public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug dynamic-link/28491] New: ld.so doesn't work well with sanitizer run-time
@ 2021-10-24 0:52 hjl.tools at gmail dot com
2021-10-24 7:35 ` [Bug dynamic-link/28491] " schwab@linux-m68k.org
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: hjl.tools at gmail dot com @ 2021-10-24 0:52 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28491
Bug ID: 28491
Summary: ld.so doesn't work well with sanitizer run-time
Product: glibc
Version: 2.34
Status: NEW
Severity: normal
Priority: P2
Component: dynamic-link
Assignee: unassigned at sourceware dot org
Reporter: hjl.tools at gmail dot com
Target Milestone: ---
With glibc 2.34 on Fedora 35/x86-64, LLVM 13.0.0 rc1 gave me:
[hjl@gnu-skx-1 gcc]$ cat x.c
#include <assert.h>
struct A {
char a[3];
int b[3];
};
volatile int ten = 10;
__attribute__((noinline)) void foo(int index, int len) {
volatile struct A str[len] __attribute__((aligned(32)));
assert(!((long) str & 31L));
str[index].a[0] = '1'; // BOOM
}
int main(int argc, char **argv) {
foo(ten, ten);
return 0;
}
[hjl@gnu-skx-1 gcc]$ clang -O0 -fsanitize=address x.c -shared-libasan -m32
[hjl@gnu-skx-1 gcc]$
LD_PRELOAD=/tmp/export-users-hjl-build-gnu-tools-build-gcc-debug-build-x86_64-linux-x86_64-pc-linux-gnu/libclang_rt.asan-i386.so
./a.out
AddressSanitizer: CHECK failed: asan_malloc_linux.cpp:46
"((allocated_for_dlsym)) < ((kDlsymAllocPoolSize))" (0x405, 0x400)
(tid=3485517)
<empty stack>
[hjl@gnu-skx-1 gcc]$
depending on the directory length where libclang_rt.asan-i386.so is placed.
It also happened in GCC 12 test where libasan.so.8 is in a directory with a
long pathname.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug dynamic-link/28491] ld.so doesn't work well with sanitizer run-time
2021-10-24 0:52 [Bug dynamic-link/28491] New: ld.so doesn't work well with sanitizer run-time hjl.tools at gmail dot com
@ 2021-10-24 7:35 ` schwab@linux-m68k.org
2021-10-24 11:55 ` hjl.tools at gmail dot com
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: schwab@linux-m68k.org @ 2021-10-24 7:35 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28491
--- Comment #1 from Andreas Schwab <schwab@linux-m68k.org> ---
Isn't that a bug in libsanitizer?
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug dynamic-link/28491] ld.so doesn't work well with sanitizer run-time
2021-10-24 0:52 [Bug dynamic-link/28491] New: ld.so doesn't work well with sanitizer run-time hjl.tools at gmail dot com
2021-10-24 7:35 ` [Bug dynamic-link/28491] " schwab@linux-m68k.org
@ 2021-10-24 11:55 ` hjl.tools at gmail dot com
2021-10-24 12:40 ` hjl.tools at gmail dot com
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: hjl.tools at gmail dot com @ 2021-10-24 11:55 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28491
H.J. Lu <hjl.tools at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
See Also| |https://gcc.gnu.org/bugzill
| |a/show_bug.cgi?id=102911
--- Comment #2 from H.J. Lu <hjl.tools at gmail dot com> ---
The backtrace:
The backtrace:
(gdb) bt
#0 __sanitizer::CheckFailed (
file=0xf7b17af4
"/export/gnu/import/git/sources/gcc/libsanitizer/asan/asan_malloc_linux.cpp",
line=46,
cond=0xf7b17ac0 "((allocated_for_dlsym)) < ((kDlsymAllocPoolSize))",
v1=1057, v2=1024)
at
/export/gnu/import/git/sources/gcc/libsanitizer/sanitizer_common/sanitizer_termination.cpp:68
#1 0xf7ababf3 in AllocateFromLocalPool (size_in_bytes=<optimized out>)
at
/export/gnu/import/git/sources/gcc/libsanitizer/asan/asan_malloc_linux.cpp:46
