Page MenuHome GnuPG

Memory errors when running `make check` under Clang sanitizers
Closed, ResolvedPublic

Description

Memory errors make me nervous.

Attached is the script I am using to build and run GnuPG suite under Clang and
its sanitizers. This is dynamic testing on real data. I'm told there are no
false positives.


export CC=/usr/local/bin/clang
export CXX=/usr/local/bin/clang++
export CPPFLAGS="-fsanitize=address -fsanitize=undefined"
export CFLAGS="-fsanitize=address -fsanitize=undefined"
export CFLAGS="-fsanitize=address -fsanitize=undefined -fno-sanitize=vptr"

export PREFIX=~/gpg-sanitize
...

./configure --enable-static --disable-shared --disable-random-daemon
--with-libgpg-error-prefix="$PREFIX" --with-pth-prefix="$PREFIX" --prefix="$PREFIX"

make
make check | /usr/local/bin/asan_symbolize.py
...

ASAN:SIGSEGV

30092==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc

0x00000051d8c7 sp 0x7fffc5990c00 bp 0x7fffc5990cd0 T0)

#0 0x51d8c6 in get_xgetbv

(/gpg-user/gcrypt-2.0-sanitize/libgcrypt-1.6.3/tests/version+0x51d8c6)

#1 0x51c22a in detect_x86_gnuc

(/gpg-user/gcrypt-2.0-sanitize/libgcrypt-1.6.3/tests/version+0x51c22a)

#2 0x51b748 in _gcry_hwf_detect_x86

(/gpg-user/gcrypt-2.0-sanitize/libgcrypt-1.6.3/tests/version+0x51b748)

#3 0x4fe73d in _gcry_detect_hw_features

(/gpg-user/gcrypt-2.0-sanitize/libgcrypt-1.6.3/tests/version+0x4fe73d)

#4 0x4a95f8 in global_init

(/gpg-user/gcrypt-2.0-sanitize/libgcrypt-1.6.3/tests/version+0x4a95f8)

#5 0x4ab627 in _gcry_vcontrol

(/gpg-user/gcrypt-2.0-sanitize/libgcrypt-1.6.3/tests/version+0x4ab627)

#6 0x481759 in gcry_control

(/gpg-user/gcrypt-2.0-sanitize/libgcrypt-1.6.3/tests/version+0x481759)

#7 0x47fcdd in main

(/gpg-user/gcrypt-2.0-sanitize/libgcrypt-1.6.3/tests/version+0x47fcdd)

#8 0x2b3b12713ec4 in __libc_start_main

/build/buildd/eglibc-2.19/csu/libc-start.c:287

#9 0x47fa0c in _start

(/gpg-user/gcrypt-2.0-sanitize/libgcrypt-1.6.3/tests/version+0x47fa0c)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ??:0 get_xgetbv

30092==ABORTING

FAIL: version

Details

Version
1.6.3

Event Timeline

JW set Version to 1.6.3.

Attached is the recipe I am using to build Clang 3.5.

And:

$ addr2line -e libgcrypt-1.6.3/tests/version 0x51d8c6
hwf-x86.c:?

And:

$ gdb
(gdb) file libgcrypt-1.6.3/tests/version
Reading symbols from libgcrypt-1.6.3/tests/version...done.
(gdb) info symbol 0x51d8c6
get_xgetbv + 294 in section .text
(gdb) info *0x51d8c6
Undefined info command: "*0x51d8c6". Try "help info".
(gdb) info line *0x51d8c6
No line number information available for address 0x51d8c6 <get_xgetbv+294>

Related bug: "Test suite built without symbols",
T1873.

Attached is the script I am using to acceptance test the suite. It requires
Clang 3.5 (Clang 3.5 recipe was provided with Bug 1872).

werner claimed this task.
werner added a project: Mistaken.

"makes me nervous" is not a bug report. Please take it to gnupg-devel and use
master for fuzzing.