public inbox for glibc-bugs@sourceware.org help / color / mirror / Atom feed
* [Bug dynamic-link/28491] New: ld.so doesn't work well with sanitizer run-time
@ 2021-10-24 0:52 hjl.tools at gmail dot com
2021-10-24 7:35 ` [Bug dynamic-link/28491] " schwab@linux-m68k.org
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: hjl.tools at gmail dot com @ 2021-10-24 0:52 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28491
Bug ID: 28491
Summary: ld.so doesn't work well with sanitizer run-time
Product: glibc
Version: 2.34
Status: NEW
Severity: normal
Priority: P2
Component: dynamic-link
Assignee: unassigned at sourceware dot org
Reporter: hjl.tools at gmail dot com
Target Milestone: ---
With glibc 2.34 on Fedora 35/x86-64, LLVM 13.0.0 rc1 gave me:
[hjl@gnu-skx-1 gcc]$ cat x.c
#include <assert.h>
struct A {
char a[3];
int b[3];
};
volatile int ten = 10;
__attribute__((noinline)) void foo(int index, int len) {
volatile struct A str[len] __attribute__((aligned(32)));
assert(!((long) str & 31L));
str[index].a[0] = '1'; // BOOM
}
int main(int argc, char **argv) {
foo(ten, ten);
return 0;
}
[hjl@gnu-skx-1 gcc]$ clang -O0 -fsanitize=address x.c -shared-libasan -m32
[hjl@gnu-skx-1 gcc]$
LD_PRELOAD=/tmp/export-users-hjl-build-gnu-tools-build-gcc-debug-build-x86_64-linux-x86_64-pc-linux-gnu/libclang_rt.asan-i386.so
./a.out
AddressSanitizer: CHECK failed: asan_malloc_linux.cpp:46
"((allocated_for_dlsym)) < ((kDlsymAllocPoolSize))" (0x405, 0x400)
(tid=3485517)
<empty stack>
[hjl@gnu-skx-1 gcc]$
depending on the directory length where libclang_rt.asan-i386.so is placed.
It also happened in GCC 12 test where libasan.so.8 is in a directory with a
long pathname.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread* [Bug dynamic-link/28491] ld.so doesn't work well with sanitizer run-time 2021-10-24 0:52 [Bug dynamic-link/28491] New: ld.so doesn't work well with sanitizer run-time hjl.tools at gmail dot com @ 2021-10-24 7:35 ` schwab@linux-m68k.org 2021-10-24 11:55 ` hjl.tools at gmail dot com ` (4 subsequent siblings) 5 siblings, 0 replies; 7+ messages in thread From: schwab@linux-m68k.org @ 2021-10-24 7:35 UTC (permalink / raw) To: glibc-bugs https://sourceware.org/bugzilla/show_bug.cgi?id=28491 --- Comment #1 from Andreas Schwab <schwab@linux-m68k.org> --- Isn't that a bug in libsanitizer? -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug dynamic-link/28491] ld.so doesn't work well with sanitizer run-time 2021-10-24 0:52 [Bug dynamic-link/28491] New: ld.so doesn't work well with sanitizer run-time hjl.tools at gmail dot com 2021-10-24 7:35 ` [Bug dynamic-link/28491] " schwab@linux-m68k.org @ 2021-10-24 11:55 ` hjl.tools at gmail dot com 2021-10-24 12:40 ` hjl.tools at gmail dot com ` (3 subsequent siblings) 5 siblings, 0 replies; 7+ messages in thread From: hjl.tools at gmail dot com @ 2021-10-24 11:55 UTC (permalink / raw) To: glibc-bugs https://sourceware.org/bugzilla/show_bug.cgi?id=28491 H.J. Lu <hjl.tools at gmail dot com> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://gcc.gnu.org/bugzill | |a/show_bug.cgi?id=102911 --- Comment #2 from H.J. Lu <hjl.tools at gmail dot com> --- The backtrace: The backtrace: (gdb) bt #0 __sanitizer::CheckFailed ( file=0xf7b17af4 "/export/gnu/import/git/sources/gcc/libsanitizer/asan/asan_malloc_linux.cpp", line=46, cond=0xf7b17ac0 "((allocated_for_dlsym)) < ((kDlsymAllocPoolSize))", v1=1057, v2=1024) at /export/gnu/import/git/sources/gcc/libsanitizer/sanitizer_common/sanitizer_termination.cpp:68 #1 0xf7ababf3 in AllocateFromLocalPool (size_in_bytes=<optimized out>) at /export/gnu/import/git/sources/gcc/libsanitizer/asan/asan_malloc_linux.cpp:46 #2 __interceptor_malloc (size=<optimized