[Bug c/93593] New: gcc9: SIGSEGV on pointer to array of string literals
matija.glavinic-pecotic.ext at nokia dot com
gcc-bugzilla@gcc.gnu.org
Wed Feb 5 10:25:00 GMT 2020
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93593
Bug ID: 93593
Summary: gcc9: SIGSEGV on pointer to array of string literals
Product: gcc
Version: unknown
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: matija.glavinic-pecotic.ext at nokia dot com
Target Milestone: ---
Created attachment 47782
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=47782&action=edit
.i
Hello,
problem with attached source code snippet (failing-code.c) is originally
observed with gcc 9.1. Code either crashes with SIGSEGV, or displays garbage.
It happens on multiple architectures, x86, arm32, arm64. Looking into
dissasembly, pattern is same on all observed archs. In faulty case, code tries
to get literals from stack, while in OK case (e.g. gcc8), literals are fetched
straight from .rodata. In faulty case, seems that stack is not initialized with
location of literals.
Problem is reproduced with latest master of gcc
(https://github.com/gcc-mirror/gcc). Bisecting it pointed to this one:
commit b33a0cb323fa000f8fe50b8ad844fda2bda47c1d
Author: Jakub Jelinek <jakub@redhat.com>
Date: Wed Apr 25 12:02:24 2018 +0200
re PR sanitizer/84307 (asan blocks dead-store elimination)
PR sanitizer/84307
* c-decl.c (build_compound_literal): Call pushdecl (decl) even when
it is not TREE_STATIC.
* c-typeck.c (c_mark_addressable) <case COMPOUND_LITERAL_EXPR>: Mark
not just the COMPOUND_LITERAL_EXPR node itself addressable, but also
its COMPOUND_LITERAL_EXPR_DECL.
From-SVN: r259641
Testcase/failing-code is simplified snippet from systemd v239. Originally,
systemd crashes with SIGSEGV in mount_cgroup_controllers
(https://github.com/systemd/systemd/blob/v239/src/core/mount-setup.c#L249)
Below are failing code sample, and output from invocation, while preprocessed
file is attached.
gcc was invoked with:
/home/glavinic/lvol1/gcc-build/bin/gcc -v -O2 -g failing-code.c -o main
--save-temps
Could you please have a look at this problem?
Thanks,
Matija
/// failing-code.c
#include <stdio.h>
int main(int argc, char **argv)
{
char ***j;
if (argc == 1) {
j = (char **[]) {
(char **) (const char*[]) { "0123", "4567", NULL },
(char **) (const char*[]) { "ABCD", "EFGH", NULL },
NULL,
};
} else {
return 2;
}
printf("%s\n", j[0][0]);
printf("%s\n", j[0][1]);
printf("%s\n", j[1][0]);
printf("%s\n", j[1][1]);
return 0;
}
//// gcc output
[gcc-failure]$ /home/glavinic/lvol1/gcc-build/bin/gcc -v -O2 -g failing-code.c
-o main --save-temps
Using built-in specs.
COLLECT_GCC=/home/glavinic/lvol1/gcc-build/bin/gcc
COLLECT_LTO_WRAPPER=/var/fpwork/glavinic/gcc-build/bin/../libexec/gcc/x86_64-pc-linux-gnu/9.0.0/lto-wrapper
Target: x86_64-pc-linux-gnu
Configured with: /home/glavinic/lvol1/gcc/configure
--prefix=/home/glavinic/lvol1/gcc-build --enable-languages=c
Thread model: posix
gcc version 9.0.0 20180425 (experimental) (GCC)
COLLECT_GCC_OPTIONS='-v' '-O2' '-g' '-o' 'main' '-save-temps' '-mtune=generic'
'-march=x86-64'
/var/fpwork/glavinic/gcc-build/bin/../libexec/gcc/x86_64-pc-linux-gnu/9.0.0/cc1
-E -quiet -v -iprefix
/var/fpwork/glavinic/gcc-build/bin/../lib/gcc/x86_64-pc-linux-gnu/9.0.0/
failing-code.c -mtune=generic -march=x86-64 -g -fworking-directory -O2
-fpch-preprocess -o failing-code.i
ignoring nonexistent directory
"/var/fpwork/glavinic/gcc-build/bin/../lib/gcc/x86_64-pc-linux-gnu/9.0.0/../../../../x86_64-pc-linux-gnu/include"
ignoring duplicate directory
"/var/fpwork/glavinic/gcc-build/bin/../lib/gcc/../../lib/gcc/x86_64-pc-linux-gnu/9.0.0/include"
ignoring duplicate directory
"/var/fpwork/glavinic/gcc-build/bin/../lib/gcc/../../lib/gcc/x86_64-pc-linux-gnu/9.0.0/include-fixed"
ignoring nonexistent directory
"/var/fpwork/glavinic/gcc-build/bin/../lib/gcc/../../lib/gcc/x86_64-pc-linux-gnu/9.0.0/../../../../x86_64-pc-linux-gnu/include"
#include "..." search starts here:
#include <...> search starts here:
/var/fpwork/glavinic/gcc-build/bin/../lib/gcc/x86_64-pc-linux-gnu/9.0.0/include
/var/fpwork/glavinic/gcc-build/bin/../lib/gcc/x86_64-pc-linux-gnu/9.0.0/include-fixed
/usr/local/include
/var/fpwork/glavinic/gcc-build/bin/../lib/gcc/../../include
/usr/include
End of search list.
