You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2021/04/14 12:00:11 UTC

[jira] [Commented] (DISPATCH-2039) Memory pool should be manually poisoned so that ASAN works with it

    [ https://issues.apache.org/jira/browse/DISPATCH-2039?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17320948#comment-17320948 ] 

ASF GitHub Bot commented on DISPATCH-2039:
------------------------------------------

jiridanek opened a new pull request #1118:
URL: https://github.com/apache/qpid-dispatch/pull/1118


   TODO:
   * does this actually do the right thing?
   * is it necessary to instrument `unordered_move_stack` function?
   
   When there is a read or write to the poisoned area, the error message looks like
   
   ```
   ==15792==ERROR: AddressSanitizer: use-after-poison on address 0x611000034dd8 at pc 0x7fdaa75fc713 bp 0x7fff2d0c8d80 sp 0x7fff2d0c8d78
   14: WRITE of size 8 at 0x611000034dd8 thread T0
   14:     #0 0x7fdaa75fc712 in qd_hash_internal_remove_item /home/jdanek/repos/qpid/qpid-dispatch/cmake-build-debug-asan/../src/hash.c:131:30
   14:     #1 0x7fdaa75fb51d in qd_hash_free /home/jdanek/repos/qpid/qpid-dispatch/cmake-build-debug-asan/../src/hash.c:146:13
   [...]
   ```


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> Memory pool should be manually poisoned so that ASAN works with it
> ------------------------------------------------------------------
>
>                 Key: DISPATCH-2039
>                 URL: https://issues.apache.org/jira/browse/DISPATCH-2039
>             Project: Qpid Dispatch
>          Issue Type: Wish
>    Affects Versions: 1.15.0
>            Reporter: Jiri Daněk
>            Priority: Minor
>
> From https://github.com/google/sanitizers/wiki/AddressSanitizerManualPoisoning
> bq. A user may poison/unpoison a region of memory manually. Use this feature with caution. In many cases good old malloc+free is a better way to find heap bugs than using custom allocators with manual poisoning.
> As far as I can tell, it is nowadays not possible to turn off the pool allocation and use malloc/free, because the pool mechanism also implements the weak pointers and ref counters. That means giving hints to ASAN is the only way to discover memory bugs of the type (if what Chuck speculated is true) of DISPATCH-2032.
> bq. If you have a custom allocation arena, the typical workflow would be to poison the entire arena first, and then unpoison allocated chunks of memory leaving poisoned redzones between them. The allocated chunks should start with 8-aligned addresses.
> Alternatively, the current memory debugging machinery for the pool could take care of it on its own... but using ASAN seems sensible to me.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org