[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#980110: gcc-10: The Debian addition --as-needed breaks -fsanitize=address

Package: gcc-10
Version: 10.2.1-6
Severity: normal

Dear Maintainer,

A program that uses the crypt() function will report SIGSEGV
due to jumping to address 0 when the program is compiled with
-fsanitize=address. This problem is not repeatable when using
the default options of upstream GCC
(see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98669 for
their resolution), nor with gcc-9.

Here is what I did:

cat > crypt.c << EOF
#include <crypt.h>
#include <stdio.h>

int main (int argc, char **argv)
{
  puts(crypt(*argv, "salt"));
}
EOF
gcc -fsanitize=address crypt.c -lcrypt
./a.out


AddressSanitizer:DEADLYSIGNAL
=================================================================
==664877==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x000000000000 bp 0x7fffb2b2b970 sp 0x7fffb2b2b958 T0)
==664877==Hint: pc points to the zero page.
==664877==The signal is caused by a READ memory access.
==664877==Hint: address points to the zero page.
    #0 0x0  (<unknown module>)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (<unknown module>) ==664877==ABORTING 


I expected the program to terminate successfully, like this:
gcc-9 -fsanitize=address crypt.c -lcrypt && ./a.out sasWQy9ecMDEs 

(Same thing if I compile it with clang-10 or clang-11.)

According to upstream, this is a Debian packaging problem
that they refuse to fix.

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-1-amd64 (SMP w/40 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=fi_FI.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gcc-10 depends on:
ii  binutils       2.35.1-7
ii  cpp-10         10.2.1-6
ii  gcc-10-base    10.2.1-6
ii  libc6          2.31-9
ii  libcc1-0       10.2.1-6
ii  libgcc-10-dev  10.2.1-6
ii  libgcc-s1      10.2.1-6
ii  libgmp10       2:6.2.1+dfsg-1
ii  libisl23       0.23-1
ii  libmpc3        1.2.0-1
ii  libmpfr6       4.1.0-3
ii  libstdc++6     10.2.1-6
ii  libzstd1       1.4.8+dfsg-1
ii  zlib1g         1:1.2.11.dfsg-2

Versions of packages gcc-10 recommends:
ii  libc6-dev  2.31-9

Versions of packages gcc-10 suggests:
ii  gcc-10-doc       10.2.0-1
pn  gcc-10-locales   <none>
ii  gcc-10-multilib  10.2.1-6

-- no debconf information
Reply to: