[Bug sanitizer/110157] New: Address sanitizer crashes when accessing variables through procedure callback

Wed, 07 Jun 2023 06:21:10 -0700 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110157

            Bug ID: 110157
           Summary: Address sanitizer crashes when accessing variables
                    through procedure callback
           Product: gcc
           Version: 13.1.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: sanitizer
          Assignee: unassigned at gcc dot gnu.org
          Reporter: bardeau at iram dot fr
                CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
                    jakub at gcc dot gnu.org, kcc at gcc dot gnu.org, marxin at 
gcc dot gnu.org
  Target Milestone: ---

Created attachment 55278
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=55278&action=edit
Main program, library, and Makefile

Hi,

in the gfortran 13.* branch, the attached code crashes as follows. This is a
regression compared to gfortran 12.* releases (and below) which run correctly.

The sample code is simple but needs to be compiled in a library separated from
the main executable (no crash if not). I attach the Makefile which compiles and
links all the parts.

The -fsanitize=address option has to be present (hence my report to the
sanitizer).

In short, the 'gfits_setsort' procedure calls 'quicksort' with a local
(contained) procedure passed as argument. The callback of this procedure by
'quicksort' results in the crash. The main point is that the 'key' variable is
accessed in the called back procedure. In this example, 'key' is a dummy
variable received by 'gfits_setsort', but the same issue is also true if 'key'
is a variable local to 'gfits_setsort'.

$ gfortran --version
GNU Fortran (GCC) 13.1.1 20230606
Copyright (C) 2023 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

$ make clean && make
rm -f *.o *.so test
gfortran -fimplicit-none -fsanitize=address -fPIC -c header.f90 -o header.o
gfortran -shared header.o -o libgfits.so
gfortran -fimplicit-none -fsanitize=address -fPIC -c test.f90 -o test.o
gfortran -fsanitize=address test.o -L./ -lgfits -o test

$ export LD_LIBRARY_PATH=".:$LD_LIBRARY_PATH"

$ ./test
 >>> Calling ugt

Program received signal SIGSEGV: Segmentation fault - invalid memory reference.

Backtrace for this error:
#0  0x7f821433a3ff in ???
#1  0x7f8211700038 in ???
Segmentation fault (core dumped)

Reply via email to