New issue
Advanced search Search tips

Issue 808243 link

Starred by 1 user
Status: Verified
Owner:
manojgupta@chromium.org
Closed: Feb 2018
Cc:
xiy...@chromium.org
pmalani@chromium.org
newcomer@chromium.org
ejcaruso@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 2
Type: Bug
Build-Toolchain



Sign in to add a comment

cryptohome failing in asan

Project Member Reported by newcomer@chromium.org, Feb 2 2018 
Link to Log: https://luci-logdog.appspot.com/v/?s=chromiumos%2Fbb%2Fchromiumos.chromium%2Famd64-generic-tot-asan-informational%2F16453%2F%2B%2Frecipes%2Fsteps%2FUnitTest%2F0%2Fstdout

cryptohome-0.0.1-r2431:  * ASAN error detected:
cryptohome-0.0.1-r2431:  * =================================================================
cryptohome-0.0.1-r2431:  * ==17==ERROR: AddressSanitizer: container-overflow on address 0x618000000ba0 at pc 0x7f890dc04a72 bp 0x7ffe2ff4dca0 sp 0x7ffe2ff4dc98
cryptohome-0.0.1-r2431:  * WRITE of size 1 at 0x618000000ba0 thread T0
cryptohome-0.0.1-r2431:  *     #0 0x7f890dc04a71 in brillo::SecureMemset(void*, int, unsigned long) /build/amd64-generic/var/cache/portage/chromeos-base/libbrillo/out/Default/../../../../../../../tmp/portage/chromeos-base/libbrillo-0.0.1-r1253/work/libbrillo-0.0.1/platform2/libbrillo/brillo/secure_blob.cc:55:10
cryptohome-0.0.1-r2431:  *     #1 0x7f890dc04a71 in brillo::SecureBlob::clear() /build/amd64-generic/var/cache/portage/chromeos-base/libbrillo/out/Default/../../../../../../../tmp/portage/chromeos-base/libbrillo-0.0.1-r1253/work/libbrillo-0.0.1/platform2/libbrillo/brillo/secure_blob.cc:35:0
cryptohome-0.0.1-r2431:  *     #2 0x7f890dc03e85 in brillo::SecureBlob::~SecureBlob() /build/amd64-generic/var/cache/portage/chromeos-base/libbrillo/out/Default/../../../../../../../tmp/portage/chromeos-base/libbrillo-0.0.1-r1253/work/libbrillo-0.0.1/platform2/libbrillo/brillo/secure_blob.cc:17:3
cryptohome-0.0.1-r2431:  *     #3 0x7f89113deaad in cryptohome::Crypto::EncryptData(brillo::SecureBlob const&, brillo::SecureBlob const&, brillo::SecureBlob const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >*) const /build/amd64-generic/var/cache/portage/chromeos-base/cryptohome/out/Default/../../../../../../../tmp/portage/chromeos-base/cryptohome-0.0.1-r2431/work/cryptohome-0.0.1/platform2/cryptohome/crypto.cc:875:1
cryptohome-0.0.1-r2431:  *     #4 0x7f891137aac3 in cryptohome::Attestation::EncryptDatabase(cryptohome::AttestationDatabase const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >*) /build/amd64-generic/var/cache/portage/chromeos-base/cryptohome/out/Default/../../../../../../../tmp/portage/chromeos-base/cryptohome-0.0.1-r2431/work/cryptohome-0.0.1/platform2/cryptohome/attestation.cc:1240:17
cryptohome-0.0.1-r2431:  *     #5 0x7f8911377ec8 in cryptohome::Attestation::PrepareForEnrollment() /build/amd64-generic/var/cache/portage/chromeos-base/cryptohome/out/Default/../../../../../../../tmp/portage/chromeos-base/cryptohome-0.0.1-r2431/work/cryptohome-0.0.1/platform2/cryptohome/attestation.cc:549:8
cryptohome-0.0.1-r2431:  *     #6 0x7f8910232ce7 in cryptohome::AttestationTest_PrepareForEnrollment_Test::TestBody() /build/amd64-generic/var/cache/portage/chromeos-base/cryptohome/out/Default/../../../../../../../tmp/portage/chromeos-base/cryptohome-0.0.1-r2431/work/cryptohome-0.0.1/platform2/cryptohome/attestation_unittest.cc:417:16
cryptohome-0.0.1-r2431:  *     #7 0x7f890ef2b678 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2402:10
cryptohome-0.0.1-r2431:  *     #8 0x7f890ef2b678 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2438:0
cryptohome-0.0.1-r2431:  *     #9 0x7f890ef0fcf8 in testing::Test::Run() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2474:5
cryptohome-0.0.1-r2431:  *     #10 0x7f890ef10ffc in testing::TestInfo::Run() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2656:11
cryptohome-0.0.1-r2431:  *     #11 0x7f890ef11896 in testing::TestCase::Run() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2774:28
cryptohome-0.0.1-r2431:  *     #12 0x7f890ef1aaa6 in testing::internal::UnitTestImpl::RunAllTests() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:4649:43
cryptohome-0.0.1-r2431:  *     #13 0x7f890ef2c3e8 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2402:10
cryptohome-0.0.1-r2431:  *     #14 0x7f890ef2c3e8 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2438:0
cryptohome-0.0.1-r2431:  *     #15 0x7f890ef1a73e in testing::UnitTest::Run() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:4257:10
