<table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Issue</th>
<td>
<a href=https://github.com/llvm/llvm-project/issues/81470>81470</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>
Crash with clang sanitizers (on Debian)
</td>
</tr>
<tr>
<th>Labels</th>
<td>
clang
</td>
</tr>
<tr>
<th>Assignees</th>
<td>
</td>
</tr>
<tr>
<th>Reporter</th>
<td>
stevenwdv
</td>
</tr>
</table>
<pre>
I must be doing something wrong because I cannot get address sanitizer or memory sanitizer to work without randomly crashing on a minimal C program, even on a fresh install via Docker.
I can't imagine this not being reported but yet I can't find anything on this.
# Repro
```sh
#!/usr/bin/env sh
set -eu
docker run --interactive debian sh <<'EOF'
set -eu
export DEBIAN_FRONTEND=noninteractive
apt-get update && apt-get install -y clang
echo 'int main() {}' >main.c
for sanitizer in address memory; do
>&2 echo "
======== Testing -fsanitize=$sanitizer ========
"
clang -fsanitize="$sanitizer" -g main.c
i=0
while true; do
i=$(($i+1))
./a.out && ec=$? || ec=$?
if [ $ec -ne 0 ]; then
case $ec in
129) info=SIGHUP ;;
130) info=SIGINT ;;
131) info=SIGQUIT ;;
132) info=SIGILL ;;
133) info=SIGTRAP ;;
134) info=SIGABRT ;;
135) info=SIGBUS ;;
136) info=SIGFPE ;;
137) info=SIGKILL ;;
138) info=SIGUSR1 ;;
139) info=SIGSEGV ;;
140) info=SIGUSR2 ;;
141) info=SIGPIPE ;;
142) info=SIGALRM ;;
143) info=SIGTERM ;;
144) info=SIGSTKFLT ;;
145) info=SIGCHLD ;;
146) info=SIGCONT ;;
147) info=SIGSTOP ;;
148) info=SIGTSTP ;;
149) info=SIGTTIN ;;
150) info=SIGTTOU ;;
151) info=SIGURG ;;
152) info=SIGXCPU ;;
153) info=SIGXFSZ ;;
154) info=SIGVTALRM ;;
155) info=SIGPROF ;;
156) info=SIGWINCH ;;
157) info=SIGIO ;;
158) info=SIGPWR ;;
159) info=SIGSYS ;;
*) info= ;;
esac
>&2 echo '
>>>> Crashed with exit code' $ec $info "after $i executions
"
[ $i -lt 50 ] || break
fi
done
done
EOF
```
The docker part if of course optional, but I used it to verify that it was not just my install.
<details>
<summary><h1>Output</h1></summary>
```
======== Testing -fsanitize=address ========
Segmentation fault (core dumped)
>>>> Crashed with exit code 139 SIGSEGV after 1 executions
Segmentation fault (core dumped)
>>>> Crashed with exit code 139 SIGSEGV after 3 executions
Segmentation fault (core dumped)
>>>> Crashed with exit code 139 SIGSEGV after 4 executions
Segmentation fault (core dumped)
>>>> Crashed with exit code 139 SIGSEGV after 8 executions
Segmentation fault (core dumped)
>>>> Crashed with exit code 139 SIGSEGV after 11 executions
```
[...etc...]
```
======== Testing -fsanitize=memory ========
Segmentation fault (core dumped)
>>>> Crashed with exit code 139 SIGSEGV after 5 executions
FATAL: Code 0x621db9d8f410 is out of application range. Non-PIE build?
FATAL: MemorySanitizer can not mmap the shadow memory.
FATAL: Make sure to compile with -fPIE and to link with -pie.
FATAL: Disabling ASLR is known to cause this error.
FATAL: If running under GDB, try 'set disable-randomization off'.