out>) at /export/gnu/import/git/sources/gcc/libsanitizer/asan/asan_malloc_linux.cpp:127 #3 0xf7fe2475 in malloc (size=155) at ../include/rtld-malloc.h:56 #4 __GI__dl_exception_create_format (exception=exception@entry=0xffffccc4, objname=0xf7fc0550 "/export/users/hjl/build/gnu/tools-build/gcc-debug/build-x86_64-linux/x86_64-pc-linux-gnu/32/libsanitizer/asan/.libs/libasan.so.8", fmt=fmt@entry=0xf7ff2f11 "undefined symbol: %s%s%s") at dl-exception.c:157 #5 0xf7fd508b in _dl_lookup_symbol_x (undef_name=0xf7b14d64 "crypt_r", undef_map=0xf7fc05e0, ref=<optimized out>, symbol_scope=<optimized out>, version=0x0, type_class=0, flags=0, skip_map=0xf7fc05e0) at dl-lookup.c:877 #6 0xf7960553 in do_sym (handle=<optimized out>, name=0xf7b14d64 "crypt_r", who=who@entry= --Type <RET> for more, q to quit, c to continue without paging-- igned long*, unsigned long, unsigned long)+38>, vers=0x0, flags=2) at dl-sym.c:146 #7 0xf79609f4 in _dl_sym (handle=<optimized out>, name=<optimized out>, who=0xf7af8b86 <__interception::InterceptFunction(char const*, unsigned long*, unsigned long, unsigned long)+38>) at dl-sym.c:195 #8 0xf786c617 in dlsym_doit (a=0xffffcf60) at dlsym.c:40 #9 0xf7960c28 in __GI__dl_catch_exception (exception=<optimized out>, exception@entry=0xffffcea4, operate=<optimized out>, operate@entry=0xf786c5f0 <dlsym_doit>, args=<optimized out>, args@entry=0xffffcf60) at /export/ssd/git/gitlab/x86-glibc/elf/dl-error-skeleton.c:208 #10 0xf7960ce3 in __GI__dl_catch_error (objname=0xffffcf28, errstring=0xffffcf2c, mallocedp=0xffffcf27, operate=0xf786c5f0 <dlsym_doit>, args=0xffffcf60) at /export/ssd/git/gitlab/x86-glibc/elf/dl-error-skeleton.c:227 #11 0xf7fea102 in _rtld_catch_error (objname=0xffffcf28, errstring=0xffffcf2c, mallocedp=0xffffcf27, operate=0xf786c5f0 <dlsym_doit>, args=0xffffcf60) at /export/ssd/git/gitlab/x86-glibc/elf/dl-error-skeleton.c:260 #12 0xf786bf1a in _dlerror_run (operate=<optimized out>, operate@entry=0xf786c5f0 <dlsym_doit>, args=<optimized out>, args@entry=0xffffcf60) at dlerror.c:138 #13 0xf786c696 in dlsym_implementation (dl_caller=<optimized out>, name=0xf7b14d64 "crypt_r", handle=0xffffffff) at dlsym.c:54 #14 ___dlsym (handle=0xffffffff, name=0xf7b14d64 "crypt_r") at dlsym.c:68 #15 0xf7af8b86 in __interception::GetFuncAddr (wrapper_addr=4154798864, name=0xf7b14d64 "crypt_r") at /export/gnu/import/git/sources/gcc/libsanitizer/interception/interception_linux.cpp:42 #16 __interception::InterceptFunction (name=0xf7b14d64 "crypt_r", ptr_to_real=0xf7b908d8 <__interception::real_crypt_r>, func=4154798864, wrapper=4154798864) at /export/gnu/import/git/sources/gcc/libsanitizer/interception/interception_linux.cpp:61 #17 0xf7ab6c1b in InitializeCommonInterceptors () at /export/gnu/import/git/sources/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:10463 #18 __asan::InitializeAsanInterceptors () at /export/gnu/import/git/sources/gcc/libsanitizer/asan/asan_interceptors.cp--Type <RET> for more, q to quit, c to continue without paging-- p:619 #19 0xf7ac988e in __asan::AsanInitInternal () at /export/gnu/import/git/sources/gcc/libsanitizer/asan/asan_rtl.cpp:444 #20 0xf7fdb29d in _dl_init (main_map=<optimized out>, argc=1, argv=0xffffd0e4, env=0xffffd0ec) at dl-init.c:102 #21 0xf7fc90fa in _dl_start_user () from /export/build/gnu/tools-build/glibc-32bit-cet-gitlab/build-i686-linux/elf/ld-linux.so.2 (gdb) Is there a memory after glibc 2.33 which doesn't have this problem? -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug dynamic-link/28491] ld.so doesn't work well with sanitizer run-time 2021-10-24 0:52 [Bug dynamic-link/28491] New: ld.so doesn't work well with sanitizer run-time hjl.tools at gmail dot com 2021-10-24 