Issue 342 in address-sanitizer: Segfault in instrumented programs that use GNU indirect functions.
Status: New Owner: Labels: Type-Defect Priority-Medium New issue 342 by chefm...@gmail.com: Segfault in instrumented programs that use GNU indirect functions. https://code.google.com/p/address-sanitizer/issues/detail?id=342 What steps will reproduce the problem? 1. Testcase is attached. Compile with GCC with -fsanitize=address option. 2. Run. 3. What is the expected output? What do you see instead? Expected: Got: Segmentation fault (core dumped). What version of the product are you using? On what operating system? Compiler: gcc version 5.0.0 20140916 (experimental) (GCC). OS: Linux 3.2.0-56-generic #86-Ubuntu 12.04 x86_64 x86_64 x86_64 GNU/Linux Please provide any additional information below. It seems that resolution of indirect function's implementation happens before asan_init invokes, so if ASan inserts red zones into resolver's stack, we will have segfault. Attachments: test-1.c 332 bytes -- You received this message because this project is configured to send all issue notifications to this address. You may adjust your notification preferences at: https://code.google.com/hosting/settings -- You received this message because you are subscribed to the Google Groups address-sanitizer group. To unsubscribe from this group and stop receiving emails from it, send an email to address-sanitizer+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: Issue 342 in address-sanitizer: Segfault in instrumented programs that use GNU indirect functions.
Comment #1 on issue 342 by ramosian.gli...@gmail.com: Segfault in instrumented programs that use GNU indirect functions. https://code.google.com/p/address-sanitizer/issues/detail?id=342 For the record, Clang does not support the ifunc attribute yet, so this is a GCC-only problem. Am I right that the resolver functions themselves aren't marked anyhow and may reside in a different TU, so we can't decide to instrument them differently? For now you'll need to mark your resolver functions with __attribute__((no_sanitize_address)). Not sure if something can be done without messing up with the linker (wonder why the resolver function is called before .preinit_array initializer). -- You received this message because this project is configured to send all issue notifications to this address. You may adjust your notification preferences at: https://code.google.com/hosting/settings -- You received this message because you are subscribed to the Google Groups address-sanitizer group. To unsubscribe from this group and stop receiving emails from it, send an email to address-sanitizer+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: Issue 342 in address-sanitizer: Segfault in instrumented programs that use GNU indirect functions.
Comment #2 on issue 342 by tetra2...@gmail.com: Segfault in instrumented programs that use GNU indirect functions. https://code.google.com/p/address-sanitizer/issues/detail?id=342 For the record, Clang does not support the ifunc attribute yet, so this is a GCC-only problem. There is a bug in LLVM Bugzilla about this so it may get to Clang eventually. Am I right that the resolver functions themselves aren't marked anyhow and may reside in a different TU, so we can't decide to instrument them differently? Luckily not: Finally, the indirect function needs to be defined in the same translation unit as the resolver function (from https://gcc.gnu.org/onlinedocs/gcc-4.7.2/gcc/Function-Attributes.html). So looks like this could be detected by GCC. -- You received this message because this project is configured to send all issue notifications to this address. You may adjust your notification preferences at: https://code.google.com/hosting/settings -- You received this message because you are subscribed to the Google Groups address-sanitizer group. To unsubscribe from this group and stop receiving emails from it, send an email to address-sanitizer+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.