<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 05/15/2017 07:10 PM, Peter
Collingbourne via llvm-commits wrote:<br>
</div>
<blockquote
cite="mid:CAPQLkRgX_NxDUXau9PL2sqq8d66q2w8dnAGT2wTR3TorUu2S+w@mail.gmail.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<div dir="ltr">I'm fine with waiting.</div>
</blockquote>
<br>
What's the symptom? This test is failing on some of my build
systems:<br>
<br>
$
/path/to/build/llvm-stage1/projects/compiler-rt/test/asan/X86_64LinuxConfig/TestCases/Linux/Output/sanbox_read_proc_self_maps_test.cc.tmp<br>
unshare failed<br>
Aborted<br>
<br>
strace shows:<br>
<br>
unshare(CLONE_NEWUSER) = -1 EINVAL (Invalid
argument)<br>
<br>
The system is RHEL7 (Kernel 3.10.0).<br>
<br>
Can you please make the test more robust?<br>
<br>
Thanks again,<br>
Hal<br>
<br>
<blockquote
cite="mid:CAPQLkRgX_NxDUXau9PL2sqq8d66q2w8dnAGT2wTR3TorUu2S+w@mail.gmail.com"
type="cite">
<div dir="ltr">
<div><br>
</div>
<div>Peter</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Mon, May 15, 2017 at 5:09 PM, Kostya
Serebryany <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:kcc@google.com" target="_blank">kcc@google.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">I see...
<div>Shall we wait for someone to complain about this test
first (to know who is affected) or disable it right
away? </div>
<div><br>
</div>
<div>--kcc </div>
</div>
<div class="HOEnZb">
<div class="h5">
<div class="gmail_extra"><br>
<div class="gmail_quote">On Mon, May 15, 2017 at 5:06
PM, Peter Collingbourne <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:peter@pcc.me.uk" target="_blank">peter@pcc.me.uk</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">I think it's not just a matter of a
new enough kernel but the fact that some Linux
distributions disable user namespaces for
security reasons, e.g. Arch Linux: <a
moz-do-not-send="true"
href="https://bugs.archlinux.org/task/36969"
target="_blank">https://bugs.archlinux.org/tas<wbr>k/36969</a>
<div><br>
</div>
<div>Peter</div>
</div>
<div class="gmail_extra">
<div>
<div class="m_-115630368443096162h5"><br>
<div class="gmail_quote">On Mon, May 15,
2017 at 5:03 PM, Kostya Serebryany <span
dir="ltr"><<a moz-do-not-send="true"
href="mailto:kcc@google.com"
target="_blank">kcc@google.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0 .8ex;border-left:1px
#ccc solid;padding-left:1ex">
<div dir="ltr">Yea, probably.
<div>Will this include fresh enough
kernels that we care about? </div>
</div>
<div
class="m_-115630368443096162m_-2046169415671839564HOEnZb">
<div
class="m_-115630368443096162m_-2046169415671839564h5">
<div class="gmail_extra"><br>
<div class="gmail_quote">On Mon,
May 15, 2017 at 4:54 PM, Peter
Collingbourne <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:peter@pcc.me.uk"
target="_blank">peter@pcc.me.uk</a>></span>
wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0
.8ex;border-left:1px #ccc
solid;padding-left:1ex">
<div dir="ltr">The test will
fail if the kernel does not
allow user namespaces, won't
it?
<div><br>
</div>
<div>Peter</div>
</div>
<div class="gmail_extra">
<div>
<div
class="m_-115630368443096162m_-2046169415671839564m_-1342910953500254821h5"><br>
<div class="gmail_quote">On
Mon, May 15, 2017 at
4:37 PM, Kostya
Serebryany via
llvm-commits <span
dir="ltr"><<a
moz-do-not-send="true"
href="mailto:llvm-commits@lists.llvm.org" target="_blank">llvm-commits@lists.llvm.org</a>></span>
wrote:<br>
<blockquote
class="gmail_quote"
style="margin:0 0 0
.8ex;border-left:1px
#ccc
solid;padding-left:1ex">Author:
kcc<br>
Date: Mon May 15
18:37:54 2017<br>
New Revision: 303132<br>
<br>
URL: <a
moz-do-not-send="true"
href="http://llvm.org/viewvc/llvm-project?rev=303132&view=rev"
rel="noreferrer"
target="_blank">http://llvm.org/viewvc/llvm-pr<wbr>oject?rev=303132&view=rev</a><br>
Log:<br>
[asan] make asan
under sandboxes more
robust<br>
<br>
Added:<br>
compiler-rt/trunk/test/asan/Te<wbr>stCases/Linux/sanbox_read_proc<wbr>_self_maps_test.cc<br>
Modified:<br>
compiler-rt/trunk/lib/sanitize<wbr>r_common/sanitizer_procmaps_li<wbr>nux.cc<br>
<br>
Modified:
compiler-rt/trunk/lib/sanitize<wbr>r_common/sanitizer_procmaps_li<wbr>nux.cc<br>
URL: <a
moz-do-not-send="true"
href="http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/sanitizer_common/sanitizer_procmaps_linux.cc?rev=303132&r1=303131&r2=303132&view=diff"
