[Bug 59662] New: wine-mono: ASan gets triggered after commit 34a8563df.
http://bugs.winehq.org/show_bug.cgi?id=59662 Bug ID: 59662 Summary: wine-mono: ASan gets triggered after commit 34a8563df. Product: Wine Version: 11.6 Hardware: x86-64 OS: Linux Status: NEW Severity: normal Priority: P2 Component: mscoree Assignee: wine-bugs@list.winehq.org Reporter: bernhardu@mailbox.org Distribution: --- Created attachment 80752 --> http://bugs.winehq.org/attachment.cgi?id=80752 mscoree_comtest_asan.txt Since a few days I receive in gitlab, with a modified tree to run PE ASan enabled binaries, reports from loadpath.exe, csc.exe and mcs.exe. They all show as last frame `copy_stack_data_internal` with a memcpy. I was able to reproduce it with a local tree too. If I revert following patch ASan stays silent: 34a8563df2b "mscoree: Use coop-aware thread attach functions." Attach file shows a mscoree:comtest run, with contents of wine-mono-11.0.0-dbgsym.tar.xz put into the prefix. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59662 Bernhard Übelacker <bernhardu@mailbox.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Distribution|--- |Debian --- Comment #1 from Bernhard Übelacker <bernhardu@mailbox.org> --- Direct link to a gitlab run: https://gitlab.winehq.org/bernhardu/wine/-/jobs/253410#L2717 Direct link to commit: https://gitlab.winehq.org/wine/wine/-/commit/34a8563df2b1952b6f90580c9fcdc41... Line of `copy_stack_data_internal` in upstream Mono: https://gitlab.winehq.org/mono/mono/-/blob/main/mono/utils/mono-threads-coop... -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59662 --- Comment #2 from Esme Povirk <madewokherd@gmail.com> --- Mono needs to copy the whole stack when it transitions to GC safe context. It does not have knowledge of the stack layout, and will scan conservatively. Is this a problem for ASAN? -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59662 Esme Povirk <madewokherd@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |madewokherd@gmail.com -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59662 --- Comment #3 from Bernhard Übelacker <bernhardu@mailbox.org> --- (In reply to Esme Povirk from comment #2)
Mono needs to copy the whole stack when it transitions to GC safe context. It does not have knowledge of the stack layout, and will scan conservatively. Is this a problem for ASAN?
Thanks for taking a look. If I understand it right ASan detects that memory surrounding the actual variables get accessed. If copying that stack area as one big block is intentional I guess the way to go is to tell ASan to ignore it. I am currently testing if following change would to that: https://gitlab.winehq.org/bernhardu/wine/-/commit/82f18186d485f5e878bd6ce291... And because this is intentional behaviour I assume this bug should be closed as invalid then? -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59662 --- Comment #4 from Esme Povirk <madewokherd@gmail.com> --- Thanks for bringing it up, though. In theory, this could happen in any function that calls mono_threads_detach_coop, so I guess all of those need the annotation. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=59662 Bernhard Übelacker <bernhardu@mailbox.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |INVALID Status|NEW |RESOLVED --- Comment #5 from Bernhard Übelacker <bernhardu@mailbox.org> --- (In reply to Esme Povirk from comment #4)
Thanks for bringing it up, though.
In theory, this could happen in any function that calls mono_threads_detach_coop, so I guess all of those need the annotation.
I will adjust my tree, thanks for pointing that out. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (1)
-
WineHQ Bugzilla