libquadmath: Don't assume the storage for __float128 arguments is aligned [PR114533]
With the register_printf_type/register_printf_modifier/register_printf_specifier
APIs the C library is just told the size of the argument and is provided with
a callback to fetch the argument from va_list using va_arg into C library provided
memory. The C library isn't told what alignment requirement it has, but we were
using direct load of a __float128 value from that memory which assumes
__alignof (__float128) alignment.
The following patch fixes that by using memcpy instead.
I haven't been able to reproduce an actual crash, tried
#include <quadmath.h>
#include <stdlib.h>
#include <stdio.h>
int main ()
{
__float128 r;
int prec = 20;
int width = 46;
char buf[128];
r = 2.0q;
r = sqrtq (r);
int n = quadmath_snprintf (buf, sizeof buf, "%+-#*.20Qe", width, r);
if ((size_t) n < sizeof buf)
printf ("%s\n", buf);
/* Prints: +1.41421356237309504880e+00 */
quadmath_snprintf (buf, sizeof buf, "%Qa", r);
if ((size_t) n < sizeof buf)
printf ("%s\n", buf);
/* Prints: 0x1.6a09e667f3bcc908b2fb1366ea96p+0 */
n = quadmath_snprintf (NULL, 0, "%+-#46.*Qe", prec, r);
if (n > -1)
{
char *str = malloc (n + 1);
if (str)
{ quadmath_snprintf (str, n + 1, "%+-#46.*Qe", prec, r); printf ("%s\n", str);
/* Prints: +1.41421356237309504880e+00 */
}
free (str);
}
printf ("%+-#*.20Qe\n", width, r);
printf ("%Qa\n", r);
printf ("%+-#46.*Qe\n", prec, r);
printf ("%d %Qe %d %Qe %d %Qe\n", 1, r, 2, r, 3, r);
return 0;
}
In any case, I think memcpy for loading from it is right.
2024-04-03 Simon Chopin <email address hidden> Jakub Jelinek <email address hidden>
PR libquadmath/114533
* printf/printf_fp.c (__quadmath_printf_fp): Use memcpy to copy __float128 out of args.
* printf/printf_fphex.c (__quadmath_printf_fphex): Likewise.
Signed-off-by: Simon Chopin <email address hidden>
(cherry picked from commit 8455d6f6cd43b7b143ab9ee19437452fceba9cc9)
The releases/gcc-13 branch has been updated by Jakub Jelinek <email address hidden>:
https:/ /gcc.gnu. org/g:cc39bd532 d4de1ba0b278524 6fb6fdd63ec2e92 c
commit r13-8625- gcc39bd532d4de1 ba0b2785246fb6f dd63ec2e92c
Author: Jakub Jelinek <email address hidden>
Date: Wed Apr 3 10:02:35 2024 +0200
libquadmath: Don't assume the storage for __float128 arguments is aligned [PR114533]
With the register_ printf_ type/register_ printf_ modifier/ register_ printf_ specifier
APIs the C library is just told the size of the argument and is provided with
a callback to fetch the argument from va_list using va_arg into C library provided
memory. The C library isn't told what alignment requirement it has, but we were
using direct load of a __float128 value from that memory which assumes
__alignof (__float128) alignment.
The following patch fixes that by using memcpy instead.
I haven't been able to reproduce an actual crash, tried
#include <quadmath.h>
#include <stdlib.h>
#include <stdio.h>
int main ()
{
__float128 r;
int prec = 20;
int width = 46;
char buf[128];
r = 2.0q; 09504880e+ 00 */ snprintf (buf, sizeof buf, "%Qa", r); cc908b2fb1366ea 96p+0 */
quadmath_ snprintf (str, n + 1, "%+-#46.*Qe", prec, r);
printf ("%s\n", str); 09504880e+ 00 */
r = sqrtq (r);
int n = quadmath_snprintf (buf, sizeof buf, "%+-#*.20Qe", width, r);
if ((size_t) n < sizeof buf)
printf ("%s\n", buf);
/* Prints: +1.414213562373
quadmath_
if ((size_t) n < sizeof buf)
printf ("%s\n", buf);
/* Prints: 0x1.6a09e667f3b
n = quadmath_snprintf (NULL, 0, "%+-#46.*Qe", prec, r);
if (n > -1)
{
char *str = malloc (n + 1);
if (str)
{
/* Prints: +1.414213562373
}
free (str);
}
printf ("%+-#*.20Qe\n", width, r);
printf ("%Qa\n", r);
printf ("%+-#46.*Qe\n", prec, r);
printf ("%d %Qe %d %Qe %d %Qe\n", 1, r, 2, r, 3, r);
return 0;
}
In any case, I think memcpy for loading from it is right.
2024-04-03 Simon Chopin <email address hidden>
Jakub Jelinek <email address hidden>
PR libquadmath/114533 printf_ fp): Use memcpy to copy
__ float128 out of args. printf_ fphex.c (__quadmath_ printf_ fphex): Likewise.
* printf/printf_fp.c (__quadmath_
* printf/
Signed-off-by: Simon Chopin <email address hidden> 143ab9ee1943745 2fceba9cc9)
(cherry picked from commit 8455d6f6cd43b7b