libpthread-2.5.so 0x0fff5000-0x0fff6000 /lib/libpthread-2.5.so 0x0fff6000-0x0fff8000 0x10000000-0x10002000 /export/navusr3/local/gnu/obj/5.1.0/try/try 0x10011000-0x10012000 /export/navusr3/local/gnu/obj/5.1.0/try/try 0x30000000-0x30001000 0x30001000-0x301b6000 /lib/libm-2.5.so 0x301b6000-0x301c5000 /lib/libm-2.5.so 0x301c5000-0x301c6000 /lib/libm-2.5.so 0x301c6000-0x301cc000 /lib/libm-2.5.so 0x301cc000-0x3032b000 /lib/libc-2.5.so 0x3032b000-0x3033a000 /lib/libc-2.5.so 0x3033a000-0x30340000 /lib/libc-2.5.so 0x30340000-0x30342000 0x30342000-0x30343000 0x30343000-0x30346000 /lib/libdl-2.5.so 0x30346000-0x30355000 /lib/libdl-2.5.so 0x30355000-0x30356000 /lib/libdl-2.5.so 0x30356000-0x30357000 /lib/libdl-2.5.so 0x30357000-0x3035e000 0x30360000-0x3050b000 0x7ffa6000-0x7ffbb000 [stack] ==1165==End of process memory map. # With the shadow offset at 0x40000000, the sanitizer fails with: ==889==ERROR: AddressSanitizer failed to allocate 0x273000 (2568192) bytes of LargeMmapAllocator (errno: 12) ==889==Process memory map follows: 0x00100000-0x00102000 [vdso] 0x0f7c4000-0x0f7cf000 /lib/libnss_files-2.5.so 0x0f7cf000-0x0f7de000 /lib/libnss_files-2.5.so 0x0f7de000-0x0f7df000 /lib/libnss_files-2.5.so 0x0f7df000-0x0f7e0000 /lib/libnss_files-2.5.so 0x0f7f0000-0x0f97f000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libstdc++.so.6.0.21 0x0f97f000-0x0f98e000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libstdc++.so.6.0.21 0x0f98e000-0x0f995000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libstdc++.so.6.0.21 0x0f995000-0x0f997000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libstdc++.so.6.0.21 0x0f997000-0x0f999000 0x0f9a9000-0x0f9c0000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libgcc_s.so.1 0x0f9c0000-0x0f9cf000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libgcc_s.so.1 0x0f9cf000-0x0f9d0000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libgcc_s.so.1 0x0f9e0000-0x0f9e7000 /lib/librt-2.5.so 0x0f9e7000-0x0f9f7000 /lib/librt-2.5.so 0x0f9f7000-0x0f9f8000 /lib/librt-2.5.so 0x0f9f8000-0x0f9f9000 /lib/librt-2.5.so 0x0fa09000-0x0fb11000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libasan.so.2.0.0 0x0fb11000-0x0fb21000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libasan.so.2.0.0 0x0fb21000-0x0fb27000 /export/navusr3/local/gnu/5.1.0/H-x86_64-unknown-linux-gnu/powerpc-wr2e500v2-linux-gnuspe/lib/libasan.so.2.0.0 0x0fb27000-0x0ff80000 0x0ff90000-0x0ffaf000 /lib/ld-2.5.so 0x0ffbf000-0x0ffc1000 /lib/ld-2.5.so 0x0ffe0000-0x0ffe3000 /lib/libdl-2.5.so 0x0ffe3000-0x0fff2000 /lib/libdl-2.5.so 0x0fff2000-0x0fff3000 /lib/libdl-2.5.so 0x0fff3000-0x0fff4000 /lib/libdl-2.5.so 0x10000000-0x14d81000 /home/ricsew1/iw/r55--PeFlex/run-time/iut/appl/agent/bin.linux-e500-asan/gepeapp 0x14d90000-0x15126000 /home/ricsew1/iw/r55--PeFlex/run-time/iut/appl/agent/bin.linux-e500-asan/gepeapp 0x15126000-0x15422000 [heap] 0x30000000-0x30001000 0x30001000-0x301b6000 /lib/libm-2.5.so 0x301b6000-0x301c5000 /lib/libm-2.5.so 0x301c5000-0x301c6000 /lib/libm-2.5.so 0x301c6000-0x301cc000 /lib/libm-2.5.so 0x301cc000-0x301cd000 0x301cd000-0x301e2000 /lib/libpthread-2.5.so 0x301e2000-0x301f1000 /lib/libpthread-2.5.so 0x301f1000-0x301f2000 /lib/libpthread-2.5.so 0x301f2000-0x301f3000 /lib/libpthread-2.5.so 0x301f3000-0x301f5000 0x301f5000-0x30354000 /lib/libc-2.5.so 0x30354000-0x30363000 /lib/libc-2.5.so 0x30363000-0x30369000 /lib/libc-2.5.so 0x30369000-0x3036b000 0x3036b000-0x315fe000 0x31600000-0x32bfe000 0x32c00000-0x32d00000 0x32d00000-0x32d01000 0x32d01000-0x34e00000 0x34e00000-0x34e01000 0x34e01000-0x36ffb000 0x37000000-0x37603000 0x37603000-0x37604000 0x37604000-0x397fe000 0x39800000-0x3abfd000 0x3ac00000-0x3b200000 0x3b200000-0x3b201000 0x3b201000-0x3d400000 0x3d400000-0x3d401000 0x3d401000-0x3fafb000 0x3fb00000-0x3fffb000 0x3ffff000-0x48000000 0x48000000-0x4b000000 0x4b000000-0x58000000 0x58000000-0x58001000 0x58001000-0x5a000000 0x5a000000-0x5a001000 0x5a001000-0x5c200000 0x5c200000-0x5c201000 0x5c201000-0x5e200000 0x5e200000-0x5e201000 0x5e201000-0x60200000 0x60200000-0x60201000 0x60201000-0x62c8c000 0x62c8c000-0x62c8d000 0x62c8d000-0x64c8c000 0x64c8c000-0x64c8d000 0x64c8d000-0x66ef9000 0x66f00000-0x67000000 0x67000000-0x67001000 0x67001000-0x694fe000 0x69500000-0x69700000 0x69700000-0x69701000 0x69701000-0x6b700000 0x6b700000-0x6b701000 0x6b701000-0x6d700000 0x6d700000-0x6d701000 0x6d701000-0x6f700000 0x6f700000-0x6f701000 0x6f701000-0x717fe000 0x71800000-0x71900000 0x71900000-0x71901000 0x71901000-0x73900000 0x73900000-0x73901000 0x73901000-0x75d00000 0x75d00000-0x75d01000 0x75d01000-0x782ff000 0x78300000-0x7867f000 0x7867f000-0x78680000 0x78680000-0x7a6fe000 0x7a700000-0x7a8ee000 0x7a900000-0x7aa00000 0x7aa00000-0x7aa01000 0x7aa01000-0x7ca22000 0x7ca22000-0x7ca23000 0x7ca23000-0x7fb47000 0x7fc87000-0x7fc9c000 [stack] 0x7fc9c000-0x7ff0f000 ==889==End of process memory map. ==889==AddressSanitizer CHECK failed: /usr/central.share/gnu/src/gcc-5.1.0/libsanitizer/sanitizer_common/sanitizer_posix.cc:121 "(("unable to mmap" && 0)) != (0)" (0x0, 0x0) ERROR: Failed to mmap Interestingly, this time libpthread is mapped into the 0x30000000 region but it was not in the trivial program. I realize this may not be the correct forum for asking questions about system libraries, but have been unable to find out any information about how libraries are mapped. But since this affects the sanitizer, perhaps someone here has also seen this and can point me in the right direction. Thanks in advance, -- Richard Sewards