| Message ID | 20241112063703.116386-2-frolov@swemel.ru (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | tests/qtest: fix non portable env varibles access | expand |
On Tue, 12 Nov 2024 at 12:08, Dmitry Frolov <frolov@swemel.ru> wrote: > "int main(int argc, char **argv, char** envp)" is non-standart standart -> standard > Microsoft`s extention of the C language and it`s not portable. * But it looks widely supported. > In my particular case (Debian 13, clang-16) this raises wild-pointer > dereference with ASAN message "heap-use-after-free". > > v2: changed confusing commit header * We need to include a pointer to the earlier version/discussion: v1: -> https://lore.kernel.org/qemu-devel/23ef463e-744d-472c-bd25-30f68a97a8cf@swemel.ru/T/#t Thank you. --- - Prasad
Hi, Prasad! It looks like this is a clang optimization issue. I`ve made a simple experiment: When environ is mentioned somewhere in the source code - everything is fine - test passed. The value of envp is equal to environ and is always 0x514000000040 (reproducible). When environ is absent (not mentioned in the source code) The value of envp is also 0x514000000040 (reproducible), but the behavior may be each time different. Mostly test fails with error, with or without ASAN report. Thus, it seems, that when environ variable is not used - it`s being optimized, the corresponding memory is being freed, but envp pointer still points to the freed memory. Thanks a lot! With best regards, Dmitry. On 12.11.2024 10:11, Prasad Pandit wrote: > On Tue, 12 Nov 2024 at 12:08, Dmitry Frolov <frolov@swemel.ru> wrote: >> "int main(int argc, char **argv, char** envp)" is non-standart > standart -> standard > >> Microsoft`s extention of the C language and it`s not portable. > * But it looks widely supported. > >> In my particular case (Debian 13, clang-16) this raises wild-pointer >> dereference with ASAN message "heap-use-after-free". >> >> v2: changed confusing commit header > * We need to include a pointer to the earlier version/discussion: > v1: -> https://lore.kernel.org/qemu-devel/23ef463e-744d-472c-bd25-30f68a97a8cf@swemel.ru/T/#t > > Thank you. > --- > - Prasad >
Hi, On Tue, 12 Nov 2024 at 14:45, Дмитрий Фролов <frolov@swemel.ru> wrote: > It looks like this is a clang optimization issue. > > When environ is absent (not mentioned in the source code) > The value of envp is also 0x514000000040 (reproducible), > but the behavior may be each time different. > Mostly test fails with error, with or without ASAN report. > > Thus, it seems, that when environ variable is not used - > it`s being optimized, the corresponding memory is being > freed, but envp pointer still points to the freed memory. * Oh, that's interesting. Could we maybe 'watch -l envp' in gdb(1) to see where it gets free'd? OR if there's another way to figure it out. (just checking) Thank you. --- - Prasad
diff --git a/tests/qtest/qos-test.c b/tests/qtest/qos-test.c index 114f6bef27..e8ac00f0f7 100644 --- a/tests/qtest/qos-test.c +++ b/tests/qtest/qos-test.c @@ -326,7 +326,7 @@ static void walk_path(QOSGraphNode *orig_path, int len) * machine/drivers/test objects * - Cleans up everything */ -int main(int argc, char **argv, char** envp) +int main(int argc, char **argv) { g_test_init(&argc, &argv, NULL); @@ -336,7 +336,7 @@ int main(int argc, char **argv, char** envp) if (g_test_verbose()) { qos_printf("ENVIRONMENT VARIABLES: {\n"); - for (char **env = envp; *env != 0; env++) { + for (char **env = environ; *env != 0; env++) { qos_printf("\t%s\n", *env); } qos_printf("}\n");
"int main(int argc, char **argv, char** envp)" is non-standart Microsoft`s extention of the C language and it`s not portable. In my particular case (Debian 13, clang-16) this raises wild-pointer dereference with ASAN message "heap-use-after-free". v2: changed confusing commit header Signed-off-by: Dmitry Frolov <frolov@swemel.ru> --- tests/qtest/qos-test.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)