Bug 2050569

Summary: vsnprintf using "%Lg" causes wrong result
Product: [Fedora] Fedora Reporter: Mamoru TASAKA <mtasaka>
Component: gccAssignee: Jakub Jelinek <jakub>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: aoliva, dmalcolm, fweimer, jakub, jwakely, law, mpolacek, msebor, nickc, orion, sipoyare, tuliom
Target Milestone: ---   
Target Release: ---   
Hardware: ppc64le   
OS: Unspecified   
Whiteboard:
Fixed In Version: gcc-12.0.1-0.6.fc36 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-02-06 18:11:47 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2045699    
Attachments:
Description Flags
preprocessed source none

Description Mamoru TASAKA 2022-02-04 09:42:21 UTC 
Created attachment 1859018 [details]
preprocessed source

Description of problem:
On ppc64le:

=======================================================================
[mockbuild@3a00fe7f7f694de19171916d75a4f441 h5dump]$ cat test.c
#include <stdio.h>
#include <stdarg.h>

static char buf[4096];
static char gfmt[] = "%Lg";

static int __attribute__ ((noinline)) 
foo(char *str, const char *fmt, ...) {
	int ret;
	va_list ap;
	va_start(ap, fmt);
	ret = vsnprintf(str, 4096, fmt, ap);
	va_end(ap);
	return ret;
}

int main(void) {
	long double dval = 128;
	int ret = foo(buf, gfmt, dval);

	fprintf(stdout, "ret[%d]\n", ret);
	fprintf(stdout, "buf[%s]\n", buf);

	return 0;
}
[mockbuild@3a00fe7f7f694de19171916d75a4f441 h5dump]$ gcc -D_GNU_SOURCE -D_POSIX_C_SOURCE=200809L   -DNDEBUG -UH5_DEBUG_API -I../../../src  -std=c99  -Wall -Wcast-qual -Wconversion -Wextra -Wfloat-equal -Wformat=2 -Winit-self -Winvalid-pch -Wmissing-include-dirs -Wno-c++-compat -Wno-format-nonliteral -Wshadow -Wundef -Wwrite-strings -pedantic -Wlarger-than=2560 -Wlogical-op -Wframe-larger-than=16384 -Wpacked-bitfield-compat -Wsync-nand -Wstrict-overflow=5 -Wno-unsuffixed-float-constants -Wdouble-promotion -Wtrampolines -Wstack-usage=8192 -Wmaybe-uninitialized -Wdate-time -Warray-bounds=2 -Wc99-c11-compat -Wduplicated-cond -Whsa -Wnormalized -Wnull-dereference -Wunused-const-variable -Walloca -Walloc-zero -Wduplicated-branches -Wformat-overflow=2 -Wformat-truncation=1 -Wrestrict -Wattribute-alias -Wcast-align=strict -Wshift-overflow=2 -Wattribute-alias=2 -Wmissing-profile -Wc11-c2x-compat -fstdarg-opt -fdiagnostics-urls=never -fno-diagnostics-color -s -Wno-aggregate-return -Wno-inline -Wno-missing-format-attribute -Wno-missing-noreturn -Wno-overlength-strings -Wno-jump-misses-init -Wno-suggest-attribute=const -Wno-suggest-attribute=noreturn -Wno-suggest-attribute=pure -Wno-suggest-attribute=format -Wno-suggest-attribute=cold -Wno-suggest-attribute=malloc  -Wbad-function-cast -Wimplicit-function-declaration -Wmissing-declarations -Wmissing-prototypes -Wnested-externs -Wold-style-definition -Wpacked -Wpointer-sign -Wpointer-to-int-cast -Wredundant-decls -Wstrict-prototypes -Wswitch -Wunused-function -Wunused-variable -Wunused-parameter -Wcast-align -Wunused-but-set-variable -Wformat -Wincompatible-pointer-types -Wshadow -Wcast-function-type -Wmaybe-uninitialized -O3 -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -m64 -mcpu=power8 -mtune=power8 -fasynchronous-unwind-tables -fstack-clash-protection -o testfoo test.c && ./testfoo
test.c:4:13: warning: size of 'buf' 4096 bytes exceeds maximum object size 2560 [-Wlarger-than=]
    4 | static char buf[4096];
      |             ^~~
ret[1]
buf[0]
=======================================================================


Apparently the result is not okay, with -O0:
ret[3]
buf[128]


Version-Release number of selected component (if applicable):
gcc-12.0.1-0.4.fc36.ppc64le

How reproducible:
100%
Comment 1 Tulio Magno Quites Machado Filho 2022-02-04 17:52:58 UTC 
The problem seems to be in glibc.

I reduced the compiler call to gcc -std=c99  -O1  -Wp,-D_FORTIFY_SOURCE=2 -o test test.c && ./test
Comment 2 Jakub Jelinek 2022-02-04 17:54:52 UTC 
I've already fixed it in gcc.
Comment 3 Fedora Update System 2022-02-06 17:40:13 UTC 
FEDORA-2022-fba9d09417 has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2022-fba9d09417
Comment 4 Fedora Update System 2022-02-06 18:11:47 UTC 
FEDORA-2022-fba9d09417 has been pushed to the Fedora 36 stable repository.
If problem still persists, please make note of it in this bug report.