#2 __interceptor_malloc (size=<optimized out>)
at
/export/gnu/import/git/sources/gcc/libsanitizer/asan/asan_malloc_linux.cpp:127
#3 0xf7fe2475 in malloc (size=155) at ../include/rtld-malloc.h:56
#4 __GI__dl_exception_create_format (exception=exception@entry=0xffffccc4,
objname=0xf7fc0550
"/export/users/hjl/build/gnu/tools-build/gcc-debug/build-x86_64-linux/x86_64-pc-linux-gnu/32/libsanitizer/asan/.libs/libasan.so.8",
fmt=fmt@entry=0xf7ff2f11 "undefined symbol: %s%s%s") at dl-exception.c:157
#5 0xf7fd508b in _dl_lookup_symbol_x (undef_name=0xf7b14d64 "crypt_r",
undef_map=0xf7fc05e0, ref=<optimized out>, symbol_scope=<optimized out>,
version=0x0, type_class=0, flags=0, skip_map=0xf7fc05e0) at dl-lookup.c:877
#6 0xf7960553 in do_sym (handle=<optimized out>, name=0xf7b14d64 "crypt_r",
who=who@entry=
--Type <RET> for more, q to quit, c to continue without paging--
igned long*, unsigned long, unsigned long)+38>, vers=0x0, flags=2) at
dl-sym.c:146
#7 0xf79609f4 in _dl_sym (handle=<optimized out>, name=<optimized out>,
who=0xf7af8b86 <__interception::InterceptFunction(char const*, unsigned
long*, unsigned long, unsigned long)+38>) at dl-sym.c:195
#8 0xf786c617 in dlsym_doit (a=0xffffcf60) at dlsym.c:40
#9 0xf7960c28 in __GI__dl_catch_exception (exception=<optimized out>,
exception@entry=0xffffcea4, operate=<optimized out>,
operate@entry=0xf786c5f0 <dlsym_doit>, args=<optimized out>,
args@entry=0xffffcf60)
at /export/ssd/git/gitlab/x86-glibc/elf/dl-error-skeleton.c:208
#10 0xf7960ce3 in __GI__dl_catch_error (objname=0xffffcf28,
errstring=0xffffcf2c, mallocedp=0xffffcf27,
operate=0xf786c5f0 <dlsym_doit>, args=0xffffcf60)
at /export/ssd/git/gitlab/x86-glibc/elf/dl-error-skeleton.c:227
#11 0xf7fea102 in _rtld_catch_error (objname=0xffffcf28, errstring=0xffffcf2c,
mallocedp=0xffffcf27, operate=0xf786c5f0 <dlsym_doit>, args=0xffffcf60)
at /export/ssd/git/gitlab/x86-glibc/elf/dl-error-skeleton.c:260
#12 0xf786bf1a in _dlerror_run (operate=<optimized out>,
operate@entry=0xf786c5f0 <dlsym_doit>, args=<optimized out>,
args@entry=0xffffcf60) at dlerror.c:138
#13 0xf786c696 in dlsym_implementation (dl_caller=<optimized out>,
name=0xf7b14d64 "crypt_r", handle=0xffffffff) at dlsym.c:54
#14 ___dlsym (handle=0xffffffff, name=0xf7b14d64 "crypt_r") at dlsym.c:68
#15 0xf7af8b86 in __interception::GetFuncAddr (wrapper_addr=4154798864,
name=0xf7b14d64 "crypt_r")
at
/export/gnu/import/git/sources/gcc/libsanitizer/interception/interception_linux.cpp:42
#16 __interception::InterceptFunction (name=0xf7b14d64 "crypt_r",
ptr_to_real=0xf7b908d8 <__interception::real_crypt_r>, func=4154798864,
wrapper=4154798864)
at
/export/gnu/import/git/sources/gcc/libsanitizer/interception/interception_linux.cpp:61
#17 0xf7ab6c1b in InitializeCommonInterceptors ()
at
/export/gnu/import/git/sources/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:10463
#18 __asan::InitializeAsanInterceptors ()
at
/export/gnu/import/git/sources/gcc/libsanitizer/asan/asan_interceptors.cp--Type
<RET> for more, q to quit, c to continue without paging--
p:619
#19 0xf7ac988e in __asan::AsanInitInternal ()
at /export/gnu/import/git/sources/gcc/libsanitizer/asan/asan_rtl.cpp:444
#20 0xf7fdb29d in _dl_init (main_map=<optimized out>, argc=1, argv=0xffffd0e4,
env=0xffffd0ec) at dl-init.c:102
#21 0xf7fc90fa in _dl_start_user ()
from
/export/build/gnu/tools-build/glibc-32bit-cet-gitlab/build-i686-linux/elf/ld-linux.so.2
(gdb)
Is there a memory after glibc 2.33 which doesn't have this problem?
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug dynamic-link/28491] ld.so doesn't work well with sanitizer run-time
2021-10-24 0:52 [Bug dynamic-link/28491] New: ld.so doesn't work well with sanitizer run-time hjl.tools at gmail dot com
2021-10-24 7:35 ` [Bug dynamic-link/28491] " schwab@linux-m68k.org
2021-10-24 11:55 ` hjl.tools at gmail dot com
@ 2021-10-24 12:40 ` hjl.tools at gmail dot com
2021-10-25 13:11 ` fweimer at redhat dot com
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: hjl.tools at gmail dot com @ 2021-10-24 12:40 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28491
H.J. Lu <hjl.tools at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
--- Comment #3 from H.J. Lu <hjl.tools at gmail dot com> ---
This is triggered by moving libdl into libc.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug dynamic-link/28491] ld.so doesn't work well with sanitizer run-time
2021-10-24 0:52 [Bug dynamic-link/28491] New: ld.so doesn't work well with sanitizer run-time hjl.tools at gmail dot com
` (2 preceding siblings ...)
2021-10-24 12:40 ` hjl.tools at gmail dot com
@ 2021-10-25 13:11 ` fweimer at redhat dot com
2021-10-25 13:17 ` hjl.tools at gmail dot com
2021-10-25 13:51 ` schwab@linux-m68k.org
5 siblings, 0 replies; 7+ messages in thread
From: fweimer at redhat dot com @ 2021-10-25 13:11 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28491
--- Comment #4 from Florian Weimer <fweimer at redhat dot com> ---
Does the error go away if you increase kDlsymAllocPoolSize? Or is
asan_init_is_running never set to false?
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug dynamic-link/28491] ld.so doesn't work well with sanitizer run-time
2021-10-24 0:52 [Bug dynamic-link/28491] New: ld.so doesn't work well with sanitizer run-time hjl.tools at gmail dot com
` (3 preceding siblings ...)
2021-10-25 13:11 ` fweimer at redhat dot com
@ 2021-10-25 13:17 ` hjl.tools at gmail dot com
2021-10-25 13:51 ` schwab@linux-m68k.org
5 siblings, 0 replies; 7+ messages in thread
From: hjl.tools at gmail dot com @ 2021-10-25 13:17 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28491
--- Comment #5 from H.J. Lu <hjl.tools at gmail dot com> ---
(In reply to Florian Weimer from comment #4)
> Does the error go away if you increase kDlsymAllocPoolSize? Or is
> asan_init_is_running never set to false?
See
https://bugs.llvm.org/show_bug.cgi?id=52278
for details and a patch.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug dynamic-link/28491] ld.so doesn't work well with sanitizer run-time
2021-10-24 0:52 [Bug dynamic-link/28491] New: ld.so doesn't work well with sanitizer run-time hjl.tools at gmail dot com
` (4 preceding siblings ...)
2021-10-25 13:17 ` hjl.tools at gmail dot com
@ 2021-10-25 13:51 ` schwab@linux-m68k.org
5 siblings, 0 replies; 7+ messages in thread
From: schwab@linux-m68k.org @ 2021-10-25 13:51 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=28491
Andreas Schwab <schwab@linux-m68k.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |MOVED
Status|NEW |RESOLVED
--- Comment #6 from Andreas Schwab <schwab@linux-m68k.org> ---
Needs to be fixed in libsanitizer.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2021-10-25 13:51 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-10-24 0:52 [Bug dynamic-link/28491] New: ld.so doesn't work well with sanitizer run-time hjl.tools at gmail dot com
2021-10-24 7:35 ` [Bug dynamic-link/28491] " schwab@linux-m68k.org
2021-10-24 11:55 ` hjl.tools at gmail dot com
2021-10-24 12:40 ` hjl.tools at gmail dot com
2021-10-25 13:11 ` fweimer at redhat dot com
2021-10-25 13:17 ` hjl.tools at gmail dot com
2021-10-25 13:51 ` schwab@linux-m68k.org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).