Date: Thu, 6 Jun 2002 02:10:02 -0700 (PDT) From: Igor Roboul <igorr@sysadm.stc> To: freebsd-bugs@FreeBSD.org Subject: Re: misc/38884: bug in vfprinf.c function cvt(...) Message-ID: <200206060910.g569A2f93624@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR misc/38884; it has been noted by GNATS.
From: Igor Roboul <igorr@sysadm.stc>
To: Bruce Evans <bde@zeta.org.au>
Cc:
Subject: Re: misc/38884: bug in vfprinf.c function cvt(...)
Date: Thu, 6 Jun 2002 10:31:48 +0400
On Thu, Jun 06, 2002 at 11:09:51AM +1000, Bruce Evans wrote:
>
> Can you give some formats and numbers which cause this crash? Infs and
> NaNs are handled specially after detecting them using isinf() and isnan(),
> so __dtoa() should not even be called for them.
With unpatched vfprintf.c I got:
This GDB was configured as "i386-portbld-freebsd5.0"...
Core was generated by `mutt'.
Program terminated with signal 10, Bus error.
Reading symbols from /usr/lib/libncurses.so.5...done.
Loaded symbols for /usr/lib/libncurses.so.5
Reading symbols from /usr/local/lib/libintl.so.2...done.
Loaded symbols for /usr/local/lib/libintl.so.2
Reading symbols from /usr/local/lib/libiconv.so.3...done.
Loaded symbols for /usr/local/lib/libiconv.so.3
Reading symbols from /usr/lib/libc.so.5...done.
Loaded symbols for /usr/lib/libc.so.5
Reading symbols from /usr/libexec/ld-elf.so.1...done.
Loaded symbols for /usr/libexec/ld-elf.so.1
#0 cvt (value=0, ndigits=1, flags=256, sign=0x282a8736 "",
decpt=0xbfbfc66c,
ch=102, length=0x282a8736, dtoaresultp=0x282a8736)
at /opt/freebsd/src/lib/libc/stdio/vfprintf.c:1429
1429 *rve++ = '0';
(gdb) up
#1 0x28293aa9 in __vfprintf (fp=0xbfbfca00, fmt0=0x80c2180 "%3.1fK",
ap=0xbfbfca84 "\200") at
/opt/freebsd/src/lib/libc/stdio/vfprintf.c:762
762 cp = cvt(_double, prec, flags,
&softsign,
(gdb) up
#2 0x2828f022 in snprintf (
str=0x282aae43 "(4$*(N$*(i$*(\201$*(\232$*(µ$*(Í$*( &*(¥&*(²&*(",
n=673875766, fmt=0x282a8736 "")
at /opt/freebsd/src/lib/libc/stdio/snprintf.c:67
67 ret = __vfprintf(&f, fmt, ap);
(gdb) up
#3 0x0809dabe in mutt_pretty_size (s=0x282acfdc "\030¿\n", len=128,
n=673875766) at muttlib.c:742
742 snprintf (s, len, "%3.1fK", (n < 103) ? 0.1 : n / 1024.0);
--
Igor Roboul, System administrator at Speech Technology Center
http://www.speechpro.com http://www.speechpro.ru
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200206060910.g569A2f93624>