[Bug sanitizer/123874] Incorrect interception of deprecated symbols causes crash under sanitizers

Thu, 29 Jan 2026 03:56:15 -0800 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=123874

--- Comment #2 from Kirill Elagin <kirelagin at gmail dot com> ---
For completeness, here is a reproducer using one of the xdr functions (requires
libtirpc installed) instead of `crypt_r`, so that it works on GCC 15 (and
should work on HEAD):

```c
// plugin.c

#include <rpc/xdr.h>
#include <stdio.h>

void foo() {
  XDR xdrs;
  xdrstdio_create(&xdrs, stdin, XDR_ENCODE);
  xdr_destroy(&xdrs);
  printf("OK\n");
}
```

```c
// main.c

#include <assert.h>
#include <dlfcn.h>

typedef void*(*foo_t)();

int main() {
  void *handle = dlopen("./plugin.so", RTLD_LAZY);
  assert(handle);
  void *foo = dlsym(handle, "foo");
  assert(foo);
  ((foo_t)foo)();
  return 0;
}
```

```shell_session
$ gcc -ltirpc -fpic -shared plugin.c -o plugin.so
$ gcc -fsanitize=address main.c -o main
$ ./main
AddressSanitizer:DEADLYSIGNAL
=================================================================
==20335==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc
0x000000000000 bp 0x7ffec777c210 sp 0x7ffec777b9d8 T0)
==20335==Hint: pc points to the zero page.
==20335==The signal is caused by a READ memory access.
==20335==Hint: address points to the zero page.
    #0 0x000000000000  (<unknown module>)
    #1 0x7efc2367b13e in foo (plugin.so+0x113e)
    #2 0x5610d930a24a in main (/tmp/main+0x124a)
    #3 0x7efc2342a4d7 in __libc_start_call_main
(/nix/store/<hash>-glibc-2.40-66/lib/libc.so.6+0x2a4d7) (BuildId: <hash>)
    #4 0x7efc2342a59a in __libc_start_main_alias_1
(/nix/store/<hash>-glibc-2.40-66/lib/libc.so.6+0x2a59a) (BuildId: <hash>)
    #5 0x5610d930a0e4 in _start (/tmp/main+0x10e4)

==20335==Register values:
rax = 0x0000000000000001  rbx = 0x00007ffec777c220  rcx = 0x00007efc235fa8e0 
rdx = 0x0000000000000000  
rdi = 0x00007ffec777c220  rsi = 0x00007efc235fa8e0  rbp = 0x00007ffec777c210 
rsp = 0x00007ffec777b9d8  
 r8 = 0x0000000000000000   r9 = 0x0000000000000000  r10 = 0x0000000000000000 
r11 = 0x00007efc238592a1  
r12 = 0x0000000000000001  r13 = 0x0000000000000000  r14 = 0x00007efc23f4c000 
r15 = 0x00005610d930cd80  
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (<unknown module>) 
==20335==ABORTING
```

Reply via email to