ba8b3751fa
...than ae36ee4f3a
"Work around use-after-poison"
for
> ==1922539==ERROR: AddressSanitizer: use-after-poison on address
> 0x61d00190fab0 at pc 0x00000026aaa9 bp 0x7f422ee84b80 sp
> 0x7f422ee84348 WRITE of size 192 at 0x61d00190fab0 thread T44 #0 in
> memset at
> ~/github.com/llvm/llvm-project/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:800:3
> (instdir/program/soffice.bin +0x26aaa8) #1 at <null>
> (/lib64/libnsspem.so +0x15f3d) #2 at <null> (/lib64/libnsspem.so
> +0x16185) #3 at <null> (/lib64/libnsspem.so +0x8a9b) #4 at <null>
> (/lib64/libnsspem.so +0xe13b) #5 in secmod_ModuleInit at
> workdir/UnpackedTarball/nss/nss/lib/pk11wrap/pk11load.c:244:11
> (instdir/program/libnss3.so +0x4ad372) #6 in secmod_LoadPKCS11Module
> at workdir/UnpackedTarball/nss/nss/lib/pk11wrap/pk11load.c:544:10
> (instdir/program/libnss3.so +0x4b1fca) #7 in SECMOD_LoadModule at
> workdir/UnpackedTarball/nss/nss/lib/pk11wrap/pk11pars.c:1946:10
> (instdir/program/libnss3.so +0x50de92) #8 in SECMOD_LoadUserModule
> at workdir/UnpackedTarball/nss/nss/lib/pk11wrap/pk11pars.c:2042:28
> (instdir/program/libnss3.so +0x50e9a9) #9 in nss_load_module at
> workdir/UnpackedTarball/curl/lib/vtls/nss.c:1310:12
> (instdir/program/libcurl.so.4 +0x4fdd25) #10 in nss_setup_connect at
> workdir/UnpackedTarball/curl/lib/vtls/nss.c:1894:12
> (instdir/program/libcurl.so.4 +0x4eeffb) #11 in nss_connect_common
> at workdir/UnpackedTarball/curl/lib/vtls/nss.c:2235:14
> (instdir/program/libcurl.so.4 +0x4ee237) #12 in
> nss_connect_nonblocking at
> workdir/UnpackedTarball/curl/lib/vtls/nss.c:2291:10
> (instdir/program/libcurl.so.4 +0x4ebe4a) #13 in
> Curl_ssl_connect_nonblocking at
> workdir/UnpackedTarball/curl/lib/vtls/vtls.c:361:12
> (instdir/program/libcurl.so.4 +0x514039) #14 in https_connecting at
> workdir/UnpackedTarball/curl/lib/http.c:1591:12
> (instdir/program/libcurl.so.4 +0x2f29ce) #15 in Curl_http_connect at
> workdir/UnpackedTarball/curl/lib/http.c:1517:14
> (instdir/program/libcurl.so.4 +0x2f23d5) #16 in protocol_connect at
> workdir/UnpackedTarball/curl/lib/multi.c:1696:16
> (instdir/program/libcurl.so.4 +0x3b8620) #17 in multi_runsingle at
> workdir/UnpackedTarball/curl/lib/multi.c:1997:16
> (instdir/program/libcurl.so.4 +0x3a2232) #18 in curl_multi_perform
> at workdir/UnpackedTarball/curl/lib/multi.c:2568:14
> (instdir/program/libcurl.so.4 +0x39dc5c) #19 in
> http_dav_ucp::CurlProcessor::ProcessRequestImpl(http_dav_ucp::CurlSession&,
> http_dav_ucp::CurlUri const&, curl_slist*,
> com::sun:⭐:uno::Reference<com::sun:⭐:io::XOutputStream>
> const*, com::sun:⭐:uno::Sequence<signed char> const*,
> std::pair<std::__debug::vector<rtl::OUString,
> std::allocator<rtl::OUString> > const&, http_dav_ucp::DAVResource&>
> const*, (anonymous namespace)::ResponseHeaders&) at
> ucb/source/ucp/webdav-curl/CurlSession.cxx:880:14
> (instdir/program/../program/libucpdav1.so +0x5aad30) 0x61d00190fab0
> is located 48 bytes inside of 2048-byte region
> [0x61d00190fa80,0x61d001910280) allocated by thread T44 here: #0 in
> malloc at
> ~/github.com/llvm/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:69:3
> (instdir/program/soffice.bin +0x2d3c7e) #1 in PR_Malloc at
> workdir/UnpackedTarball/nss/nspr/out/pr/src/malloc/../../../../pr/src/malloc/prmem.c:448:55
> (instdir/program/libnspr4.so +0x123629) #2 in PL_ArenaAllocate at
> workdir/UnpackedTarball/nss/nspr/out/lib/ds/../../../lib/ds/plarena.c:134:27
> (instdir/program/libplds4.so +0x9a32) #3 at <null>
> (/lib64/libnsspem.so +0x15f77)
during UITest_sw_options:
That --with-system-nss workaround for <https://ci.libreoffice.org/job/lo_ubsan/>
had caused CppunitTest_desktop_lib to start to fail there, presumably "caused by
--with-system-nss on the CentOS7 baseline", see the mail thread starting at
<https://lists.freedesktop.org/archives/libreoffice/2021-December/088136.html>
"Re: [global-libreoffice-ci] UBSAN Linux Build - Build # 2217 - Still Failing!"
And while I had initially not been able to reproduce the use-after-poison during
UITest_sw_options with my local ASan+UBSan build (on Fedora 35), I now found out
that that was just because my machine happened to not have an nsspem library
installed in the system (the nss-pem RPM on Fedora). With that system library
installed, my local build failed UITest_sw_options in the same way as the
Jenkins tinderbox.
Which lead me to the idea of avoiding the whole mess by avoiding that CUrl loads
the (apparently optional) nsspem library in ASan builds altogether. (Another
approach might have been to disable the __asan_poison_memory_region
functionality in workdir/UnpackedTarball/nss/nspr/lib/ds/plarena.h, but the
chosen approach nicely makes us less dependent on accidental differences in
build-time execution environments, at least for ASan builds.)
Change-Id: I8fd2ff255771622f26ad666ca78a6d9ded0af2d7
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/126451
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
11 lines
333 B
Text
11 lines
333 B
Text
--- lib/vtls/nss.c
|
|
+++ lib/vtls/nss.c
|
|
@@ -1891,7 +1891,7 @@
|
|
|
|
PK11_SetPasswordFunc(nss_get_password);
|
|
|
|
- result = nss_load_module(&pem_module, pem_library, "PEM");
|
|
+ result = CURLE_FAILED_INIT;
|
|
PR_Unlock(nss_initlock);
|
|
if(result == CURLE_FAILED_INIT)
|
|
infof(data, "WARNING: failed to load NSS PEM library %s. Using "
|