<table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Issue</th>
<td>
<a href=https://github.com/llvm/llvm-project/issues/57653>57653</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>
Address sanitized binaries crash with tuned address space randomization
</td>
</tr>
<tr>
<th>Labels</th>
<td>
new issue
</td>
</tr>
<tr>
<th>Assignees</th>
<td>
</td>
</tr>
<tr>
<th>Reporter</th>
<td>
cgzones
</td>
</tr>
</table>
<pre>
Since Clang 14 (also reproducible with Clang 15, but not with Clang 13) tuning ALSR via */proc/sys/vm/mmap_rnd_bits* and */proc/sys/vm/mmap_rnd_compat_bits*, e.g. via
```sh
echo 32 > /proc/sys/vm/mmap_rnd_bits
echo 16 > /proc/sys/vm/mmap_rnd_compat_bits
```
, breaks binaries build with address sanitizer.
They crash randomly (~1 in 4 runs).
*test.c*:
```c
#include <stdlib.h>
#include <string.h>
int main() {
char *array = malloc(10);
memset(array, 'a', 10);
free(array);
return 0;
}
```
Build command:
```sh
clang-14 -O1 -g -fsanitize=address test.c -o test
```
Backtrace:
```
Core was generated by `./test'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x000062574a4a0770 in ?? ()
(gdb) bt full
#0 0x000062574a4a0770 in ?? ()
No symbol table info available.
#1 <signal handler called>
No symbol table info available.
#2 0x000062574a4a0770 in ?? ()
No symbol table info available.
#3 <signal handler called>
No symbol table info available.
#4 0x000062574a4a0770 in ?? ()
No symbol table info available.
#5 <signal handler called>
No symbol table info available.
#6 0x000062574a4a0770 in ?? ()
No symbol table info available.
#7 <signal handler called>
No symbol table info available.
#8 0x000062574a4a0770 in ?? ()
No symbol table info available.
#9 <signal handler called>
No symbol table info available.
#10 0x000062574a4a0770 in ?? ()
No symbol table info available.
#11 <signal handler called>
No symbol table info available.
#12 0x000062574a4a0770 in ?? ()
No symbol table info available.
#13 <signal handler called>
No symbol table info available.
#14 0x000062574a4a0770 in ?? ()
No symbol table info available.
#15 <signal handler called>
No symbol table info available.
#16 0x000062574a4a0770 in ?? ()
No symbol table info available.
#17 <signal handler called>
No symbol table info available.
#18 0x000062574a4a0770 in ?? ()
No symbol table info available.
#19 <signal handler called>
No symbol table info available.
#20 0x000062574a4a0770 in ?? ()
No symbol table info available.
#21 <signal handler called>
No symbol table info available.
#22 0x000062574a4a0770 in ?? ()
No symbol table info available.
#23 <signal handler called>
No symbol table info available.
#24 0x000062574a4a0770 in ?? ()
No symbol table info available.
#25 <signal handler called>
No symbol table info available.
#26 0x000062574a4a0770 in ?? ()
No symbol table info available.
#27 <signal handler called>
No symbol table info available.
#28 0x000062574a4a0770 in ?? ()
No symbol table info available.
#29 <signal handler called>
No symbol table info available.
#30 0x000062574a4a0770 in ?? ()
No symbol table info available.
#31 <signal handler called>
No symbol table info available.
#32 0x000062574a4a0770 in ?? ()
No symbol table info available.
#33 <signal handler called>
No symbol table info available.
#34 0x000062574a4a0770 in ?? ()
No symbol table info available.
#35 <signal handler called>
No symbol table info available.
#36 0x000062574a4a0770 in ?? ()
No symbol table info available.
#37 <signal handler called>
No symbol table info available.
#38 0x000062574a4a0770 in ?? ()
No symbol table info available.
#39 <signal handler called>
No symbol table info available.
#40 0x000062574a4a0770 in ?? ()
No symbol table info available.
#41 <signal handler called>
No symbol table info available.
#42 0x000062574a4a0770 in ?? ()
No symbol table info available.
#43 <signal handler called>
No symbol table info available.
