[llvm-commits] [PATCH] [asan] Always use file+offset in symbolizer

Kostya Serebryany kcc at google.com
Thu Oct 18 04:06:57 PDT 2012 

On Thu, Oct 18, 2012 at 2:24 PM, NAKAMURA Takumi <geek4civic at gmail.com>wrote:

> >>   > Besides, I still want the offsets to be meaningful for
> addr2line/atos.
> >>
> >>     #0 0x804a7e6
> >>
> (projects/compiler-rt/lib/asan/lit_tests/Output/use-after-free.cc.tmp+0x27e6)
> >>
> >>   Then should the address (0x804a7e6) be taken by them instead of the
> >> offset (0x27e6)?
> >
> >
> > I probably miss something here. As I understand, your non-PIE binary code
> > segment
> > is loaded at 0x8048000, right? What do you see when you run "objdump -d"
> on
> > this binary?
> > Does the instruction addresses have the form 0x804.... as well? If they
> do,
> > we want the
> > first line to have the form
> > #0 0x804a7e6
> >
> (projects/compiler-rt/lib/asan/lit_tests/Output/use-after-free.cc.tmp+0x804a7e6)
> > as well, for compatibility with addr2line, objdump etc.
>
> It was the emission of patched version of non-relocatable executable.
>
> With objdump -x,
>
>     LOAD off    0x00000000 vaddr 0x08048000 paddr 0x08048000 align 2**12
>          filesz 0x0002215c memsz 0x0002215c flags r-x
>
> with objdump -d,
>
> projects/compiler-rt/lib/asan/lit_tests/Output/use-after-free.cc.tmp:
>    file format elf32-i386
>
>
> Disassembly of section .init:
>
> 0804a46c <_init>:
>  804a46c:       55                      push   %ebp
> (snip)
>
> Disassembly of section .plt:
>
> 0804a49c <abort at plt-0x10>:
>  804a49c:       ff 35 b4 b3 06 08       pushl  0x806b3b4
> (snip)
>
> Disassembly of section .text:
>
> 0804a6e0 <_start>:
>  804a6e0:       31 ed                   xor    %ebp,%ebp
> (snip)
>
> 0804a7a0 <main>:
>  804a7a0:       55                      push   %ebp
> (snip)
>  804a7dd:       5d                      pop    %ebp
>  804a7de:       c3                      ret
>  804a7df:       89 34 24                mov    %esi,(%esp)
>  804a7e2:       e8 19 0b 00 00          call   804b300
> <__asan_report_load1>
>  804a7e7:       66 0f 1f 84 00 00 00    nopw   0x0(%eax,%eax,1)
>  804a7ee:       00 00
>
> FYI, addr2line show me;
>
> $ echo 0x804a7e6 | addr2line -f -e
> projects/compiler-rt/lib/asan/lit_tests/Output/use-after-free.cc.tmp
> main
> llvm-project/compiler-rt/lib/asan/lit_tests/use-after-free.cc:22
>
> > If they do,
> > we want the
> > first line to have the form
> > #0 0x804a7e6
> >
> (projects/compiler-rt/lib/asan/lit_tests/Output/use-after-free.cc.tmp+0x804a7e6)
> > as well, for compatibility with addr2line, objdump etc.
>
> I didn't know any other tools who expect such a form. Did you say
> binutils would recognize one?
>
>
> >>   Anyways, I don't know how to distinguish PIE in runtime, though.
> >
> > Yeah, neither do I (for now). Now to check if the module is main non-PIE
> > binary we check if
> > the module is first in the list of mappings. We can instead invent more
> > loose (but still hacky)
> > condition - the module address should be "small" (say, in the lower half
> of
> > address space), and
> > its name shouldn't have a dynamic library suffix.
>
> Your assumption does not work for me.
> On centos6 x86-64 with i386, I saw the map like;
>

I wonder if you can build with -fPIE -pie. The may fix the current problem
for you.
It is also a good idea anyway -- I really wish we could make -pie the
default mode for asan, at least on Linux
(this will save ~ 5% performance and code size if used with zero shadow
access)

--kcc




>
> 0012a000-0012b000 r-xp 00000000 00:00 0                  [vdso]
> 0051a000-00538000 r-xp 00000000 08:01 3809599            /lib/ld-2.12.so
> 00538000-00539000 r--p 0001d000 08:01 3809599            /lib/ld-2.12.so
> 00539000-0053a000 rw-p 0001e000 08:01 3809599            /lib/ld-2.12.so
> 00cde000-00e6e000 r-xp 00000000 08:01 3806639            /lib/libc-2.12.so
> 00e6e000-00e70000 r--p 0018f000 08:01 3806639            /lib/libc-2.12.so
> 00e70000-00e71000 rw-p 00191000 08:01 3806639            /lib/libc-2.12.so
> 00e71000-00e74000 rw-p 00000000 00:00 0
> 08048000-08049000 r-xp 00000000 08:01 5133928            /tmp/a.out
> 08049000-0804a000 rw-p 00000000 08:01 5133928            /tmp/a.out
> 08407000-08428000 rw-p 00000000 00:00 0                  [heap]
> f777f000-f7780000 rw-p 00000000 00:00 0
> f778d000-f778f000 rw-p 00000000 00:00 0
> ffacd000-ffae2000 rw-p 00000000 00:00 0                  [stack]
>
> ( /tmp/a.out is a small program who reads and emits /proc/self/maps)
> _______________________________________________
> llvm-commits mailing list
> llvm-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20121018/8f42a96f/attachment.html>

More information about the llvm-commits mailing list