Ubuntu
gcc-10 package

fix amd build issue on the newer kernel with higher entropy

Bug #2107313 reported by gerald.yang on 2025-04-14

This bug affects 1 person

	Status	Importance	Assigned to
gcc-10 (Ubuntu)	Fix Released	Medium	gerald.yang
Focal	Fix Released	Medium	gerald.yang
Jammy	Fix Released	Medium	gerald.yang
Noble	In Progress	Undecided	Unassigned
gcc-11 (Ubuntu)	Status tracked in Resolute
Jammy	Fix Released	Medium	gerald.yang
Noble	Fix Released	Undecided	Unassigned
Questing	Fix Released	Undecided	Unassigned
Resolute	Fix Released	Medium	gerald.yang
gcc-12 (Ubuntu)	Status tracked in Resolute
Jammy	Fix Released	Medium	gerald.yang
Noble	Fix Released	Undecided	Unassigned
Questing	Fix Released	Undecided	Unassigned
Resolute	Fix Released	Medium	gerald.yang
gcc-9 (Ubuntu)	New	Undecided	Unassigned
Jammy	In Progress	Undecided	Unassigned
Noble	In Progress	Undecided	Unassigned

Bug Description

[ Impact ]

Our launchpad builder has been updated to Noble and with this kernel SRU:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1983357

vm.mmap_rnd_bits has been changed from 28 to 32

This leads to gcc build failed because some build logs are filled with the following message
and run out of all disk space on the builder:
AddressSanitizer:DEADLYSIGNAL

grep -c "^AddressSanitizer:DEADLYSIGNAL$" /home/buildd/build-PACKAGEBUILD-30215080/chroot-autobuild/build/gcc-10-HrYDNt/gcc-10-10.5.0/build/gcc/testsuite/gcc/gcc.log
599050838

llvm also hit the same issue and has been fixed by:
https://github.com/llvm/llvm-project/commit/fb77ca05ffb4f8e666878f2f6718a9fb4d686839

The root cause is when vm.mmap_rnd_bits is set to a higher value, it will frequently conflict
with asan's allocator on amd64, so the asan's allocator base address needs to be moved to
another location that won't have the conflict, please see the above commit for more details.

gcc-13 already has this patch, but gcc-10/11/12 don't, we need to patch them as well.

[ Test Plan ]

This can be easily reproduced by
1. download source, e.g. apt source gcc-10
2. no need to change any code, just add a test version in debian/changelog and dput to a PPA, the build will fail.

With this patch, build should succeed.

[ Where problems could occur ]

This patch moves the asan allocator's base address from 0x600000000000ULL to 0x500000000000ULL,
so it won't conflict with PIE program segment, it shouldn't cause any issue.
In case if something goes wrong, the build should fail again.

[ Other Info ]
The previous SRU to fix the same issue on gcc-12/13 on noble:
https://bugs.launchpad.net/ubuntu/+source/llvm-toolchain-14/+bug/2048768

Tags:

Related branches

~vpa1977/ubuntu/+source/gcc-10:noble

Ready for review for merging into ubuntu/+source/gcc-10:ubuntu/noble-devel

git-ubuntu import: Pending requested 2025-12-19

~vpa1977/ubuntu/+source/gcc-9:jammy

Ready for review for merging into ubuntu/+source/gcc-9:ubuntu/jammy-devel

git-ubuntu import: Pending requested 2025-12-19

~vpa1977/ubuntu/+source/gcc-9:noble

On hold for merging into ubuntu/+source/gcc-9:ubuntu/noble-devel

git-ubuntu import: Pending requested 2025-12-19

CVE References

2023-4039

gerald.yang (gerald-yang-tw) on 2025-04-14

Changed in gcc-10 (Ubuntu):
status:	New → In Progress
assignee:	nobody → gerald.yang (gerald-yang-tw)
Changed in gcc-10 (Ubuntu Focal):
status:	New → In Progress
Changed in gcc-10 (Ubuntu Jammy):
status:	New → In Progress
Changed in gcc-10 (Ubuntu Focal):
assignee:	nobody → gerald.yang (gerald-yang-tw)
Changed in gcc-10 (Ubuntu Jammy):
assignee:	nobody → gerald.yang (gerald-yang-tw)

gerald.yang (gerald-yang-tw) on 2025-04-14

no longer affects:	gcc-11 (Ubuntu Focal)
no longer affects:	gcc-12 (Ubuntu Focal)
Changed in gcc-11 (Ubuntu):
status:	New → In Progress
Changed in gcc-11 (Ubuntu Jammy):
status:	New → In Progress
Changed in gcc-12 (Ubuntu Jammy):
status:	New → In Progress
assignee:	nobody → gerald.yang (gerald-yang-tw)
Changed in gcc-12 (Ubuntu):
status:	New → In Progress

gerald.yang (gerald-yang-tw) on 2025-04-14

Changed in gcc-11 (Ubuntu):
assignee:	nobody → gerald.yang (gerald-yang-tw)
Changed in gcc-11 (Ubuntu Jammy):
assignee:	nobody → gerald.yang (gerald-yang-tw)
Changed in gcc-12 (Ubuntu):
assignee:	nobody → gerald.yang (gerald-yang-tw)

Revision history for this message

gerald.yang (gerald-yang-tw) wrote on 2025-04-15:

gcc-10-focal.debdiff Edit (2.3 KiB, text/plain)

debdiff for gcc-10 on focal

Revision history for this message

gerald.yang (gerald-yang-tw) wrote on 2025-04-15:

gcc-10-jammy.debdiff Edit (2.3 KiB, text/plain)

debdiff for gcc-10 on jammy

Revision history for this message

gerald.yang (gerald-yang-tw) wrote on 2025-04-15:

gcc-11-jammy.debdiff Edit (2.3 KiB, text/plain)

debdiff for gcc-11 on jammy

Revision history for this message

gerald.yang (gerald-yang-tw) wrote on 2025-04-15:

gcc-12-jammy.debdiff Edit (2.3 KiB, text/plain)

debdiff for gcc-12 on jammy

Revision history for this message

gerald.yang (gerald-yang-tw) wrote on 2025-04-15 (last edit on 2025-04-15):

