Bug#892096: libc6:i386 yields invalid writes, triggered by GCC's AddressSanitizer

2018-03-13 Thread Vincent Lefevre 
On 2018-03-05 20:46:32 +0100, Aurelien Jarno wrote:
> The AddressSanitizer is using glibc internal functions though dlsym(),
> and such functions have the right to change in new major versions:
> 
> From libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cc:
> |  void *get_tls_static_info_ptr = dlsym(RTLD_NEXT, 
> "_dl_get_tls_static_info");
> 
> And on the glibc side:
> | $ readelf -s /lib/ld-linux.so.2  | grep _dl_get_tls_static_info
> |  4: 00011e7035 FUNCGLOBAL DEFAULT   12 
> _dl_get_tls_static_info@@GLIBC_PRIVATE
> 
> This has been discussed for example there:
> https://www.sourceware.org/ml/libc-alpha/2018-02/msg00611.html
> 
> The AddressSanitizer people should discuss for a public API so that it
> doesn't happen again. Otherwise it might break at every new glibc
> version.

FYI, I reported the bug upstream:

  https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84761

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Bug#892096: libc6:i386 yields invalid writes, triggered by GCC's AddressSanitizer

2018-03-05 Thread Vincent Lefevre 
Control: reassign -1 libc6 2.27-1
Control: retitle -1 libc6:i386 yields invalid writes, triggered by GCC's 
AddressSanitizer
Control: severity -1 serious

On 2018-03-05 14:10:56 +0100, Vincent Lefevre wrote:
> cventin:~> cat tst.c
> int main (void)
> {
>   return 0;
> }
> cventin:~> gcc-snapshot -m32 -fsanitize=address tst.c -o tst
> cventin:~> ./tst
> AddressSanitizer:DEADLYSIGNAL
> =
> ==25032==ERROR: AddressSanitizer: SEGV on unknown address 0xf7fa7e70 (pc 
> 0xf7fa7e84 bp 0xffbf40ac sp 0xffbf406c T16777215)
> ==25032==The signal is caused by a WRITE memory access.
> #0 0xf7fa7e83 in _dl_get_tls_static_info (/lib/ld-linux.so.2+0x11e83)
> #1 0xf7ac147d  (/usr/lib/gcc-snapshot/lib32/libasan.so.5+0x10e47d)
> #2 0xf7aafd27  (/usr/lib/gcc-snapshot/lib32/libasan.so.5+0xfcd27)
> #3 0xf7fa591a  (/lib/ld-linux.so.2+0xf91a)
> #4 0xf7f96cb9  (/lib/ld-linux.so.2+0xcb9)
> 
> AddressSanitizer can not provide additional info.
> SUMMARY: AddressSanitizer: SEGV (/lib/ld-linux.so.2+0x11e83) in 
> _dl_get_tls_static_info
> ==25032==ABORTING

libc6:i386 was actually the cause (gcc-snapshot had not changed).
Reverting to 2.26-6 makes the crash disappear.

-- 
Vincent Lefèvre  - Web: 
100% accessible validated (X)HTML - Blog: 
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)