[Bug 272163] New: glibc -D_FORTIFY_SOURCE is wrong

https://bugzilla.novell.com/show_bug.cgi?id=272163 Summary: glibc -D_FORTIFY_SOURCE is wrong Product: openSUSE 10.3 Version: Alpha 3plus Platform: Other OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: Basesystem AssignedTo: matz@novell.com ReportedBy: rguenther@novell.com QAContact: qa@suse.de CC: jh@novell.com, pbaudis@novell.com gcc mainline currently causes the following configure test from coreutils to be "miscompiled" with -D_FORTIFY_SOURCE and optimization > -O0: #include #include #define NGID 256 #undef MAX #define MAX(x, y) ((x) > (y) ? (x) : (y)) int main () { gid_t gidset[NGID]; int i, n; union { gid_t gval; long int lval; } val; val.lval = -1; for (i = 0; i < NGID; i++) gidset[i] = val.gval; n = getgroups (sizeof (gidset) / MAX (sizeof (int), sizeof (gid_t)) - 1, gidset); /* Exit non-zero if getgroups seems to require an array of ints. This happens when gid_t is short int but getgroups modifies an array of ints. */ return n > 0 && gidset[n] != val.gval; } the problem is with -D_FORTIFY_SOURCE causing getgroups to be "expanded" like the following in unistd.h: extern int __getgroups_chk (int __size, __gid_t __list[], size_t listlen) __attribute__ ((__nothrow__)) __attribute__ ((__warn_unused_result__)); extern int __getgroups_alias (int __size, __gid_t __list[]) __asm__ ("" "getgroups") __attribute__ ((__nothrow__)) __attribute__ ((__warn_unused_result__)); extern __inline __attribute__ ((__always_inline__)) int __attribute__ ((__nothrow__)) getgroups (int __size, __gid_t __list[]) { if (__builtin_object_size (__list, 2 > 1) != (size_t) -1 && (!__builtin_constant_p (__size) || __size * sizeof (__gid_t) > __builtin_object_size (__list, 2 > 1))) return __getgroups_chk (__size, __list, __builtin_object_size (__list, 2 > 1)); return __getgroups_alias (__size, __list); } and this causes us to (at -O2) compile this into an infinite loop or (at -O) to a call sequence that blows up the stack: Dump of assembler code for function getgroups: 0x080487b3 : push %ebp 0x080487b4 : mov %esp,%ebp 0x080487b6 : sub $0x8,%esp 0x080487b9 : mov 0xc(%ebp),%eax 0x080487bc : mov %eax,0x4(%esp) 0x080487c0 : mov 0x8(%ebp),%eax 0x080487c3 : mov %eax,(%esp) 0x080487c6 : call 0x80487b3 <getgroups> 0x080487cb : leave 0x080487cc : ret (look how we are calling ourselves). We might consider this a gcc bug as well. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.