Details
-
Task
-
Resolution: Unresolved
-
Major
-
7.6.0
-
0
Description
When building kv_engine with Asan/UBSan on AppleClang ver 13.1.6, it flags a number of spurious invalid type access errors - for example:
c++/v1/fstream:1434:15: runtime error: member call on address 0x00016fdfa698 which does not point to an object of type 'std::filebuf'
|
0x00016fdfa698: note: object is of type 'std::__1::basic_filebuf<char, std::__1::char_traits<char> >'
|
01 00 00 00 50 25 56 e9 01 00 00 00 e0 5a 51 e9 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
^~~~~~~~~~~~~~~~~~~~~~~
|
vptr for 'std::__1::basic_filebuf<char, std::__1::char_traits<char> >'
|
As per this blog post, this seems to be due to the fact there's multiple versions
of the basic_filebuf type_info symbol present in the binary - e.g.
$ nm -mo auditevent_generator | c++filt | rg basic_filebuf | rg typeinfo
|
auditevent_generator: 00000001003743e0 (__DATA_CONST,__const) non-external (was a private external) typeinfo for std::__1::basic_filebuf<char, std::__1::char_traits<char> >
|
auditevent_generator: 0000000100302ec8 (__TEXT,__const) non-external (was a private external) typeinfo name for std::__1::basic_filebuf<char, std::__1::char_traits<char> >
|
Note the duplicate symbols with different visibilities. This is caused by some object files being built with hidden symbol visibility (-fvisibility=hidden) and others with "default" (non-hidden) symbol visibility (-fvisibility=default).
We generally use hidden symbol visibility in the Release build as it results in smaller binary size and faster execution (avoids bouncing via PLT for non-external symbols), but this prevents UBSan from verifying the type objects at runtime.
To allow these checks to work correctly we need to ensure there's only a single version of each symbol (i.e. only default visibility ones) - this means we need to ensure when building with ASan/UBSan we link a version of our dependancies which at least has default symbol visibility - or ideally a specific Asan+UBSan build which would increase the area of code we can validate.