rel="noreferrer"
target="_blank">http://llvm.org/viewvc/llvm-pr<wbr>oject/compiler-rt/trunk/lib/sa<wbr>nitizer_common/sanitizer_procm<wbr>aps_linux.cc?rev=303132&r1=303<wbr>131&r2=303132&view=diff</a><br>
==============================<wbr>==============================<wbr>==================<br>
---
compiler-rt/trunk/lib/sanitize<wbr>r_common/sanitizer_procmaps_li<wbr>nux.cc
(original)<br>
+++
compiler-rt/trunk/lib/sanitize<wbr>r_common/sanitizer_procmaps_li<wbr>nux.cc
Mon May 15 18:37:54
2017<br>
@@ -18,8 +18,8 @@<br>
namespace
__sanitizer {<br>
<br>
void
ReadProcMaps(ProcSelfMapsBuff
*proc_maps) {<br>
-
CHECK(ReadFileToBuffer("/proc/<wbr>self/maps",
&proc_maps->data,<br>
-
&proc_maps->mmaped_size,
&proc_maps->len));<br>
+
ReadFileToBuffer("/proc/self/m<wbr>aps",
&proc_maps->data, &proc_maps->mmaped_size,<br>
+
&proc_maps->len);<br>
}<br>
<br>
static bool
IsOneOf(char c, char
c1, char c2) {<br>
<br>
Added:
compiler-rt/trunk/test/asan/Te<wbr>stCases/Linux/sanbox_read_proc<wbr>_self_maps_test.cc<br>
URL: <a
moz-do-not-send="true"
href="http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/asan/TestCases/Linux/sanbox_read_proc_self_maps_test.cc?rev=303132&view=auto"
rel="noreferrer"
target="_blank">http://llvm.org/viewvc/llvm-pr<wbr>oject/compiler-rt/trunk/test/a<wbr>san/TestCases/Linux/sanbox_rea<wbr>d_proc_self_maps_test.cc?rev=3<wbr>03132&view=auto</a><br>
==============================<wbr>==============================<wbr>==================<br>
---
compiler-rt/trunk/test/asan/Te<wbr>stCases/Linux/sanbox_read_proc<wbr>_self_maps_test.cc
(added)<br>
+++
compiler-rt/trunk/test/asan/Te<wbr>stCases/Linux/sanbox_read_proc<wbr>_self_maps_test.cc
Mon May 15 18:37:54
2017<br>
@@ -0,0 +1,30 @@<br>
+// REQUIRES:
x86_64-target-arch<br>
+// RUN:
%clangxx_asan %s -o
%t<br>
+// RUN: not %run %t
2>&1 |
FileCheck %s<br>
+#include
<sanitizer/common_interface_de<wbr>fs.h><br>
+#include
<sched.h><br>
+#include
<unistd.h><br>
+#include
<stdio.h><br>
+#include
<stdlib.h><br>
+<br>
+int main() {<br>
+
__sanitizer_sandbox_arguments
args = {0};<br>
+ // should cache
/proc/self/maps<br>
+
__sanitizer_sandbox_on_notify(<wbr>&args);<br>
+<br>
+ if
(unshare(CLONE_NEWUSER))
{<br>
+ printf("unshare
failed\n");<br>
+ abort();<br>
+ }<br>
+<br>
+ // remove access
to /proc/self/maps<br>
+ if
(chroot("/tmp")) {<br>
+ printf("chroot
failed\n");<br>
+ abort();<br>
+ }<br>
+<br>
+ *(volatile
int*)0x42 = 0;<br>
+// CHECK:
AddressSanitizer:
SEGV on unknown
address
0x000000000042<br>
+// CHECK-NOT:
AddressSanitizer
CHECK failed<br>
+// CHECK: SUMMARY:
AddressSanitizer:
SEGV<br>
+}<br>
<br>
<br>
______________________________<wbr>_________________<br>
llvm-commits mailing
list<br>
<a
moz-do-not-send="true"
href="mailto:llvm-commits@lists.llvm.org" target="_blank">llvm-commits@lists.llvm.org</a><br>
<a
moz-do-not-send="true"
href="http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits"
rel="noreferrer"
target="_blank">http://lists.llvm.org/cgi-bin/<wbr>mailman/listinfo/llvm-commits</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
</div>
</div>
<span
class="m_-115630368443096162m_-2046169415671839564m_-1342910953500254821HOEnZb"><font
color="#888888">-- <br>
<div
class="m_-115630368443096162m_-2046169415671839564m_-1342910953500254821m_-7754538835017016473gmail_signature"
data-smartmail="gmail_signature">
<div dir="ltr">--
<div>Peter</div>
</div>
</div>
</font></span></div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
</div>
</div>
<span class="m_-115630368443096162HOEnZb"><font
color="#888888">-- <br>
<div
class="m_-115630368443096162m_-2046169415671839564gmail_signature"
data-smartmail="gmail_signature">
<div dir="ltr">--
<div>Peter</div>
</div>
</div>
</font></span></div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div class="gmail_signature" data-smartmail="gmail_signature">
<div dir="ltr">--
<div>Peter</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
llvm-commits mailing list
<a class="moz-txt-link-abbreviated" href="mailto:llvm-commits@lists.llvm.org">llvm-commits@lists.llvm.org</a>
<a class="moz-txt-link-freetext" href="http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits">http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Hal Finkel
Lead, Compiler Technology and Programming Languages
Leadership Computing Facility
Argonne National Laboratory</pre>
</body>
</html>