Bug 159448 - strcpy segmentation fault when compiled with -O1 or higher
strcpy segmentation fault when compiled with -O1 or higher
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: gcc3 (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Jakub Jelinek
Depends On:
  Show dependency treegraph
Reported: 2005-06-02 14:51 EDT by Daniel Tweedt
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-06-02 15:30:53 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Small demo program to reproduce bug (667 bytes, text/plain)
2005-06-02 14:55 EDT, Daniel Tweedt
no flags Details

  None (edit)
Description Daniel Tweedt 2005-06-02 14:51:46 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050512 Red Hat/1.0.4-1.4.1 Firefox/1.0.4

Description of problem:
When I compile a particular program with optimization (-O1 or higher), execution gives a segmentation fault. Running gdb and doing a back trace indicates the segfault occurs in the library function "strcpy". This function is (apparently) invoked by function "strtok". I will attach a small, simple demo C-program which should reproduce the problem for you. The segfault occurs when the program is compiled with either gcc or g++.

When running the demo program, an arbitrary character string can be entered at the "Enter:" prompt. If an empty string is entered (just hit <Enter> at the prompt), the program segfaults.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.compile program: gcc -O1 main.c
2.run program: ./a.out
3.press the <Enter> key at the "Enter" prompt.

Actual Results:  The program exit with the message "Segmentation fault".

Expected Results:  The "Enter:" prompt should have appeared on the next line.

Additional info:

Running gdb and doing a backtrace indicates the segfault is occuring in the "strcpy" library function, which is (apparently) invoked by "strtok" in the demo program.
Comment 1 Daniel Tweedt 2005-06-02 14:55:49 EDT
Created attachment 115102 [details]
Small demo program to reproduce bug
Comment 2 Jakub Jelinek 2005-06-02 15:30:53 EDT
The demo program is buggy.
See ISO C99,  The argument corresponding to %s must not be a NULL
"the argument shall be a pointer to the initial element of an array of character
type." ... "If the precision is not specified or is greater than the size of the
array, the array shall contain a null character."
Elsewhere the standard mandates that NULL pointer is different from pointer to
any object or function, so certainly NULL must not be passed to %s.

But your demo program does that, strtok returns NULL if you press <Enter>
at the prompt.

Note You need to log in before you can comment on or make changes to this bug.