tpm2-abrmd crashes on clang systems

[salahcoronya]

On Gentoo linux, on system where all the packages are compiled with clang, tpm2-abrmd will crash after starting.

Here's the stack trace:

GNU gdb (Gentoo 14.1 vanilla) 14.1
Copyright (C) 2023 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-pc-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://bugs.gentoo.org/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/sbin/tpm2-abrmd...
Reading symbols from /usr/lib/debug//usr/sbin/tpm2-abrmd.debug...
[New LWP 18807]
[New LWP 18810]
[New LWP 18806]
[New LWP 18809]
[New LWP 18808]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib64/libthread_db.so.1".
Core was generated by `/usr/sbin/tpm2-abrmd --allow-root'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007f9ca92b66aa in g_output_stream_write (stream=stream@entry=0x5, 
    buffer=buffer@entry=0x7f9ca8c233d0, count=count@entry=12, 
    cancellable=cancellable@entry=0x0, error=error@entry=0x7f9ca8c23358)
    at ../glib-2.78.3/gio/goutputstream.c:216

warning: 216	../glib-2.78.3/gio/goutputstream.c: No such file or directory
[Current thread is 1 (Thread 0x7f9ca8c246c0 (LWP 18807))]
#0  0x00007f9ca92b66aa in g_output_stream_write
    (stream=stream@entry=0x5, buffer=buffer@entry=0x7f9ca8c233d0, count=count@entry=12, cancellable=cancellable@entry=0x0, error=error@entry=0x7f9ca8c23358) at ../glib-2.78.3/gio/goutputstream.c:216
        __inst = 0x5
        __t = 0x7f9ca400b8c0 [GOutputStream]
        __r = <optimized out>
        _g_boolean_var_10 = <optimized out>
        class = <optimized out>
        res = <optimized out>
#1  0x0000559dc0e831f7 in write_all
    (ostream=0x5, buf=buf@entry=0x7f9ca8c233d0 "\200\001", size=size@entry=12) at src/util.c:82
        error = 0x0
        written = <optimized out>
        written_total = 0
#2  0x00007f9ca841f26a in Tss2_Tcti_Device_Init
    (tctiContext=0x7f9ca400b850, size=size@entry=0x7f9ca8c23420, conf=conf@entry=0x7f9ca400a8e0 "/dev/tpm0")
    at /var/tmp/portage/app-crypt/tpm2-tss-4.0.1/work/tpm2-tss-4.0.1/src/tss2-tcti/tcti-device.c:466
        cmd = "\200\001\000\000\000\f\000\000\001{\000\b"
        rsp = '\000' <repeats 19 times>
        fds = {fd = 104, events = 0, revents = 0}
        used_conf = 0x7f9ca400a8e0 "/dev/tpm0"
        tcti_dev = 0x7f9ca400b850
        tcti_common = 0x7f9ca400b850
        nfds = 1
        sz = <optimized out>
        rc_poll = <optimized out>
#3  0x00007f9ca8f99693 in tcti_from_init
    (init=0x7f9ca841eed0 <Tss2_Tcti_Device_Init>, conf=conf@entry=0x7f9ca400a8e0 "/dev/tpm0", tcti=tcti@entry=0x7f9ca8c23558)
    at /var/tmp/portage/app-crypt/tpm2-tss-4.0.1/work/tpm2-tss-4.0.1/src/tss2-tcti/tctildr.c:90
        size = 104
        r = <optimized out>
        old_loglevel = LOGLEVEL_WARNING
#4  0x00007f9ca8f998d0 in tcti_from_info
    (infof=<optimized out>, conf=<optimized out>, 
    conf@entry=0x7f9ca400a8e0 "/dev/tpm0", tcti=<optimized out>, 
    tcti@entry=0x7f9ca8c23558)
    at /var/tmp/portage/app-crypt/tpm2-tss-4.0.1/work/tpm2-tss-4.0.1/src/tss2-tcti/tctildr.c:122
        info = 0x7f9ca8422420 <tss2_tcti_info>
        r = <optimized out>
#5  0x00007f9ca8f9a8ff in tcti_from_file
    (file=0x7f9ca400a8c0 "device", conf=0x7f9ca400a8e0 "/dev/tpm0", tcti=0x7f9ca8c23558, dlhandle=0x7f9ca8c234f8)
    at /var/tmp/portage/app-crypt/tpm2-tss-4.0.1/work/tpm2-tss-4.0.1/src/tss2-tcti/tctildr-dl.c:167
        handle = 0x7f9ca400a950
        r = 0
        infof = 0x0
#6  0x00007f9ca8f9a2df in Tss2_TctiLdr_Initialize_Ex
    (name=name@entry=0x7f9ca400a8c0 "device", conf=conf@entry=0x7f9ca400a8e0 "/dev/tpm0", tctiContext=tctiContext@entry=0x7f9ca8c23558)
    at /var/tmp/portage/app-crypt/tpm2-tss-4.0.1/work/tpm2-tss-4.0.1/src/tss2-tcti/tctildr.c:428
        dl_handle = 0x0
        ldr_ctx = 0x0
        local_name = 0x7f9ca914cd20 <g_once_mutex> ""
        local_conf = 0x0
        rc = <optimized out>
#7  0x00007f9ca8f9a4ef in Tss2_TctiLdr_Initialize
    (nameConf=0x559dc1d4ebf0 "device:/dev/tpm0", tctiContext=tctiContext@entry=0x7f9ca8c23558)
    at /var/tmp/portage/app-crypt/tpm2-tss-4.0.1/work/tpm2-tss-4.0.1/src/tss2-tcti/tctildr.c:488
        name = 0x7f9ca400a8c0 "device"
        conf = 0x7f9ca400a8e0 "/dev/tpm0"
        combined_length = <optimized out>
        rc = 0
#8  0x0000559dc0e74367 in init_thread_func (user_data=0x7ffe3db9c460)
    at src/tabrmd-init.c:173
        tcti_ctx = 0x7f9ca400b850
        data = 0x7ffe3db9c460
        connection_manager = 0x7f9ca4001b40 [ConnectionManager]
        tcti = 0x0
        ret = <optimized out>
        rc = <optimized out>
        command_attrs = <optimized out>
        session_list = <optimized out>
#9  0x00007f9ca911989d in g_thread_proxy (data=0x559dc1d4d8d0)
    at ../glib-2.78.3/glib/gthread.c:831
        thread = 0x559dc1d4d8d0
#10 0x00007f9ca8e36ed3 in ??? () at /usr/lib64/libc.so.6
#11 0x00007f9ca8eb9cac in ??? () at /usr/lib64/libc.so.6

My best guess is both tpm2-tss and tpm2-ambrd define write_all function with different parameters, and the wrong one is being called, causing a crash in GLib. Even compiling just the dependencies of tpm2-abrmd and tpm2-tss isn't enough to trigger though. Only on a system mostly compiled with clang does this appear.

Edit: I was able to replicate it on a gcc system by compiling only clang itself and tpm2-tss (not tpm2-abrmd) with

LDFLAGS="-fuse-ld=lld -rtlib=compiler-rt -unwindlib=libunwind -Wl,--as-needed"