I think this "malloc.c" could be a problem. The way control jumped from _dlerror_run to a non-ASan malloc is definitely not right.
On Fri, Jan 15, 2021 at 12:43 PM Jeffrey Walton <[email protected]> wrote: > > What does /proc/$PID/maps say? > > (gdb) info inferior > Num Description Executable > * 1 process 3933371 /home/jwalton/ok2delete-asan/bin/bash > > (gdb) shell sudo cat /proc/3933371/maps > 555555554000-5555555da000 r--p 00000000 103:02 5123232 > /home/jwalton/ok2delete-asan/bin/bash > 5555555da000-55555578f000 r-xp 00086000 103:02 5123232 > /home/jwalton/ok2delete-asan/bin/bash > 55555578f000-5555557f4000 r--p 0023b000 103:02 5123232 > /home/jwalton/ok2delete-asan/bin/bash > 5555557f4000-5555557fa000 r--p 0029f000 103:02 5123232 > /home/jwalton/ok2delete-asan/bin/bash > 5555557fa000-555555843000 rw-p 002a5000 103:02 5123232 > /home/jwalton/ok2delete-asan/bin/bash > 555555843000-555555859000 rw-p 00000000 00:00 0 > [heap] > 7ffff6c9a000-7ffff6fee000 rw-p 00000000 00:00 0 > 7ffff6fee000-7ffff6ff1000 r--p 00000000 103:02 8519721 > /lib/x86_64-linux-gnu/libgcc_s.so.1 > 7ffff6ff1000-7ffff7003000 r-xp 00003000 103:02 8519721 > /lib/x86_64-linux-gnu/libgcc_s.so.1 > 7ffff7003000-7ffff7007000 r--p 00015000 103:02 8519721 > /lib/x86_64-linux-gnu/libgcc_s.so.1 > 7ffff7007000-7ffff7008000 r--p 00018000 103:02 8519721 > /lib/x86_64-linux-gnu/libgcc_s.so.1 > 7ffff7008000-7ffff7009000 rw-p 00019000 103:02 8519721 > /lib/x86_64-linux-gnu/libgcc_s.so.1 > 7ffff7009000-7ffff7018000 r--p 00000000 103:02 8521725 > /lib/x86_64-linux-gnu/libm-2.31.so > 7ffff7018000-7ffff70bf000 r-xp 0000f000 103:02 8521725 > /lib/x86_64-linux-gnu/libm-2.31.so > 7ffff70bf000-7ffff7156000 r--p 000b6000 103:02 8521725 > /lib/x86_64-linux-gnu/libm-2.31.so > 7ffff7156000-7ffff7157000 r--p 0014c000 103:02 8521725 > /lib/x86_64-linux-gnu/libm-2.31.so > 7ffff7157000-7ffff7158000 rw-p 0014d000 103:02 8521725 > /lib/x86_64-linux-gnu/libm-2.31.so > 7ffff7158000-7ffff715b000 r--p 00000000 103:02 8521743 > /lib/x86_64-linux-gnu/librt-2.31.so > 7ffff715b000-7ffff715f000 r-xp 00003000 103:02 8521743 > /lib/x86_64-linux-gnu/librt-2.31.so > 7ffff715f000-7ffff7160000 r--p 00007000 103:02 8521743 > /lib/x86_64-linux-gnu/librt-2.31.so > 7ffff7160000-7ffff7161000 ---p 00008000 103:02 8521743 > /lib/x86_64-linux-gnu/librt-2.31.so > 7ffff7161000-7ffff7162000 r--p 00008000 103:02 8521743 > /lib/x86_64-linux-gnu/librt-2.31.so > 7ffff7162000-7ffff7163000 rw-p 00009000 103:02 8521743 > /lib/x86_64-linux-gnu/librt-2.31.so > 7ffff7163000-7ffff7165000 rw-p 00000000 00:00 0 > 7ffff7165000-7ffff718a000 r--p 00000000 103:02 8521723 > /lib/x86_64-linux-gnu/libc-2.31.so > 7ffff718a000-7ffff7302000 r-xp 00025000 103:02 8521723 > /lib/x86_64-linux-gnu/libc-2.31.so > 7ffff7302000-7ffff734c000 r--p 0019d000 103:02 8521723 > /lib/x86_64-linux-gnu/libc-2.31.so > 7ffff734c000-7ffff734d000 ---p 001e7000 103:02 8521723 > /lib/x86_64-linux-gnu/libc-2.31.so > 7ffff734d000-7ffff7350000 r--p 001e7000 103:02 8521723 > /lib/x86_64-linux-gnu/libc-2.31.so > 7ffff7350000-7ffff7353000 rw-p 001ea000 103:02 8521723 > /lib/x86_64-linux-gnu/libc-2.31.so > 7ffff7353000-7ffff7357000 rw-p 00000000 00:00 0 > 7ffff7357000-7ffff735e000 r--p 00000000 103:02 8521741 > /lib/x86_64-linux-gnu/libpthread-2.31.so > 7ffff735e000-7ffff736f000 r-xp 00007000 103:02 8521741 > /lib/x86_64-linux-gnu/libpthread-2.31.so > 7ffff736f000-7ffff7374000 r--p 00018000 103:02 8521741 > /lib/x86_64-linux-gnu/libpthread-2.31.so > 7ffff7374000-7ffff7375000 r--p 0001c000 103:02 8521741 > /lib/x86_64-linux-gnu/libpthread-2.31.so > 7ffff7375000-7ffff7376000 rw-p 0001d000 103:02 8521741 > /lib/x86_64-linux-gnu/libpthread-2.31.so > 7ffff7376000-7ffff737a000 rw-p 00000000 00:00 0 > 7ffff737a000-7ffff73ad000 r--p 00000000 103:02 5126888 > /home/jwalton/ok2delete-asan/lib/libtinfow.so.6.1 > 7ffff73ad000-7ffff73e7000 r-xp 00033000 103:02 5126888 > /home/jwalton/ok2delete-asan/lib/libtinfow.so.6.1 > 7ffff73e7000-7ffff7413000 r--p 0006d000 103:02 5126888 > /home/jwalton/ok2delete-asan/lib/libtinfow.so.6.1 > 7ffff7413000-7ffff7414000 ---p 00099000 103:02 5126888 > /home/jwalton/ok2delete-asan/lib/libtinfow.so.6.1 > 7ffff7414000-7ffff7418000 r--p 00099000 103:02 5126888 > /home/jwalton/ok2delete-asan/lib/libtinfow.so.6.1 > 7ffff7418000-7ffff7437000 rw-p 0009d000 103:02 5126888 > /home/jwalton/ok2delete-asan/lib/libtinfow.so.6.1 > 7ffff7437000-7ffff7438000 rw-p 00000000 00:00 0 > 7ffff7438000-7ffff7439000 r--p 00000000 103:02 8521724 > /lib/x86_64-linux-gnu/libdl-2.31.so > 7ffff7439000-7ffff743b000 r-xp 00001000 103:02 8521724 > /lib/x86_64-linux-gnu/libdl-2.31.so > 7ffff743b000-7ffff743c000 r--p 00003000 103:02 8521724 > /lib/x86_64-linux-gnu/libdl-2.31.so > 7ffff743c000-7ffff743d000 r--p 00003000 103:02 8521724 > /lib/x86_64-linux-gnu/libdl-2.31.so > 7ffff743d000-7ffff743e000 rw-p 00004000 103:02 8521724 > /lib/x86_64-linux-gnu/libdl-2.31.so > 7ffff745a000-7ffff7460000 rw-p 00000000 00:00 0 > 7ffff7460000-7ffff7477000 r--p 00000000 103:02 5122956 > /home/jwalton/ok2delete-asan/lib/libiconv.so.2.6.1 > 7ffff7477000-7ffff74ac000 r-xp 00017000 103:02 5122956 > /home/jwalton/ok2delete-asan/lib/libiconv.so.2.6.1 > 7ffff74ac000-7ffff7586000 r--p 0004c000 103:02 5122956 > /home/jwalton/ok2delete-asan/lib/libiconv.so.2.6.1 > 7ffff7586000-7ffff7587000 ---p 00126000 103:02 5122956 > /home/jwalton/ok2delete-asan/lib/libiconv.so.2.6.1 > 7ffff7587000-7ffff7589000 r--p 00126000 103:02 5122956 > /home/jwalton/ok2delete-asan/lib/libiconv.so.2.6.1 > 7ffff7589000-7ffff7597000 rw-p 00128000 103:02 5122956 > /home/jwalton/ok2delete-asan/lib/libiconv.so.2.6.1 > 7ffff7597000-7ffff75b9000 r--p 00000000 103:02 14427705 > /usr/lib/x86_64-linux-gnu/libasan.so.5.0.0 > 7ffff75b9000-7ffff76e7000 r-xp 00022000 103:02 14427705 > /usr/lib/x86_64-linux-gnu/libasan.so.5.0.0 > 7ffff76e7000-7ffff771c000 r--p 00150000 103:02 14427705 > /usr/lib/x86_64-linux-gnu/libasan.so.5.0.0 > 7ffff771c000-7ffff771d000 ---p 00185000 103:02 14427705 > /usr/lib/x86_64-linux-gnu/libasan.so.5.0.0 > 7ffff771d000-7ffff7720000 r--p 00185000 103:02 14427705 > /usr/lib/x86_64-linux-gnu/libasan.so.5.0.0 > 7ffff7720000-7ffff7723000 rw-p 00188000 103:02 14427705 > /usr/lib/x86_64-linux-gnu/libasan.so.5.0.0 > 7ffff7723000-7ffff7fcb000 rw-p 00000000 00:00 0 > 7ffff7fcb000-7ffff7fce000 r--p 00000000 00:00 0 > [vvar] > 7ffff7fce000-7ffff7fcf000 r-xp 00000000 00:00 0 > [vdso] > 7ffff7fcf000-7ffff7fd0000 r--p 00000000 103:02 8521571 > /lib/x86_64-linux-gnu/ld-2.31.so > 7ffff7fd0000-7ffff7ff3000 r-xp 00001000 103:02 8521571 > /lib/x86_64-linux-gnu/ld-2.31.so > 7ffff7ff3000-7ffff7ffb000 r--p 00024000 103:02 8521571 > /lib/x86_64-linux-gnu/ld-2.31.so > 7ffff7ffb000-7ffff7ffc000 rw-p 00000000 00:00 0 > 7ffff7ffc000-7ffff7ffd000 r--p 0002c000 103:02 8521571 > /lib/x86_64-linux-gnu/ld-2.31.so > 7ffff7ffd000-7ffff7ffe000 rw-p 0002d000 103:02 8521571 > /lib/x86_64-linux-gnu/ld-2.31.so > 7ffff7ffe000-7ffff7fff000 rw-p 00000000 00:00 0 > 7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0 > [stack] > ffffffffff600000-ffffffffff601000 --xp 00000000 00:00 0 > [vsyscall] > > > On Friday, January 15, 2021 at 3:39:01 PM UTC-5 Evgeniy Stepanov wrote: > >> > || `[0x02008fff7000, 0x10007fff7fff]` || HighShadow || >> > 0x7fff8000(0xffffffffbc0) == 0x10007fff7bc0 >> >> Access is within HighShadow, which should be writable. What does >> /proc/$PID/maps say? >> >> On Fri, Jan 15, 2021 at 12:33 PM Jeffrey Walton <[email protected]> >> wrote: >> >>> Thanks again Evgeniy, >>> >>> > Try running with ASAN_OPTIONS=verbosity=2,debug=1, it should print the >>> memory layout. >>> >>> And here is the run with ASAN_OPTIONS: >>> >>> (gdb) shell reset >>> (gdb) set env ASAN_OPTIONS=verbosity=2,debug=1 >>> (gdb) r >>> ... >>> Starting program: /home/jwalton/ok2delete-asan/bin/bash >>> ==3933371==info->dlpi_name = info->dlpi_addr = 0x555555554000 >>> ==3933371==info->dlpi_name = linux-vdso.so.1 info->dlpi_addr = >>> 0x7ffff7fce000 >>> ==3933371==info->dlpi_name = /usr/lib/x86_64-linux-gnu/libasan.so.5 >>> info->dlpi_addr = 0x7ffff7597000 >>> ==3933371==AddressSanitizer: libc interceptors initialized >>> || `[0x10007fff8000, 0x7fffffffffff]` || HighMem || >>> || `[0x02008fff7000, 0x10007fff7fff]` || HighShadow || >>> || `[0x00008fff7000, 0x02008fff6fff]` || ShadowGap || >>> || `[0x00007fff8000, 0x00008fff6fff]` || LowShadow || >>> || `[0x000000000000, 0x00007fff7fff]` || LowMem || >>> MemToShadow(shadow): 0x00008fff7000 0x000091ff6dff 0x004091ff6e00 >>> 0x02008fff6fff >>> redzone=16 >>> max_redzone=2048 >>> quarantine_size_mb=256M >>> thread_local_quarantine_size_kb=1024K >>> malloc_context_size=30 >>> SHADOW_SCALE: 3 >>> SHADOW_GRANULARITY: 8 >>> SHADOW_OFFSET: 0x7fff8000 >>> ==3933371==Installed the sigaction for signal 11 >>> ==3933371==Installed the sigaction for signal 7 >>> ==3933371==Installed the sigaction for signal 8 >>> ==3933371==SetCurrentThread: 0x7ffff7576000 for thread 0x7ffff71b1bc0 >>> ==3933371==T0: stack [0x7fffff7ff000,0x7ffffffff000) size 0x800000; >>> local=0x7fffffffdf04 >>> ==3933371==Using libbacktrace symbolizer. >>> ==3933371==AddressSanitizer Init done >>> [Thread debugging using libthread_db enabled] >>> Using host libthread_db library >>> "/lib/x86_64-linux-gnu/libthread_db.so.1". >>> ==3933371==info->dlpi_name = info->dlpi_addr = 0x555555554000 >>> ==3933371==info->dlpi_name = linux-vdso.so.1 info->dlpi_addr = >>> 0x7ffff7fce000 >>> ==3933371==info->dlpi_name = /usr/lib/x86_64-linux-gnu/libasan.so.5 >>> info->dlpi_addr = 0x7ffff7597000 >>> >> ... > > -- > You received this message because you are subscribed to the Google Groups > "address-sanitizer" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/address-sanitizer/ba516219-1464-41ba-8035-dbf3dccb7426n%40googlegroups.com > <https://groups.google.com/d/msgid/address-sanitizer/ba516219-1464-41ba-8035-dbf3dccb7426n%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "address-sanitizer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/address-sanitizer/CAFKCwrj1QMgdJOdt8sqgaB_89toM24V%3DA%2Bp_1hcTFR5nOvc-rA%40mail.gmail.com.
