asan should handle SIGBUS on Linux

Jeff-Lewis / address-sanitizer

Automatically exported from code.google.com/p/address-sanitizer

0 stars 0 forks source link

asan should handle SIGBUS on Linux #369

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

On Linux, some stack overflows generate SIGBUS instead of SIGSEGV. Asan should 
handle SIGBUS so that it can report these stack overflows properly.

Here's a test case:

$ cat bus.c
#include <stdio.h>
#include <string.h>
#include <sys/mman.h>
#include <unistd.h>

void foo()
{
    foo();
}

int main()
{
    const long pagesize = sysconf(_SC_PAGESIZE);
    FILE *f = fopen("/proc/self/maps", "r");
    char a[1000];
    while (fgets(a, sizeof a, f))
    {
        if (strstr(a, "[stack]"))
        {
            unsigned long addr;
            if (sscanf(a, "%lx", &addr) == 1)
                mmap((void *)(addr - 4 * pagesize), pagesize, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
        }
    }
    foo();
    return 0;
}

$ clang -o bus bus.c -fsanitize=address && ulimit -Ss 8192 && ./bus
Bus error (core dumped)

Original issue reported on code.google.com by jay.f...@gmail.com on 9 Jan 2015 at 4:26

GoogleCodeExporter commented 9 years ago

See here for when you get SIGBUS:

http://lkml.iu.edu/hypermail/linux/kernel/1008.1/02299.html

The test case arranges for some memory to be mapped before the stack segment so 
that when the stack segment grows down a bit "we'll get a nice SIGBUS just as 
the stack touches the page just above the mapping".

Original comment by jay.f...@gmail.com on 9 Jan 2015 at 4:29

GoogleCodeExporter commented 9 years ago

Right. We already handle SIGBUS on Mac, I think we should just do this on Linux 
as well.

Original comment by samso...@google.com on 9 Jan 2015 at 10:49

GoogleCodeExporter commented 9 years ago

Original comment by samso...@google.com on 9 Jan 2015 at 10:49

Changed state: Accepted

GoogleCodeExporter commented 9 years ago

Could you check if adding SIGBUS to IsDeadlySignal() in sanitizer_linux.cc will 
fix the problem for you?

Original comment by samso...@google.com on 9 Jan 2015 at 11:09

GoogleCodeExporter commented 9 years ago

Yes, that's exactly what I did to fix it locally!

-  return (signum == SIGSEGV) && common_flags()->handle_segv;
+  return (signum == SIGSEGV || signum == SIGBUS) && 
common_flags()->handle_segv;

This is what we already do in sanitizer_darwin.cc anyway.

Original comment by jay.f...@gmail.com on 10 Jan 2015 at 8:25

GoogleCodeExporter commented 9 years ago

Can you prepare a patch (with test case)?

Original comment by samso...@google.com on 12 Jan 2015 at 3:00

GoogleCodeExporter commented 9 years ago

Looks like r225630 takes care of this.

Original comment by samso...@google.com on 12 Jan 2015 at 7:26

Changed state: Fixed

GoogleCodeExporter commented 9 years ago

Adding Project:AddressSanitizer as part of GitHub migration.

Original comment by ramosian.glider@gmail.com on 30 Jul 2015 at 9:14

Added labels: ProjectAddressSanitizer