This SRU fix the build issue on focal and jammy found in:
https://bugs.launchpad.net/bugs/2054343

Changed in gcc-10 (Ubuntu):
importance:	Undecided → Medium
Changed in gcc-10 (Ubuntu Focal):
importance:	Undecided → Medium
Changed in gcc-10 (Ubuntu Jammy):
importance:	Undecided → Medium
Changed in gcc-11 (Ubuntu):
importance:	Undecided → Medium
Changed in gcc-11 (Ubuntu Jammy):
importance:	Undecided → Medium
Changed in gcc-12 (Ubuntu):
importance:	Undecided → Medium
Changed in gcc-12 (Ubuntu Jammy):
importance:	Undecided → Medium

Revision history for this message

Launchpad Janitor (janitor) wrote on 2025-08-19:

This bug was fixed in the package gcc-12 - 12.3.0-1ubuntu1~22.04.2

---------------
gcc-12 (12.3.0-1ubuntu1~22.04.2) jammy-security; urgency=medium

  * SECURITY UPDATE: A missed hardening option in -fstack-protector for AArch64
    can lead to buffer overflows for dynamically allocated local variables
    not being detected. (LP: #2054343)
    - d/p/CVE-2023-4039.diff: Address stack protector and stack clash
      protection weaknesses on AArch64. Taken from the gcc-12 branch.
    - CVE-2023-4039
  * Move allocator base to avoid conflict with high-entropy ASLR for x86-64
    Linux. Patch taken from LLVM. Fixes ftbfs. (LP: #2107313)
    - d/p/lp2107313-asan-allocator-base.diff
  * aarch64: Fix loose ldpstp check. (LP: #2116909)
    - d/p/lp2116909-aarch64-fix-loose-ldpstp-check.diff

-- Gerald Yang <email address hidden> Tue, 15 Jul 2025 03:45:40 +0000

Changed in gcc-12 (Ubuntu Jammy):
status:	In Progress → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2025-08-19:

This bug was fixed in the package gcc-11 - 11.4.0-1ubuntu1~22.04.2

---------------
gcc-11 (11.4.0-1ubuntu1~22.04.2) jammy-security; urgency=medium

-- Gerald Yang <email address hidden> Tue, 22 Apr 2025 03:28:20 +0000

Changed in gcc-11 (Ubuntu Jammy):
status:	In Progress → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2025-08-19:

This bug was fixed in the package gcc-10 - 10.5.0-1ubuntu1~22.04.2

---------------
gcc-10 (10.5.0-1ubuntu1~22.04.2) jammy-security; urgency=medium

-- Gerald Yang <email address hidden> Tue, 22 Apr 2025 02:56:54 +0000

Changed in gcc-10 (Ubuntu Jammy):
status:	In Progress → Fix Released

Revision history for this message

Ubuntu Foundations Team Bug Bot (crichton) wrote on 2025-08-19:

#10

The attachment "gcc-10-focal.debdiff" seems to be a debdiff. The ubuntu-sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. If the attachment isn't a patch, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are member of the ~ubuntu-sponsors, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issue please contact him.]

tags:

added: patch

gerald.yang (gerald-yang-tw) on 2025-08-21

Changed in gcc-10 (Ubuntu Focal):
status:	In Progress → Fix Released
Changed in gcc-10 (Ubuntu):
status:	In Progress → Fix Released
Changed in gcc-11 (Ubuntu):
status:	In Progress → Fix Released
Changed in gcc-12 (Ubuntu):
status:	In Progress → Fix Released

Vladimir Petko (vpa1977) on 2026-01-12

no longer affects:	gcc-10 (Ubuntu Resolute)
no longer affects:	gcc-10 (Ubuntu Questing)
Changed in gcc-11 (Ubuntu Resolute):
status:	Fix Released → New
Changed in gcc-12 (Ubuntu Resolute):
status:	Fix Released → New
no longer affects:	gcc-9 (Ubuntu Questing)
no longer affects:	gcc-9 (Ubuntu Resolute)

Vladimir Petko (vpa1977) on 2026-01-13

Changed in gcc-12 (Ubuntu Noble):
status:	New → Fix Released
Changed in gcc-12 (Ubuntu Questing):
status:	New → Fix Released
Changed in gcc-12 (Ubuntu Resolute):
status:	New → Fix Released
Changed in gcc-11 (Ubuntu Noble):
status:	New → Fix Released
Changed in gcc-11 (Ubuntu Questing):
status:	New → Fix Released
Changed in gcc-11 (Ubuntu Resolute):
status:	New → Fix Released

Vladimir Petko (vpa1977) on 2026-01-13

Changed in gcc-10 (Ubuntu Noble):
status:	New → In Progress
Changed in gcc-9 (Ubuntu Jammy):
status:	New → In Progress
Changed in gcc-9 (Ubuntu Noble):
status:	New → In Progress

Revision history for this message

Skia (skia) wrote on 2026-01-14:

#11

Given that @vpa1977 seems to be on the topic and has upload rights, I'm unsubscribing ~ubuntu-sponsors.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

Add patch

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntugcc-10 package

fix amd build issue on the newer kernel with higher entropy

Bug Description

Related branches

CVE References

Other bug subscribers

Patches

Remote bug watches

Ubuntu
gcc-10 package