==4516==Process memory map follows:
0x621db9d45000-0x621db9d66000 /a.out
0x621db9d66000-0x621db9ded000 /a.out
0x621db9ded000-0x621db9e19000 /a.out
0x621db9e19000-0x621db9e1a000 /a.out
0x621db9e1a000-0x621db9e1d000 /a.out
0x621db9e1d000-0x621dbb771000
0x7f93eb300000-0x7f93eb400000
0x7f93eb500000-0x7f93eb600000
0x7f93eb700000-0x7f93eb800000
0x7f93eb900000-0x7f93eba00000
0x7f93eba1c000-0x7f93ebdc1000
0x7f93ebdc1000-0x7f93ebde7000 /usr/lib/x86_64-linux-gnu/libc.so.6
0x7f93ebde7000-0x7f93ebf3c000 /usr/lib/x86_64-linux-gnu/libc.so.6
0x7f93ebf3c000-0x7f93ebf8f000 /usr/lib/x86_64-linux-gnu/libc.so.6
0x7f93ebf8f000-0x7f93ebf93000 /usr/lib/x86_64-linux-gnu/libc.so.6
0x7f93ebf93000-0x7f93ebf95000 /usr/lib/x86_64-linux-gnu/libc.so.6
0x7f93ebf95000-0x7f93ebfa2000
0x7f93ebfa2000-0x7f93ebfa5000 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1
0x7f93ebfa5000-0x7f93ebfbc000 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1
0x7f93ebfbc000-0x7f93ebfc0000 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1
0x7f93ebfc0000-0x7f93ebfc1000 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1
0x7f93ebfc1000-0x7f93ebfc2000 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1
0x7f93ebfc2000-0x7f93ebfd2000 /usr/lib/x86_64-linux-gnu/libm.so.6
0x7f93ebfd2000-0x7f93ec045000 /usr/lib/x86_64-linux-gnu/libm.so.6
0x7f93ec045000-0x7f93ec09f000 /usr/lib/x86_64-linux-gnu/libm.so.6
0x7f93ec09f000-0x7f93ec0a0000 /usr/lib/x86_64-linux-gnu/libm.so.6
0x7f93ec0a0000-0x7f93ec0a1000 /usr/lib/x86_64-linux-gnu/libm.so.6
0x7f93ec0a1000-0x7f93ec0a8000
0x7f93ec0a8000-0x7f93ec0a9000 /usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
0x7f93ec0a9000-0x7f93ec0ce000 /usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
0x7f93ec0ce000-0x7f93ec0d8000 /usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
0x7f93ec0d8000-0x7f93ec0da000 /usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
0x7f93ec0da000-0x7f93ec0dc000 /usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
0x7ffc351dd000-0x7ffc351fe000 [stack]
0x7ffc352f2000-0x7ffc352f6000 [vvar]
0x7ffc352f6000-0x7ffc352f8000 [vdso]
0xffffffffff600000-0xffffffffff601000 [vsyscall]
==4516==End of process memory map.
>>>> Crashed with exit code 1 after 6 executions
FATAL: Code 0x620a33be2410 is out of application range. Non-PIE build?
FATAL: MemorySanitizer can not mmap the shadow memory.
FATAL: Make sure to compile with -fPIE and to link with -pie.
FATAL: Disabling ASLR is known to cause this error.
FATAL: If running under GDB, try 'set disable-randomization off'.
==4520==Process memory map follows:
0x620a33b98000-0x620a33bb9000 /a.out
0x620a33bb9000-0x620a33c40000 /a.out
0x620a33c40000-0x620a33c6c000 /a.out
0x620a33c6c000-0x620a33c6d000 /a.out
0x620a33c6d000-0x620a33c70000 /a.out
0x620a33c70000-0x620a355c4000
0x72b55c400000-0x72b55c500000
0x72b55c600000-0x72b55c700000
0x72b55c800000-0x72b55c900000
0x72b55ca00000-0x72b55cb00000
0x72b55cb6a000-0x72b55cf0f000
0x72b55cf0f000-0x72b55cf35000 /usr/lib/x86_64-linux-gnu/libc.so.6
0x72b55cf35000-0x72b55d08a000 /usr/lib/x86_64-linux-gnu/libc.so.6
0x72b55d08a000-0x72b55d0dd000 /usr/lib/x86_64-linux-gnu/libc.so.6
0x72b55d0dd000-0x72b55d0e1000 /usr/lib/x86_64-linux-gnu/libc.so.6
0x72b55d0e1000-0x72b55d0e3000 /usr/lib/x86_64-linux-gnu/libc.so.6
0x72b55d0e3000-0x72b55d0f0000
0x72b55d0f0000-0x72b55d0f3000 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1
0x72b55d0f3000-0x72b55d10a000 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1
0x72b55d10a000-0x72b55d10e000 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1
0x72b55d10e000-0x72b55d10f000 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1
0x72b55d10f000-0x72b55d110000 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1
0x72b55d110000-0x72b55d120000 /usr/lib/x86_64-linux-gnu/libm.so.6
0x72b55d120000-0x72b55d193000 /usr/lib/x86_64-linux-gnu/libm.so.6
0x72b55d193000-0x72b55d1ed000 /usr/lib/x86_64-linux-gnu/libm.so.6
0x72b55d1ed000-0x72b55d1ee000 /usr/lib/x86_64-linux-gnu/libm.so.6
0x72b55d1ee000-0x72b55d1ef000 /usr/lib/x86_64-linux-gnu/libm.so.6
0x72b55d1ef000-0x72b55d1f6000
0x72b55d1f6000-0x72b55d1f7000 /usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
0x72b55d1f7000-0x72b55d21c000 /usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
0x72b55d21c000-0x72b55d226000 /usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
0x72b55d226000-0x72b55d228000 /usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
0x72b55d228000-0x72b55d22a000 /usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
0x7ffe55fa5000-0x7ffe55fc6000 [stack]
0x7ffe55fec000-0x7ffe55ff0000 [vvar]
0x7ffe55ff0000-0x7ffe55ff2000 [vdso]
0xffffffffff600000-0xffffffffff601000 [vsyscall]
==4520==End of process memory map.
