[Bug libfortran/81939] valgrind error message in build_float_string and heap-buffer-overflow on address sanitized libgfortran.so

[zeccav at gmail dot com]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81939

--- Comment #4 from Vittorio Zecca <zeccav at gmail dot com> ---
Dominique, this should be the same traceback as yours but with line numbers:

=================================================================
==21064==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x612000000177 at pc 0x2ad13bcaa549 bp 0x7ffeba105280 sp 0x7ffeba105278
WRITE of size 1 at 0x612000000177 thread T0
    #0 0x2ad13bcaa548 in build_float_string
../../../gcc/libgfortran/io/write_float.def:665
    #1 0x2ad13bcafcc6 in get_float_string
../../../gcc/libgfortran/io/write_float.def:1068
    #2 0x2ad13bcbcd9b in write_float_0 ../../../gcc/libgfortran/io/write.c:1596
    #3 0x2ad13bcbcfc3 in _gfortrani_write_f
../../../gcc/libgfortran/io/write.c:1623
    #4 0x2ad13bc73af3 in formatted_transfer_scalar_write
../../../gcc/libgfortran/io/transfer.c:2041
    #5 0x2ad13bc77902 in formatted_transfer
../../../gcc/libgfortran/io/transfer.c:2279
    #6 0x2ad13bc77b86 in _gfortran_transfer_real
../../../gcc/libgfortran/io/transfer.c:2310
    #7 0x2ad13bc77bb4 in _gfortran_transfer_real_write
../../../gcc/libgfortran/io/transfer.c:2316
    #8 0x40094a in MAIN__ (/home/vitti/1tb/vitti/f95/a.out+0x40094a)
    #9 0x400ad5 in main (/home/vitti/1tb/vitti/f95/a.out+0x400ad5)
    #10 0x2ad13e579509 in __libc_start_main (/usr/lib64/libc.so.6+0x20509)
    #11 0x400729 in _start (/home/vitti/1tb/vitti/f95/a.out+0x400729)

0x612000000177 is located 0 bytes to the right of 311-byte region
[0x612000000040,0x612000000177)
allocated by thread T0 here:
    #0 0x2ad13897680a in __interceptor_malloc
../../../../gcc/libsanitizer/asan/asan_malloc_linux.cc:62
    #1 0x2ad13aec9b2b in _gfortrani_xmalloc
../../../gcc/libgfortran/runtime/memory.c:42
    #2 0x2ad13bcbc9f6 in select_string ../../../gcc/libgfortran/io/write.c:1557
    #3 0x2ad13bcbccdf in write_float_0 ../../../gcc/libgfortran/io/write.c:1592
    #4 0x2ad13bcbcfc3 in _gfortrani_write_f
../../../gcc/libgfortran/io/write.c:1623
    #5 0x2ad13bc73af3 in formatted_transfer_scalar_write
../../../gcc/libgfortran/io/transfer.c:2041
    #6 0x2ad13bc77902 in formatted_transfer
../../../gcc/libgfortran/io/transfer.c:2279
    #7 0x2ad13bc77b86 in _gfortran_transfer_real
../../../gcc/libgfortran/io/transfer.c:2310
    #8 0x2ad13bc77bb4 in _gfortran_transfer_real_write
../../../gcc/libgfortran/io/transfer.c:2316
    #9 0x40094a in MAIN__ (/home/vitti/1tb/vitti/f95/a.out+0x40094a)
    #10 0x400ad5 in main (/home/vitti/1tb/vitti/f95/a.out+0x400ad5)
    #11 0x2ad13e579509 in __libc_start_main (/usr/lib64/libc.so.6+0x20509)

SUMMARY: AddressSanitizer: heap-buffer-overflow
../../../gcc/libgfortran/io/write_float.def:665 in build_float_string
Shadow bytes around the buggy address:
  0x0c247fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c247fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c247fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c247fff8000: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
  0x0c247fff8010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c247fff8020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00[07]fa
  0x0c247fff8030: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
  0x0c247fff8040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c247fff8050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fa
  0x0c247fff8060: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c247fff8070: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==21064==ABORTING