New issue
Advanced search Search tips

Issue 792777 link

Starred by 1 user
Status: WontFix
Owner:
vtsyrklevich@chromium.org
Closed: Jan 2018
Cc:
kcc@chromium.org
p...@chromium.org
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug



Sign in to add a comment

ProtectedMemory does not work when linking with gold

Project Member Reported by vtsyrklevich@chromium.org, Dec 7 2017 
On a ChromeOS build linked with gold I was seeing the following type of test failures:
[ RUN      ] GPUTimingTest.QueryTimeStampUsingElapsedTest
Received signal 11 SEGV_ACCERR 000000d1208c
#0 0x00000078fbac base::debug::StackTrace::StackTrace()
#1 0x00000078f721 base::debug::(anonymous namespace)::StackDumpSignalHandler()
#2 0x7f18a2f3b330 <unknown>
#3 0x000000d1208c tc_malloc
#4 0x0000007ddfee operator new()
#5 0x0000005b98a0 ui::(anonymous namespace)::OzonePlatformX11::InitializeGPU()
#6 0x000000554d4b ui::OzonePlatform::InitializeForGPU()
#7 0x000000789b6d gl::GLSurfaceTestSupport::InitializeOneOffWithMockBindings()
#8 0x00000042851b gl::GPUTimingTest::SetupGLContext()
#9 0x000000429156 gl::GPUTimingTest_QueryTimeStampUsingElapsedTest_Test::TestBody()
#10 0x000000536ca6 testing::Test::Run()
#11 0x000000537440 testing::TestInfo::Run()
#12 0x000000537927 testing::TestCase::Run()
#13 0x00000053de07 testing::internal::UnitTestImpl::RunAllTests()
#14 0x00000053da57 testing::UnitTest::Run()
#15 0x000000bc2f42 base::TestSuite::Run()
#16 0x000000bc4887 base::(anonymous namespace)::LaunchUnitTestsInternal()
#17 0x000000bc470b base::LaunchUnitTests()
#18 0x0000004308d1 main
#19 0x7f18a04e1f45 __libc_start_main
#20 0x00000041661a _start
  r8: 0000000000000000  r9: 00000000e8ba2e8b r10: 0000000000000003 r11: 0000000000000206
 r12: 0000000000000020 r13: 0000157d3a188e00 r14: 0000000000000000 r15: 0000000000d16be7
  di: 0000000000000020  si: 0000000000000002  bp: 00007ffe8e88f320  bx: 0000157d3a211d40
  dx: 0000000000000004  ax: 0000157d3a211d40  cx: 0000000000000024  sp: 00007ffe8e88f2f0
  ip: 0000000000d1208c efl: 0000000000010246 cgf: 0000000000000033 erf: 0000000000000015
 trp: 000000000000000e msk: 0000000000000000 cr2: 0000000000d1208c
[end of stack trace]
Calling _exit(1). Core file will not be generated.

These occur because when linking with gold the protected_memory section is placed in the read-execute segment (instead of in a separate read-only segment) and the section's pages happen to overlap with code pages that are re-mapped non-executable once protected memory is used. Providing the --rosection flag with gold (or using lld) would fix this issue.
Project Member

Comment 1 by bugdroid1@chromium.org, Dec 14 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/e8d5151f70c4812d85884a0153d73f83ad04cd5d

commit e8d5151f70c4812d85884a0153d73f83ad04cd5d
Author: Vlad Tsyrklevich <vtsyrklevich@chromium.org>
Date: Thu Dec 14 19:45:35 2017

[CFI] Require LLD for ProtectedMemory on Linux

gold, used to link on Android and CrOs, does not create a read-only
segment. It places read-only sections, like the one for ProtectedMemory,
in the read-execute segment and could cause executable pages to be
marked read-only. Workaround this by requiring the use of lld on Linux
builds while those platforms are ported to lld.

BUG= chromium:792777 

Change-Id: I5e9fd5cebb96852f1f2891109e1ecca6cd23790e
Reviewed-on: https://chromium-review.googlesource.com/823274
Reviewed-by: Dirk Pranke <dpranke@chromium.org>
Reviewed-by: Peter Collingbourne <pcc@chromium.org>
Reviewed-by: Brett Wilson <brettw@chromium.org>
Commit-Queue: Peter Collingbourne <pcc@chromium.org>
Cr-Commit-Position: refs/heads/master@{#524148}
[modify] https://crrev.com/e8d5151f70c4812d85884a0153d73f83ad04cd5d/base/BUILD.gn
[modify] https://crrev.com/e8d5151f70c4812d85884a0153d73f83ad04cd5d/base/memory/protected_memory.h
[modify] https://crrev.com/e8d5151f70c4812d85884a0153d73f83ad04cd5d/tools/gn/bootstrap/bootstrap.py

Comment 2 by vtsyrklevich@chromium.org, Jan 9 2018

Status: WontFix (was: Started)
ProtectedMemory disabled for gold (and hence Android/ChromeOS) for the short-term

Sign in to add a comment