>>>> Crashed with exit code 1 after 10 executions
Segmentation fault (core dumped)
>>>> Crashed with exit code 139 SIGSEGV after 12 executions
Segmentation fault (core dumped)
>>>> Crashed with exit code 139 SIGSEGV after 14 executions
Segmentation fault (core dumped)
>>>> Crashed with exit code 139 SIGSEGV after 16 executions
Segmentation fault (core dumped)
>>>> Crashed with exit code 139 SIGSEGV after 18 executions
FATAL: Code 0x61ebf49bc410 is out of application range. Non-PIE build?
FATAL: MemorySanitizer can not mmap the shadow memory.
FATAL: Make sure to compile with -fPIE and to link with -pie.
FATAL: Disabling ASLR is known to cause this error.
FATAL: If running under GDB, try 'set disable-randomization off'.
==4530==Process memory map follows:
0x61ebf4972000-0x61ebf4993000 /a.out
0x61ebf4993000-0x61ebf4a1a000 /a.out
0x61ebf4a1a000-0x61ebf4a46000 /a.out
0x61ebf4a46000-0x61ebf4a47000 /a.out
0x61ebf4a47000-0x61ebf4a4a000 /a.out
0x61ebf4a4a000-0x61ebf639e000
0x7d9a31f00000-0x7d9a32000000
0x7d9a32100000-0x7d9a32200000
0x7d9a32300000-0x7d9a32400000
0x7d9a32500000-0x7d9a32600000
0x7d9a326d7000-0x7d9a32a7c000
0x7d9a32a7c000-0x7d9a32aa2000 /usr/lib/x86_64-linux-gnu/libc.so.6
0x7d9a32aa2000-0x7d9a32bf7000 /usr/lib/x86_64-linux-gnu/libc.so.6
0x7d9a32bf7000-0x7d9a32c4a000 /usr/lib/x86_64-linux-gnu/libc.so.6
0x7d9a32c4a000-0x7d9a32c4e000 /usr/lib/x86_64-linux-gnu/libc.so.6
0x7d9a32c4e000-0x7d9a32c50000 /usr/lib/x86_64-linux-gnu/libc.so.6
0x7d9a32c50000-0x7d9a32c5d000
0x7d9a32c5d000-0x7d9a32c60000 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1
0x7d9a32c60000-0x7d9a32c77000 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1
0x7d9a32c77000-0x7d9a32c7b000 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1
0x7d9a32c7b000-0x7d9a32c7c000 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1
0x7d9a32c7c000-0x7d9a32c7d000 /usr/lib/x86_64-linux-gnu/libgcc_s.so.1
0x7d9a32c7d000-0x7d9a32c8d000 /usr/lib/x86_64-linux-gnu/libm.so.6
0x7d9a32c8d000-0x7d9a32d00000 /usr/lib/x86_64-linux-gnu/libm.so.6
0x7d9a32d00000-0x7d9a32d5a000 /usr/lib/x86_64-linux-gnu/libm.so.6
0x7d9a32d5a000-0x7d9a32d5b000 /usr/lib/x86_64-linux-gnu/libm.so.6
0x7d9a32d5b000-0x7d9a32d5c000 /usr/lib/x86_64-linux-gnu/libm.so.6
0x7d9a32d5c000-0x7d9a32d63000
0x7d9a32d63000-0x7d9a32d64000 /usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
0x7d9a32d64000-0x7d9a32d89000 /usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
0x7d9a32d89000-0x7d9a32d93000 /usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
0x7d9a32d93000-0x7d9a32d95000 /usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
0x7d9a32d95000-0x7d9a32d97000 /usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
0x7ffef7fee000-0x7ffef800f000 [stack]
0x7ffef8045000-0x7ffef8049000 [vvar]
0x7ffef8049000-0x7ffef804b000 [vdso]
0xffffffffff600000-0xffffffffff601000 [vsyscall]
==4530==End of process memory map.
