[Bug c/88054] New: Sanitizer triggers on valid code

tydeman at tybor dot com gcc-bugzilla@gcc.gnu.org
Fri Nov 16 06:42:00 GMT 2018 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88054

            Bug ID: 88054
           Summary: Sanitizer triggers on valid code
           Product: gcc
           Version: 8.2.1
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: c
          Assignee: unassigned at gcc dot gnu.org
          Reporter: tydeman at tybor dot com
  Target Milestone: ---

This code gets "caught" at runtime, but I believe that the code is valid.
This is on Intel i5, 32-bit Fedora 29, gcc 8.2.1.

command line flags are: "-fsanitize=undefined -fsanitize=address
-fsanitize=bounds-strict -fstack-protector-all -H -std=gnu17 -O0 -march=native
-mfpmath=387 -mieee-fp -fno-builtin -frounding-math -ffloat-store
-fexcess-precision=standard -fsignaling-nans"

#include <stdio.h>
#include <wchar.h>      /* wchar_t, wcsto*(), swprintf(), swscanf()     */
#include <stddef.h>

static FILE *file = NULL;       /* points to FILE returned by open() */
static char *filename = NULL;   /* points to name of temp file */

typedef struct {
  float str_fpval;              /* FP value returned by wcsto*, and maybe
*wscanf */
  ptrdiff_t str_numread;        /* number of characters accepted by wcsto* */
  int wscan_cnt;                /* # of chars processed by %f */
  int wscan_rc;                 /* return code from wscanf */
  const wchar_t from[20];       /* string to process by *wscanf and wcsto* */
  const wchar_t wscan_str[20-8];        /* string return by wscanf's %ls; this
or next time */
} data;

static data tv[] = {
/*  0*/{ 100.f, (ptrdiff_t)3, 3, 1, L"100", L"" }
  };

int main(void){
  int rc;
  int i = 0;
  { (void)printf("DEBUG 1\n"); fflush(NULL); }
  filename = tmpnam(NULL);      /* create a temporary file */
  { (void)printf("DEBUG 2\n"); fflush(NULL); }
  (void)printf("temp file name=%s\n", filename);
  { (void)printf("DEBUG 3\n"); fflush(NULL); }
  file = fopen(filename,"wb");  /* make sure we can open the file */
  { (void)printf("DEBUG 4\n"); fflush(NULL); }
  file = freopen(NULL, "wb", file);     /* so can write */
  { (void)printf("DEBUG 5\n"); fflush(NULL); }
  { (void)printf("str=%ls\n", tv[i].from); fflush(NULL); }
  { (void)printf("DEBUG 6\n"); fflush(NULL); }
  { (void)printf("file=%p\n", file); fflush(NULL); }
  { (void)printf("DEBUG 7\n"); fflush(NULL); }
  rc = fwprintf( file, L"%ls", tv[i].from ); /* string to process */
  { (void)printf("DEBUG 8\n"); fflush(NULL); }
  return 0;
}

More information about the Gcc-bugs mailing list