#44 0x000062574a4b6321 in ?? ()
No symbol table info available.
#45 0x0000040000002000 in ?? ()
No symbol table info available.
#46 0x0000000000000000 in ?? ()
No symbol table info available.
(gdb) quit
```
System: Debian sid
Kernel: Linux hostname 5.19.0-1-amd64 #1 SMP PREEMPT_DYNAMIC Debian 5.19.6-1 (2022-09-01) x86_64 GNU/Linux
Clang:
```
Debian clang version 14.0.6-2
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
```
</pre>
<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJzVWN1vozgQ_2vIiwUyNp8PeUibtqpu26s2vZPuqTLGAd-Cydmm2_SvvzEk_dbu6goPh4iDGXvm55n5GXmKrtwvN1JxgU4bpioURsgjGWtMh7TY6a7suSwagb5LWx-HxB45RUVvkersKwH1SI5sryR0Vl82X9G9ZKBu5ZFzUMXhz-wNtPctNG3LdndalXeFtPByhZgqfz6Yd-2O2eMcB0QEVeAMeXjt4ZWX4PE29fhC8LpDlCCPnqGf40D_u-vFKsPkF1b50oGvPXbouthqwb4ZVEjFtBTw0MumHCPNylILY5BhSlr5KHQwTrutxR5xzUyNNASya5u9SyQvPQuRVChCulcAJj8MP9paWWFswF0o6eoNHn4cRCE_m74UsLpTY8tGFkENC_1YrCH5XoqHViqLWiaVQwQp6qUn4_vXTuQ10y4DmdYM0NM1zGka58ksxDDPo2-mtaI1wjq-uBnOcx5JGfzc48dTtlqI5wnv5VrYXiuEnwReuv44TkN7MkQGYtqC09-78EgC7vjpA7f930PkV8jfHuMHqzyGdAwF8rvh6UdGGf9mNePi2eBHg087DfsGM6gSSmhmRYkKcGuCA8jHwQRJD-lwo7tKsxYM6xaSzg0dss3ISrEGbS4vNmcXfzqvbkTVCmWZlZ1CW9Y3NnjKA4wQfsBwJSROIxYxnKbYZZ9Hz-FGY_SPw7OqLFwyFBZt-6b5T1quO2T2bdE1yDK3S0q17RC7Z7Jx3WdkIRqSc1xNDaFqhEYckkuUT5n6q7rIDPjohPiiGfDFE-JLZsCXTogvmwFfPiG-EM_Aj3BCfGQGfHRCfNEM-OIJ8SUz4EsnxJfNgC-fcH-egR9kQn6QGfhBJuQHmYEfZEJ-kBn4QSbkB5mBH2RCftAZ-EEn5AedgR90Qn7QGfhBJ-QHnYEfdEJ-0Bn4QSfkRzQDP6IJ-RHNwI9oQn5Eb_hRJO7z-Ul88UEnjoYWE_h9VueRJy-vz-k8Hmn_6eWPzu-bvbGihcM7WotCMgXH7HKU_Ca0Eo2TfJGqf0B1Z6xirUBxEOYB9kOftWXiSoSw426ubtDN17Ozq5vbu_Vf16ury9OjwmF44oduEQQT4uPcx6GD9pAld6Dg4voPj5wPRg7FAleheF_AGLsHrUMVA90LbdzhP4wCDDbIOOSW6UpYh3y04O-43zj1fqX6w5BaC1aitivHJe46Iw_WL5WxQ7atpXYiwNYbDW0h1RtEC7EMk4Sk8E3Ms0W5pGVOc7aw0jZiuXpTHSufa2hjbWyoathegeSpkrZjXByKZvJxKGwset0sa2t3xnmEnMNdwcS-CHjninlNc3_883e6-1twC11pTC9cwS9Ok5gu6iXOMAszDozA5Rb2FVrymCaYRCyjPObpArJHNGbpxSceIUp8R4MKePbi9UIuXeRwjvMwChOaBQUJGcm2Oed5TrM49SIsWkjBwOEIOl0t9HKAVPSVAWEjjTXPQmYcv4UYzIF-1tu600tePXZKmMVgejlA_xc3VYQM">