>>>> Crashed with exit code 1 after 20 executions
Segmentation fault (core dumped)
>>>> Crashed with exit code 139 SIGSEGV after 21 executions
Segmentation fault (core dumped)
>>>> Crashed with exit code 139 SIGSEGV after 22 executions
```
[...etc...]
</details>
I did try explicitly adding `-fPIE -Wl,-pie` but it did not make a difference.
</pre>
<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJzsm0tzu7Yaxj-NstHYA-JmFlkkvvzraZrkJE7bczYdIQlbDQYPiFz66c9I2CARg8PE7WTRjMex0PP-ELwC3gdsXBR8nTJ2Cbxr4M0ucCk2WX5ZCPbC0lf6chFl9P1yCbdlIWDEIM14uoZFtmViIz-95lm6hhEjuCwYXEKC0zQTcM0ExJTmrChggVMu-F8sh1kOt2yb5e_aMpHB1yx_hq9cbLJSwBynNNsm75DkuFCryFKI4ZanfIsTOIW7PFvneAvQFMoxVt1xzooN5GkhcJLAF47hLCPPLB8DawasKzUugAIB-Ravecqg2PACypFGTK4jZ7ssF4zCqBTwnQnYRMQ8pRCn7-IwGBm65-7fkQMf2C7PjIW-Vb2KTa0CyAZoURY5QIuIpwAtWPoCD4KCCThipQ6haiNgXqZwNOKpYDkmgr8wSFnEcQqLDQTOVL5QML9bABTo0QaQvckthLP59fLq9o_Fw93tan47A84szVKNXInxToxkCssdxYJBgHyAfHhYetjNo3dIEpyu9XUysskgQAFPBdxiuY0TgEIIgmsQzAAKIHDmcvmY6FFxlmtTgqf13KmmC3CuIa33bgicOUA-gvt1IWO3O7OjL7hihZAJHMWHFckO5Dar7Qo9pK9eT6i2uk1COgwgBEdr-HFLgRVy4MysuvW64QmDIi9ZeysrJUCu2ocTgFwO0LUNUChfmmwM0AKP5cGzTxQj-0BnAUEwBcFUX2SsIYbAu4YAuYzAUcqgBYE3kyMRG5bqSrnZuGB7KTf6oK3GBHkaZ8CZPS5__PR0DyGEwLmWL12q_mzHMvXL21W_3jb1_3larnr1qMW_uennO6Z-9XB136t3Tf3V9UP_eDxTf_302D8e39Qv7uf9-sDU_1xtcLd-YuqfHh_sXn0rv4_zH7_26V3rAx_16lv5vV-qDe7Wt_J7dfPwS6--nd_5CX0rv4-rnxc3qx59K7_Tn25mvfxWfqd3t73zxw3a47nrnZ9uK7-rx1W_vpXf1Wp526f3rLb-7qlX38rv08OP3vnstfL7-_S-n9_K7--Lx__16lv5_XWlZlC3vpXf-4e7RS-_ld_flrfTn_r0rfwu72D__mnl9_63h359-_j9b-_5B6ArTd8hYwUmrStE68p8qEacef2CU1nWMarqPcjeuIAko0xVBurKIi9zaayu6zgW8rKMXA7ZGyOl4FlamIUXag-guphxOEoE9NTF7HAFjHKGn3V5zOsWzVJ2qLgOn6p3WVUdq-r0hauNrItVpbbDuYA8hlkMSVbmBYPZTg4bJ7JelcXlEpYFo5ALWfm-sJzH71BssJBLXnFVk_4pi-3t-6HQMotNZ0qZwDwp5A49LCrK7RbLQmkOnOnGBs78rhS7UqjScKEWVB81Yc9mDSqiDrXaifpJvT-y9ZalAst9AmNcJrJmmZAsZ5CW2x2jWmnzyakjL07wcEmqpozdNV_-wTE432AM7jcYw-QbjMHunBDHDmfgXY_HYybIeDyWxfC5jpO99f0-h4nXm5rF1erqBjhXcCqjrTcf2TQK6SR2bQvyAkq_kcUQ73YJJ9VIc5yu2RjeZunofjmHUckTWhuOmveL2g-Pte8iOFVnve0W76TtgMUG0-x17_3G7Wj8zGBR5kyeP0m23Un7pDZ1FMuV4pTKnoSnz_vFO87akBkvcJTIDF093jzIrXlOs9dUIdWNDHV7gOV5lrdDl7G046mMLVPKcvhjdi3P7UKmFgXSc1NFZ6PqVgb_q9o5WRwDFIz1meN6tl99us8z0vhdKPdEnCVJ9loAp3GOdRJcz7KsUd30fcuy5EVt7wM_BihFE8DoqQClqAOYHZ4IqBRaAD4ZgM2AU0OqFIeAKAjsfUAjDOLQYZFjWZWwarqqeUzomUK_UxiYwkmnMDSFuFOIbaILKenamKqnEbKg3k3VfaSERwAt3ib-H747Snhavo3WaVl1kHGRjf2PTAWpmbFDvs6sIA1zEp-BqSANM3TOwFQQjemdg-kZTIw6kln1aMIhK18T8kchB2Af4ZoDiIYktI8bmUkl1pm4xDK59rm4tslF5-KaeaNDuNuOSUN1JrHcIXPhOHMPaZjhkIOwixnGBhMPmQNdTGyZzCH572TaJnNy_CDc92jC8NMrp_vm28Qf-a4cBzqCDw08YefFK16Dp5Pz4qm5cyg-Mx6b-M-fqE7hY-J4NqUHvGrGh33vXRcCk2etmq9jUIz0GBT7dczLC86Ph_hmyKQJoUVmhsT1n38oDvRFdhNavBcEJ0kT3qoR5ymVBffuQ6k4HmwF9gbAH2gALOw4EUP_GoDzGQBkDTUAKgnh5FALq2bUV543ijqAuNaJgErRBPjkVIBPzIC-er5RNAHBySEF-pA8Tw2xdYZH0X55dXyqpnesClc9vikMOoUTUxh2CrEpjDqFkY91YWzFHcKqpxE6XytYNciBSa3J58_yXcw9pGFSegZmfT6vmmxIndDFZLbJ_Jqp0CANM-7I-r5HEw5Z-fECVQPVXNsaktAebgXSuJ8vZk5wmckdUqj2cmODa3_dsGighou-VgRrkIY5yN12MUNzHrAhB2EXk1GTOWQOdDLN_LOvGRUN0jDrQu6DsC7f9s3P31I5UYRqvBqP7LPVuBqvwSP_vHjkm_iz-QuNp-HP5y9i5nnajRDVJP4JAyBFjBgx9cm7wwDUGi0E_a0G4FAjnt8A2NZ3eDqDvsMgvsOzMrvfkP1Dg-h_YvfBFdosit0wIv-6wvO5QmeoK6ySEOxvZeybWkXxwVFpijoA9z200RRNgNvz4ElTaAHByYDADDg5JFcfku-E7ONln4bYsePamsmmKr6OCpFtClGn0DGFRx80qR7PFB590FT10EAX4oB0CKueRoiH3JH-6GI0SM2MBtRFncwoNjaIuF9zmhpEYw4pSDuZzGB6Qwr8LqZnmUzakcyqpxH6X3ctGqjhBkMS2scNzKQG0bm4kcn9-mMsDaRxh7iiXq6Zt8nX3JYGqZnU-prT1CAN0xtyEHYxPWwyh8yBTmZkMofkv5Np5J76TsdBWPVoQvdczkTjNfjJ2Z46abwGP-BmwqfwoblzBjw1_xzeM_Fnc-RxzOIgru82yObEqu82dbrCeKI9Sq2a4QlXeNBoIdHf6gqdv80Vou_gCtF3-BIn6rSmn__ioPra7Yev7Kr3JaScKovA3qRd4iJ5h5hS6SKAb1XOZfRbAtBU2hXgW-orxFyoOGWOpO3BkPI4ZjlLycHSXNBLh4ZOiC_YpR1YQeBMgsC_2FzaFottFPnU9YKAEodMkI2jgDgEO84Exxf8ElnItZCNbNtDnj92ImaFPrIimzghJQ5wLbbFPBknyct2nOXrC14UJbuc2G5gXSQ4Ykmhfk2IUPXrMISAN7vIL6V-FJXrArhWwgtRNATBRcIuVVqqpFS_sKp_TlXI5GYpnKmfvQEUXpR5crkRYqeMEFoAtFhzsSmjMcm28ryQvBz-jXZ59icjAqCFGmgB0EKN9f8BAAD__4DDyQM">