Bug 67360 - runtime crash for swprintf function compiled with gcc(4.8.2/4.9) and "-O" option under Ubuntu 4.8.2-19ubuntu1
Summary: runtime crash for swprintf function compiled with gcc(4.8.2/4.9) and "-O" o...
Status: RESOLVED INVALID
Alias: None
Product: gcc
Classification: Unclassified
Component: c (show other bugs)
Version: 4.8.2
: P3 normal
Target Milestone: ---
Assignee: Not yet assigned to anyone
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-08-26 15:26 UTC by zhijian
Modified: 2015-08-26 15:49 UTC (History)
0 users

See Also:
Host:
Target:
Build:
Known to work:
Known to fail:
Last reconfirmed:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description zhijian 2015-08-26 15:26:06 UTC 
I write a simple source code P73246.c as 

#include <wchar.h>
#include <stddef.h>


/*--------------------------------------------------------------------*/
size_t n = 90;


int main(void)
{
        int ret, prec;
        wchar_t s[76];



        if ((ret = swprintf(s,n,L"%.1a\n",-1.000e-27)) < 4) {

        }

/*--------------------------------------------------------------------*/
        return(0);
}


And compile and link it with gcc version 4.8.2 (Ubuntu 4.8.2-19ubuntu1)

 The compile command as

/usr/bin/gcc -std=c99 -m64 -D__64BIT__=1 -O  -mcpu=power8 -fabi-version=4 -std=gnu99 -c P73246.c

Link command as 
 /usr/bin/gcc -std=c99   -lm -o P73246 P73246.o

Last I run the ./P73246 and a crash happened

*** buffer overflow detected ***: ./P73246 terminated
======= Backtrace: =========
/lib/powerpc64le-linux-gnu/libc.so.6(+0x8123c)[0x3fff804a123c]
/lib/powerpc64le-linux-gnu/libc.so.6(__fortify_fail+0x74)[0x3fff80555614]
/lib/powerpc64le-linux-gnu/libc.so.6(__chk_fail+0x20)[0x3fff80553a30]
/lib/powerpc64le-linux-gnu/libc.so.6(__vswprintf_chk+0x130)[0x3fff80557240]
/lib/powerpc64le-linux-gnu/libc.so.6(__swprintf_chk+0x28)[0x3fff805570e8]
./P73246[0x10000724]
/lib/powerpc64le-linux-gnu/libc.so.6(+0x24d00)[0x3fff80444d00]
/lib/powerpc64le-linux-gnu/libc.so.6(__libc_start_main+0xc8)[0x3fff80444ef8]
======= Memory map: ========
10000000-10010000 r-xp 00000000 00:1e 10809300                           /gsa/tlbgsa-h1/00/zhijian/res/200230/P73246.scenario/P73246
10010000-10020000 rw-p 00000000 00:1e 10809300                           /gsa/tlbgsa-h1/00/zhijian/res/200230/P73246.scenario/P73246
3fff80420000-3fff805d0000 r-xp 00000000 fc:02 15076932                   /lib/powerpc64le-linux-gnu/libc-2.19.so
3fff805d0000-3fff805e0000 rw-p 001a0000 fc:02 15076932                   /lib/powerpc64le-linux-gnu/libc-2.19.so
3fff805e0000-3fff80600000 r-xp 00000000 fc:02 15073346                   /lib/powerpc64le-linux-gnu/libgcc_s.so.1
3fff80600000-3fff80610000 rw-p 00010000 fc:02 15073346                   /lib/powerpc64le-linux-gnu/libgcc_s.so.1
3fff80610000-3fff806e0000 r-xp 00000000 fc:02 15076921                   /lib/powerpc64le-linux-gnu/libm-2.19.so
3fff806e0000-3fff806f0000 rw-p 000c0000 fc:02 15076921                   /lib/powerpc64le-linux-gnu/libm-2.19.so
3fff80700000-3fff80720000 rw-p 00000000 00:00 0
3fff80720000-3fff80740000 r-xp 00000000 00:00 0                          [vdso]
3fff80740000-3fff80770000 r-xp 00000000 fc:02 15076942                   /lib/powerpc64le-linux-gnu/ld-2.19.so
3fff80770000-3fff80780000 rw-p 00020000 fc:02 15076942                   /lib/powerpc64le-linux-gnu/ld-2.19.so
3fffc3ad0000-3fffc3b00000 rw-p 00000000 00:00 0                          [stack]
./test: line 41: 160167: Abort


If I do not use option "-O" in the compile stage , There is no crash ,The problem look like to related to compile with option "-O" . 

I try to use the same source code and compile option in the Redhat linux(no matter gcc version 4.8 and 4.9), there is no problem.
Comment 1 Andrew Pinski 2015-08-26 15:43:25 UTC 
90 > 72 and that is what the error message is about.
Comment 2 Andrew Pinski 2015-08-26 15:45:01 UTC 
Oh and Ubuntu turns on fortify by default which is why you seeing the difference between Ubuntu and redhat.
Comment 3 Markus Trippelsdorf 2015-08-26 15:49:05 UTC 
Closing.