This is the mail archive of the gcc-bugs@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug sanitizer/85477] New: IO_old_cookie_seek is called instead of _IO_cookie_seek when compiled with -fsanitize=address

From: "belous.vs at yandex dot ru" <gcc-bugzilla at gcc dot gnu dot org>
To: gcc-bugs at gcc dot gnu dot org
Date: Fri, 20 Apr 2018 08:19:15 +0000
Subject: [Bug sanitizer/85477] New: IO_old_cookie_seek is called instead of _IO_cookie_seek when compiled with -fsanitize=address
Auto-submitted: auto-generated

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85477

            Bug ID: 85477
           Summary: IO_old_cookie_seek is called instead of
                    _IO_cookie_seek when compiled with -fsanitize=address
           Product: gcc
           Version: 7.2.1
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: sanitizer
          Assignee: unassigned at gcc dot gnu.org
          Reporter: belous.vs at yandex dot ru
                CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
                    jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at gcc dot gnu.org
  Target Milestone: ---

Created attachment 43994
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=43994&action=edit
source

# gcc -v -g -Wall -Wextra -Werror -fsanitize=address x.c

`Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/libexec/gcc/i686-redhat-linux/7.2.1/lto-wrapper
Target: i686-redhat-linux
Configured with: ../configure --enable-bootstrap
--enable-languages=c,c++,objc,obj-c++,lto --prefix=/usr --mandir=/usr/share/man
--infodir=/usr/share/info --with-bugurl=http://bugzilla.redhat.com/bugzilla
--enable-shared --enable-threads=posix --enable-checking=release
--enable-multilib --with-system-zlib --enable-__cxa_atexit
--disable-libunwind-exceptions --enable-gnu-unique-object
--enable-linker-build-id --with-linker-hash-style=gnu
--bindir=/usr/lib/gcc/i686-redhat-linux/7.2.1/bin
--localedir=/usr/share/gcc72-7.2.1/locale --enable-plugin
--enable-initfini-array --disable-libgcj --with-isl --enable-libmpx
--enable-gnu-indirect-function --with-tune=generic --with-arch=i686
--build=i686-redhat-linux
Thread model: posix
gcc version 7.2.1 20170829 (Red Hat 7.2.1-1.ac2) (GCC) 
COLLECT_GCC_OPTIONS='-v' '-g' '-Wall' '-Wextra' '-Werror' '-fsanitize=address'
'-mtune=generic' '-march=i686'
 /usr/libexec/gcc/i686-redhat-linux/7.2.1/cc1 -quiet -v x.c -quiet -dumpbase
x.c -mtune=generic -march=i686 -auxbase x -g -Wall -Wextra -Werror -version
-fsanitize=address -o /tmp/ccUnYl25.s
GNU C11 (GCC) version 7.2.1 20170829 (Red Hat 7.2.1-1.ac2) (i686-redhat-linux)
        compiled by GNU C version 7.2.1 20170829 (Red Hat 7.2.1-1.ac2), GMP
version 6.1.2, MPFR version 3.1.5, MPC version 1.0.3, isl version none
GGC heuristics: --param ggc-min-expand=100 --param ggc-min-heapsize=131072
ignoring nonexistent directory
"/usr/lib/gcc/i686-redhat-linux/7.2.1/include-fixed"
ignoring nonexistent directory
"/usr/lib/gcc/i686-redhat-linux/7.2.1/../../../../i686-redhat-linux/include"
#include "..." search starts here:
#include <...> search starts here:
 /usr/lib/gcc/i686-redhat-linux/7.2.1/include
 /usr/local/include
 /usr/include
End of search list.
GNU C11 (GCC) version 7.2.1 20170829 (Red Hat 7.2.1-1.ac2) (i686-redhat-linux)
        compiled by GNU C version 7.2.1 20170829 (Red Hat 7.2.1-1.ac2), GMP
version 6.1.2, MPFR version 3.1.5, MPC version 1.0.3, isl version none
GGC heuristics: --param ggc-min-expand=100 --param ggc-min-heapsize=131072
Compiler executable checksum: 2cc28a180c8eaf4513b3c8e8607ca785
COLLECT_GCC_OPTIONS='-v' '-g' '-Wall' '-Wextra' '-Werror' '-fsanitize=address'
'-mtune=generic' '-march=i686'
 as -v --32 -o /tmp/cc34VkHR.o /tmp/ccUnYl25.s
GNU assembler version 2.25 (i686-redhat-linux) using BFD version version
2.25-5.el6
COMPILER_PATH=/usr/libexec/gcc/i686-redhat-linux/7.2.1/:/usr/libexec/gcc/i686-redhat-linux/7.2.1/:/usr/libexec/gcc/i686-redhat-linux/:/usr/lib/gcc/i686-redhat-linux/7.2.1/:/usr/lib/gcc/i686-redhat-linux/
LIBRARY_PATH=/usr/lib/gcc/i686-redhat-linux/7.2.1/:/usr/lib/gcc/i686-redhat-linux/7.2.1/../../../:/lib/:/usr/lib/
COLLECT_GCC_OPTIONS='-v' '-g' '-Wall' '-Wextra' '-Werror' '-fsanitize=address'
'-mtune=generic' '-march=i686'
 /usr/libexec/gcc/i686-redhat-linux/7.2.1/collect2 -plugin
/usr/libexec/gcc/i686-redhat-linux/7.2.1/liblto_plugin.so
-plugin-opt=/usr/libexec/gcc/i686-redhat-linux/7.2.1/lto-wrapper
-plugin-opt=-fresolution=/tmp/cc8BZlnD.res -plugin-opt=-pass-through=-lgcc
-plugin-opt=-pass-through=-lgcc_s -plugin-opt=-pass-through=-lc
-plugin-opt=-pass-through=-lgcc -plugin-opt=-pass-through=-lgcc_s --build-id
--no-add-needed --eh-frame-hdr --hash-style=gnu -m elf_i386 -dynamic-linker
/lib/ld-linux.so.2 /usr/lib/gcc/i686-redhat-linux/7.2.1/../../../crt1.o
/usr/lib/gcc/i686-redhat-linux/7.2.1/../../../crti.o
/usr/lib/gcc/i686-redhat-linux/7.2.1/crtbegin.o
-L/usr/lib/gcc/i686-redhat-linux/7.2.1
-L/usr/lib/gcc/i686-redhat-linux/7.2.1/../../..
/usr/lib/gcc/i686-redhat-linux/7.2.1/libasan_preinit.o -lasan /tmp/cc34VkHR.o
-lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed -lgcc_s
--no-as-needed /usr/lib/gcc/i686-redhat-linux/7.2.1/crtend.o
/usr/lib/gcc/i686-redhat-linux/7.2.1/../../../crtn.o
COLLECT_GCC_OPTIONS='-v' '-g' '-Wall' '-Wextra' '-Werror' '-fsanitize=address'
'-mtune=generic' '-march=i686'`

