search

tst2005googlecode2 / address-sanitizer

Automatically exported from code.google.com/p/address-sanitizer
0 stars 0 forks source link

AddressSanitizer CHECK failed on linux kernel that is patched with PaX #228

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
When the linux kernel is patched with PaX (http://pax.grsecurity.net/) and
the option UDEREF enable the use-after-free test fail with
laptop1 / # ./use-after-free
==13568==AddressSanitizer CHECK failed: 
/var/tmp/portage/sys-devel/llvm-3.3-r1/work/llvm-3.3.src/projects/compiler-rt/li
b/sanitizer_common/sanitizer_allocator.h:310 "((kSpaceBeg)) == (( 
reinterpret_cast<uptr>(Mprotect(kSpaceBeg, kSpaceSize))))" (0x600000000000, 
0xffffffffffffffff)
    #0 0x425b9f (/use-after-free+0x425b9f)
    #1 0x427371 (/use-after-free+0x427371)
    #2 0x414652 (/use-after-free+0x414652)
    #3 0x4112d5 (/use-after-free+0x4112d5)
    #4 0x4259a4 (/use-after-free+0x4259a4)
    #5 0x2f3cdc5ed45 (/lib64/ld-2.17.so+0xed45)
    #6 0x2f3cdc516c9 (/lib64/ld-2.17.so+0x16c9)
laptop1 / #
PaX enable kernel have diffrent userland address space size then the usual 47 
bit linux/amd64 userland address space size.
The test is done on a Gentoo Hardened system with Grsecurity and Pax enable 
kernel with llvm 3.3 or gcc 4.8.1. Downstream bug 
https://bugs.gentoo.org/show_bug.cgi?id=458706

Original issue reported on code.google.com by zo...@gentoo.org on 30 Sep 2013 at 8:19

GoogleCodeExporter commented 9 years ago 
Hi,

Is it critical for you to run tests with PaX enabled? Can you run the tests on 
a normal linux?

Original comment by dvyu...@google.com on 1 Oct 2013 at 2:21

GoogleCodeExporter commented 9 years ago 
You may try to change the shadow offset using 
  "-mllvm -asan-mapping-offset-log=N"
See more compile-time flags in 
lib/Transforms/Instrumentation/AddressSanitizer.cpp
But these options are by no means supported -- use them on your own risk.

Original comment by konstant...@gmail.com on 1 Oct 2013 at 7:40

GoogleCodeExporter commented 9 years ago 
This is not actionable on our side.
Please reopen if you have suggestions.

Original comment by konstant...@gmail.com on 3 Oct 2013 at 12:21

GoogleCodeExporter commented 9 years ago 
From http://blog.siphos.be/2013/12/december-hardened-meeting/ :

>> And on the ASAN (Address Sanitizer) debacle; well… still the same.
>> Doesn’t work with PaX. I think there is a standstill on this.

Sure, this will not get fixed by itself. 
Patches to support PaX are welcome,
*especially* if they are accompanied by a public LLVM build bot.

Original comment by konstant...@gmail.com on 26 Dec 2013 at 11:58

GoogleCodeExporter commented 9 years ago 
Note that issue 246 deals with very similar problems

Original comment by konstant...@gmail.com on 26 Dec 2013 at 12:42

GoogleCodeExporter commented 9 years ago 
If anyone is still interested in using AddressSanitizer (or other Clang 
sanitizers) under PaX kernels, I've implemented the necessary patches - details 
are here: http://endl.ch/clang-sanitizers-with-pax

Original comment by ndlma...@gmail.com on 25 Jan 2015 at 8:41

GoogleCodeExporter commented 9 years ago 
Thanks for the details and work to get it working.
As you pointing out it should not be runing in production.

Original comment by zo...@gentoo.org on 25 Jan 2015 at 9:46