cryptohome-0.0.1-r2431:  *     #16 0x7f891127d337 in RUN_ALL_TESTS() /build/amd64-generic/var/cache/portage/chromeos-base/cryptohome/out/Default/../../../../../../../usr/include/gtest/gtest.h:2233:46
cryptohome-0.0.1-r2431:  *     #17 0x7f891127d337 in main /build/amd64-generic/var/cache/portage/chromeos-base/cryptohome/out/Default/../../../../../../../tmp/portage/chromeos-base/cryptohome-0.0.1-r2431/work/cryptohome-0.0.1/platform2/common-mk/testrunner.cc:16:0
cryptohome-0.0.1-r2431:  *     #18 0x7f890c409735 in __libc_start_main /var/tmp/portage/cross-x86_64-cros-linux-gnu/glibc-2.23-r15/work/glibc-2.23/csu/../csu/libc-start.c:289:0
cryptohome-0.0.1-r2431:  *     #19 0x7f8910160148 in _start ??:0:0
cryptohome-0.0.1-r2431:  * 
cryptohome-0.0.1-r2431:  * 0x618000000ba0 is located 800 bytes inside of 813-byte region [0x618000000880,0x618000000bad)
cryptohome-0.0.1-r2431:  * allocated by thread T0 here:
cryptohome-0.0.1-r2431:  *     #0 0x7f891022d392 in operator new(unsigned long) ??:0:0
cryptohome-0.0.1-r2431:  *     #1 0x7f89102c8e10 in std::__1::__allocate(unsigned long) /usr/bin/../include/c++/v1/new:227:10
cryptohome-0.0.1-r2431:  *     #2 0x7f89102c8e10 in std::__1::allocator<unsigned char>::allocate(unsigned long, void const*) /usr/bin/../include/c++/v1/memory:1771:0
cryptohome-0.0.1-r2431:  *     #3 0x7f89102c8e10 in std::__1::allocator_traits<std::__1::allocator<unsigned char> >::allocate(std::__1::allocator<unsigned char>&, unsigned long) /usr/bin/../include/c++/v1/memory:1526:0
cryptohome-0.0.1-r2431:  *     #4 0x7f89102c8e10 in std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >::allocate(unsigned long) /usr/bin/../include/c++/v1/vector:925:0
cryptohome-0.0.1-r2431:  *     #5 0x7f89103722c8 in std::__1::vector<unsigned char, std::__1::allocator<unsigned char> >::vector(unsigned long) /usr/bin/../include/c++/v1/vector:1068:9
cryptohome-0.0.1-r2431:  *     #6 0x7f89113ea6e5 in _ZN6brillo10SecureBlobCI2NSt3__16vectorIhNS1_9allocatorIhEEEEEm /build/amd64-generic/var/cache/portage/chromeos-base/cryptohome/out/Default/../../../../../../../usr/include/brillo/secure_blob.h:22:15
cryptohome-0.0.1-r2431:  *     #7 0x7f89113ea6e5 in cryptohome::CryptoLib::AesEncryptSpecifyBlockMode(std::__1::vector<unsigned char, std::__1::allocator<unsigned char> > const&, unsigned int, unsigned int, brillo::SecureBlob const&, brillo::SecureBlob const&, cryptohome::CryptoLib::PaddingScheme, cryptohome::CryptoLib::BlockMode, brillo::SecureBlob*) /build/amd64-generic/var/cache/portage/chromeos-base/cryptohome/out/Default/../../../../../../../tmp/portage/chromeos-base/cryptohome-0.0.1-r2431/work/cryptohome-0.0.1/platform2/cryptohome/cryptolib.cc:397:0
cryptohome-0.0.1-r2431:  *     #8 0x7f89113de741 in cryptohome::Crypto::EncryptData(brillo::SecureBlob const&, brillo::SecureBlob const&, brillo::SecureBlob const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >*) const /build/amd64-generic/var/cache/portage/chromeos-base/cryptohome/out/Default/../../../../../../../tmp/portage/chromeos-base/cryptohome-0.0.1-r2431/work/cryptohome-0.0.1/platform2/cryptohome/crypto.cc:856:8
cryptohome-0.0.1-r2431:  *     #9 0x7f891137aac3 in cryptohome::Attestation::EncryptDatabase(cryptohome::AttestationDatabase const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >*) /build/amd64-generic/var/cache/portage/chromeos-base/cryptohome/out/Default/../../../../../../../tmp/portage/chromeos-base/cryptohome-0.0.1-r2431/work/cryptohome-0.0.1/platform2/cryptohome/attestation.cc:1240:17
cryptohome-0.0.1-r2431:  *     #10 0x7f8911377ec8 in cryptohome::Attestation::PrepareForEnrollment() /build/amd64-generic/var/cache/portage/chromeos-base/cryptohome/out/Default/../../../../../../../tmp/portage/chromeos-base/cryptohome-0.0.1-r2431/work/cryptohome-0.0.1/platform2/cryptohome/attestation.cc:549:8
cryptohome-0.0.1-r2431:  *     #11 0x7f8910232ce7 in cryptohome::AttestationTest_PrepareForEnrollment_Test::TestBody() /build/amd64-generic/var/cache/portage/chromeos-base/cryptohome/out/Default/../../../../../../../tmp/portage/chromeos-base/cryptohome-0.0.1-r2431/work/cryptohome-0.0.1/platform2/cryptohome/attestation_unittest.cc:417:16
cryptohome-0.0.1-r2431:  *     #12 0x7f890ef2b678 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2402:10
cryptohome-0.0.1-r2431:  *     #13 0x7f890ef2b678 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2438:0