#./a.out:

`ASAN:DEADLYSIGNAL
=================================================================
==3549==ERROR: AddressSanitizer: SEGV on unknown address 0x00000004 (pc
0x080488e2 bp 0xbffff54c sp 0xbffff514 T0)
==3549==The signal is caused by a READ memory access.
==3549==Hint: address points to the zero page.
    #0 0x80488e1 in io_seek /builddir/repo/mpopd_parser/tmp/x.c:25
    #1 0xb799865b in _IO_old_cookie_seek (/lib/libc.so.6+0x12565b)
    #2 0xb78df73a in _IO_file_seekoff@@GLIBC_2.1 (/lib/libc.so.6+0x6c73a)
    #3 0xb78d4216 in _IO_cookie_seekoff (/lib/libc.so.6+0x61216)
    #4 0xb78d5ca7 in _IO_seekoff_unlocked (/lib/libc.so.6+0x62ca7)
    #5 0xb78dc9ed in fseeko (/lib/libc.so.6+0x699ed)
    #6 0x8048d8b in main /builddir/repo/mpopd_parser/tmp/x.c:66
    #7 0xb7889d25 in __libc_start_main (/lib/libc.so.6+0x16d25)
    #8 0x80487a0  (/builddir/repo/mpopd_parser/tmp/a.out+0x80487a0)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /builddir/repo/mpopd_parser/tmp/x.c:25 in
io_seek
==3549==ABORTING`

When compiling without `-fsanitize=address`, or using older gcc (4.9.3), all is
ok (in this case `_IO_cookie_seek` is called instead of `IO_old_cookie_seek`).

Follow-Ups:
- [Bug sanitizer/85477] IO_old_cookie_seek is called instead of _IO_cookie_seek when compiled with -fsanitize=address
  - From: marxin at gcc dot gnu.org
- [Bug sanitizer/85477] IO_old_cookie_seek is called instead of _IO_cookie_seek when compiled with -fsanitize=address
  - From: marxin at gcc dot gnu.org

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]