7:35 ` [Bug dynamic-link/28491] " schwab@linux-m68k.org 2021-10-24 11:55 ` hjl.tools at gmail dot com @ 2021-10-24 12:40 ` hjl.tools at gmail dot com 2021-10-25 13:11 ` fweimer at redhat dot com ` (2 subsequent siblings) 5 siblings, 0 replies; 7+ messages in thread From: hjl.tools at gmail dot com @ 2021-10-24 12:40 UTC (permalink / raw) To: glibc-bugs https://sourceware.org/bugzilla/show_bug.cgi?id=28491 H.J. Lu <hjl.tools at gmail dot com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fweimer at redhat dot com --- Comment #3 from H.J. Lu <hjl.tools at gmail dot com> --- This is triggered by moving libdl into libc. -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug dynamic-link/28491] ld.so doesn't work well with sanitizer run-time 2021-10-24 0:52 [Bug dynamic-link/28491] New: ld.so doesn't work well with sanitizer run-time hjl.tools at gmail dot com ` (2 preceding siblings ...) 2021-10-24 12:40 ` hjl.tools at gmail dot com @ 2021-10-25 13:11 ` fweimer at redhat dot com 2021-10-25 13:17 ` hjl.tools at gmail dot com 2021-10-25 13:51 ` schwab@linux-m68k.org 5 siblings, 0 replies; 7+ messages in thread From: fweimer at redhat dot com @ 2021-10-25 13:11 UTC (permalink / raw) To: glibc-bugs https://sourceware.org/bugzilla/show_bug.cgi?id=28491 --- Comment #4 from Florian Weimer <fweimer at redhat dot com> --- Does the error go away if you increase kDlsymAllocPoolSize? Or is asan_init_is_running never set to false? -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug dynamic-link/28491] ld.so doesn't work well with sanitizer run-time 2021-10-24 0:52 [Bug dynamic-link/28491] New: ld.so doesn't work well with sanitizer run-time hjl.tools at gmail dot com ` (3 preceding siblings ...) 2021-10-25 13:11 ` fweimer at redhat dot com @ 2021-10-25 13:17 ` hjl.tools at gmail dot com 2021-10-25 13:51 ` schwab@linux-m68k.org 5 siblings, 0 replies; 7+ messages in thread From: hjl.tools at gmail dot com @ 2021-10-25 13:17 UTC (permalink / raw) To: glibc-bugs https://sourceware.org/bugzilla/show_bug.cgi?id=28491 --- Comment #5 from H.J. Lu <hjl.tools at gmail dot com> --- (In reply to Florian Weimer from comment #4) > Does the error go away if you increase kDlsymAllocPoolSize? Or is > asan_init_is_running never set to false? See https://bugs.llvm.org/show_bug.cgi?id=52278 for details and a patch. -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug dynamic-link/28491] ld.so doesn't work well with sanitizer run-time 2021-10-24 0:52 [Bug dynamic-link/28491] New: ld.so doesn't work well with sanitizer run-time hjl.tools at gmail dot com ` (4 preceding siblings ...) 2021-10-25 13:17 ` hjl.tools at gmail dot com @ 2021-10-25 13:51 ` schwab@linux-m68k.org 5 siblings, 0 replies; 7+ messages in thread From: schwab@linux-m68k.org @ 2021-10-25 13:51 UTC (permalink / raw) To: glibc-bugs https://sourceware.org/bugzilla/show_bug.cgi?id=28491 Andreas Schwab <schwab@linux-m68k.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |MOVED Status|NEW |RESOLVED --- Comment #6 from Andreas Schwab <schwab@linux-m68k.org> --- Needs to be fixed in libsanitizer. -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2021-10-25 13:51 UTC | newest] Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2021-10-24 0:52 [Bug dynamic-link/28491] New: ld.so doesn't work well with sanitizer run-time hjl.tools at gmail dot com 2021-10-24 7:35 ` [Bug dynamic-link/28491] " schwab@linux-m68k.org 2021-10-24 11:55 ` hjl.tools at gmail dot com 2021-10-24 12:40 ` hjl.tools at gmail dot com 2021-10-25 13:11 ` fweimer at redhat dot com 2021-10-25 13:17 ` hjl.tools at gmail dot com 2021-10-25 13:51 ` schwab@linux-m68k.org
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).