cryptohome-0.0.1-r2431:  *     #14 0x7f890ef0fcf8 in testing::Test::Run() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2474:5
cryptohome-0.0.1-r2431:  *     #15 0x7f890ef10ffc in testing::TestInfo::Run() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2656:11
cryptohome-0.0.1-r2431:  *     #16 0x7f890ef11896 in testing::TestCase::Run() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2774:28
cryptohome-0.0.1-r2431:  *     #17 0x7f890ef1aaa6 in testing::internal::UnitTestImpl::RunAllTests() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:4649:43
cryptohome-0.0.1-r2431:  *     #18 0x7f890ef2c3e8 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2402:10
cryptohome-0.0.1-r2431:  *     #19 0x7f890ef2c3e8 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:2438:0
cryptohome-0.0.1-r2431:  *     #20 0x7f890ef1a73e in testing::UnitTest::Run() /build/amd64-generic/tmp/portage/dev-cpp/gtest-1.8.0-r1/work/googletest-release-1.8.0/googletest-abi_x86_64.amd64/./src/gtest.cc:4257:10
cryptohome-0.0.1-r2431:  *     #21 0x7f891127d337 in RUN_ALL_TESTS() /build/amd64-generic/var/cache/portage/chromeos-base/cryptohome/out/Default/../../../../../../../usr/include/gtest/gtest.h:2233:46
cryptohome-0.0.1-r2431:  *     #22 0x7f891127d337 in main /build/amd64-generic/var/cache/portage/chromeos-base/cryptohome/out/Default/../../../../../../../tmp/portage/chromeos-base/cryptohome-0.0.1-r2431/work/cryptohome-0.0.1/platform2/common-mk/testrunner.cc:16:0
cryptohome-0.0.1-r2431:  *     #23 0x7f890c409735 in __libc_start_main /var/tmp/portage/cross-x86_64-cros-linux-gnu/glibc-2.23-r15/work/glibc-2.23/csu/../csu/libc-start.c:289:0
cryptohome-0.0.1-r2431:  *     #24 0x7f8910160148 in _start ??:0:0
cryptohome-0.0.1-r2431:  * 
cryptohome-0.0.1-r2431:  * HINT: if you don't care about these errors you may set ASAN_OPTIONS=detect_container_overflow=0.
cryptohome-0.0.1-r2431:  * If you suspect a false positive see also: https://github.com/google/sanitizers/wiki/AddressSanitizerContainerOverflow.
cryptohome-0.0.1-r2431:  * SUMMARY: AddressSanitizer: container-overflow (/usr/lib64/libbrillo-core-395517.so+0x242a71)
cryptohome-0.0.1-r2431:  * Shadow bytes around the buggy address:
cryptohome-0.0.1-r2431:  *   0x0c307fff8120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
cryptohome-0.0.1-r2431:  *   0x0c307fff8130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
cryptohome-0.0.1-r2431:  *   0x0c307fff8140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
cryptohome-0.0.1-r2431:  *   0x0c307fff8150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
cryptohome-0.0.1-r2431:  *   0x0c307fff8160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
cryptohome-0.0.1-r2431:  * =>0x0c307fff8170: 00 00 00 00[fc]fc fa fa fa fa fa fa fa fa fa fa
cryptohome-0.0.1-r2431:  *   0x0c307fff8180: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
cryptohome-0.0.1-r2431:  *   0x0c307fff8190: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
cryptohome-0.0.1-r2431:  *   0x0c307fff81a0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
cryptohome-0.0.1-r2431:  *   0x0c307fff81b0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
cryptohome-0.0.1-r2431:  *   0x0c307fff81c0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
cryptohome-0.0.1-r2431:  * Shadow byte legend (one shadow byte represents 8 application bytes):
cryptohome-0.0.1-r2431:  *   Addressable:           00
cryptohome-0.0.1-r2431:  *   Partially addressable: 01 02 03 04 05 06 07
cryptohome-0.0.1-r2431:  *   Heap left redzone:       fa
cryptohome-0.0.1-r2431:  *   Freed heap region:       fd
cryptohome-0.0.1-r2431:  *   Stack left redzone:      f1
cryptohome-0.0.1-r2431:  *   Stack mid redzone:       f2
cryptohome-0.0.1-r2431:  *   Stack right redzone:     f3
cryptohome-0.0.1-r2431:  *   Stack after return:      f5
cryptohome-0.0.1-r2431:  *   Stack use after scope:   f8
cryptohome-0.0.1-r2431:  *   Global redzone:          f9
cryptohome-0.0.1-r2431:  *   Global init order:       f6
cryptohome-0.0.1-r2431:  *   Poisoned by user:        f7
cryptohome-0.0.1-r2431:  *   Container overflow:      fc
cryptohome-0.0.1-r2431:  *   Array cookie:            ac
cryptohome-0.0.1-r2431:  *   Intra object redzone:    bb
cryptohome-0.0.1-r2431:  *   ASan internal:           fe
cryptohome-0.0.1-r2431:  *   Left alloca redzone:     ca
cryptohome-0.0.1-r2431:  *   Right alloca redzone:    cb
cryptohome-0.0.1-r2431:  * ==17==ABORTING

