On Sun, May 05, 2019 at 03:04:22PM +0500, ???? ??????? wrote:
> Hello,
> 
> I run fedora 30, it includes clang-8, I built haproxy using
> 
> make CC=clang V=1 TARGET=$TARGET $FLAGS DEBUG_CFLAGS="-fsanitize=address
> -ggdb" LDFLAGS="-fsanitize=address"
> 
> when running reg-tests, the following is caught
> 
> ==6340==ERROR: AddressSanitizer: global-buffer-overflow on address
> 0x000000ab61c8 at pc 0x0000007360f5 bp 0x7ffc56ce9f90 sp 0x7ffc56ce9f88
> READ of size 8 at 0x000000ab61c8 thread T0
>     #0 0x7360f4  (/home/ilia/haproxy/haproxy+0x7360f4)
>     #1 0x7f3952660f32  (/lib64/libc.so.6+0x23f32)
>     #2 0x434b7d  (/home/ilia/haproxy/haproxy+0x434b7d)
> 
> 0x000000ab61c8 is located 56 bytes to the left of global variable
> '__initcb_486' defined in 'src/task.c:486:1' (0xab6200) of size 8
> 0x000000ab61c8 is located 0 bytes to the right of global variable
> '__initcb_1865' defined in 'src/log.c:1865:1' (0xab61c0) of size 8
> SUMMARY: AddressSanitizer: global-buffer-overflow
> (/home/ilia/haproxy/haproxy+0x7360f4)

This one is quite strange, it looks as if the linker had intentionally
left holes in the init_* sections by aligning each pointer on 64 bytes.
Maybe this is an artefact of using -fsanitize=address, though it seems
a bit unlikely.

Could you please run "objdump -h" on your haproxy executable with and
without this build option ? I suspect we'll see "2**6" at the end of
some init_* columns at least in one case. If so we may try to add
"aligned(8)" or even "packed" to the attributes when declaring the
initcalls.

Thanks,
Willy

Reply via email to