Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 6 Jan 2020 17:24:35 +0100
From: d.dorau@....de
To: "Rich Felker" <dalias@...c.org>
Cc: musl@...ts.openwall.com
Subject: Re[2]: Issue with musl and valgrind

"Rich Felker" <dalias@...ifal.cx> schrieb am 06.01.2020 14:56:23:
[...]
> 
> This is really a bug in valgrind, that it's relying on a mix of the
> dynamic linker and its own mechanism for interposing malloc. Either
> the interposition should not take place until after line 1913 of
> __dls3 in dynlink.c (this is what would happen if you did it via
> LD_PRELOAD without valgrind), or valgrind should do its own loading
> and relocation of vgpreload_memcheck-*.so independent of the tracee's
> dynamic linker.
> 
> On most archs, the problem does not manifest as things are setup so
> that it's safe to call free in an unrelocated context. However
> realloc is gratuitously not safe and Adélie Linux has a patch for it
> to do it like free:
> 
> 
https://code.foxkit.us/adelie/packages/blob/master/user/valgrind/realloc.patch

> 
> But on MIPS, where there are no PC-relative references and everything
> goes through the GOT, this blows up.
> 
> I'm not sure how practical it is to get valgrind to fix this upstream.
> In the either/or above, if the first course of action is taken, the
> mechanism should probably be by inserting a breakpoint (or valgrind's
> equivalent) at the main program's e_entry address and not doing the
> replacement hack until then. Alternatively, it could just rely on
> LD_PRELOAD working without trying to do additional tricks, but maybe
> they have a good reason they're not doing that.
> 
> Rich

I was not aware of this when debugging the crash, but after looking at 
additional
debug statements and valgrind code my current understanding is that 
valgrind
actually inserts

LD_PRELOAD="
/usr/lib/valgrind/vgpreload_core-mips32-linux.so:/usr/lib/valgrind/vgpreload_memcheck-mips32-linux.so"

into the environment before loading the executable to test.
(coregrind/m_initimg/initimg-linux.c:123)

425:11:32:696 --4757:1:    main Split up command line
425:11:32:696 --4757:1:    main (early_) Process Valgrind's command line 
options
425:11:32:696 --4757:1:    main Create initial image
425:11:32:712 --4757:1: initimg Loading client
425:11:32:712 --4757:1: initimg Setup client env
425:11:32:712 --4757:2: initimg   preload_string:
425:11:32:728 --4757:2: initimg 
"/usr/lib/valgrind/vgpreload_core-mips32-linux.so:/usr/lib/valgrind/vgpreload_memcheck-mips32-linux.so"
425:11:32:728 --4757:1: initimg Setup client stack: size will be 1048576


Is my understanding correct that you would expect it to not run into
the crash I described earlier then?


Daniel

Content of type "text/html" skipped

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.