Comment 1 by manojgupta@chromium.org, Feb 2 2018

Cc: pmalani@chromium.org ejcaruso@chromium.org
Components: Tools>ChromeOS-Toolchain
Labels: -Pri-3 OS-Chrome Pri-2
This looks like a legitimate issue in cyptohome. But taking a look first.
Project Member

Comment 2 by bugdroid1@chromium.org, Feb 2 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/platform2/+/9aa977739e56a417c4d115d0c90b3afaa037c0a5

commit 9aa977739e56a417c4d115d0c90b3afaa037c0a5
Author: Manoj Gupta <manojgupta@google.com>
Date: Fri Feb 02 21:19:32 2018

cryptohome: Fix some memory leaks.

Fix some memory leaks in cryptohome found by asan.

BUG= chromium:808243 
TEST=no more asan complains.

Change-Id: I67b79ae09a95d40e76bbd73a83253edb583d7105
Reviewed-on: https://chromium-review.googlesource.com/898535
Commit-Ready: Manoj Gupta <manojgupta@chromium.org>
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>

[modify] https://crrev.com/9aa977739e56a417c4d115d0c90b3afaa037c0a5/cryptohome/persistent_lookup_table_unittest.cc
Project Member

Comment 3 by bugdroid1@chromium.org, Feb 2 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/aosp/platform/external/libbrillo/+/91944f28f4685f6fcf46720339b1834717b8a23e

commit 91944f28f4685f6fcf46720339b1834717b8a23e
Author: Manoj Gupta <manojgupta@google.com>
Date: Fri Feb 02 21:19:23 2018

libbrillo: Disable asan on SecureMemset.

SecureMemset is used to overwrite beyond string size() but not
beyond capacity().
As this behavior is intentional, disable it from asan analysis.

Also provide a new asan.h header file to hold all asan specific
definitions.

BUG= chromium:808243 
TEST=libbrillo/cryptohome unit tests pass with asan.

Change-Id: Idfabe15614299312be35beb64eae10e5acb07e1b
Reviewed-on: https://chromium-review.googlesource.com/898605
Commit-Ready: Manoj Gupta <manojgupta@chromium.org>
Tested-by: Manoj Gupta <manojgupta@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>

[modify] https://crrev.com/91944f28f4685f6fcf46720339b1834717b8a23e/brillo/secure_blob.h
[modify] https://crrev.com/91944f28f4685f6fcf46720339b1834717b8a23e/brillo/secure_blob.cc
[add] https://crrev.com/91944f28f4685f6fcf46720339b1834717b8a23e/brillo/asan.h
[modify] https://crrev.com/91944f28f4685f6fcf46720339b1834717b8a23e/brillo/secure_blob_unittest.cc

Comment 4 by manojgupta@chromium.org, Feb 3 2018

Labels: libcxx
Status: Verified (was: Untriaged)
Fixed https://build.chromium.org/p/chromiumos/builders/amd64-generic-
asan/builds/23194

Sign in to add a comment