0

I've tried to execute a C program. And it has compiled right however when I execute the output binary, it displays:

[16]    70041 illegal hardware instruction  ./create

So, I add -g option to look like this:

cc create.c $(pkg-config --cflags --libs cairo) -g -o create

And the C code:

#include <cairo.h>
#include <string.h>
#include <math.h>
#include <stdio.h>
#include <stdlib.h>

int main(void){
    cairo_surface_t *surface;
    cairo_t *cr;
    int j=0;
    char seq[5];

    for(int i=0; i<=360; i+=4){
        surface = cairo_image_surface_create(CAIRO_FORMAT_ARGB32, 800, 600);
        cr = cairo_create(surface);
        cairo_set_line_width (cr, 6.0);
        cairo_arc( cr, 800/2, 600/2, (600/2)-50, 0, 2*M_PI );
        cairo_stroke (cr);
        cairo_set_source_rgb( cr, 0.2, 0.2, i/360 );
        cairo_arc( cr, 800/2, 600/2, (600/2)-60, 0, i*(M_PI/180.0) );
        cairo_stroke(cr);
        j++;
        if( j<10 ){ sprintf(seq, "%s%d%d", "seq", 0, j); } else { sprintf(seq, "%s%d", "seq", j); }
        cairo_surface_write_to_png(surface, seq);
        cairo_surface_destroy(surface);
    }

    cairo_destroy(cr);

    return 0;
}

The purpose of above code is create a sequence of pngs pictures. But there isn't any warning at the output.

I include the lldb output:

(lldb) target create "create"
Current executable set to '/Users/rikky/Documents/C/Cairo/FirstDraw/create' (x86_64).
(lldb) l
   7    int main(void){
   8        cairo_surface_t *surface;
   9        cairo_t *cr;
   10       int j=0;
   11       char seq[5];
   12   
   13       for(int i=0; i<=360; i+=4){
   14           surface = cairo_image_surface_create(CAIRO_FORMAT_ARGB32, 800, 600);
   15           cr = cairo_create(surface);
   16           cairo_set_line_width (cr, 6.0);
(lldb) run
Process 70245 launched: '/Users/rikky/Documents/C/Cairo/FirstDraw/create' (x86_64)
Process 70245 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_INSTRUCTION (code=EXC_I386_INVOP, subcode=0x0)
    frame #0: 0x00007fff6e80ffca libsystem_c.dylib`__chk_fail_overflow.cold.1 + 16
libsystem_c.dylib`__chk_fail_overflow.cold.1:
->  0x7fff6e80ffca <+16>: ud2    

libsystem_c.dylib`__chk_fail_overlap.cold.1:
    0x7fff6e80ffcc <+0>:  pushq  %rbp
    0x7fff6e80ffcd <+1>:  movq   %rsp, %rbp
    0x7fff6e80ffd0 <+4>:  leaq   0x6e41(%rip), %rdi        ; "detected source and destination buffer overlap"
Target 0: (create) stopped.

I didn't understand the EXC_I386_INVOP code. Is there any way to fix it?

The Clang Version:

Apple clang version 12.0.0 (clang-1200.0.32.2)
Target: x86_64-apple-darwin19.6.0
Thread model: posix
InstalledDir: /Library/Developer/CommandLineTools/usr/bin
Karl
  • 53
  • 3
  • 1
    You have buffer overflows in seq[]. It is 5 bytes long but you may put more than 5 bytes into it with something like : sprintf(seq, "%s%d%d", "seq", 0, j); ==> You need at least one more byte to put the terminating '\0'. seq[] size should be at least 6. – Rachid K. Oct 18 '20 at 09:38
  • 1
    By the way, for robustness purposes, it is advised to use snprintf() instead of sprintf(). – Rachid K. Oct 18 '20 at 09:41
  • Note, ud2 is the builtin_trap instruction on x86_64. It's used fairly frequently in system libraries to abort execution when hitting some fatal error condition. It's preferable to "abort" because it doesn't push a bunch of extra stack frames (which invalidate the register state at the point of the error). Rachid explained the error... – Jim Ingham Oct 20 '20 at 00:52

0 Answers0