https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105107
Bug ID: 105107
Summary: false positive stack-buffer-overflow in ASAN
Product: gcc
Version: 12.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: shaohua.li at inf dot ethz.ch
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at
gcc dot gnu.org
Target Milestone: ---
Hi,
For the following code, ASAN in gcc-O0 since 9.0 reported a
"stack-buffer-overflow", which it shouldn't.
$cat a.c
#define c(d, j) d = 5;
h=1;
*a=&h;
**b = &a;
int e;
fn1() {
int e=0;
int **f = &a;
*f = &e;
}
i() {
int g[9];
c(**b, )
}
main() {
fn1();
i();
}
$
$gcc -fsanitize=address -O0 a.c;./a.out
==1==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffef6656070
at pc 0x000000401390 bp 0x7ffef6656000 sp 0x7ffef6655ff8
WRITE of size 4 at 0x7ffef6656070 thread T0
#0 0x40138f in i /app/example.c:13
#1 0x4013e8 in main /app/example.c:17
#2 0x7f5a7f21c0b2 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x240b2)
#3 0x4010ed in _start (/app/output.s+0x4010ed)
