https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84761
Bug ID: 84761
Summary: AddressSanitizer is not compatible with glibc 2.27 on
x86
Product: gcc
Version: 8.0.1
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: vincent-gcc at vinc17 dot net
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at
gcc dot gnu.org
Target Milestone: ---
After an upgrade to glibc 2.27 on a Debian/unstable machine, on a program that
does nothing, the AddressSanitizer segfaults with the 32-bit x86 ABI.
I have the following gcc-snapshot script:
#!/bin/sh
LD_LIBRARY_PATH=/usr/lib/gcc-snapshot/lib:$LD_LIBRARY_PATH
PATH=/usr/lib/gcc-snapshot/bin:$PATH
rpath=""
OLD_IFS="$IFS"
IFS=:
for i in $LD_RUN_PATH
do
rpath="$rpath -Wl,-rpath -Wl,$i"
done
IFS="$OLD_IFS"
exec gcc -Wl,-rpath -Wl,/usr/lib/gcc-snapshot/lib \
-Wl,-rpath -Wl,/usr/lib/gcc-snapshot/lib32 \
-Wl,-rpath -Wl,/usr/lib/gcc-snapshot/libx32 $rpath "$@"
cventin:~> gcc-snapshot --version
gcc (Debian 20180216-1) 8.0.1 20180216 (experimental) [trunk revision 257720]
[...]
cventin:~> cat tst.c
int main (void)
{
return 0;
}
cventin:~> gcc-snapshot -m32 -fsanitize=address tst.c -o tst
cventin:~> ./tst
AddressSanitizer:DEADLYSIGNAL
=================================================================
==25032==ERROR: AddressSanitizer: SEGV on unknown address 0xf7fa7e70 (pc
0xf7fa7e84 bp 0xffbf40ac sp 0xffbf406c T16777215)
==25032==The signal is caused by a WRITE memory access.
#0 0xf7fa7e83 in _dl_get_tls_static_info (/lib/ld-linux.so.2+0x11e83)
#1 0xf7ac147d (/usr/lib/gcc-snapshot/lib32/libasan.so.5+0x10e47d)
#2 0xf7aafd27 (/usr/lib/gcc-snapshot/lib32/libasan.so.5+0xfcd27)
#3 0xf7fa591a (/lib/ld-linux.so.2+0xf91a)
#4 0xf7f96cb9 (/lib/ld-linux.so.2+0xcb9)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/lib/ld-linux.so.2+0x11e83) in
_dl_get_tls_static_info
==25032==ABORTING
My original bug report:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892096
The explanations given by Aurelien Jarno:
------------------------------------------------------------
The AddressSanitizer is using glibc internal functions though dlsym(), and such
functions have the right to change in new major versions:
From libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc:
| void *get_tls_static_info_ptr = dlsym(RTLD_NEXT, "_dl_get_tls_static_info");
And on the glibc side:
| $ readelf -s /lib/ld-linux.so.2 | grep _dl_get_tls_static_info
| 4: 00011e70 35 FUNC GLOBAL DEFAULT 12
_dl_get_tls_static_info@@GLIBC_PRIVATE
This has been discussed for example there:
https://www.sourceware.org/ml/libc-alpha/2018-02/msg00611.html
The AddressSanitizer people should discuss for a public API so that it doesn't
happen again. Otherwise it might break at every new glibc version.
------------------------------------------------------------
In the mean time, it should at least be made compatible with glibc 2.27.
