[Bug sanitizer/58937] Preloaded libasan segfaults on unsanitized executables
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=58937 Yury Gribov y.gribov at samsung dot com changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution|--- |FIXED --- Comment #18 from Yury Gribov y.gribov at samsung dot com --- Fixed with last merge from LLVM.
[Bug sanitizer/58937] Preloaded libasan segfaults on unsanitized executables
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58937 --- Comment #17 from Yury Gribov y.gribov at samsung dot com --- This should be fully resolved once https://github.com/llvm-mirror/compiler-rt/commit/d6535ea4c4d49078a93735b315b8518fb692a592 is merged into gcc trunk. BTW it no longer reproduces on trunk because newer versions of libstdc++ silently call __asan_init from __cxa_atexit in some constructor: #1 0x76f45a09 in __asan::InitializeAsanInterceptors() () at /home/ygribov/src/gcc-master/libsanitizer/asan/asan_interceptors.cc:710 #2 0x76f5b71f in __asan_init_v3 () from /home/ygribov/install/gcc-master/lib64/libasan.so #3 0x76f24462 in __interceptor___cxa_atexit () at /home/ygribov/src/gcc-master/libsanitizer/asan/asan_interceptors.cc:671 #4 0x762bfa32 in std::future_category() () at /home/ygribov/src/gcc-master/libstdc++-v3/src/c++11/future.cc:63 #5 0x76265c79 in _GLOBAL__sub_I_compatibility_thread_c__0x.cc () at /home/ygribov/src/gcc-master/libstdc++-v3/src/c++11/compatibility-thread-c++0x.cc:49 #6 0x77de9306 in call_init (l=optimized out, argc=1, argv=0x7fffdeb8, env=0x7fffdec8) at dl-init.c:85 #7 0x77de93df in call_init (env=optimized out, argv=optimized out, argc=optimized out, l=optimized out) at dl-init.c:52 #8 _dl_init (main_map=0x77ffe2c8, argc=1, argv=0x7fffdeb8, env=0x7fffdec8) at dl-init.c:134 #9 0x77ddb6ea in _dl_start_user () from /lib64/ld-linux-x86-64.so.2
[Bug sanitizer/58937] Preloaded libasan segfaults on unsanitized executables
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58937 --- Comment #16 from Yury Gribov y.gribov at samsung dot com --- (In reply to Evgeniy Stepanov from comment #15) In fact, a recent change disabled ASAN_FLEXIBLE_MAPPING_AND_OFFSET and killed all supporting code. Or are you talking about a different change? Sorry, I was looking at commit which introduced it in Jan 21 _2013_. It works.
[Bug sanitizer/58937] Preloaded libasan segfaults on unsanitized executables
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58937 --- Comment #14 from Yury Gribov y.gribov at samsung dot com --- With recent decision to enable ASAN_FLEXIBLE_MAPPING_AND_OFFSET by default I don't see how LD_PRELOAD is going to work at all. What's the reasoning behind this change?
[Bug sanitizer/58937] Preloaded libasan segfaults on unsanitized executables
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58937 --- Comment #15 from Evgeniy Stepanov eugeni.stepanov at gmail dot com --- In fact, a recent change disabled ASAN_FLEXIBLE_MAPPING_AND_OFFSET and killed all supporting code. Or are you talking about a different change? ASAN_FLEXIBLE_MAPPING_AND_OFFSET indeed prevents LD_PRELOAD with unsanitized binaries, and it was one of the reasons for killing it.
[Bug sanitizer/58937] Preloaded libasan segfaults on unsanitized executables
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58937 --- Comment #13 from Evgeniy Stepanov eugeni.stepanov at gmail dot com --- (In reply to Yury Gribov from comment #12) (In reply to Evgeniy Stepanov from comment #8) ... one of the ASan interceptors that does ENSURE_ASAN_INITED(). Arguably, all interceptors should do it. Can we force all interceptors to do this? I think it would be a good thing to do. Some interceptors are special in that they are allowed during __asan_init (ex. memmove). Something like COMMON_INTERCEPTOR_ENTER in asan_interceptors.cc could probably be applied safely to all interceptors.
[Bug sanitizer/58937] Preloaded libasan segfaults on unsanitized executables
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58937 --- Comment #11 from Yury Gribov y.gribov at samsung dot com --- (In reply to Evgeniy Stepanov from comment #10) We don't intercept signal() on Android This is just an implementation detail, this fails just as well: $ cat repro.c #include stdio.h #include stdlib.h #include setjmp.h int main() { jmp_buf env; int val = setjmp (env); if (val) exit (val); longjmp (env,101); return 0; } $ gcc -g repro.c $ LD_PRELOAD=/home/ygribov/install/gcc-master/lib64/libasan.so.0 ./a.out ==11784== Sanitizer CHECK failed: /home/ygribov/gcc/gcc-master/libsanitizer/asan/asan_posix.cc:107 ((tsd_key_inited)) != (0) (0, 0)
[Bug sanitizer/58937] Preloaded libasan segfaults on unsanitized executables
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58937 --- Comment #12 from Yury Gribov y.gribov at samsung dot com --- (In reply to Evgeniy Stepanov from comment #8) ... one of the ASan interceptors that does ENSURE_ASAN_INITED(). Arguably, all interceptors should do it. Can we force all interceptors to do this?
