This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug libc/6698] printf segfaults on the I flag with long precision and float argument


------- Additional Comments From halesh dot s at gmail dot com  2008-07-01 10:13 -------

Hi,

This is due to stack overflow... 

The analysis is below

$cat test.c

#include <stdio.h>
#include <locale.h>

int
main()
{
   setlocale(LC_ALL, "en_US.UTF-8");
   printf("XXX = %I.99999999f\n", 1.1);
   return 0;
}


$gcc -o test test.c

$ulimit -s
10240

$./test
XXX = 1.1000000000000000888178419.....[upto 9999999 decimals]

$echo $?
0

So now try to increase the decimal precision upto 8 nines.
         printf("XXX = %I.999999999f\n", 1.1);

Now try to execute 
$./test
Segmentation fault

Now increase the stack size to example  ex:unlimited

$ulimit -s
unlimited

$./test
XXX = 1.1000000000000000888178419.....[upto 99999999* decimals]


strace o/p is below for seg fault with less stack space
------------------------------------------------------------------------------
...............................
...............................
...............................
fstat64(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 8), ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 
0xf6ddd000
mmap2(NULL, 100003840, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) 
= 0xf0e7e000
mmap2(NULL, 400003072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) 
= 0xd9105000
mmap2(NULL, 100003840, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) 
= 0xd31a6000
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++


Increase the stack size using ulimit.
-------------------------------------------------------
...............................
...............................
...............................
fstat64(1, {st_mode=S_IFIFO|0600, st_size=0, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 
0x55222000
mmap2(NULL, 100003840, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) 
= 0x55223000
mmap2(NULL, 400003072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) 
= 0x5b182000
mmap2(NULL, 100003840, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) 
= 0x72efb000
write(1, "XXX = 1.100000000000000088817841"..., 4096XXX = 
1.100000000000000088817841970012523233890533447265625000000000000000000000000000000000000000000000000000000000000000000........
((99999999 digits)

It exits properly... 


In first case
Segfault caused by passing the expnadend float up to 9999999 digits to write(1)

I think printf is nothing todo with it..

If any issues let me know.



-- 


http://sourceware.org/bugzilla/show_bug.cgi?id=6698

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]