COLLECT_GCC_OPTIONS='-v' '-O2' '-g' '-o' 'main' '-save-temps' '-mtune=generic'
'-march=x86-64'
/var/fpwork/glavinic/gcc-build/bin/../libexec/gcc/x86_64-pc-linux-gnu/9.0.0/cc1
-fpreprocessed failing-code.i -quiet -dumpbase failing-code.c -mtune=generic
-march=x86-64 -auxbase failing-code -g -O2 -version -o failing-code.s
GNU C17 (GCC) version 9.0.0 20180425 (experimental) (x86_64-pc-linux-gnu)
compiled by GNU C version 9.0.0 20180425 (experimental), GMP version
6.1.0, MPFR version 3.1.4, MPC version 1.0.3, isl version isl-0.18-GMP
GGC heuristics: --param ggc-min-expand=30 --param ggc-min-heapsize=4096
GNU C17 (GCC) version 9.0.0 20180425 (experimental) (x86_64-pc-linux-gnu)
compiled by GNU C version 9.0.0 20180425 (experimental), GMP version
6.1.0, MPFR version 3.1.4, MPC version 1.0.3, isl version isl-0.18-GMP
GGC heuristics: --param ggc-min-expand=30 --param ggc-min-heapsize=4096
Compiler executable checksum: f5992b9ed4f36e67ee4079c55c628c89
COLLECT_GCC_OPTIONS='-v' '-O2' '-g' '-o' 'main' '-save-temps' '-mtune=generic'
'-march=x86-64'
as -v --64 -o failing-code.o failing-code.s
GNU assembler version 2.20.51.0.2 (x86_64-redhat-linux) using BFD version
version 2.20.51.0.2-5.48.el6_10.1 20100205
COMPILER_PATH=/var/fpwork/glavinic/gcc-build/bin/../libexec/gcc/x86_64-pc-linux-gnu/9.0.0/:/var/fpwork/glavinic/gcc-build/bin/../libexec/gcc/
LIBRARY_PATH=/var/fpwork/glavinic/gcc-build/bin/../lib/gcc/x86_64-pc-linux-gnu/9.0.0/:/var/fpwork/glavinic/gcc-build/bin/../lib/gcc/:/var/fpwork/glavinic/gcc-build/bin/../lib/gcc/x86_64-pc-linux-gnu/9.0.0/../../../../lib64/:/lib/../lib64/:/usr/lib/../lib64/:/var/fpwork/glavinic/gcc-build/bin/../lib/gcc/x86_64-pc-linux-gnu/9.0.0/../../../:/lib/:/usr/lib/
COLLECT_GCC_OPTIONS='-v' '-O2' '-g' '-o' 'main' '-save-temps' '-mtune=generic'
'-march=x86-64'
/var/fpwork/glavinic/gcc-build/bin/../libexec/gcc/x86_64-pc-linux-gnu/9.0.0/collect2
--eh-frame-hdr -m elf_x86_64 -dynamic-linker /lib64/ld-linux-x86-64.so.2 -o
main /usr/lib/../lib64/crt1.o /usr/lib/../lib64/crti.o
/var/fpwork/glavinic/gcc-build/bin/../lib/gcc/x86_64-pc-linux-gnu/9.0.0/crtbegin.o
-L/var/fpwork/glavinic/gcc-build/bin/../lib/gcc/x86_64-pc-linux-gnu/9.0.0
-L/var/fpwork/glavinic/gcc-build/bin/../lib/gcc
-L/var/fpwork/glavinic/gcc-build/bin/../lib/gcc/x86_64-pc-linux-gnu/9.0.0/../../../../lib64
-L/lib/../lib64 -L/usr/lib/../lib64
-L/var/fpwork/glavinic/gcc-build/bin/../lib/gcc/x86_64-pc-linux-gnu/9.0.0/../../..
failing-code.o -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed
-lgcc_s --no-as-needed
/var/fpwork/glavinic/gcc-build/bin/../lib/gcc/x86_64-pc-linux-gnu/9.0.0/crtend.o
/usr/lib/../lib64/crtn.o
COLLECT_GCC_OPTIONS='-v' '-O2' '-g' '-o' 'main' '-save-temps' '-mtune=generic'
'-march=x86-64'
More information about the Gcc-bugs
mailing list