[Bug sanitizer/58937] Preloaded libasan segfaults on unsanitized executables
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58937 --- Comment #9 from Yury Gribov y.gribov at samsung dot com --- Created attachment 31204 -- http://gcc.gnu.org/bugzilla/attachment.cgi?id=31204action=edit Repro Just occured to me that I forgot to attach a reprocase, so doing this now. @Evegeniy: could you check whether this reproduces under Android/Darwin?
[Bug sanitizer/58937] Preloaded libasan segfaults on unsanitized executables
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58937 --- Comment #10 from Evgeniy Stepanov eugeni.stepanov at gmail dot com --- We don't intercept signal() on Android, because there is a friendly crash handler installed by the OS, and we don't need to handle segv ourselves.
[Bug sanitizer/58937] Preloaded libasan segfaults on unsanitized executables
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58937 Alexey Samsonov samsonov at google dot com changed: What|Removed |Added CC||eugeni.stepanov at gmail dot com, ||glider at google dot com --- Comment #5 from Alexey Samsonov samsonov at google dot com --- +eugenis,glider Do we have any similar issues on systems where we use dynamic ASan runtime ourselves (Mac and Android)?
[Bug sanitizer/58937] Preloaded libasan segfaults on unsanitized executables
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58937 --- Comment #6 from Kostya Serebryany kcc at gcc dot gnu.org --- adding attribute ctor to __asan_init is questionable - windows has different syntax. - running non-instrumented binary w/o calling __asan_init at startup is risky: the binary may call memset/etc an touch shadow memory, which is not initialized before __asan_init
[Bug sanitizer/58937] Preloaded libasan segfaults on unsanitized executables
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58937 --- Comment #7 from Yury Gribov y.gribov at samsung dot com --- (In reply to Kostya Serebryany from comment #6) adding attribute ctor to __asan_init is questionable - windows has different syntax. We'll fix that (see the obsolete patch). - running non-instrumented binary w/o calling __asan_init at startup is risky: the binary may call memset/etc an touch shadow memory, which is not initialized before __asan_init Sorry, I didn't understand. The proposal is to call __asan_init at startup so that we don't have this problem.
[Bug sanitizer/58937] Preloaded libasan segfaults on unsanitized executables
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58937 --- Comment #8 from Evgeniy Stepanov eugeni.stepanov at gmail dot com --- I'm a little surprised we did not run into this on Android yet - we use the same LD_PRELOAD scheme there. Are you linking libasan with libpthread? This might go away as libpthread constructors call one of the ASan interceptors that does ENSURE_ASAN_INITED(). Arguably, all interceptors should do it. I think Kostya raises valid points, but still, adding attribute((constructor)) is reasonable.
[Bug sanitizer/58937] Preloaded libasan segfaults on unsanitized executables
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58937 Yury Gribov y.gribov at samsung dot com changed: What|Removed |Added CC||samsonov at google dot com --- Comment #4 from Yury Gribov y.gribov at samsung dot com --- Added Alexey to maybe comment on making __asan_init a constructor.
[Bug sanitizer/58937] Preloaded libasan segfaults on unsanitized executables
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58937 --- Comment #1 from Yury Gribov y.gribov at samsung dot com --- Created attachment 31118 -- http://gcc.gnu.org/bugzilla/attachment.cgi?id=31118action=edit Draft patch Here is a draft patch implementing my proposal.
[Bug sanitizer/58937] Preloaded libasan segfaults on unsanitized executables
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58937 --- Comment #2 from Jakub Jelinek jakub at gcc dot gnu.org --- Why don't you add __attribute__((constructor)) to __asan_init instead?
[Bug sanitizer/58937] Preloaded libasan segfaults on unsanitized executables
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58937 Yury Gribov y.gribov at samsung dot com changed: What|Removed |Added Attachment #31118|0 |1 is obsolete|| --- Comment #3 from Yury Gribov y.gribov at samsung dot com --- Created attachment 31120 -- http://gcc.gnu.org/bugzilla/attachment.cgi?id=31120action=edit Better patch (In reply to Jakub Jelinek from comment #2) Why don't you add __attribute__((constructor)) to __asan_init instead? Point taken, patch updaten.