<div dir="ltr"><br><div class="gmail_extra"><br></div><div class="gmail_extra">Hi Sebastian,<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Jun 7, 2013 at 6:33 AM, Sebastian Roschke <span dir="ltr"><<a href="mailto:s.roschke@gmail.com" target="_blank">s.roschke@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Dear list,<div><br></div><div>not sure if I should direct this request somewhere else. I am trying to build suricata with clang and ASAN:</div>
<div><br></div><div>CC=clang CFLAGS='-O0 -g -fsanitize=address' CPPFLAGS='-O0 -g -fsanitize=address' ./configure<br>
</div><div>make</div><div><br></div></div></blockquote><div><br></div><div>What OS are you doing that on?<br></div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr"><div></div><div>This works fine. Running suricata afterwards miserably fails:</div><div><br></div>./suricata -c suricata.yaml<br>6/6/2013 -- 21:19:50 - <Info> - This is Suricata version 1.4.2 RELEASE<br>
6/6/2013 -- 21:19:50 - <Info> - CPUs/cores online: 4<br>=================================================================<br>==12833== ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7ff64b7ce6c0 at pc 0x10be76b bp 0x7fff3db91070 sp 0x7fff3db91068<br>
READ of size 16 at 0x7ff64b7ce6c0 thread T0<br> #0 0x10be76a (/some/path/suricata/suricata-1.4.2-clang-build/suricata-1.4.2/src/.libs/lt-suricata+0x10be76a)<br> #1 0x10aac45 (/some/path/suricata/suricata-1.4.2-clang-build/suricata-1.4.2/src/.libs/lt-suricata+0x10aac45)<br>
#2 0x10a395a (/some/path/suricata/suricata-1.4.2-clang-build/suricata-1.4.2/src/.libs/lt-suricata+0x10a395a)<br> #3 0x4e00b4 (/some/path/suricata/suricata-1.4.2-clang-build/suricata-1.4.2/src/.libs/lt-suricata+0x4e00b4)<br>
#4 0x530cef (/some/path/suricata/suricata-1.4.2-clang-build/suricata-1.4.2/src/.libs/lt-suricata+0x530cef)<br> #5 0x570eb1 (/some/path/suricata/suricata-1.4.2-clang-build/suricata-1.4.2/src/.libs/lt-suricata+0x570eb1)<br>
#6 0x4e5c95 (/some/path/suricata/suricata-1.4.2-clang-build/suricata-1.4.2/src/.libs/lt-suricata+0x4e5c95)<br> #7 0xe6f4e8 (/some/path/suricata/suricata-1.4.2-clang-build/suricata-1.4.2/src/.libs/lt-suricata+0xe6f4e8)<br>
#8 0x7ff649f0976c (/lib/x86_64-linux-gnu/<a href="http://libc-2.15.so" target="_blank">libc-2.15.so</a>+0x2176c)<br>0x7ff64b7ce6c0 is located 0 bytes to the right of 4-byte region [0x7ff64b7ce6c0,0x7ff64b7ce6c4)<br>allocated by thread T0 here:<br>
#0 0x12595f0 (/some/path/suricata/suricata-1.4.2-clang-build/suricata-1.4.2/src/.libs/lt-suricata+0x12595f0)<br> #1 0x10a9c75 (/some/path/suricata/suricata-1.4.2-clang-build/suricata-1.4.2/src/.libs/lt-suricata+0x10a9c75)<br>
#2 0x10a395a (/some/path/suricata/suricata-1.4.2-clang-build/suricata-1.4.2/src/.libs/lt-suricata+0x10a395a)<br> #3 0x4e00b4 (/some/path/suricata/suricata-1.4.2-clang-build/suricata-1.4.2/src/.libs/lt-suricata+0x4e00b4)<br>
#4 0x530cef (/some/path/suricata/suricata-1.4.2-clang-build/suricata-1.4.2/src/.libs/lt-suricata+0x530cef)<br> #5 0x570eb1 (/some/path/suricata/suricata-1.4.2-clang-build/suricata-1.4.2/src/.libs/lt-suricata+0x570eb1)<br>
#6 0x4e5c95 (/some/path/suricata/suricata-1.4.2-clang-build/suricata-1.4.2/src/.libs/lt-suricata+0x4e5c95)<br> #7 0xe6f4e8 (/some/path/suricata/suricata-1.4.2-clang-build/suricata-1.4.2/src/.libs/lt-suricata+0xe6f4e8)<br>
#8 0x7ff649f0976c (/lib/x86_64-linux-gnu/<a href="http://libc-2.15.so" target="_blank">libc-2.15.so</a>+0x2176c)<br>Shadow byte and word:<br> 0x1ffec96f9cd8: 4<br> 0x1ffec96f9cd8: 04 fb fb fb fb fb fb fb<br>More shadow bytes:<br>
0x1ffec96f9cb8: 00 00 00 00 00 fb fb fb<br>
0x1ffec96f9cc0: fa fa fa fa fa fa fa fa<br> 0x1ffec96f9cc8: 04 fb fb fb fb fb fb fb<br> 0x1ffec96f9cd0: fa fa fa fa fa fa fa fa<br>=>0x1ffec96f9cd8: 04 fb fb fb fb fb fb fb<br> 0x1ffec96f9ce0: fa fa fa fa fa fa fa fa<br>
0x1ffec96f9ce8: fa fa fa fa fa fa fa fa<br> 0x1ffec96f9cf0: fa fa fa fa fa fa fa fa<br> 0x1ffec96f9cf8: fa fa fa fa fa fa fa fa<br>Stats: 1M malloced (1M for red zones) by 3256 calls<br>Stats: 0M realloced by 132 calls<br>
Stats: 0M freed by 2194 calls<br>Stats: 0M really freed by 0 calls<br>Stats: 7M (1927 full pages) mmaped in 12 calls<br> mmaps by size class: 7:4095; 8:2047; 9:1023; 10:511; 11:255; 13:64; 14:32; 15:16; 16:8; 20:3;<br>
mallocs by size class: 7:3215; 8:22; 9:3; 10:4; 11:2; 13:1; 14:2; 15:2; 16:2; 20:3;<br>
frees by size class: 7:2181; 8:3; 9:3; 10:3; 11:1; 15:1; 16:2;<br> rfrees by size class:<br>Stats: malloc large: 7 small slow: 19<br>==12833== ABORTING<div><br></div><div>Any pointers would be appreciated.</div>
<div><br></div><div>Thanks,</div><div>Sebastian</div></div>
<br>_______________________________________________<br>
Suricata IDS Devel mailing list: <a href="mailto:oisf-devel@openinfosecfoundation.org">oisf-devel@openinfosecfoundation.org</a><br>
Site: <a href="http://suricata-ids.org" target="_blank">http://suricata-ids.org</a> | Participate: <a href="http://suricata-ids.org/participate/" target="_blank">http://suricata-ids.org/participate/</a><br>
List: <a href="https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel" target="_blank">https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel</a><br>
Redmine: <a href="https://redmine.openinfosecfoundation.org/" target="_blank">https://redmine.openinfosecfoundation.org/</a><br></blockquote></div><br><br clear="all"><br>-- <br><div>Regards,</div>
<div>Peter Manev</div>
</div></div>