Skip to content

MSAN makes trivial program crash on Linux when vm.mmap_rnd_bits is too high #78354

New issue
New issue
Open
Open
MSAN makes trivial program crash on Linux when vm.mmap_rnd_bits is too high#78354
Labels
compiler-rt:msanMemory sanitizerplatform:linux
@tavianator

Description

@tavianator
tavianator
opened on Jan 16, 2024

Since updating to Linux 6.7, MemorySanitizer causes intermittent crashes:

tavianator@graphene $ cat foo.c
int main(void) {
        return 0;
}
tavianator@graphene $ clang -fsanitize=memory foo.c -o foo
tavianator@graphene $ while ./foo; do :; done
FATAL: Code 0x62d91a396c90 is out of application range. Non-PIE build?
FATAL: MemorySanitizer can not mmap the shadow memory.
FATAL: Make sure to compile with -fPIE and to link with -pie.
FATAL: Disabling ASLR is known to cause this error.
FATAL: If running under GDB, try 'set disable-randomization off'.
==423693==Process memory map follows:
        0x62d91a345000-0x62d91a363000   /home/tavianator/code/bfs/foo
        0x62d91a363000-0x62d91a3f7000   /home/tavianator/code/bfs/foo
        0x62d91a3f7000-0x62d91a424000   /home/tavianator/code/bfs/foo
        0x62d91a424000-0x62d91a425000   /home/tavianator/code/bfs/foo
        0x62d91a425000-0x62d91a428000   /home/tavianator/code/bfs/foo
        0x62d91a428000-0x62d91bd7c000
        0x74d4d3e00000-0x74d4d3f00000
        0x74d4d4200000-0x74d4d4300000
        0x74d4d4600000-0x74d4d4700000
        0x74d4d4a00000-0x74d4d4b00000
        0x74d4d4e00000-0x74d4d518e000
        0x74d4d51af000-0x74d4d51b5000
        0x74d4d51b5000-0x74d4d51db000   /usr/lib/libc.so.6
        0x74d4d51db000-0x74d4d5335000   /usr/lib/libc.so.6
        0x74d4d5335000-0x74d4d5389000   /usr/lib/libc.so.6
        0x74d4d5389000-0x74d4d538d000   /usr/lib/libc.so.6
        0x74d4d538d000-0x74d4d538f000   /usr/lib/libc.so.6
        0x74d4d538f000-0x74d4d5397000
        0x74d4d5397000-0x74d4d539b000   /usr/lib/libgcc_s.so.1
        0x74d4d539b000-0x74d4d53b6000   /usr/lib/libgcc_s.so.1
        0x74d4d53b6000-0x74d4d53ba000   /usr/lib/libgcc_s.so.1
        0x74d4d53ba000-0x74d4d53bb000   /usr/lib/libgcc_s.so.1
        0x74d4d53bb000-0x74d4d53bc000   /usr/lib/libgcc_s.so.1
        0x74d4d53bc000-0x74d4d53bf000   /usr/lib/libresolv.so.2
        0x74d4d53bf000-0x74d4d53c7000   /usr/lib/libresolv.so.2
        0x74d4d53c7000-0x74d4d53c9000   /usr/lib/libresolv.so.2
        0x74d4d53c9000-0x74d4d53ca000   /usr/lib/libresolv.so.2
        0x74d4d53ca000-0x74d4d53cb000   /usr/lib/libresolv.so.2
        0x74d4d53cb000-0x74d4d53cd000
        0x74d4d53cd000-0x74d4d53dd000   /usr/lib/libm.so.6
        0x74d4d53dd000-0x74d4d545c000   /usr/lib/libm.so.6
        0x74d4d545c000-0x74d4d54b8000   /usr/lib/libm.so.6
        0x74d4d54b8000-0x74d4d54b9000   /usr/lib/libm.so.6
        0x74d4d54b9000-0x74d4d54ba000   /usr/lib/libm.so.6
        0x74d4d54ba000-0x74d4d54bc000
        0x74d4d54cd000-0x74d4d54e6000
        0x74d4d54e6000-0x74d4d54e7000   /usr/lib/ld-linux-x86-64.so.2
        0x74d4d54e7000-0x74d4d550d000   /usr/lib/ld-linux-x86-64.so.2
        0x74d4d550d000-0x74d4d5517000   /usr/lib/ld-linux-x86-64.so.2
        0x74d4d5517000-0x74d4d5519000   /usr/lib/ld-linux-x86-64.so.2
        0x74d4d5519000-0x74d4d551b000   /usr/lib/ld-linux-x86-64.so.2
        0x7ffe563cc000-0x7ffe563ee000   [stack]
        0x7ffe563f3000-0x7ffe563f7000   [vvar]
        0x7ffe563f7000-0x7ffe563f9000   [vdso]
        0xffffffffff600000-0xffffffffff601000   [vsyscall]
==423693==End of process memory map.
tavianator@graphene $ clang --version
clang version 16.0.6
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
tavianator@graphene $ uname -a
Linux graphene 6.7.0-arch3-1 #1 SMP PREEMPT_DYNAMIC Sat, 13 Jan 2024 14:37:14 +0000 x86_64 GNU/Linux

Metadata

Metadata

Assignees

No one assigned

    Labels

    compiler-rt:msanMemory sanitizerplatform:linux

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions