2

I'm looking to use Clang's leak/address sanitizer on my shared library, which is loaded from JVM or dotnet (Linux) at runtime, so I can't recompile the binary.

Using LD_PRELOAD makes for a very noisy output, a lot (presumably false positive?) leaks get reported from the JVM itself. The sanitizer outright crashes when LD_PRELOADing for dotnet.

Is there any way to statically link the sanitizer into the shared library (or dynamically without LD_PRELOAD)?

Błażej Czapp
  • 2,478
  • 2
  • 24
  • 18

1 Answers1

3

First thing first, you can not statically link sanitizer runtime libs into your library. It has to be preloaded to intercept std allocator (malloc, etc.) and would malfunction otherwise (there's a special check at Asan startup that ensures that libasan was preloaded).

Noisy output in JVM may well be legitimate errors. Using LD_PRELOAD makes for a very noisy output, a lot (presumably false positive?) leaks get reported from the JVM itself.

The sanitizer outright crashes when LD_PRELOADing for dotnet.

Is it a real crash or diagnosed memory error? Crash can be reported in Asan tracker. Memory error should be reported to dotnet project but you can still continue execution after it using continue-after-error mode (grep for "continue-after-error" in Asan FAQ).

yugr
  • 19,769
  • 3
  • 51
  • 96
  • Thank you. I was hoping asan could only intercept calls to malloc() from my library (e.g. by linking with -Bsymbolic-functions) but not the main binary (I imagine it all ends up being forwarded to system malloc at some point?). I've raised a ticket for the crash. – Błażej Czapp Oct 25 '19 at 10:36
  • 1
    @BłażejCzapp This will not work reliably in general case (because memory may be allocated in your library but deallocated elsewhere) so Asan works by intercepting allocator API globally. This is a design decision so not possible to alter easily. – yugr Oct 25 '19 at 21:57
  • Do you have some example of that? I though memory is never supposed to be deallocated 'elsewhere', precisely because different libraries may be using different allocation strategies? At least that seems to be common approach in C libraries, where you pass pointers back to the same library for deallocation. – Błażej Czapp Oct 26 '19 at 19:11
  • @BłażejCzapp At least on Linux allocator (and it's heap) is coming from `libc.so.6` and is shared across all shared libraries in your application. Whoever deallocates the memory is an API detail (normally libraries prefer to deallocate themselves but this is not mandatory). – yugr Oct 26 '19 at 22:55
  • hi dear @yugr, I'm facing a similar issue as Blazej. There're so many leak errors coming out of libjvm.so, even though I'm using a very simple example project like https://github.com/dkelosky/java-jni. How can distinguish these "legitimate errors" from "actual errors in my C++ library" ? I'm trying to integrate ASAN into my CICD – hongbin Sep 28 '22 at 15:27