[llvm-bugs] [Bug 30903] New: [ASan/Win] Ignore allocations that occur before the dynamic runtime is initialized

via llvm-bugs llvm-bugs at lists.llvm.org
Thu Nov 3 12:46:23 PDT 2016 

https://llvm.org/bugs/show_bug.cgi?id=30903

            Bug ID: 30903
           Summary: [ASan/Win] Ignore allocations that occur before the
                    dynamic runtime is initialized
           Product: compiler-rt
           Version: unspecified
          Hardware: PC
                OS: Windows NT
            Status: NEW
          Severity: normal
          Priority: P
         Component: compiler-rt
          Assignee: unassignedbugs at nondot.org
          Reporter: dmajor at mozilla.com
                CC: llvm-bugs at lists.llvm.org
    Classification: Unclassified

$ echo "int main() { return 0; }" > test.cpp
$ clang-cl -MD -fsanitize=address test.cpp
$ test.exe
=================================================================
==9112==ERROR: AddressSanitizer: attempting free on address which was not
malloc()-ed: 0x00bdaef0 in thread T0
    #0 0x650f6cca in free
d:\src\llvm\projects\compiler-rt\lib\asan\asan_malloc_win.cc:77
    #1 0x74670ba1 in destroy_fls (C:\Windows\System32\ucrtbase.dll+0x10030ba1)
    #2 0x772a9ec2 in RtlProcessFlsData
(C:\Windows\SYSTEM32\ntdll.dll+0x4b2a9ec2)
    #3 0x772aa142 in LdrShutdownProcess
(C:\Windows\SYSTEM32\ntdll.dll+0x4b2aa142)
    #4 0x772a9d85 in RtlExitUserProcess
(C:\Windows\SYSTEM32\ntdll.dll+0x4b2a9d85)
    #5 0x7702adc2 in ExitProcessImplementation
(C:\Windows\System32\KERNEL32.DLL+0x6b82adc2)
    #6 0x746796a4 in exit_or_terminate_process
(C:\Windows\System32\ucrtbase.dll+0x100396a4)
    #7 0x74679664 in common_exit (C:\Windows\System32\ucrtbase.dll+0x10039664)
    #8 0x74679600 in exit (C:\Windows\System32\ucrtbase.dll+0x10039600)
    #9 0xb01267 in _scrt_common_main_seh
f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl:260
    #10 0x770162c3 in BaseThreadInitThunk
(C:\Windows\System32\KERNEL32.DLL+0x6b8162c3)
    #11 0x772e0718 in __RtlUserThreadStart
(C:\Windows\SYSTEM32\ntdll.dll+0x4b2e0718)
    #12 0x772e06e3 in _RtlUserThreadStart
(C:\Windows\SYSTEM32\ntdll.dll+0x4b2e06e3)

Address 0x00bdaef0 is a wild pointer.
SUMMARY: AddressSanitizer: bad-free
d:\src\llvm\projects\compiler-rt\lib\asan\asan_malloc_win.cc:77 in free
==9112==ABORTING

That memory was allocated here, before the ASan runtime had an opportunity to
set up interceptions:

ntdll!RtlAllocateHeap+0x32
ucrtbase!_calloc_base+0x37
ucrtbase!__acrt_initialize_ptd+0x5a
ucrtbase!__acrt_execute_initializers+0x5c
ucrtbase!DllMainProcessAttach+0x18
ucrtbase!DllMainDispatch+0x28b
ucrtbase!__acrt_DllMain+0x14
ntdll!LdrxCallInitRoutine+0x16
ntdll!LdrpCallInitRoutine+0x43
ntdll!LdrpInitializeNode+0x10e
ntdll!LdrpInitializeGraphRecurse+0x5d
ntdll!LdrpInitializeGraphRecurse+0x74
ntdll!LdrpInitializeGraphRecurse+0x74
ntdll!LdrpInitializeGraphRecurse+0x74
ntdll!LdrpInitializeProcess+0xc22
ntdll!_LdrpInitialize+0x178
ntdll!LdrInitializeThunk+0x10

I suspect that the only way to deal with these is to have free() ignore
anything that belongs to the system heap.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20161103/403ebbce/attachment.html>

More information about the llvm-bugs mailing list