[Bug sanitizer/103930] asan intercepts fail if target library is only loaded (indirectly) through dlopen (e.g. plugin)

2022-11-17 Thread jengelh at inai dot de via Gcc-bugs 
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103930

--- Comment #2 from Jan Engelhardt  ---
Subissue a) "the crash output is completely useless" seems to have been
addressed in the past already; I observe in gcc 12 that

Found plugin run function: 0x7fecaa0e01a0
AddressSanitizer:DEADLYSIGNAL
=
==75097==ERROR: AddressSanitizer: SEGV on unknown address 0x (pc
0x bp 0x7ffccfe3f0b0 sp 0x7ffccfe3f0a8 T0)
==75097==Hint: pc points to the zero page.
==75097==The signal is caused by a READ memory access.
==75097==Hint: address points to the zero page.
#0 0x0  ()
#1 0x4010ea in main main.c:10
#2 0x7feca982c5af in __libc_start_call_main
../sysdeps/nptl/libc_start_call_main.h:58

(But yeah, I remember a time when calling null pointer functions often meant no
usable stack trace, even in gdb. Not sure what that was about.)

[Bug sanitizer/103930] asan intercepts fail if target library is only loaded (indirectly) through dlopen (e.g. plugin)

2022-11-17 Thread jengelh at inai dot de via Gcc-bugs 
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=103930

Jan Engelhardt  changed:

   What|Removed |Added

 CC||rguenther at suse dot de

--- Comment #1 from Jan Engelhardt  ---
gcc version 12.2.1 20221020 [revision 0aaef83351473e8f4eb774f8f999bbe87a4866d7]
(SUSE Linux) 

Thread 5 "a.out" hit Breakpoint 2, __interceptor_crypt (key=0x60207050 "",
salt=0x60b15800 "") at
../../../../libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:9981
9981INTERCEPTOR(char *, crypt, char *key, char *salt) {
(gdb) n
9983  COMMON_INTERCEPTOR_ENTER(ctx, crypt, key, salt);
(gdb) 
9984  COMMON_INTERCEPTOR_READ_RANGE(ctx, key, internal_strlen(key) + 1);
(gdb) 
9985  COMMON_INTERCEPTOR_READ_RANGE(ctx, salt, internal_strlen(salt) + 1);
(gdb) 
9986  char *res = REAL(crypt)(key, salt);
(gdb) disas
…
=> 0x77862cdd <+125>:   lea-0x28(%rbp),%rsp
   0x77862ce1 <+129>:   mov%r12,%rsi
   0x77862ce4 <+132>:   mov%rbx,%rdi
   0x77862ce7 <+135>:   pop%rbx
   0x77862ce8 <+136>:   pop%r12
   0x77862cea <+138>:   pop%r13
   0x77862cec <+140>:   pop%r14
   0x77862cee <+142>:   pop%r15
   0x77862cf0 <+144>:   pop%rbp
   0x77862cf1 <+145>:   jmp*0xeade1(%rip)# 0x7794dad8
<_ZN14__interception10real_cryptE>
…
(gdb) p _ZN14__interception10real_cryptE
$1 = (crypt_type) 0x0