https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101380
Bug ID: 101380
Summary: Segmentation fault in __asan_init
Product: gcc
Version: 11.1.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: puspmvqyfzxrbytwsu at niwghx dot com
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at
gcc dot gnu.org
Target Milestone: ---
/* ======== testcase.c ======== */
int main()
{
}
/* ======== end of source ======== */
When compiling with the command line
gcc -no-pie -fsanitize=address testcase.c
the output file a.out contains a bug causing it to sometimes crash on startup
(pre-main) with a segmentation fault. This segmentation fault is not handled by
the address sanitizer, but gives the default segmentation fault
message.
According to my testing with ltrace, the segmentation fault seems to be caused
in __asan_init:
/* ======== ltrace ./a.out ======== */
__asan_init(1, 0x72a9c5ef89c8, 0x72a9c5ef89d8, 0x61d7e2856060 <no return ...>
--- SIGSEGV (Segmentation fault) ---
--- SIGSEGV (Segmentation fault) ---
+++ killed by SIGSEGV +++
/* ======== end of ltrace ======== */
/* ======== gcc -v -no-pie -fsanitize=address testcase.c ======== */
Es werden eingebaute Spezifikationen verwendet.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/lto-wrapper
Ziel: x86_64-pc-linux-gnu
Konfiguriert mit: /build/gcc/src/gcc/configure --prefix=/usr --libdir=/usr/lib
--libexecdir=/usr/lib --mandir=/usr/share/man --infodir=/usr/share/info
--with-bugurl=https://bugs.archlinux.org/
--enable-languages=c,c++,ada,fortran,go,lto,objc,obj-c++,d --with-isl
--with-linker-hash-style=gnu --with-system-zlib --enable-__cxa_atexit
--enable-cet=auto --enable-checking=release --enable-clocale=gnu
--enable-default-pie --enable-default-ssp --enable-gnu-indirect-function
--enable-gnu-unique-object --enable-install-libiberty --enable-linker-build-id
--enable-lto --enable-multilib --enable-plugin --enable-shared
--enable-threads=posix --disable-libssp --disable-libstdcxx-pch
--disable-libunwind-exceptions --disable-werror
gdc_include_dir=/usr/include/dlang/gdc
Thread-Modell: posix
Unterstützte LTO-Kompressionsalgorithmen: zlib zstd
gcc-Version 11.1.0 (GCC)
COLLECT_GCC_OPTIONS='-v' '-no-pie' '-fsanitize=address' '-mtune=generic'
'-march=x86-64' '-dumpdir' 'a-'
/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/cc1 -quiet -v testcase.c -quiet
-dumpdir a- -dumpbase testcase.c -dumpbase-ext .c -mtune=generic -march=x86-64
-version -fsanitize=address -o /tmp/ccUMl4NV.s
GNU C17 (GCC) Version 11.1.0 (x86_64-pc-linux-gnu)
kompiliert von GNU-C-Version 11.1.0, GMP Version 6.2.1, MPFR Version 4.1.0,
MPC Version 1.2.1. isl Versiom isl-0.24-GMP
GGC-Heuristik: --param ggc-min-expand=100 --param ggc-min-heapsize=131072
nicht vorhandenes Verzeichnis
»/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/../../../../x86_64-pc-linux-gnu/include«
wird ignoriert
Suche für »#include "..."« beginnt hier:
Suche für »#include <...>« beginnt hier:
/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/include
/usr/local/include
/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/include-fixed
/usr/include
Ende der Suchliste.
GNU C17 (GCC) Version 11.1.0 (x86_64-pc-linux-gnu)
kompiliert von GNU-C-Version 11.1.0, GMP Version 6.2.1, MPFR Version 4.1.0,
MPC Version 1.2.1. isl Versiom isl-0.24-GMP
GGC-Heuristik: --param ggc-min-expand=100 --param ggc-min-heapsize=131072
Compiler executable checksum: 3d0ac5c030c008e73f10e8b66957dbfa
COLLECT_GCC_OPTIONS='-v' '-no-pie' '-fsanitize=address' '-mtune=generic'
'-march=x86-64' '-dumpdir' 'a-'
as -v --64 -o /tmp/ccPP003Z.o /tmp/ccUMl4NV.s
GNU assembler version 2.36.1 (x86_64-pc-linux-gnu) using BFD version (GNU
Binutils) 2.36.1
COMPILER_PATH=/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/:/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/:/usr/lib/gcc/x86_64-pc-linux-gnu/:/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/:/usr/lib/gcc/x86_64-pc-linux-gnu/
LIBRARY_PATH=/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/:/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/../../../../lib/:/lib/../lib/:/usr/lib/../lib/:/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/../../../:/lib/:/usr/lib/
COLLECT_GCC_OPTIONS='-v' '-no-pie' '-fsanitize=address' '-mtune=generic'
'-march=x86-64' '-dumpdir' 'a.'
/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/collect2 -plugin
/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/liblto_plugin.so
-plugin-opt=/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/lto-wrapper
-plugin-opt=-fresolution=/tmp/ccy5uDZk.res -plugin-opt=-pass-through=-lgcc
-plugin-opt=-pass-through=-lgcc_s -plugin-opt=-pass-through=-lc
-plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s --build-id
--eh-frame-hdr --hash-style=gnu -m elf_x86_64 -dynamic-linker
/lib64/ld-linux-x86-64.so.2
/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/../../../../lib/crt1.o
/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/../../../../lib/crti.o
/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/crtbegin.o
-L/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0
-L/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/../../../../lib -L/lib/../lib
-L/usr/lib/../lib -L/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/../../..
/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/../../../../lib/libasan_preinit.o
-lasan /tmp/ccPP003Z.o -lgcc --push-state --as-needed -lgcc_s --pop-state -lc
-lgcc --push-state --as-needed -lgcc_s --pop-state
/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/crtend.o
/usr/lib/gcc/x86_64-pc-linux-gnu/11.1.0/../../../../lib/crtn.o
COLLECT_GCC_OPTIONS='-v' '-no-pie' '-fsanitize=address' '-mtune=generic'
'-march=x86-64' '-dumpdir' 'a.'
/* ======== end of output ======== */
Further information:
I am running this on an ArchLinux system with kernel
5.12.14-hardened1-1-hardened.
The used version of the address sanitizer library is 6.0.0:
/* ======== ldd a.out ======== */
linux-vdso.so.1 (0x000065a50ebf3000)
libasan.so.6 => /usr/lib/libasan.so.6 (0x000065a50e1f7000)
libc.so.6 => /usr/lib/libc.so.6 (0x000065a50e02b000)
libdl.so.2 => /usr/lib/../lib/libdl.so.2 (0x000065a50e024000)
librt.so.1 => /usr/lib/../lib/librt.so.1 (0x000065a50e019000)
libpthread.so.0 => /usr/lib/../lib/libpthread.so.0 (0x000065a50dff8000)
libstdc++.so.6 => /usr/lib/../lib/libstdc++.so.6 (0x000065a50dde2000)
libm.so.6 => /usr/lib/../lib/libm.so.6 (0x000065a50dc9c000)
libgcc_s.so.1 => /usr/lib/../lib/libgcc_s.so.1 (0x000065a50dc81000)
/lib64/ld-linux-x86-64.so.2 => /usr/lib64/ld-linux-x86-64.so.2
(0x000065a50ebf5000)
/* ======== end ======== */
/usr/lib/libasan.so.6 is a symbolic link to libasan.so.6.0.0
