tech-toolchain archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Is -fsanitize=address working?
Hi!
I wanted to try out -fsanitize=address on 11.99.2/x86_64 (gcc 12).
git clone git%github.com@localhost:nih-at/libzip.git
cd libzip
mkdir build
cd build
CFLAGS=-fsanitize=address cmake ..
First thing I noticed, it warns during linking:
[264/284] Linking C executable ossfuzz/zip_read_file_fuzzer
ld: /usr/lib/libm.so.0: warning: warning: reference to compatibility cabs()
ld: /usr/lib/libm.so.0: warning: warning: reference to compatibility cabsf()
(and many more times) which a non-sanitized build doesn't. The code
doesn't use cabs, so it looks like the sanitizer adds it.
(I then had to disable ASLR:
# ./src/ziptool ../regress/test.zip set_password a set_password b
This sanitizer is not compatible with enabled ASLR.
To disable ASLR, please run "paxctl +a ./src/ziptool" and try again.
Then I did the actual test:
# ./src/ziptool ../regress/test.zip cat 0
test
==16438==LeakSanitizer has encountered a fatal error.
==16438==HINT: For debugging, try setting environment variable LSAN_OPTIONS=verbosity=1:log_threads=1
==16438==HINT: LeakSanitizer does not work under ptrace (strace, gdb, etc)
# export LSAN_OPTIONS=verbosity=1:log_threads=1
# ./src/ziptool ../regress/test.zip cat 0
==7321==AddressSanitizer: failed to intercept 'backtrace'
==7321==AddressSanitizer: failed to intercept 'backtrace_symbols'
==7321==AddressSanitizer: libc interceptors initialized
|| `[0x4ff000000000, 0x7f7fffffffff]` || HighMem ||
|| `[0x49fe00000000, 0x4fefffffffff]` || HighShadow ||
|| `[0x480000000000, 0x49fdffffffff]` || ShadowGap ||
|| `[0x400000000000, 0x47ffffffffff]` || LowShadow ||
|| `[0x000000000000, 0x3fffffffffff]` || LowMem ||
MemToShadow(shadow): 0x480000000000 0x48ffffffffff 0x493fc0000000 0x49fdffffffff
redzone=16
max_redzone=2048
quarantine_size_mb=256M
thread_local_quarantine_size_kb=1024K
malloc_context_size=30
SHADOW_SCALE: 3
SHADOW_GRANULARITY: 8
SHADOW_OFFSET: 0x400000000000
==7321==Installed the sigaction for signal 11
==7321==Installed the sigaction for signal 10
==7321==Installed the sigaction for signal 8
==7321==T0: stack [0x7f7fffff0000,0x7f7ffffff000) size 0xf000; local=0x7f7fffffe13c
==7321==AddressSanitizer Init done
test
==7321==Failed spawning a tracer thread (errno 22).
==7321==LeakSanitizer has encountered a fatal error.
==7321==HINT: For debugging, try setting environment variable LSAN_OPTIONS=verbosity=1:log_threads=1
==7321==HINT: LeakSanitizer does not work under ptrace (strace, gdb, etc)
Running it as root fails the same way.
Does anyone know what the problem here is?
Thanks,
Thomas
Home |
Main Index |
Thread Index |
Old Index