Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AddressSanitizer CHECK failed on linux kernel that is patched with PaX #228

Closed
ramosian-glider opened this issue Aug 31, 2015 · 8 comments
Closed

AddressSanitizer CHECK failed on linux kernel that is patched with PaX #228

ramosian-glider opened this issue Aug 31, 2015 · 8 comments
Labels
Priority-Medium ProjectAddressSanitizer Status-WontFix Type-Defect

Comments

@ramosian-glider
Copy link
Member

Originally reported on Google Code with ID 228

When the linux kernel is patched with PaX (http://pax.grsecurity.net/) and
the option UDEREF enable the use-after-free test fail with
laptop1 / # ./use-after-free
==13568==AddressSanitizer CHECK failed: /var/tmp/portage/sys-devel/llvm-3.3-r1/work/llvm-3.3.src/projects/compiler-rt/lib/sanitizer_common/sanitizer_allocator.h:310
"((kSpaceBeg)) == (( reinterpret_cast<uptr>(Mprotect(kSpaceBeg, kSpaceSize))))" (0x600000000000,
0xffffffffffffffff)
    #0 0x425b9f (/use-after-free+0x425b9f)
    #1 0x427371 (/use-after-free+0x427371)
    #2 0x414652 (/use-after-free+0x414652)
    #3 0x4112d5 (/use-after-free+0x4112d5)
    #4 0x4259a4 (/use-after-free+0x4259a4)
    #5 0x2f3cdc5ed45 (/lib64/ld-2.17.so+0xed45)
    #6 0x2f3cdc516c9 (/lib64/ld-2.17.so+0x16c9)
laptop1 / #
PaX enable kernel have diffrent userland address space size then the usual 47 bit linux/amd64
userland address space size.
The test is done on a Gentoo Hardened system with Grsecurity and Pax enable kernel
with llvm 3.3 or gcc 4.8.1. Downstream bug https://bugs.gentoo.org/show_bug.cgi?id=458706

Reported by zorry@gentoo.org on 2013-09-30 20:19:54
@ramosian-glider
Copy link
Member Author 

Hi,

Is it critical for you to run tests with PaX enabled? Can you run the tests on a normal
linux?

Reported by dvyukov@google.com on 2013-10-01 02:21:44

@ramosian-glider
Copy link
Member Author 

You may try to change the shadow offset using 
  "-mllvm -asan-mapping-offset-log=N"
See more compile-time flags in lib/Transforms/Instrumentation/AddressSanitizer.cpp
But these options are by no means supported -- use them on your own risk.

Reported by konstantin.s.serebryany on 2013-10-01 07:40:55

@ramosian-glider
Copy link
Member Author 

This is not actionable on our side.
Please reopen if you have suggestions.

Reported by konstantin.s.serebryany on 2013-10-03 12:21:28

  • Status changed: WontFix

@ramosian-glider
Copy link
Member Author 

From http://blog.siphos.be/2013/12/december-hardened-meeting/ :

>> And on the ASAN (Address Sanitizer) debacle; well… still the same.
>> Doesn’t work with PaX. I think there is a standstill on this.

Sure, this will not get fixed by itself. 
Patches to support PaX are welcome,
*especially* if they are accompanied by a public LLVM build bot.

Reported by konstantin.s.serebryany on 2013-12-26 11:58:31

@ramosian-glider
Copy link
Member Author 

Note that issue 246 deals with very similar problems

Reported by konstantin.s.serebryany on 2013-12-26 12:42:34

@ramosian-glider
Copy link
Member Author 

If anyone is still interested in using AddressSanitizer (or other Clang sanitizers)
under PaX kernels, I've implemented the necessary patches - details are here: http://endl.ch/clang-sanitizers-with-pax

Reported by ndlmaker on 2015-01-25 20:41:39

@ramosian-glider
Copy link
Member Author 

Thanks for the details and work to get it working.
As you pointing out it should not be runing in production.

Reported by zorry@gentoo.org on 2015-01-25 21:46:00

@ramosian-glider
Copy link
Member Author 

Adding Project:AddressSanitizer as part of GitHub migration.

Reported by ramosian.glider on 2015-07-30 09:13:42

  • Labels added: ProjectAddressSanitizer

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Priority-Medium ProjectAddressSanitizer Status-WontFix Type-Defect
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ramosian-glider