Bug#481543: libc6: low-memory snprintf provokes internal segfault
Hi Aurelian,
Sorry about the lack of response. I never saw your replies, and
only noticed (on the web) today that the bug is now closed
due to lack of feedback.
The email address for me that was used in that bug report is invalid.
The one above works.
I can still reproduce the problem on an x86_64 unstable
system using libc6 2.7-16:
Here's a little more info:
$ strace zsh -c 'ulimit -v 10000; strace ./a.out %$[5*2**25]d'
...
open("/e/meyering/bin", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=10320, ...}) = 0
getdents(3, /* 123 entries */, 4096) = 4080
getdents(3, /* 113 entries */, 4096) = 4072
brk(0xdf2000) = 0xdd1000
mmap(NULL, 1048576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = -1 ENOMEM (Cannot allocate memory)
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++
$ cat snprintf-test-debbug.c
#include <stdio.h>
#include <string.h>
int
main(int argc, char **argv)
{
char buf[200];
char *fmt = argv[1];
if (argc < 2)
return 1;
return snprintf (buf, sizeof buf, fmt, 1);
}
Sorry, but I cannot downgrade to an older glibc on this system.
Reply to: