Bug#869090: gcc-6: Address sanitizer: Shadow memory range interleaves
On Montag, 24. Juli 2017 16:34:34 CEST Ben Hutchings wrote: [...] > > Downgrading the kernel from linux-image-4.11.0-2-amd64 (4.11.11-1+b1) to > > linux-image-4.11.0-1-amd64 (4.11.6-1) fixed this. I wonder if the stack > > clash fix has broken ASan. > > The address space change that went into 4.11.11-1 and might have > triggered this is "binfmt_elf: use ELF_ET_DYN_BASE only for PIE" (CVE- > 2017-1000370, CVE-2017-1000371). This moved PIEs to lower addresses on > x86 (starting at 0x40 on i386 and 0x1 on amd4) while > keeping the dynamic linker in the mmap area. It seems like the behavior will be reverted [1] in the kernel and no change in GCC is necessary at the moment. Kind regards, Sven [1] https://lkml.kernel.org/r/20170807201542.GA21271@beast signature.asc Description: This is a digitally signed message part.
Bug#869090: gcc-6: Address sanitizer: Shadow memory range interleaves
On Sun, 23 Jul 2017 23:06:15 -0500 Jason Crainwrote: > On Thu, Jul 20, 2017 at 02:45:11PM +0200, Tim Ruehsen wrote: > > ==13782==Shadow memory range interleaves with an existing memory mapping. > > ASan cannot proceed correctly. ABORTING. > > ==13782==ASan shadow was supposed to be located in the > > [0x7fff7000-0x10007fff7fff] range. > > ==13782==Process memory map follows: > > 0x005450338000-0x005450339000 /usr/oms/src/libpsl/conftest > > 0x005450539000-0x00545053a000 /usr/oms/src/libpsl/conftest > > ... > > 0x7fff70943000-0x7fff70964000 [stack] > > 0x7fff709a4000-0x7fff709a6000 [vvar] > > 0x7fff709a6000-0x7fff709a8000 [vdso] > > ==13782==End of process memory map. > > I noticed these same error messages after rebooting today. Not when > building a package, but when testing other software, like this: > > LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libasan.so.3 /bin/ls > > Downgrading the kernel from linux-image-4.11.0-2-amd64 (4.11.11-1+b1) to > linux-image-4.11.0-1-amd64 (4.11.6-1) fixed this. I wonder if the stack > clash fix has broken ASan. The address space change that went into 4.11.11-1 and might have triggered this is "binfmt_elf: use ELF_ET_DYN_BASE only for PIE" (CVE- 2017-1000370, CVE-2017-1000371). This moved PIEs to lower addresses on x86 (starting at 0x40 on i386 and 0x1 on amd4) while keeping the dynamic linker in the mmap area. Ben. -- Ben Hutchings All extremists should be taken out and shot. signature.asc Description: This is a digitally signed message part
Bug#869090: gcc-6: Address sanitizer: Shadow memory range interleaves
On Thu, Jul 20, 2017 at 02:45:11PM +0200, Tim Ruehsen wrote: > ==13782==Shadow memory range interleaves with an existing memory mapping. > ASan cannot proceed correctly. ABORTING. > ==13782==ASan shadow was supposed to be located in the > [0x7fff7000-0x10007fff7fff] range. > ==13782==Process memory map follows: > 0x005450338000-0x005450339000 /usr/oms/src/libpsl/conftest > 0x005450539000-0x00545053a000 /usr/oms/src/libpsl/conftest > ... > 0x7fff70943000-0x7fff70964000 [stack] > 0x7fff709a4000-0x7fff709a6000 [vvar] > 0x7fff709a6000-0x7fff709a8000 [vdso] > ==13782==End of process memory map. I noticed these same error messages after rebooting today. Not when building a package, but when testing other software, like this: LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libasan.so.3 /bin/ls Downgrading the kernel from linux-image-4.11.0-2-amd64 (4.11.11-1+b1) to linux-image-4.11.0-1-amd64 (4.11.6-1) fixed this. I wonder if the stack clash fix has broken ASan.
Bug#869090: gcc-6: Address sanitizer: Shadow memory range interleaves
On 07/20/2017 05:09 PM, Matthias Klose wrote: > On 20.07.2017 14:45, Tim Ruehsen wrote: >> Package: gcc-6 >> Version: 6.4.0-1 >> Severity: important >> >> Dear Maintainer, >> >> building autotools packages with address sanitizer currently breaks with >> gcc-6 and gcc-7. >> gcc-5 is not effected. >> >> This breaks quality checking and fuzzing with ASAN enabled. >> Using LD_PRELOAD to load libasan first doesn't change anything. >> >> This doesn't help either (in case this is a ASLR problem with the kernel): >> echo 0 >/proc/sys/kernel/randomize_va_space >> >> >> $ CC=gcc-6 CFLAGS="-g -fsanitize=address -fno-omit-frame-pointer" >> ./configure >> checking for a BSD-compatible install... /usr/bin/install -c >> >> >> checking whether build environment is sane... yes >> >> >> checking for a thread-safe mkdir -p... /bin/mkdir -p >> >> >> checking for gawk... gawk >> >> >> checking whether make sets $(MAKE)... yes >> >> >> checking whether make supports nested variables... yes >> >> >> checking for gcc... gcc-6 >> >> >> checking whether the C compiler works... yes >> >> >> checking for C compiler default output file name... a.out >> checking for suffix of executables... >> checking whether we are cross compiling... configure: error: in >> `/usr/oms/src/libpsl': >> configure: error: cannot run C compiled programs. >> If you meant to cross compile, use `--host'. >> See `config.log' for more details >> >> >> >From config.log: >> configure:3459: gcc-6 -o conftest -g -fsanitize=address >> -fno-omit-frame-pointer conftest.c >&5 >> configure:3463: $? = 0 >> configure:3470: ./conftest >> ==13782==Shadow memory range interleaves with an existing memory mapping. >> ASan cannot proceed correctly. ABORTING. >> ==13782==ASan shadow was supposed to be located in the >> [0x7fff7000-0x10007fff7fff] range. >> ==13782==Process memory map follows: >> 0x005450338000-0x005450339000 /usr/oms/src/libpsl/conftest >> 0x005450539000-0x00545053a000 /usr/oms/src/libpsl/conftest >> ... >> 0x7fff70943000-0x7fff70964000 [stack] >> 0x7fff709a4000-0x7fff709a6000 [vvar] >> 0x7fff709a6000-0x7fff709a8000 [vdso] >> ==13782==End of process memory map. >> configure:3474: $? = 1 >> configure:3481: error: in `/usr/oms/src/libpsl': >> configure:3483: error: cannot run C compiled programs. >> If you meant to cross compile, use `--host'. >> See `config.log' for more details > > please could you attach the failing conftest? config.log doesn't even say. It continues with ==28018==End of process memory map. configure:3474: $? = 1 configure:3481: error: in `/usr/oms/src/libpsl': configure:3483: error: cannot run C compiled programs. If you meant to cross compile, use `--host'. See `config.log' for more details ## ## ## Cache variables. ## ## ## ... and exit. Regards, Tim signature.asc Description: OpenPGP digital signature
Bug#869090: gcc-6: Address sanitizer: Shadow memory range interleaves
Any program: #include int main(void) { printf("Hello\n"); } $ gcc-6 -g -fsanitize=address -fno-omit-frame-pointer x.c -o x $ ./x ==29033==Shadow memory range interleaves with an existing memory mapping. ASan cannot proceed correctly. ABORTING. ==29033==ASan shadow was supposed to be located in the [0x7fff7000-0x10007fff7fff] range. ==29033==Process memory map follows: 0x0001-0x00011000 /usr/oms/src/libpsl/x 0x00010020-0x000100201000 /usr/oms/src/libpsl/x 0x000100201000-0x000100202000 /usr/oms/src/libpsl/x 0x75889000-0x75bdb000 0x75bdb000-0x75bf1000 /lib/x86_64-linux-gnu/libgcc_s.so.1 0x75bf1000-0x75df /lib/x86_64-linux-gnu/libgcc_s.so.1 ... With Best Regards, Tim On 07/20/2017 05:09 PM, Matthias Klose wrote: > On 20.07.2017 14:45, Tim Ruehsen wrote: >> Package: gcc-6 >> Version: 6.4.0-1 >> Severity: important >> >> Dear Maintainer, >> >> building autotools packages with address sanitizer currently breaks with >> gcc-6 and gcc-7. >> gcc-5 is not effected. >> >> This breaks quality checking and fuzzing with ASAN enabled. >> Using LD_PRELOAD to load libasan first doesn't change anything. >> >> This doesn't help either (in case this is a ASLR problem with the kernel): >> echo 0 >/proc/sys/kernel/randomize_va_space >> >> >> $ CC=gcc-6 CFLAGS="-g -fsanitize=address -fno-omit-frame-pointer" >> ./configure >> checking for a BSD-compatible install... /usr/bin/install -c >> >> >> checking whether build environment is sane... yes >> >> >> checking for a thread-safe mkdir -p... /bin/mkdir -p >> >> >> checking for gawk... gawk >> >> >> checking whether make sets $(MAKE)... yes >> >> >> checking whether make supports nested variables... yes >> >> >> checking for gcc... gcc-6 >> >> >> checking whether the C compiler works... yes >> >> >> checking for C compiler default output file name... a.out >> checking for suffix of executables... >> checking whether we are cross compiling... configure: error: in >> `/usr/oms/src/libpsl': >> configure: error: cannot run C compiled programs. >> If you meant to cross compile, use `--host'. >> See `config.log' for more details >> >> >> >From config.log: >> configure:3459: gcc-6 -o conftest -g -fsanitize=address >> -fno-omit-frame-pointer conftest.c >&5 >> configure:3463: $? = 0 >> configure:3470: ./conftest >> ==13782==Shadow memory range interleaves with an existing memory mapping. >> ASan cannot proceed correctly. ABORTING. >> ==13782==ASan shadow was supposed to be located in the >> [0x7fff7000-0x10007fff7fff] range. >> ==13782==Process memory map follows: >> 0x005450338000-0x005450339000 /usr/oms/src/libpsl/conftest >> 0x005450539000-0x00545053a000 /usr/oms/src/libpsl/conftest >> ... >> 0x7fff70943000-0x7fff70964000 [stack] >> 0x7fff709a4000-0x7fff709a6000 [vvar] >> 0x7fff709a6000-0x7fff709a8000 [vdso] >> ==13782==End of process memory map. >> configure:3474: $? = 1 >> configure:3481: error: in `/usr/oms/src/libpsl': >> configure:3483: error: cannot run C compiled programs. >> If you meant to cross compile, use `--host'. >> See `config.log' for more details > > please could you attach the failing conftest? > > > signature.asc Description: OpenPGP digital signature
Bug#869090: gcc-6: Address sanitizer: Shadow memory range interleaves
On 20.07.2017 14:45, Tim Ruehsen wrote: > Package: gcc-6 > Version: 6.4.0-1 > Severity: important > > Dear Maintainer, > > building autotools packages with address sanitizer currently breaks with > gcc-6 and gcc-7. > gcc-5 is not effected. > > This breaks quality checking and fuzzing with ASAN enabled. > Using LD_PRELOAD to load libasan first doesn't change anything. > > This doesn't help either (in case this is a ASLR problem with the kernel): > echo 0 >/proc/sys/kernel/randomize_va_space > > > $ CC=gcc-6 CFLAGS="-g -fsanitize=address -fno-omit-frame-pointer" ./configure > > checking for a BSD-compatible install... /usr/bin/install -c > > > checking whether build environment is sane... yes > > > checking for a thread-safe mkdir -p... /bin/mkdir -p > > > checking for gawk... gawk > > > checking whether make sets $(MAKE)... yes > > > checking whether make supports nested variables... yes > > > checking for gcc... gcc-6 > > > checking whether the C compiler works... yes > > > checking for C compiler default output file name... a.out > checking for suffix of executables... > checking whether we are cross compiling... configure: error: in > `/usr/oms/src/libpsl': > configure: error: cannot run C compiled programs. > If you meant to cross compile, use `--host'. > See `config.log' for more details > > >>From config.log: > configure:3459: gcc-6 -o conftest -g -fsanitize=address > -fno-omit-frame-pointer conftest.c >&5 > configure:3463: $? = 0 > configure:3470: ./conftest > ==13782==Shadow memory range interleaves with an existing memory mapping. > ASan cannot proceed correctly. ABORTING. > ==13782==ASan shadow was supposed to be located in the > [0x7fff7000-0x10007fff7fff] range. > ==13782==Process memory map follows: > 0x005450338000-0x005450339000 /usr/oms/src/libpsl/conftest > 0x005450539000-0x00545053a000 /usr/oms/src/libpsl/conftest > ... > 0x7fff70943000-0x7fff70964000 [stack] > 0x7fff709a4000-0x7fff709a6000 [vvar] > 0x7fff709a6000-0x7fff709a8000 [vdso] > ==13782==End of process memory map. > configure:3474: $? = 1 > configure:3481: error: in `/usr/oms/src/libpsl': > configure:3483: error: cannot run C compiled programs. > If you meant to cross compile, use `--host'. > See `config.log' for more details please could you attach the failing conftest?
Bug#869090: gcc-6: Address sanitizer: Shadow memory range interleaves
Package: gcc-6 Version: 6.4.0-1 Severity: important Dear Maintainer, building autotools packages with address sanitizer currently breaks with gcc-6 and gcc-7. gcc-5 is not effected. This breaks quality checking and fuzzing with ASAN enabled. Using LD_PRELOAD to load libasan first doesn't change anything. This doesn't help either (in case this is a ASLR problem with the kernel): echo 0 >/proc/sys/kernel/randomize_va_space $ CC=gcc-6 CFLAGS="-g -fsanitize=address -fno-omit-frame-pointer" ./configure checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... /bin/mkdir -p checking for gawk... gawk checking whether make sets $(MAKE)... yes checking whether make supports nested variables... yes checking for gcc... gcc-6 checking whether the C compiler works... yes checking for C compiler default output file name... a.out checking for suffix of executables... checking whether we are cross compiling... configure: error: in `/usr/oms/src/libpsl': configure: error: cannot run C compiled programs. If you meant to cross compile, use `--host'. See `config.log' for more details >From config.log: configure:3459: gcc-6 -o conftest -g -fsanitize=address -fno-omit-frame-pointer conftest.c >&5 configure:3463: $? = 0 configure:3470: ./conftest ==13782==Shadow memory range interleaves with an existing memory mapping. ASan cannot proceed correctly. ABORTING. ==13782==ASan shadow was supposed to be located in the [0x7fff7000-0x10007fff7fff] range. ==13782==Process memory map follows: 0x005450338000-0x005450339000 /usr/oms/src/libpsl/conftest 0x005450539000-0x00545053a000 /usr/oms/src/libpsl/conftest ... 0x7fff70943000-0x7fff70964000 [stack] 0x7fff709a4000-0x7fff709a6000 [vvar] 0x7fff709a6000-0x7fff709a8000 [vdso] ==13782==End of process memory map. configure:3474: $? = 1 configure:3481: error: in `/usr/oms/src/libpsl': configure:3483: error: cannot run C compiled programs. If you meant to cross compile, use `--host'. See `config.log' for more details Regards, Tim -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.11.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages gcc-6 depends on: ii binutils 2.28-6 ii cpp-6 6.4.0-1 ii gcc-6-base6.4.0-1 ii libc6 2.24-12 ii libcc1-0 7.1.0-9 ii libgcc-6-dev 6.4.0-1 ii libgcc1 1:7.1.0-9 ii libgmp10 2:6.1.2+dfsg-1 ii libisl15 0.18-1 ii libmpc3 1.0.3-1+b2 ii libmpfr4 3.1.5-1 ii libstdc++67.1.0-9 ii zlib1g1:1.2.8.dfsg-5 Versions of packages gcc-6 recommends: ii libc6-dev 2.24-12 Versions of packages gcc-6 suggests: ii gcc-6-doc 6.3.0-1 pn gcc-6-locales pn gcc-6-multilib pn libasan3-dbg pn libatomic1-dbg pn libcilkrts5-dbg pn libgcc1-dbg pn libgomp1-dbg pn libitm1-dbg pn liblsan0-dbg pn libmpx2-dbg pn libquadmath0-dbg pn libtsan0-dbg pn libubsan0-dbg -- no debconf information